This repository was archived by the owner on Mar 11, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsetup.sh
More file actions
242 lines (232 loc) · 10.9 KB
/
setup.sh
File metadata and controls
242 lines (232 loc) · 10.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
#!/usr/bin/bash
# Copyright (C) 2020 iDigitalFlame
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published
# by the Free Software Foundation, either version 3 of the License, or
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
#
VERBOSE=0
SCOREBOT_BRANCH=""
SCOREBOT_VERSION="v3.3"
SCOREBOT_DIR="/opt/scorebot"
SCOREBOT_URL="https://github.com/iDigitalFlame/scorebot-core"
SYSCONFIG_DIR="/opt/sysconfig"
SYSCONFIG_URL="https://github.com/iDigitalFlame/scorebot-sysconfig"
if [ $# -ge 1 ] && ([ "$1" == "-v" ] || [ "$2" == "-v" ]); then
VERBOSE=1
fi
log() {
if [ $# -ne 1 ]; then
return 0
fi
printf "[+] $1\n"
}
run() {
if [ $# -ne 1 ]; then
return 0
fi
if [ $VERBOSE -eq 1 ]; then
printf "[V] Running \"$1\"\n"
fi
bash -c "$1; exit \$?"
if [ $? -ne 0 ]; then
printf "[!] Command \"$1\" did not exit with zero, quitting!\n"
exit 1
fi
return 1
}
setup() {
log "Updating system.."
run "pacman -Syy" 1> /dev/null
run "pacman -Syu --noconfirm --noprogressbar"
log "Installing required packages.."
run "pacman -S git net-tools pacman-contrib --noconfirm --noprogressbar"
log "Downloading sysconfig base from github.."
if [ -d "$SYSCONFIG_DIR" ]; then
mv "$SYSCONFIG_DIR" "${SYSCONFIG_DIR}.old"
fi
run "git clone \"$SYSCONFIG_URL\" \"$SYSCONFIG_DIR\""
if [ -d "${SYSCONFIG_DIR}.old/etc/systemd/network" ]; then
mkdir -p "${SYSCONFIG_DIR}/etc/systemd/network"
cp ${SYSCONFIG_DIR}.old/etc/systemd/network/* "${SYSCONFIG_DIR}/etc/systemd/network/" 2> /dev/null
fi
if [ -d "${SYSCONFIG_DIR}.old/etc/udev/rules.d" ]; then
mkdir -p "${SYSCONFIG_DIR}/etc/udev/rules.d"
cp ${SYSCONFIG_DIR}.old/etc/udev/rules.d/* "${SYSCONFIG_DIR}/etc/udev/rules.d/" 2> /dev/null
fi
run "rm -rf \"${SYSCONFIG_DIR}/.git\""
printf "SYSCONFIG=${SYSCONFIG_DIR}\n" > "/etc/sysconfig.conf"
chmod 444 "/etc/sysconfig.conf"
log "Initilizing sysconfig.."
run "rm /etc/hostname" 2> /dev/null
run "touch /etc/hostname"
run "chmod 555 ${SYSCONFIG_DIR}/bin/relink"
run "chmod 555 ${SYSCONFIG_DIR}/bin/syslink"
run "bash \"${SYSCONFIG_DIR}/bin/relink\" \"${SYSCONFIG_DIR}\" / " 1> /dev/null
run "bash \"${SYSCONFIG_DIR}/bin/syslink\"" 1> /dev/null
run "syslink" 1> /dev/null
log "Enabling required services.."
run "systemctl enable sshd.service" 2> /dev/null
run "systemctl enable fstrim.timer" 2> /dev/null
run "systemctl enable checkupdates.timer" 2> /dev/null
run "systemctl enable checkupdates.service" 2> /dev/null
run "systemctl enable reflector.timer" 2> /dev/null
run "systemctl enable reflector.service" 2> /dev/null
run "locale-gen" 1> /dev/null
log "Finished basic setup.."
