X-Git-Url: http://koha-dev.rot13.org:8081/gitweb/?a=blobdiff_plain;f=debian%2Fscripts%2Fkoha-create;h=b90e7d4e236ae54870ed1fe7c599a9a1f334cc6d;hb=7b1e8c59fe0edc2faab878c6bd9d45de9f720e81;hp=bb2b642082749d79ca2cd495d3ae91653b241cbc;hpb=1ee7f449be2ba45c2458d2ac571172ecf58752b2;p=koha-ffzg.git

diff --git a/debian/scripts/koha-create b/debian/scripts/koha-create
index bb2b642082..b90e7d4e23 100755
--- a/debian/scripts/koha-create
+++ b/debian/scripts/koha-create
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 #
 # koha-create -- Create a new Koha instance.
 # Copyright 2010  Catalyst IT, Ltd
@@ -16,19 +16,71 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
+# Read configuration variable file if it is present
+[ -r /etc/default/koha-common ] && . /etc/default/koha-common
 
 set -e
 
-usage="Usage: $0 [--create-db|--request-db|--populate-db|--use-db] \
-    [--marcflavor marc21|normarc|unimarc] \
-    [--zebralang en|nb|fr] \
-    [--defaultsql /path/to/some.sql] \
-    [--configfile /path/to/config] [--passwdfile /path/to/passwd] \
-    [--database database] [--adminuser n] instancename"
-
-die() {
-    echo "$@" 1>&2
+# include helper functions
+if [ -f "/usr/share/koha/bin/koha-functions.sh" ]; then
+    . "/usr/share/koha/bin/koha-functions.sh"
+else
+    echo "Error: /usr/share/koha/bin/koha-functions.sh not present." 1>&2
     exit 1
+fi
+
+usage()
+{
+    local scriptname=$0
+    cat <<EOF
+
+Creates new Koha instances.
+
+Usage:
+
+  $scriptname [DB usage mode] [options] instancename
+
+DB usage mode:
+  --create-db               Create a new database on localhost. (default).
+  --request-db              Creates a instancename-db-request.txt file where
+                            you adjust your DB settings and re-run with --populate-db.
+  --populate-db             Finish the installation you started with --request-db after
+                            you adjusted the instancename-db-request.txt file.
+  --use-db                  Use this option if you already created and populated your DB.
+
+Options:
+  --marcflavor flavor       Set the MARC flavor. Valid values are marc21 (default),
+                            normarc and unimarc.
+  --zebralang lang          Choose the primary language for Zebra indexing. Valid
+                            values are cs, el, en (default), es, fr, nb, ru and uk.
+  --elasticsearch-server s  Enforce the use of the specified Elasticsearch server(s)
+                            (default: localhost:9200).
+  --memcached-servers str   Set a comma-separated list of host:port memcached servers.
+  --memcached-prefix str    Set the desired prefix for the instance memcached namespace.
+  --enable-sru              Enable the Z39.50/SRU server in Zebra search engine
+                            (default: disabled).
+  --sru-port                Specify a TCP port number for Zebra's Z39.50/SRU server
+                            to listen on. (default: 7090).
+  --defaultsql some.sql     Specify a default SQL file to be loaded on the DB.
+  --configfile cfg_file     Specify an alternate config file for reading default values.
+  --passwdfile passwd       Specify an alternate passwd file.
+  --dbhost host             Enforce the use of the specified DB server
+  --database dbname         Enforce the use of the specified DB name (64 char limit)
+  --adminuser n             Explicit the admin user ID in the DB. Relevant in
+                            conjunction with --defaultsql and --populate-db.
+  --template-cache-dir      Set a user defined template_cache_dir. It defaults to
+                            /var/cache/koha/<instance>/templates
+  --timezone time/zone      Specify a timezone. e.g. America/Argentina
+  --upload-path dir         Set a user defined upload_path. It defaults to
+                            /var/lib/koha/<instance>/uploads
+  --tmp-path dir            Set a user defined tmp_path. It defaults to
+                            /var/lib/koha/<instance>/tmp
+  --letsencrypt             Set up a https-only site with letsencrypt certificates
+  --help,-h                 Show this help.
+
+Note: the instance name cannot be longer that 11 chars.
+
+EOF
 }
 
