install/mattermost
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
940dd66943
mattermost/install-mattermost.sh

2099 lines
54 KiB
Bash
Executable File
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/usr/bin/env bash
script_name="$(basename $(realpath $0))"
working_dir="$(dirname $(realpath $0))"
#conf_file="${working_dir}/conf/${script_name%%.*}.conf"
conf_file="${working_dir}/conf/mattermost.conf"
LOCK_DIR="/tmp/$(basename $0).$$.LOCK"
log_file="${LOCK_DIR}/${script_name%%.*}.log"
backup_date="$(date +%Y-%m-%d-%H%M)"
# ----------
# Base Function(s)
# ----------
clean_up() {
# Perform program exit housekeeping
rm -rf "$LOCK_DIR"
blank_line
exit $1
}
echononl(){
if $terminal ; then
echo X\\c > /tmp/shprompt$$
if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then
echo -e -n " $*\\c" 1>&2
else
echo -e -n " $*" 1>&2
fi
rm /tmp/shprompt$$
fi
}
fatal(){
echo ""
if $terminal ; then
echo -e " [ \033[31m\033[1mFatal\033[m ] $*"
else
echo -e " [ Fatal ] $*"
fi
echo ""
if $terminal ; then
echo -e " \033[1mScript terminated\033[m.."
else
echo -e " Script terminated.."
fi
echo ""
rm -rf $LOCK_DIR
exit 1
}
error (){
echo ""
if $terminal ; then
echo -e " [ \033[31m\033[1mError\033[m ] $*"
else
echo " [ Error ] $*"
fi
echo ""
}
warn (){
echo ""
if $terminal ; then
echo -e " [ \033[33m\033[1mWarning\033[m ] $*"
else
echo " [ Error ] $*"
fi
echo ""
}
info (){
if $terminal ; then
echo ""
if $terminal ; then
echo -e " [ \033[32m\033[1mInfo\033[m ] $*"
else
echo " [ Info ] $*"
fi
echo ""
fi
}
echo_ok() {
if $terminal ; then
echo -e "\033[85G[ \033[32mok\033[m ]"
fi
}
echo_failed(){
if $terminal ; then
echo -e "\033[85G[ \033[1;31mfailed\033[m ]"
fi
}
echo_skipped() {
if $terminal ; then
echo -e "\033[85G[ \033[33m\033[1mskipped\033[m ]"
fi
}
echo_wait(){
if $terminal ; then
echo -en "\033[85G[ \033[5m\033[1m..\033[m ]"
fi
}
trim() {
local var="$*"
var="${var#"${var%%[![:space:]]*}"}" # remove leading whitespace characters
var="${var%"${var##*[![:space:]]}"}" # remove trailing whitespace characters
echo -n "$var"
}
blank_line() {
if $terminal ; then
echo ""
fi
}
detect_os () {
if $(which lsb_release > /dev/null 2>&1) ; then
DIST="$(lsb_release -i | awk '{print tolower($3)}')"
DIST_VERSION="$(lsb_release -r | awk '{print tolower($2)}')"
DIST_CODENAME="$(lsb_release -c | awk '{print tolower($2)}')"
if [[ "$DIST" = "debian" ]]; then
if $(echo "$DIST_VERSION" | grep -q '\.') ; then
DIST_VERSION=$(echo "$DIST_VERSION" | cut --delimiter='.' -f1)
fi
fi
elif [[ -e "/etc/os-release" ]]; then
. /etc/os-release
DIST=$ID
DIST_VERSION=${VERSION_ID}
fi
# remove whitespace from DIST and DIST_VERSION
DIST="${DIST// /}"
DIST_VERSION="${DIST_VERSION// /}"
}
# ----------
# - Jobhandling
# ----------
# - Run 'clean_up' for signals SIGHUP SIGINT SIGTERM
# -
trap clean_up SIGHUP SIGINT SIGTERM
# - Create lock directory '$LOCK_DIR"
#
mkdir "$LOCK_DIR"
# ----------
# - Some checks ..
# ----------
# - Running in a terminal?
# -
if [[ -t 1 ]] ; then
terminal=true
else
fatal "Script must run in a terminal."
fi
# ==========
# - Begin Main Script
# ==========
# ----------
# - Headline
# ----------
if $terminal ; then
echo ""
echo -e "\033[1m----------\033[m"
echo -e "\033[32m\033[1mRunning script \033[m\033[1m$script_name\033[32m .. \033[m"
echo -e "\033[1m----------\033[m"
fi
# ----------
# Read Configurations from $conf_file
# ----------
# - Give your default values here
# -
DEFAULT_FQHN_HOSTNAME="$(hostname -f)"
DEFAULT_MATTERMOST_USER="mattermost"
DEFAULT_DB_NAME="mattermost"
DEFAULT_DB_USER="mattermost"
DEFAULT_DB_TYPE="pgsql"
# generate random password
regexp_digit="([23456789].*){2}"
regexp_special_char="([-_%+].*){2}"
regexp_not_alowed="([0ODl18B])"
LENGTH=16
while [ 1 ] ; do
DEFAULT_DB_PASS="$(head -c 300 /dev/urandom | tr -cd 'a-zA-Z1-9\-_%' | head -c ${LENGTH})"
# - Check Password
# -
if [[ "$DEFAULT_DB_PASS" =~ $regexp_not_alowed ]] ; then
continue
fi
if [[ ! "$DEFAULT_DB_PASS" =~ $regexp_special_char ]] ; then
continue
fi
if [[ ! "$DEFAULT_DB_PASS" =~ $regexp_digit ]] ; then
continue
fi
break
done
echo "$conf_file"
if [[ -f "$conf_file" ]]; then
source "$conf_file"
else
warn "No configuration file '$conf_file' present.\n
Loading default values.."
fi
[[ -n "$FQHN_HOSTNAME" ]] && DEFAULT_FQHN_HOSTNAME="$FQHN_HOSTNAME"
if [[ -n "$DB_TYPE" ]] ; then
if [[ "${DB_TYPE,,}" = "postgres" ]] || [[ "${DB_TYPE,,}" = "postgresql" ]] || [[ "${DB_TYPE,,}" = "pgsql" ]] || [[ "${DB_TYPE,,}" = "psql" ]] ; then
DEFAULT_DB_TYPE=pgsql
elif [[ "${DB_TYPE,,}" = "mysql" ]] ; then
DEFAULT_DB_TYPE=mysql
else
fatal "Wrong or empty Database Type (DB_TYPE) - must be 'mysql' or 'pgsql'."
fi
fi
[[ -n "$DB_NAME" ]] && DEFAULT_DB_NAME="$DB_NAME"
[[ -n "$DB_USER" ]] && DEFAULT_DB_NAME="$DB_USER"
[[ -n "$DB_PASS" ]] && DEFAULT_DB_PASS="$DB_PASS"
[[ -n "$MATTERMOST_USER" ]] && DEFAULT_MATTERMOST_USER="$MATTERMOST_USER"
if [[ -n "$MATTERMOST_GROUP" ]]; then
DEFAULT_MATTERMOST_GROUP="$MATTERMOST_GROUP"
else
DEFAULT_MATTERMOST_GROUP="$DEFAULT_MATTERMOST_USER"
fi
blank_line
echononl "Detect distribution/release of running OS.."
