public/mailtrain
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Updates in install scripts

Browse source
This commit is contained in:
Cloud User 2018-12-25 08:32:14 +00:00
parent a6c7e6327b
commit 9204954691
5 changed files with 285 additions and 543 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

279
setup/functions Normal file
View file

@ -0,0 +1,279 @@
# This is not a standalone script. It provides common functions to server-*.sh scripts
if hash firewall-cmd 2>/dev/null; then
firewallCmdExists=yes
fi
function installBase {
local urlBaseTrusted="$1"
local urlBaseSandbox="$2"
local urlBasePublic="$3"
yum -y install epel-release
curl --silent --location https://rpm.nodesource.com/setup_10.x | bash -
cat > /etc/yum.repos.d/mongodb-org.repo <<EOT
[mongodb-org-4.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/\$releasever/mongodb-org/4.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.0.asc
EOT
yum -y install mariadb-server nodejs ImageMagick git python redis pwgen bind-utils gcc-c++ make mongodb-org
systemctl start mariadb
systemctl enable mariadb
systemctl start redis
systemctl enable redis
systemctl start mongod
systemctl enable mongod
mysqlPassword=`pwgen 12 -1`
mysqlRoPassword=`pwgen 12 -1`
# Setup MySQL user for Mailtrain
mysql -u root -e "CREATE USER 'mailtrain'@'localhost' IDENTIFIED BY '$mysqlPassword';"
mysql -u root -e "GRANT ALL PRIVILEGES ON mailtrain.* TO 'mailtrain'@'localhost';"
mysql -u root -e "CREATE USER 'mailtrain_ro'@'localhost' IDENTIFIED BY '$mysqlRoPassword';"
mysql -u root -e "GRANT SELECT ON mailtrain.* TO 'mailtrain_ro'@'localhost';"
mysql -u mailtrain --password="$mysqlPassword" -e "CREATE database mailtrain;"
# Add new user for the mailtrain daemon to run as
useradd mailtrain || true
# Setup installation configuration
cat > server/config/production.yaml <<EOT
user: mailtrain
group: mailtrain
roUser: nobody
roGroup: nobody
www:
secret: "`pwgen -1`"
trustedUrlBase: $urlBaseTrusted
sandboxUrlBase: $urlBaseSandbox
publicUrlBase: $urlBasePublic
mysql:
password: "$mysqlPassword"
redis:
enabled: true
log:
level: warn
builtinZoneMTA:
log:
level: info
queue:
processes: 5
EOT
cat >> server/services/workers/reports/config/production.yaml <<EOT
log:
level: warn
mysql:
user: mailtrain_ro
password: "$mysqlRoPassword"
EOT
# Install required node packages
for idx in client shared server zone-mta; do
(cd $idx && npm install)
done
(cd client && npm run build)
chown -R mailtrain:mailtrain .
chmod o-rwx server/config
# Setup log rotation to not spend up entire storage on logs
cat <<EOT > /etc/logrotate.d/mailtrain
/var/log/mailtrain.log {
daily
rotate 12
compress
delaycompress
missingok
notifempty
copytruncate
nomail
}
EOT
# Set up systemd service script
cp setup/mailtrain-centos7.service /etc/systemd/system/mailtrain.service
systemctl enable mailtrain.service
# Start the service
systemctl daemon-reload
systemctl start mailtrain.service
echo "Success! Open http://$urlBaseTrusted/ and login as admin:test"
if [ -n "$firewallCmdExists" ]; then
echo "Note that firewall was not setup because firewall-cmd is missing on your system. Please make sure your firewall is correctly setup. If you are on AWS, this means to enable HTTPS and HTTP in your security group."
fi
}
function installHttps {
