commit 64d71f54b6ee9315f3c5c90543b6f41f8db2183a Author: Christoph Date: Mon May 11 02:19:44 2020 +0200 Initial commit diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..9772d11 --- /dev/null +++ b/.gitignore @@ -0,0 +1,9 @@ + +# - common +*.log +*.swp +*.tar.gz +log* + +conf/*.conf + diff --git a/README.install b/README.install new file mode 100644 index 0000000..24fdbdb --- /dev/null +++ b/README.install @@ -0,0 +1,110 @@ +# =========================================================================== +# +# Mattermost +# "is an open-source, self-hostable online chat service with file sharing, +# search, and integrations). It is designed as an internal chat for +# organisations and companies, and mostly markets itself as an open-source +# alternative to Slac and Microsoft Teams. " +# +# https://mattermost.com/ +# +# see: +# - https://docs.mattermost.com/install/install-debian.html +# +# - https://docs.mattermost.com/ +# +# Requirements: +# +# - NGINX Web Service is installed +# - MySQL Service is installed +# - lets encrypt certificates available for $FQHN_HOSTNAME + +# ============================================================================= + + + +# --- +# 0.) Requirements +# --- + +# ---------- +# +# 0.) Create new LX Container +# +# /root/bin/LXC/create-lx-container.sh +# ... +# +# 1.) Assign(Adjust user root +# +# lxc-attach -n meet +# add_new_user.sh root +# +# Base Install via ansible +# +# cd /home/chris/devel/git/git.oopen.de/ansible/oopen-server +# ansible-playbook --limit meet.oopen.de ansible-dependencies.yml +# ansible-playbook --limit meet.oopen.de common.yml +# ansible-playbook --limit meet.oopen.de scripts/install-ulogd.yml +# ansible-playbook --limit meet.oopen.de firewall.yml +# +# ---------- + +# Adjust Firewall +# +cd /etc/ipt-firewall +... + +# Install Postfix SMTP Service (base) +# +cd /usr/local/src/mailsystem +./install_postfix_base.sh + +# Install Nginx Webserver +# +cd /usr/local/src/nginx +./install_nginx.sh + +# Install update mechanism for lets encrypt certificates +# +cd /usr/local/src/dehydrated-cron +./install_dehydrated.sh + +# Create certificate(s) +# +# Adjust '/var/lib/dehydrated/domains.txt' +# +# vim /var/lib/dehydrated/domains.txt +# +cat <> /var/lib/dehydrated/domains.txt +$FQHN_HOSTNAME +EOF +/var/lib/dehydrated/cron/dehydrated_cron.sh + + +# --- +# 0.1) Requirements MySQL Database Service +# --- + +# Install MySQL Database Service +# +cd /tmp + +# See at 'https://dev.mysql.com/downloads/repo/apt/' which is the +# actual version of the apt-repository +# +mysql_apt_version=0.8.15-1 +wget https://dev.mysql.com/get/mysql-apt-config_${mysql_apt_version}_all.deb +dpkg -i mysql-apt-config_${mysql_apt_version}_all.deb + +apt-get update +apt-get install mysql-server + + + +# --- +# 1.) Install Mattermost Service +# --- + +# Trigger install script 'install-mattermost.sh' +# +./install-mattermost.sh diff --git a/conf/mattermost.conf.sample b/conf/mattermost.conf.sample new file mode 100644 index 0000000..2443f06 --- /dev/null +++ b/conf/mattermost.conf.sample @@ -0,0 +1,88 @@ +#---------------------------------------- +# Settings for Mattermost Install scripts +#---------------------------------------- + +# FQHN_HOSTNAME +# +# The full qualified histname under which bbb service +# is available +# +# Defaults to full qualified hostname of the system +# +FQHN_HOSTNAME="" + + +# MATTERMOST_USER +# +# The user under which Mattermost service is running. +# +# Defaults to: MATTERMOST_USER="mattermost" +# +#MATTERMOST_USER="" + + +# MATTERMOST_GROUP +# +# The group od mattermost user. +# +# Defaults to: MATTERMOST_GROUP="$MATTERMOST_USER" +# +#MATTERMOST_GROUP="" + + +# MYSQL_CREDENTIAL_ARGS +# +# Giving password on command line is insecure an sind mysql 5.5 +# you will get a warning doing so. +# +# Reading username/password fro file ist also possible, using MySQL/MariaDB +# commandline parameter '--defaults-file'. +# +# Since Version 5.6, that method is considered as insecure. +# To avoid giving the password on command line, we use an +# encrypted option file +# +# Create (encrypted) option file: +# $ mysql_config_editor set --login-path=local --socket=/var/run/mysqld/mysqld.sock --user=backup --password +# $ Password: +# +# Use of option file: +# $ mysql --login-path=local ... +# +# Example +# MYSQL_CREDENTIAL_ARGS="--login-path=local" +# MYSQL_CREDENTIAL_ARGS="--defaults-file=/etc/mysql/debian.cnf" (Debian default) +# MYSQL_CREDENTIAL_ARGS="--defaults-file=/usr/local/mysql/sys-maint.cnf" +# +# # MariaDB 10.4.x +# MYSQL_CREDENTIAL_ARGS="-u root -S /tmp/mysql.sock" +# +# No Defaults +# +#MYSQL_CREDENTIAL_ARGS="--login-path=local" + + +# DB_NAME +# +# Database Name of Mattemost's Database +# +# Defaults to: DB_NAME="mattermost" +# +#DB_NAME="mattermost" + +# DB_USER +# +# Database USER of Mattemost's Database +# +# Defaults to: DB_USER="mattermost" +# +#DB_USER="mattermost" + + +# DB_PASS +# +# Database Password used for Mattemost's Database +# +# Defaults to a random created one. +# +#DB_PASS="" diff --git a/install-mattermost.sh b/install-mattermost.sh new file mode 100755 index 0000000..7efa501 --- /dev/null +++ b/install-mattermost.sh @@ -0,0 +1,1498 @@ +#!