Context Navigation

source: installer/opengnsys_installer_devel_esxi.sh @ 3875322

Visit:

configure-oglivelgromero-new-oglivemainmount-efivarfsubu24tpluse-local-agent-oglivevarios-instalacion

Last change on this file since 3875322 was 3875322, checked in by Natalia Serrano <natalia.serrano@…>, 9 months ago
refs #796 retry git-clone
Property mode set to `100755`
File size: 73.1 KB

Line
1	#!/bin/bash
2
3	#####################################################################
4	####### Script instalador OpenGnsys
5	####### Autor: Luis Guillén <lguillen@unizar.es>
6	#####################################################################
7
8
9	#####################################################################
10	####### Funciones de configuración
11	#####################################################################
12
13	MY_BRANCH=$1
14
15	# Devuelve en la variable PASSWORD la clave introducida por el usuario (o la indicada por defecto)
16	function enterPassword ()
17	{
18	local PASSWORD2
19	local DEFAULT_PASSWORD="$1"
20
21	while : ; do
22	stty -echo
23	read -r PASSWORD
24	stty echo
25	if [ -z "$PASSWORD" ]; then
26	# Si esta vacio ponemos el valor por defecto
27	PASSWORD="${PASSWORD:-$DEFAULT_PASSWORD}"
28	break
29	else
30	if [ -n "${PASSWORD//[a-zA-Z0-9]/}" ]; then # Comprobamos que sea un valor alfanumerico
31	echo -e "\\aERROR: Password must be alphanumeric, try again..."
32	else
33	echo -n -e "\\nConfirm password: "
34	stty -echo
35	read -r PASSWORD2
36	stty echo
37	if [ "$PASSWORD" == "$PASSWORD2" ]; then
38	break
39	else
40	echo -e "\\aERROR: Passwords don't match, try again."
41	fi
42	fi
43	fi
44	echo -n -e "Please, enter a new password (${DEFAULT_PASSWORD}): "
45	done
46	}
47
48	# Recoge los datos de configuración introducidos por el usuario.
49	function userData ()
50	{
51	#### AVISO: Puede editar configuración de acceso por defecto.
52	#### WARNING: Edit default access configuration if you wish.
53	DEFAULT_MYSQL_ROOT_PASSWORD="passwordroot" # Clave por defecto root de MySQL
54	DEFAULT_OPENGNSYS_DB_USER="usuog" # Usuario por defecto de acceso a la base de datos
55	DEFAULT_OPENGNSYS_DB_PASSWD="passusuog" # Clave por defecto de acceso a la base de datos
56	DEFAULT_OPENGNSYS_CLIENT_PASSWD="og" # Clave por defecto de acceso del cliente
57	DEFAULT_OGLIVE="ogLive-focal-5.11.0-22-generic-amd64-r20210413.992ebb9.iso" # Cliente ogLive
58	DEFAULT_UDS_REST_URL="${DEFAULT_UDS_REST_URL:-https://uds.example.com/uds/rest/}"
59	DEFAULT_UDS_AUTHENTICATOR="${DEFAULT_UDS_AUTHENTICATOR:-Local users}"
60	DEFAULT_UDS_USER="${DEFAULT_UDS_USER:-user}"
61	DEFAULT_UDS_PASS="${DEFAULT_UDS_PASS:-pass}"
62
63	echo -e "\\nOpenGnsys Installation"
64	echo "=============================="
65
66	if [[ ! $- =~ s ]]; then
67	echo -e "\\nNot interactive mode: setting default configuration values.\\n"
68	MYSQL_ROOT_PASSWORD="$DEFAULT_MYSQL_ROOT_PASSWORD"
69	OPENGNSYS_DB_USER="$DEFAULT_OPENGNSYS_DB_USER"
70	OPENGNSYS_DB_PASSWD="$DEFAULT_OPENGNSYS_DB_PASSWD"
71	OPENGNSYS_CLIENT_PASSWD="$DEFAULT_OPENGNSYS_CLIENT_PASSWD"
72	OGLIVE="$DEFAULT_OGLIVE"
73	UDS_REST_URL="$DEFAULT_UDS_REST_URL"
74	UDS_AUTHENTICATOR="$DEFAULT_UDS_AUTHENTICATOR"
75	UDS_USER="$DEFAULT_UDS_USER"
76	UDS_PASS="$DEFAULT_UDS_PASS"
77	UDS_REST_URL="$DEFAULT_UDS_REST_URL"
78	UDS_AUTHENTICATOR="$DEFAULT_UDS_AUTHENTICATOR"
79	UDS_USER="$DEFAULT_UDS_USER"
80	UDS_PASS="$DEFAULT_UDS_PASS"
81	return
82	fi
83
84	# Clave root de MySQL
85	echo -n -e "\\nEnter root password for MySQL (${DEFAULT_MYSQL_ROOT_PASSWORD}): "
86	enterPassword "$DEFAULT_MYSQL_ROOT_PASSWORD"
87	MYSQL_ROOT_PASSWORD="$PASSWORD"
88
89	# Usuario de acceso a la base de datos
90	while : ; do
91	echo -n -e "\\n\\nEnter username for OpenGnsys console (${DEFAULT_OPENGNSYS_DB_USER}): "
92	read -r OPENGNSYS_DB_USER
93	if [ -n "${OPENGNSYS_DB_USER//[a-zA-Z0-9]/}" ]; then # Comprobamos que sea un valor alfanumerico
94	echo -e "\\aERROR: Must be alphanumeric, try again..."
95	else
96	# Si esta vacio ponemos el valor por defecto
97	OPENGNSYS_DB_USER="${OPENGNSYS_DB_USER:-$DEFAULT_OPENGNSYS_DB_USER}"
98	break
99	fi
100	done
101
102	# Clave de acceso a la base de datos
103	echo -n -e "\\nEnter password for OpenGnsys console (${DEFAULT_OPENGNSYS_DB_PASSWD}): "
104	enterPassword "$DEFAULT_OPENGNSYS_DB_PASSWD"
105	OPENGNSYS_DB_PASSWD="$PASSWORD"
106
107	# Clave de acceso del cliente
108	echo -n -e "\\n\\nEnter root password for OpenGnsys client (${DEFAULT_OPENGNSYS_CLIENT_PASSWD}): "
109	enterPassword "$DEFAULT_OPENGNSYS_CLIENT_PASSWD"
110	OPENGNSYS_CLIENT_PASSWD="$PASSWORD"
111
112	# Selección de clientes ogLive para descargar.