local hostTrusted="$1"
local portTrusted="$2"
local hostSandbox="$3"
local portSandbox="$4"
local hostPublic="$5"
local portPublic="$6"
local certificateFile="$7"
local certificateKey="$8"
local caChainFile="$9"
yum -y install httpd mod_ssl
echo > /etc/httpd/conf.d/mailtrain.conf
cat >> /etc/httpd/conf.d/mailtrain.conf <<EOT
<VirtualHost ${hostTrusted}:80>
ServerName ${hostTrusted}
ServerSignature Off
RewriteEngine On
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
ErrorLog logs/${hostTrusted}_redirect_error.log
LogLevel warn
</VirtualHost>
<VirtualHost ${hostSandbox}:80>
ServerName ${hostSandbox}
ServerSignature Off
RewriteEngine On
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
ErrorLog logs/${hostSandbox}_redirect_error.log
LogLevel warn
</VirtualHost>
<VirtualHost ${hostPublic}:80>
ServerName ${hostPublic}
ServerSignature Off
RewriteEngine On
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
ErrorLog logs/${hostPublic}_redirect_error.log
LogLevel warn
</VirtualHost>
EOT
if [ -n "$firewallCmdExists" ]; then
# Enable port 80 on the firewall
firewall-cmd --add-port=80/tcp --permanent
fi
cat >> /etc/httpd/conf.d/mailtrain.conf <<EOT
<VirtualHost ${hostTrusted}:${portTrusted}>
ServerName ${hostTrusted}:${portTrusted}
ErrorLog logs/${hostTrusted}_ssl_error.log
TransferLog logs/${hostTrusted}_ssl_access.log
LogLevel warn
SSLEngine on
SSLCertificateFile ${certificateFile}
SSLCertificateKeyFile ${certificateKey}
SSLCertificateChainFile ${caChainFile}
ProxyPreserveHost On
ProxyPass "/" "http://127.0.0.1:3000/"
ProxyPassReverse "/" "http://127.0.0.1:3000/"
</VirtualHost>
<VirtualHost ${hostSandbox}:${portSandbox}>
ServerName ${hostSandbox}:${portSandbox}
ErrorLog logs/${hostSandbox}_ssl_error.log
TransferLog logs/${hostSandbox}_ssl_access.log
LogLevel warn
SSLEngine on
SSLCertificateFile ${certificateFile}
SSLCertificateKeyFile ${certificateKey}
SSLCertificateChainFile ${caChainFile}
ProxyPreserveHost On
ProxyPass "/" "http://127.0.0.1:3003/"
ProxyPassReverse "/" "http://127.0.0.1:3003/"
</VirtualHost>
<VirtualHost ${hostPublic}:${portPublic}>
ServerName ${hostPublic}:${portPublic}
ErrorLog logs/${hostPublic}_ssl_error.log
TransferLog logs/${hostPublic}_ssl_access.log
LogLevel warn
SSLEngine on
SSLCertificateFile ${certificateFile}
SSLCertificateKeyFile ${certificateKey}
SSLCertificateChainFile ${caChainFile}
ProxyPreserveHost On
ProxyPass "/" "http://127.0.0.1:3004/"
ProxyPassReverse "/" "http://127.0.0.1:3004/"
</VirtualHost>
EOT
# Enable and start httpd
systemctl start httpd
systemctl enable httpd
if [ -n "$firewallCmdExists" ]; then
# Enable SSL ports on the firewall
for port in "${portTrusted}/tcp" "${portSandbox}/tcp" "${portPublic}/tcp"; do
firewall-cmd --add-port=$port --permanent
done
# Activate the firefall settings
firewall-cmd --reload
fi
}
function createCertificates {
local hostTrusted="$1"
local hostSandbox="$2"
local hostPublic="$3"
local email="$4"
yum install -y certbot
if [ -n "$firewallCmdExists" ]; then
# Temporarily enable port 80 on the firewall
firewall-cmd --add-port=80/tcp
fi
certbot certonly --agree-tos --email "${email}" --standalone -n -d "${hostPublic}" -d "${hostTrusted}" -d "${hostSandbox}"
if [ -n "$firewallCmdExists" ]; then
# Revert firewall to original state
firewall-cmd --reload
fi
}