/usr/bin/env bash + +script_name="$(basename $(realpath $0))" +working_dir="$(dirname $(realpath $0))" + +#conf_file="${working_dir}/conf/${script_name%%.*}.conf" +conf_file="${working_dir}/conf/mattermost.conf" + +LOCK_DIR="/tmp/$(basename $0).$$.LOCK" +log_file="${LOCK_DIR}/${script_name%%.*}.log" + +backup_date="$(date +%Y-%m-%d-%H%M)" + + +# ---------- +# Base Function(s) +# ---------- + +clean_up() { + + # Perform program exit housekeeping + rm -rf "$LOCK_DIR" + blank_line + exit $1 +} + +echononl(){ + if $terminal ; then + echo X\\c > /tmp/shprompt$$ + if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then + echo -e -n " $*\\c" 1>&2 + else + echo -e -n " $*" 1>&2 + fi + rm /tmp/shprompt$$ + fi +} +fatal(){ + echo "" + if $terminal ; then + echo -e " [ \033[31m\033[1mFatal\033[m ] $*" + else + echo -e " [ Fatal ] $*" + fi + echo "" + if $terminal ; then + echo -e " \033[1mScript terminated\033[m.." + else + echo -e " Script terminated.." + fi + echo "" + rm -rf $LOCK_DIR + exit 1 +} +error (){ + echo "" + if $terminal ; then + echo -e " [ \033[31m\033[1mError\033[m ] $*" + else + echo " [ Error ] $*" + fi + echo "" +} + +warn (){ + echo "" + if $terminal ; then + echo -e " [ \033[33m\033[1mWarning\033[m ] $*" + else + echo " [ Error ] $*" + fi + echo "" +} + +info (){ + if $terminal ; then + echo "" + if $terminal ; then + echo -e " [ \033[32m\033[1mInfo\033[m ] $*" + else + echo " [ Info ] $*" + fi + echo "" + fi +} + + +echo_ok() { + if $terminal ; then + echo -e "\033[85G[ \033[32mok\033[m ]" + fi +} +echo_failed(){ + if $terminal ; then + echo -e "\033[85G[ \033[1;31mfailed\033[m ]" + fi +} +echo_skipped() { + if $terminal ; then + echo -e "\033[85G[ \033[33m\033[1mskipped\033[m ]" + fi +} +echo_wait(){ + if $terminal ; then + echo -en "\033[85G[ \033[5m\033[1m..\033[m ]" + fi +} + +trim() { + local var="$*" + var="${var#"${var%%[![:space:]]*}"}" # remove leading whitespace characters + var="${var%"${var##*[![:space:]]}"}" # remove trailing whitespace characters + echo -n "$var" +} + +blank_line() { + if $terminal ; then + echo "" + fi +} + +detect_os () { + + if $(which lsb_release > /dev/null 2>&1) ; then + + DIST="$(lsb_release -i | awk '{print tolower($3)}')" + DIST_VERSION="$(lsb_release -r | awk '{print tolower($2)}')" + DIST_CODENAME="$(lsb_release -c | awk '{print tolower($2)}')" + + if [[ "$DIST" = "debian" ]]; then + if $(echo "$DIST_VERSION" | grep -q '\.') ; then + DIST_VERSION=$(echo "$DIST_VERSION" | cut --delimiter='.' -f1) + fi + fi + + elif [[ -e "/etc/os-release" ]]; then + + . /etc/os-release + + DIST=$ID + DIST_VERSION=${VERSION_ID} + + fi + + # remove whitespace from DIST and DIST_VERSION + DIST="${DIST// /}" + DIST_VERSION="${DIST_VERSION// /}" + +} + + + +# ---------- +# - Jobhandling +# ---------- + +# - Run 'clean_up' for signals SIGHUP SIGINT SIGTERM +# - +trap clean_up SIGHUP SIGINT SIGTERM + +# - Create lock directory '$LOCK_DIR" +# +mkdir "$LOCK_DIR" + + +# ---------- +# - Some checks .. +# ---------- + +# - Running in a terminal? +# - +if [[ -t 1 ]] ; then + terminal=true +else + fatal "Script must run in a terminal." +fi + + +# ========== +# - Begin Main Script +# ========== + +# ---------- +# - Headline +# ---------- + +if $terminal ; then + echo "" + echo -e "\033[1m----------\033[m" + echo -e "\033[32m\033[1mRunning script \033[m\033[1m$script_name\033[32m .. \033[m" + echo -e "\033[1m----------\033[m" +fi + + +# ---------- +# Read Configurations from $conf_file +# ---------- + +# - Give your default values here +# - +DEFAULT_FQHN_HOSTNAME="$(hostname -f)" + +DEFAULT_MATTERMOST_USER="mattermost" + +DEFAULT_DB_NAME="mattermost" +DEFAULT_DB_USER="mattermost" + +# generate random password +regexp_digit="([23456789].*){2}" +regexp_special_char="([-_%+].*){2}" +regexp_not_alowed="([0ODl18B])" +LENGTH=16 + +while [ 1 ] ; do + + DEFAULT_DB_PASS="$(head -c 300 /dev/urandom | tr -cd 'a-zA-Z1-9\-_%' | head -c ${LENGTH})" + + # - Check Password + # - + if [[ "$DEFAULT_DB_PASS" =~ $regexp_not_alowed ]] ; then + continue + fi + if [[ ! "$DEFAULT_DB_PASS" =~ $regexp_special_char ]] ; then + continue + fi + if [[ ! "$DEFAULT_DB_PASS" =~ $regexp_digit ]] ; then + continue + fi + + break + +done + +echo "$conf_file" + +if [[ -f "$conf_file" ]]; then + source "$conf_file" +else + warn "No configuration file '$conf_file' present.