113	while : ; do
114	echo -e "\\n\\nChoose ogLive client to install."
115	echo -e "1) Kernel 5.11, 64-bit, EFI-compatible"
116	echo -e "2) Kernel 3.2, 32-bit"
117	echo -e "3) Both"
118	echo -n -e "Please, type a valid number (1): "
119	read -r OPT
120	case "$OPT" in
121	1\|"") OGLIVE="$DEFAULT_OGLIVE"
122	break ;;
123	2) OGLIVE="ogLive-precise-3.2.0-23-generic-r5159.iso"
124	break ;;
125	3) OGLIVE=" $DEFAULT_OGLIVE ogLive-precise-3.2.0-23-generic-r5159.iso";
126	break ;;
127	*) echo -e "\\aERROR: unknown option, try again."
128	esac
129	done
130
131	# URL de API REST de UDS
132	echo -n -e "\\nEnter UDS REST API URL (${DEFAULT_UDS_REST_URL}): "
133	read -r -ei "${DEFAULT_UDS_REST_URL}" UDS_REST_URL
134
135	# Autenticador de UDS
136	echo -n -e "\\nEnter UDS authenticator (${DEFAULT_UDS_AUTHENTICATOR}): "
137	enterPassword "$DEFAULT_UDS_AUTHENTICATOR"
138	UDS_AUTHENTICATOR="$PASSWORD"
139
140	# Usuario de UDS
141	echo -n -e "\\nEnter UDS username (${DEFAULT_UDS_USER}): "
142	read -r -ei "${DEFAULT_UDS_USER}" UDS_USER
143
144	# Contraseña de UDS
145	echo -n -e "\\nEnter UDS password (${DEFAULT_UDS_PASS}): "
146	enterPassword "$DEFAULT_UDS_PASS"
147	UDS_PASS="$PASSWORD"
148
149	unset PASSWORD
150	echo -e "\\n=============================="
151	}
152
153	# Asigna valores globales de configuración para el script.
154	function globalSetup ()
155	{
156	PROGRAMDIR=$(readlink -e "$(dirname "$0")")
157	PROGRAMNAME=$(basename "$0")
158
159	# Comprobar si se ha descargado el paquete comprimido (REMOTE=0) o sólo el instalador (REMOTE=1).
160	OPENGNSYS_SERVER="ognproject.evlt.uma.es"
161	DOWNLOADURL="https://$OPENGNSYS_SERVER/trac/downloads"
162	if [ -d "$PROGRAMDIR/../installer" ]; then
163	echo REMOTE=0
164	REMOTE=0
165	else
166	echo REMOTE=1
167	REMOTE=1
168	fi
169	BRANCH=$1
170	if [[ -z $BRANCH ]]; then
171	BRANCH="main"
172	fi
173	API_URL="https://api.github.com/repos/opengnsys/OpenGnsys"
174	GIT_REPO="https://ognproject.evlt.uma.es/gitea/opengnsys/opengnsys.git"
175
176	# Directorios de instalación y destino de OpenGnsys.
177	WORKDIR=/tmp/opengnsys_installer
178	INSTALL_TARGET=/opt/opengnsys
179	PATH=$PATH:$INSTALL_TARGET/bin
180
181	# Registro de incidencias.
182	OGLOGFILE=$INSTALL_TARGET/log/${PROGRAMNAME%.sh}.log
183	LOG_FILE=/tmp/$(basename $OGLOGFILE)
184
185	# Usuario del cliente para acceso remoto.
186	OPENGNSYS_CLIENT_USER="opengnsys"
187	# Nombre de la base datos y fichero SQL para su creación.
188	OPENGNSYS_DATABASE="ogAdmBD"
189	OPENGNSYS_DB_CREATION_FILE=opengnsys/admin/Database/${OPENGNSYS_DATABASE}.sql
190
191	# Set Default net
192	DHCPNET=${DHCPNET:-"NONE"}
193	echo Default Network is $DHCPNET
194	}
195
196	# Generar variables de configuración del instalador
197	# Variables globales:
198	# - OSDISTRIB, OSVERSION - tipo y versión de la distribución GNU/Linux
199	# - DEPENDENCIES - array de dependencias que deben estar instaladas
200	# - UPDATEPKGLIST, INSTALLPKGS, CHECKPKGS - comandos para gestión de paquetes
201	# - INSTALLEXTRADEPS - instalar dependencias no incluidas en la distribución
202	# - STARTSERVICE, ENABLESERVICE - iniciar y habilitar un servicio
203	# - STOPSERVICE, DISABLESERVICE - parar y deshabilitar un servicio
204	# - APACHESERV, APACHECFGDIR, APACHESITESDIR, APACHEUSER, APACHEGROUP - servicio y configuración de Apache
205	# - APACHEENABLEMODS, APACHEENABLESSL, APACHEMAKECERT - habilitar módulos y certificado SSL
206	# - APACHEENABLEOG, APACHEOGSITE, - habilitar sitio web de OpenGnsys
207	# - PHPFPMSERV - servicio PHP FastCGI Process Manager para Apache
208	# - INETDSERV - servicio Inetd
209	# - DHCPSERV, DHCPCFGDIR - servicio y configuración de DHCP
210	# - MYSQLSERV, TMPMYCNF - servicio MySQL y fichero temporal con credenciales de acceso
211	# - MARIADBSERV - servicio MariaDB (sustituto de MySQL en algunas distribuciones)
212	# - RSYNCSERV, RSYNCCFGDIR - servicio y configuración de Rsync
213	# - SAMBASERV, SAMBACFGDIR - servicio y configuración de Samba
214	# - TFTPSERV, TFTPCFGDIR - servicio y configuración de TFTP/PXE
215	function autoConfigure()
216	{
217	# Detectar sistema operativo del servidor (compatible con fichero os-release y con LSB).
218	if [ -f /etc/os-release ]; then
219	source /etc/os-release
220	OSDISTRIB="$ID"
221	OSVERSION="$VERSION_ID"
222	else
223	OSDISTRIB=$(lsb_release -is 2>/dev/null)
224	OSVERSION=$(lsb_release -rs 2>/dev/null)
225	fi
226	# Convertir distribución a minúsculas y obtener solo el 1er número de versión.
227	OSDISTRIB="${OSDISTRIB,,}"
228	OSVERSION="${OSVERSION%%.*}"
229
230	# Configuración según la distribución GNU/Linux (usar minúsculas).