377
setup/functions.sh
View file

@ -1,377 +0,0 @@
# This is not a standalone script. It provides common functions to server-*.sh scripts
function installBase {
local urlBaseTrusted="$1"
local urlBaseSandbox="$2"
local urlBasePublic="$3"
yum -y install epel-release
curl --silent --location https://rpm.nodesource.com/setup_11.x | bash -
cat > /etc/yum.repos.d/mongodb-org.repo <<EOT
[mongodb-org-4.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/\$releasever/mongodb-org/4.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.0.asc
EOT
yum -y install mariadb-server nodejs ImageMagick git python redis pwgen bind-utils gcc-c++ make mongodb-org
systemctl start mariadb
systemctl enable mariadb
systemctl start redis
systemctl enable redis
systemctl start mongod
systemctl enable mongod
mysqlPassword=`pwgen 12 -1`
mysqlRoPassword=`pwgen 12 -1`
# Setup MySQL user for Mailtrain
mysql -u root -e "CREATE USER 'mailtrain'@'localhost' IDENTIFIED BY '$mysqlPassword';"
mysql -u root -e "GRANT ALL PRIVILEGES ON mailtrain.* TO 'mailtrain'@'localhost';"
mysql -u root -e "CREATE USER 'mailtrain_ro'@'localhost' IDENTIFIED BY '$mysqlRoPassword';"
mysql -u root -e "GRANT SELECT ON mailtrain.* TO 'mailtrain_ro'@'localhost';"
mysql -u mailtrain --password="$mysqlPassword" -e "CREATE database mailtrain;"
# Add new user for the mailtrain daemon to run as
useradd mailtrain || true
# Setup installation configuration
cat > server/config/production.yaml <<EOT
user: mailtrain
group: mailtrain
roUser: nobody
roGroup: nobody
www:
secret: "`pwgen -1`"
trustedUrlBase: $urlBaseTrusted
sandboxUrlBase: $urlBaseSandbox
publicUrlBase: $urlBasePublic
mysql:
password: "$mysqlPassword"
redis:
enabled: true
log:
level: warn
builtinZoneMTA:
log:
level: info
queue:
processes: 5
EOT
cat >> server/services/workers/reports/config/production.yaml <<EOT
log:
level: warn
mysql:
user: mailtrain_ro
password: "$mysqlRoPassword"
EOT
# Install required node packages
for idx in client shared server zone-mta; do
(cd $idx && npm install)
done
(cd client && npm run build)
chown -R mailtrain:mailtrain .
chmod o-rwx server/config
# Setup log rotation to not spend up entire storage on logs
cat <<EOM > /etc/logrotate.d/mailtrain
/var/log/mailtrain.log {
daily
rotate 12
compress
delaycompress
missingok
notifempty
copytruncate
nomail
}
EOM
# Set up systemd service script
cp setup/mailtrain-centos7.service /etc/systemd/system/mailtrain.service
systemctl enable mailtrain.service
# Start the service
systemctl daemon-reload
systemctl start mailtrain.service
echo "Success! Open http://$urlBaseTrusted/"
echo "If this is a fresh installation, log in as admin:test". If this is an upgrade over existing Mailtrain DB, use the original admin password."
}
function installHttps {
local hostTrusted="$1"
local portTrusted="$2"
local hostSandbox="$3"
local portSandbox="$4"
local hostPublic="$5"
local portPublic="$6"
local certificateFile="$7"
local certificateKey="$8"
local caChainFile="$9"
local skipHttpRedirect="$10"
echo > /etc/httpd/conf.d/mailtrain.conf
if [ "$skipHttpRedirect" = "--skip-http-redirect" ]; then
cat >> /etc/httpd/conf.d/mailtrain.conf <<EOT
<VirtualHost ${hostTrusted}:80>
ServerName ${hostTrusted}
ServerSignature Off
RewriteEngine On
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
ErrorLog logs/${hostTrusted}_redirect_error.log
LogLevel warn
</VirtualHost>
<VirtualHost ${hostSandbox}:80>
ServerName ${hostSandbox}
ServerSignature Off
RewriteEngine On
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
ErrorLog logs/${hostSandbox}_redirect_error.log
LogLevel warn
</VirtualHost>
<VirtualHost ${hostPublic}:80>
ServerName ${hostPublic}
ServerSignature Off
RewriteEngine On
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
ErrorLog logs/${hostPublic}_redirect_error.log
LogLevel warn
</VirtualHost>
EOT
fi
cat >> /etc/httpd/conf.d/mailtrain.conf <<EOT
<VirtualHost ${hostTrusted}:${portTrusted}>
ServerName ${hostTrusted}:${portTrusted}
ErrorLog logs/${hostTrusted}_ssl_error.log
TransferLog logs/${hostTrusted}_ssl_access.log
LogLevel warn
SSLEngine on
SSLCertificateFile ${certificateFile}
SSLCertificateKeyFile ${certificateKey}
SSLCertificateChainFile ${caChainFile}
ProxyPreserveHost On
