Context Navigation

source: installer/opengnsys_installer.sh @ 9f4584f

Visit:

configure-oglivelgromero-new-oglivemainmaint-cronmount-efivarfsmultivmmultivm-ogboot-installerogClonningEngineogboot-installer-jenkinsoglive-ipv6test-python-scriptsticket-301ticket-50ticket-50-oldticket-577ticket-585ticket-611ticket-612ticket-693ticket-700ubu24tplunification2use-local-agent-oglivevarios-instalacion

Last change on this file since 9f4584f was 9f4584f, checked in by Natalia Serrano <natalia.serrano@…>, 19 months ago
Install new TLS certs or use those provided by the user
Property mode set to `100755`
File size: 70.5 KB

Line
1	#!/bin/bash
2
3	#####################################################################
4	####### Script instalador OpenGnsys
5	####### Autor: Luis Guillén <lguillen@unizar.es>
6	#####################################################################
7
8
9	#####################################################################
10	####### Funciones de configuración
11	#####################################################################
12
13	# Devuelve en la variable PASSWORD la clave introducida por el usuario (o la indicada por defecto)
14	function enterPassword ()
15	{
16	local PASSWORD2
17	local DEFAULT_PASSWORD="$1"
18
19	while : ; do
20	stty -echo
21	read -r PASSWORD
22	stty echo
23	if [ -z "$PASSWORD" ]; then
24	# Si esta vacio ponemos el valor por defecto
25	PASSWORD="${PASSWORD:-$DEFAULT_PASSWORD}"
26	break
27	else
28	if [ -n "${PASSWORD//[a-zA-Z0-9]/}" ]; then # Comprobamos que sea un valor alfanumerico
29	echo -e "\\aERROR: Password must be alphanumeric, try again..."
30	else
31	echo -n -e "\\nConfirm password: "
32	stty -echo
33	read -r PASSWORD2
34	stty echo
35	if [ "$PASSWORD" == "$PASSWORD2" ]; then
36	break
37	else
38	echo -e "\\aERROR: Passwords don't match, try again."
39	fi
40	fi
41	fi
42	echo -n -e "Please, enter a new password (${DEFAULT_PASSWORD}): "
43	done
44	}
45
46	# Recoge los datos de configuración introducidos por el usuario.
47	function userData ()
48	{
49	#### AVISO: Puede editar configuración de acceso por defecto.
50	#### WARNING: Edit default access configuration if you wish.
51	DEFAULT_MYSQL_ROOT_PASSWORD="passwordroot" # Clave por defecto root de MySQL
52	DEFAULT_OPENGNSYS_DB_USER="usuog" # Usuario por defecto de acceso a la base de datos
53	DEFAULT_OPENGNSYS_DB_PASSWD="passusuog" # Clave por defecto de acceso a la base de datos
54	DEFAULT_OPENGNSYS_CLIENT_PASSWD="og" # Clave por defecto de acceso del cliente
55	DEFAULT_OGLIVE="ogLive-focal-5.11.0-22-generic-amd64-r20210413.992ebb9.iso" # Cliente ogLive
56
57	echo -e "\\nOpenGnsys Installation"
58	echo "=============================="
59
60	if [[ $- =~ s ]]; then
61	echo -e "\\nNot interactive mode: setting default configuration values.\\n"
62	MYSQL_ROOT_PASSWORD="$DEFAULT_MYSQL_ROOT_PASSWORD"
63	OPENGNSYS_DB_USER="$DEFAULT_OPENGNSYS_DB_USER"
64	OPENGNSYS_DB_PASSWD="$DEFAULT_OPENGNSYS_DB_PASSWD"
65	OPENGNSYS_CLIENT_PASSWD="$DEFAULT_OPENGNSYS_CLIENT_PASSWD"
66	OGLIVE="$DEFAULT_OGLIVE"
67	return
68	fi
69
70	# Clave root de MySQL
71	echo -n -e "\\nEnter root password for MySQL (${DEFAULT_MYSQL_ROOT_PASSWORD}): "
72	enterPassword "$DEFAULT_MYSQL_ROOT_PASSWORD"
73	MYSQL_ROOT_PASSWORD="$PASSWORD"
74
75	# Usuario de acceso a la base de datos
76	while : ; do
77	echo -n -e "\\n\\nEnter username for OpenGnsys console (${DEFAULT_OPENGNSYS_DB_USER}): "
78	read -r OPENGNSYS_DB_USER
79	if [ -n "${OPENGNSYS_DB_USER//[a-zA-Z0-9]/}" ]; then # Comprobamos que sea un valor alfanumerico
80	echo -e "\\aERROR: Must be alphanumeric, try again..."
81	else
82	# Si esta vacio ponemos el valor por defecto
83	OPENGNSYS_DB_USER="${OPENGNSYS_DB_USER:-$DEFAULT_OPENGNSYS_DB_USER}"
84	break
85	fi
86	done
87
88	# Clave de acceso a la base de datos
89	echo -n -e "\\nEnter password for OpenGnsys console (${DEFAULT_OPENGNSYS_DB_PASSWD}): "
90	enterPassword "$DEFAULT_OPENGNSYS_DB_PASSWD"
91	OPENGNSYS_DB_PASSWD="$PASSWORD"
92
93	# Clave de acceso del cliente
94	echo -n -e "\\n\\nEnter root password for OpenGnsys client (${DEFAULT_OPENGNSYS_CLIENT_PASSWD}): "
95	enterPassword "$DEFAULT_OPENGNSYS_CLIENT_PASSWD"
96	OPENGNSYS_CLIENT_PASSWD="$PASSWORD"
97	unset PASSWORD
98
99	# Selección de clientes ogLive para descargar.
100	while : ; do
101	echo -e "\\n\\nChoose ogLive client to install."
102	echo -e "1) Kernel 5.11, 64-bit, EFI-compatible"
103	echo -e "2) Kernel 3.2, 32-bit"
104	echo -e "3) Both"
105	echo -n -e "Please, type a valid number (1): "
106	read -r OPT
107	case "$OPT" in
108	1\|"") OGLIVE="$DEFAULT_OGLIVE"
109	break ;;
110	2) OGLIVE="ogLive-precise-3.2.0-23-generic-r5159.iso"
111	break ;;
112	3) OGLIVE=" $DEFAULT_OGLIVE ogLive-precise-3.2.0-23-generic-r5159.iso";
113	break ;;
114	*) echo -e "\\aERROR: unknown option, try again."
115	esac
116	done
117
118	echo -e "\\n=============================="
119	}
120
121	# Asigna valores globales de configuración para el script.
122	function globalSetup ()
123	{
124	PROGRAMDIR=$(readlink -e "$(dirname "$0")")
125	PROGRAMNAME=$(basename "$0")
126
127	# Comprobar si se ha descargado el paquete comprimido (REMOTE=0) o sólo el instalador (REMOTE=1).
128	OPENGNSYS_SERVER="opengnsys.es"
129	DOWNLOADURL="https://$OPENGNSYS_SERVER/trac/downloads"
130	if [ -d "$PROGRAMDIR/../installer" ]; then
131	REMOTE=0
132	else
133	REMOTE=1
134	fi
135	BRANCH="main"
136	CODE_URL="https://codeload.github.com/opengnsys/OpenGnsys/zip/$BRANCH"
137	API_URL="https://api.github.com/repos/opengnsys/OpenGnsys"
138
139	# Directorios de instalación y destino de OpenGnsys.
140	WORKDIR=/tmp/opengnsys_installer
141	INSTALL_TARGET=/opt/opengnsys
142	PATH=$PATH:$INSTALL_TARGET/bin
143
144	# Registro de incidencias.
145	OGLOGFILE=$INSTALL_TARGET/log/${PROGRAMNAME%.sh}.log
146	LOG_FILE=/tmp/$(basename $OGLOGFILE)
147
148	# Usuario del cliente para acceso remoto.
149	OPENGNSYS_CLIENT_USER="opengnsys"
150	# Nombre de la base datos y fichero SQL para su creación.
151	OPENGNSYS_DATABASE="ogAdmBD"
152	OPENGNSYS_DB_CREATION_FILE=opengnsys/admin/Database/${OPENGNSYS_DATABASE}.sql
153	}
154
155	# Generar variables de configuración del instalador
156	# Variables globales:
157	# - OSDISTRIB, OSVERSION - tipo y versión de la distribución GNU/Linux
158	# - DEPENDENCIES - array de dependencias que deben estar instaladas
159	# - UPDATEPKGLIST, INSTALLPKGS, CHECKPKGS - comandos para gestión de paquetes
160	# - INSTALLEXTRADEPS - instalar dependencias no incluidas en la distribución
161	# - STARTSERVICE, ENABLESERVICE - iniciar y habilitar un servicio
162	# - STOPSERVICE, DISABLESERVICE - parar y deshabilitar un servicio
163	# - APACHESERV, APACHECFGDIR, APACHESITESDIR, APACHEUSER, APACHEGROUP - servicio y configuración de Apache
164	# - APACHEENABLEMODS, APACHEENABLESSL, APACHEMAKECERT - habilitar módulos y certificado SSL
165	# - APACHEENABLEOG, APACHEOGSITE, - habilitar sitio web de OpenGnsys
166	# - PHPFPMSERV - servicio PHP FastCGI Process Manager para Apache
167	# - INETDSERV - servicio Inetd
168	# - DHCPSERV, DHCPCFGDIR - servicio y configuración de DHCP
169	# - MYSQLSERV, TMPMYCNF - servicio MySQL y fichero temporal con credenciales de acceso
170	# - MARIADBSERV - servicio MariaDB (sustituto de MySQL en algunas distribuciones)
171	# - RSYNCSERV, RSYNCCFGDIR - servicio y configuración de Rsync
172	# - SAMBASERV, SAMBACFGDIR - servicio y configuración de Samba
173	# - TFTPSERV, TFTPCFGDIR - servicio y configuración de TFTP/PXE
174	function autoConfigure()
175	{
176	# Detectar sistema operativo del servidor (compatible con fichero os-release y con LSB).
177	if [ -f /etc/os-release ]; then
178	source /etc/os-release
179	OSDISTRIB="$ID"
180	OSVERSION="$VERSION_ID"
181	else
182	OSDISTRIB=$(lsb_release -is 2>/dev/null)
183	OSVERSION=$(lsb_release -rs 2>/dev/null)
184	fi
185	# Convertir distribución a minúsculas y obtener solo el 1er número de versión.
186	OSDISTRIB="${OSDISTRIB,,}"
187	OSVERSION="${OSVERSION%%.*}"
188
189	# Configuración según la distribución GNU/Linux (usar minúsculas).