\n + Loading default values.." +fi + +[[ -n "$FQHN_HOSTNAME" ]] && DEFAULT_FQHN_HOSTNAME="$FQHN_HOSTNAME" + +[[ -n "$DB_NAME" ]] && DEFAULT_DB_NAME="$DB_NAME" +[[ -n "$DB_USER" ]] && DEFAULT_DB_NAME="$DB_USER" +[[ -n "$DB_PASS" ]] && DEFAULT_DB_PASS="$DB_PASS" + +[[ -n "$MATTERMOST_USER" ]] && DEFAULT_MATTERMOST_USER="$MATTERMOST_USER" +if [[ -n "$MATTERMOST_GROUP" ]]; then + DEFAULT_MATTERMOST_GROUP="$MATTERMOST_GROUP" +else + DEFAULT_MATTERMOST_GROUP="$DEFAULT_MATTERMOST_USER" +fi + + +blank_line +echononl "Detect distribution/release of running OS.." +detect_os > "$log_file" 2>&1 +if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" +else + echo_ok +fi + + +echo -e "\033[32m--\033[m" +echo "" +echo "Version Number of Mattermost Server to install" +echo "" +echo "" +MATTERMOST_VERSION= +while [ "X$MATTERMOST_VERSION" = "X" ] +do + echononl "Mattermost Server Version: " + read MATTERMOST_VERSION + if [ "X$MATTERMOST_VERSION" = "X" ]; then + echo -e "\n\t\033[33m\033[1mA Version number is required!\033[m\n" + fi +done +DOWNLOAD_ARCHIVE="mattermost-${MATTERMOST_VERSION}-linux-amd64.tar.gz" +DOWNLOAD_URL="https://releases.mattermost.com/${MATTERMOST_VERSION}/${DOWNLOAD_ARCHIVE}" + + + +FQHN_HOSTNAME= +echo "" +echo -e "\033[32m--\033[m" +echo "" +echo "Insert full qualified hostname for Mattermost Service" +echo "" +if [[ -n "$DEFAULT_FQHN_HOSTNAME" ]]; then + while [[ "X${FQHN_HOSTNAME}" = "X" ]]; do + echononl "Full qualified hostname [${DEFAULT_FQHN_HOSTNAME}]: " + read FQHN_HOSTNAME + if [[ "X${FQHN_HOSTNAME}" = "X" ]]; then + FQHN_HOSTNAME=$DEFAULT_FQHN_HOSTNAME + fi + if [[ ! $FQHN_HOSTNAME =~ \. ]]; then + echo -e "\n\tGiven Host \033[33m\033[1m$FQHN_HOSTNAME\033[m seems not to be a full qualified hostname.\n" + FQHN_HOSTNAME="" + fi + done +else + while [[ "X${FQHN_HOSTNAME}" = "X" ]]; do + echononl "Full qualified hostname: " + read FQHN_HOSTNAME + if [[ "X${FQHN_HOSTNAME}" = "X" ]]; then + echo -e "\n\t\033[33m\033[1mFull qualified hostname is reqired\033[m\n" + fi + if [[ ! $FQHN_HOSTNAME =~ \. ]]; then + echo -e "\n\tGiven Host \033[33m\033[1m$FQHN_HOSTNAME\033[m seems not to be a full qualified hostname.\n" + FQHN_HOSTNAME="" + fi + done +fi +HOSTNAME="${FQHN_HOSTNAME%%.*}" + +echo "" +echo "--" +echo "" +echo "Enter user and group for Mattermost Service." +echo "" +MATTERMOST_USER= +while [ "X$MATTERMOST_USER" = "X" ] +do + echononl "Mattermost user [${DEFAULT_MATTERMOST_USER}]: " + read MATTERMOST_USER + if [ "X$MATTERMOST_USER" = "X" ]; then + MATTERMOST_USER=$DEFAULT_MATTERMOST_USER + fi +done +MATTERMOST_GROUP= +while [ "X$MATTERMOST_GROUP" = "X" ] +do + echononl "Mattermost group [$DEFAULT_MATTERMOST_GROUP]: " + read MATTERMOST_GROUP + if [ "X$MATTERMOST_GROUP" = "X" ]; then + MATTERMOST_GROUP=$DEFAULT_MATTERMOST_GROUP + fi +done + + + + +DB_NAME= +echo "" +echo -e "\033[32m--\033[m" +echo "" +echo "Enter Database Name used by Mattermost Service" +echo "" +if [[ -n "$DEFAULT_DB_NAME" ]]; then + while [[ "X${DB_NAME}" = "X" ]]; do + echononl "Database Name [${DEFAULT_DB_NAME}]: " + read DB_NAME + if [[ "X${DB_NAME}" = "X" ]]; then + DB_NAME=$DEFAULT_DB_NAME + fi + done +else + while [[ "X${DB_NAME}" = "X" ]]; do + echononl "Database Name: " + read DB_NAME + if [[ "X${DB_NAME}" = "X" ]]; then + echo -e "\n\t\033[33m\033[1m Database Name is reqired\033[m\n" + fi + done +fi + +DB_USER= +echo "" +echo -e "\033[32m--\033[m" +echo "" +echo "Enter Database User used by Mattermost Service" +echo "" +if [[ -n "$DEFAULT_DB_USER" ]]; then + while [[ "X${DB_USER}" = "X" ]]; do + echononl "Database User [${DEFAULT_DB_USER}]: " + read DB_USER + if [[ "X${DB_USER}" = "X" ]]; then + DB_USER=$DEFAULT_DB_USER + fi + done +else + while [[ "X${DB_USER}" = "X" ]]; do + echononl "Database User: " + read DB_USER + if [[ "X${DB_USER}" = "X" ]]; then + echo -e "\n\t\033[33m\033[1m Database User is reqired\033[m\n" + fi + done +fi + +DB_PASS= +echo "" +echo -e "\033[32m--\033[m" +echo "" +echo "Enter Database Password used by Mattermost Service" +echo "" +if [[ -n "$DEFAULT_DB_PASS" ]]; then + while [[ "X${DB_PASS}" = "X" ]]; do + echononl "Database Password [${DEFAULT_DB_PASS}]: " + read DB_PASS + if [[ "X${DB_PASS}" = "X" ]]; then + DB_PASS=$DEFAULT_DB_PASS + fi + done +else + while [[ "X${DB_PASS}" = "X" ]]; do + echononl "Database Password: " + read DB_PASS + if [[ "X${DB_PASS}" = "X" ]]; then + echo -e "\n\t\033[33m\033[1m Database Password is reqired\033[m\n" + fi + done +fi + + +if [[ -n "$MYSQL_CREDENTIAL_ARGS" ]] ; then + if ! $(mysql $MYSQL_CREDENTIAL_ARGS -N -s -e 'quit' > /dev/null 2>&1) ; then + fatal "Parameter MYSQL_CREDENTIAL_ARGS is given, but a connection to MySQL Service failed.!" + fi + USE_MYSQL_CREDENTIAL_ARGS=true +else + USE_MYSQL_CREDENTIAL_ARGS=false + + _MYSQL_ROOT_PW="" + echo "" + echo -e "\033[32m--\033[m" + echo "" + echo "Insert root password of MySQL Database Service" + echo "" + while [ "X${_MYSQL_ROOT_PW}" = "X" ]; do + + echononl "Passworteingabe: " + read -s _MYSQL_ROOT_PW + if [ "X${_MYSQL_ROOT_PW}" = "X" ]; then + echo -e "\n\t\033[33m\033[1mPassworteingabe erforderlich!