ProxyPass "/" "http://127.0.0.1:3000/"
ProxyPassReverse "/" "http://127.0.0.1:3000/"
</VirtualHost>
<VirtualHost ${hostSandbox}:${portSandbox}>
ServerName ${hostSandbox}:${portSandbox}
ErrorLog logs/${hostSandbox}_ssl_error.log
TransferLog logs/${hostSandbox}_ssl_access.log
LogLevel warn
SSLEngine on
SSLCertificateFile ${certificateFile}
SSLCertificateKeyFile ${certificateKey}
SSLCertificateChainFile ${caChainFile}
ProxyPreserveHost On
ProxyPass "/" "http://127.0.0.1:3003/"
ProxyPassReverse "/" "http://127.0.0.1:3003/"
</VirtualHost>
<VirtualHost ${hostPublic}:${portPublic}>
ServerName ${hostPublic}:${portPublic}
ErrorLog logs/${hostPublic}_ssl_error.log
TransferLog logs/${hostPublic}_ssl_access.log
LogLevel warn
SSLEngine on
SSLCertificateFile ${certificateFile}
SSLCertificateKeyFile ${certificateKey}
SSLCertificateChainFile ${caChainFile}
ProxyPreserveHost On
ProxyPass "/" "http://127.0.0.1:3004/"
ProxyPassReverse "/" "http://127.0.0.1:3004/"
</VirtualHost>
EOT
}
function installHttps {
local hostTrusted="$1"
local portTrusted="$2"
local hostSandbox="$3"
local portSandbox="$4"
local hostPublic="$5"
local portPublic="$6"
local certificateFile="$7"
local certificateKey="$8"
local caChainFile="$9"
local installHttpRedirect="$10"
yum -y install httpd mod_ssl
echo > /etc/httpd/conf.d/mailtrain.conf
if [ "$installHttpRedirect" != "yes" ]; then
cat >> /etc/httpd/conf.d/mailtrain.conf <<EOT
<VirtualHost ${hostTrusted}:80>
ServerName ${hostTrusted}
ServerSignature Off
RewriteEngine On
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
ErrorLog logs/${hostTrusted}_redirect_error.log
LogLevel warn
</VirtualHost>
<VirtualHost ${hostSandbox}:80>
ServerName ${hostSandbox}
ServerSignature Off
RewriteEngine On
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
ErrorLog logs/${hostSandbox}_redirect_error.log
LogLevel warn
</VirtualHost>
<VirtualHost ${hostPublic}:80>
ServerName ${hostPublic}
ServerSignature Off
RewriteEngine On
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
ErrorLog logs/${hostPublic}_redirect_error.log
LogLevel warn
</VirtualHost>
EOT
# Enable port 80 on the firewall
firewall-cmd --add-port=80/tcp --permanent
fi
cat >> /etc/httpd/conf.d/mailtrain.conf <<EOT
<VirtualHost ${hostTrusted}:${portTrusted}>
ServerName ${hostTrusted}:${portTrusted}
ErrorLog logs/${hostTrusted}_ssl_error.log
TransferLog logs/${hostTrusted}_ssl_access.log
LogLevel warn
SSLEngine on
SSLCertificateFile ${certificateFile}
SSLCertificateKeyFile ${certificateKey}
SSLCertificateChainFile ${caChainFile}
ProxyPreserveHost On
ProxyPass "/" "http://127.0.0.1:3000/"
ProxyPassReverse "/" "http://127.0.0.1:3000/"
</VirtualHost>
<VirtualHost ${hostSandbox}:${portSandbox}>
ServerName ${hostSandbox}:${portSandbox}
ErrorLog logs/${hostSandbox}_ssl_error.log
TransferLog logs/${hostSandbox}_ssl_access.log
LogLevel warn
SSLEngine on
SSLCertificateFile ${certificateFile}
SSLCertificateKeyFile ${certificateKey}
SSLCertificateChainFile ${caChainFile}
ProxyPreserveHost On
ProxyPass "/" "http://127.0.0.1:3003/"
ProxyPassReverse "/" "http://127.0.0.1:3003/"
</VirtualHost>
<VirtualHost ${hostPublic}:${portPublic}>
ServerName ${hostPublic}:${portPublic}
ErrorLog logs/${hostPublic}_ssl_error.log
TransferLog logs/${hostPublic}_ssl_access.log
LogLevel warn
SSLEngine on
SSLCertificateFile ${certificateFile}
SSLCertificateKeyFile ${certificateKey}
SSLCertificateChainFile ${caChainFile}
ProxyPreserveHost On
ProxyPass "/" "http://127.0.0.1:3004/"
ProxyPassReverse "/" "http://127.0.0.1:3004/"
</VirtualHost>
EOT
# Enable and start httpd
systemctl start httpd
systemctl enable httpd
# Enable SSL ports on the firewall
for port in "${portTrusted}/tcp" "${portSandbox}/tcp" "${portPublic}/tcp"; do
firewall-cmd --add-port=$port --permanent
done
# Activate the firefall settings
firewall-cmd --reload
}
function createCertificates {
local hostTrusted="$1"
local hostSandbox="$2"
local hostPublic="$3"
local email="$4"
yum install -y certbot
# Temporarily enable port 80 on the firewall
firewall-cmd --add-port=80/tcp
certbot certonly --agree-tos --email "${email}" --standalone -n -d "${hostPublic}" -d "${hostTrusted}" -d "${hostSandbox}"
# Revert firewall to original state
firewall-cmd --reload
}