190	case "$OSDISTRIB" in
191	ubuntu\|debian\|linuxmint)
192	DEPENDENCIES=( subversion apache2 php php-ldap php-fpm mysql-server php-mysql isc-dhcp-server bittorrent tftp-hpa tftpd-hpa xinetd build-essential g++-multilib libmysqlclient-dev wget curl doxygen graphviz bittornado ctorrent samba rsync unzip netpipes debootstrap schroot squashfs-tools btrfs-tools procps arp-scan realpath php-curl gettext moreutils jq wakeonlan udpcast libev-dev libjansson-dev libssl-dev shim-signed grub-efi-amd64-signed gawk libdbi-dev libdbi1 libdbd-mysql liblz4-tool stunnel4 )
193	UPDATEPKGLIST="apt-get update"
194	INSTALLPKG="apt-get -y install --force-yes"
195	CHECKPKG="dpkg -s \$package 2>/dev/null \| grep Status \| grep -qw install"
196	if which service &>/dev/null; then
197	STARTSERVICE="eval service \$service restart"
198	STOPSERVICE="eval service \$service stop"
199	else
200	STARTSERVICE="eval /etc/init.d/\$service restart"
201	STOPSERVICE="eval /etc/init.d/\$service stop"
202	fi
203	ENABLESERVICE="eval update-rc.d \$service defaults"
204	DISABLESERVICE="eval update-rc.d \$service disable"
205	APACHESERV=apache2
206	APACHECFGDIR=/etc/apache2
207	APACHESITESDIR=sites-available
208	APACHEOGSITE=opengnsys
209	APACHEUSER="www-data"
210	APACHEGROUP="www-data"
211	APACHEENABLEMODS="a2enmod ssl rewrite proxy_fcgi fastcgi actions alias"
212	APACHEENABLESSL="a2ensite default-ssl"
213	APACHEENABLEOG="a2ensite $APACHEOGSITE"
214	APACHEMAKECERT="make-ssl-cert generate-default-snakeoil --force-overwrite"
215	DHCPSERV=isc-dhcp-server
216	DHCPCFGDIR=/etc/dhcp
217	INETDSERV=xinetd
218	INETDCFGDIR=/etc/xinetd.d
219	MYSQLSERV=mysql
220	MYSQLCFGDIR=/etc/mysql/mysql.conf.d
221	MARIADBSERV=mariadb
222	PHPFPMSERV=php-fpm
223	RSYNCSERV=rsync
224	RSYNCCFGDIR=/etc
225	SAMBASERV=smbd
226	SAMBACFGDIR=/etc/samba
227	TFTPCFGDIR=/var/lib/tftpboot
228	LOCAL_CERTS_DIR=/usr/local/share/ca-certificates
229	UPDATE_CA_CMD=update-ca-certificates
230	STUNNEL_CAPATH=/etc/ssl/certs
231	;;
232	fedora\|centos)
233	DEPENDENCIES=( subversion httpd mod_ssl php-ldap php-fpm mysql-server mysql-devel mysql-devel.i686 php-mysql dhcp tftp-server tftp xinetd binutils gcc gcc-c++ glibc-devel glibc-devel.i686 glibc-static glibc-static.i686 libstdc++-devel.i686 make wget curl doxygen graphviz ctorrent samba samba-client rsync unzip debootstrap schroot squashfs-tools python-crypto arp-scan procps-ng gettext moreutils jq net-tools udpcast libev-devel jansson-devel openssl-devel shim-x64 grub2-efi-x64 grub2-efi-x64-modules gawk libdbi-devel libdbi libdbi-dbd-mysql http://ftp.altlinux.org/pub/distributions/ALTLinux/5.1/branch/$(arch)/RPMS.classic/netpipes-4.2-alt1.$(arch).rpm )
234	[ "$OSDISTRIB" == "centos" ] && UPDATEPKGLIST="yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-$OSVERSION.noarch.rpm http://rpms.remirepo.net/enterprise/remi-release-$OSVERSION.rpm"
235	INSTALLEXTRADEPS=( 'pushd /tmp; wget -t3 http://ftp.acc.umu.se/mirror/bittornado/BitTornado-0.3.18.tar.gz && tar xvzf BitTornado-0.3.18.tar.gz && cd BitTornado-CVS && python setup.py install && ln -fs btlaunchmany.py /usr/bin/btlaunchmany && ln -fs bttrack.py /usr/bin/bttrack; popd' )
236	INSTALLPKG="yum install -y libstdc++ libstdc++.i686"
237	CHECKPKG="rpm -q --quiet \$package"
238	SYSTEMD=$(which systemctl 2>/dev/null)
239	if [ -n "$SYSTEMD" ]; then
240	STARTSERVICE="eval systemctl start \$service.service"
241	STOPSERVICE="eval systemctl stop \$service.service"
242	ENABLESERVICE="eval systemctl enable \$service.service"
243	DISABLESERVICE="eval systemctl disable \$service.service"
244	else
245	STARTSERVICE="eval service \$service start"
246	STOPSERVICE="eval service \$service stop"
247	ENABLESERVICE="eval chkconfig \$service on"
248	DISABLESERVICE="eval chkconfig \$service off"
249	fi
250	APACHESERV=httpd
251	APACHECFGDIR=/etc/httpd/conf.d
252	APACHEOGSITE=opengnsys.conf
253	APACHEUSER="apache"
254	APACHEGROUP="apache"
255	APACHEREWRITEMOD="sed -i '/rewrite/s/^#//' $APACHECFGDIR/../*.conf"
256	DHCPSERV=dhcpd
257	DHCPCFGDIR=/etc/dhcp
258	INETDSERV=xinetd
259	INETDCFGDIR=/etc/xinetd.d
260	MYSQLSERV=mysqld
261	MYSQLCFGDIR=/etc/my.cnf.d
262	MARIADBSERV=mariadb
263	PHPFPMSERV=php-fpm
264	RSYNCSERV=rsync
265	RSYNCCFGDIR=/etc
266	SAMBASERV=smb
267	SAMBACFGDIR=/etc/samba
268	TFTPSERV=tftp
269	TFTPCFGDIR=/var/lib/tftpboot
270	LOCAL_CERTS_DIR=/etc/pki/ca-trust/source/anchors
271	UPDATE_CA_CMD=update-ca-trust
272	STUNNEL_CAPATH=/etc/pki/tls/certs
273	;;
274	"") echo "ERROR: Unknown Linux distribution, please install \"lsb_release\" command."
275	exit 1 ;;
276	*) echo "ERROR: Distribution not supported by OpenGnsys."
277	exit 1 ;;
278	esac
279
280	# Fichero de credenciales de acceso a MySQL.
281	TMPMYCNF=/tmp/.my.cnf.$$
282	}
283
284
285	# Modificar variables de configuración tras instalar paquetes del sistema.
286	function autoConfigurePost()
287	{
288	local f MKNETDIR
289
290	# Configuraciones específicas para Samba y TFTP en Debian 6.
291	[ -z "$SYSTEMD" -a ! -e /etc/init.d/$SAMBASERV ] && SAMBASERV=samba
292	[ ! -e $TFTPCFGDIR ] && TFTPCFGDIR=/srv/tftp
293
294	# Preparar arranque en red con Grub.
295	for f in grub-mknetdir grub2-mknetdir; do
296	if which $f &>/dev/null; then MKNETDIR=$f; fi
297	done
298	$MKNETDIR --net-directory=$TFTPCFGDIR --subdir=grub
299	}
300
301
302	# Cargar lista de paquetes del sistema y actualizar algunas variables de configuración
303	# dependiendo de la versión instalada.
304	function updatePackageList()
305	{
306	local DHCPVERSION PHP7VERSION
307
308	# Si es necesario, actualizar la lista de paquetes disponibles.
309	[ -n "$UPDATEPKGLIST" ] && eval $UPDATEPKGLIST
310
311	# Configuración personallizada de algunos paquetes.
312	case "$OSDISTRIB" in
313	ubuntu\|linuxmint) # Postconfiguación personalizada para Ubuntu.
314	# Configuración para DHCP v3.
315	DHCPVERSION=$(apt-cache show $(apt-cache pkgnames\|egrep "dhcp.?-server$") \| \
316	awk '/Version/ {print substr($2,1,1);}' \| \
317	sort -n \| tail -1)
318	if [ $DHCPVERSION = 3 ]; then
319	DEPENDENCIES=( ${DEPENDENCIES[@]/isc-dhcp-server/dhcp3-server} )
320	DHCPSERV=dhcp3-server
321	DHCPCFGDIR=/etc/dhcp3
322	fi
323	# Configuración para PHP 7 en Ubuntu.
324	if [ -z "$(apt-cache pkgnames php7)" ]; then
325	eval $INSTALLPKG software-properties-common
326	add-apt-repository -y ppa:ondrej/php
327	eval $UPDATEPKGLIST
328	PHP7VERSION=$(apt-cache pkgnames php7 \| sort \| head -1)
329	PHPFPMSERV="${PHP7VERSION}-fpm"
330	DEPENDENCIES=( ${DEPENDENCIES[@]//php/$PHP7VERSION} )
331	fi
332	# Adaptar dependencias para libmysqlclient.
333	[ -z "$(apt-cache pkgnames libmysqlclient-dev)" ] && [ -n "$(apt-cache pkgnames libmysqlclient15)" ] && DEPENDENCIES=( ${DEPENDENCIES[@]//libmysqlclient-dev/libmysqlclient15} )
334	# Paquetes correctos en versiones nuevas.
335	[ -z "$(apt-cache pkgnames realpath)" ] && DEPENDENCIES=( ${DEPENDENCIES[@]//realpath/coreutils} )
336	[ -z "$(apt-cache pkgnames btrfs-tools)" ] && DEPENDENCIES=( ${DEPENDENCIES[@]//btrfs-tools/btrfs-progs} )
337	[ -z "$(apt-cache pkgnames bittorrent)" ] && DEPENDENCIES=( ${DEPENDENCIES[@]//bittorrent/} )
338	[ -z "$(apt-cache pkgnames bittornado)" ] && DEPENDENCIES=( ${DEPENDENCIES[@]//bittornado/} )
339	;;
340	centos) # Postconfiguación personalizada para CentOS.
341	# Configuración para PHP 7.
342	PHP7VERSION=$(yum list -q php7\* 2>/dev/null \| awk -F. '/^php/ {print $1; exit;}')
343	PHPFPMSERV="${PHP7VERSION}-${PHPFPMSERV}"
344	DEPENDENCIES=( ${PHP7VERSION} ${DEPENDENCIES[@]//php/$PHP7VERSION-php} )
345	# Cambios a aplicar a partir de CentOS 7.
346	if [ $OSVERSION -ge 7 ]; then
347	# Sustituir MySQL por MariaDB.
348	DEPENDENCIES=( ${DEPENDENCIES[*]/mysql-/mariadb-} )
349	# Instalar ctorrent de EPEL para CentOS 6 (no disponible en CentOS 7).
350	DEPENDENCIES=( ${DEPENDENCIES[*]/ctorrent/http://dl.fedoraproject.org/pub/epel/6/$(arch)/Packages/c/ctorrent-1.3.4-14.dnh3.3.2.el6.$(arch).rpm} )
351	fi
352	;;
353	fedora) # Postconfiguación personalizada para Fedora.
354	# Incluir paquetes específicos.
355	DEPENDENCIES=( ${DEPENDENCIES[@]} btrfs-progs )
356	# Sustituir MySQL por MariaDB a partir de Fedora 20.
357	[ $OSVERSION -ge 20 ] && DEPENDENCIES=( ${DEPENDENCIES[*]/mysql-/mariadb-} )
358	;;
359	esac
360	}
361
362
363	#####################################################################
364	####### Algunas funciones útiles de propósito general:
365	#####################################################################
366
367	function getDateTime()
368	{
369	date "+%Y%m%d-%H%M%S"
370	}
371
372	# Escribe a fichero y muestra por pantalla
373	function echoAndLog()
374	{
375	local DATETIME=`getDateTime`
376	echo "$1"
377	echo "$DATETIME;$SSH_CLIENT;$1" >> $LOG_FILE
378	}
379
380	# Escribe a fichero y muestra mensaje de error
381	function errorAndLog()
382	{
383	local DATETIME=`getDateTime`
384	echo "ERROR: $1"
385	echo "$DATETIME;$SSH_CLIENT;ERROR: $1" >> $LOG_FILE
386	}
387
388	# Escribe a fichero y muestra mensaje de aviso
389	function warningAndLog()
390	{
391	local DATETIME=`getDateTime`
392	echo "Warning: $1"
393	echo "$DATETIME;$SSH_CLIENT;Warning: $1" >> $LOG_FILE
394	}
395
396	# Comprueba si el elemento pasado en $2 está en el array $1
397	function isInArray()
398	{
399	if [ $# -ne 2 ]; then
400	errorAndLog "${FUNCNAME}(): invalid number of parameters"
401	exit 1
402	fi
403
404	local deps
405	local is_in_array=1
406	local element="$2"
407
408	echoAndLog "${FUNCNAME}(): checking if $2 is in $1"
409	eval "deps=( \"\${$1[@]}\" )"
410
411	# Copia local del array del parámetro 1.
