ubuntu1c-autoinstall/config/nocloud/user-data

331 lines
16 KiB
Plaintext
Raw Normal View History

2022-10-28 11:58:52 +00:00
#cloud-config
autoinstall:
version: 1
interactive-sections:
- network
- storage
locale: "ru_RU.UTF-8"
keyboard:
layout: us,ru
toggle: alt_shift_toggle
apt:
primary:
- arches: [default]
uri: mirror://mirrors.ubuntu.com/mirrors.txt
debconf-selections: |
ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true
packages:
2023-05-16 20:49:06 +00:00
- openssh-server
- openssh-client
- mosh
- mc
- htop
- ca-certificates
- curl
- wget
- apt-transport-https
- apt-utils
- locales-all
- language-pack-ru
- language-pack-ru-base
- unixodbc
- libfreetype6
- fontconfig
- t1utils
- apache2
- nginx
- unzip
- libc6-i386
- git
- build-essential
- python-is-python3
- python3-pip
- python3-virtualenv
- dkms
- samba
- fusesmb
- samba-vfs-modules
- cifs-utils
- avahi-daemon
- avahi-dnsconfd
- libnss-winbind
- libnss-mdns
- cups
- wsdd
- libxt6
- libtcmalloc-minimal4
2022-10-28 11:58:52 +00:00
late-commands:
- stat /cdrom/1c/install >/dev/null 2>/dev/null && sh -exc "mkdir -p /target/var/install/1c && cp /cdrom/1c/install/* /target/var/install/1c/" || echo skip 1c distr copy
- sync
- echo --- done! ---
user-data:
hostname: srv1c
groups:
- postgres
- grp1cv8
- www-data
users:
- default
- name: admin1c
gecos: Admin 1C
shell: /bin/bash
primary_group: admin1c
groups: users, adm, cdrom, sudo, dip, plugdev, lxd, postgres, grp1cv8, www-data
lock_passwd: false
sudo: ALL=(ALL) NOPASSWD:ALL
passwd: $6$rounds=4096$X0PCsEEYkoirzYwF$vFfmCzOhzPQUsdXbrlt0cyX0wEiuRc2WecIUMyO2ZkTYzSh8oz2Sp87OFVxCHp0sPklRDmdwkK56EZCar.N1o/
ssh_import_id:
- gh:b4tman
2023-05-16 20:49:06 +00:00
#ssh_authorized_keys:
# - <ssh pub key 1>
2022-10-28 11:58:52 +00:00
- name: postgres
primary_group: postgres
groups: grp1cv8
system: true
passwd: $6$rounds=4096$7HbuIwc5Gbm.$eDOOBbMBh9teE82CE9MGJXJuK3nRuJpjIbkUqOmPN7FyH/Nj.3bgDosdM1WoztBXHYwgCyd1dhya/5aR36Njm1
locale: "ru_RU.UTF-8"
timezone: Europe/Moscow
ntp:
enabled: true
ntp_client: auto
package_update: true
package_upgrade: true
write_files:
- path: /etc/systemd/system/srv1cv83@.service
encoding: gzip+base64
owner: root:root
permissions: '0644'
content: |
2023-05-08 18:32:32 +00:00
H4sIAAAAAAAAA61V3U/bMBB/z19hbUPapLVpBkUMyQ+lRF3HgKoN7IGhyk2urYdjZ7ZTqCb+952d
RLQse1seWuU+fvfxu7vc3Uhu74NzMKnmheVK0mh4GksLutDcAJmB3oAmJ91D8v5g/CGYwq+SazBU
gn1U+qFrmV6BDYI7Z8lTuA+SbQHU8LwQENwY0LQ0Oko3J8FIq7KgK134tyCWG66VzEFa+nVwO5h/
ub6MaagKGzqD8OnkeH58FB6Mw58aguAtmTC7JlaRDBNIrdJb8shRkgpmMF+SMcv2QGfT22h4ezI/
HyQDGq5VDmGdStj1v9GwiuTAr8p8gSBqSewaELP0mIXSlqQamIWMLLYkgyUrhSVZqblckSXXxqKz