detect_os > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
echo -e "\033[32m--\033[m"
echo ""
echo "Version Number of Mattermost Server to install"
echo ""
echo " see: https://mattermost.com/download/"
echo ""
echo ""
MATTERMOST_VERSION=
while [ "X$MATTERMOST_VERSION" = "X" ]
do
echononl "Mattermost Server Version: "
read MATTERMOST_VERSION
if [ "X$MATTERMOST_VERSION" = "X" ]; then
echo -e "\n\t\033[33m\033[1mA Version number is required!\033[m\n"
fi
done
DOWNLOAD_ARCHIVE="mattermost-${MATTERMOST_VERSION}-linux-amd64.tar.gz"
DOWNLOAD_URL="https://releases.mattermost.com/${MATTERMOST_VERSION}/${DOWNLOAD_ARCHIVE}"
FQHN_HOSTNAME=
echo ""
echo -e "\033[32m--\033[m"
echo ""
echo "Insert full qualified hostname for Mattermost Service"
echo ""
if [[ -n "$DEFAULT_FQHN_HOSTNAME" ]]; then
while [[ "X${FQHN_HOSTNAME}" = "X" ]]; do
echononl "Full qualified hostname [${DEFAULT_FQHN_HOSTNAME}]: "
read FQHN_HOSTNAME
if [[ "X${FQHN_HOSTNAME}" = "X" ]]; then
FQHN_HOSTNAME=$DEFAULT_FQHN_HOSTNAME
fi
if [[ ! $FQHN_HOSTNAME =~ \. ]]; then
echo -e "\n\tGiven Host \033[33m\033[1m$FQHN_HOSTNAME\033[m seems not to be a full qualified hostname.\n"
FQHN_HOSTNAME=""
fi
done
else
while [[ "X${FQHN_HOSTNAME}" = "X" ]]; do
echononl "Full qualified hostname: "
read FQHN_HOSTNAME
if [[ "X${FQHN_HOSTNAME}" = "X" ]]; then
echo -e "\n\t\033[33m\033[1mFull qualified hostname is reqired\033[m\n"
fi
if [[ ! $FQHN_HOSTNAME =~ \. ]]; then
echo -e "\n\tGiven Host \033[33m\033[1m$FQHN_HOSTNAME\033[m seems not to be a full qualified hostname.\n"
FQHN_HOSTNAME=""
fi
done
fi
HOSTNAME="${FQHN_HOSTNAME%%.*}"
echo ""
echo "--"
echo ""
echo "Enter user and group for Mattermost Service."
echo ""
MATTERMOST_USER=
while [ "X$MATTERMOST_USER" = "X" ]
do
echononl "Mattermost user [${DEFAULT_MATTERMOST_USER}]: "
read MATTERMOST_USER
if [ "X$MATTERMOST_USER" = "X" ]; then
MATTERMOST_USER=$DEFAULT_MATTERMOST_USER
fi
done
MATTERMOST_GROUP=
while [ "X$MATTERMOST_GROUP" = "X" ]
do
echononl "Mattermost group [$DEFAULT_MATTERMOST_GROUP]: "
read MATTERMOST_GROUP
if [ "X$MATTERMOST_GROUP" = "X" ]; then
MATTERMOST_GROUP=$DEFAULT_MATTERMOST_GROUP
fi
done
DB_TYPE=""
echo ""
echo -e "\033[32m--\033[m"
echo ""
echo "Choose Database Type"
echo ""
if [[ "$DEFAULT_DB_TYPE" = "mysql" ]]; then
echo -e "\033[3G\033[37m\033[1m[1] MySQL\033[m"
else
echo -e "\033[3G[1] MySQL"
fi
if [[ "$DEFAULT_DB_TYPE" = "pgsql" ]] ; then
echo -e "\033[3G[2] \033[37m\033[1mPostgeSQL\033[m"
else
echo -e "\033[3G[2] PostgeSQL"
fi
echo ""
echo "Type a number or press <RETURN> to choose highlighted value"
echo ""
echononl "Eingabe: "
while [ "$DB_TYPE" != "mysql" -a "$DB_TYPE" != "pgsql" ]; do
read OPTION
case $OPTION in
1)
DB_TYPE="mysql"
;;
2)
DB_TYPE="pgsql"
;;
'') DB_TYPE=$DEFAULT_DB_TYPE
;;
*)
echo ""
echo -e "\033[3GFalsche Eingabe ! [ 1 = MySQL ; 2 = PostgreSQL ] or type <RETURN>"
echo ""
echononl "Eingabe: "
;;
esac
done
DB_NAME=
echo ""
echo -e "\033[32m--\033[m"
echo ""
echo "Enter Database Name used by Mattermost Service"
echo ""
if [[ -n "$DEFAULT_DB_NAME" ]]; then
while [[ "X${DB_NAME}" = "X" ]]; do
echononl "Database Name [${DEFAULT_DB_NAME}]: "
read DB_NAME
if [[ "X${DB_NAME}" = "X" ]]; then
DB_NAME=$DEFAULT_DB_NAME
fi
done
else
while [[ "X${DB_NAME}" = "X" ]]; do
echononl "Database Name: "
read DB_NAME
if [[ "X${DB_NAME}" = "X" ]]; then
echo -e "\n\t\033[33m\033[1m Database Name is reqired\033[m\n"
fi
done
fi
DB_USER=
echo ""
echo -e "\033[32m--\033[m"
echo ""
echo "Enter Database User used by Mattermost Service"
echo ""
if [[ -n "$DEFAULT_DB_USER" ]]; then
while [[ "X${DB_USER}" = "X" ]]; do
echononl "Database User [${DEFAULT_DB_USER}]: "
read DB_USER
if [[ "X${DB_USER}" = "X" ]]; then
DB_USER=$DEFAULT_DB_USER
fi
done
else
while [[ "X${DB_USER}" = "X" ]]; do
echononl "Database User: "
read DB_USER
if [[ "X${DB_USER}" = "X" ]]; then
echo -e "\n\t\033[33m\033[1m Database User is reqired\033[m\n"
fi
done
fi
DB_PASS=
echo ""
echo -e "\033[32m--\033[m"
echo ""
echo "Enter Database Password used by Mattermost Service"
echo ""
if [[ -n "$DEFAULT_DB_PASS" ]]; then
while [[ "X${DB_PASS}" = "X" ]]; do
echononl "Database Password [${DEFAULT_DB_PASS}]: "
read DB_PASS
if [[ "X${DB_PASS}" = "X" ]]; then
DB_PASS=$DEFAULT_DB_PASS
fi
done
else
while [[ "X${DB_PASS}" = "X" ]]; do
echononl "Database Password: "
read DB_PASS
if [[ "X${DB_PASS}" = "X" ]]; then
echo -e "\n\t\033[33m\033[1m Database Password is reqired\033[m\n"
fi
done
fi
if [[ "$DB_TYPE" = "mysql" ]] ; then
if [[ -n "$MYSQL_CREDENTIAL_ARGS" ]] ; then
if ! $(mysql $MYSQL_CREDENTIAL_ARGS -N -s -e 'quit' > /dev/null 2>&1) ; then
fatal "Parameter MYSQL_CREDENTIAL_ARGS is given, but a connection to MySQL Service failed.!"