412	for (( i = 0 ; i < ${#deps[@]} ; i++ )); do
413	if [ "${deps[$i]}" = "${element}" ]; then
414	echoAndLog "isInArray(): $element found in array"
415	is_in_array=0
416	fi
417	done
418
419	if [ $is_in_array -ne 0 ]; then
420	echoAndLog "${FUNCNAME}(): $element NOT found in array"
421	fi
422
423	return $is_in_array
424	}
425
426
427	#####################################################################
428	####### Funciones de manejo de paquetes Debian
429	#####################################################################
430
431	function checkPackage()
432	{
433	package=$1
434	if [ -z $package ]; then
435	errorAndLog "${FUNCNAME}(): parameter required"
436	exit 1
437	fi
438	echoAndLog "${FUNCNAME}(): checking if package $package exists"
439	eval $CHECKPKG
440	if [ $? -eq 0 ]; then
441	echoAndLog "${FUNCNAME}(): package $package exists"
442	return 0
443	else
444	echoAndLog "${FUNCNAME}(): package $package doesn't exists"
445	return 1
446	fi
447	}
448
449	# Recibe array con dependencias
450	# por referencia deja un array con las dependencias no resueltas
451	# devuelve 1 si hay alguna dependencia no resuelta
452	function checkDependencies()
453	{
454	if [ $# -ne 2 ]; then
455	errorAndLog "${FUNCNAME}(): invalid number of parameters"
456	exit 1
457	fi
458
459	echoAndLog "${FUNCNAME}(): checking dependences"
460	uncompletedeps=0
461
462	# copia local del array del parametro 1
463	local deps
464	eval "deps=( \"\${$1[@]}\" )"
465
466	declare -a local_notinstalled
467
468	for (( i = 0 ; i < ${#deps[@]} ; i++ ))
469	do
470	checkPackage ${deps[$i]}
471	if [ $? -ne 0 ]; then
472	local_notinstalled[$uncompletedeps]=$package
473	let uncompletedeps=uncompletedeps+1
474	fi
475	done
476
477	# relleno el array especificado en $2 por referencia
478	for (( i = 0 ; i < ${#local_notinstalled[@]} ; i++ ))
479	do
480	eval "${2}[$i]=${local_notinstalled[$i]}"
481	done
482
483	# retorna el numero de paquetes no resueltos
484	echoAndLog "${FUNCNAME}(): dependencies uncompleted: $uncompletedeps"
485	return $uncompletedeps
486	}
487
488	# Recibe un array con las dependencias y lo instala
489	function installDependencies()
490	{
491	if [ $# -ne 1 ]; then
492	errorAndLog "${FUNCNAME}(): invalid number of parameters"
493	exit 1
494	fi
495	echoAndLog "${FUNCNAME}(): installing uncompleted dependencies"
496
497	# copia local del array del parametro 1
498	local deps
499	eval "deps=( \"\${$1[@]}\" )"
500
501	local string_deps=""
502	for (( i = 0 ; i < ${#deps[@]} ; i++ ))
503	do
504	string_deps="$string_deps ${deps[$i]}"
505	done
506
507	if [ -z "${string_deps}" ]; then
508	errorAndLog "${FUNCNAME}(): array of dependeces is empty"
509	exit 1
510	fi
511
512	OLD_DEBIAN_FRONTEND=$DEBIAN_FRONTEND # Debian/Ubuntu
513	export DEBIAN_FRONTEND=noninteractive
514
515	echoAndLog "${FUNCNAME}(): now $string_deps will be installed"
516	eval $INSTALLPKG $string_deps
517	if [ $? -ne 0 ]; then
518	errorAndLog "${FUNCNAME}(): error installing dependencies"
519	return 1
520	fi
521
522	DEBIAN_FRONTEND=$OLD_DEBIAN_FRONTEND # Debian/Ubuntu
523	test grep -q "EPEL temporal" /etc/yum.repos.d/epel.repo 2>/dev/null \|\| mv -f /etc/yum.repos.d/epel.repo.rpmnew /etc/yum.repos.d/epel.repo 2>/dev/null # CentOS/RedHat EPEL
524
525	echoAndLog "${FUNCNAME}(): dependencies installed"
526	}
527
528	# Hace un backup del fichero pasado por parámetro
529	# deja un -last y uno para el día
530	function backupFile()
531	{
532	if [ $# -ne 1 ]; then
533	errorAndLog "${FUNCNAME}(): invalid number of parameters"
534	exit 1
535	fi
536
537	local file="$1"
538	local dateymd=`date +%Y%m%d`
539
540	if [ ! -f "$file" ]; then
541	warningAndLog "${FUNCNAME}(): file $file doesn't exists"
542	return 1
543	fi
544
545	echoAndLog "${FUNCNAME}(): making $file backup"
546
547	# realiza una copia de la última configuración como last
548	cp -a "$file" "${file}-LAST"
549
550	# si para el día no hay backup lo hace, sino no
551	if [ ! -f "${file}-${dateymd}" ]; then
552	cp -a "$file" "${file}-${dateymd}"
553	fi
554
555	echoAndLog "${FUNCNAME}(): $file backup success"
556	}
557
558	#####################################################################
559	####### Funciones para el manejo de bases de datos
560	#####################################################################
561
562	# This function set password to root
563	function mysqlSetRootPassword()
564	{
565	if [ $# -ne 1 ]; then
566	errorAndLog "${FUNCNAME}(): invalid number of parameters"
567	exit 1
568	fi
569
570	local root_mysql="$1"
571	echoAndLog "${FUNCNAME}(): setting root password in MySQL server"
572	mysqladmin -u root password "$root_mysql"
573	if [ $? -ne 0 ]; then
574	errorAndLog "${FUNCNAME}(): error while setting root password in MySQL server"
575	return 1
576	fi
577	echoAndLog "${FUNCNAME}(): root password saved!"
578	return 0
579	}
580
581	# Si el servicio mysql esta ya instalado cambia la variable de la clave del root por la ya existente
582	function mysqlGetRootPassword()
583	{
584	local pass_mysql
585	local pass_mysql2
586	# Comprobar si MySQL está instalado con la clave de root por defecto.
587	if mysql -u root -p"$MYSQL_ROOT_PASSWORD" <<<"quit" 2>/dev/null; then
588	echoAndLog "${FUNCNAME}(): Using default mysql root password."
589	else
590	stty -echo
591	echo "There is a MySQL service already installed."
592	read -p "Enter MySQL root password: " pass_mysql
593	echo ""
594	read -p "Confrim password:" pass_mysql2
595	echo ""
596	stty echo
597	if [ "$pass_mysql" == "$pass_mysql2" ] ;then
598	MYSQL_ROOT_PASSWORD="$pass_mysql"
599	return 0
600	else
601	echo "The keys don't match. Do not configure the server's key,"
602	echo "transactions in the database will give error."
603	return 1
604	fi
605	fi
606	}
607
608	# comprueba si puede conectar con mysql con el usuario root
609	function mysqlTestConnection()
610	{
611	if [ $# -ne 1 ]; then
612	errorAndLog "${FUNCNAME}(): invalid number of parameters"
613	exit 1
614	fi
615
616	local root_password="$1"
617	echoAndLog "${FUNCNAME}(): checking connection to mysql..."
618	# Componer fichero con credenciales de conexión a MySQL.
619	touch $TMPMYCNF
620	chmod 600 $TMPMYCNF
621	cat << EOT > $TMPMYCNF
622	[client]
623	user=root
624	password=$root_password
625	EOT
626	# Borrar el fichero temporal si termina el proceso de instalación.
627	trap "rm -f $TMPMYCNF" 0 1 2 3 6 9 15
628	# Comprobar conexión a MySQL.
629	echo "" \| mysql --defaults-extra-file=$TMPMYCNF
630	if [ $? -ne 0 ]; then
631	errorAndLog "${FUNCNAME}(): connection to mysql failed, check root password and if daemon is running!"
632	return 1
633	else
634	echoAndLog "${FUNCNAME}(): connection success"
635	return 0
636	fi
637	}
638
639	# comprueba si la base de datos existe
640	function mysqlDbExists()
641	{
642	if [ $# -ne 1 ]; then
643	errorAndLog "${FUNCNAME}(): invalid number of parameters"
644	exit 1
645	fi
646
647	local database="$1"
648	echoAndLog "${FUNCNAME}(): checking if $database exists..."
649	echo "show databases" \| mysql --defaults-extra-file=$TMPMYCNF \| grep "^${database}$"
650	if [ $? -ne 0 ]; then
651	echoAndLog "${FUNCNAME}():database $database doesn't exists"
652	return 1
653	else
654	echoAndLog "${FUNCNAME}():database $database exists"
655	return 0
656	fi
657	}
658
659	# Comprueba si la base de datos está vacía.
660	function mysqlCheckDbIsEmpty()
661	{
662	if [ $# -ne 1 ]; then
663	errorAndLog "${FUNCNAME}(): invalid number of parameters"
664	exit 1
665	fi
666
667	local database="$1"
668	echoAndLog "${FUNCNAME}(): checking if $database is empty..."
669	num_tablas=`echo "show tables" \| mysql --defaults-extra-file=$TMPMYCNF "${database}" \| wc -l`
670	if [ $? -ne 0 ]; then
671	errorAndLog "${FUNCNAME}(): error executing query, check database and root password"
672	exit 1
673	fi
674
675	if [ $num_tablas -eq 0 ]; then
676	echoAndLog "${FUNCNAME}():database $database is empty"
677	return 0
678	else
679	echoAndLog "${FUNCNAME}():database $database has tables"
680	return 1
681	fi
682
683	}
684
685	# Importa un fichero SQL en la base de datos.
686	# Parámetros:
687	# - 1: nombre de la BD.
688	# - 2: fichero a importar.
689	# Nota: el fichero SQL puede contener las siguientes palabras reservadas:
690	# - SERVERIP: se sustituye por la dirección IP del servidor.
691	# - DBUSER: se sustituye por usuario de conexión a la BD definido en este script.
692	# - DBPASSWD: se sustituye por la clave de conexión a la BD definida en este script.
693	function mysqlImportSqlFileToDb()
694	{
695	if [ $# -ne 2 ]; then
696	errorAndLog "${FNCNAME}(): invalid number of parameters"
697	exit 1
698	fi
699
700	local database="$1"
701	local sqlfile="$2"
702	local tmpfile=$(mktemp)
703	local i=0
704	local dev=""
705	local status
706
707	if [ ! -f $sqlfile ]; then
708	errorAndLog "${FUNCNAME}(): Unable to locate $sqlfile!!"
709	return 1
710	fi
711
712	echoAndLog "${FUNCNAME}(): importing SQL file to ${database}..."
713	chmod 600 $tmpfile
714	for dev in ${DEVICE[*]}; do
715	if [ "${DEVICE[i]}" == "$DEFAULTDEV" ]; then
716	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
717	-e "s/DBUSER/$OPENGNSYS_DB_USER/g" \
718	-e "s/DBPASSWORD/$OPENGNSYS_DB_PASSWD/g" \
719	$sqlfile > $tmpfile
720	fi
721	let i++
722	done
723	mysql --defaults-extra-file=$TMPMYCNF --default-character-set=utf8 "${database}" < $tmpfile
724	status=$?
725	rm -f $tmpfile
726	if [ $status -ne 0 ]; then
727	errorAndLog "${FUNCNAME}(): error while importing $sqlfile in database $database"
728	return 1
729	fi
730	echoAndLog "${FUNCNAME}(): file imported to database $database"
731	return 0
732	}
733
734	# Crea la base de datos
735	function mysqlCreateDb()
736	{
737	if [ $# -ne 1 ]; then
738	errorAndLog "${FUNCNAME}(): invalid number of parameters"
739	exit 1
740	fi
741
742	local database="$1"
743
744	echoAndLog "${FUNCNAME}(): creating database..."
745	mysqladmin --defaults-extra-file=$TMPMYCNF create $database
746	if [ $? -ne 0 ]; then
747	errorAndLog "${FUNCNAME}(): error while creating database $database"
748	return 1
749	fi
750	# Quitar modo ONLY_FULL_GROUP_BY de MySQL (ticket #730).
751	mysql --defaults-extra-file=$TMPMYCNF -e "SET GLOBAL sql_mode=(SELECT TRIM(BOTH ',' FROM REPLACE(@@sql_mode,'ONLY_FULL_GROUP_BY','')));"
752
753	echoAndLog "${FUNCNAME}(): database $database created"
754	return 0
755	}
756
757	# Comprueba si ya está definido el usuario de acceso a la BD.
758	function mysqlCheckUserExists()
759	{
760	if [ $# -ne 1 ]; then
761	errorAndLog "${FUNCNAME}(): invalid number of parameters"
762	exit 1
763	fi
764
765	local userdb="$1"
766
767	echoAndLog "${FUNCNAME}(): checking if $userdb exists..."
768	echo "select user from user where user='${userdb}'\\G" \|mysql --defaults-extra-file=$TMPMYCNF mysql \| grep user
769	if [ $? -ne 0 ]; then
770	echoAndLog "${FUNCNAME}(): user doesn't exists"
771	return 1
772	else
773	echoAndLog "${FUNCNAME}(): user already exists"
774	return 0
775	fi
776
777	}
778
779	# Crea un usuario administrativo para la base de datos
780	function mysqlCreateAdminUserToDb()
781	{
782	if [ $# -ne 3 ]; then
783	errorAndLog "${FUNCNAME}(): invalid number of parameters"
784	exit 1
785	fi
786
787	local database="$1"
788	local userdb="$2"
789	local passdb="$3"
790
791	echoAndLog "${FUNCNAME}(): creating admin user ${userdb} to database ${database}"
792
793	cat > $WORKDIR/create_${database}.sql <<EOF
794	CREATE USER '${userdb}'@'localhost' IDENTIFIED BY '${passdb}';
795	GRANT USAGE ON . TO '${userdb}'@'localhost';
796	GRANT ALL PRIVILEGES ON ${database}.* TO '${userdb}'@'localhost' WITH GRANT OPTION;
797	FLUSH PRIVILEGES;
798	EOF
799	mysql --defaults-extra-file=$TMPMYCNF < $WORKDIR/create_${database}.sql
800	if [ $? -ne 0 ]; then
801	errorAndLog "${FUNCNAME}(): error while creating user in mysql"
802	rm -f $WORKDIR/create_${database}.sql
803	return 1
804	else
805	echoAndLog "${FUNCNAME}(): user created ok"
806	rm -f $WORKDIR/create_${database}.sql
807	return 0
808	fi
809	}
810
811
812	#####################################################################
813	####### Funciones para la descarga de código
814	#####################################################################
815
816	# Obtiene el código fuente del proyecto desde el repositorio de GitHub.
817	function downloadCode()
818	{
819	if [ $# -ne 1 ]; then
820	errorAndLog "${FUNCNAME}(): invalid number of parameters"
821	exit 1
822	fi
823
824	local url="$1"
825
826	echoAndLog "${FUNCNAME}(): downloading code..."
827
828	curl "${url}" -o opengnsys.zip && unzip opengnsys.zip && mv "OpenGnsys-$BRANCH" opengnsys
829	if [ $? -ne 0 ]; then
830	errorAndLog "${FUNCNAME}(): error getting OpenGnsys code from $url"
831	return 1
832	fi
833	rm -f opengnsys.zip
834	echoAndLog "${FUNCNAME}(): code was downloaded"
835	return 0
836	}
837
838
839	############################################################
840	### Detectar red
841	############################################################
842
843	# Comprobar si existe conexión.
844	function checkNetworkConnection()
845	{
846	echoAndLog "${FUNCNAME}(): Checking OpenGnsys server connectivity."