YKVM185ZsxWGbk1jcj1NaNQ/6u2Ha0J5R5IzLn3ULknW3FQJ4H9pqgQwOfRufFIljRLgmsKyDGkx
VfaIpJkgxpPXJcPdEOjegDJhFDEFpHzJEZ5V3uNJZVC3wrHsaq3BWkubxqOmusgz5fw1kysgS+XT
lMgYThciK9EOMbgaxQhw3DuN+p89ygxSbLPdEgEbEKco6ZEOKWWhlUU4zPgF2KA2Qm2rjigptj4T
V5DlObjisKUavfBhJcql5Slz5ij75JBA50yiGF3bI7aVMYuH3+Jb6jne36Sqfw5gyVel9qFwnhbl
iuQqc6wuBJMPGLkZss6O2tGllku06lTCv5SYd/v0x2c3I9p4ra0tXG7DNaQPrkaustccCYVzlIH1
S/aR5FwILAANsvaaJ+Or0XwST8fX5zTq9XztUzAF9qjqtirtf4mRjC/j65uE9usgrQ1+gK1lC1xN
AV20eWlmvfuH3R0LgtvWhlLNRfVwaSwToiasuT17WV5Mz/rzi+Rq8I8DVoeuI+Ppe4J0hpfT0nDB
ZWjWpJOSN22e1T1B0sm737v37Jl0/JK+SN0ColTD6pWiXk6n8xu5o3E790x+BB1sPS7ZjqqaYxcF
d39SjclOrBfGa5OkpvmVTc3Y8272bh6f3+CXxPgOMPHItqZ5xZ2n/WCi+QZPbpIXVCr8towrCtyH
yrPp32UKFA+EdjftO0MGs7MtzVHLO261my/TH0B8qt7jBgAA
2022-10-28 11:58:52 +00:00
- path: /etc/systemd/system/srv1cv83-ras@.service
encoding: gzip+base64
owner: root:root
permissions: '0644'
content: |
H4sIAAAAAAAAA11QwWpCMRC85yuCILSHNAgqUsjBtiKPQik+pQeRksZ9djEvSTeJ1b9vfFQPHmd2
Z3Zm1yuHacNeIBrCkNA7NXh+nLkEFAgj8AW0PgGfblt0GBPp8w6vgQ5ogN/1q3u2gJ+MBFE5SL+e
9g9J0w4SmzbF5Ybk1PmJJl4IF6Ow3u9zuOjY+t9+w5anACpiGyywVSxuOdLAHCZsTj4HtaPQITY7
gqmLPCn5hU7Gby7gaHgPCs+lD0me9+RxMv4cD2W/kqQjNzbHkpALEXxRDkbDUY+9orU17py2qq7m
1duSvRMedIJlG1SiDKVu7C55JxqNNtOVqsGoUYlfuQKtPb+10dmmDjsDymQicIl96PLg7dNJtWWK
Ipdm1/J/2tGhvJIBAAA=
- path: /etc/nginx/sites-available/apache-proxy
encoding: gzip+base64
owner: root:root
permissions: '0644'
content: |
2023-05-16 14:04:12 +00:00
H4sIAAAAAAAAA41WXW/iOBR9z6+4YngbhXxAKUPUB8R2ptW226qZh65Wq8gkF/CS2JFtOtDV/Pe9
joHy1e0YFBKfc26ce49vWNbaKGQVsJrlc4R/PaChUb2ggii+7IT0iYbdbncQJg22QKxZyV8Q+r3E
++l5jpwZuUChQU6nieeVvOImy6UQ2asUCO0JF0ytM4WVNJixolBggasaFa+HUVglp5pNYMEq3JHd
nBN4eclRmGwii3U2WU6nRNb8FQGi/u/JFp0jKwjYx3uLHVqxldM3QBTGvXtaCVMzzM7pNcTQjUnu
fQIuDKoKC84MAi17ymdLxQyXwtO6zGoljcxlqeH7XfoSdeLNbzdp4JzXcxvvevzbzbVPx3Tkj67T
KB7438b3fnozii/6Q4c+/Q+2U9LUFu0OeofKs5hTjm9G9I1D//Hh7s+oG17sKU+x91fz7t0S75NL
Bzb5dzXdPr1zi8U1ak2py/LGhnrOFBbDNL0bXthSWwbmxTzLl6Qnf+Y1hVYRiRVqWVq3Xl52BoMO
fWx1Zq+8BikSz55kZl2jBoMrE9Ql44LcXpc8b4oV/KOlcFiu9SHCXpjOyaDmYHrl7wGN8Ph6VZWH
iqNrpfXn4zlmZPV51XYLrrjIShQzM4de+KW/eQyy1IpjAUys6RlpE23MCc/+V0W7xH+obSgN6ej+
+uHp9tvtH8khbSzJtML43ykhO7aQWnBbiAPqc5r6j+RhzC0LWlEClSzwalLKfNFKtvt+0zFKrikw
uDEIocApW5ZmU+/klPPXcPj38FeIvV4XqPwwN6aO3wt0hrTfPYDWzMq51MZhjmB3ISrDp7YE6KIF
aPJAzLhYBYQHFu/UWCXnFNkC1ycKmnsTNIe9rKZG8Zyyr5jQtVTGT5EMzc0aWtSIfDbDq343vIzD
MEyov+TlssB0OSlkRabVCdAmKiUrWnvR37omNL2UmvZgH5bOXhBsCmWH9dG60VBxM8MrlEsD0cUX
nRxxNIpiRwDoh+Exg14eHzAOOjMAdYfFeYpuZroxvVjOMPSO5kKdi2OwqrMpLzH7QVnFc8ST5Rdc
URZgN5qWdJyF7WtgO//sPyEr/dtHaO+90n5F91WqH0wVWNgzaDuitcgqm24he/ZxrBuyM7TfTP3G
tbsgI/Pbhurmo070ccCxM0Sz21vH9JppDQfD3mUYBO6PQ+D4P+kPwX+oL4ivUwgAAA==
