Some minor changes.
This commit is contained in:
parent
1b356ebce1
commit
0712a8fbad
@ -933,7 +933,9 @@ echo
|
||||
echo -e "\033[37m\033[1mSome pre-installation stuff..\033[m"
|
||||
echo
|
||||
|
||||
echononl "Backup crontab"
|
||||
cron_root_is_empty=false
|
||||
echononl "Backup crontab.."
|
||||
if [[ $(crontab -u root -l 2> /dev/null | wc -c) -gt 0 ]] ; then
|
||||
crontab -u root -l > ${crontab_backup_file} 2> $log_file
|
||||
if [[ "$?" = "0" ]]; then
|
||||
echo_ok
|
||||
@ -941,16 +943,23 @@ else
|
||||
echo_failed
|
||||
error "$(cat $log_file)"
|
||||
fi
|
||||
else
|
||||
cron_root_is_empty=true
|
||||
echo_skipped
|
||||
fi
|
||||
|
||||
echononl "Disable crontab for user root"
|
||||
if ! ${cron_root_is_empty} ; then
|
||||
crontab -r -u root > ${log_file} 2>&1
|
||||
if [[ "$?" = "0" ]]; then
|
||||
echo_ok
|
||||
else
|
||||
echo_failed
|
||||
error "$(cat $tmp_err_msg)"
|
||||
error "$(cat $log_file)"
|
||||
fi
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
|
||||
|
||||
blank_line
|
||||
|
||||
@ -1285,11 +1294,7 @@ else
|
||||
|
||||
fi
|
||||
|
||||
|
||||
|
||||
echo
|
||||
echo -e "\033[37m\033[1mInstalling Keycloak Server..\033[m"
|
||||
echo
|
||||
blank_line
|
||||
|
||||
echononl "Create the Keycloak (system) group.."
|
||||
if cat /etc/group | grep -e "^${KEYCLOAK_GROUP}:" > /dev/null 2>&1 ; then
|
||||
@ -1317,6 +1322,7 @@ else
|
||||
fi
|
||||
fi
|
||||
|
||||
blank_line
|
||||
|
||||
echononl "Download the latest version (${KEYCLOAK_VERSION}) of the Keycloak Server.."
|
||||
if [[ ! -f "${working_dir}/${DOWNLOAD_ARCHIVE}" ]]; then
|
||||
@ -1336,37 +1342,6 @@ echo
|
||||
echo -e "\033[37m\033[1mInstalling Keycloak Service..\033[m"
|
||||
echo
|
||||
|
||||
|
||||
echononl "Create the Keycloak (system) group.."
|
||||
if cat /etc/group | grep -e "^${KEYCLOAK_GROUP}:" > /dev/null 2>&1 ; then
|
||||
echo_skipped
|
||||
else
|
||||
groupadd -r ${KEYCLOAK_GROUP} > "$log_file" 2>&1
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo_failed
|
||||
error "$(cat "$log_file")"
|
||||
else
|
||||
echo_ok
|
||||
fi
|
||||
fi
|
||||
|
||||
echononl "Create the Keycloak (system) user.."
|
||||
KEYCLOAK_HOME="${KEYCLOAK_BASE_INSTALL_PATH}/keycloak"
|
||||
if id -u ${KEYCLOAK_USER} > /dev/null 2>&1; then
|
||||
echo_skipped
|
||||
else
|
||||
useradd -r -M -d ${KEYCLOAK_HOME} -s /bin/false -g ${KEYCLOAK_GROUP} ${KEYCLOAK_USER} > "$log_file" 2>&1
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo_failed
|
||||
error "$(cat "$log_file")"
|
||||
else
|
||||
echo_ok
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
blank_line
|
||||
|
||||
echononl "Backup Keycloak Installation directory.."
|
||||
if [[ -n "${OLD_INSTALL_DIR}" ]]; then
|
||||
mv "${OLD_INSTALL_DIR}" "${OLD_INSTALL_DIR}.${backup_date}" > "$log_file" 2>&1
|
||||
@ -1406,25 +1381,6 @@ else
|
||||
fi
|
||||
|
||||
|
||||
echononl "Set ownbership of installation directory '${KEYCLOAK_INSTALL_DIR}'.."
|
||||
chown -R ${KEYCLOAK_USER}:${KEYCLOAK_GROUP} "${KEYCLOAK_INSTALL_DIR}" > "$log_file" 2>&1
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo_failed
|
||||
error "$(cat "$log_file")"
|
||||
else
|
||||
echo_ok
|
||||
fi
|
||||
|
||||
echononl "Give write permissions to the keycloak group.."