 # UPPER CASE VARIABLES - from configfile or default value
@@ -37,7 +89,8 @@ generate_config_file() {
     touch "$2"
     chown "root:$username" "$2"
     chmod 0640 "$2"
-    sed -e "s/__KOHASITE__/$name/g" \
+    sed -e "s/__KOHA_CONF_DIR__/\/etc\/koha\/sites\/$name/g" \
+        -e "s/__KOHASITE__/$name/g" \
         -e "s/__OPACPORT__/$OPACPORT/g" \
         -e "s/__INTRAPORT__/$INTRAPORT/g" \
         -e "s/__OPACSERVER__/$opacdomain/g" \
@@ -45,20 +98,40 @@ generate_config_file() {
         -e "s/__ZEBRA_PASS__/$zebrapwd/g" \
         -e "s/__ZEBRA_MARC_FORMAT__/$ZEBRA_MARC_FORMAT/g" \
         -e "s/__ZEBRA_LANGUAGE__/$ZEBRA_LANGUAGE/g" \
+        -e "s/__SRU_BIBLIOS_PORT__/$SRU_SERVER_PORT/g" \
+        -e "s/__START_SRU_PUBLICSERVER__/$START_SRU_PUBLICSERVER/g" \
+        -e "s/__END_SRU_PUBLICSERVER__/$END_SRU_PUBLICSERVER/g" \
+        -e "s/__API_SECRET__/$API_SECRET/g" \
         -e "s/__DB_NAME__/$mysqldb/g" \
         -e "s/__DB_HOST__/$mysqlhost/g" \
         -e "s/__DB_USER__/$mysqluser/g" \
         -e "s/__DB_PASS__/$mysqlpwd/g" \
+        -e "s/__ELASTICSEARCH_SERVER__/${ELASTICSEARCH_SERVER}/g" \
         -e "s/__UNIXUSER__/$username/g" \
         -e "s/__UNIXGROUP__/$username/g" \
+        -e "s#__TEMPLATE_CACHE_DIR__#$TEMPLATE_CACHE_DIR#g" \
+        -e "s#__TIMEZONE__#$TIMEZONE#g" \
+        -e "s#__UPLOAD_PATH__#$UPLOAD_PATH#g" \
+        -e "s#__TMP_PATH__#$TMP_PATH#g" \
+        -e "s/__LOG_DIR__/\/var\/log\/koha\/$name/g" \
+        -e "s/__PLUGINS_DIR__/\/var\/lib\/koha\/$name\/plugins/g" \
+        -e "s/__MEMCACHED_NAMESPACE__/$MEMCACHED_NAMESPACE/g" \
+        -e "s/__MEMCACHED_SERVERS__/$MEMCACHED_SERVERS/g" \
         "/etc/koha/$1" > "$2"
+
 }
 
 getmysqlhost() {
+    if [ ! -f /etc/mysql/debian.cnf ]
+    then
+        echo localhost
+        return
+    fi
     awk '
-        /^\[/ { inclient = 0 }
-        /^\[client\]/ { inclient = 1 }
-        inclient && /^ *host *=/ { print $3 }' \
+        BEGIN { FS="=" }
+        $1 ~/\[/ { inclient=0 }
+        $1 ~/\[client\]/ { inclient=1; next }
+        inclient==1 && $1 ~/host/ { gsub(/ /, "", $2); print $2 }' \
         /etc/mysql/koha-common.cnf
 }
 
@@ -74,6 +147,185 @@ getinstancemysqldatabase() {
     xmlstarlet sel -t -v 'yazgfs/config/database' "/etc/koha/sites/$1/koha-conf.xml"
 }
 