847	OPENGNSYS_SERVER=${OPENGNSYS_SERVER:-"opengnsys.es"}
848	if which curl &>/dev/null; then
849	curl --connect-timeout 10 -s "https://$OPENGNSYS_SERVER/" -o /dev/null && \
850	curl --connect-timeout 10 -s "http://$OPENGNSYS_SERVER/" -o /dev/null
851	elif which wget &>/dev/null; then
852	wget --spider -q "https://$OPENGNSYS_SERVER/" && \
853	wget --spider -q "http://$OPENGNSYS_SERVER/"
854	else
855	echoAndLog "${FUNCNAME}(): Cannot execute \"wget\" nor \"curl\"."
856	return 1
857	fi
858	}
859
860	# Convierte nº de bits (notación CIDR) en máscara de red (gracias a FriedZombie en openwrt.org).
861	cidr2mask ()
862	{
863	# Number of args to shift, 255..255, first non-255 byte, zeroes
864	set -- $[ 5 - ($1 / 8) ] 255 255 255 255 $[ (255 << (8 - ($1 % 8))) & 255 ] 0 0 0
865	[ $1 -gt 1 ] && shift $1 \|\| shift
866	echo ${1-0}.${2-0}.${3-0}.${4-0}
867	}
868
869	# Obtener los parámetros de red de la interfaz por defecto.
870	function getNetworkSettings()
871	{
872	# Arrays globales definidas:
873	# - DEVICE: nombres de dispositivos de red activos.
874	# - SERVERIP: IPs locales del servidor.
875	# - NETIP: IPs de redes.
876	# - NETMASK: máscaras de red.
877	# - NETBROAD: IPs de difusión de redes.
878	# - ROUTERIP: IPs de routers.
879	# Otras variables globales:
880	# - DEFAULTDEV: dispositivo de red por defecto.
881	# - DNSIP: IP del servidor DNS principal.
882
883	local i=0
884	local dev=""
885
886	echoAndLog "${FUNCNAME}(): Detecting network parameters."
887	DEVICE=( $(ip -o link show up \| awk '!/loopback/ {sub(/[:@].*/,"",$2); print $2}') )
888	if [ -z "$DEVICE" ]; then
889	errorAndLog "${FUNCNAME}(): Network devices not detected."
890	exit 1
891	fi
892	for dev in ${DEVICE[*]}; do
893	SERVERIP[i]=$(ip -o addr show dev "$dev" \| awk '$3~/inet$/ {sub (/\/.*/, ""); print ($4); exit;}')
894	if [ -n "${SERVERIP[i]}" ]; then
895	NETMASK[i]=$( cidr2mask $(ip -o addr show dev "$dev" \| awk '$3~/inet$/ {sub (/.*\//, "", $4); print ($4); exit;}') )
896	NETBROAD[i]=$(ip -o addr show dev "$dev" \| awk '$3~/inet$/ {print ($6); exit;}')
897	NETIP[i]=$(ip route list proto kernel \| awk -v d="$dev" '$3==d && /src/ {sub (/\/.*/,""); print $1; exit;}')
898	ROUTERIP[i]=$(ip route list default \| awk -v d="$dev" '$5==d {print $3; exit;}')
899	DEFAULTDEV=${DEFAULTDEV:-"$dev"}
900	fi
901	let i++
902	done
903	DNSIP=$(systemd-resolve --status 2>/dev/null \| awk '/DNS Servers:/ {print $3; exit;}')
904	[ -z "$DNSIP" ] && DNSIP=$(awk '/nameserver/ {print $2; exit;}' /etc/resolv.conf)
905	if [ -z "${NETIP[]}" -o -z "${NETMASK[]}" ]; then
906	errorAndLog "${FUNCNAME}(): Network not detected."
907	exit 1
908	fi
909
910	# Variables de ejecución de Apache
911	# - APACHE_RUN_USER
912	# - APACHE_RUN_GROUP
913	if [ -f $APACHECFGDIR/envvars ]; then
914	source $APACHECFGDIR/envvars
915	fi
916	APACHE_RUN_USER=${APACHE_RUN_USER:-"$APACHEUSER"}
917	APACHE_RUN_GROUP=${APACHE_RUN_GROUP:-"$APACHEGROUP"}
918
919	echoAndLog "${FUNCNAME}(): Default network device: $DEFAULTDEV."
920	}
921
922
923	############################################################
924	### Esqueleto para el Servicio pxe y contenedor tftpboot ###
925	############################################################
926
927	function tftpConfigure()
928	{
929	echoAndLog "${FUNCNAME}(): Configuring TFTP service."
930	# Habilitar TFTP y reiniciar Inetd.
931	if [ -n "$TFTPSERV" ]; then
932	if [ -f $INETDCFGDIR/$TFTPSERV ]; then
933	perl -pi -e 's/disable.*/disable = no/' $INETDCFGDIR/$TFTPSERV
934	else
935	service=$TFTPSERV
936	$ENABLESERVICE; $STARTSERVICE
937	fi
938	fi
939	service=$INETDSERV
940	$ENABLESERVICE; $STARTSERVICE
941
942	# comprobamos el servicio tftp
943	sleep 1
944	testPxe
945	}
946
947	# Comprueba que haya conexión al servicio TFTP/PXE.
948	function testPxe ()
949	{
950	echoAndLog "${FUNCNAME}(): Checking TFTP service... please wait."
951	echo "test" >$TFTPCFGDIR/testpxe
952	tftp -v 127.0.0.1 -c get testpxe /tmp/testpxe && echoAndLog "TFTP service is OK." \|\| errorAndLog "TFTP service is down."
953	rm -f $TFTPCFGDIR/testpxe /tmp/testpxe
954	}
955
956
957	########################################################################
958	## Configuración servicio Samba
959	########################################################################
960
961	# Configurar servicios Samba.
962	function smbConfigure()
963	{
964	echoAndLog "${FUNCNAME}(): Configuring Samba service."
965
966	backupFile $SAMBACFGDIR/smb.conf
967
968	# Copiar plantailla de recursos para OpenGnsys
969	sed -e "s/OPENGNSYSDIR/${INSTALL_TARGET//\//\\/}/g" \
970	$WORKDIR/opengnsys/server/etc/smb-og.conf.tmpl > $SAMBACFGDIR/smb-og.conf
971	# Configurar y recargar Samba"
972	perl -pi -e "s/WORKGROUP/OPENGNSYS/; s/server string \=.*/server string \= OpenGnsys Samba Server/" $SAMBACFGDIR/smb.conf
973	if ! grep -q "smb-og" $SAMBACFGDIR/smb.conf; then
974	echo "include = $SAMBACFGDIR/smb-og.conf" >> $SAMBACFGDIR/smb.conf
975	fi
976	service=$SAMBASERV
977	$ENABLESERVICE; $STARTSERVICE
978	if [ $? -ne 0 ]; then
979	errorAndLog "${FUNCNAME}(): error while configure Samba"
980	return 1
981	fi
982	# Crear clave para usuario de acceso a los recursos.
983	echo -ne "$OPENGNSYS_CLIENT_PASSWD\n$OPENGNSYS_CLIENT_PASSWD\n" \| smbpasswd -a -s $OPENGNSYS_CLIENT_USER
984
985	echoAndLog "${FUNCNAME}(): Added Samba configuration."
986	return 0
987	}
988
989
990	########################################################################
991	## Configuración servicio Rsync
992	########################################################################
993
994	# Configurar servicio Rsync.
995	function rsyncConfigure()
996	{
997	echoAndLog "${FUNCNAME}(): Configuring Rsync service."
998
999	backupFile $RSYNCCFGDIR/rsyncd.conf
1000
1001	# Configurar acceso a Rsync.
1002	sed -e "s/CLIENTUSER/$OPENGNSYS_CLIENT_USER/g" \
1003	$WORKDIR/opengnsys/repoman/etc/rsyncd.conf.tmpl > $RSYNCCFGDIR/rsyncd.conf
1004	# Habilitar Rsync y reiniciar Inetd.
1005	if [ -n "$RSYNCSERV" ]; then
1006	if [ -f /etc/default/rsync ]; then
1007	perl -pi -e 's/RSYNC_ENABLE=.*/RSYNC_ENABLE=inetd/' /etc/default/rsync
1008	fi
1009	if [ -f $INETDCFGDIR/rsync ]; then
1010	perl -pi -e 's/disable.*/disable = no/' $INETDCFGDIR/rsync
1011	else
1012	cat << EOT > $INETDCFGDIR/rsync
1013	service rsync
1014	{
1015	disable = no
1016	socket_type = stream
1017	wait = no
1018	user = root
1019	server = $(which rsync)
1020	server_args = --daemon
1021	log_on_failure += USERID
1022	flags = IPv6
1023	}
1024	EOT
1025	fi
1026	service=$RSYNCSERV $ENABLESERVICE
1027	service=$INETDSERV $STARTSERVICE
1028	fi
1029
1030	echoAndLog "${FUNCNAME}(): Added Rsync configuration."
1031	return 0
1032	}
1033
1034
1035	########################################################################
1036	## Configuración servicio DHCP
1037	########################################################################
1038
1039	# Configurar servicios DHCP.
1040	function dhcpConfigure()
1041	{
1042	echoAndLog "${FUNCNAME}(): Sample DHCP configuration."
1043
1044	local errcode=0
1045	local i=0
1046	local dev=""
1047
1048	backupFile $DHCPCFGDIR/dhcpd.conf
1049	for dev in ${DEVICE[*]}; do
1050	if [ -n "${SERVERIP[i]}" ]; then
1051	backupFile $DHCPCFGDIR/dhcpd-$dev.conf
1052	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
1053	-e "s/NETIP/${NETIP[i]}/g" \
1054	-e "s/NETMASK/${NETMASK[i]}/g" \
1055	-e "s/NETBROAD/${NETBROAD[i]}/g" \
1056	-e "s/ROUTERIP/${ROUTERIP[i]}/g" \
1057	-e "s/DNSIP/$DNSIP/g" \
1058	$WORKDIR/opengnsys/server/etc/dhcpd.conf.tmpl > $DHCPCFGDIR/dhcpd-$dev.conf \|\| errcode=1
1059	fi
1060	let i++
1061	done
1062	if [ $errcode -ne 0 ]; then
1063	errorAndLog "${FUNCNAME}(): error while configuring DHCP server"
1064	return 1
1065	fi
1066	ln -f $DHCPCFGDIR/dhcpd-$DEFAULTDEV.conf $DHCPCFGDIR/dhcpd.conf
1067	service=$DHCPSERV
1068	$ENABLESERVICE; $STARTSERVICE
1069	echoAndLog "${FUNCNAME}(): Sample DHCP configured in \"$DHCPCFGDIR\"."
1070	return 0
1071	}
1072
1073
1074	#####################################################################
1075	####### Funciones específicas de la instalación de Opengnsys
1076	#####################################################################
1077
1078	# Copiar ficheros del OpenGnsys Web Console.
1079	function installWebFiles()
1080	{
1081	local COMPATDIR f
1082	local SLIMFILE="slim-2.6.1.zip"
1083	local SWAGGERFILE="swagger-ui-2.2.5.zip"
1084
1085	echoAndLog "${FUNCNAME}(): Installing web files..."
1086	# Copiar ficheros.
1087	cp -a $WORKDIR/opengnsys/admin/WebConsole/* $INSTALL_TARGET/www #*/ comentario para Doxygen.
1088	if [ $? != 0 ]; then
1089	errorAndLog "${FUNCNAME}(): Error copying web files."
1090	exit 1
1091	fi
1092
1093	# Descomprimir librerías: Slim y Swagger-UI.
1094	unzip -o $WORKDIR/opengnsys/admin/$SLIMFILE -d $INSTALL_TARGET/www/rest
1095	unzip -o $WORKDIR/opengnsys/admin/$SWAGGERFILE -d $INSTALL_TARGET/www/rest
1096
1097	# Compatibilidad con dispositivos móviles.
1098	COMPATDIR="$INSTALL_TARGET/www/principal"
1099	for f in acciones administracion aula aulas hardwares imagenes menus repositorios softwares; do
1100	sed 's/clickcontextualnodo/clicksupnodo/g' $COMPATDIR/$f.php > $COMPATDIR/$f.device.php
1101	done
1102	cp -a $COMPATDIR/imagenes.device.php $COMPATDIR/imagenes.device4.php
1103	# Acceso al manual de usuario
1104	ln -fs ../doc/userManual $INSTALL_TARGET/www/userManual
1105	# Ficheros de log de la API REST.
1106	touch $INSTALL_TARGET/log/{ogagent,remotepc,rest}.log
1107
1108	echoAndLog "${FUNCNAME}(): Web files installed successfully."
1109	}
1110
1111	function configurePHPvars()
1112	{
1113	OGADMSRV_HOSTNAME=$1
1114	OGADMSRV_PORT=$2
1115	sed "s/__OGADMSRV_HOSTNAME__/$OGADMSRV_HOSTNAME/; s/__OGADMSRV_PORT__/$OGADMSRV_PORT/" <$WORKDIR/opengnsys/server/etc/php-vars.php.tmpl >$INSTALL_TARGET/etc/php-vars.php
1116	}
1117
1118	# Copiar ficheros en la zona de descargas de OpenGnsys Web Console.