}
setup_db() {
db_root_pw=""
db_scorebot_pw=""
db_scorebot_ip=""
while [ -z "$db_root_pw" ] || [ -z "$db_scorebot_pw" ] || [ -z "$db_scorebot_ip" ]; do
printf "MySQL root password? "
read db_root_pw
printf "MySQL scorebot password? "
read db_scorebot_pw
printf "Scorebot API IP Address? "
read db_scorebot_ip
done
log "Scorebot IP is \"$db_scorebot_ip\", this can be changed in the \"/etc/hosts\" file.."
printf "scorebot-database" > "${SYSCONFIG_DIR}/etc/hostname"
printf "$db_scorebot_ip\tscorebot-core\n" >> "${SYSCONFIG_DIR}/etc/hosts"
log "Installing database dependencies.."
run "pacman -S mariadb --noconfirm --noprogressbar"
log "Installing inital database.."
run "mysql_install_db --basedir=/usr --ldata=/var/lib/mysql --user=mysql" 1> /dev/null
run "systemctl enable mariadb" 2> /dev/null
run "systemctl start mariadb"
log "Securing database.."
run "mysql -u root -e \"DELETE FROM mysql.user WHERE User='';\""
run "mysql -u root -e \"DELETE FROM mysql.user WHERE User='mysql';\""
run "mysql -u root -e \"DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');\""
run "mysql -u root -e \"DROP DATABASE IF EXISTS test;\""
run "mysql -u root -e \"DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';\""
run "mysql -u root -e \"FLUSH PRIVILEGES;\""
run "mysql -u root -e \"CREATE DATABASE scorebot_db;\""
run "mysql -u root -e \"GRANT ALL ON scorebot_db.* TO 'scorebot'@'scorebot-core' IDENTIFIED BY '$db_scorebot_pw';\""
run "mysql -u root -e \"UPDATE mysql.global_priv SET priv=json_set(priv, '$.plugin', 'mysql_native_password', '$.authentication_string', PASSWORD('$db_root_pw')) WHERE User='root';\""
run "systemctl restart mariadb"
log "Database setup complete, please configure the core component to use the supplied password!"
}
setup_core() {
core_db_pw=""
core_db_ip=""
core_django_pw=""
while [ -z "$core_db_pw" ] || [ -z "$core_django_pw" ] || [ -z "$core_db_ip "]; do
printf "Django root password? "
read core_django_pw
printf "MySQL scorebot password? "
read core_db_pw
printf "MySQL Server IP Address? "
read core_db_ip
done
printf "scorebot-core" > "${SYSCONFIG_DIR}/etc/hostname"
printf "$core_db_ip\tscorebot-database\n" >> "${SYSCONFIG_DIR}/etc/hosts"
log "MySQL Server IP is \"$core_db_ip\", this can be changed in the \"/etc/hosts\" file.."
log "Installing core dependencies.."
run "pacman -S apache mod_wsgi python python-pip python-virtualenv python-django gcc mariadb-clients python-mysqlclient --noconfirm --noprogressbar"
run "mkdir -p \"${SCOREBOT_DIR}/versions\""
log "Building virtual env.."
run "virtualenv --always-copy \"${SCOREBOT_DIR}/python\"" 1> /dev/null
run "git clone \"$SCOREBOT_URL\" \"${SCOREBOT_DIR}/versions/${SCOREBOT_VERSION}\""
if ! [ -z "$SCOREBOT_BRANCH" ]; then
run "cd \"${SCOREBOT_DIR}/versions/${SCOREBOT_VERSION}\"; git checkout $SCOREBOT_BRANCH"
fi
run "ln -s \"${SCOREBOT_DIR}/versions/${SCOREBOT_VERSION}\" \"${SCOREBOT_DIR}/current\"" 1> /dev/null
log "Installing PIP requirements.."
run "source \"${SCOREBOT_DIR}/python/bin/activate\"; cd \"${SCOREBOT_DIR}/current\"; unset PIP_USER; pip install -r requirements.txt" 1> /dev/null
run "sed -ie 's/\"PASSWORD\": \"password\",/\"PASSWORD\": \"$core_db_pw\",/g' \"${SCOREBOT_DIR}/current/scorebot/settings.py\""
run "rm ${SCOREBOT_DIR}/current/scorebot/*e"
log "Attempting to push migrations to database server \"$core_db_ip\".."
run "source \"${SCOREBOT_DIR}/python/bin/activate\"; cd \"${SCOREBOT_DIR}/current\"; env SBE_SQLLITE=0 python manage.py makemigrations scorebot_grid scorebot_core scorebot_game" 1> /dev/null
run "source \"${SCOREBOT_DIR}/python/bin/activate\"; cd \"${SCOREBOT_DIR}/current\"; env SBE_SQLLITE=0 python manage.py migrate" 1> /dev/null
run "source \"${SCOREBOT_DIR}/python/bin/activate\"; cd \"${SCOREBOT_DIR}/current\"; env SBE_SQLLITE=0 python manage.py shell -c \"from django.contrib.auth.models import User; User.objects.create_superuser('root', '', '$core_django_pw')\""
log "Created Django admin account \"root\" with supplied password!"