+check_apache_config()
+{
+
+    # Check that mpm_itk is installed and enabled
+    if ! /usr/sbin/apachectl -M | grep -q 'mpm_itk'; then
+        # Check Apache version
+        APACHE_DISABLE_MPM_MSG=""
+        if /usr/sbin/apache2ctl -v | grep -q "Server version: Apache/2.4"; then
+            # mpm_event or mpm_worker need to be disabled first. mpm_itk depends
+            # on mpm_prefork, which is enabled if needed. See
+            # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734865
+            if /usr/sbin/apachectl -M | grep -q 'mpm_event'; then
+                APACHE_DISABLE_MPM_MSG=" sudo a2dismod mpm_event ;"
+            elif /usr/sbin/apachectl -M | grep -q 'mpm_worker'; then
+                APACHE_DISABLE_MPM_MSG=" sudo a2dismod mpm_worker ;"
+            # else mpm_prefork: a2enmod mpm_itk works
+            fi
+        # else Apache 2.2: a2enmod mpm_itk works
+        fi
+
+        cat 1>&2  <<EOM
+
+Koha requires mpm_itk to be enabled within Apache in order to run.
+Typically this can be enabled with:
+
+   $APACHE_DISABLE_MPM_MSG sudo a2enmod mpm_itk
+EOM
+
+        die
+    fi
+
+    # Check that mod_rewrite is installed and enabled.
+    if ! /usr/sbin/apachectl -M | grep -q 'rewrite_module'; then
+        cat 1>&2  <<EOM
+
+Koha requires mod_rewrite to be enabled within Apache in order to run.
+Typically this can be enabled with:
+
+    sudo a2enmod rewrite
+EOM
+        die
+    fi
+
+    # Check that the CGI module is installed and enabled
+    # (Apache 2.4 may not have it by default.)
+    if ! /usr/sbin/apachectl -M | grep -q 'cgi_module'; then
+        cat 1>&2 << EOM
+Koha requires mod_cgi to be enabled within Apache in order to run.
+Typically this can be enabled with:
+
+    sudo a2enmod cgi
+EOM
+        die
+    fi
+
+    # Check that mod_ssl is installed and enabled.
+    if [ "$CLO_LETSENCRYPT" = "yes" ]; then
+        if ! /usr/sbin/apachectl -M | grep -q 'ssl_module'; then
+            cat 1>&2  <<EOM
+
+Koha requires mod_ssl to be enabled within Apache in order to run with --letsencrypt.
+Typically this can be enabled with:
+
+    sudo a2enmod ssl
+EOM
+            die
+        fi
+    fi
+
+}
+
+set_memcached()
+{
+    local instance="$1"
+
+    if [ "$CLO_MEMCACHED_SERVERS" != "" ]; then
+        MEMCACHED_SERVERS=$CLO_MEMCACHED_SERVERS
+    else
+        if [ "$MEMCACHED_SERVERS" = "" ]; then
+            MEMCACHED_SERVERS=$DEFAULT_MEMCACHED_SERVERS
+        # else: was set by the koha-sites.conf file
+        fi
+    fi
+
+    if [ "$CLO_MEMCACHED_PREFIX" != "" ]; then
+        MEMCACHED_NAMESPACE="$CLO_MEMCACHED_PREFIX$instance"
+    else
+        if [ "$MEMCACHED_PREFIX" != "" ]; then
+            MEMCACHED_NAMESPACE="$MEMCACHED_PREFIX$instance"
+        else
+            MEMCACHED_NAMESPACE="$DEFAULT_MEMCACHED_PREFIX$instance"
+        fi
+    fi
+
+}
+
+set_upload_path()
+{
+    local instance="$1"
+
+    if [ "$CLO_UPLOAD_PATH" != "" ]; then
+        UPLOAD_PATH=$CLO_UPLOAD_PATH
+    else
+        UPLOAD_PATH="$INSTANCE_PATH_BASE/$instance/$UPLOAD_DIR"
+    fi
+}
+
+set_tmp_path()
+{
+    local instance="$1"
+
+    if [ "$CLO_TMP_PATH" != "" ]; then
+        TMP_PATH=$CLO_TMP_PATH
+    else
+        TMP_PATH="$INSTANCE_PATH_BASE/$instance/$TMP_DIR"
+    fi
+}
+
+enable_sru_server()
+{
+    # remove the commenting symbols
+    START_SRU_PUBLICSERVER=""
+    END_SRU_PUBLICSERVER=""
+    if [ "$SRU_SERVER_PORT" = "" ]; then
+        # --sru-port not passed, use the default
+        SRU_SERVER_PORT=$DEFAULT_SRU_SERVER_PORT
+    fi
+}
+
+check_letsencrypt()
+{