1119	function installDownloadableFiles()
1120	{
1121	local VERSIONFILE OGVERSION FILENAME TARGETFILE
1122
1123	# Obtener versión a descargar.
1124	VERSIONFILE="$INSTALL_TARGET/doc/VERSION.json"
1125	OGVERSION="$(jq -r ".ogagent // \"$INSTVERSION\"" $VERSIONFILE 2>/dev/null \|\| echo "$INSTVERSION")"
1126	FILENAME="ogagentpkgs-$OGVERSION.tar.gz"
1127	TARGETFILE=$WORKDIR/$FILENAME
1128
1129	# Descargar archivo comprimido, si es necesario.
1130	if [ -s $PROGRAMDIR/$FILENAME ]; then
1131	echoAndLog "${FUNCNAME}(): Moving $PROGRAMDIR/$FILENAME file to $(dirname $TARGETFILE)"
1132	mv $PROGRAMDIR/$FILENAME $TARGETFILE
1133	else
1134	echoAndLog "${FUNCNAME}(): Downloading $FILENAME"
1135	curl $DOWNLOADURL/$FILENAME -o $TARGETFILE
1136	fi
1137	if [ ! -s $TARGETFILE ]; then
1138	errorAndLog "${FUNCNAME}(): Cannot download $FILENAME"
1139	return 1
1140	fi
1141
1142	# Descomprimir fichero en zona de descargas.
1143	tar xvzf $TARGETFILE -C $INSTALL_TARGET/www/descargas
1144	if [ $? != 0 ]; then
1145	errorAndLog "${FUNCNAME}(): Error uncompressing archive."
1146	exit 1
1147	fi
1148	}
1149
1150	# Configuración específica de Apache.
1151	function installWebConsoleApacheConf()
1152	{
1153	if [ $# -ne 2 ]; then
1154	errorAndLog "${FUNCNAME}(): invalid number of parameters"
1155	exit 1
1156	fi
1157
1158	local path_opengnsys_base="$1"
1159	local path_apache2_confd="$2"
1160	local CONSOLEDIR=${path_opengnsys_base}/www
1161	local sockfile
1162
1163	if [ ! -d $path_apache2_confd ]; then
1164	errorAndLog "${FUNCNAME}(): path to apache2 conf.d can not found, verify your server installation"
1165	return 1
1166	fi
1167
1168	mkdir -p $path_apache2_confd/{sites-available,sites-enabled}
1169
1170	echoAndLog "${FUNCNAME}(): creating apache2 config file.."
1171
1172	# Avtivar PHP-FPM.
1173	echoAndLog "${FUNCNAME}(): configuring PHP-FPM"
1174	service=$PHPFPMSERV
1175	$ENABLESERVICE; $STARTSERVICE
1176	sockfile=$(find /run/php -name "php*.sock" -type s -print 2>/dev/null \| tail -1)
1177
1178	# Activar módulos de Apache.
1179	$APACHEENABLEMODS
1180	# Activar HTTPS.
1181	$APACHEENABLESSL
1182	$APACHEMAKECERT
1183	# Genera configuración de consola web a partir del fichero plantilla.
1184	if [ -n "$(apachectl -v \| grep "2\.[0-2]")" ]; then
1185	# Configuración para versiones anteriores de Apache.
1186	sed -e "s,CONSOLEDIR,$CONSOLEDIR,g" \
1187	$WORKDIR/opengnsys/server/etc/apache-prev2.4.conf.tmpl > $path_apache2_confd/$APACHESITESDIR/${APACHEOGSITE}
1188	else
1189	# Configuración específica a partir de Apache 2.4
1190	if [ -n "$sockfile" ]; then
1191	sed -e "s,CONSOLEDIR,$CONSOLEDIR,g" \
1192	-e "s,proxy:fcgi:.,proxy:unix:${sockfile%% }\|fcgi://localhost\",g" \
1193	$WORKDIR/opengnsys/server/etc/apache.conf.tmpl > $path_apache2_confd/$APACHESITESDIR/${APACHEOGSITE}.conf
1194	else
1195	sed -e "s,CONSOLEDIR,$CONSOLEDIR,g" \
1196	$WORKDIR/opengnsys/server/etc/apache.conf.tmpl > $path_apache2_confd/$APACHESITESDIR/${APACHEOGSITE}.conf
1197	fi
1198	fi
1199	$APACHEENABLEOG
1200	if [ $? -ne 0 ]; then
1201	errorAndLog "${FUNCNAME}(): config file can't be linked to apache conf, verify your server installation"
1202	return 1
1203	fi
1204	echoAndLog "${FUNCNAME}(): config file created and linked, restarting apache daemon"
1205	service=$APACHESERV
1206	$ENABLESERVICE; $STARTSERVICE
1207	return 0
1208	}
1209
1210
1211	# Crear documentación Doxygen para la consola web.
1212	function makeDoxygenFiles()
1213	{
1214	echoAndLog "${FUNCNAME}(): Making Doxygen web files..."
1215	$WORKDIR/opengnsys/installer/ogGenerateDoc.sh \
1216	$WORKDIR/opengnsys/client/engine $INSTALL_TARGET/www
1217	if [ ! -d "$INSTALL_TARGET/www/html" ]; then
1218	errorAndLog "${FUNCNAME}(): unable to create Doxygen web files."
1219	return 1
1220	fi
1221	mv "$INSTALL_TARGET/www/html" "$INSTALL_TARGET/www/api"
1222	echoAndLog "${FUNCNAME}(): Doxygen web files created successfully."
1223	}
1224
1225
1226	# Crea la estructura base de la instalación de opengnsys
1227	function createDirs()
1228	{
1229	if [ $# -ne 1 ]; then
1230	errorAndLog "${FUNCNAME}(): invalid number of parameters"
1231	exit 1
1232	fi
1233
1234	local path_opengnsys_base="$1"
1235
1236	# Crear estructura de directorios.
1237	echoAndLog "${FUNCNAME}(): creating directory paths in $path_opengnsys_base"
1238	mkdir -p $path_opengnsys_base
1239	mkdir -p $path_opengnsys_base/bin
1240	mkdir -p $path_opengnsys_base/client/{cache,images,log}
1241	mkdir -p $path_opengnsys_base/doc
1242	mkdir -p $path_opengnsys_base/etc
1243	mkdir -p $path_opengnsys_base/lib
1244	mkdir -p $path_opengnsys_base/log/clients
1245	ln -fs $path_opengnsys_base/log /var/log/opengnsys
1246	mkdir -p $path_opengnsys_base/sbin
1247	mkdir -p $path_opengnsys_base/www
1248	mkdir -p $path_opengnsys_base/images/groups
1249	mkdir -p $TFTPCFGDIR
1250	ln -fs $TFTPCFGDIR $path_opengnsys_base/tftpboot
1251	mkdir -p $path_opengnsys_base/tftpboot/{menu.lst,grub}
1252	if [ $? -ne 0 ]; then
1253	errorAndLog "${FUNCNAME}(): error while creating dirs. Do you have write permissions?"
1254	return 1
1255	fi
1256
1257	# Crear usuario ficticio.
1258	if id -u $OPENGNSYS_CLIENT_USER &>/dev/null; then
1259	echoAndLog "${FUNCNAME}(): user \"$OPENGNSYS_CLIENT_USER\" is already created"
1260	else
1261	echoAndLog "${FUNCNAME}(): creating OpenGnsys user"
1262	useradd $OPENGNSYS_CLIENT_USER 2>/dev/null
1263	if [ $? -ne 0 ]; then
1264	errorAndLog "${FUNCNAME}(): error creating OpenGnsys user"
1265	return 1
1266	fi
1267	fi
1268
1269	# Mover el fichero de registro de instalación al directorio de logs.
1270	echoAndLog "${FUNCNAME}(): moving installation log file"
1271	mv $LOG_FILE $OGLOGFILE && LOG_FILE=$OGLOGFILE
1272	chmod 600 $LOG_FILE
1273
1274	echoAndLog "${FUNCNAME}(): directory paths created"
1275	return 0
1276	}
1277
1278	# Copia ficheros de configuración y ejecutables genéricos del servidor.
1279	function copyServerFiles ()
1280	{
1281	if [ $# -ne 1 ]; then
1282	errorAndLog "${FUNCNAME}(): invalid number of parameters"
1283	exit 1
1284	fi
1285
1286	local path_opengnsys_base="$1"
1287
1288	# Lista de ficheros y directorios origen y de directorios destino.
1289	local SOURCES=( server/tftpboot \
1290	/usr/lib/shim/shimx64.efi.signed \
1291	/usr/lib/grub/x86_64-efi-signed/grubnetx64.efi.signed \
1292	server/bin \
1293	repoman/bin \
1294	server/lib \
1295	admin/Sources/Services/ogAdmServerAux
1296	admin/Sources/Services/ogAdmRepoAux
1297	installer/opengnsys_uninstall.sh \
1298	installer/opengnsys_update.sh \
1299	installer/opengnsys_export.sh \
1300	installer/opengnsys_import.sh \
1301	doc )
1302	local TARGETS=( tftpboot \
1303	tftpboot \
1304	tftpboot/grubx64.efi \
1305	bin \
1306	bin \
1307	lib \
1308	sbin \
1309	sbin \
1310	lib \
1311	lib \
1312	lib \
1313	lib \
1314	doc )
1315
1316	if [ ${#SOURCES[@]} != ${#TARGETS[@]} ]; then
1317	errorAndLog "${FUNCNAME}(): inconsistent number of array items"
1318	exit 1
1319	fi
1320
1321	# Copiar ficheros.