fi
USE_MYSQL_CREDENTIAL_ARGS=true
else
USE_MYSQL_CREDENTIAL_ARGS=false
_MYSQL_ROOT_PW=""
echo ""
echo -e "\033[32m--\033[m"
echo ""
echo "Insert root password of MySQL Database Service"
echo ""
while [ "X${_MYSQL_ROOT_PW}" = "X" ]; do
echononl "Passworteingabe: "
read -s _MYSQL_ROOT_PW
if [ "X${_MYSQL_ROOT_PW}" = "X" ]; then
echo -e "\n\t\033[33m\033[1mPassworteingabe erforderlich!\033[m\n"
continue
fi
if $(pgrep mysqld_safe > /dev/null 2>&1) || $(pgrep mysqld > /dev/null 2>&1); then
if $(mysql --user="root" --password="$_MYSQL_ROOT_PW" -N -s -e 'quit' > /dev/null 2>&1) ; then
MYSQL_ROOT_PW=$_MYSQL_ROOT_PW
else
echo -e "\n\t\033[33m\033[1mFalsches Passwort\033[m\n"
_MYSQL_ROOT_PW=""
fi
else
fatal "MySQL seems not be running. Start MySQL Service and try installing mattermost again."
fi
done
fi
fi
echo ""
echo ""
echo -e "\t\033[32mStart install script for Mattermost Server with the following parameters\033[m"
echo ""
echo -e "\tMattermost Server Version: \033[33m\033[1m$MATTERMOST_VERSION\033[m"
echo ""
echo -e "\tFull qualified Hostname..: $FQHN_HOSTNAME"
echo -e "\tHostname.................: $HOSTNAME"
echo ""
echo -e "\tMattermost user..........: $MATTERMOST_USER"
echo -e "\tMattermost group.........: $MATTERMOST_GROUP"
echo ""
echo ""
if [[ "${DB_TYPE}" = "pgsql" ]] ; then
echo -e "\tDatabase Type............: PostgreSQL"
else
echo -e "\tDatabase Type............: MySQL"
fi
echo ""
if [[ "${DB_TYPE}" = "mysql" ]]; then
if $USE_MYSQL_CREDENTIAL_ARGS ; then
echo -e "\tMYSQL_CREDENTIAL_ARGS....: $MYSQL_CREDENTIAL_ARGS"
else
echo -e "\tRoot password MySQL......: **"
fi
echo ""
fi
echo -e "\tDatabase Name............: $DB_NAME"
echo -e "\tDatabase User............: $DB_USER"
echo -e "\tDatabase Password........: $DB_PASS"
echo ""
echononl "einverstanden (yes/no): "
read OK
OK=${OK,,}
while [ "X$OK" != "Xyes" -a "X$OK" != "Xno" ]; do
echononl "Wrong entry! [yes/no]: "
read OK
OK=${OK,,}
done
[ $OK = "yes" ] || fatal Repeat with other settings..
echo ""
echo ""
if ! $USE_MYSQL_CREDENTIAL_ARGS ; then
MYSQL_CREDENTIAL_ARGS="--user='root' --password=$_MYSQL_ROOT_PW"
if ! $(mysql $MYSQL_CREDENTIAL_ARGS -N -s -e 'quit' > /dev/null 2>&1) ; then
fatal "Parameter MYSQL_CREDENTIAL_ARGS is given, but a connection to MySQL Service failed.!"
fi
fi
echo
echo -e "\033[37m\033[1mSome checks....\033[m"
echo
_failed=false
echononl "Check if Nginx Webservice is installed.."
if $(dpkg -s nginx-extras > "$log_file" 2>&1) ; then
nginx_installed=true
elif $(dpkg -s nginx-full > "$log_file" 2>&1) ; then
nginx_installed=true
else
nginx_installed=false
fi
if $nginx_installed ; then
echo -e "\033[85G[ \033[32mYES\033[m ]"
else
echo -e "\033[85G[ \033[1;31mNOT installed\033[m ]"
echo ""
echononl "\033[1mcontinue anyway\033[m [yes/no]: "
read OK
while [[ "${OK,,}" != "yes" ]] && [[ "${OK,,}" != "no" ]] ; do
echononl "Wrong entry! - repeat [yes/nno]: "
read OK
done
[[ $OK = "yes" ]] || fatal "Abbruch durch User"
fi
_failed=false
if [[ "${DB_TYPE}" = "mysql" ]]; then
echononl "Check if MySQL Database Service is installed.."
if $(dpkg -s mysql-server > "$log_file" 2>&1) ; then
mysql_server_installed=true
else
mysql_server_installed=false
fi
if $mysql_server_installed ; then
echo -e "\033[85G[ \033[32mYES\033[m ]"
else
echo -e "\033[85G[ \033[1;31mNOT installed\033[m ]"
echo ""
echononl "\033[1mcontinue anyway\033[m [yes/no]: "
read OK
while [[ "${OK,,}" != "yes" ]] && [[ "${OK,,}" != "no" ]] ; do
echononl "Wrong entry! - repeat [yes/nno]: "
read OK
done
[[ $OK = "yes" ]] || fatal "Abbruch durch User"
fi
else
echononl "Check if PostgreSQL Database Service is installed.."
if $(dpkg -s postgresql > "$log_file" 2>&1) ; then
postgresql_server_installed=true
else
postgresql_server_installed=false
fi
if $postgresql_server_installed ; then
echo -e "\033[85G[ \033[32mYES\033[m ]"
else
echo -e "\033[85G[ \033[1;31mNOT installed\033[m ]"
echo ""
echononl "\033[1mcontinue anyway\033[m [yes/no]: "
read OK
while [[ "${OK,,}" != "yes" ]] && [[ "${OK,,}" != "no" ]] ; do
echononl "Wrong entry! - repeat [yes/nno]: "
read OK
done
[[ $OK = "yes" ]] || fatal "Abbruch durch User"
fi
fi
_failed=false
echononl "Check if certificate for '$FQHN_HOSTNAME' is present.."
if [[ -d "/var/lib/dehydrated/certs/${FQHN_HOSTNAME}" ]] ; then
if [[ -h "/var/lib/dehydrated/certs/${FQHN_HOSTNAME}/fullchain.pem" ]]; then
cert_present=true
else
cert_present=false
fi
else
cert_present=false
fi
if $cert_present ; then
echo -e "\033[85G[ \033[32mYES\033[m ]"
else
echo -e "\033[85G[ \033[1;31mNOT present\033[m ]"
fi
if ! $nginx_installed || ! $mysql_server_installed ; then
if ! $cert_present ; then
fatal "Prerequisites are a correct installation of the NGINX Web Service as well
as a correct installation of the MySQL database service.