+    if [ $(dpkg-query -W -f='${Status}' letsencrypt 2>/dev/null | grep -c "ok installed") -eq 0 ]; then
+        set +e
+        apt-cache show letsencrypt &>/dev/null
+        local aptcacheshow=$?
+        set -e
+        if [ $aptcacheshow -eq 0 ]; then
+                read -r -p "The letsencrypt package is not installed. Do it now?  [y/N] " response
+                if [[ $response =~ ^([yY][eE][sS]|[yY])$ ]]; then
+                    local debrelease="$(lsb_release -c -s)"
+                    if [ $debrelease = "jessie" ]; then
+                        apt-get install -y -t jessie-backports letsencrypt
+                    else
+                        apt-get install -y letsencrypt
+                    fi
+                else
+                    die "You have to install letsencrypt to use the --letsencrypt parameter."
+                fi
+        else
+            echo "No installation candidate available for package letsencrypt."
+            if [[ -f /usr/bin/letsencrypt ]]; then
+                read -r -p "If you have a symlink from /usr/bin/letsencrypt to letsencrypt-auto, it should work. [y/N] " response
+                if [[ ! $response =~ ^([yY][eE][sS]|[yY])$ ]]; then
+                    die "You have to install letsencrypt to use the --letsencrypt parameter."
+                fi
+            else
+                die "You can create a symlink from /usr/bin/letsencrypt to letsencrypt-auto."
+            fi
+        fi
+    fi
+}
+
+letsencrypt_instance()
+{
+    # Get letsencrypt certificates
+    letsencrypt --agree-tos --renew-by-default --webroot certonly \
+        -w /usr/share/koha/opac/htdocs/ -d $opacdomain -w /usr/share/koha/intranet/htdocs/ -d $intradomain
+    # enable all ssl settings (apache won't start with these before certs are present)
+    sed -i "s:^\s*#\(\s*SSL.*\)$:\1:" "/etc/apache2/sites-available/$name.conf"
+    # change port from 80 to 443. (apache won't start if it is 443 without certs present)
+    sed -i "s:^\s*\(<VirtualHost \*\:\)80> #https$:\1443>:" "/etc/apache2/sites-available/$name.conf"
+    # enable redirect from http to https on port 80
+    sed -i "s:^\s*#\(.*\)#nohttps$:\1:" "/etc/apache2/sites-available/$name.conf"
+    # make koha-list --letsencrypt aware of this instance # could be done by checking apache conf instead
+    echo -e "opacdomain=\"$opacdomain\"\nintradomain=\"$intradomain\"" > /var/lib/koha/$name/letsencrypt.enabled
+    # restart apache with working certs
+    service apache2 restart
+}
+
 # Set defaults and read config file, if it exists.
 DOMAIN=""
 OPACPORT="80"
@@ -87,14 +339,47 @@ ZEBRA_MARC_FORMAT="marc21"
 ZEBRA_LANGUAGE="en"
 ADMINUSER="1"
 PASSWDFILE="/etc/koha/passwd"
+
+# memcached variables
+USE_MEMCACHED="yes"
+MEMCACHED_SERVERS=""
+MEMCACHED_PREFIX=""
+# elasticsearch config
+ELASTICSEARCH_SERVER="localhost:9200"
+# hardcoded memcached defaults
+DEFAULT_MEMCACHED_SERVERS="127.0.0.1:11211"
+DEFAULT_MEMCACHED_PREFIX="koha_"
+# hardcoded instance base path
+INSTANCE_PATH_BASE="/var/lib/koha"
+UPLOAD_DIR="uploads"
+UPLOAD_PATH=""
+# timezone defaults to empty
+TIMEZONE=""
+# hardcoded upload_tmp_path
+TMP_DIR="tmp"
+TMP_PATH=""
+# cache base dir
+CACHE_DIR_BASE="/var/cache/koha"
+# Generate a randomizaed API secret
+API_SECRET="$(pwgen -s 64 1)"
+# SRU server variables
+ENABLE_SRU="no"
+SRU_SERVER_PORT=""
+# hardcoded default SRU server port
+DEFAULT_SRU_SERVER_PORT="7090"
+START_SRU_PUBLICSERVER="<!--"
+END_SRU_PUBLICSERVER="-->"
+
+APACHE_CONFIGFILE=""
+
 if [ -e /etc/koha/koha-sites.conf ]
 then
     . /etc/koha/koha-sites.conf
 fi
 