231	case "$OSDISTRIB" in
232	ubuntu\|debian\|linuxmint)
233	DEPENDENCIES=( subversion apache2 php php-ldap php-fpm mysql-server php-mysql isc-dhcp-server bittorrent tftp-hpa tftpd-hpa xinetd build-essential g++-multilib libmysqlclient-dev wget curl doxygen graphviz bittornado ctorrent samba rsync unzip netpipes debootstrap schroot squashfs-tools btrfs-tools procps arp-scan realpath php-curl gettext moreutils jq wakeonlan udpcast libev-dev libjansson-dev libssl-dev shim-signed grub-efi-amd64-signed gawk libdbi-dev libdbi1 libdbd-mysql liblz4-tool git stunnel4 )
234	UPDATEPKGLIST="apt-get update"
235	INSTALLPKG="apt-get -y install --force-yes"
236	CHECKPKG="dpkg -s \$package 2>/dev/null \| grep Status \| grep -qw install"
237	if which service &>/dev/null; then
238	STARTSERVICE="eval service \$service restart"
239	STOPSERVICE="eval service \$service stop"
240	else
241	STARTSERVICE="eval /etc/init.d/\$service restart"
242	STOPSERVICE="eval /etc/init.d/\$service stop"
243	fi
244	ENABLESERVICE="eval update-rc.d \$service defaults"
245	DISABLESERVICE="eval update-rc.d \$service disable"
246	APACHESERV=apache2
247	APACHECFGDIR=/etc/apache2
248	APACHESITESDIR=sites-available
249	APACHEOGSITE=opengnsys
250	APACHEUSER="www-data"
251	APACHEGROUP="www-data"
252	APACHEENABLEMODS="a2enmod ssl rewrite proxy_fcgi fastcgi actions alias"
253	APACHEENABLESSL="a2ensite default-ssl"
254	APACHEENABLEOG="a2ensite $APACHEOGSITE"
255	APACHEMAKECERT="make-ssl-cert generate-default-snakeoil --force-overwrite"
256	DHCPSERV=isc-dhcp-server
257	DHCPCFGDIR=/etc/dhcp
258	INETDSERV=xinetd
259	INETDCFGDIR=/etc/xinetd.d
260	MYSQLSERV=mysql
261	MYSQLCFGDIR=/etc/mysql/mysql.conf.d
262	MARIADBSERV=mariadb
263	PHPFPMSERV=php-fpm
264	RSYNCSERV=rsync
265	RSYNCCFGDIR=/etc
266	SAMBASERV=smbd
267	SAMBACFGDIR=/etc/samba
268	TFTPCFGDIR=/var/lib/tftpboot
269	LOCAL_CERTS_DIR=/usr/local/share/ca-certificates
270	UPDATE_CA_CMD=update-ca-certificates
271	STUNNEL_CAPATH=/etc/ssl/certs
272	;;
273	fedora\|centos)
274	DEPENDENCIES=( subversion httpd mod_ssl php-ldap php-fpm mysql-server mysql-devel mysql-devel.i686 php-mysql dhcp tftp-server tftp xinetd binutils gcc gcc-c++ glibc-devel glibc-devel.i686 glibc-static glibc-static.i686 libstdc++-devel.i686 make wget curl doxygen graphviz ctorrent samba samba-client rsync unzip debootstrap schroot squashfs-tools python-crypto arp-scan procps-ng gettext moreutils jq net-tools udpcast libev-devel jansson-devel openssl-devel shim-x64 grub2-efi-x64 grub2-efi-x64-modules gawk libdbi-devel libdbi libdbi-dbd-mysql http://ftp.altlinux.org/pub/distributions/ALTLinux/5.1/branch/$(arch)/RPMS.classic/netpipes-4.2-alt1.$(arch).rpm )
275	[ "$OSDISTRIB" == "centos" ] && UPDATEPKGLIST="yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-$OSVERSION.noarch.rpm http://rpms.remirepo.net/enterprise/remi-release-$OSVERSION.rpm"
276	INSTALLEXTRADEPS=( 'pushd /tmp; wget -t3 http://ftp.acc.umu.se/mirror/bittornado/BitTornado-0.3.18.tar.gz && tar xvzf BitTornado-0.3.18.tar.gz && cd BitTornado-CVS && python setup.py install && ln -fs btlaunchmany.py /usr/bin/btlaunchmany && ln -fs bttrack.py /usr/bin/bttrack; popd' )
277	INSTALLPKG="yum install -y libstdc++ libstdc++.i686"
278	CHECKPKG="rpm -q --quiet \$package"
279	SYSTEMD=$(which systemctl 2>/dev/null)
280	if [ -n "$SYSTEMD" ]; then
281	STARTSERVICE="eval systemctl start \$service.service"
282	STOPSERVICE="eval systemctl stop \$service.service"
283	ENABLESERVICE="eval systemctl enable \$service.service"
284	DISABLESERVICE="eval systemctl disable \$service.service"
285	else
286	STARTSERVICE="eval service \$service start"
287	STOPSERVICE="eval service \$service stop"
288	ENABLESERVICE="eval chkconfig \$service on"
289	DISABLESERVICE="eval chkconfig \$service off"
290	fi
291	APACHESERV=httpd
292	APACHECFGDIR=/etc/httpd/conf.d
293	APACHEOGSITE=opengnsys.conf
294	APACHEUSER="apache"
295	APACHEGROUP="apache"
296	APACHEREWRITEMOD="sed -i '/rewrite/s/^#//' $APACHECFGDIR/../*.conf"
297	DHCPSERV=dhcpd
298	DHCPCFGDIR=/etc/dhcp
299	INETDSERV=xinetd
300	INETDCFGDIR=/etc/xinetd.d
301	MYSQLSERV=mysqld
302	MYSQLCFGDIR=/etc/my.cnf.d
303	MARIADBSERV=mariadb
304	PHPFPMSERV=php-fpm
305	RSYNCSERV=rsync
306	RSYNCCFGDIR=/etc
307	SAMBASERV=smb
308	SAMBACFGDIR=/etc/samba
309	TFTPSERV=tftp
310	TFTPCFGDIR=/var/lib/tftpboot
311	LOCAL_CERTS_DIR=/etc/pki/ca-trust/source/anchors
312	UPDATE_CA_CMD=update-ca-trust
313	STUNNEL_CAPATH=/etc/pki/tls/certs
314	;;
315	"") echo "ERROR: Unknown Linux distribution, please install \"lsb_release\" command."
316	exit 1 ;;
317	*) echo "ERROR: Distribution not supported by OpenGnsys."