\033[m\n" + continue + fi + if $(pgrep mysqld_safe > /dev/null 2>&1) || $(pgrep mysqld > /dev/null 2>&1); then + if $(mysql --user="root" --password="$_MYSQL_ROOT_PW" -N -s -e 'quit' > /dev/null 2>&1) ; then + MYSQL_ROOT_PW=$_MYSQL_ROOT_PW + else + echo -e "\n\t\033[33m\033[1mFalsches Passwort\033[m\n" + _MYSQL_ROOT_PW="" + fi + else + fatal "MySQL seems not be running. Start MySQL Service and try installing mattermost again." + fi + done +fi + + + +echo "" +echo "" +echo -e "\t\033[32mStart install script for Mattermost Server with the following parameters\033[m" +echo "" +echo -e "\tMattermost Server Version: \033[33m\033[1m$MATTERMOST_VERSION\033[m" +echo "" +echo -e "\tFull qualified Hostname..: $FQHN_HOSTNAME" +echo -e "\tHostname.................: $HOSTNAME" +echo "" +echo -e "\tMattermost user..........: $MATTERMOST_USER" +echo -e "\tMattermost group.........: $MATTERMOST_GROUP" +echo "" +echo "" +if $USE_MYSQL_CREDENTIAL_ARGS ; then + echo -e "\tMYSQL_CREDENTIAL_ARGS....: $MYSQL_CREDENTIAL_ARGS" +else + echo -e "\tRoot password MySQL......: **" +fi +echo "" +echo -e "\tDatabase Name............: $DB_NAME" +echo -e "\tDatabase User............: $DB_USER" +echo -e "\tDatabase Password........: $DB_PASS" +echo "" +echononl "einverstanden (yes/no): " +read OK +OK=${OK,,} +while [ "X$OK" != "Xyes" -a "X$OK" != "Xno" ]; do + echononl "Wrong entry! [yes/no]: " + read OK + OK=${OK,,} +done +[ $OK = "yes" ] || fatal Repeat with other settings.. + +echo "" +echo "" + + +if ! $USE_MYSQL_CREDENTIAL_ARGS ; then + MYSQL_CREDENTIAL_ARGS="--user='root' --password=$_MYSQL_ROOT_PW" + if ! $(mysql $MYSQL_CREDENTIAL_ARGS -N -s -e 'quit' > /dev/null 2>&1) ; then + fatal "Parameter MYSQL_CREDENTIAL_ARGS is given, but a connection to MySQL Service failed.!" + fi +fi + + + +echo +echo -e "\033[37m\033[1mSome checks....\033[m" +echo + +_failed=false +echononl "Check if Nginx Webservice is installed.." +if $(dpkg -s nginx-extras > "$log_file" 2>&1) ; then + nginx_installed=true +elif $(dpkg -s nginx-full > "$log_file" 2>&1) ; then + nginx_installed=true +else + nginx_installed=false +fi +if $nginx_installed ; then + echo -e "\033[85G[ \033[32mYES\033[m ]" +else + echo -e "\033[85G[ \033[1;31mNOT installed\033[m ]" +fi + +_failed=false +echononl "Check if MySQL Database Service is installed.." +if $(dpkg -s mysql-server > "$log_file" 2>&1) ; then + mysql_server_installed=true +else + mysql_server_installed=false +fi +if $mysql_server_installed ; then + echo -e "\033[85G[ \033[32mYES\033[m ]" +else + echo -e "\033[85G[ \033[1;31mNOT installed\033[m ]" +fi + + +_failed=false +echononl "Check if certificate for '$FQHN_HOSTNAME' is present.." +if [[ -d "/var/lib/dehydrated/certs/${FQHN_HOSTNAME}" ]] ; then + if [[ -h "/var/lib/dehydrated/certs/${FQHN_HOSTNAME}/fullchain.pem" ]]; then + cert_present=true + else + cert_present=false + fi +else + cert_present=false +fi +if $cert_present ; then + echo -e "\033[85G[ \033[32mYES\033[m ]" +else + echo -e "\033[85G[ \033[1;31mNOT present\033[m ]" +fi + +if ! $nginx_installed || ! $mysql_server_installed ; then + + if ! $cert_present ; then + + fatal "Prerequisites are a correct installation of the NGINX Web Service as well + as a correct installation of the MySQL database service. + + It's also highly recommended to have a valid certificate for your + FQHN Hostname '${FQHN_HOSTNAME}'." + + else + + fatal "Prerequisites are a correct installation of the NGINX Web Service as well + as a correct installation of the MySQL database service." + fi + +elif ! $cert_present ; then + + warn "It is highly recommended to have a valid certificate for your FQHN Hostname '${FQHN_HOSTNAME}'." + + echononl "\033[1mcontinue anyway\033[m [yes/no]: " + read OK + OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')" + while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do + echononl "Wrong entry! - repeat [yes/nno]: " + read OK + done + [[ $OK = "yes" ]] || fatal "Abbruch durch User" + +fi + + +echo +echo -e "\033[37m\033[1mSome pre-installation stuff..