-[ $# -ge 2 ] && [ $# -le 16 ] || die $usage
+[ $# -ge 1 ] && [ $# -le 16 ] || ( usage ; die "Error: wrong parameters" )
 
-TEMP=`getopt -o crpm:l:d:f:a: -l create-db,request-db,populate-db,use-db,marcflavor:,zebralang:,defaultsql:,configfile:,passwdfile:,adminuser: \
+TEMP=`getopt -o chrpm:l:d:f:b:a: -l create-db,request-db,populate-db,use-db,enable-sru,sru-port:,help,marcflavor:,auth-idx:,biblio-idx:,zebralang:,defaultsql:,configfile:,passwdfile:,dbhost:,database:,elasticsearch-server:,adminuser:,memcached-servers:,memcached-prefix:,template-cache-dir:,timezone:,upload-path:,tmp-path:,letsencrypt, \
      -n "$0" -- "$@"`
 
 # Note the quotes around `$TEMP': they are essential!
@@ -105,23 +390,68 @@ CLO_ZEBRA_MARC_FORMAT=""
 CLO_ZEBRA_LANGUAGE=""
 CLO_DEFAULTSQL=""
 CLO_ADMINUSER=""
+CLO_MEMCACHED_SERVERS=""
+CLO_MEMCACHED_PREFIX=""
+CLO_ELASTICSEARCH_SERVER=""
+CLO_UPLOAD_PATH=""
+CLO_TMP_PATH=""
+CLO_LETSENCRYPT=""
+CLO_TEMPLATE_CACHE_DIR=""
+CLO_TIMEZONE=""
 