318	exit 1 ;;
319	esac
320
321	# Fichero de credenciales de acceso a MySQL.
322	TMPMYCNF=/tmp/.my.cnf.$$
323	}
324
325
326	# Modificar variables de configuración tras instalar paquetes del sistema.
327	function autoConfigurePost()
328	{
329	local f MKNETDIR
330
331	# Configuraciones específicas para Samba y TFTP en Debian 6.
332	[ -z "$SYSTEMD" -a ! -e /etc/init.d/$SAMBASERV ] && SAMBASERV=samba
333	[ ! -e $TFTPCFGDIR ] && TFTPCFGDIR=/srv/tftp
334
335	# Preparar arranque en red con Grub.
336	for f in grub-mknetdir grub2-mknetdir; do
337	if which $f &>/dev/null; then MKNETDIR=$f; fi
338	done
339	$MKNETDIR --net-directory=$TFTPCFGDIR --subdir=grub
340	}
341
342
343	# Cargar lista de paquetes del sistema y actualizar algunas variables de configuración
344	# dependiendo de la versión instalada.
345	function updatePackageList()
346	{
347	local DHCPVERSION PHP7VERSION
348
349	# Si es necesario, actualizar la lista de paquetes disponibles.
350	[ -n "$UPDATEPKGLIST" ] && eval $UPDATEPKGLIST
351
352	# Configuración personallizada de algunos paquetes.
353	case "$OSDISTRIB" in
354	ubuntu\|linuxmint) # Postconfiguación personalizada para Ubuntu.
355	# Configuración para DHCP v3.
356	DHCPVERSION=$(apt-cache show $(apt-cache pkgnames\|egrep "dhcp.?-server$") \| \
357	awk '/Version/ {print substr($2,1,1);}' \| \
358	sort -n \| tail -1)
359	if [ $DHCPVERSION = 3 ]; then
360	DEPENDENCIES=( ${DEPENDENCIES[@]/isc-dhcp-server/dhcp3-server} )
361	DHCPSERV=dhcp3-server
362	DHCPCFGDIR=/etc/dhcp3
363	fi
364	# Configuración para PHP 7 en Ubuntu.
365	if [ -z "$(apt-cache pkgnames php7)" ]; then
366	eval $INSTALLPKG software-properties-common
367	add-apt-repository -y ppa:ondrej/php
368	eval $UPDATEPKGLIST
369	PHP7VERSION=$(apt-cache pkgnames php7 \| sort \| head -1)
370	PHPFPMSERV="${PHP7VERSION}-fpm"
371	DEPENDENCIES=( ${DEPENDENCIES[@]//php/$PHP7VERSION} )
372	fi
373	# Adaptar dependencias para libmysqlclient.
374	[ -z "$(apt-cache pkgnames libmysqlclient-dev)" ] && [ -n "$(apt-cache pkgnames libmysqlclient15)" ] && DEPENDENCIES=( ${DEPENDENCIES[@]//libmysqlclient-dev/libmysqlclient15} )
375	# Paquetes correctos en versiones nuevas.
376	[ -z "$(apt-cache pkgnames realpath)" ] && DEPENDENCIES=( ${DEPENDENCIES[@]//realpath/coreutils} )
377	[ -z "$(apt-cache pkgnames btrfs-tools)" ] && DEPENDENCIES=( ${DEPENDENCIES[@]//btrfs-tools/btrfs-progs} )
378	[ -z "$(apt-cache pkgnames bittorrent)" ] && DEPENDENCIES=( ${DEPENDENCIES[@]//bittorrent/} )
379	[ -z "$(apt-cache pkgnames bittornado)" ] && DEPENDENCIES=( ${DEPENDENCIES[@]//bittornado/} )
380	;;
381	centos) # Postconfiguación personalizada para CentOS.
382	# Configuración para PHP 7.
383	PHP7VERSION=$(yum list -q php7\* 2>/dev/null \| awk -F. '/^php/ {print $1; exit;}')
384	PHPFPMSERV="${PHP7VERSION}-${PHPFPMSERV}"
385	DEPENDENCIES=( ${PHP7VERSION} ${DEPENDENCIES[@]//php/$PHP7VERSION-php} )
386	# Cambios a aplicar a partir de CentOS 7.
387	if [ $OSVERSION -ge 7 ]; then
388	# Sustituir MySQL por MariaDB.
389	DEPENDENCIES=( ${DEPENDENCIES[*]/mysql-/mariadb-} )
390	# Instalar ctorrent de EPEL para CentOS 6 (no disponible en CentOS 7).
391	DEPENDENCIES=( ${DEPENDENCIES[*]/ctorrent/http://dl.fedoraproject.org/pub/epel/6/$(arch)/Packages/c/ctorrent-1.3.4-14.dnh3.3.2.el6.$(arch).rpm} )
392	fi
393	;;
394	fedora) # Postconfiguación personalizada para Fedora.
395	# Incluir paquetes específicos.
396	DEPENDENCIES=( ${DEPENDENCIES[@]} btrfs-progs )
397	# Sustituir MySQL por MariaDB a partir de Fedora 20.
398	[ $OSVERSION -ge 20 ] && DEPENDENCIES=( ${DEPENDENCIES[*]/mysql-/mariadb-} )
399	;;
400	esac
401	}
402
403
404	#####################################################################
405	####### Algunas funciones útiles de propósito general:
406	#####################################################################
407
408	function getDateTime()
409	{
410	date "+%Y%m%d-%H%M%S"
411	}
412
413	# Escribe a fichero y muestra por pantalla
414	function echoAndLog()
415	{
416	local DATETIME=`getDateTime`
417	echo "$1"
418	echo "$DATETIME;$SSH_CLIENT;$1" >> $LOG_FILE
419	}
420
421	# Escribe a fichero y muestra mensaje de error
422	function errorAndLog()
423	{
424	local DATETIME=`getDateTime`
425	echo "ERROR: $1"
426	echo "$DATETIME;$SSH_CLIENT;ERROR: $1" >> $LOG_FILE
427	}
428
429	# Escribe a fichero y muestra mensaje de aviso
430	function warningAndLog()
431	{
432	local DATETIME=`getDateTime`
433	echo "Warning: $1"
434	echo "$DATETIME;$SSH_CLIENT;Warning: $1" >> $LOG_FILE
435	}
436
437	# Comprueba si el elemento pasado en $2 está en el array $1
438	function isInArray()
439	{
440	if [ $# -ne 2 ]; then
441	errorAndLog "${FUNCNAME}(): invalid number of parameters"
442	exit 1
443	fi
444
445	local deps
446	local is_in_array=1
447	local element="$2"
448
449	echoAndLog "${FUNCNAME}(): checking if $2 is in $1"
450	eval "deps=( \"\${$1[@]}\" )"
451
452	# Copia local del array del parámetro 1.