\033[m" +echo + +echononl "Create Database User '${DB_USER}' with Password '${DB_PASS}'.." +if [[ "$(mysql $MYSQL_CREDENTIAL_ARGS -N -s -e \ + "SELECT EXISTS(SELECT 1 FROM mysql.user WHERE user = '$DB_USER')" 2>/dev/null)" = 1 ]]; then + echo_skipped +else + mysql $MYSQL_CREDENTIAL_ARGS -N -s -e \ + "CREATE USER '$DB_USER'@'localhost' IDENTIFIED BY '${DB_PASS}'" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +fi + +echononl "Create Database '${DB_NAME}'.." +if [[ "$(mysql $MYSQL_CREDENTIAL_ARGS -N -s -e \ + "SHOW DATABASES LIKE '${DB_NAME}'" 2>/dev/null)" = "${DB_NAME}" ]]; then + + echo_skipped +else + mysql $MYSQL_CREDENTIAL_ARGS -N -s -e "CREATE DATABASE ${DB_NAME}" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +fi + +echononl "Grant access privileges to the user '${DB_USER}'’." +mysql $MYSQL_CREDENTIAL_ARGS -N -s -e \ + "GRANT ALL PRIVILEGES ON ${DB_NAME}.* to '${DB_USER}'@'localhost';" > "$log_file" 2>&1 +if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" +else + echo_ok +fi + +echononl "FLUSH PRIVILEGES to dadabase engine .." +mysql $MYSQL_CREDENTIAL_ARGS -N -s -e \ + "FLUSH PRIVILEGES" > "$log_file" 2>&1 +if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" +else + echo_ok +fi + + +echo +echo -e "\033[37m\033[1mInstalling Mattermost Server..\033[m" +echo + +echononl "Create the Mattermost (system) group.." +if cat /etc/group | grep -e "^${MATTERMOST_GROUP}:" > /dev/null 2>&1 ; then + echo_skipped +else + groupadd -r $MATTERMOST_GROUP > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +fi + +echononl "Create the Mattermost (system) user.." +if id -u $MATTERMOST_USER > /dev/null 2>&1; then + echo_skipped +else + useradd -r -M -d /opt/mattermost -s /bin/false -g $MATTERMOST_GROUP $MATTERMOST_USER > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +fi + +echononl "Download the latest version (${MATTERMOST_VERSION}) of the Mattermost Server.." +if [[ ! -f "${working_dir}/mattermost-${MATTERMOST_VERSION}-linux-amd64.tar.gz" ]]; then + wget -O "${working_dir}/${DOWNLOAD_ARCHIVE}" "${DOWNLOAD_URL}" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +else + echo_skipped +fi + +echononl "Backup Mattermost Installation directory.." +if [[ -d "/opt/mattermost" ]]; then + cp -a "/opt/mattermost" "/opt/mattermost.${backup_date}" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +else + echo_skipped +fi + +echononl "Extract the Mattermost Server files.." +tar -C /opt -xvzf "${working_dir}/${DOWNLOAD_ARCHIVE}" > "$log_file" 2>&1 +if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" +else + echo_ok +fi + +echononl "Set ownbership of installation directors '/opt/mattermost'.." +chown -R ${MATTERMOST_USER}:${MATTERMOST_GROUP} /opt/mattermost > "$log_file" 2>&1 +if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" +else + echo_ok +fi + +echononl "Give write permissions to the mattermost group.." +chmod -R g+w /opt/mattermost> "$log_file" 2>&1 +if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" +else + echo_ok +fi + +echononl "Backup file '/opt/mattermost/config/config.json'.." +if [[ ! -f "/opt/mattermost/config/config.json.ORIG" ]]; then + cp -a /opt/mattermost/config/config.json /opt/mattermost/config/config.json.ORIG > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +else + echo_skipped +fi + + +echo +echo -e "\033[37m\033[1mConfigure Mattermost - file '/opt/mattermost/config/config.json'..\033[m" +echo + +echononl "Set up 'DriverName'.." +if ! $(grep -q -E "^\s*\"DriverName\":\s+mysql" /opt/mattermost/config/config.json 2> "$log_file") ; then + + _found=false + :> ${LOCK_DIR}/config.json + :> $log_file + + while IFS='' read -r _line || [[ -n $_line ]] ; do + + + if $_found && echo "$_line" | grep -iq -E "^\s*\"DriverName\":" 2> /dev/null ; then + cat <> ${LOCK_DIR}/config.json 2> "$log_file" + "DriverName": "mysql", +EOF + elif $_found && echo "$_line" | grep -iq -E "^\s*\"DataSource\":" 2> /dev/null ; then + cat <> ${LOCK_DIR}/config.json 2> "$log_file" + "DataSource": "${DB_USER}:${DB_PASS}@tcp(localhost:3306)/${DB_NAME}?charset=utf8mb4,utf8\\u0026readTimeout=30s\\u0026writeTimeout=30s", +EOF + else + echo "$_line" >> ${LOCK_DIR}/config.json 2> "$log_file" + fi + + if ! $_found && echo "$_line" | grep -iq -E "^\s*\"SqlSettings\"" 2> /dev/null ; then + _found=true + fi + + if $_found && echo "$_line" | grep -iq -E "^\s*\}," 2> /dev/null ; then + _found=false + fi + + done < "/opt/mattermost/config/config.json" + + cp -a "${LOCK_DIR}/config.json" /opt/mattermost/config/config.json >> "$log_file" 2>&1 + + if [[ -s "$log_file" ]] ; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi + +else + echo_skipped +fi + +echononl "Reset ownbership of '/opt/mattermost/config/config.json'.." +chown ${MATTERMOST_USER}:${MATTERMOST_GROUP} /opt/mattermost/config/config.json > "$log_file" 2>&1 +if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" +else + echo_ok +fi + + + +echo +echo -e "\033[37m\033[1mSetup Mattermost to use systemd for starting and stopping..