Cleaned history.

8050be13 · Stéphane Diemer · 8050be13 · 8050be13 · 8050be13 · 8050be13
Commit 8050be13 authored 8 years ago by Stéphane Diemer
--- a/.gitignore
+++ b/.gitignore
+*.py[cod]
+
+# C extensions
+*.so
+
+# Packages
+*.egg
+*.egg-info
+dist
+build
+eggs
+parts
+bin
+var
+sdist
+develop-eggs
+.installed.cfg
+lib
+lib64
+__pycache__
+
+# Installer logs
+pip-log.txt
+
+# Unit test / coverage reports
+.coverage
+.tox
+nosetests.xml
+
+local_conf.py
--- a/1.Utilities/0_setup.py
+++ b/1.Utilities/0_setup.py
+#!/usr/bin/python3
+# -*- coding: utf-8 -*-
+import os
+
+import utils
+
+
+def setup(interactive=True):
+    cmds = [
+        'apt-get update',
+        'apt-get install --yes make ipython ipython3 vim netcat git htop iotop bmon host munin munin-node pciutils ntp nfs-client smartmontools',
+        '[ -f ~/.vimrc ] || echo "color ron" > ~/.vimrc',
+    ]
+    utils.run_commands(cmds)
+    # Add settings in bashrc
+    lines = '''
+# Colors
+alias ls='ls --color=auto'
+alias grep='grep --color=auto'
+alias fgrep='fgrep --color=auto'
+alias egrep='egrep --color=auto'
+# PS
+PS1='${debian_chroot:+($debian_chroot)}\\[\\033[01;32m\\]\\u@\\h\\[\\033[00m\\]:\\[\\033[01;34m\\]\\w\\[\\033[00m\\]\\$ '
+# ls
+alias ll='ls -alF'
+alias la='ls -A'
+alias l='ls -CF'
+# system
+alias lskernels='dpkg --get-selections | grep linux'
+alias lspackages='dpkg --get-selections'
+alias swapclear='sudo swapoff -a && sudo swapon -a'
+alias full-upgrade='sudo apt-get update && sudo apt-get dist-upgrade -y'
+alias aptud='sudo apt-get update'
+alias aptug='sudo apt-get upgrade'
+# python
+alias rmpyc='find . -name *.pyc -type f -delete && find . -name __pycache__ -type d -delete'
+    '''
+    bashrc_path = os.path.expanduser('~/.bashrc')
+    bashrc = ''
+    if os.path.exists(bashrc_path):
+        with open(bashrc_path, 'r') as fd:
+            bashrc = fd.read()
+    new_bashrc = bashrc.replace('#force_color_prompt=yes', 'force_color_prompt=yes')
+    for line in lines.split('\n'):
+        line = line.strip()
+        if '=' in line:
+            name = line.split('=')[0] + '='
+            if name not in new_bashrc:
+                new_bashrc += '\n' + line
+    if new_bashrc != bashrc:
+        new_bashrc += '\n'
+        with open(bashrc_path, 'w') as fd:
+            fd.write(new_bashrc)
+        utils.log('bashrc file updated: %s' % bashrc_path)
+    utils.log('bashrc file up to date.')
--- a/100.--- Client configuration & testing ---/placeholder
+++ b/100.--- Client configuration & testing ---/placeholder
--- a/101.Apply_client_configuration/0_setup.sh
+++ b/101.Apply_client_configuration/0_setup.sh
+#!/bin/bash
+source /root/envsetup/envsetup.conf
+
+echo -e "
+${RED}Customer parameters will be applied after rebooting. Note that you won't be able to login to the machine after this operation !${NC}"	
+
+# set customer IP (/etc/network/interfaces)
+sed -i "s@192\.168\.40\.10.*@${CUST_IP}@" /etc/network/interfaces
+sed -i "s@255\.255\.252\..*@${CUST_NETMASK}@" /etc/network/interfaces
+sed -i "s@192\.168\.40\..*@${CUST_GATEWAY}@" /etc/network/interfaces
+
+# backup-server specific
+if ( test -f /usr/sbin/burp )
+then
+# changer burp status IP
+sed -i "s@^CUST_BURP_MAIL_DEST=.*@CUST_BURP_MAIL_DEST=${CUST_BURP_MAIL_DEST}@" /root/burp-custom.sh
+sed -i "s@admin: .*@admin: ${CUST_BURP_MAIL_DEST}" /etc/aliases
+newaliases
+fi
+
+# set customer DNS
+echo "nameserver ${CUST_NS1}" > /etc/resolv.conf
+echo "nameserver ${CUST_NS2}" >> /etc/resolv.conf
+
+# set customer NTP
+sed -i "s@^server .*@@" /etc/ntp.conf
+echo "" >> /etc/ntp.conf
+echo "server ${CUST_NTP1}" >> /etc/ntp.conf
+
+if ( ! test -z ${CUST_NTP2} )
+then
+echo "server ${CUST_NTP2}" >> /etc/ntp.conf
+fi
+
+if ( ! test -z ${CUST_NTP3} )
+then
+echo "server ${CUST_NTP3}" >> /etc/ntp.conf
+fi
+service ntp restart
+
+# proxy
+if [ ${PROXY} = "1" ]
+then
+	if [ ${PROXY_AUTHENTICATION} = "1" ]
+	then
+	# APT
+	echo "Acquire::http::Proxy \"http://${PROXY_USER}:${PROXY_PASSWD}@${PROXY_HTTP}:${PROXY_PORT}\";" > /etc/apt/apt.conf.d/proxy
+	echo "Acquire::https::Proxy \"http://${PROXY_USER}:${PROXY_PASSWD}@${PROXY_HTTP}:${PROXY_PORT}\";" >> /etc/apt/apt.conf.d/proxy
+	# /etc/environment
+	echo "http_proxy=\"http://${PROXY_USER}:${PROXY_PASSWD}@${PROXY_HTTP}:${PROXY_PORT}\"" >> /etc/environment
+	echo "https_proxy=\"http://${PROXY_USER}:${PROXY_PASSWD}@${PROXY_HTTP}:${PROXY_PORT}\"" >> /etc/environment
+	else
+	# APT
+	echo "Acquire::http::Proxy \"http://${PROXY_HTTP}:${PROXY_PORT}\";" > /etc/apt/apt.conf.d/proxy
+	echo "Acquire::https::Proxy \"http://${PROXY_HTTP}:${PROXY_PORT}\";" >> /etc/apt/apt.conf.d/proxy
+	# /etc/environment
+	echo "http_proxy=\"http://${PROXY_HTTP}:${PROXY_PORT}\"" >> /etc/environment
+	echo "https_proxy=\"http://${PROXY_HTTP}:${PROXY_PORT}\"" >> /etc/environment
+	fi
+fi
+
+# MS specific
+if ( test -d /usr/local/WowzaStreamingEngine )
+then
+if [ ${PROXY} = "1" ]
+then
+# wowza
+NB=$(grep -n 'Properties defined here will be added to the IServer.getProperties()' /usr/local/WowzaStreamingEngine/conf/Server.xml | awk -F ":" '{print$1}')
+NB_1=$(( ${NB} + 1 ))
+NB_MAX=$(wc -l /usr/local/WowzaStreamingEngine/conf/Server.xml | awk '{print$1}')
+	if [ ${PROXY_AUTHENTICATION} = "1" ]
+	then
+	sed -i "${NB_1},${NB_MAX}d" /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Properties>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Name>licenseServerProxyAddress</Name>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Value>${PROXY_HTTP}</Value>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "</Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Name>licenseServerProxyPort</Name>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Value>${PROXY_PORT}</Value>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Type>Integer</Type>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "</Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Name>licenseServerProxyUsername</Name>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Value>${PROXY_USER}</Value>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "</Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Name>licenseServerProxyPassword</Name>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Value>${PROXY_PASSWD}</Value>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "</Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "</Properties>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "</Server>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "</Root>	" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	else
+	sed -i "${NB_1},${NB_MAX}d" /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Properties>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Name>licenseServerProxyAddress</Name>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Value>${PROXY_HTTP}</Value>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "</Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Name>licenseServerProxyPort</Name>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Value>${PROXY_PORT}</Value>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "<Type>Integer</Type>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "</Property>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "</Properties>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "</Server>" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	echo "</Root>	" >> /usr/local/WowzaStreamingEngine/conf/Server.xml
+	fi
+fi
+fi
+
+# set DEFAULT_FROM_EMAIL
+if ( ! test -z ${DEFAULT_FROM_EMAIL} )
+then
+echo "#DEFAULT_FROM_EMAIL = '${DEFAULT_FROM_EMAIL}'" >> /etc/mediaserver/msconf.py
+echo "#DEFAULT_FROM_EMAIL = '${DEFAULT_FROM_EMAIL}'" >> /home/skyreach/htdocs/skyreach_site/settings_override.py
+fi
+
+# set locale
+if [ ${CUST_LOCALE} != 'FR' ]
+then
+echo -e "${CYAN}You will now change the locales.${NC}"
+locale-gen en_GB
+locale-gen en_GB.UTF-8
+dpkg-reconfigure locales
+#~dpkg-reconfigure console-data
+dpkg-reconfigure keyboard-configuration
+update-locale LANG=en_GB.UTF-8 LANGUAGE=en_GB.UTF-8 LC_ALL=en_GB.UTF-8 LC_MESSAGES=en_GB.UTF-8
+fi
+
+# set TZ
+if [ ${CUST_TZ} != 'FR' ]
+then
+echo -e "${CYAN}You will now change the time zone.${NC}"
+dpkg-reconfigure tzdata
+fi
--- a/102.Run_tests/0_setup.sh
+++ b/102.Run_tests/0_setup.sh
+#!/bin/bash
+source /root/envsetup/envsetup.conf
+
+# generate post-deployment conf file
+echo "SOURCES.LIST" > /root/deployment.results
+cat /etc/apt/sources.list | grep ^deb >> /root/deployment.results
+echo "" >> /root/deployment.results
+
+echo "SOURCES.LIST - PANEL" >> /root/deployment.results
+cat /etc/apt/sources.list.d/skyreach.list >> /root/deployment.results
+echo "" >> /root/deployment.results
+
+echo "NETWORK" >> /root/deployment.results
+cat /etc/network/interfaces | grep -v '#' >> /root/deployment.results
+echo "" >> /root/deployment.results
+
+echo "RUNNING NETWORK" >> /root/deployment.results
+ifconfig >> /root/deployment.results
+echo "" >> /root/deployment.results
+
+echo "DNS" >> /root/deployment.results
+cat /etc/resolv.conf >> /root/deployment.results
+echo "" >> /root/deployment.results
+
+echo "NGINX" >> /root/deployment.results
+grep server_name /etc/nginx/sites-enabled/* | uniq >> /root/deployment.results
+echo "" >> /root/deployment.results
+
+echo "RTMP" >> /root/deployment.results
+cat /etc/hca/rtmp.ini | grep -v '#' >> /root/deployment.results
+echo "" >> /root/deployment.results
+
+echo "SERVICES" >> /root/deployment.results
+echo "mediaserver $(service mediaserver status | grep Active)" >> /root/deployment.results
+echo "WowzaStreamingEngine $(service WowzaStreamingEngine status | grep Active)" >> /root/deployment.results
+echo "apt-cacher-ng $(service apt-cacher-ng status | grep Active)" >> /root/deployment.results
+echo "campus-manager $(service campus-manager status | grep Active)" >> /root/deployment.results
+echo "celerity-server $(service celerity-server status | grep Active)" >> /root/deployment.results
+echo "msmonitor $(service msmonitor status | grep Active)" >> /root/deployment.results
+echo "munin-node $(service munin-node status | grep Active)" >> /root/deployment.results
+echo "mysql $(service mysql status | grep Active)" >> /root/deployment.results
+echo "nginx $(service nginx status | grep Active)" >> /root/deployment.results
+echo "postfix $(service postfix status | grep Active)" >> /root/deployment.results
+echo "ssh $(service ssh status | grep Active)" >> /root/deployment.results
+echo "uwsgi $(service uwsgi status | grep Active)" >> /root/deployment.results
+echo "" >> /root/deployment.results
+
+cat /root/deployment.results | mail -aFrom:${DEFAULT_FROM_EMAIL} -s "$(hostname) deployed configuration" deployment@ubicast.eu
+echo -e "${CYAN}A mail has been sent to deployment@ubicast.eu${NC}"
--- a/103.Configure_client_smtp/0_setup.sh
+++ b/103.Configure_client_smtp/0_setup.sh
+#!/bin/bash
+source /root/envsetup/envsetup.conf
+
+# set SMTP
+if ( ! test -z ${CUST_SMTP} )
+then
+sed -i "s@relayhost = .*@relayhost = ${CUST_SMTP}@" /etc/postfix/main.cf
+fi
--- a/104.Apply_default_configuration/0_setup.sh
+++ b/104.Apply_default_configuration/0_setup.sh
+#!/bin/bash
+source /root/envsetup/envsetup.conf
+
+# apply MS default network parameters
+sudo sed -i "s@address .*@address 192.168.1.10@" /etc/network/interfaces
+sudo sed -i "s@netmask .*@netmask 255.255.255.0@" /etc/network/interfaces
+sudo sed -i "s@gateway .*@gateway 192.168.1.1@" /etc/network/interfaces
+# add a specific user
+useradd -m msinstall
+echo -e "msinstall\nmsinstall" | (passwd -q msinstall)
+sed -i "s@/home/msinstall:@/home/msinstall:/bin/bash@" /etc/passwd
+# sudo
+usermod -aG sudo msinstall
+echo 'msinstall    ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
+# get MS_deploy
+mv /var/tmp/MS_deploy.sh /home/msinstall/MS_deploy.sh
+# correct rights
+chown msinstall:msinstall /home/msinstall/MS_deploy.sh
+echo "bash /home/msinstall/MS_deploy.sh" > /home/msinstall/.bash_profile
--- a/105.Insert_wowza_license/0_setup.sh
+++ b/105.Insert_wowza_license/0_setup.sh
+#!/bin/bash
+source /root/envsetup/envsetup.conf
+
+echo "Insert wowza license key :"
+read WOWZA_LICENSE2
+echo "${WOWZA_LICENSE2}" > /usr/local/WowzaStreamingEngine/conf/Server.license
+service WowzaStreamingEngine restart
+service WowzaStreamingEngineManager restart
--- a/2.System/0_setup.py
+++ b/2.System/0_setup.py
+#!/usr/bin/python3
+# -*- coding: utf-8 -*-
+import utils
+
+
+def setup(interactive=True):
+    # TODO: setup IP
+    dir_path = utils.get_dir(__file__)
+    cmds = [
+        # Locale
+        'locale-gen en_GB.UTF-8',
+        'update-locale LANG=en_GB.UTF-8 LANGUAGE=en_GB.UTF-8 LC_ALL=en_GB.UTF-8 LC_MESSAGES=en_GB.UTF-8',
+        # NTP
+        'echo "Replacing /etc/ntp.conf"',
+        dict(line='write', template='%s/ntp.conf' % dir_path, target='/etc/ntp.conf', params=(
+            ('{{ system_ntp }}', utils.get_conf('system_ntp', 'ntp.ubuntu.com')),
+        )),
+    ]
+    # Create / update ubicast account
+    cmds.append('echo "Checking ubicast account"')
+    code, out = utils.exec_cmd(['id', 'ubicast'], get_out=True)
+    if code != 0:
+        cmds.append('useradd -m -s /bin/bash ubicast')
+        out = ''
+    if 'sudo' not in out:
+        cmds.append('usermod -aG sudo ubicast')
+    # Add SSH key
+    cmds.append('echo "Checking ubicast and root SSH keys"')
+    # root
+    cmds.append('mkdir -p /root/.ssh')
+    cmds.append('chmod 700 /root/.ssh')
+    if utils.exec_cmd(['rgrep', 'support@ubicast', '/root/.ssh']) != 0:
+        cmds.append('cat "%s/ubicast_support.pub" >> /root/.ssh/authorized_keys' % dir_path)
+    # ubicast
+    cmds.append('mkdir -p /home/ubicast/.ssh')
+    cmds.append('chmod 700 /home/ubicast/.ssh')
+    if utils.exec_cmd(['rgrep', 'support@ubicast', '/home/ubicast/.ssh']) != 0:
+        cmds.append('cat "%s/ubicast_support.pub" >> /home/ubicast/.ssh/authorized_keys' % dir_path)
+    cmds.append('chown -R ubicast:ubicast /home/ubicast/.ssh')
+
+    utils.run_commands(cmds)
--- a/2.System/ntp.conf
+++ b/2.System/ntp.conf
+# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
+
+driftfile /var/lib/ntp/ntp.drift
+
+
+# Enable this if you want statistics to be logged.
+#statsdir /var/log/ntpstats/
+
+statistics loopstats peerstats clockstats
+filegen loopstats file loopstats type day enable
+filegen peerstats file peerstats type day enable
+filegen clockstats file clockstats type day enable
+
+# Specify one or more NTP servers.
+
+# Use servers from the NTP Pool Project. Approved by Ubuntu Technical Board
+# on 2011-02-08 (LP: #104525). See http://www.pool.ntp.org/join.html for
+# more information.
+server 0.ubuntu.pool.ntp.org
+server 1.ubuntu.pool.ntp.org
+server 2.ubuntu.pool.ntp.org
+server 3.ubuntu.pool.ntp.org
+
+# Use Ubuntu's ntp server as a fallback.
+server {{ system_ntp }}
+
+# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
+# details.  The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions>
+# might also be helpful.
+#
+# Note that "restrict" applies to both servers and clients, so a configuration
+# that might be intended to block requests from certain clients could also end
+# up blocking replies from your own upstream servers.
+
+# By default, exchange time with everybody, but don't allow configuration.
+restrict -4 default kod notrap nomodify nopeer noquery
+restrict -6 default kod notrap nomodify nopeer noquery
+
+# Local users may interrogate the ntp server more closely.
+restrict 127.0.0.1
+restrict ::1
+
+# Clients from this (example!) subnet have unlimited access, but only if
+# cryptographically authenticated.
+#restrict 192.168.123.0 mask 255.255.255.0 notrust
+
+
+# If you want to provide time to your local subnet, change the next line.
+# (Again, the address is an example only.)
+#broadcast 192.168.123.255
+
+# If you want to listen to time broadcasts on your local subnet, de-comment the
+# next lines.  Please do this only if you trust everybody on the network!
+#disable auth
+#broadcastclient
\ No newline at end of file
--- a/2.System/ubicast_support.pub
+++ b/2.System/ubicast_support.pub
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCr2IJlzvLlLxa2PyGhydAlz/PAOj240g8anQmY58X+llirLHIOlkdJXBqf94jAeZkweWpoE41RdmKPUQEz4pCO09dGJaZD4lv1NtDhrhNwTmoOnyFckoPimR6DX6+UMM9wUmfti/ytljbVEVVo/pRacXmczeumDaci3uYTURyliuAR9h3zbIMQ6D2COESXjptWmEwawE9grsTfJi84Q+XIBPvXRHjjceB5hejUMWuf7xc6GH9WIo5REh3qTUvgtxHtIGLQ3ImOzrbCsEhENrBWds0qH0pIuH0lykWGR6pumpPxLzXcVho+e/UJgUrEg5u6/58aizqJTkxFJMa8ciYz support@ubicast
\ No newline at end of file
--- a/20.--- Configuration ---/placeholder
+++ b/20.--- Configuration ---/placeholder
--- a/200.--- Deprecated ---/placeholder
+++ b/200.--- Deprecated ---/placeholder
--- a/201.deprecated - FTP/0_setup.py
+++ b/201.deprecated - FTP/0_setup.py
+#!/usr/bin/python3
+# -*- coding: utf-8 -*-
+import os
+
+import utils
+
+
+def setup(interactive=True):
+    dir_path = utils.get_dir(__file__)
+    pwd_path = '/etc/pure-ftpd/pureftpd.passwd'
+    # Get passwords
+    ftpincoming = utils.get_conf('ftp_ftpincoming')
+    ftpmsuploader = utils.get_conf('ftp_ftpmsuploader')
+    ftpstorage = utils.get_conf('ftp_ftpstorage')
+    ftpadmin = utils.get_conf('ftp_ftpadmin')
+    if not ftpincoming or not ftpmsuploader or not ftpstorage or not ftpadmin:
+        raise Exception('Some passwords for FTP accounts are missing.\nPlease add them in the configuration file for EnvSetup script.')
+    # Run commands
+    cmds = [
+        'apt-get install --yes pure-ftpd python3-unidecode',
+        dict(line='adduser --disabled-login --gecos "" --shell /bin/false ftp', cond='id ftp', cond_neg=True, cond_skip=True),
+        'mkdir -p /home/ftp/storage',
+        'mkdir -p /home/ftp/storage/incoming',
+        'mkdir -p /home/ftp/storage/msuploads',
+        'mkdir -p /home/ftp/storage/www',
+        'chmod -R 775 /home/ftp/storage/incoming',
+        'chmod -R 777 /home/ftp/storage/msuploads',
+        'chmod -R 775 /home/ftp/storage/www',
+        'chown -R ftp:ftp /home/ftp/storage',
+        'mkdir -p /var/www',
+        'ln -sfn /home/ftp/storage/www /var/www/videos',
+        # Config
+        'echo "no" > /etc/pure-ftpd/conf/AllowDotFiles',
+        'echo "yes" > /etc/pure-ftpd/conf/CallUploadScript',
+        'echo "yes" > /etc/pure-ftpd/conf/ChrootEveryone',
+        'echo "yes" > /etc/pure-ftpd/conf/DontResolve',
+        'echo "no" > /etc/pure-ftpd/conf/PAMAuthentication',
+        # Post upload script
+        'cp "%s/on_ftp_upload.py" /home/ftp/on_ftp_upload.py' % dir_path,
+        'chown ftp:ftp /home/ftp/on_ftp_upload.py',
+        'chmod +x /home/ftp/on_ftp_upload.py',
+        'pure-uploadscript -p /home/ftp/.on_upload.pid -B -g $(id -g ftp) -r /home/ftp/on_ftp_upload.py -u $(id -u ftp)',
+        'cp "%s/pure-ftpd-common" /etc/default/pure-ftpd-common.tmp' % dir_path,
+        'sed "s/UPLOADUID=UID/UPLOADUID=$(id -u ftp)/g" /etc/default/pure-ftpd-common.tmp > /etc/default/pure-ftpd-common.tmp2',
+        'mv -f /etc/default/pure-ftpd-common.tmp2 /etc/default/pure-ftpd-common.tmp',
+        'sed "s/UPLOADGID=GID/UPLOADGID=$(id -g ftp)/g" /etc/default/pure-ftpd-common.tmp > /etc/default/pure-ftpd-common.tmp2',
+        'mv -f /etc/default/pure-ftpd-common.tmp2 /etc/default/pure-ftpd-common',
+        'rm -f /etc/default/pure-ftpd-common.tmp',
+        'cp "%s/remove_empty_dirs.py" /etc/cron.hourly/remove_empty_dirs.py' % dir_path,
+        # Create FTP accounts
+        '([ -f "%s" ] || [ -f "%s" ] && cp "%s" "%s") || true' % (pwd_path + '.back', pwd_path, pwd_path, pwd_path + '.back'),
+        '([ -f "%s" ] && mv -f "%s" pureftpd.passwd.tmp) || true' % (pwd_path, pwd_path),
+        '"%s/create_account.sh" ftpincoming "%s" /home/ftp/storage/incoming' % (dir_path, ftpincoming),
+        '"%s/create_account.sh" ftpmsuploader "%s" /home/ftp/storage/msuploads' % (dir_path, ftpmsuploader),
+        '"%s/create_account.sh" ftpstorage "%s" /home/ftp/storage/www' % (dir_path, ftpstorage),
+        '"%s/create_account.sh" ftpadmin "%s" /home/ftp/storage' % (dir_path, ftpadmin),
+        'rm -f pureftpd.passwd.tmp',
+        'pure-pw mkdb',
+        'ln -sfn /etc/pure-ftpd/conf/PureDB /etc/pure-ftpd/auth/50puredb',
+        '/etc/init.d/pure-ftpd force-reload',
+    ]
+    try:
+        utils.run_commands(cmds)
+    except Exception:
+        raise
+    finally:
+        # Restore password conf if required
+        if os.path.exists('pureftpd.passwd.tmp'):
+            os.rename('pureftpd.passwd.tmp', pwd_path)
--- a/201.deprecated - FTP/create_account.sh
+++ b/201.deprecated - FTP/create_account.sh
+#!/bin/bash
+
+# Usage: create_account.sh username password home
+echo -e "$2\n$2" | pure-pw useradd $1 -u ftp -d $3
--- a/201.deprecated - FTP/on_ftp_upload.py
+++ b/201.deprecated - FTP/on_ftp_upload.py
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+import logging
+import os
+import shutil
+import sys
+import unicodedata
+# command line
+# pure-uploadscript -p /home/ftp/.on_ftp_upload.pid -B -g 1001 -r /home/ftp/on_ftp_upload.py -u 1001
+
+BASE_DIR = '/home/ftp/storage/'
+INCOMING_DIR = BASE_DIR + 'incoming/'
+WWW_DIR = BASE_DIR + 'www/'
+ALLOWED_CHARS = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-.'
+
+LOG_FILE = '/home/ftp/on_ftp_upload.log'
+LOG_LEVEL = 'INFO'
+
+
+def clean_name(name):
+    # strip accents and replace non allowed characters
+    return ''.join((c if c in ALLOWED_CHARS else '_') for c in unicodedata.normalize('NFD', name) if unicodedata.category(c) != 'Mn')
+
+
+if __name__ == '__main__':
+    # setup logging
+    logging.basicConfig(
+        filename=LOG_FILE,
+        format='%(asctime)s %(name)-12s %(levelname)-8s %(message)s',
+        level=getattr(logging, LOG_LEVEL),
+    )
+
+    try:
+        logging.debug('Starting script')
+
+        if len(sys.argv) < 2:
+            logging.info('Not enough arguments')
+            sys.exit(1)
+
+        src_path = sys.argv[1]
+        if not src_path.startswith(BASE_DIR):
+            logging.info('File %s will not be moved because it is not in base dir', src_path)
+            sys.exit(0)
+
+        # remove special characters
+        name = os.path.basename(src_path)
+        new_name = clean_name(name)
+        if name != new_name:
+            new_path = os.path.join(os.path.dirname(src_path), new_name)
+            os.rename(src_path, new_path)
+            logging.info('File %s has been renamed to %s', src_path, new_path)
+            src_path = new_path
+
+        # move file
+        if not src_path.startswith(INCOMING_DIR):
+            logging.info('File %s will not be moved because it is not in the incoming dir', src_path)
+            sys.exit(0)
+
+        dest_path = src_path.replace(INCOMING_DIR, WWW_DIR)
+        if not os.path.exists(os.path.dirname(dest_path)):
+            os.system('mkdir -p -m 775 "%s"' % os.path.dirname(dest_path))
+
+        shutil.move(src_path, dest_path)
+        logging.info('File moved %s', src_path)
+    except Exception as e:
+        logging.error('Failed to move file %s. Error: %s', src_path, e)
+        sys.exit(1)
+    else:
+        sys.exit(0)
--- a/201.deprecated - FTP/pure-ftpd-common
+++ b/201.deprecated - FTP/pure-ftpd-common
+# Configuration for pure-ftpd
+# (this file is sourced by /bin/sh, edit accordingly)
+
+# STANDALONE_OR_INETD
+# valid values are "standalone" and "inetd".
+# Any change here overrides the setting in debconf.
+STANDALONE_OR_INETD=standalone
+
+# VIRTUALCHROOT:
+# whether to use binary with virtualchroot support
+# valid values are "true" or "false" 
+# Any change here overrides the setting in debconf.
+VIRTUALCHROOT=false
+
+# UPLOADSCRIPT: if this is set and the daemon is run in standalone mode,
+# pure-uploadscript will also be run to spawn the program given below
+# for handling uploads. see /usr/share/doc/pure-ftpd/README.gz or
+# pure-uploadscript(8)
+
+# example: UPLOADSCRIPT=/usr/local/sbin/uploadhandler.pl
+UPLOADSCRIPT=/home/ftp/on_ftp_upload.py
+
+# if set, pure-uploadscript will spawn $UPLOADSCRIPT running as the
+# given uid and gid
+UPLOADUID=UID
+UPLOADGID=GID
--- a/201.deprecated - FTP/remove_empty_dirs.py
+++ b/201.deprecated - FTP/remove_empty_dirs.py
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+'''
+Script to remove empty dirs from FTP incoming dir.
+'''
+import datetime
+import os
+import shutil
+import sys
+import traceback
+
+
+INCOMING_DIR = '/home/ftp/storage/incoming/'
+DAYS_OLD = 1
+
+
+def _can_be_removed(path):
+    if not os.path.isdir(path):
+        return False
+    for name in os.listdir(path):
+        subpath = os.path.join(path, name)
+        if not _can_be_removed(subpath):
+            return False
+    mtime = os.path.getmtime(path)
+    mtime = datetime.datetime.fromtimestamp(mtime)
+    if mtime < datetime.datetime.now() - datetime.timedelta(days=DAYS_OLD):
+        return True
+    return False
+
+
+if __name__ == '__main__':
+    script_name = os.path.basename(__file__)
+    try:
+        if not os.path.isdir(INCOMING_DIR):
+            print('%s: The FTP incoming dir does not exist (%s).' % (script_name, INCOMING_DIR))
+            sys.exit(1)
+
+        for name in os.listdir(INCOMING_DIR):
+            path = os.path.join(INCOMING_DIR, name)
+            if _can_be_removed(path):
+                shutil.rmtree(path)
+                print('%s: Dir "%s" removed.' % (script_name, path))
+    except Exception:
+        print('%s: Script crashed:\n%s' % (script_name, traceback.format_exc()))
+        sys.exit(1)
--- a/202.test envsetup/0_setup.sh
+++ b/202.test envsetup/0_setup.sh
+#!/bin/bash
+pwd
--- a/21.Initialize_environment/0_setup.sh
+++ b/21.Initialize_environment/0_setup.sh
+#!/bin/bash
+source /root/envsetup/envsetup.conf
+
+# hostname
+echo "127.0.0.1       ${ETC_HOSTNAME}" >> /etc/hosts
+echo ${ETC_HOSTNAME} > /etc/hostname
+
+# DNS
+cat > /etc/resolv.conf << EOF
+search ubicast.net
+nameserver 192.168.40.3
+nameserver 192.168.40.2
+nameserver 192.168.40.6
+EOF
+
+# set ubicast account pwd
+echo -e "${UBICAST_PASSWD}\n${UBICAST_PASSWD}" | (passwd -q ubicast)
+
+# create admin account
+useradd -m admin --shell /bin/bash 
+echo -e "${SHELL_PWD}\n${SHELL_PWD}" | (passwd -q admin)
+usermod -aG sudo admin
+
+# migrate to Ubuntu 16.04 / apply sources.list
+if [ $(cat /etc/lsb-release | grep DISTRIB_RELEASE | awk -F "=" '{print$2}') = "16.04" ]
+then
+cp sources16.list /etc/apt/sources.list
+# Ubuntu 14.04
+else
+apt-get update && apt-get upgrade -y
+cp sources16.list /etc/apt/sources.list
+apt-get update
+DEBIAN_FRONTEND=noninteractive /usr/bin/apt-get dist-upgrade -o Dpkg::Options::="--force-confold" --force-yes -y
+fi
+
+# màj
+apt-get update && apt-get install -y aptitude && aptitude upgrade -y
+aptitude install -y apt-transport-https pwgen ntpdate
+
+# modify sources.list to use ubicast cache
+grep ${CACHE} /etc/apt/sources.list
+if [ $? = 1 ]
+then
+sed -i "s@http://@http://${CACHE}/@" /etc/apt/sources.list
+fi
+
+# APT panel
+wget -q https://${PANEL}/media/public.gpg -O- | sudo apt-key add -
+echo "deb https://${PANEL} packaging/apt/${API}/" > /etc/apt/sources.list.d/skyreach.list
+aptitude update
+
+# unattended-upgrades
+aptitude install -y unattended-upgrades
+sed -i 's@//Unattended-Upgrade::Mail "root";@Unattended-Upgrade::Mail "root";@' /etc/apt/apt.conf.d/50unattended-upgrades
+sed -i 's@//*.*"vim";@"mysql-server";@' /etc/apt/apt.conf.d/50unattended-upgrades
+sed -i 's@//*.*"libc6";@"mysql-client";@' /etc/apt/apt.conf.d/50unattended-upgrades
+# configure frequence
+cat >  /etc/apt/apt.conf.d/10periodic << EOF
+APT::Periodic::Update-Package-Lists "1";
+APT::Periodic::Download-Upgradeable-Packages "1";
+APT::Periodic::AutocleanInterval "7";
+APT::Periodic::Unattended-Upgrade "1";
+EOF
+
+# resolvconf
+aptitude purge -y resolvconf