453	for (( i = 0 ; i < ${#deps[@]} ; i++ )); do
454	if [ "${deps[$i]}" = "${element}" ]; then
455	echoAndLog "isInArray(): $element found in array"
456	is_in_array=0
457	fi
458	done
459
460	if [ $is_in_array -ne 0 ]; then
461	echoAndLog "${FUNCNAME}(): $element NOT found in array"
462	fi
463
464	return $is_in_array
465	}
466
467
468	#####################################################################
469	####### Funciones de manejo de paquetes Debian
470	#####################################################################
471
472	function checkPackage()
473	{
474	package=$1
475	if [ -z $package ]; then
476	errorAndLog "${FUNCNAME}(): parameter required"
477	exit 1
478	fi
479	echoAndLog "${FUNCNAME}(): checking if package $package exists"
480	eval $CHECKPKG
481	if [ $? -eq 0 ]; then
482	echoAndLog "${FUNCNAME}(): package $package exists"
483	return 0
484	else
485	echoAndLog "${FUNCNAME}(): package $package doesn't exists"
486	return 1
487	fi
488	}
489
490	# Recibe array con dependencias
491	# por referencia deja un array con las dependencias no resueltas
492	# devuelve 1 si hay alguna dependencia no resuelta
493	function checkDependencies()
494	{
495	if [ $# -ne 2 ]; then
496	errorAndLog "${FUNCNAME}(): invalid number of parameters"
497	exit 1
498	fi
499
500	echoAndLog "${FUNCNAME}(): checking dependences"
501	uncompletedeps=0
502
503	# copia local del array del parametro 1
504	local deps
505	eval "deps=( \"\${$1[@]}\" )"
506
507	declare -a local_notinstalled
508
509	for (( i = 0 ; i < ${#deps[@]} ; i++ ))
510	do
511	checkPackage ${deps[$i]}
512	if [ $? -ne 0 ]; then
513	local_notinstalled[$uncompletedeps]=$package
514	let uncompletedeps=uncompletedeps+1
515	fi
516	done
517
518	# relleno el array especificado en $2 por referencia
519	for (( i = 0 ; i < ${#local_notinstalled[@]} ; i++ ))
520	do
521	eval "${2}[$i]=${local_notinstalled[$i]}"
522	done
523
524	# retorna el numero de paquetes no resueltos
525	echoAndLog "${FUNCNAME}(): dependencies uncompleted: $uncompletedeps"
526	return $uncompletedeps
527	}
528
529	# Recibe un array con las dependencias y lo instala
530	function installDependencies()
531	{
532	if [ $# -ne 1 ]; then
533	errorAndLog "${FUNCNAME}(): invalid number of parameters"
534	exit 1
535	fi
536	echoAndLog "${FUNCNAME}(): installing uncompleted dependencies"
537
538	# copia local del array del parametro 1
539	local deps
540	eval "deps=( \"\${$1[@]}\" )"
541
542	local string_deps=""
543	for (( i = 0 ; i < ${#deps[@]} ; i++ ))
544	do
545	string_deps="$string_deps ${deps[$i]}"
546	done
547
548	if [ -z "${string_deps}" ]; then
549	errorAndLog "${FUNCNAME}(): array of dependeces is empty"
550	exit 1
551	fi
552
553	OLD_DEBIAN_FRONTEND=$DEBIAN_FRONTEND # Debian/Ubuntu
554	export DEBIAN_FRONTEND=noninteractive
555
556	echoAndLog "${FUNCNAME}(): now $string_deps will be installed"
557	eval $INSTALLPKG $string_deps
558	if [ $? -ne 0 ]; then
559	errorAndLog "${FUNCNAME}(): error installing dependencies"
560	return 1
561	fi
562
563	DEBIAN_FRONTEND=$OLD_DEBIAN_FRONTEND # Debian/Ubuntu
564	test grep -q "EPEL temporal" /etc/yum.repos.d/epel.repo 2>/dev/null \|\| mv -f /etc/yum.repos.d/epel.repo.rpmnew /etc/yum.repos.d/epel.repo 2>/dev/null # CentOS/RedHat EPEL
565
566	echoAndLog "${FUNCNAME}(): dependencies installed"
567	}
568
569	# Hace un backup del fichero pasado por parámetro
570	# deja un -last y uno para el día
571	function backupFile()
572	{
573	if [ $# -ne 1 ]; then
574	errorAndLog "${FUNCNAME}(): invalid number of parameters"
575	exit 1
576	fi
577
578	local file="$1"
579	local dateymd=`date +%Y%m%d`
580
581	if [ ! -f "$file" ]; then
582	warningAndLog "${FUNCNAME}(): file $file doesn't exists"
583	return 1
584	fi
585
586	echoAndLog "${FUNCNAME}(): making $file backup"
587
588	# realiza una copia de la última configuración como last
589	cp -a "$file" "${file}-LAST"
590
591	# si para el día no hay backup lo hace, sino no
592	if [ ! -f "${file}-${dateymd}" ]; then
593	cp -a "$file" "${file}-${dateymd}"
594	fi
595
596	echoAndLog "${FUNCNAME}(): $file backup success"
597	}
598
599	#####################################################################
600	####### Funciones para el manejo de bases de datos
601	#####################################################################
602
603	# This function set password to root
604	function mysqlSetRootPassword()
605	{
606	if [ $# -ne 1 ]; then
607	errorAndLog "${FUNCNAME}(): invalid number of parameters"
608	exit 1
609	fi
610
611	local root_mysql="$1"
612	echoAndLog "${FUNCNAME}(): setting root password in MySQL server"
613	mysqladmin -u root password "$root_mysql"
614	if [ $? -ne 0 ]; then
615	errorAndLog "${FUNCNAME}(): error while setting root password in MySQL server"
616	return 1
617	fi
618	echoAndLog "${FUNCNAME}(): root password saved!"
619	return 0
620	}
621
622	# Si el servicio mysql esta ya instalado cambia la variable de la clave del root por la ya existente
623	function mysqlGetRootPassword()
624	{
625	local pass_mysql
626	local pass_mysql2
627	# Comprobar si MySQL está instalado con la clave de root por defecto.