It's also highly recommended to have a valid certificate for your
FQHN Hostname '${FQHN_HOSTNAME}'."
else
fatal "Prerequisites are a correct installation of the NGINX Web Service as well
as a correct installation of the MySQL database service."
fi
elif ! $cert_present ; then
warn "It is highly recommended to have a valid certificate for your FQHN Hostname '${FQHN_HOSTNAME}'."
echononl "\033[1mcontinue anyway\033[m [yes/no]: "
read OK
OK="$(echo "$OK" | tr '[:upper:]' '[:lower:]')"
while [[ "$OK" != "yes" ]] && [[ "$OK" != "no" ]] ; do
echononl "Wrong entry! - repeat [yes/nno]: "
read OK
done
[[ $OK = "yes" ]] || fatal "Abbruch durch User"
fi
echo
echo -e "\033[37m\033[1mSome pre-installation stuff..\033[m"
echo
echononl "Stop Mattermost Service.."
if $(systemctl is-active --quiet service mattermost.service) ; then
systemctl stop mattermost.service > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echo_skipped
fi
blank_line
if [[ "${DB_TYPE}" = "mysql" ]] ; then
echononl "Create MySQL Database User '${DB_USER}' with Password '${DB_PASS}'.."
if [[ "$(mysql $MYSQL_CREDENTIAL_ARGS -N -s -e \
"SELECT EXISTS(SELECT 1 FROM mysql.user WHERE user = '$DB_USER')" 2>/dev/null)" = 1 ]]; then
echo_skipped
else
mysql $MYSQL_CREDENTIAL_ARGS -N -s -e \
"CREATE USER '$DB_USER'@'localhost' IDENTIFIED BY '${DB_PASS}'" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
echononl "Create MySQL Database '${DB_NAME}'.."
if [[ "$(mysql $MYSQL_CREDENTIAL_ARGS -N -s -e \
"SHOW DATABASES LIKE '${DB_NAME}'" 2>/dev/null)" = "${DB_NAME}" ]]; then
echo_skipped
else
mysql $MYSQL_CREDENTIAL_ARGS -N -s -e "CREATE DATABASE ${DB_NAME}" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
echononl "Grant access privileges to the user '${DB_USER}'."
mysql $MYSQL_CREDENTIAL_ARGS -N -s -e \
"GRANT ALL PRIVILEGES ON ${DB_NAME}.* to '${DB_USER}'@'localhost';" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
echononl "FLUSH PRIVILEGES to dadabase engine .."
mysql $MYSQL_CREDENTIAL_ARGS -N -s -e \
"FLUSH PRIVILEGES" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
# Check if PostgreSQL database '$DB_NAME' exists ..
#
count=$(su - postgres -c "psql -q -A -t -l" | grep -c -e "^$DB_NAME")
if [[ $count -eq 0 ]];then
database_exists=false
else
database_exists=true
fi
# sudo -u postgres psql -c "CREATE DATABASE ${DB_NAME};" > $log_file 2>&1
# sudo -u postgres psql -c "CREATE USER ${DB_USER} WITH PASSWORD '${DB_PASS}';" > $log_file 2>&1
# sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE ${DB_NAME} to ${DB_USER};" > $log_file 2>&1
# sudo -u postgres psql -c "ALTER DATABASE ${DB_NAME} OWNER TO ${DB_USER};" > $log_file 2>&1
# sudo -u postgres psql -c "GRANT USAGE, CREATE ON SCHEMA PUBLIC TO ${DB_USER};" > $log_file 2>&1
echononl "Create PostgreSQL database '${DB_NAME}'.."
if $database_exists ; then
echo_skipped
else
sudo -u postgres psql -c "CREATE DATABASE ${DB_NAME};" > $log_file 2>&1
if [[ $? -ne 0 ]] ; then
echo_failed
error "$(cat "$log_file")"
echo ""
echononl "\033[1mcontinue anyway\033[m [yes/no]: "
read OK
while [[ "${OK,,}" != "yes" ]] && [[ "${OK,,}" != "no" ]] ; do
echononl "Wrong entry! - repeat [yes/nno]: "
read OK
done
[[ $OK = "yes" ]] || fatal "Abbruch durch User"
else
echo_ok
fi
fi
echononl "Create PostgreSQL database user ${DB_USER}.."
if $database_exists ; then
echo_skipped
else
sudo -u postgres psql -c "CREATE USER ${DB_USER} WITH PASSWORD '${DB_PASS}';" > $log_file 2>&1
if [[ $? -ne 0 ]] ; then
echo_failed
error "$(cat "$log_file")"
echo ""
echononl "\033[1mcontinue anyway\033[m [yes/no]: "
read OK
while [[ "${OK,,}" != "yes" ]] && [[ "${OK,,}" != "no" ]] ; do
echononl "Wrong entry! - repeat [yes/nno]: "
read OK
done
[[ $OK = "yes" ]] || fatal "Abbruch durch User"
else
echo_ok
fi
fi
echononl "Grant the user access to the Mattermost database.."
if $database_exists ; then
echo_skipped
else
sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE ${DB_NAME} to ${DB_USER};" > $log_file 2>&1
if [[ $? -ne 0 ]] ; then
echo_failed
error "$(cat "$log_file")"
echo ""
echononl "\033[1mcontinue anyway\033[m [yes/no]: "
read OK
while [[ "${OK,,}" != "yes" ]] && [[ "${OK,,}" != "no" ]] ; do
echononl "Wrong entry! - repeat [yes/nno]: "
read OK
done
[[ $OK = "yes" ]] || fatal "Abbruch durch User"
else
echo_ok
fi
fi
echononl "Change the owner of database '${DB_NAME}' to '${DB_USER}'.."
if $database_exists ; then
echo_skipped
else
sudo -u postgres psql -c "ALTER DATABASE ${DB_NAME} OWNER TO ${DB_USER};" > $log_file 2>&1
if [[ $? -ne 0 ]] ; then
echo_failed
error "$(cat "$log_file")"
echo ""
echononl "\033[1mcontinue anyway\033[m [yes/no]: "
read OK
while [[ "${OK,,}" != "yes" ]] && [[ "${OK,,}" != "no" ]] ; do
echononl "Wrong entry! - repeat [yes/nno]: "
read OK
done
[[ $OK = "yes" ]] || fatal "Abbruch durch User"
else
echo_ok
fi
fi
echononl "Grant access to objects contained in the specified schema.."
if $database_exists ; then
echo_skipped
else
sudo -u postgres psql -c "GRANT USAGE, CREATE ON SCHEMA PUBLIC TO ${DB_USER};" > $log_file 2>&1
if [[ $? -ne 0 ]] ; then
echo_failed
error "$(cat "$log_file")"
echo ""
echononl "\033[1mcontinue anyway\033[m [yes/no]: "
read OK
while [[ "${OK,,}" != "yes" ]] && [[ "${OK,,}" != "no" ]] ; do
echononl "Wrong entry! - repeat [yes/nno]: "
read OK
done
[[ $OK = "yes" ]] || fatal "Abbruch durch User"
else
echo_ok
fi
fi
fi
echo
echo -e "\033[37m\033[1mInstalling Mattermost Server..\033[m"
echo
echononl "Create the Mattermost (system) group.."
if cat /etc/group | grep -e "^${MATTERMOST_GROUP}:" > /dev/null 2>&1 ; then
echo_skipped
else
groupadd -r $MATTERMOST_GROUP > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
echononl "Create the Mattermost (system) user.."