1322	echoAndLog "${FUNCNAME}(): copying files to server directories"
1323
1324	pushd $WORKDIR/opengnsys
1325	local i
1326	for (( i = 0; i < ${#SOURCES[@]}; i++ )); do
1327	if [ -f "${SOURCES[$i]}" ]; then
1328	echoAndLog "Copying ${SOURCES[$i]} to $path_opengnsys_base/${TARGETS[$i]}"
1329	cp -a "${SOURCES[$i]}" "${path_opengnsys_base}/${TARGETS[$i]}"
1330	elif [ -d "${SOURCES[$i]}" ]; then
1331	echoAndLog "Copying content of ${SOURCES[$i]} to $path_opengnsys_base/${TARGETS[$i]}"
1332	cp -a "${SOURCES[$i]}"/* "${path_opengnsys_base}/${TARGETS[$i]}"
1333	else
1334	warningAndLog "Unable to copy ${SOURCES[$i]} to $path_opengnsys_base/${TARGETS[$i]}"
1335	fi
1336	done
1337
1338	popd
1339	}
1340
1341	####################################################################
1342	### Funciones de TLS
1343	####################################################################
1344
1345	CA_DIR=/root/CA
1346	OG_BASEDIR=/opt/opengnsys
1347
1348	function gatherCertsInfo()
1349	{
1350	ERRORS=0
1351	if [ -f $WORKDIR/opengnsys/user-certs/ca.crt.pem ]; then
1352	echoAndLog "CA provided by the user, checking presence of all certificates"
1353
1354	TLS_DATA_CA_CERTFILE=$WORKDIR/opengnsys/user-certs/ca.crt.pem
1355	TLS_DATA_OGADMSRV_CERTFILE=$WORKDIR/opengnsys/user-certs/ogAdmSrv.crt.pem
1356	TLS_DATA_OGADMSRV_KEYFILE=$WORKDIR/opengnsys/user-certs/ogAdmSrv.key.pem
1357	TLS_DATA_WEBCONSOLE_CERTFILE=$WORKDIR/opengnsys/user-certs/WebConsole.crt.pem
1358	TLS_DATA_WEBCONSOLE_KEYFILE=$WORKDIR/opengnsys/user-certs/WebConsole.key.pem
1359
1360	## el usuario tiene que facilitar todos los certificados
1361	## si falta alguno, no podemos generarlo aquí porque habría que tener la privkey de la CA, y el usuario no nos la debe dar
1362	if [ ! -f $TLS_DATA_OGADMSRV_CERTFILE ]; then errorAndLog "ogAdmSrv certificate not found"; ERRORS=1; fi
1363	if [ ! -f $TLS_DATA_OGADMSRV_KEYFILE ]; then errorAndLog "ogAdmSrv privkey not found"; ERRORS=1; fi
1364	if [ ! -f $TLS_DATA_WEBCONSOLE_CERTFILE ]; then errorAndLog "WebConsole certificate not found"; ERRORS=1; fi
1365	if [ ! -f $TLS_DATA_WEBCONSOLE_KEYFILE ]; then errorAndLog "WebConsole privkey not found"; ERRORS=1; fi
1366
1367	if [ $ERRORS -eq 0 ]; then
1368	## validar que las privkeys no tengan contraseña para que opengnsys pueda arrancar de forma desatendida
1369	if ! openssl rsa -in $TLS_DATA_OGADMSRV_KEYFILE -passin pass:42 -noout; then errorAndLog "ogAdmSrv privkey is encrypted"; ERRORS=1; fi
1370	if ! openssl rsa -in $TLS_DATA_WEBCONSOLE_KEYFILE -passin pass:42 -noout; then errorAndLog "WebConsole privkey is encrypted"; ERRORS=1; fi
1371
1372	if [ $ERRORS -eq 0 ]; then
1373	# obtener los subject de cada certificado
1374	# la salida de openssl es tal que "subject=C = ES, ST = Madrid, L = Madrid, CN = test.example.org"
1375	# con el sed cocinamos la salida
1376	# además añadimos un / al principio para que el CN final sea correcto: "/C=ES/ST=Madrid/L=Madrid/CN=test.opengnsys.local"
1377	TLS_DATA_CA_SUBJ=/$( openssl x509 -in $TLS_DATA_CA_CERTFILE -subject -noout \|sed 's/^subject=//; s/ *//g; s/,/\//g')
1378	TLS_DATA_OGADMSRV_SUBJ=/$( openssl x509 -in $TLS_DATA_OGADMSRV_CERTFILE -subject -noout \|sed 's/^subject=//; s/ *//g; s/,/\//g')
1379	TLS_DATA_WEBCONSOLE_SUBJ=/$(openssl x509 -in $TLS_DATA_WEBCONSOLE_CERTFILE -subject -noout \|sed 's/^subject=//; s/ *//g; s/,/\//g')
1380
1381	# obtener CN a partir del subject
1382	TLS_DATA_CA_CN=$( echo $TLS_DATA_CA_SUBJ \|sed 's/.CN=\([^/$]\).*/\1/')
1383	TLS_DATA_OGADMSRV_CN=$( echo $TLS_DATA_OGADMSRV_SUBJ \|sed 's/.CN=\([^/$]\).*/\1/')
1384	TLS_DATA_WEBCONSOLE_CN=$( echo $TLS_DATA_WEBCONSOLE_SUBJ \|sed 's/.CN=\([^/$]\).*/\1/')
1385
1386	# los CN de los componentes que aceptan conexiones deberían resolver a una IP
1387	if ! nslookup $TLS_DATA_OGADMSRV_CN &>/dev/null; then errorAndLog "ogAdmSrv CN doesn't resolve to an IP"; ERRORS=1; fi
1388
1389	if [ $ERRORS -eq 0 ]; then
1390	echoAndLog "Provided CA and certs are ok"
1391	fi
1392	fi
1393	fi
1394	fi
1395
1396	if [ $ERRORS -eq 1 ]; then
1397	echoAndLog "CA and certs not provided by the user or issues found, we will generate a new CA and all certs"
1398
1399	TLS_DATA_CA_CN=ca.opengnsys.local
1400	TLS_DATA_CA_SUBJ=/CN=ca.opengnsys.local
1401	TLS_DATA_CA_CERTFILE=$CA_DIR/certs/ca.crt.pem
1402	TLS_DATA_CA_EXPIRY=7300 # this variable is used later to make some decisions
1403
1404	TLS_DATA_OGADMSRV_CN=ogAdmSrv.opengnsys.local
1405	TLS_DATA_OGADMSRV_SUBJ=/CN=ogAdmSrv.opengnsys.local
1406	TLS_DATA_OGADMSRV_CERTFILE=$CA_DIR/certs/ogAdmSrv.crt.pem
1407	TLS_DATA_OGADMSRV_KEYFILE=$CA_DIR/private/ogAdmSrv.key.pem
1408	TLS_DATA_OGADMSRV_EXPIRY=375
1409
1410	TLS_DATA_WEBCONSOLE_CN=WebConsole.opengnsys.local
1411	TLS_DATA_WEBCONSOLE_SUBJ=/CN=WebConsole.opengnsys.local
1412	TLS_DATA_WEBCONSOLE_CERTFILE=$CA_DIR/certs/WebConsole.crt.pem
1413	TLS_DATA_WEBCONSOLE_KEYFILE=$CA_DIR/private/WebConsole.key.pem
1414	TLS_DATA_WEBCONSOLE_EXPIRY=375
1415	fi
1416
1417	# otras cosas de TLS no cubiertas arriba por no estar relacionadas con los certificados
1418	TLS_DATA_OGADMSRV_LISTEN_PORT=48888
1419
1420	return 0
1421	}
1422
1423	function _genCA ()
1424	{
1425	SUBJ=$1
1426	EXPIRY_DAYS=$2
1427	openssl genrsa -out private/ca.key.pem 4096
1428	openssl req -config openssl.cnf -key private/ca.key.pem -new -x509 -days $EXPIRY_DAYS -sha256 -subj $SUBJ -out certs/ca.crt.pem
1429
1430	return 0
1431	}
1432
1433	function _genCert ()
1434	{
1435	COMPONENT=$1
1436	SUBJ=$2
1437	EXPIRY_DAYS=$3
1438
1439	openssl genrsa -out private/$COMPONENT.key.pem 2048
1440	openssl req -config openssl.cnf -key private/$COMPONENT.key.pem -new -sha256 -subj $SUBJ -out csr/$COMPONENT.csr.pem
1441	openssl ca -config openssl.cnf -batch -days $EXPIRY_DAYS -notext -md sha256 -in csr/$COMPONENT.csr.pem -out certs/$COMPONENT.crt.pem
1442
1443	return 0
1444	}
1445
1446	function genAllCerts ()
1447	{
1448	mkdir -p $CA_DIR
1449	pushd $CA_DIR
1450	cat >openssl.cnf <<EOF
1451	[ca]
1452	default_ca = CA_default
1453
1454	[CA_default]
1455	dir = $CA_DIR
1456	certs = $CA_DIR/certs
1457	new_certs_dir = $CA_DIR/newcerts
1458	database = $CA_DIR/index.txt
1459	serial = $CA_DIR/serial
1460	default_md = sha256
1461	policy = policy_loose
1462
1463	private_key = $CA_DIR/private/ca.key.pem
1464	certificate = $CA_DIR/certs/ca.crt.pem
1465
1466	[policy_loose]
1467	countryName = optional
1468	stateOrProvinceName = optional
1469	localityName = optional
1470	organizationName = optional
1471	organizationalUnitName = optional
1472	commonName = supplied
1473	emailAddress = optional
1474
1475	[req]
1476	default_bits = 2048
1477	distinguished_name = req_distinguished_name
1478	default_md = sha256
1479
1480	[req_distinguished_name]
1481	countryName = Country Name (2 letter code)
1482	EOF
1483	mkdir certs csr newcerts private
1484	chmod 0700 private
1485	touch index.txt index.txt.attr
1486	echo 1000 >serial
1487
1488	_genCA $TLS_DATA_CA_SUBJ $TLS_DATA_CA_EXPIRY
1489	_genCert ogAdmSrv $TLS_DATA_OGADMSRV_SUBJ $TLS_DATA_OGADMSRV_EXPIRY
1490	_genCert WebConsole $TLS_DATA_WEBCONSOLE_SUBJ $TLS_DATA_WEBCONSOLE_EXPIRY
1491
1492	popd
1493	return 0
1494	}
1495
1496	function installAllCerts ()
1497	{
1498	mkdir -p $OG_BASEDIR/etc/ssl
1499
1500	## CA cert goes to the OS store
1501	cp $TLS_DATA_CA_CERTFILE $LOCAL_CERTS_DIR/opengnsys-ca.crt
1502
1503	## ogAdmSrv cert & key go to the application store
1504	cp $TLS_DATA_OGADMSRV_CERTFILE $TLS_DATA_OGADMSRV_KEYFILE $OG_BASEDIR/etc/ssl/
1505	## certs of ogAdmSrv clients go to the OS store (stunnel seems to require this)
1506	cp $TLS_DATA_WEBCONSOLE_CERTFILE $LOCAL_CERTS_DIR/opengnsys-WebConsole.crt
1507
1508	## WebConsole cert & key go to the application store
1509	cp $TLS_DATA_WEBCONSOLE_CERTFILE $TLS_DATA_WEBCONSOLE_KEYFILE $OG_BASEDIR/etc/ssl/
1510
1511	$UPDATE_CA_CMD
1512	chgrp stunnel4 $OG_BASEDIR/etc/ssl/*
1513
1514	return 0
1515	}
1516
1517	# si generamos nuestros propios certificados, los CNs tienen que resolver a alguna IP
1518	# no podemos dar por hecho que algún servidor DNS por ahí fuera resuelva los CNs que hemos generado al instalar
1519	function makeCommonNamesResolvable ()
1520	{
1521	# ogAdmSrv
1522	local i=0
1523	for dev in ${DEVICE[*]}; do
1524	echoAndLog "${FUNCNAME}(): evaluating dev (${DEVICE[i]}) against defaultdev ($DEFAULTDEV)"
1525	if [ "${DEVICE[i]}" == "$DEFAULTDEV" ]; then
1526	ETC_HOSTS_IP=${SERVERIP[i]}
1527	echoAndLog "${FUNCNAME}(): will use dev (${DEVICE[i]}) IP ($ETC_HOSTS_IP)"
1528	break
1529	fi
1530	let i++
1531	done
1532
1533	if [ -z $ETC_HOSTS_IP ]; then
1534	echoAndLog "${FUNCNAME}(): Don't know what IP address to add to /etc/hosts for ogAdmSrv"
1535	else
1536	echo "$ETC_HOSTS_IP $TLS_DATA_OGADMSRV_CN" >>/etc/hosts
1537	fi
1538
1539	return 0
1540	}
1541
1542	function configureStunnel ()
1543	{
1544	local i=0
1545	for dev in ${DEVICE[*]}; do
1546	echoAndLog "${FUNCNAME}(): evaluating dev (${DEVICE[i]}) against defaultdev ($DEFAULTDEV)"
1547	if [ "${DEVICE[i]}" == "$DEFAULTDEV" ]; then
1548	LISTEN_IP=${SERVERIP[i]}
1549	echoAndLog "${FUNCNAME}(): will use dev (${DEVICE[i]}) IP ($LISTEN_IP)"
1550	break
1551	fi
1552	let i++
1553	done
1554
1555	if [ -z $LISTEN_IP ]; then
1556	echoAndLog "${FUNCNAME}(): Don't know what IP address to listen on"
1557	return 1
1558	fi
1559
1560	cat >/etc/stunnel/ogAdmSrv.conf <<EOF
1561	setuid = stunnel4
1562	setgid = stunnel4
1563	pid = /var/run/stunnel4/ogAdmSrv.pid
1564
1565	[ogAdmSrv]
1566	accept = $LISTEN_IP:$TLS_DATA_OGADMSRV_LISTEN_PORT
1567	connect = 127.0.0.1:8888
1568	cert = $OG_BASEDIR/etc/ssl/ogAdmSrv.crt.pem
1569	key = $OG_BASEDIR/etc/ssl/ogAdmSrv.key.pem
1570	capath = $STUNNEL_CAPATH
1571	requireCert = yes
1572	verifyPeer = yes
1573	verifyChain = yes
1574	EOF
1575
1576	sed -i -e '/^ENABLED=/s/0/1/' /etc/default/stunnel4
1577	service=stunnel4
1578	$STARTSERVICE
1579	return 0
1580	}
1581
1582
1583	####################################################################
1584	### Funciones de compilación de código fuente de servicios
1585	####################################################################
1586
1587	# Compilar los servicios de OpenGnsys
1588	function servicesCompilation ()
1589	{
1590	local hayErrores=0
1591
1592	# Compilar OpenGnsys Server
1593	echoAndLog "${FUNCNAME}(): Compiling OpenGnsys Admin Server"
1594	pushd $WORKDIR/opengnsys/admin/Sources/Services/ogAdmServer
1595	make && mv ogAdmServer $INSTALL_TARGET/sbin
1596	if [ $? -ne 0 ]; then
1597	echoAndLog "${FUNCNAME}(): error while compiling OpenGnsys Admin Server"
1598	hayErrores=1
1599	fi
1600	popd
1601	# Compilar OpenGnsys Agent
1602	echoAndLog "${FUNCNAME}(): Compiling OpenGnsys Agent"
1603	pushd $WORKDIR/opengnsys/admin/Sources/Services/ogAdmAgent
1604	make && mv ogAdmAgent $INSTALL_TARGET/sbin
1605	if [ $? -ne 0 ]; then
1606	echoAndLog "${FUNCNAME}(): error while compiling OpenGnsys Agent"
1607	hayErrores=1
1608	fi
1609	popd
1610	# Compilar OpenGnsys Client
1611	echoAndLog "${FUNCNAME}(): Compiling OpenGnsys Admin Client"
1612	pushd $WORKDIR/opengnsys/admin/Sources/Clients/ogAdmClient
1613	make && mv ogAdmClient ../../../../client/shared/bin
1614	if [ $? -ne 0 ]; then
1615	echoAndLog "${FUNCNAME}(): error while compiling OpenGnsys Admin Client"
1616	hayErrores=1
1617	fi
1618	popd
1619
1620	return $hayErrores
1621	}
1622
1623	####################################################################
1624	### Funciones de copia de la Interface de administración
1625	####################################################################
1626
1627	# Copiar carpeta de Interface
1628	function copyInterfaceAdm ()
1629	{
1630	local hayErrores=0
1631
1632	# Crear carpeta y copiar Interface
1633	echoAndLog "${FUNCNAME}(): Copying Administration Interface Folder"
1634	cp -ar $WORKDIR/opengnsys/admin/Interface $INSTALL_TARGET/client/interfaceAdm
1635	if [ $? -ne 0 ]; then
1636	echoAndLog "${FUNCNAME}(): error while copying Administration Interface Folder"
1637	hayErrores=1
1638	fi
1639
1640	return $hayErrores
1641	}
1642
1643
1644	####################################################################
1645	### Funciones instalacion cliente opengnsys
1646	####################################################################
1647
1648	function copyClientFiles()
1649	{
1650	local errstatus=0
1651
1652	echoAndLog "${FUNCNAME}(): Copying OpenGnsys Client files."