2022-10-28 11:58:52 +00:00
runcmd:
2023-05-08 20:02:04 +00:00
# --- fix hosts ---
2023-05-08 20:07:42 +00:00
- |
2023-05-16 20:49:06 +00:00
set -x
echo " " >> /etc/hosts
echo "127.0.0.1 localhost srv1c srv1c.local" >> /etc/hosts
echo "::1 localhost srv1c srv1c.local" >> /etc/hosts
2022-10-28 11:58:52 +00:00
# --- force locale install ---
- |
set -x
2022-11-02 20:27:10 +00:00
locale-gen ru_RU.UTF-8 en_US.UTF-8
2022-10-28 11:58:52 +00:00
update-locale LANG=ru_RU.UTF-8
export LC_ALL=ru_RU.UTF-8
export LANG=ru_RU.UTF-8
# --- force set timezone ---
- timedatectl set-timezone Europe/Moscow
2023-05-17 06:15:31 +00:00
# --- force apt update ---
2022-10-28 11:58:52 +00:00
- |
2023-05-16 20:44:00 +00:00
set -x
2022-10-28 11:58:52 +00:00
apt-get update
apt-get -y dist-upgrade
apt-get clean
# --- install hasp ---
- |
2023-05-16 20:44:00 +00:00
set -x
2022-11-02 20:27:10 +00:00
mkdir -p /tmp/ldk
2022-11-03 16:56:55 +00:00
curl -SLo /tmp/ldk/installer.tar.gz https://b4tman.ru/_static/Sentinel_LDK_Ubuntu_DEB_Runtime_Installer.tar.gz
2022-11-02 20:27:10 +00:00
tar xzf /tmp/ldk/installer.tar.gz --strip-components=1 -C /tmp/ldk
sh -xc 'dpkg -i $(find /tmp/ldk -name "aksusb*amd64.deb" -type f)'
rm -rf /tmp/ldk
2022-10-28 11:58:52 +00:00
# --- install ttf-mscorefonts ---
- |
set -x
export DEBIAN_FRONTEND=noninteractive
mkdir -p /var/lib/update-notifier/package-data-downloads/partial
chown _apt:root /var/lib/update-notifier/package-data-downloads/partial/
apt-get install --no-install-recommends --no-install-suggests -y ttf-mscorefonts-installer
rm -rf /var/lib/update-notifier/package-data-downloads/partial/*
# --- install postgres ---
- |
2023-05-16 20:44:00 +00:00
set -x
2022-11-04 15:59:22 +00:00
curl -SLo /tmp/pgpro-repo-add.sh https://repo.postgrespro.ru/1c-15/keys/pgpro-repo-add.sh
2022-10-28 11:58:52 +00:00
sh /tmp/pgpro-repo-add.sh
2022-11-02 20:27:10 +00:00
rm -f /tmp/pgpro-repo-add.sh
2022-11-15 07:14:34 +00:00
apt-get install -y postgrespro-1c-15-contrib postgrespro-1c-15-jit
2022-10-28 11:58:52 +00:00
# --- postgres init ---
- |
2023-05-16 20:44:00 +00:00
set -x
2022-10-28 11:58:52 +00:00
echo postgres > /tmp/pgpswd
2022-11-04 15:59:22 +00:00
/opt/pgpro/1c-15/bin/pg-setup initdb --tune=1c -k -E UTF8 -g --locale ru_RU.UTF-8 -T russian --pwfile=/tmp/pgpswd
2022-10-28 11:58:52 +00:00
rm -f /tmp/pgpswd
2022-11-04 15:59:22 +00:00
sed -i 's%\=\s0MB%\=\ 1GB%g' /var/lib/pgpro/1c-15/data/postgresql.conf
echo >> /var/lib/pgpro/1c-15/data/postgresql.conf
echo \#--- >> /var/lib/pgpro/1c-15/data/postgresql.conf
echo row_security=off >> /var/lib/pgpro/1c-15/data/postgresql.conf