6
setup/install-centos7-https.sh
View file

@ -17,7 +17,7 @@ cd $SCRIPT_PATH/..
# Help function
function HELP {
cat << EOF
cat <<EOF
Basic usage: install-centos7-https.sh <trusted host> <sandbox host> <public host> <email>
@ -47,6 +47,6 @@ email="$4"
createCertificates "${hostTrusted}" "${hostSandbox}" "${hostPublic}" "${email}"
installHttps "${hostTrusted}" 443 "${hostSandbox}" 443 "${hostPublic}" 443 "/etc/letsencrypt/live/${hostPublic}/cert.pem" "/etc/letsencrypt/live/${hostPublic}/privkey.pem" "/etc/letsencrypt/live/${hostPublic}/chain.pem" ""
installHttps "${hostTrusted}" 443 "${hostSandbox}" 443 "${hostPublic}" 443 "/etc/letsencrypt/live/${hostPublic}/cert.pem" "/etc/letsencrypt/live/${hostPublic}/privkey.pem" "/etc/letsencrypt/live/${hostPublic}/chain.pem"
installBase "https://${hostTrusted}" "https://${hostSandbox}" "https://${hostPublic}" "${email}"
installBase "https://${hostTrusted}" "https://${hostSandbox}" "https://${hostPublic}" "${email}"

5
setup/install-centos7-local.sh
View file

@ -1,4 +1,5 @@
#!/bin/bash
set -x
# This installation script works on CentOS 7
# Run as root!
@ -17,7 +18,7 @@ cd $SCRIPT_PATH/..
# Help function
function HELP {
cat << EOF
cat <<EOF
Basic usage: install-centos7-local.sh
@ -35,4 +36,4 @@ if [ $# -lt 0 ]; then
HELP
fi
installBase http://localhost:3000 http://localhost:3003 http://localhost:3004
installBase http://localhost:3000 http://localhost:3003 http://localhost:3004

161
setup/install-centos7.sh
View file

@ -1,161 +0,0 @@
#!/bin/bash
# This installation script works on CentOS 7
# Run as root!
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root" 1>&2
exit 1
fi
set -e
SCRIPT_PATH=$(dirname $(realpath -s $0))
cd $SCRIPT_PATH/..
#Help function
function HELP {
cat << EOF
Basic usage: install-centos7.sh <trusted URL base> <sandbox URL base> <public URL base>
Installs Mailtrain 2 on CentOS 7.
Command line options. The following switches are recognized.
--with-httpd-proxy -- URL of the ssio-template GIT repository (default: git@gitlab.sathyasai.org:webs/ssio-template.git)
--db-name ... -- Name of DB and user in the DB (defaults to id with - -> _ substitution)
--aliases ... -- Server aliases divided by spaces (e.g. "www.esse-institute.org www.esse-institut.de")
--cert-domains ... -- Domains for which to get certs via letsencrypt (e.g. "www.esse-institute.org www.esse-institut.de")
--dont-push -- Don't push the website to gitlab. It stops after creating a directory, setting the remote and doing commit
Example (local installation): install-centos7.sh http://localhost:3000 http://localhost:3003 http://localhost:3004
Example (installation behind HTTPD proxy - see mailtrain-apache-sample.conf): install-centos7.sh https://mailtrain.example.com https://sbox.mailtrain.example.com https://mail.example.com
EOF
exit 1
}
if [ $# -lt 3 ]; then
echo "Error: incorrect number of parameters."
HELP
fi
URL_BASE_TRUSTED="$1"
URL_BASE_SANDBOX="$2"
URL_BASE_PUBLIC="$3"
yum -y install epel-release
curl --silent --location https://rpm.nodesource.com/setup_11.x | bash -
cat > /etc/yum.repos.d/mongodb-org.repo <<EOT
[mongodb-org-4.0]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/\$releasever/mongodb-org/4.0/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-4.0.asc
EOT
yum -y install mariadb-server nodejs ImageMagick git python redis pwgen bind-utils gcc-c++ make mongodb-org
systemctl start mariadb
systemctl enable mariadb
systemctl start redis
systemctl enable redis
systemctl start mongod
systemctl enable mongod
MYSQL_PASSWORD=`pwgen 12 -1`
MYSQL_RO_PASSWORD=`pwgen 12 -1`
# Setup MySQL user for Mailtrain
mysql -u root -e "CREATE USER 'mailtrain'@'localhost' IDENTIFIED BY '$MYSQL_PASSWORD';"
mysql -u root -e "GRANT ALL PRIVILEGES ON mailtrain.* TO 'mailtrain'@'localhost';"
mysql -u root -e "CREATE USER 'mailtrain_ro'@'localhost' IDENTIFIED BY '$MYSQL_RO_PASSWORD';"
mysql -u root -e "GRANT SELECT ON mailtrain.* TO 'mailtrain_ro'@'localhost';"
mysql -u mailtrain --password="$MYSQL_PASSWORD" -e "CREATE database mailtrain;"
# Add new user for the mailtrain daemon to run as
useradd mailtrain || true
# Setup installation configuration
cat > server/config/production.yaml <<EOT
user: mailtrain
group: mailtrain
roUser: nobody
roGroup: nobody
www:
port: 3000
secret: "`pwgen -1`"
trustedUrlBase: $URL_BASE_TRUSTED
sandboxUrlBase: $URL_BASE_SANDBOX
publicUrlBase: $URL_BASE_PUBLIC
mysql:
password: "$MYSQL_PASSWORD"
redis:
enabled: true
log:
level: warn
builtinZoneMTA:
log:
level: info
queue:
processes: 5
EOT
cat >> server/services/workers/reports/config/production.yaml <<EOT
log:
level: warn
mysql:
user: mailtrain_ro
password: "$MYSQL_RO_PASSWORD"
EOT
# Install required node packages
for idx in client shared server zone-mta; do
(cd $idx && npm install)
done
(cd client && npm run build)
chown -R mailtrain:mailtrain .
chmod o-rwx server/config
# Setup log rotation to not spend up entire storage on logs
cat <<EOM > /etc/logrotate.d/mailtrain
/var/log/mailtrain.log {
daily
rotate 12
compress
delaycompress
missingok
notifempty
copytruncate
nomail
}
EOM
# Set up systemd service script
cp setup/mailtrain-centos7.service /etc/systemd/system/mailtrain.service
systemctl enable mailtrain.service
# Start the service
systemctl daemon-reload
systemctl start mailtrain.service
echo "Success! Open http://$HOSTNAME/ and log in as admin:test";