1653	cp -a $WORKDIR/opengnsys/client/shared/* $INSTALL_TARGET/client
1654	if [ $? -ne 0 ]; then
1655	errorAndLog "${FUNCNAME}(): error while copying client estructure"
1656	errstatus=1
1657	fi
1658
1659	echoAndLog "${FUNCNAME}(): Copying OpenGnsys Cloning Engine files."
1660	mkdir -p $INSTALL_TARGET/client/lib/engine/bin
1661	cp -a $WORKDIR/opengnsys/client/engine/.lib $INSTALL_TARGET/client/lib/engine/bin
1662	if [ $? -ne 0 ]; then
1663	errorAndLog "${FUNCNAME}(): error while copying engine files"
1664	errstatus=1
1665	fi
1666
1667	if [ $errstatus -eq 0 ]; then
1668	echoAndLog "${FUNCNAME}(): client copy files success."
1669	else
1670	errorAndLog "${FUNCNAME}(): client copy files with errors"
1671	fi
1672
1673	return $errstatus
1674	}
1675
1676
1677	# Crear certificados para la firma de cargadores de arranque.
1678	function createCerts ()
1679	{
1680	local SSLCFGDIR=$INSTALL_TARGET/client/etc/ssl
1681	echoAndLog "${FUNCNAME}(): creating certificate files"
1682	mkdir -p $SSLCFGDIR/{certs,private}
1683	openssl req -new -x509 -newkey rsa:2048 -keyout $SSLCFGDIR/private/opengnsys.key -out $SSLCFGDIR/certs/opengnsys.crt -nodes -days 3650 -subj "/CN=OpenGnsys/"
1684	openssl x509 -in $SSLCFGDIR/certs/opengnsys.crt -out $SSLCFGDIR/certs/opengnsys.cer -outform DER
1685	echoAndLog "${FUNCNAME}(): certificate successfully created"
1686	}
1687
1688
1689	# Crear cliente OpenGnsys.
1690	function clientCreate()
1691	{
1692	if [ $# -ne 1 ]; then
1693	errorAndLog "${FUNCNAME}(): invalid number of parameters"
1694	exit 1
1695	fi
1696
1697	local FILENAME="$1"
1698	local TARGETFILE=$INSTALL_TARGET/lib/$FILENAME
1699
1700	# Descargar cliente, si es necesario.
1701	if [ -s $PROGRAMDIR/$FILENAME ]; then
1702	echoAndLog "${FUNCNAME}(): Moving $PROGRAMDIR/$FILENAME file to $(dirname $TARGETFILE)"
1703	mv $PROGRAMDIR/$FILENAME $TARGETFILE
1704	else
1705	echoAndLog "${FUNCNAME}(): Downloading $FILENAME"
1706	oglivecli download $FILENAME
1707	fi
1708	if [ ! -s $TARGETFILE ]; then
1709	errorAndLog "${FUNCNAME}(): Error loading $FILENAME"
1710	return 1
1711	fi
1712
1713	# Montar imagen, copiar cliente ogclient y desmontar.
1714	echoAndLog "${FUNCNAME}(): Installing ogLive Client"
1715	echo -ne "$OPENGNSYS_CLIENT_PASSWD\n$OPENGNSYS_CLIENT_PASSWD\n" \| \
1716	oglivecli install $FILENAME
1717
1718	echoAndLog "${FUNCNAME}(): Client generation success"
1719	}
1720
1721
1722	# Configuración básica de servicios de OpenGnsys
1723	function openGnsysConfigure()
1724	{
1725	local i=0
1726	local dev=""
1727	local CONSOLEURL
1728
1729	echoAndLog "${FUNCNAME}(): Copying init files."
1730	cp -a $WORKDIR/opengnsys/admin/Sources/Services/opengnsys.init /etc/init.d/opengnsys
1731	cp -a $WORKDIR/opengnsys/admin/Sources/Services/opengnsys.default /etc/default/opengnsys
1732	# Deshabilitar servicios de BitTorrent si no están instalados.
1733	if [ ! -e /usr/bin/bttrack ]; then
1734	sed -i 's/RUN_BTTRACKER="yes"/RUN_BTTRACKER="no"/; s/RUN_BTSEEDER="yes"/RUN_BTSEEDER="no"/' \
1735	/etc/default/opengnsys
1736	fi
1737	echoAndLog "${FUNCNAME}(): Creating cron files."
1738	echo "* * * * * root [ -x $INSTALL_TARGET/bin/torrent-creator ] && $INSTALL_TARGET/bin/torrent-creator" > /etc/cron.d/torrentcreator
1739	echo "5 * * * * root [ -x $INSTALL_TARGET/bin/torrent-tracker ] && $INSTALL_TARGET/bin/torrent-tracker" > /etc/cron.d/torrenttracker
1740	echo "* * * * * root [ -x $INSTALL_TARGET/bin/deletepreimage ] && $INSTALL_TARGET/bin/deletepreimage" > /etc/cron.d/imagedelete
1741	echo "* * * * * root [ -x $INSTALL_TARGET/bin/ogagentqueue.cron ] && $INSTALL_TARGET/bin/ogagentqueue.cron" > /etc/cron.d/ogagentqueue
1742
1743	echoAndLog "${FUNCNAME}(): Creating logrotate configuration files."
1744	sed -e "s/OPENGNSYSDIR/${INSTALL_TARGET//\//\\/}/g" \
1745	$WORKDIR/opengnsys/server/etc/logrotate.tmpl > /etc/logrotate.d/opengnsysServer
1746
1747	sed -e "s/OPENGNSYSDIR/${INSTALL_TARGET//\//\\/}/g" \
1748	$WORKDIR/opengnsys/repoman/etc/logrotate.tmpl > /etc/logrotate.d/opengnsysRepo
1749
1750	echoAndLog "${FUNCNAME}(): Creating OpenGnsys config files."
1751	for dev in ${DEVICE[*]}; do
1752	if [ -n "${SERVERIP[i]}" ]; then
1753	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
1754	-e "s/DBUSER/$OPENGNSYS_DB_USER/g" \
1755	-e "s/DBPASSWORD/$OPENGNSYS_DB_PASSWD/g" \
1756	-e "s/DATABASE/$OPENGNSYS_DATABASE/g" \
1757	$WORKDIR/opengnsys/admin/Sources/Services/ogAdmServer/ogAdmServer.cfg > $INSTALL_TARGET/etc/ogAdmServer-$dev.cfg
1758	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
1759	$WORKDIR/opengnsys/repoman/etc/ogAdmRepo.cfg.tmpl > $INSTALL_TARGET/etc/ogAdmRepo-$dev.cfg
1760	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
1761	-e "s/DBUSER/$OPENGNSYS_DB_USER/g" \
1762	-e "s/DBPASSWORD/$OPENGNSYS_DB_PASSWD/g" \
1763	-e "s/DATABASE/$OPENGNSYS_DATABASE/g" \
1764	$WORKDIR/opengnsys/admin/Sources/Services/ogAdmAgent/ogAdmAgent.cfg > $INSTALL_TARGET/etc/ogAdmAgent-$dev.cfg
1765	CONSOLEURL="https://${SERVERIP[i]}/opengnsys"
1766	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
1767	-e "s/DBUSER/$OPENGNSYS_DB_USER/g" \
1768	-e "s/DBPASSWORD/$OPENGNSYS_DB_PASSWD/g" \
1769	-e "s/DATABASE/$OPENGNSYS_DATABASE/g" \
1770	-e "s/OPENGNSYSURL/${CONSOLEURL//\//\\/}/g" \
1771	$INSTALL_TARGET/www/controlacceso.php > $INSTALL_TARGET/www/controlacceso-$dev.php
1772	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
1773	-e "s/OPENGNSYSURL/${CONSOLEURL//\//\\/}/g" \
1774	$WORKDIR/opengnsys/admin/Sources/Clients/ogAdmClient/ogAdmClient.cfg > $INSTALL_TARGET/client/etc/ogAdmClient-$dev.cfg
1775	if [ "$dev" == "$DEFAULTDEV" ]; then
1776	OPENGNSYS_CONSOLEURL="$CONSOLEURL"
1777	fi
1778	fi
1779	let i++
1780	done
1781	ln -f $INSTALL_TARGET/etc/ogAdmServer-$DEFAULTDEV.cfg $INSTALL_TARGET/etc/ogAdmServer.cfg
1782	ln -f $INSTALL_TARGET/etc/ogAdmRepo-$DEFAULTDEV.cfg $INSTALL_TARGET/etc/ogAdmRepo.cfg
1783	ln -f $INSTALL_TARGET/etc/ogAdmAgent-$DEFAULTDEV.cfg $INSTALL_TARGET/etc/ogAdmAgent.cfg
1784	ln -f $INSTALL_TARGET/client/etc/ogAdmClient-$DEFAULTDEV.cfg $INSTALL_TARGET/client/etc/ogAdmClient.cfg
1785	ln -f $INSTALL_TARGET/www/controlacceso-$DEFAULTDEV.php $INSTALL_TARGET/www/controlacceso.php
1786
1787	# Configuración del motor de clonación.
1788	# - Zona horaria del servidor.
1789	TZ=$(timedatectl status\|awk -F"[:()]" '/Time.*zone/ {print $2}')
1790	cat << EOT >> $INSTALL_TARGET/client/etc/engine.cfg
1791	# OpenGnsys Server timezone.
1792	TZ="${TZ// /}"
1793	EOT
1794
1795	# Revisar permisos generales.
1796	if [ -x $INSTALL_TARGET/bin/checkperms ]; then
1797	echoAndLog "${FUNCNAME}(): Checking permissions."
1798	OPENGNSYS_DIR="$INSTALL_TARGET" OPENGNSYS_USER="$OPENGNSYS_CLIENT_USER" APACHE_USER="$APACHE_RUN_USER" APACHE_GROUP="$APACHE_RUN_GROUP" checkperms
1799	fi
1800
1801	# Evitar inicio de duplicado en Ubuntu 14.04 (Upstart y SysV Init).
1802	if [ -f /etc/init/${MYSQLSERV}.conf -a -n "$(which initctl 2>/dev/null)" ]; then
1803	service=$MYSQLSERV
1804	$DISABLESERVICE
1805	fi
1806
1807	# Actualizar tokens de autenticación e iniciar los servicios.
1808	service="opengnsys"
1809	$ENABLESERVICE
1810	if [ -x $INSTALL_TARGET/bin/settoken ]; then
1811	echoAndLog "${FUNCNAME}(): Setting authentication tokens and starting OpenGnsys services."
1812	$INSTALL_TARGET/bin/settoken "$OPENGNSYS_DB_USER"
1813	$INSTALL_TARGET/bin/settoken -f
1814	else
1815	echoAndLog "${FUNCNAME}(): Starting OpenGnsys services."
1816	$STARTSERVICE
1817	fi
1818	}
1819
1820
1821	#####################################################################
1822	####### Función de resumen informativo de la instalación
1823	#####################################################################
1824
1825	function installationSummary()
1826	{
1827	local VERSIONFILE REVISION
1828
1829	# Crear fichero de versión y revisión, si no existe.
1830	VERSIONFILE="$INSTALL_TARGET/doc/VERSION.json"
1831	[ -f $VERSIONFILE ] \|\| echo '{ "project": "OpenGnsys" }' >$VERSIONFILE
1832	# Incluir datos de revisión, si se está instalando desde el repositorio
1833	# de código o si no está incluida en el fichero de versión.
1834	if [ $REMOTE -eq 1 ] \|\| [ -z "$(jq -r '.release' $VERSIONFILE)" ]; then
1835	# Revisión: rAñoMesDía.Gitcommit (8 caracteres de fecha y 7 primeros de commit).
1836	RELEASE=$(curl -s "$API_URL/branches/$BRANCH" \| jq -r '"r" + (.commit.commit.committer.date \| split("-") \| join("")[:8]) + "." + (.commit.sha[:7])' 2>/dev/null)
1837	# Obtener revisión para etiqueta de versión en vez de rama de código.
1838	[ -z "$RELEASE" ] && RELEASE=$(curl -s $(curl -s "$API_URL/tags" \| jq -r ".[] \| select(.name==\"$BRANCH\").commit.url" 2>/dev/null) \| jq -r '"r" + (.commit.committer.date \| split("-") \| join("")[:8]) + "." + .sha[:7]' 2>/dev/null)
1839	jq ".release=\"$RELEASE\"" $VERSIONFILE \| sponge $VERSIONFILE
1840	fi
1841	VERSION="$(jq -r '[.project, .version, .codename, .release] \| join(" ")' $VERSIONFILE 2>/dev/null)"
1842
1843	# Mostrar información.