|
||||
chmod -R g+w "${KEYCLOAK_INSTALL_DIR}" > "$log_file" 2>&1
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo_failed
|
||||
error "$(cat "$log_file")"
|
||||
else
|
||||
echo_ok
|
||||
fi
|
||||
|
||||
|
||||
blank_line
|
||||
|
||||
echononl "Symlink keycloak -> keycloak-${KEYCLOAK_VERSION} .."
|
||||
@ -1447,79 +1403,6 @@ else
|
||||
fi
|
||||
|
||||
|
||||
_certs_installed=false
|
||||
echononl "Run script 'check_cert_for_keycloak.sh'.."
|
||||
if [[ -x "/root/bin/monitoring/check_cert_for_keycloak.sh" ]] ; then
|
||||
/root/bin/monitoring/check_cert_for_keycloak.sh > "$log_file" 2>&1
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo_failed
|
||||
cat "$log_file"
|
||||
else
|
||||
echo_ok
|
||||
_certs_installed=true
|
||||
fi
|
||||
else
|
||||
warn "Certificate/Key for ${FQHN_HOSTNAME} cannot be provided."
|
||||
fi
|
||||
|
||||
|
||||
echononl "Add a cronjob for checking cert.."
|
||||
if [[ -f "$crontab_backup_file" ]]; then
|
||||
if ! grep -iq -E "/root/bin/monitoring/check_cert_for_keycloak.sh" "$crontab_backup_file" > /dev/null 2>&1; then
|
||||
cat <<EOF >> $crontab_backup_file
|
||||
|
||||
# Check if cert for Keycloak service is up-to-date
|
||||
#
|
||||
51 05 * * * /root/bin/monitoring/check_cert_for_keycloak.sh
|
||||
EOF
|
||||
if [[ "$?" -ne 0 ]] ; then
|
||||
echo_failed
|
||||
else
|
||||
echo_ok
|
||||
fi
|
||||
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
|
||||
elif [[ -f "/var/spool/cron/crontabs/root" ]] ; then
|
||||
|
||||
if ! grep -i -E "/root/bin/monitoring/check_cert_for_keycloak.sh" /var/spool/cron/crontabs/root > /dev/null 2>&1; then
|
||||
installation_failed=false
|
||||
crontab -l > /tmp/tmp_crontab 2> $log_file
|
||||
if [[ "$?" -ne 0 ]] ; then
|
||||
installation_failed=true
|
||||
fi
|
||||
|
||||
cat << EOF >> /tmp/tmp_crontab 2>> $log_file
|
||||
|
||||
# Check if cert for Keycloak service is up-to-date
|
||||
#
|
||||
51 05 * * * /root/bin/monitoring/check_cert_for_keycloak.sh
|
||||
EOF
|
||||
if [[ "$?" -ne 0 ]] ; then
|
||||
installation_failed=true
|
||||
fi
|
||||
crontab /tmp/tmp_crontab > /dev/null 2>> $log_file
|
||||
if [[ "$?" -ne 0 ]] ; then
|
||||
installation_failed=true
|
||||
fi
|
||||
rm /tmp/tmp_crontab > /dev/null 2>> $log_file
|
||||
if [[ "$?" -ne 0 ]] ; then
|
||||
installation_failed=true
|
||||
fi
|
||||
if ! $installation_failed ; then
|
||||
echo_ok
|
||||
else
|
||||
echo_failed
|
||||
error "Adding cronjob for checking cert failed!"
|
||||
fi
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
echononl "Create new configuration .."
|
||||
if [[ "${DB_TYPE}" = "pgsql" ]]; then
|
||||
_db_type="postgres"
|
||||
@ -1581,7 +1464,6 @@ else
|
||||
fi
|
||||
|
||||
|
||||
|
||||
echo
|
||||
echo -e "\033[37m\033[1mSetup Keycloak to use systemd for starting and stopping..\033[m"
|
||||
echo
|
||||
@ -1656,6 +1538,79 @@ else
|
||||
echo_ok
|
||||
fi
|
||||
|
||||
blank_line
|
||||
|
||||
_certs_installed=false
|
||||
echononl "Run script 'check_cert_for_keycloak.sh'.."
|
||||
if [[ -x "/root/bin/monitoring/check_cert_for_keycloak.sh" ]] ; then
|
||||
/root/bin/monitoring/check_cert_for_keycloak.sh > "$log_file" 2>&1
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo_failed
|
||||
cat "$log_file"
|
||||
else
|
||||
echo_ok
|
||||
_certs_installed=true
|
||||
fi
|
||||
else
|
||||
warn "Certificate/Key for ${FQHN_HOSTNAME} cannot be provided."
|
||||
fi
|
||||
|
||||
echononl "Add a cronjob for checking cert.."