\033[m" +echo + +echononl "Create a systemd unit file.." +cat < /etc/systemd/system//mattermost.service 2>"$log_file" +[Unit] +Description=Mattermost +After=network.target +After=mysql.service +Requires=mysql.service + +[Service] +Type=notify +ExecStart=/opt/mattermost/bin/mattermost +TimeoutStartSec=3600 +Restart=always +RestartSec=10 +WorkingDirectory=/opt/mattermost +User=$MATTERMOST_USER +Group=$MATTERMOST_GROUP +LimitNOFILE=524288 + +[Install] +WantedBy=multi-user.target +EOF +if [[ -s "$log_file" ]] ; then + echo_failed + error "$(cat "$log_file")" +else + echo_ok +fi + + +echononl "Make systemd load the new unit.." +systemctl daemon-reload > "$log_file" 2>&1 +if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" +else + echo_ok +fi + +echononl "Set Mattermost Service to start on machine start up.." +systemctl enable mattermost.service > "$log_file" 2>&1 +if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" +else + echo_ok +fi + + +blank_line +echononl "Start Mattermost Service" +systemctl start mattermost.service > "$log_file" 2>&1 +if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" +else + echo_ok +fi + + + + +echo +echo -e "\033[37m\033[1mSome post-installation stuff..\033[m" +echo + +echononl "Create/Update configuration file '$(basename "$conf_file")'" +if [[ -f "$conf_file" ]] ; then + echo_skipped +else + cp -a "${conf_file}.sample" "$conf_file" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +fi + + +_key="FQHN_HOSTNAME" +_val="$FQHN_HOSTNAME" +echononl "Update Parameter '$_key'.." +if $(grep -q -E "^\s*$_key=\"?$_val\"?\s*$" "$conf_file" 2> /dev/null) ; then + echo_skipped +elif $(grep -q -E "^\s*$_key=" "$conf_file" 2> /dev/null) ; then + perl -i -n -p -e "s/^\s*$_key=.*/${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +elif $(grep -q -E "^\s*#\s*${_key}" "$conf_file" 2> /dev/null) ; then + perl -i -n -p -e "s/^(\s*\#\s*$_key=.*)/\1\n${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +else + cat <> "$conf_file" 2> "$log_file" + +${_key}=${_val} +EOF + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +fi + + +_key="MATTERMOST_USER" +_val="$MATTERMOST_USER" +echononl "Update Parameter '$_key'.." +if $(grep -q -E "^\s*$_key=\"?$_val\"?\s*$" "$conf_file" 2> /dev/null) ; then + echo_skipped +elif $(grep -q -E "^\s*$_key=" "$conf_file" 2> /dev/null) ; then + perl -i -n -p -e "s/^\s*$_key=.*/${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +elif $(grep -q -E "^\s*#\s*${_key}" "$conf_file" 2> /dev/null) ; then + perl -i -n -p -e "s/^(\s*\#\s*$_key=.*)/\1\n${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +else + cat <> "$conf_file" 2> "$log_file" + +${_key}=${_val} +EOF + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +fi + + +_key="MATTERMOST_GROUP" +_val="$MATTERMOST_GROUP" +echononl "Update Parameter '$_key'.." +if $(grep -q -E "^\s*$_key=\"?$_val\"?\s*$" "$conf_file" 2> /dev/null) ; then + echo_skipped +elif $(grep -q -E "^\s*$_key=" "$conf_file" 2> /dev/null) ; then + perl -i -n -p -e "s/^\s*$_key=.*/${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +elif $(grep -q -E "^\s*#\s*${_key}" "$conf_file" 2> /dev/null) ; then + perl -i -n -p -e "s/^(\s*\#\s*$_key=.*)/\1\n${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +else + cat <> "$conf_file" 2> "$log_file" + +${_key}=${_val} +EOF + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +fi + + +_key="DB_NAME" +_val="$DB_NAME" +echononl "Update Parameter '$_key'.." +if $(grep -q -E "^\s*$_key=\"?$_val\"?\s*$" "$conf_file" 2> /dev/null) ; then + echo_skipped +elif $(grep -q -E "^\s*$_key=" "$conf_file" 2> /dev/null) ; then + perl -i -n -p -e "s/^\s*$_key=.*/${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +elif $(grep -q -E "^\s*#\s*${_key}" "$conf_file" 2> /dev/null) ; then + perl -i -n -p -e "s/^(\s*\#\s*$_key=.*)/\1\n${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +else + cat <> "$conf_file" 2> "$log_file" + +${_key}=${_val} +EOF + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +fi + + +_key="DB_USER" +_val="$DB_USER" +echononl "Update Parameter '$_key'.." +if $(grep -q -E "^\s*$_key=\"?$_val\"?\s*$" "$conf_file" 2> /dev/null) ; then + echo_skipped +elif $(grep -q -E "^\s*$_key=" "$conf_file" 2> /dev/null) ; then + perl -i -n -p -e "s/^\s*$_key=.*/${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +elif $(grep -q -E "^\s*#\s*${_key}" "$conf_file" 2> /dev/null) ; then + perl -i -n -p -e "s/^(\s*\#\s*$_key=.*)/\1\n${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +else + cat <> "$conf_file" 2> "$log_file" + +${_key}=${_val} +EOF + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +fi + + +_key="DB_PASS" +_val="$DB_PASS" +echononl "Update Parameter '$_key'.." +if $(grep -q -E "^\s*$_key=\"?$_val\"?\s*$" "$conf_file" 2> /dev/null) ; then + echo_skipped +elif $(grep -q -E "^\s*$_key=" "$conf_file" 2> /dev/null) ; then + perl -i -n -p -e "s§^\s*$_key=.*§${_key}=\"${_val}\"§" "$conf_file" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +elif $(grep -q -E "^\s*#\s*${_key}" "$conf_file" 2> /dev/null) ; then + perl -i -n -p -e "s&^(\s*\#\s*$_key=.*)&\1\n${_key}=\"${_val}\"&" "$conf_file" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +else + cat <> "$conf_file" 2> "$log_file" + +${_key}="${_val}" +EOF + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +fi + + + + + +clean_up 0 + + +echo +echo -e "\033[37m\033[1mUpdate file '/etc/systemd/system.conf'....\033[m" +echo + +echononl "Set Parameter 'DefaultLimitNOFILE'.." +if ! $(grep -q -E "^\s*DefaultLimitNOFILE=" /etc/systemd/system.conf 2> /dev/null); then + perl -i -n -p -e "s/^(\s*#DefaultLimitNOFILE=.*)/\1\nDefaultLimitNOFILE=1048576/" \ + /etc/systemd/system.conf > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +elif ! $(grep -q -E "^\s*DefaultLimitNOFILE=1048576" /etc/systemd/system.conf 2> /dev/null); then + perl -i -n -p -e "s/^\s*DefaultLimitNOFILE=.*/DefaultLimitNOFILE=1048576/" \ + /etc/systemd/system.conf > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +else + echo_skipped +fi + +echononl "Set Parameter 'DefaultLimitNPROC'.." +if ! $(grep -q -E "^\s*DefaultLimitNPROC=" /etc/systemd/system.conf 2> /dev/null); then + perl -i -n -p -e "s/^(\s*#DefaultLimitNPROC=.*)/\1\nDefaultLimitNPROC=1048576/" \ + /etc/systemd/system.conf > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +elif ! $(grep -q -E "^\s*DefaultLimitNPROC=1048576" /etc/systemd/system.conf 2> /dev/null); then + perl -i -n -p -e "s/^\s*DefaultLimitNPROC=.*/DefaultLimitNPROC=1048576/" \ + /etc/systemd/system.conf > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +else + echo_skipped +fi + +echononl "Set Parameter 'DefaultTasksMax'.." +if ! $(grep -q -E "^\s*DefaultTasksMax=" /etc/systemd/system.conf 2> /dev/null); then + perl -i -n -p -e "s/^(\s*#DefaultTasksMax=.*)/\1\nDefaultTasksMax=1048576/" \ + /etc/systemd/system.conf > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +elif ! $(grep -q -E "^\s*DefaultTasksMax=1048576" /etc/systemd/system.conf 2> /dev/null); then + perl -i -n -p -e "s/^\s*DefaultTasksMax=.*/DefaultTasksMax=1048576/" \ + /etc/systemd/system.conf > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +else + echo_skipped +fi + +echononl "Set Parameter 'DefaultLimitRTPRIO'.." +if ! $(grep -q -E "^\s*DefaultLimitRTPRIO=" /etc/systemd/system.conf 2> /dev/null); then + perl -i -n -p -e "s/^(\s*#DefaultLimitRTPRIO=.*)/\1\nDefaultLimitRTPRIO=infinity/" \ + /etc/systemd/system.conf > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +elif ! $(grep -q -E "^\s*DefaultLimitRTPRIO=infinity" /etc/systemd/system.conf 2> /dev/null); then + perl -i -n -p -e "s/^\s*DefaultLimitRTPRIO=.*/DefaultLimitRTPRIO=infinity/" \ + /etc/systemd/system.conf > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +else + echo_skipped +fi + +echononl "Set Parameter 'DefaultLimitRTTIME'.." +if ! $(grep -q -E "^\s*DefaultLimitRTTIME=" /etc/systemd/system.conf 2> /dev/null); then + perl -i -n -p -e "s/^(\s*#DefaultLimitRTTIME=.*)/\1\nDefaultLimitRTTIME=infinity/" \ + /etc/systemd/system.conf > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +elif ! $(grep -q -E "^\s*DefaultLimitRTTIME=infinity" /etc/systemd/system.conf 2> /dev/null); then + perl -i -n -p -e "s/^\s*DefaultLimitRTTIME=.*/DefaultLimitRTTIME=infinity/" \ + /etc/systemd/system.conf > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +else + echo_skipped +fi + +_failed=false +echononl "Set Parameter 'DefaultLimitCORE'.." +if ! $(grep -q -E "^\s*DefaultLimitCORE=" /etc/systemd/system.conf 2> /dev/null); then + perl -i -n -p -e "s/^(\s*#DefaultLimitCORE=.*)/\1\nDefaultLimitCORE=infinity/" \ + /etc/systemd/system.conf > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +elif ! $(grep -q -E "^\s*DefaultLimitCORE=infinity" /etc/systemd/system.conf 2> /dev/null); then + perl -i -n -p -e "s/^\s*DefaultLimitCORE=.*/DefaultLimitCORE=infinity/" \ + /etc/systemd/system.conf > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +else + echo_skipped +fi + + +echononl "Reload Systemd .." +systemctl daemon-reload > "$log_file" 2>&1 +if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" +else + echo_ok +fi + + +echo +echo -e "\033[37m\033[1mSome Certifikation/Key stuff..\033[m" +echo + +cert_copied=false +echononl "Copy Snakeoil Cert to file '/etc/ssl/fullchain.pem'.." +if [[ ! -f "/etc/ssl/fullchain.pem" ]] && [[ ! -h "/etc/ssl/fullchain.pem" ]]; then + cp /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/fullchain.pem > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + cert_copied=true + fi +else + echo_skipped +fi + +perm_cert="644" +echononl "Set Permission $perm_cert on file '/etc/ssl/fullchain.pem'.." +if $cert_copied ; then + chmod 644 /etc/ssl/fullchain.pem > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +else + echo_skipped +fi + +if [[ ! -h "/etc/ssl/${FQHN_HOSTNAME}.crt" ]]; then + if [[ -f "/etc/ssl/${FQHN_HOSTNAME}.crt" ]] ; then + echononl "Remove file '/etc/ssl/${FQHN_HOSTNAME}.crt'.." + rm "/etc/ssl/${FQHN_HOSTNAME}.crt" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi + fi + echononl "Set Symlink '/etc/ssl/${FQHN_HOSTNAME}.crt --> fullchain.pem'.." + ln -s fullchain.pem /etc/ssl/${FQHN_HOSTNAME}.crt > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +else + echononl "Set Symlink '/etc/ssl/${FQHN_HOSTNAME}.crt --> fullchain.pem'.." + echo_skipped +fi + +blank_line + +key_copied=false +echononl "Copy Snakeoil Key to file '/etc/ssl/privkey.pem'.." +if [[ ! -f "/etc/ssl/privkey.pem" ]] && [[ ! -h "/etc/ssl/privkey.pem" ]]; then + cp /etc/ssl/private/ssl-cert-snakeoil.key /etc/ssl/privkey.pem > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + key_copied=true + fi +else + echo_skipped +fi + +perm_key="644" +echononl "Set Permission $perm_key on file '/etc/ssl/privkey.pem'.." +if $key_copied ; then + chmod 644 /etc/ssl/privkey.pem > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +else + echo_skipped +fi + +if [[ ! -h "/etc/ssl/${FQHN_HOSTNAME}.key" ]]; then + if [[ -f "/etc/ssl/${FQHN_HOSTNAME}.key" ]] ; then + echononl "Remove file '/etc/ssl/${FQHN_HOSTNAME}.key'.." + rm "/etc/ssl/${FQHN_HOSTNAME}.key" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi + fi + echononl "Set Symlink '/etc/ssl/${FQHN_HOSTNAME}.key --> privkey.pem'.." + ln -s fullchain.pem /etc/ssl/${FQHN_HOSTNAME}.key > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +else + echononl "Set Symlink '/etc/ssl/${FQHN_HOSTNAME}.key --> privkey.pem'.." + echo_skipped +fi + + + +echo +echo -e "\033[37m\033[1mSome naming stuff..\033[m" +echo + +echononl "Change /etc/hostname - set entry to '$FQHN_HOSTNAME'.." +if [[ "$(head -1 /etc/hostname)" != "$FQHN_HOSTNAME" ]]; then + cat < /etc/hostname +$FQHN_HOSTNAME +EOF + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +else + echo_skipped +fi + +blank_line + +echo -e " Take care '/etc/hosts' contains line '127.0.1.1 ${FQHN_HOSTNAME} $HOSTNAME'.." +echononl " \033[1m127.0.1.1 ${FQHN_HOSTNAME} $HOSTNAME\033[m .." +if ! $(grep -q -E "^\s*127.0.1.1 ${FQHN_HOSTNAME} $HOSTNAME" /etc/hosts 2> "$log_file") ; then + if $(grep -q -E "^\s*127.0.1.1" /etc/hosts 2> "$log_file") ; then + perl -i -n -p -e "s/(^\s*127.0.1.1.*)/#\1\n127.0.1.1 ${FQHN_HOSTNAME} $HOSTNAME/" \ + /etc/hosts > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi + elif $(grep -q -E "^\s*127.0.0.1" /etc/hosts 2> "$log_file") ; then + perl -i -n -p -e "s/(^\s*127.0.0.1.*)/\1\n127.0.1.1 ${FQHN_HOSTNAME} $HOSTNAME/" \ + /etc/hosts > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi + else + cat <> /etc/hosts 2> "$log_file" +127.0.1.1 ${FQHN_HOSTNAME} $HOSTNAME +EOF + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi + fi +else + echo_skipped +fi + + + +echo +echo -e "\033[37m\033[1mRepository stuff..\033[m" +echo + + +echononl "Add the '$JITSI_REPOSITORY_VERSION' Jitsi package repository.." +echo "deb https://download.jitsi.org ${JITSI_REPOSITORY_VERSION}/" > /etc/apt/sources.list.d/jitsi-${JITSI_REPOSITORY_VERSION}.list +if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" +else + echo_ok +fi + +if [[ "$JITSI_REPOSITORY_VERSION" = "stable" ]]; then + if [[ -f "/etc/apt/sources.list.d/jitsi-unstable.list" ]]; then + echononl "Remove Repository List for 'unstable' jitsi packages.." + rm "/etc/apt/sources.list.d/jitsi-unstable.list" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi + fi +else + if [[ -f "/etc/apt/sources.list.d/jitsi-stable.list" ]]; then + echononl "Remove Repository List for 'stable' jitsi packages.." + rm "/etc/apt/sources.list.d/jitsi-stable.list" > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi + fi +fi + +echononl "Add the Jitsi Maintainer gpg key.." +wget -qO - https://download.jitsi.org/jitsi-key.gpg.key 2> "$log_file" | sudo apt-key add - > "$log_file" 2>&1 +if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" +else + echo_ok +fi + +echononl "Update Repository.." +apt-get update > "$log_file" 2>&1 +if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" +else + echo_ok +fi + +# Ensure support is available for apt repositories served via HTTPS +# +echononl "Install 'apt-transport-https'.." +if $(dpkg -s apt-transport-https > "$log_file" 2>&1) ; then + echo_skipped +else + apt-get install -y apt-transport-https > "$log_file" 2>&1 + if [[ $? -ne 0 ]]; then + echo_failed + error "$(cat "$log_file")" + else + echo_ok + fi +fi + +info "To ensure, your system is fully prepared for installing Jitsi Meet, it is + recommend to \033[1mreboot the system before installing Jitsi Meet\033[m." + +clean_up 0