run "ln -s \"${SYSCONFIG_DIR}/etc/httpd/conf/roles/core.conf\" \"/etc/httpd/conf/scorebot-role.conf\"" 1> /dev/null
run "ln -s /usr/lib/python3.*/site-packages/django/contrib/admin/static/admin \"${SCOREBOT_DIR}/current/scorebot_static/admin\"" 1> /dev/null
run "chown root:http -R \"${SCOREBOT_DIR}\""
run "chmod 550 -R \"${SCOREBOT_DIR}/current\""
run "mkdir -p \"${SCOREBOT_DIR}/current/scorebot_media\""
run "chown http:http \"${SCOREBOT_DIR}/current/scorebot_media\""
run "chmod 775 \"${SCOREBOT_DIR}/current/scorebot_media\""
printf '[Unit]\nDescription = Scorebot Daemon\nAfter = syslog.target httpd.service\n' > "${SYSCONFIG_DIR}/etc/systemd/system/scorebot.service"
printf 'Wants = network-online.target httpd.service\n\n' >> "${SYSCONFIG_DIR}/etc/systemd/system/scorebot.service"
printf '[Service]\nType = simple\nUser = http\nGroup = http\n' >> "${SYSCONFIG_DIR}/etc/systemd/system/scorebot.service"
printf 'ExecStart = /usr/bin/bash -c "source $PYDIR/bin/activate; python3 $SCOREBOT/daemon.py"\nKillSignal = SIGINT\n' >> "${SYSCONFIG_DIR}/etc/systemd/system/scorebot.service"
printf "Environment = \"PYDIR=${SCOREBOT_DIR}/python\"\nEnvironment = \"SCOREBOT=${SCOREBOT_DIR}/current\"\n" >> "${SYSCONFIG_DIR}/etc/system/systemd/scorebot.service"
printf 'ProtectHome = true\nProtectSystem = true\n\n[Install]\nWantedBy = multi-user.target\n' >> "${SYSCONFIG_DIR}/etc/systemd/system/scorebot.service"
run "rm -rf /tmp/scorebot3"
run "systemctl enable httpd.service" 2> /dev/null
run "systemctl enable scorebot.service" 2> /dev/null
run "systemctl start httpd.service"
run "systemctl start scorebot.service"
log "Core setup complete!"
}
setup_proxy() {
proxy_scorebot_ip=""
while [ -z "$proxy_scorebot_ip" ]; do
printf "Scorebot API IP Address? "
read proxy_scorebot_ip
done
printf "scorebot-proxy" > "${SYSCONFIG_DIR}/etc/hostname"
printf "$proxy_scorebot_ip\tscorebot-core\n" >> "${SYSCONFIG_DIR}/etc/hosts"
log "Scorebot IP is \"$proxy_scorebot_ip\", this can be changed in the \"/etc/hosts\" file.."
log "Installing proxy dependencies.."
run "pacman -S apache --noconfirm --noprogressbar"
log "Enabling and starting Apache proxy..."
run "ln -s \"${SYSCONFIG_DIR}/etc/httpd/conf/roles/proxy.conf\" \"/etc/httpd/conf/scorebot-role.conf\"" 1> /dev/null
run "sed -ie 's/LoadModule wsgi_module/# LoadModule wsgi_module/g' \"/etc/httpd/conf/httpd.conf\""
run "systemctl enable httpd.service" 2> /dev/null
run "systemctl start httpd.service"
log "Proxy setup complete, please ensure to configure the core component!"
}
log "Scorebot Setup v2.5"
log "iDigitalFlame, The Scorebot Project 2019"
if [ $# -eq 1 ] && [ $1 != "-v" ]; then
sbe_role=$1
fi
if [ $# -eq 2 ]; then
if [ $1 != "-v" ]; then
sbe_role=$1
fi
if [ $2 != "-v" ]; then
sbe_role=$2
fi
fi
if [ -z "$sbe_role" ]; then
log "Select the role for this server.."
printf "[?] Roles:\n\t1: Core\n\t2: DB\n\t3: Proxy\nChoice [1-3]: "
read sbe_role
fi
case $sbe_role in
1)
setup
setup_core
;;
2)
setup
setup_db
;;
3)
setup
setup_proxy
;;
*)
log "Invalid role selected! Please try again..\nGoodbye"
exit 255
;;
esac
log "Finilizing with a syslink.."
run "syslink" 1> /dev/null
log "Done\nHave Fun!"
exit 0