 while true ; do
-	case "$1" in
-		-c|--create-db) op=create ; shift ;;
-		-r|--request-db) op=request ; shift ;;
-		-p|--populate-db) op=populate ; shift ;;
-        -u|--use-db) op=use ; shift ;;
-		-m|--marcflavor) CLO_ZEBRA_MARC_FORMAT="$2" ; shift 2 ;;
-		-l|--zebralang) CLO_ZEBRA_LANGUAGE="$2" ; shift 2 ;;
-		-d|--defaultsql) CLO_DEFAULTSQL="$2" ; shift 2 ;;
-		-f|--configfile) configfile="$2" ; shift 2 ;;
-        -s|--passwdfile) CLO_PASSWDFILE="$2" ; shift 2 ;;
-        -b|--database) CLO_DATABASE="$2" ; shift 2 ;;
-		-a|--adminuser) CLO_ADMINUSER="$2" ; shift 2 ;;
-		--) shift ; break ;;
-		*) die "Internal error processing command line arguments" ;;
-	esac
+    case "$1" in
+        -c|--create-db)
+            op=create ; shift ;;
+        -r|--request-db)
+            op=request ; shift ;;
+        -p|--populate-db)
+            op=populate ; shift ;;
+        -u|--use-db)
+            op=use ; shift ;;
+        --memcached-servers)
+            CLO_MEMCACHED_SERVERS="$2" ; shift 2 ;;
+        --memcached-prefix)
+            CLO_MEMCACHED_PREFIX="$2" ; shift 2;;
+        --elasticsearch-server)
+            CLO_ELASTICSEARCH_SERVER="$2" ; shift 2 ;;
+        -m|--marcflavor)
+            CLO_ZEBRA_MARC_FORMAT="$2" ; shift 2 ;;
+        -l|--zebralang)
+            CLO_ZEBRA_LANGUAGE="$2" ; shift 2 ;;
+        -d|--defaultsql)
+            CLO_DEFAULTSQL="$2" ; shift 2 ;;
+        -f|--configfile)
+            configfile="$2" ; shift 2 ;;
+        -s|--passwdfile)
+            CLO_PASSWDFILE="$2" ; shift 2 ;;
+        -b|--database)
+            CLO_DATABASE="$2" ; shift 2 ;;
+        --dbhost)
+            CLO_DBHOST="$2" ; shift 2 ;;
+        -a|--adminuser)
+            CLO_ADMINUSER="$2" ; shift 2 ;;
+        --enable-sru)
+            ENABLE_SRU="yes" ; shift ;;
+        --sru-port)
+            SRU_SERVER_PORT="$2" ; shift 2 ;;
+        --template-cache-dir)
+            CLO_TEMPLATE_CACHE_DIR="$2" ; shift 2 ;;
+        --timezone)
+            CLO_TIMEZONE="$2" ; shift 2 ;;
+        --upload-path)
+            CLO_UPLOAD_PATH="$2" ; shift 2 ;;
+        --tmp-path)
+            CLO_TMP_PATH="$2" ; shift 2 ;;
+        --letsencrypt)
+            CLO_LETSENCRYPT="yes" ; shift ;;
+        -h|--help)
+            usage ; exit 0 ;;
+        --)
+            shift ; break ;;
+        *)
+            die "Internal error processing command line arguments" ;;
+    esac
 done
 
 # Load the configfile given on the command line
@@ -157,18 +487,78 @@ then
     PASSWDFILE="$CLO_PASSWDFILE"
 fi
 
+if [ "$CLO_TIMEZONE" != "" ]; then
+    TIMEZONE=$CLO_TIMEZONE
+fi
+
+if [ "${CLO_ELASTICSEARCH_SERVER}" != "" ]; then
+    ELASTICSEARCH_SERVER="${CLO_ELASTICSEARCH_SERVER}"
+fi
+
+if [ "$ENABLE_SRU" != "no" ]; then
+    enable_sru_server
+fi
+
+[ $# -ge 1 ] || ( usage ; die "Missing instance name..." )
+
 name="$1"
 
+set_upload_path $name
+set_tmp_path $name
+
+if [ "$op" = use ] && [ "$CLO_DATABASE" = "" ] &&
+   ( [ ! -f "$PASSWDFILE" ] || [ ! `cat $PASSWDFILE | grep "^$name:"` ] )
+then
+    cat <<NO_DB
+--use-db must have a database name. It can be specified in a readable
+password file ($PASSWDFILE). Using --passwdfile overrides the default
+/usr/koha/passwd file. Each line of a passwd file should be in the format of:
+    instance:username:password:dbname:dbhost
+A database name can also be specified using '--database dbname'.
+NO_DB
+    die;
+fi
+
+if [ "$USE_MEMCACHED" = "no" ]; then
+    MEMCACHED_SERVERS=""
+    MEMCACHED_NAMESPACE=""
+    MEMCACHED_PREFIX=""
+else
+    set_memcached $name
+fi
+
+# Set template cache dir
+if [ "$CLO_TEMPLATE_CACHE_DIR" != "" ]; then
+    TEMPLATE_CACHE_DIR="$CLO_TEMPLATE_CACHE_DIR"
+else
+    TEMPLATE_CACHE_DIR="$CACHE_DIR_BASE/$name/templates"
+fi
+
+# Are we root? If not, the mod_rewrite check will fail and be confusing, so
+# we look into this first.
+if [[ $UID -ne 0 ]]
+then
+    die "This script must be run with root privileges."
+fi
+
+# Check everything is ok with Apache, die otherwise
+check_apache_config
+
 opacdomain="$OPACPREFIX$name$OPACSUFFIX$DOMAIN"
 intradomain="$INTRAPREFIX$name$INTRASUFFIX$DOMAIN"
 
+# Check everything is ok with letsencrypt, die otherwise
+if [ "$CLO_LETSENCRYPT" = "yes" ]; then
+    check_letsencrypt
+fi
 
-if [ `cat $PASSWDFILE | grep "^$name:"` ]
+if [ -f $PASSWDFILE ] && [ `cat $PASSWDFILE | grep "^$name:"` ]
 then
     passwdline=`cat $PASSWDFILE | grep "^$name:"`
     mysqluser=`echo $passwdline | cut -d ":" -f 2`
     mysqlpwd=`echo $passwdline | cut -d ":" -f 3`
     mysqldb=`echo $passwdline | cut -d ":" -f 4`
+    mysqlhost=`echo $passwdline | cut -d ":" -f 5`
 fi
 
 # The order of precedence for MySQL database name is:
@@ -177,6 +567,7 @@ if [ "$mysqldb" = "" ]
 then
     mysqldb="koha_$name"
 fi
+
 if [ "$CLO_DATABASE" != "" ]
 then
     mysqldb="$CLO_DATABASE"
@@ -186,13 +577,23 @@ if [ "$mysqluser" = "" ]
 then
     mysqluser="koha_$name"
 fi
-mysqlhost="$(getmysqlhost)"
+
+if [ "$CLO_DBHOST" != "" ]
+then
+    mysqlhost="$CLO_DBHOST"
+fi
+
+if [ "$mysqlhost" = "" ]
+then
+    mysqlhost="$(getmysqlhost)"
+fi
 
 if [ "$op" = create ] || [ "$op" = request ] || [ "$op" = use ]
 then
     if [ "$mysqlpwd" = "" ]
     then
-        mysqlpwd="$(pwgen -1)"
+        mysqlpwd="$(pwgen -s 15 1)"
+        mysqlpwd="$mysqlpwd@"
     fi
 else
     mysqlpwd="$(getinstancemysqlpassword $name)"
@@ -220,30 +621,35 @@ then
     koha-create-dirs "$name"
 
     # Generate Zebra database password.
-    zebrapwd="$(pwgen -s 12 1)"
+    zebrapwd="$(pwgen -s 16 1)"
+    # Future enhancement: make this configurable for when your db is on
+    # another server.
+    mysql_hostname="localhost"
     # Set up MySQL database for this instance.
     if [ "$op" = create ]
     then
-        mysql --defaults-extra-file=/etc/mysql/koha-common.cnf <<eof
+        if [ ! -e /etc/mysql/debian.cnf ]; then
+            MYSQL_OPTIONS="-u root"
+            echo "WARNING: The koha-common.cnf file is a dead soft link!"
+        else
+            MYSQL_OPTIONS="--defaults-extra-file=/etc/mysql/koha-common.cnf"
+        fi
+        mysql $MYSQL_OPTIONS <<eof
 CREATE DATABASE \`$mysqldb\`;
-CREATE USER \`$mysqluser\`@'%' IDENTIFIED BY '$mysqlpwd';
-GRANT ALL PRIVILEGES ON \`$mysqldb\`.* TO \`$mysqluser\`;
-FLUSH PRIVILEGES;
-eof
-    fi #`
-
-    if [ "$op" = use ]
-    then
-        mysql --defaults-extra-file=/etc/mysql/koha-common.cnf --force <<eof
-CREATE USER \`$mysqluser\`@'%' IDENTIFIED BY '$mysqlpwd';
-GRANT ALL PRIVILEGES ON \`$mysqldb\`.* TO \`$mysqluser\`;
+CREATE USER \`$mysqluser\`@'$mysql_hostname' IDENTIFIED BY '$mysqlpwd';
+GRANT ALL PRIVILEGES ON \`$mysqldb\`.* TO \`$mysqluser\`@'$mysql_hostname';
 FLUSH PRIVILEGES;
 eof
     fi #`
 
+    if [ "$CLO_LETSENCRYPT" = "yes" ]; then
+        APACHE_CONFIGFILE="apache-site-https.conf.in"
+    else
+        APACHE_CONFIGFILE="apache-site.conf.in"
+    fi
     # Generate and install Apache site-available file and log dir.
-    generate_config_file apache-site.conf.in \
-        "/etc/apache2/sites-available/$name"
+    generate_config_file $APACHE_CONFIGFILE \
+        "/etc/apache2/sites-available/$name.conf"
     mkdir "/var/log/koha/$name"
     chown "$username:$username" "/var/log/koha/$name"
 
@@ -252,17 +658,18 @@ eof
     generate_config_file koha-conf-site.xml.in \
         "/etc/koha/sites/$name/koha-conf.xml"
 
+    # Generate and install the log4perl config file.
+    generate_config_file log4perl-site.conf.in \
+        "/etc/koha/sites/$name/log4perl.conf"
+
     # Generate and install Zebra config files.
-    generate_config_file zebra-biblios-site.cfg.in \
-        "/etc/koha/sites/$name/zebra-biblios.cfg"
-    generate_config_file zebra-authorities-site.cfg.in \
-        "/etc/koha/sites/$name/zebra-authorities.cfg"
+    generate_config_file zebra-biblios-dom-site.cfg.in \
+        "/etc/koha/sites/$name/zebra-biblios-dom.cfg"
     generate_config_file zebra-authorities-dom-site.cfg.in \
         "/etc/koha/sites/$name/zebra-authorities-dom.cfg"
     generate_config_file zebra.passwd.in \
         "/etc/koha/sites/$name/zebra.passwd"
 
-
     # Create a GPG-encrypted file for requesting a DB to be set up.
     if [ "$op" = request ]
     then
@@ -297,13 +704,13 @@ then
     if [ -e "$DEFAULTSQL" ]
     then
         # Populate the database with default content.
-        zcat "$DEFAULTSQL" |
-        sed "s/__KOHASITE__/$name/g" |
+        zcat -f "$DEFAULTSQL" |
+        sed "s/__KOHASITE__/koha_$name/g" |
         mysql --host="$mysqlhost" --user="$mysqluser" --password="$mysqlpwd" "$mysqldb"
 
 
         # Change the default user's password.
-        staffpass="$(pwgen -1)"
+        staffpass="$(pwgen 12 1)"
         staffdigest=$(echo -n "$staffpass" |
                       perl -e '
                             use Digest::MD5 qw(md5_base64); 
@@ -330,11 +737,28 @@ fi
 if [ "$op" = create ] || [ "$op" = populate ] || [ "$op" = use ]
 then
     # Reconfigure Apache.
-    a2ensite "$name"
+    if ! {
+        a2ensite "$name" > /dev/null 2>&1 ||
+            a2ensite "${name}.conf" > /dev/null 2>&1
+    }; then
+        echo "Warning: problem enabling $name in Apache" >&2
+    fi
     service apache2 restart
 
     # Start Zebra.
-    koha-start-zebra "$name"
+    koha-zebra --start "$name"
+
+    if [ "$USE_INDEXER_DAEMON" = "yes" ]; then
+        # Start Indexer daemon
+        koha-indexer --start "$name"
+    fi
+
+    if [ "$CLO_LETSENCRYPT" = "yes" ]; then
+        # Get letsencrypt certificates
+        letsencrypt_instance
+    fi
+
+    chown $username:$username /var/log/koha/$name/*.log
 fi