1844	echo
1845	echoAndLog "OpenGnsys Installation Summary"
1846	echo "=============================="
1847	echoAndLog "Project version: $VERSION"
1848	echoAndLog "Installation directory: $INSTALL_TARGET"
1849	echoAndLog "Installation log file: $LOG_FILE"
1850	echoAndLog "Repository directory: $INSTALL_TARGET/images"
1851	echoAndLog "DHCP configuration directory: $DHCPCFGDIR"
1852	echoAndLog "TFTP configuration directory: $TFTPCFGDIR"
1853	echoAndLog "Installed ogLive client: $(oglivecli list \| awk '{print $2}')"
1854	echoAndLog "Samba configuration directory: $SAMBACFGDIR"
1855	echoAndLog "Web Console URL: $OPENGNSYS_CONSOLEURL"
1856	echoAndLog "Web Console access data: entered by the user"
1857	if grep -q "^RUN_BTTRACK.*no" /etc/default/opengnsys; then
1858	echoAndLog "BitTorrent service is disabled."
1859	fi
1860	echo
1861	echoAndLog "Post-Installation Instructions:"
1862	echo "==============================="
1863	echoAndLog "You can improve server security by configuring firewall and SELinux,"
1864	echoAndLog " running \"$INSTALL_TARGET/lib/security-config\" script as root."
1865	echoAndLog "It's strongly recommended to synchronize this server with an NTP server."
1866	echoAndLog "Review or edit all configuration files."
1867	echoAndLog "Insert DHCP configuration data and restart service."
1868	echoAndLog "Optional: If you want to use BURG as boot manager, run"
1869	echoAndLog " \"curl $DOWNLOADURL/burg.tgz -o $INSTALL_TARGET/client/lib/burg.tgz\" as root."
1870	echoAndLog "Optional: Log-in as Web Console admin user."
1871	echoAndLog " - Review default Organization data and assign access to users."
1872	echoAndLog "Log-in as Web Console organization user."
1873	echoAndLog " - Insert OpenGnsys data (labs, computers, menus, etc)."
1874	echo
1875	}
1876
1877
1878
1879	#####################################################################
1880	####### Proceso de instalación de OpenGnsys
1881	#####################################################################
1882
1883	# Sólo ejecutable por usuario root
1884	if [ "$(whoami)" != 'root' ]; then
1885	echo "ERROR: this program must run under root privileges!!"
1886	exit 1
1887	fi
1888
1889	globalSetup
1890	# Comprobar instalación previa.
1891	if cat $INSTALL_TARGET/doc/VERSION.* &>/dev/null; then
1892	echo "ERROR: OpenGnsys is already installed. Run \"$INSTALL_TARGET/lib/opengnsys_update.sh\" as root to update."
1893	exit 2
1894	fi
1895
1896	echoAndLog "OpenGnsys installation begins at $(date)"
1897	# Introducir datos de configuración y establecer variables globales.
1898	userData
1899
1900	mkdir -p $WORKDIR
1901	pushd $WORKDIR
1902
1903	# Detectar datos iniciales de auto-configuración del instalador.
1904	autoConfigure
1905
1906	# Detectar parámetros de red y comprobar si hay conexión.
1907	getNetworkSettings
1908	if [ $? -ne 0 ]; then
1909	errorAndLog "Error reading default network settings."
1910	exit 1
1911	fi
1912	checkNetworkConnection
1913	if [ $? -ne 0 ]; then
1914	errorAndLog "Error connecting to server. Causes:"
1915	errorAndLog " - Network is unreachable, review devices parameters."
1916	errorAndLog " - You are inside a private network, configure the proxy service."
1917	errorAndLog " - Server is temporally down, try agian later."
1918	exit 1
1919	fi
1920
1921	# Detener servicios de OpenGnsys, si están activos previamente.
1922	[ -f /etc/init.d/opengnsys ] && /etc/init.d/opengnsys stop
1923
1924	# Actualizar repositorios
1925	updatePackageList
1926
1927	# Instalación de dependencias (paquetes de sistema operativo).
1928	declare -a notinstalled
1929	checkDependencies DEPENDENCIES notinstalled
1930	if [ $? -ne 0 ]; then
1931	installDependencies notinstalled
1932	if [ $? -ne 0 ]; then
1933	echoAndLog "Error while installing some dependeces, please verify your server installation before continue"
1934	exit 1
1935	fi
1936	fi
1937	if [ -n "$INSTALLEXTRADEPS" ]; then
1938	echoAndLog "Installing extra dependencies"
1939	for (( i=0; i<${#INSTALLEXTRADEPS[*]}; i++ )); do
1940	eval ${INSTALLEXTRADEPS[i]}
1941	done
1942	fi
1943
1944	# Detectar datos de auto-configuración después de instalar paquetes.
1945	autoConfigurePost
1946
1947	# Arbol de directorios de OpenGnsys.
1948	createDirs ${INSTALL_TARGET}
1949	if [ $? -ne 0 ]; then
1950	errorAndLog "Error while creating directory paths!"
1951	exit 1
1952	fi
1953
1954	# Si es necesario, descarga el repositorio de código en directorio temporal
1955	if [ $REMOTE -eq 1 ]; then
1956	downloadCode $CODE_URL
1957	if [ $? -ne 0 ]; then
1958	errorAndLog "Error while getting code from the repository"
1959	exit 1
1960	fi
1961	else
1962	ln -fs "$(dirname $PROGRAMDIR)" opengnsys
1963	fi
1964
1965	# TLS
1966	gatherCertsInfo
1967	if [ $? -ne 0 ]; then
1968	errorAndLog 'Not all required certificates have been provided, or privkey or DNS issues'
1969	exit 1
1970	fi
1971	[ $TLS_DATA_CA_EXPIRY ] && genAllCerts ## el usuario no nos ha dado sus certificados: generamos unos
1972	installAllCerts
1973	[ $TLS_DATA_CA_EXPIRY ] && makeCommonNamesResolvable ## el usuario no nos ha dado sus certificados: configuramos resolución de nombres en /etc/hosts
1974	configureStunnel
1975	if [ $? -ne 0 ]; then
1976	errorAndLog 'Error while setting stunnel up'
1977	exit 1
1978	fi
1979
1980	# Compilar código fuente de los servicios de OpenGnsys.
1981	servicesCompilation
1982	if [ $? -ne 0 ]; then
1983	errorAndLog "Error while compiling OpenGnsys services"
1984	exit 1
1985	fi
1986
1987	# Copiar carpeta Interface entre administración y motor de clonación.
1988	copyInterfaceAdm
1989	if [ $? -ne 0 ]; then
1990	errorAndLog "Error while copying Administration Interface"
1991	exit 1
1992	fi
1993
1994	# Configuración de TFTP.
1995	tftpConfigure
1996
1997	# Configuración de Samba.
1998	smbConfigure
1999	if [ $? -ne 0 ]; then
2000	errorAndLog "Error while configuring Samba server!"
2001	exit 1
2002	fi
2003
2004	# Configuración de Rsync.
2005	rsyncConfigure
2006
2007	# Configuración ejemplo DHCP.
2008	dhcpConfigure
2009	if [ $? -ne 0 ]; then
2010	errorAndLog "Error while copying your dhcp server files!"
2011	exit 1
2012	fi
2013
2014	# Copiar ficheros de servicios OpenGnsys Server.
2015	copyServerFiles ${INSTALL_TARGET}
2016	if [ $? -ne 0 ]; then
2017	errorAndLog "Error while copying the server files!"
2018	exit 1
2019	fi
2020	INSTVERSION=$(jq -r '.version' $INSTALL_TARGET/doc/VERSION.json)
2021
2022	# Instalar base de datos de OpenGnsys Admin.
2023	isInArray notinstalled "mysql-server" \|\| isInArray notinstalled "mariadb-server"
2024	if [ $? -eq 0 ]; then
2025	# Enable database manager (MySQL, if missing, MariaDB).
2026	service=$MYSQLSERV
2027	$ENABLESERVICE
2028	if [ $? != 0 ]; then
2029	service=$MARIADBSERV
2030	$ENABLESERVICE
2031	fi
2032	# Start database manager.
2033	$STARTSERVICE
2034	# Asignar clave del usuario "root".
2035	mysqlSetRootPassword "${MYSQL_ROOT_PASSWORD}"
2036	else
2037	# Si ya está instalado el gestor de bases de datos, obtener clave de "root".
2038	mysqlGetRootPassword
2039	fi
2040
2041	# Copy MySQL configuration template
2042	cp $WORKDIR/opengnsys/server/etc/mysqld-og.cnf $MYSQLCFGDIR 2>/dev/null
2043	# Restart database manager.
2044	$STARTSERVICE
2045
2046	mysqlTestConnection "${MYSQL_ROOT_PASSWORD}"
2047	if [ $? -ne 0 ]; then
2048	errorAndLog "Error while connection to mysql"
2049	exit 1
2050	fi
2051	mysqlDbExists ${OPENGNSYS_DATABASE}
2052	if [ $? -ne 0 ]; then
2053	echoAndLog "Creating Web Console database"
2054	mysqlCreateDb ${OPENGNSYS_DATABASE}
2055	if [ $? -ne 0 ]; then
2056	errorAndLog "Error while creating Web Console database"
2057	exit 1
2058	fi
2059	else
2060	echoAndLog "Web Console database exists, ommiting creation"
2061	fi
2062
2063	mysqlCheckUserExists ${OPENGNSYS_DB_USER}
2064	if [ $? -ne 0 ]; then
2065	echoAndLog "Creating user in database"
2066	mysqlCreateAdminUserToDb ${OPENGNSYS_DATABASE} ${OPENGNSYS_DB_USER} "${OPENGNSYS_DB_PASSWD}"
2067	if [ $? -ne 0 ]; then
2068	errorAndLog "Error while creating database user"
2069	exit 1
2070	fi
2071
2072	fi
2073
2074	mysqlCheckDbIsEmpty ${OPENGNSYS_DATABASE}
2075	if [ $? -eq 0 ]; then
2076	echoAndLog "Creating tables..."
2077	if [ -f $WORKDIR/$OPENGNSYS_DB_CREATION_FILE ]; then
2078	mysqlImportSqlFileToDb ${OPENGNSYS_DATABASE} $WORKDIR/$OPENGNSYS_DB_CREATION_FILE
2079	else
2080	errorAndLog "Unable to locate $WORKDIR/$OPENGNSYS_DB_CREATION_FILE!!"
2081	exit 1
2082	fi
2083	else
2084	# Si existe fichero ogBDAdmin-VersLocal-VersRepo.sql; aplicar cambios.
2085	REPOVERSION=$(jq -r '.version' $WORKDIR/opengnsys/doc/VERSION.json)
2086	OPENGNSYS_DB_UPDATE_FILE="opengnsys/admin/Database/$OPENGNSYS_DATABASE-$INSTVERSION-$REPOVERSION.sql"
2087	if [ -f $WORKDIR/$OPENGNSYS_DB_UPDATE_FILE ]; then
2088	echoAndLog "Updating tables from version $INSTVERSION to $REPOVERSION"
2089	mysqlImportSqlFileToDb ${OPENGNSYS_DATABASE} $WORKDIR/$OPENGNSYS_DB_UPDATE_FILE
2090	else
2091	echoAndLog "Database unchanged."
2092	fi
2093	fi
2094	# Eliminar fichero temporal con credenciales de acceso a MySQL.
2095	rm -f $TMPMYCNF
2096
2097	# Copiando páqinas web.
2098	installWebFiles
2099	# Configurar variables de PHP
2100	configurePHPvars $TLS_DATA_OGADMSRV_CN $TLS_DATA_OGADMSRV_LISTEN_PORT
2101	# Descargar/descomprimir archivos descargables.
2102	installDownloadableFiles
2103	# Generar páqinas web de documentación de la API
2104	makeDoxygenFiles
2105
2106	# Creando configuración de Apache.
2107	installWebConsoleApacheConf $INSTALL_TARGET $APACHECFGDIR
2108	if [ $? -ne 0 ]; then
2109	errorAndLog "Error configuring Apache for OpenGnsys Admin"
2110	exit 1
2111	fi
2112
2113	popd
2114
2115	# Crear la estructura de los accesos al servidor desde el cliente (shared)
2116	copyClientFiles
2117	if [ $? -ne 0 ]; then
2118	errorAndLog "Error creating client structure"
2119	fi
2120
2121	# Crear certificado para firmar cargadores
2122	createCerts
2123
2124	# Crear la estructura del cliente de OpenGnsys.
2125	for i in $OGLIVE; do
2126	if ! clientCreate "$i"; then
2127	errorAndLog "Error creating client $i"
2128	exit 1
2129	fi
2130	done
2131
2132	# Configuración de servicios de OpenGnsys
2133	openGnsysConfigure
2134
2135	# Mostrar sumario de la instalación e instrucciones de post-instalación.
2136	installationSummary
2137
2138	rm -rf $WORKDIR
2139	echoAndLog "OpenGnsys installation finished at $(date)"
2140	exit 0
2141

Note: See TracBrowser for help on using the repository browser.

Download in other formats: