libretime/installer/vagrant/centos.sh

159 lines
5.3 KiB
Bash
Executable File

#!/usr/bin/env bash
# Additional Repos
yum install -y epel-release
# RPMfusion (for ffmpeg) - needs PowerTools
dnf install -y https://mirrors.rpmfusion.org/free/el/rpmfusion-free-release-8.noarch.rpm
dnf config-manager --enable powertools
# xiph multimedia (for icecast)
curl -o /etc/yum.repos.d/multimedia:xiph.repo \
https://download.opensuse.org/repositories/multimedia:/xiph/CentOS_8/multimedia:xiph.repo
# RaBe Liquidsoap Distribution (RaBe LSD)
curl -o /etc/yum.repos.d/home:radiorabe:liquidsoap.repo \
https://download.opensuse.org/repositories/home:/radiorabe:/liquidsoap/CentOS_8/home:radiorabe:liquidsoap.repo
# RaBe Audio Packages for Enterprise Linux (RaBe APEL)
curl -o /etc/yum.repos.d/home:radiorabe:audio.repo \
https://download.opensuse.org/repositories/home:/radiorabe:/audio/CentOS_8/home:radiorabe:audio.repo
# Update all the things (just to be sure we are on latest)
yum update -y
# Database
yum install -y postgresql-server patch
postgresql-setup --initdb
patch -f /var/lib/pgsql/data/pg_hba.conf << EOD
--- pg_hba.conf.orig 2020-12-19 13:10:46.828960307 +0000
+++ pg_hba.conf 2020-12-19 13:11:37.356290128 +0000
@@ -78,10 +78,11 @@
# "local" is for Unix domain socket connections only
local all all peer
+local all all md5
# IPv4 local connections:
-host all all 127.0.0.1/32 ident
+host all all 127.0.0.1/32 md5
# IPv6 local connections:
-host all all ::1/128 ident
+host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all peer
EOD
systemctl enable postgresql
systemctl start postgresql
# create database user airtime with password airtime
useradd airtime
echo "airtime:airtime" | chpasswd
su -l postgres bash -c 'createuser airtime'
su -l postgres bash -c 'createdb -O airtime airtime'
echo "ALTER USER airtime WITH PASSWORD 'airtime';" | su -l postgres bash -c psql
echo "GRANT ALL PRIVILEGES ON DATABASE airtime TO airtime;" | su -l postgres bash -c psql
# RabbitMQ
curl -s https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.rpm.sh | sudo bash
yum install -y rabbitmq-server
systemctl enable rabbitmq-server
systemctl start rabbitmq-server
rabbitmqctl add_user airtime airtime
rabbitmqctl add_vhost /airtime
rabbitmqctl set_permissions -p /airtime airtime ".*" ".*" ".*"
# LibreTime deps
# some of these are needed to build pip deps and as such should no be installed
# on production grade systems (mostly the -devel packages)
yum install -y \
cairo-gobject-devel \
gcc \
git \
glib2-devel \
gobject-introspection-devel \
openssl-devel \
php \
php-xml \
php-pdo \
php-pgsql \
php-bcmath \
php-mbstring \
php-json \
php-process \
python38-devel \
python38-psycopg2 \
httpd \
icecast \
liquidsoap \
alsa-utils \
selinux-policy \
policycoreutils-python-utils \
lsof \
xmlstarlet
# replace icecast init system with proper systemd unit ("ported" from CentOS 7)
cat > /etc/systemd/system/icecast.service << 'EOD'
[Unit]
Description=Icecast Network Audio Streeaming Server
After=network.target
[Service]
ExecStart=/usr/bin/icecast -c /etc/icecast.xml
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
EOD
# install manually since it isn't required somewhere later
python3 -mpip install pycairo
# SELinux Setup
setsebool -P httpd_can_network_connect 1
setsebool -P httpd_can_network_connect_db 1
setsebool -P httpd_execmem on # needed by liquidsoap to do stuff when called by php
setsebool -P httpd_use_nfs 1 # to get nfs mounted /vagrant
setsebool -P httpd_graceful_shutdown 1 # to allow prefork to shutdown gracefully
setsebool -P git_system_use_nfs 1 # same for git
semanage port -a -t http_port_t -p tcp 9080 # default vagrant web port
# Allow apache full access to /vagrant and /etc/airtime
semanage fcontext -a -t httpd_sys_rw_content_t "/vagrant(/.*)?"
semanage fcontext -a -t httpd_sys_rw_content_t "/etc/airtime(/.*)?"
semanage fcontext -a -t httpd_sys_rw_content_t "/srv/airtime(/.*)?"
restorecon -Rv /vagrant /etc/airtime /srv/airtime
# Disable default apache page
sed -i -e 's/^/#/' /etc/httpd/conf.d/welcome.conf
# Switch to prefork since CentOS will disable mod_php if we use mpm_event
sed -i \
-e 's/#LoadModule mpm_prefork_module/LoadModule mpm_prefork_module/' \
-e 's/LoadModule mpm_event_module/#LoadModule mpm_event_module/' \
/etc/httpd/conf.modules.d/00-mpm.conf
# celery will not run unless we install a specific version (https://github.com/pypa/setuptools/issues/942)
# this will need to be figured out later on and will get overridden by the docs installer anyhow :(
pip3 install setuptools==33.1.1
pip3 freeze setuptools==33.1.1
# the web will fail badly if this is not set, using my personal default just because
echo 'date.timezone=Europe/Zurich' >> /etc/php.d/timezone.ini
systemctl restart httpd
# icecast needs to be available to everyone
sed -i -e 's@<bind-address>127.0.0.1</bind-address>@<bind-address>0.0.0.0</bind-address>@' /etc/icecast.xml
systemctl enable --now icecast
# let em use alsa
usermod -a -G audio apache