echo max_wal_senders=0 >> /var/lib/pgpro/1c-15/data/postgresql.conf
echo wal_level=minimal >> /var/lib/pgpro/1c-15/data/postgresql.conf
/opt/pgpro/1c-15/bin/pg-setup service enable
/opt/pgpro/1c-15/bin/pg-setup service start
apt-get install -y postgrespro-1c-15
2022-10-28 11:58:52 +00:00
# --- install 1c ---
- |
2022-11-03 18:16:23 +00:00
set -x
# install deps
mkdir -p /tmp/deps1c
curl --output-dir /tmp/deps1c -SL --remote-name-all http://archive.ubuntu.com/ubuntu/pool/universe/e/enchant/libenchant1c2a_1.6.0-11.3build1_amd64.deb
dpkg -i $(find /tmp/deps1c -type f -name \*.deb) || apt-get install -f -y
rm -rf /tmp/deps1c
# extract distrs
2022-10-28 11:58:52 +00:00
stat /var/install/1c >/dev/null 2>/dev/null && mkdir -p /tmp/1c || echo skip 1c install
stat /var/install/1c >/dev/null 2>/dev/null && tar xzf $(find /var/install/1c -name "server64_*.tar.gz" -type f) -C /tmp/1c || echo skip 1c install
# install only server (without GUI)
stat /var/install/1c >/dev/null 2>/dev/null && $(find /tmp/1c -name "setup-full-*.run" -type f) --mode unattended --enable-components additional_admin_functions,integrity_monitoring,config_storage_server,liberica_jre,server,server_admin,ws,ru || echo skip 1c install
# install with GUI (with all X deps)
# stat /var/install/1c >/dev/null 2>/dev/null && $(find /tmp/1c -name "setup-full-*.run" -type f) --mode unattended --enable-components additional_admin_functions,integrity_monitoring,config_storage_server,client_full,client_thin_fib,liberica_jre,server,server_admin,ws,ru || echo skip 1c install
stat /tmp/1c >/dev/null 2>/dev/null && rm -rf /tmp/1c || echo skip 1c install
stat /opt/1cv8/x86_64 >/dev/null 2>/dev/null && ln -s $(find /opt/1cv8/x86_64 -name "8.3.*" -type d) /opt/1cv8/x86_64/current || echo skip 1c install
2023-05-08 18:24:31 +00:00
# --- 1c config ---
- |
2023-05-08 20:02:04 +00:00
echo \ \ >> /opt/1cv8/conf/conf.cfg
2023-05-08 18:24:31 +00:00
echo "JavaHome=/opt/1cv8/x86_64/current/jre" >> /opt/1cv8/conf/conf.cfg
echo "JAVA_HOME=/opt/1cv8/x86_64/current/jre" >> /opt/1cv8/conf/conf.cfg
echo "UpdateDBCfg=v2" >> /opt/1cv8/conf/conf.cfg
2022-10-28 11:58:52 +00:00
# --- 1c web init ---
- |
2023-05-16 20:44:00 +00:00
set -x
2022-10-28 11:58:52 +00:00
# stop services
systemctl stop apache2
systemctl stop nginx
# remove defaul sites
rm -f /etc/apache2/sites-enabled/000-default.conf
rm -f /etc/nginx/sites-enabled/default
# dirs and files
mkdir -p /var/www-1c/html
mkdir -p /etc/nginx/ssl
echo Hello 1C > /var/www-1c/html/index.html
#create apache cfg from default
cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/001-1c.conf
sed -i 's%VirtualHost\s\*\:80%VirtualHost\ \*\:33380%' /etc/apache2/sites-available/001-1c.conf