|
||||
if [[ -f "$crontab_backup_file" ]]; then
|
||||
if ! grep -iq -E "/root/bin/monitoring/check_cert_for_keycloak.sh" "$crontab_backup_file" > /dev/null 2>&1; then
|
||||
cat <<EOF >> $crontab_backup_file
|
||||
|
||||
# Check if cert for Keycloak service is up-to-date
|
||||
#
|
||||
51 05 * * * /root/bin/monitoring/check_cert_for_keycloak.sh
|
||||
EOF
|
||||
if [[ "$?" -ne 0 ]] ; then
|
||||
echo_failed
|
||||
else
|
||||
echo_ok
|
||||
fi
|
||||
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
|
||||
elif [[ -f "/var/spool/cron/crontabs/root" ]] ; then
|
||||
|
||||
if ! grep -i -E "/root/bin/monitoring/check_cert_for_keycloak.sh" /var/spool/cron/crontabs/root > /dev/null 2>&1; then
|
||||
installation_failed=false
|
||||
crontab -l > /tmp/tmp_crontab 2> $log_file
|
||||
if [[ "$?" -ne 0 ]] ; then
|
||||
installation_failed=true
|
||||
fi
|
||||
|
||||
cat << EOF >> /tmp/tmp_crontab 2>> $log_file
|
||||
|
||||
# Check if cert for Keycloak service is up-to-date
|
||||
#
|
||||
51 05 * * * /root/bin/monitoring/check_cert_for_keycloak.sh
|
||||
EOF
|
||||
if [[ "$?" -ne 0 ]] ; then
|
||||
installation_failed=true
|
||||
fi
|
||||
crontab /tmp/tmp_crontab > /dev/null 2>> $log_file
|
||||
if [[ "$?" -ne 0 ]] ; then
|
||||
installation_failed=true
|
||||
fi
|
||||
rm /tmp/tmp_crontab > /dev/null 2>> $log_file
|
||||
if [[ "$?" -ne 0 ]] ; then
|
||||
installation_failed=true
|
||||
fi
|
||||
if ! $installation_failed ; then
|
||||
echo_ok
|
||||
else
|
||||
echo_failed
|
||||
error "Adding cronjob for checking cert failed!"
|
||||
fi
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
blank_line
|
||||
|
||||
@ -1673,6 +1628,7 @@ else
|
||||
fi
|
||||
|
||||
blank_line
|
||||
|
||||
echononl "Creates a new and optimized server image.."
|
||||
${KEYCLOAK_BASE_INSTALL_PATH}/keycloak/bin/kc.sh build > "$log_file" 2>&1
|
||||
if [[ $? -ne 0 ]]; then
|
||||
@ -1693,8 +1649,26 @@ fi
|
||||
|
||||
blank_line
|
||||
|
||||
echononl "Set ownbership of installation directory '${KEYCLOAK_INSTALL_DIR}'.."
|
||||
chown -R ${KEYCLOAK_USER}:${KEYCLOAK_GROUP} "${KEYCLOAK_INSTALL_DIR}" > "$log_file" 2>&1
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo_failed
|
||||
error "$(cat "$log_file")"
|
||||
else
|
||||
echo_ok
|
||||
fi
|
||||
|
||||
#echononl "Give write permissions to the keycloak group.."
|
||||
#chmod -R g+w "${KEYCLOAK_INSTALL_DIR}" > "$log_file" 2>&1
|
||||
#if [[ $? -ne 0 ]]; then
|
||||
# echo_failed
|
||||
# error "$(cat "$log_file")"
|
||||
#else
|
||||
# echo_ok
|
||||
#fi
|
||||
|
||||
blank_line
|
||||
|
||||
echononl "Start Keycloak Service"
|
||||
systemctl start keycloak.service > "$log_file" 2>&1
|
||||
if [[ $? -ne 0 ]]; then
|
||||
@ -1883,6 +1857,17 @@ while true ; do
|
||||
sleep 1
|
||||
done
|
||||
|
||||
echononl "Save configuration to file 'current-configuration.txt'."
|
||||
${KEYCLOAK_BASE_INSTALL_PATH}/keycloak/bin/kc.sh show-config > "${working_dir}/current-configuration.txt" 2> "$log_file"
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo_failed
|
||||
error "$(cat "$log_file")"
|
||||
else
|
||||
echo_ok
|
||||
fi
|
||||
|
||||
blank_line
|
||||
|
||||
_admin_user_created=true
|
||||
echononl "Login as temporary admin user .."
|
||||
if ${keycloak_service_started} ; then
|
||||
|
||||
Loading…
Reference in New Issue
Block a user