if id -u $MATTERMOST_USER > /dev/null 2>&1; then
echo_skipped
else
useradd -r -M -d /opt/mattermost -s /bin/false -g $MATTERMOST_GROUP $MATTERMOST_USER > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
echononl "Download the latest version (${MATTERMOST_VERSION}) of the Mattermost Server.."
if [[ ! -f "${working_dir}/mattermost-${MATTERMOST_VERSION}-linux-amd64.tar.gz" ]]; then
wget -O "${working_dir}/${DOWNLOAD_ARCHIVE}" "${DOWNLOAD_URL}" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echo_skipped
fi
echononl "Backup Mattermost Installation directory.."
if [[ -d "/opt/mattermost" ]]; then
cp -a "/opt/mattermost" "/opt/mattermost.${backup_date}" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echo_skipped
fi
echononl "Extract the Mattermost Server files.."
tar -C /opt -xvzf "${working_dir}/${DOWNLOAD_ARCHIVE}" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
echononl "Set ownbership of installation directors '/opt/mattermost'.."
chown -R ${MATTERMOST_USER}:${MATTERMOST_GROUP} /opt/mattermost > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
echononl "Give write permissions to the mattermost group.."
chmod -R g+w /opt/mattermost> "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
echononl "Backup file '/opt/mattermost/config/config.json'.."
if [[ ! -f "/opt/mattermost/config/config.json.ORIG" ]]; then
cp -a /opt/mattermost/config/config.json /opt/mattermost/config/config.json.ORIG > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echo_skipped
fi
echo
echo -e "\033[37m\033[1mConfigure Mattermost - file '/opt/mattermost/config/config.json'..\033[m"
echo
echononl "Set up 'SqlSettings'.."
if [[ "${DB_TYPE}" = "mysql" ]] ; then
if ! $(grep -q -E "^\s*\"DriverName\":\s+mysql" /opt/mattermost/config/config.json 2> "$log_file") ; then
_found=false
:> ${LOCK_DIR}/config.json
:> $log_file
while IFS='' read -r _line || [[ -n $_line ]] ; do
if $_found && echo "$_line" | grep -iq -E "^\s*\"DriverName\":" 2> /dev/null ; then
cat <<EOF >> ${LOCK_DIR}/config.json 2> "$log_file"
"DriverName": "mysql",
EOF
elif $_found && echo "$_line" | grep -iq -E "^\s*\"DataSource\":" 2> /dev/null ; then
cat <<EOF >> ${LOCK_DIR}/config.json 2> "$log_file"
"DataSource": "${DB_USER}:${DB_PASS}@tcp(localhost:3306)/${DB_NAME}?charset=utf8mb4,utf8\\u0026readTimeout=30s\\u0026writeTimeout=30s",
EOF
else
echo "$_line" >> ${LOCK_DIR}/config.json 2> "$log_file"
fi
if ! $_found && echo "$_line" | grep -iq -E "^\s*\"SqlSettings\"" 2> /dev/null ; then
_found=true
fi
if $_found && echo "$_line" | grep -iq -E "^\s*\}," 2> /dev/null ; then
_found=false
fi
done < "/opt/mattermost/config/config.json"
cp -a "${LOCK_DIR}/config.json" /opt/mattermost/config/config.json >> "$log_file" 2>&1
if [[ -s "$log_file" ]] ; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echo_skipped
fi
else
if ! $(grep -q -E "^\s*\"DriverName\":\s+postgres" /opt/mattermost/config/config.json 2> "$log_file") ; then
_found=false
:> ${LOCK_DIR}/config.json
:> $log_file
while IFS='' read -r _line || [[ -n $_line ]] ; do
if $_found && echo "$_line" | grep -iq -E "^\s*\"DriverName\":" 2> /dev/null ; then
cat <<EOF >> ${LOCK_DIR}/config.json 2> "$log_file"
"DriverName": "postgres",
EOF
elif $_found && echo "$_line" | grep -iq -E "^\s*\"DataSource\":" 2> /dev/null ; then
cat <<EOF >> ${LOCK_DIR}/config.json 2> "$log_file"
"DataSource": "postgres://${DB_USER}:${DB_PASS}@localhost:5432/${DB_NAME}?sslmode=disable\\u0026connect_timeout=10",
EOF
else
echo "$_line" >> ${LOCK_DIR}/config.json 2> "$log_file"
fi
if ! $_found && echo "$_line" | grep -iq -E "^\s*\"SqlSettings\"" 2> /dev/null ; then
_found=true
fi
if $_found && echo "$_line" | grep -iq -E "^\s*\}," 2> /dev/null ; then
_found=false
fi
done < "/opt/mattermost/config/config.json"
cp -a "${LOCK_DIR}/config.json" /opt/mattermost/config/config.json >> "$log_file" 2>&1
if [[ -s "$log_file" ]] ; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echo_skipped
fi
:
fi
echononl "Set up 'ServiceSettings'.."
if ! $(grep -q -E "^\s*\"SiteURL\":\s+\"https://${FQHN_HOSTNAME}\"" /opt/mattermost/config/config.json 2> "$log_file") ; then
_found=false
:> ${LOCK_DIR}/config.json
:> $log_file
while IFS='' read -r _line || [[ -n $_line ]] ; do
if $_found && echo "$_line" | grep -iq -E "^\s*\"SiteURL\":" 2> /dev/null ; then
cat <<EOF >> ${LOCK_DIR}/config.json 2> "$log_file"
"SiteURL": "https://${FQHN_HOSTNAME}",
EOF
elif $_found && echo "$_line" | grep -iq -E "^\s*\"ListenAddress\":" 2> /dev/null ; then
cat <<EOF >> ${LOCK_DIR}/config.json 2> "$log_file"
"ListenAddress": "127.0.0.1:8065",
EOF
else
echo "$_line" >> ${LOCK_DIR}/config.json 2> "$log_file"
fi
if ! $_found && echo "$_line" | grep -iq -E "^\s*\"ServiceSettings\"" 2> /dev/null ; then
_found=true
fi
if $_found && echo "$_line" | grep -iq -E "^\s*\}," 2> /dev/null ; then
_found=false
fi
done < "/opt/mattermost/config/config.json"
cp -a "${LOCK_DIR}/config.json" /opt/mattermost/config/config.json >> "$log_file" 2>&1
if [[ -s "$log_file" ]] ; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echo_skipped
fi
echononl "Reset ownbership of '/opt/mattermost/config/config.json'.."
chown ${MATTERMOST_USER}:${MATTERMOST_GROUP} /opt/mattermost/config/config.json > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
echo
echo -e "\033[37m\033[1mSetup Mattermost to use systemd for starting and stopping..\033[m"
echo
echononl "Create a systemd unit file.."
if [[ "${DB_TYPE}" = "mysql" ]] ; then
cat <<EOF > /etc/systemd/system//mattermost.service 2>"$log_file"
[Unit]
Description=Mattermost
After=network.target
After=mysql.service
Requires=mysql.service
[Service]
Type=notify
ExecStart=/opt/mattermost/bin/mattermost
TimeoutStartSec=3600
KillMode=mixed
Restart=always
RestartSec=10
WorkingDirectory=/opt/mattermost
User=$MATTERMOST_USER
Group=$MATTERMOST_GROUP
LimitNOFILE=524288
[Install]
WantedBy=multi-user.target
EOF
if [[ -s "$log_file" ]] ; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
cat <<EOF > /etc/systemd/system//mattermost.service 2>"$log_file"
[Unit]
Description=Mattermost
After=network.target
[Service]
Type=notify
ExecStart=/opt/mattermost/bin/mattermost
TimeoutStartSec=3600
KillMode=mixed
Restart=always
RestartSec=10
WorkingDirectory=/opt/mattermost
User=mattermost
Group=mattermost
LimitNOFILE=49152
[Install]
WantedBy=multi-user.target
EOF
if [[ -s "$log_file" ]] ; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
echononl "Make systemd load the new unit.."
systemctl daemon-reload > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
echononl "Set Mattermost Service to start on machine start up.."
systemctl enable mattermost.service > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
blank_line
echononl "Start Mattermost Service"
systemctl start mattermost.service > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
echo ""
echo -e "\033[37m\033[1mConfiguring NGINX with SSL and HTTP/2..\033[m"
echo ""
echononl "Backup existing NGINX configuration.."
if [[ -f "/etc/nginx/sites-available/${FQHN_HOSTNAME}.conf" ]] ; then
cp -a "/etc/nginx/sites-available/${FQHN_HOSTNAME}.conf" \
"/etc/nginx/sites-available/${FQHN_HOSTNAME}.conf.${backup_date}" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echo_skipped
fi
echononl "NGINX virtual host configuration for '${FQHN_HOSTNAME}'.."
cat <<EOF > "/etc/nginx/sites-available/${FQHN_HOSTNAME}.conf" 2> "$log_file"
# -- ${FQHN_HOSTNAME} --
upstream mm_backend {
server 127.0.0.1:8065;
keepalive 32;
}
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=mattermost_cache:10m max_size=3g inactive=120m use_temp_path=off;
server {
listen 80;
listen [::]:80;
server_name ${FQHN_HOSTNAME};
return 301 https://\$server_name\$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ${FQHN_HOSTNAME};
http2_push_preload on; # Enable HTTP/2 Server Push
# Include location directive for Let's Encrypt ACME Challenge
#
# Needed for (automated) updating certificate
#
include snippets/letsencrypt-acme-challenge.conf;
ssl on;
ssl_certificate /var/lib/dehydrated/certs/${FQHN_HOSTNAME}/fullchain.pem;
ssl_certificate_key /var/lib/dehydrated/certs/${FQHN_HOSTNAME}/privkey.pem;
ssl_trusted_certificate /var/lib/dehydrated/certs/${FQHN_HOSTNAME}/chain.pem;
# Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
#
# To generate a dhparam.pem file, run in a terminal
# openssl dhparam -dsaparam -out /etc/nginx/ssl/dhparam.pem 2048
#
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
# Enable TLS versions (TLSv1.3 is required upcoming HTTP/3 QUIC).
ssl_protocols TLSv1.2 TLSv1.3;
# Enable TLSv1.3's 0-RTT. Use \$ssl_early_data when reverse proxying to
# prevent replay attacks.
#
# @see: https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_early_data
ssl_early_data on;
# ECDHE better than DHE (faster) ECDHE & DHE GCM better than CBC (attacks on AES)
# Everything better than SHA1 (deprecated)
#
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_prefer_server_ciphers on;
# Eable session resumption to improve https performance
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 10m;
ssl_session_tickets off;
# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
#
add_header Strict-Transport-Security max-age=15768000;
# OCSP Stapling ---
# fetch OCSP records from URL in ssl_certificate and cache them
ssl_stapling on;
ssl_stapling_verify on;
add_header X-Early-Data \$tls1_3_early_data;
location ~ /api/v[0-9]+/(users/)?websocket\$ {
proxy_set_header Upgrade \$http_upgrade;
proxy_set_header Connection "upgrade";
client_max_body_size 50M;
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_buffers 256 16k;
proxy_buffer_size 16k;
client_body_timeout 60;
send_timeout 300s;
lingering_timeout 5;
proxy_connect_timeout 90s;
proxy_send_timeout 300s;
proxy_read_timeout 90s;
proxy_http_version 1.1;
proxy_pass http://mm_backend;
}
location / {
client_max_body_size 100M;
proxy_set_header Connection "";
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_buffers 256 16k;
proxy_buffer_size 16k;
proxy_read_timeout 600s;
proxy_cache mattermost_cache;
proxy_cache_revalidate on;
proxy_cache_min_uses 2;
proxy_cache_use_stale timeout;
proxy_cache_lock on;
proxy_http_version 1.1;
proxy_pass http://mm_backend;
}
}
# This block is useful for debugging TLS v1.3. Please feel free to remove this
# and use the '\$ssl_early_data' variable exposed by NGINX directly should you
# wish to do so.
map \$ssl_early_data \$tls1_3_early_data {
"~." \$ssl_early_data;
default "";
}
EOF
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
echononl "Enable created configuration.."
if [[ ! -h "/etc/nginx/sites-enabled/${FQHN_HOSTNAME}.conf" ]]; then
ln -s "../sites-available/${FQHN_HOSTNAME}.conf" \
"/etc/nginx/sites-enabled/${FQHN_HOSTNAME}.conf" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echo_skipped
fi
echononl "Restart NGINX Service.."
systemctl restart nginx > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
echo ""
echo -e "\033[37m\033[1mSome post-installation stuff..\033[m"
echo ""
echononl "Create/Update configuration file '$(basename "$conf_file")'"
if [[ -f "$conf_file" ]] ; then
echo_skipped
else
cp -a "${conf_file}.sample" "$conf_file" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
_key="FQHN_HOSTNAME"
_val="$FQHN_HOSTNAME"
echononl "Update Parameter '$_key'.."
if $(grep -q -E "^\s*$_key=\"?$_val\"?\s*$" "$conf_file" 2> /dev/null) ; then
echo_skipped
elif $(grep -q -E "^\s*$_key=" "$conf_file" 2> /dev/null) ; then
perl -i -n -p -e "s/^\s*$_key=.*/${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
elif $(grep -q -E "^\s*#\s*${_key}" "$conf_file" 2> /dev/null) ; then
perl -i -n -p -e "s/^(\s*\#\s*$_key=.*)/\1\n${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
cat <<EOF >> "$conf_file" 2> "$log_file"
${_key}=${_val}
EOF
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
_key="MATTERMOST_USER"
_val="$MATTERMOST_USER"
echononl "Update Parameter '$_key'.."
if $(grep -q -E "^\s*$_key=\"?$_val\"?\s*$" "$conf_file" 2> /dev/null) ; then
echo_skipped
elif $(grep -q -E "^\s*$_key=" "$conf_file" 2> /dev/null) ; then
perl -i -n -p -e "s/^\s*$_key=.*/${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
elif $(grep -q -E "^\s*#\s*${_key}" "$conf_file" 2> /dev/null) ; then
perl -i -n -p -e "s/^(\s*\#\s*$_key=.*)/\1\n${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
cat <<EOF >> "$conf_file" 2> "$log_file"
${_key}=${_val}
EOF
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
_key="MATTERMOST_GROUP"
_val="$MATTERMOST_GROUP"
echononl "Update Parameter '$_key'.."
if $(grep -q -E "^\s*$_key=\"?$_val\"?\s*$" "$conf_file" 2> /dev/null) ; then
echo_skipped
elif $(grep -q -E "^\s*$_key=" "$conf_file" 2> /dev/null) ; then
perl -i -n -p -e "s/^\s*$_key=.*/${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
elif $(grep -q -E "^\s*#\s*${_key}" "$conf_file" 2> /dev/null) ; then
perl -i -n -p -e "s/^(\s*\#\s*$_key=.*)/\1\n${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
cat <<EOF >> "$conf_file" 2> "$log_file"
${_key}=${_val}
EOF
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
_key="DB_TYPE"
_val="$DB_TYPE"
echononl "Update Parameter '$_key'.."
if $(grep -q -E "^\s*$_key=\"?$_val\"?\s*$" "$conf_file" 2> /dev/null) ; then
echo_skipped
elif $(grep -q -E "^\s*$_key=" "$conf_file" 2> /dev/null) ; then
perl -i -n -p -e "s/^\s*$_key=.*/${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
elif $(grep -q -E "^\s*#\s*${_key}" "$conf_file" 2> /dev/null) ; then
perl -i -n -p -e "s/^(\s*\#\s*$_key=.*)/\1\n${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
cat <<EOF >> "$conf_file" 2> "$log_file"
${_key}=${_val}
EOF
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
_key="DB_NAME"
_val="$DB_NAME"
echononl "Update Parameter '$_key'.."
if $(grep -q -E "^\s*$_key=\"?$_val\"?\s*$" "$conf_file" 2> /dev/null) ; then
echo_skipped
elif $(grep -q -E "^\s*$_key=" "$conf_file" 2> /dev/null) ; then
perl -i -n -p -e "s/^\s*$_key=.*/${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
elif $(grep -q -E "^\s*#\s*${_key}" "$conf_file" 2> /dev/null) ; then
perl -i -n -p -e "s/^(\s*\#\s*$_key=.*)/\1\n${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
cat <<EOF >> "$conf_file" 2> "$log_file"
${_key}=${_val}
EOF
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
_key="DB_USER"
_val="$DB_USER"
echononl "Update Parameter '$_key'.."
if $(grep -q -E "^\s*$_key=\"?$_val\"?\s*$" "$conf_file" 2> /dev/null) ; then
echo_skipped
elif $(grep -q -E "^\s*$_key=" "$conf_file" 2> /dev/null) ; then
perl -i -n -p -e "s/^\s*$_key=.*/${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
elif $(grep -q -E "^\s*#\s*${_key}" "$conf_file" 2> /dev/null) ; then
perl -i -n -p -e "s/^(\s*\#\s*$_key=.*)/\1\n${_key}=\"${_val}\"/" "$conf_file" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
cat <<EOF >> "$conf_file" 2> "$log_file"
${_key}=${_val}
EOF
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
_key="DB_PASS"
_val="$DB_PASS"
echononl "Update Parameter '$_key'.."
if $(grep -q -E "^\s*$_key=\"?$_val\"?\s*$" "$conf_file" 2> /dev/null) ; then
echo_skipped
elif $(grep -q -E "^\s*$_key=" "$conf_file" 2> /dev/null) ; then
perl -i -n -p -e "s§^\s*$_key=.*§${_key}=\"${_val}\"§" "$conf_file" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
elif $(grep -q -E "^\s*#\s*${_key}" "$conf_file" 2> /dev/null) ; then
perl -i -n -p -e "s&^(\s*\#\s*$_key=.*)&\1\n${_key}=\"${_val}\"&" "$conf_file" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
cat <<EOF >> "$conf_file" 2> "$log_file"
${_key}="${_val}"
EOF
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
clean_up 0
echo
echo -e "\033[37m\033[1mUpdate file '/etc/systemd/system.conf'....\033[m"
echo
echononl "Set Parameter 'DefaultLimitNOFILE'.."
if ! $(grep -q -E "^\s*DefaultLimitNOFILE=" /etc/systemd/system.conf 2> /dev/null); then
perl -i -n -p -e "s/^(\s*#DefaultLimitNOFILE=.*)/\1\nDefaultLimitNOFILE=1048576/" \
/etc/systemd/system.conf > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
elif ! $(grep -q -E "^\s*DefaultLimitNOFILE=1048576" /etc/systemd/system.conf 2> /dev/null); then
perl -i -n -p -e "s/^\s*DefaultLimitNOFILE=.*/DefaultLimitNOFILE=1048576/" \
/etc/systemd/system.conf > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echo_skipped
fi
echononl "Set Parameter 'DefaultLimitNPROC'.."
if ! $(grep -q -E "^\s*DefaultLimitNPROC=" /etc/systemd/system.conf 2> /dev/null); then
perl -i -n -p -e "s/^(\s*#DefaultLimitNPROC=.*)/\1\nDefaultLimitNPROC=1048576/" \
/etc/systemd/system.conf > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
elif ! $(grep -q -E "^\s*DefaultLimitNPROC=1048576" /etc/systemd/system.conf 2> /dev/null); then
perl -i -n -p -e "s/^\s*DefaultLimitNPROC=.*/DefaultLimitNPROC=1048576/" \
/etc/systemd/system.conf > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echo_skipped
fi
echononl "Set Parameter 'DefaultTasksMax'.."
if ! $(grep -q -E "^\s*DefaultTasksMax=" /etc/systemd/system.conf 2> /dev/null); then
perl -i -n -p -e "s/^(\s*#DefaultTasksMax=.*)/\1\nDefaultTasksMax=1048576/" \
/etc/systemd/system.conf > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
elif ! $(grep -q -E "^\s*DefaultTasksMax=1048576" /etc/systemd/system.conf 2> /dev/null); then
perl -i -n -p -e "s/^\s*DefaultTasksMax=.*/DefaultTasksMax=1048576/" \
/etc/systemd/system.conf > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echo_skipped
fi
echononl "Set Parameter 'DefaultLimitRTPRIO'.."
if ! $(grep -q -E "^\s*DefaultLimitRTPRIO=" /etc/systemd/system.conf 2> /dev/null); then
perl -i -n -p -e "s/^(\s*#DefaultLimitRTPRIO=.*)/\1\nDefaultLimitRTPRIO=infinity/" \
/etc/systemd/system.conf > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
elif ! $(grep -q -E "^\s*DefaultLimitRTPRIO=infinity" /etc/systemd/system.conf 2> /dev/null); then
perl -i -n -p -e "s/^\s*DefaultLimitRTPRIO=.*/DefaultLimitRTPRIO=infinity/" \
/etc/systemd/system.conf > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echo_skipped
fi
echononl "Set Parameter 'DefaultLimitRTTIME'.."
if ! $(grep -q -E "^\s*DefaultLimitRTTIME=" /etc/systemd/system.conf 2> /dev/null); then
perl -i -n -p -e "s/^(\s*#DefaultLimitRTTIME=.*)/\1\nDefaultLimitRTTIME=infinity/" \
/etc/systemd/system.conf > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
elif ! $(grep -q -E "^\s*DefaultLimitRTTIME=infinity" /etc/systemd/system.conf 2> /dev/null); then
perl -i -n -p -e "s/^\s*DefaultLimitRTTIME=.*/DefaultLimitRTTIME=infinity/" \
/etc/systemd/system.conf > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echo_skipped
fi
_failed=false
echononl "Set Parameter 'DefaultLimitCORE'.."
if ! $(grep -q -E "^\s*DefaultLimitCORE=" /etc/systemd/system.conf 2> /dev/null); then
perl -i -n -p -e "s/^(\s*#DefaultLimitCORE=.*)/\1\nDefaultLimitCORE=infinity/" \
/etc/systemd/system.conf > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
elif ! $(grep -q -E "^\s*DefaultLimitCORE=infinity" /etc/systemd/system.conf 2> /dev/null); then
perl -i -n -p -e "s/^\s*DefaultLimitCORE=.*/DefaultLimitCORE=infinity/" \
/etc/systemd/system.conf > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echo_skipped
fi
echononl "Reload Systemd .."
systemctl daemon-reload > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
echo
echo -e "\033[37m\033[1mSome Certifikation/Key stuff..\033[m"
echo
cert_copied=false
echononl "Copy Snakeoil Cert to file '/etc/ssl/fullchain.pem'.."
if [[ ! -f "/etc/ssl/fullchain.pem" ]] && [[ ! -h "/etc/ssl/fullchain.pem" ]]; then
cp /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/fullchain.pem > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
cert_copied=true
fi
else
echo_skipped
fi
perm_cert="644"
echononl "Set Permission $perm_cert on file '/etc/ssl/fullchain.pem'.."
if $cert_copied ; then
chmod 644 /etc/ssl/fullchain.pem > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echo_skipped
fi
if [[ ! -h "/etc/ssl/${FQHN_HOSTNAME}.crt" ]]; then
if [[ -f "/etc/ssl/${FQHN_HOSTNAME}.crt" ]] ; then
echononl "Remove file '/etc/ssl/${FQHN_HOSTNAME}.crt'.."
rm "/etc/ssl/${FQHN_HOSTNAME}.crt" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
echononl "Set Symlink '/etc/ssl/${FQHN_HOSTNAME}.crt --> fullchain.pem'.."
ln -s fullchain.pem /etc/ssl/${FQHN_HOSTNAME}.crt > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echononl "Set Symlink '/etc/ssl/${FQHN_HOSTNAME}.crt --> fullchain.pem'.."
echo_skipped
fi
blank_line
key_copied=false
echononl "Copy Snakeoil Key to file '/etc/ssl/privkey.pem'.."
if [[ ! -f "/etc/ssl/privkey.pem" ]] && [[ ! -h "/etc/ssl/privkey.pem" ]]; then
cp /etc/ssl/private/ssl-cert-snakeoil.key /etc/ssl/privkey.pem > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
key_copied=true
fi
else
echo_skipped
fi
perm_key="644"
echononl "Set Permission $perm_key on file '/etc/ssl/privkey.pem'.."
if $key_copied ; then
chmod 644 /etc/ssl/privkey.pem > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echo_skipped
fi
if [[ ! -h "/etc/ssl/${FQHN_HOSTNAME}.key" ]]; then
if [[ -f "/etc/ssl/${FQHN_HOSTNAME}.key" ]] ; then
echononl "Remove file '/etc/ssl/${FQHN_HOSTNAME}.key'.."
rm "/etc/ssl/${FQHN_HOSTNAME}.key" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
echononl "Set Symlink '/etc/ssl/${FQHN_HOSTNAME}.key --> privkey.pem'.."
ln -s fullchain.pem /etc/ssl/${FQHN_HOSTNAME}.key > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echononl "Set Symlink '/etc/ssl/${FQHN_HOSTNAME}.key --> privkey.pem'.."
echo_skipped
fi
echo
echo -e "\033[37m\033[1mSome naming stuff..\033[m"
echo
echononl "Change /etc/hostname - set entry to '$FQHN_HOSTNAME'.."
if [[ "$(head -1 /etc/hostname)" != "$FQHN_HOSTNAME" ]]; then
cat <<EOF > /etc/hostname
$FQHN_HOSTNAME
EOF
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
echo_skipped
fi
blank_line
echo -e " Take care '/etc/hosts' contains line '127.0.1.1 ${FQHN_HOSTNAME} $HOSTNAME'.."
echononl " \033[1m127.0.1.1 ${FQHN_HOSTNAME} $HOSTNAME\033[m .."
if ! $(grep -q -E "^\s*127.0.1.1 ${FQHN_HOSTNAME} $HOSTNAME" /etc/hosts 2> "$log_file") ; then
if $(grep -q -E "^\s*127.0.1.1" /etc/hosts 2> "$log_file") ; then
perl -i -n -p -e "s/(^\s*127.0.1.1.*)/#\1\n127.0.1.1 ${FQHN_HOSTNAME} $HOSTNAME/" \
/etc/hosts > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
elif $(grep -q -E "^\s*127.0.0.1" /etc/hosts 2> "$log_file") ; then
perl -i -n -p -e "s/(^\s*127.0.0.1.*)/\1\n127.0.1.1 ${FQHN_HOSTNAME} $HOSTNAME/" \
/etc/hosts > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
else
cat <<EOF >> /etc/hosts 2> "$log_file"
127.0.1.1 ${FQHN_HOSTNAME} $HOSTNAME
EOF
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
else
echo_skipped
fi
echo
echo -e "\033[37m\033[1mRepository stuff..\033[m"
echo
echononl "Add the '$JITSI_REPOSITORY_VERSION' Jitsi package repository.."
echo "deb https://download.jitsi.org ${JITSI_REPOSITORY_VERSION}/" > /etc/apt/sources.list.d/jitsi-${JITSI_REPOSITORY_VERSION}.list
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
if [[ "$JITSI_REPOSITORY_VERSION" = "stable" ]]; then
if [[ -f "/etc/apt/sources.list.d/jitsi-unstable.list" ]]; then
echononl "Remove Repository List for 'unstable' jitsi packages.."
rm "/etc/apt/sources.list.d/jitsi-unstable.list" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
else
if [[ -f "/etc/apt/sources.list.d/jitsi-stable.list" ]]; then
echononl "Remove Repository List for 'stable' jitsi packages.."
rm "/etc/apt/sources.list.d/jitsi-stable.list" > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
fi
echononl "Add the Jitsi Maintainer gpg key.."
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key 2> "$log_file" | sudo apt-key add - > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
echononl "Update Repository.."
apt-get update > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
# Ensure support is available for apt repositories served via HTTPS
#
echononl "Install 'apt-transport-https'.."
if $(dpkg -s apt-transport-https > "$log_file" 2>&1) ; then
echo_skipped
else
apt-get install -y apt-transport-https > "$log_file" 2>&1
if [[ $? -ne 0 ]]; then
echo_failed
error "$(cat "$log_file")"
else
echo_ok
fi
fi
info "To ensure, your system is fully prepared for installing Jitsi Meet, it is
recommend to \033[1mreboot the system before installing Jitsi Meet\033[m."
clean_up 0
Reference in New Issue View Git Blame Copy Permalink