sed -i 's%DocumentRoot\s\/var\/www\/html%DocumentRoot \/var\/www-1c\/html%' /etc/apache2/sites-available/001-1c.conf
sed -i 's%\#Include.*$%Include /etc/apache2/conf-available/1c.conf%' /etc/apache2/sites-available/001-1c.conf
2023-05-16 20:44:00 +00:00
# load 1c handler module
2022-11-03 15:40:57 +00:00
echo LoadModule _1cws_module "/opt/1cv8/x86_64/current/wsap24.so" >> /etc/apache2/conf-available/1c.conf
2022-10-28 11:58:52 +00:00
# allow www root
echo \<Directory\ \"/var/www-1c/html\"\> >> /etc/apache2/conf-available/1c.conf
echo \ \ \ \ Options Indexes Includes >> /etc/apache2/conf-available/1c.conf
echo \ \ \ \ AllowOverride All >> /etc/apache2/conf-available/1c.conf
echo \ \ \ \ Require all granted >> /etc/apache2/conf-available/1c.conf
echo \</Directory\> >> /etc/apache2/conf-available/1c.conf
# set apache http port
sed -i 's%Listen\s80%Listen\ 33380%' /etc/apache2/ports.conf
# gen self signed ssl cert
openssl req -x509 -newkey rsa:4096 -keyout /etc/nginx/ssl/key.pem -out /etc/nginx/ssl/cert.pem -days 3650 -nodes -subj "/C=RU/ST=Tula/L=Novomoskovsk/O=Company Name/OU=Org/CN=$(hostname)"
# set apache hostname
sed -i "s%server_name\slocalhost;%server_name $(hostname);%" /etc/nginx/sites-available/apache-proxy
sed -i "s%\#ServerName.*$%ServerName $(hostname)%" /etc/apache2/sites-available/001-1c.conf
2022-11-03 15:40:57 +00:00
# fix 1c thin client auto update (with url_path=/1c/test1)
sed -E '/^\s*location\s+\/\s+/i\ \ \ \ rewrite ^/1c/e1cibdst/(.*) /1c/test1/e1cibdst/$1 last;\n' -i /etc/nginx/sites-available/apache-proxy
2022-10-28 11:58:52 +00:00
# enable new configs
ln -s /etc/apache2/sites-available/001-1c.conf /etc/apache2/sites-enabled/001-1c.conf
ln -s /etc/nginx/sites-available/apache-proxy /etc/nginx/sites-enabled/apache-proxy
# start services
systemctl enable apache2 --now
systemctl enable nginx --now
# enable+start 1c service
stat /opt/1cv8/x86_64/current/ragent >/dev/null 2>/dev/null && systemctl enable srv1cv83@current --now || echo ignoring 1c service
stat /opt/1cv8/x86_64/current/ras >/dev/null 2>/dev/null && systemctl enable srv1cv83-ras@current --now || echo ignoring 1c ras service
# --- install & config webpub1c ---
- |
2023-05-16 20:44:00 +00:00
set -x
2023-05-08 18:13:10 +00:00
sudo -u admin1c sh -exc "git clone --branch v0.0.1 https://github.com/b4tman/webpub1c /home/admin1c/webpub1c && cd /home/admin1c/webpub1c && virtualenv venv && . venv/bin/activate && pip install -r requirements.txt"
2022-10-28 11:58:52 +00:00
sed -i "s%apache_config:.*\$%apache_config: /etc/apache2/conf-available/1c.conf%" /home/admin1c/webpub1c/webpub1c.yml
mkdir -p /var/www-1c/vrd
mkdir -p /var/www-1c/pub
chown admin1c:www-data /var/www-1c/vrd
chown admin1c:www-data /var/www-1c/pub
chown admin1c:root /etc/apache2/conf-available/1c.conf
sed -i "s%vrd_path:.*\$%vrd_path: /var/www-1c/vrd%" /home/admin1c/webpub1c/webpub1c.yml
sed -i "s%dir_path:.*\$%dir_path: /var/www-1c/pub%" /home/admin1c/webpub1c/webpub1c.yml
# --- install opt tools ---
- |
set -x
snap install ripgrep --classic
snap install lsd
snap install yq
snap install jq
snap install nvim --classic
2023-05-08 18:13:10 +00:00
apt-get install -y bat fd-find exa fzf
2022-10-28 11:58:52 +00:00
echo "alias bat=batcat" >> /home/admin1c/.bashrc
# --- install onescript ---
- |
set -x
apt-get install -y mono-runtime libmono-i18n4.0-all
2023-05-08 18:13:10 +00:00
curl -SLo /tmp/onescript-engine.deb https://github.com/EvilBeaver/OneScript/releases/download/v1.8.3/onescript-engine_1.8.3_all.deb
2022-10-28 11:58:52 +00:00
dpkg -i /tmp/onescript-engine.deb
# --- install wsdd ---
#- |
# set -x
# apt-key adv --fetch-keys https://pkg.ltec.ch/public/conf/ltec-ag.gpg.key
# echo "deb https://pkg.ltec.ch/public/ $(lsb_release -cs) main" >> /etc/apt/sources.list.d/wsdd.list
# apt-get update
# apt-get install -y wsdd
# systemctl enable wsdd.service --now
2023-05-16 20:49:06 +00:00
2022-11-02 21:35:43 +00:00
# --- create bases ---
- |
set -x
export PATH="$PATH:/opt/1cv8/x86_64/current"
export DB_ADDR=localhost
export CLUSTER_ADDR=localhost
export CLUSTER_ID=$(rac cluster list $CLUSTER_ADDR | rg -e "^cluster\s*:" -m 1 | rg -e "[[:xdigit:]-]{36}" -o)
rac infobase --cluster=$CLUSTER_ID create --create-database --name=test1 --dbms=PostgreSQL --db-server=$DB_ADDR --db-name=test1 --locale=ru --db-user=postgres --db-pwd=postgres --license-distribution=allow $CLUSTER_ADDR
rac infobase --cluster=$CLUSTER_ID create --create-database --name=test2 --dbms=PostgreSQL --db-server=$DB_ADDR --db-name=test2 --locale=ru --db-user=postgres --db-pwd=postgres --license-distribution=allow $CLUSTER_ADDR
rac infobase --cluster=$CLUSTER_ID create --create-database --name=test3 --dbms=PostgreSQL --db-server=$DB_ADDR --db-name=test3 --locale=ru --db-user=postgres --db-pwd=postgres --license-distribution=allow $CLUSTER_ADDR
sudo -u admin1c sh -exc "cd /home/admin1c/webpub1c && . venv/bin/activate && python webpub1c.py add_module && python webpub1c.py add test1 && python webpub1c.py add test2 && python webpub1c.py add test3"
systemctl restart apache2
2022-10-28 11:58:52 +00:00
# --- final ---
- |
set -x
# disable boot to GUI
systemctl set-default multi-user.target
# remove default user folder
rm -rf /home/ubuntu
echo -- done! ---