628	if mysql -u root -p"$MYSQL_ROOT_PASSWORD" <<<"quit" 2>/dev/null; then
629	echoAndLog "${FUNCNAME}(): Using default mysql root password."
630	else
631	stty -echo
632	echo "There is a MySQL service already installed."
633	read -p "Enter MySQL root password: " pass_mysql
634	echo ""
635	read -p "Confrim password:" pass_mysql2
636	echo ""
637	stty echo
638	if [ "$pass_mysql" == "$pass_mysql2" ] ;then
639	MYSQL_ROOT_PASSWORD="$pass_mysql"
640	return 0
641	else
642	echo "The keys don't match. Do not configure the server's key,"
643	echo "transactions in the database will give error."
644	return 1
645	fi
646	fi
647	}
648
649	# comprueba si puede conectar con mysql con el usuario root
650	function mysqlTestConnection()
651	{
652	if [ $# -ne 1 ]; then
653	errorAndLog "${FUNCNAME}(): invalid number of parameters"
654	exit 1
655	fi
656
657	local root_password="$1"
658	echoAndLog "${FUNCNAME}(): checking connection to mysql..."
659	# Componer fichero con credenciales de conexión a MySQL.
660	touch $TMPMYCNF
661	chmod 600 $TMPMYCNF
662	cat << EOT > $TMPMYCNF
663	[client]
664	user=root
665	password=$root_password
666	EOT
667	# Borrar el fichero temporal si termina el proceso de instalación.
668	trap "rm -f $TMPMYCNF" 0 1 2 3 6 9 15
669	# Comprobar conexión a MySQL.
670	echo "" \| mysql --defaults-extra-file=$TMPMYCNF
671	if [ $? -ne 0 ]; then
672	errorAndLog "${FUNCNAME}(): connection to mysql failed, check root password and if daemon is running!"
673	return 1
674	else
675	echoAndLog "${FUNCNAME}(): connection success"
676	return 0
677	fi
678	}
679
680	# comprueba si la base de datos existe
681	function mysqlDbExists()
682	{
683	if [ $# -ne 1 ]; then
684	errorAndLog "${FUNCNAME}(): invalid number of parameters"
685	exit 1
686	fi
687
688	local database="$1"
689	echoAndLog "${FUNCNAME}(): checking if $database exists..."
690	echo "show databases" \| mysql --defaults-extra-file=$TMPMYCNF \| grep "^${database}$"
691	if [ $? -ne 0 ]; then
692	echoAndLog "${FUNCNAME}():database $database doesn't exists"
693	return 1
694	else
695	echoAndLog "${FUNCNAME}():database $database exists"
696	return 0
697	fi
698	}
699
700	# Comprueba si la base de datos está vacía.
701	function mysqlCheckDbIsEmpty()
702	{
703	if [ $# -ne 1 ]; then
704	errorAndLog "${FUNCNAME}(): invalid number of parameters"
705	exit 1
706	fi
707
708	local database="$1"
709	echoAndLog "${FUNCNAME}(): checking if $database is empty..."
710	num_tablas=`echo "show tables" \| mysql --defaults-extra-file=$TMPMYCNF "${database}" \| wc -l`
711	if [ $? -ne 0 ]; then
712	errorAndLog "${FUNCNAME}(): error executing query, check database and root password"
713	exit 1
714	fi
715
716	if [ $num_tablas -eq 0 ]; then
717	echoAndLog "${FUNCNAME}():database $database is empty"
718	return 0
719	else
720	echoAndLog "${FUNCNAME}():database $database has tables"
721	return 1
722	fi
723
724	}
725
726	# Importa un fichero SQL en la base de datos.
727	# Parámetros:
728	# - 1: nombre de la BD.
729	# - 2: fichero a importar.
730	# Nota: el fichero SQL puede contener las siguientes palabras reservadas:
731	# - SERVERIP: se sustituye por la dirección IP del servidor.
732	# - DBUSER: se sustituye por usuario de conexión a la BD definido en este script.
733	# - DBPASSWD: se sustituye por la clave de conexión a la BD definida en este script.
734	function mysqlImportSqlFileToDb()
735	{
736	if [ $# -ne 2 ]; then
737	errorAndLog "${FNCNAME}(): invalid number of parameters"
738	exit 1
739	fi
740
741	local database="$1"
742	local sqlfile="$2"
743	local tmpfile=$(mktemp)
744	local i=0
745	local dev=""
746	local status
747
748	if [ ! -f $sqlfile ]; then
749	errorAndLog "${FUNCNAME}(): Unable to locate $sqlfile!!"
750	return 1
751	fi
752
753	echoAndLog "${FUNCNAME}(): importing SQL file to ${database}..."
754	chmod 600 $tmpfile
755	for dev in ${DEVICE[*]}; do
756	if [ "${DEVICE[i]}" == "$DEFAULTDEV" ]; then
757	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
758	-e "s/DBUSER/$OPENGNSYS_DB_USER/g" \
759	-e "s/DBPASSWORD/$OPENGNSYS_DB_PASSWD/g" \
760	$sqlfile > $tmpfile
761	fi
762	let i++
763	done
764	mysql --defaults-extra-file=$TMPMYCNF --default-character-set=utf8 "${database}" < $tmpfile
765	status=$?
766	rm -f $tmpfile
767	if [ $status -ne 0 ]; then
768	errorAndLog "${FUNCNAME}(): error while importing $sqlfile in database $database"
769	return 1
770	fi
771	echoAndLog "${FUNCNAME}(): file imported to database $database"
772	return 0
773	}
774
775	# Crea la base de datos
776	function mysqlCreateDb()
777	{
778	if [ $# -ne 1 ]; then
779	errorAndLog "${FUNCNAME}(): invalid number of parameters"
780	exit 1
781	fi
782
783	local database="$1"
784
785	echoAndLog "${FUNCNAME}(): creating database..."
786	mysqladmin --defaults-extra-file=$TMPMYCNF create $database
787	if [ $? -ne 0 ]; then
788	errorAndLog "${FUNCNAME}(): error while creating database $database"
789	return 1
790	fi
791	# Quitar modo ONLY_FULL_GROUP_BY de MySQL (ticket #730).
792	mysql --defaults-extra-file=$TMPMYCNF -e "SET GLOBAL sql_mode=(SELECT TRIM(BOTH ',' FROM REPLACE(@@sql_mode,'ONLY_FULL_GROUP_BY','')));"
793
794	echoAndLog "${FUNCNAME}(): database $database created"
795	return 0
796	}
797
798	# Comprueba si ya está definido el usuario de acceso a la BD.
799	function mysqlCheckUserExists()
800	{
801	if [ $# -ne 1 ]; then
802	errorAndLog "${FUNCNAME}(): invalid number of parameters"
803	exit 1
804	fi
805
806	local userdb="$1"
807
808	echoAndLog "${FUNCNAME}(): checking if $userdb exists..."
809	echo "select user from user where user='${userdb}'\\G" \|mysql --defaults-extra-file=$TMPMYCNF mysql \| grep user
810	if [ $? -ne 0 ]; then
811	echoAndLog "${FUNCNAME}(): user doesn't exists"
812	return 1
813	else
814	echoAndLog "${FUNCNAME}(): user already exists"
815	return 0
816	fi
817
818	}
819
820	# Crea un usuario administrativo para la base de datos
821	function mysqlCreateAdminUserToDb()
822	{
823	if [ $# -ne 3 ]; then
824	errorAndLog "${FUNCNAME}(): invalid number of parameters"
825	exit 1
826	fi
827
828	local database="$1"
829	local userdb="$2"
830	local passdb="$3"
831
832	echoAndLog "${FUNCNAME}(): creating admin user ${userdb} to database ${database}"
833
834	cat > $WORKDIR/create_${database}.sql <<EOF
835	CREATE USER '${userdb}'@'localhost' IDENTIFIED BY '${passdb}';
836	GRANT USAGE ON . TO '${userdb}'@'localhost';
837	GRANT ALL PRIVILEGES ON ${database}.* TO '${userdb}'@'localhost' WITH GRANT OPTION;
838	FLUSH PRIVILEGES;
839	EOF
840	mysql --defaults-extra-file=$TMPMYCNF < $WORKDIR/create_${database}.sql
841	if [ $? -ne 0 ]; then
842	errorAndLog "${FUNCNAME}(): error while creating user in mysql"
843	rm -f $WORKDIR/create_${database}.sql
844	return 1
845	else
846	echoAndLog "${FUNCNAME}(): user created ok"
847	rm -f $WORKDIR/create_${database}.sql
848	return 0
849	fi
850	}
851
852
853	#####################################################################
854	####### Funciones para la descarga de código
855	#####################################################################
856
857	# Obtiene el código fuente del proyecto desde el repositorio de GitHub.
858	function downloadCode()
859	{
860	if [ $# -ne 1 ]; then
861	errorAndLog "${FUNCNAME}(): invalid number of parameters"
862	exit 1
863	fi
864
865	local url="$1"
866
867	echoAndLog "${FUNCNAME}(): downloading code from '$url'..."
868
869	RETRIES=5
870	DELAY=4
871	COUNT=1
872	while [ $COUNT -lt $RETRIES ]; do
873	GIT_SSL_NO_VERIFY=1 GIT_CURL_VERBOSE=1 git clone --verbose $url
874	if [ $? -eq 0 ]; then
875	RETRIES=0
876	break
877	fi
878	let COUNT=$COUNT+1
879	sleep $DELAY
880	done
881
882	if [ $? -ne 0 ]; then
883	errorAndLog "${FUNCNAME}(): error getting OpenGnsys code from $url"
884	return 1
885	fi
886	rm -rf opengnsys/.git
887	echoAndLog "${FUNCNAME}(): code was downloaded"
888	return 0
889	}
890
891
892	############################################################
893	### Detectar red
894	############################################################
895
896	# Comprobar si existe conexión.
897	function checkNetworkConnection()
898	{
899	echoAndLog "${FUNCNAME}(): Checking OpenGnsys server connectivity."
900	OPENGNSYS_SERVER=${OPENGNSYS_SERVER:-"opengnsys.es"}
901	if which curl &>/dev/null; then
902	curl --stderr - --insecure --connect-timeout 10 --retry 5 --retry-delay 5 --max-time 30 "https://$OPENGNSYS_SERVER/" -o /dev/null && \
903	curl --stderr - --insecure --connect-timeout 10 --retry 5 --retry-delay 5 --max-time 30 "http://$OPENGNSYS_SERVER/" -o /dev/null
904	elif which wget &>/dev/null; then
905	wget --no-check-certificate --spider -q "https://$OPENGNSYS_SERVER/" && \
906	wget --no-check-certificate --spider -q "http://$OPENGNSYS_SERVER/"
907	else
908	echoAndLog "${FUNCNAME}(): Cannot execute \"wget\" nor \"curl\"."
909	return 1
910	fi
911	}
912
913	# Convierte nº de bits (notación CIDR) en máscara de red (gracias a FriedZombie en openwrt.org).
914	cidr2mask ()
915	{
916	# Number of args to shift, 255..255, first non-255 byte, zeroes
917	set -- $[ 5 - ($1 / 8) ] 255 255 255 255 $[ (255 << (8 - ($1 % 8))) & 255 ] 0 0 0
918	[ $1 -gt 1 ] && shift $1 \|\| shift
919	echo ${1-0}.${2-0}.${3-0}.${4-0}
920	}
921
922	# Obtener los parámetros de red de la interfaz por defecto.
923	function getNetworkSettings()
924	{
925	# Arrays globales definidas:
926	# - DEVICE: nombres de dispositivos de red activos.
927	# - SERVERIP: IPs locales del servidor.
928	# - NETIP: IPs de redes.
929	# - NETMASK: máscaras de red.
930	# - NETBROAD: IPs de difusión de redes.
931	# - ROUTERIP: IPs de routers.
932	# Otras variables globales:
933	# - DEFAULTDEV: dispositivo de red por defecto.
934	# - DNSIP: IP del servidor DNS principal.
935
936	local i=0
937	local dev=""
938
939	echoAndLog "${FUNCNAME}(): Detecting network parameters."
940	DEVICE=( $(ip -o link show up \| awk '!/loopback/ {sub(/[:@].*/,"",$2); print $2}') )
941	if [ -z "$DEVICE" ]; then
942	errorAndLog "${FUNCNAME}(): Network devices not detected."
943	exit 1
944	fi
945	for dev in ${DEVICE[*]}; do
946	SERVERIP[i]=$(ip -o addr show dev "$dev" \| awk '$3~/inet$/ {sub (/\/.*/, ""); print ($4); exit;}')
947	if [ -n "${SERVERIP[i]}" ]; then
948	NETMASK[i]=$( cidr2mask $(ip -o addr show dev "$dev" \| awk '$3~/inet$/ {sub (/.*\//, "", $4); print ($4); exit;}') )
949	NETBROAD[i]=$(ip -o addr show dev "$dev" \| awk '$3~/inet$/ {print ($6); exit;}')
950	NETIP[i]=$(ip route list proto kernel \| awk -v d="$dev" '$3==d && /src/ {sub (/\/.*/,""); print $1; exit;}')
951	ROUTERIP[i]=$(ip route list default \| awk -v d="$dev" '$5==d {print $3; exit;}')
952	if [ $DHCPNET == ${NETIP[i]} ]; then
953	DEFAULTDEV="$dev"
954	else
955	DEFAULTDEV=${DEFAULTDEV:-"$dev"}
956	fi
957	fi
958	let i++
959	done
960	DNSIP=$(systemd-resolve --status 2>/dev/null \| awk '/DNS Servers:/ {print $3; exit;}')
961	[ -z "$DNSIP" ] && DNSIP=$(awk '/nameserver/ {print $2; exit;}' /etc/resolv.conf)
962	if [ -z "${NETIP[]}" -o -z "${NETMASK[]}" ]; then
963	errorAndLog "${FUNCNAME}(): Network not detected."
964	exit 1
965	fi
966
967	# Variables de ejecución de Apache
968	# - APACHE_RUN_USER
969	# - APACHE_RUN_GROUP
970	if [ -f $APACHECFGDIR/envvars ]; then
971	source $APACHECFGDIR/envvars
972	fi
973	APACHE_RUN_USER=${APACHE_RUN_USER:-"$APACHEUSER"}
974	APACHE_RUN_GROUP=${APACHE_RUN_GROUP:-"$APACHEGROUP"}
975
976	echoAndLog "${FUNCNAME}(): Default network device: $DEFAULTDEV."
977	}
978
979
980	############################################################
981	### Esqueleto para el Servicio pxe y contenedor tftpboot ###
982	############################################################
983
984	function tftpConfigure()
985	{
986	echoAndLog "${FUNCNAME}(): Configuring TFTP service."
987	# Habilitar TFTP y reiniciar Inetd.
988	if [ -n "$TFTPSERV" ]; then
989	if [ -f $INETDCFGDIR/$TFTPSERV ]; then
990	perl -pi -e 's/disable.*/disable = no/' $INETDCFGDIR/$TFTPSERV
991	else
992	service=$TFTPSERV
993	$ENABLESERVICE; $STARTSERVICE
994	fi
995	fi
996	service=$INETDSERV
997	$ENABLESERVICE; $STARTSERVICE
998
999	# comprobamos el servicio tftp
1000	sleep 1
1001	testPxe
1002	}
1003
1004	# Comprueba que haya conexión al servicio TFTP/PXE.
1005	function testPxe ()
1006	{
1007	echoAndLog "${FUNCNAME}(): Checking TFTP service... please wait."
1008	echo "test" >$TFTPCFGDIR/testpxe
1009	tftp -v 127.0.0.1 -c get testpxe /tmp/testpxe && echoAndLog "TFTP service is OK." \|\| errorAndLog "TFTP service is down."
1010	rm -f $TFTPCFGDIR/testpxe /tmp/testpxe
1011	}
1012
1013
1014	########################################################################
1015	## Configuración servicio Samba
1016	########################################################################
1017
1018	# Configurar servicios Samba.
1019	function smbConfigure()
1020	{
1021	echoAndLog "${FUNCNAME}(): Configuring Samba service."
1022
1023	backupFile $SAMBACFGDIR/smb.conf
1024
1025	# Copiar plantailla de recursos para OpenGnsys
1026	sed -e "s/OPENGNSYSDIR/${INSTALL_TARGET//\//\\/}/g" \
1027	$WORKDIR/opengnsys/server/etc/smb-og.conf.tmpl > $SAMBACFGDIR/smb-og.conf
1028	# Configurar y recargar Samba"
1029	perl -pi -e "s/WORKGROUP/OPENGNSYS/; s/server string \=.*/server string \= OpenGnsys Samba Server/" $SAMBACFGDIR/smb.conf
1030	if ! grep -q "smb-og" $SAMBACFGDIR/smb.conf; then
1031	echo "include = $SAMBACFGDIR/smb-og.conf" >> $SAMBACFGDIR/smb.conf
1032	fi
1033	service=$SAMBASERV
1034	$ENABLESERVICE; $STARTSERVICE
1035	if [ $? -ne 0 ]; then
1036	errorAndLog "${FUNCNAME}(): error while configure Samba"
1037	return 1
1038	fi
1039	# Crear clave para usuario de acceso a los recursos.
1040	echo -ne "$OPENGNSYS_CLIENT_PASSWD\n$OPENGNSYS_CLIENT_PASSWD\n" \| smbpasswd -a -s $OPENGNSYS_CLIENT_USER
1041
1042	echoAndLog "${FUNCNAME}(): Added Samba configuration."
1043	return 0
1044	}
1045
1046
1047	########################################################################
1048	## Configuración servicio Rsync
1049	########################################################################
1050
1051	# Configurar servicio Rsync.
1052	function rsyncConfigure()
1053	{
1054	echoAndLog "${FUNCNAME}(): Configuring Rsync service."
1055
1056	backupFile $RSYNCCFGDIR/rsyncd.conf
1057
1058	# Configurar acceso a Rsync.
1059	sed -e "s/CLIENTUSER/$OPENGNSYS_CLIENT_USER/g" \
1060	$WORKDIR/opengnsys/repoman/etc/rsyncd.conf.tmpl > $RSYNCCFGDIR/rsyncd.conf
1061	# Habilitar Rsync y reiniciar Inetd.
1062	if [ -n "$RSYNCSERV" ]; then
1063	if [ -f /etc/default/rsync ]; then
1064	perl -pi -e 's/RSYNC_ENABLE=.*/RSYNC_ENABLE=inetd/' /etc/default/rsync
1065	fi
1066	if [ -f $INETDCFGDIR/rsync ]; then
1067	perl -pi -e 's/disable.*/disable = no/' $INETDCFGDIR/rsync
1068	else
1069	cat << EOT > $INETDCFGDIR/rsync
1070	service rsync
1071	{
1072	disable = no
1073	socket_type = stream
1074	wait = no
1075	user = root
1076	server = $(which rsync)
1077	server_args = --daemon
1078	log_on_failure += USERID
1079	flags = IPv6
1080	}
1081	EOT
1082	fi
1083	service=$RSYNCSERV $ENABLESERVICE
1084	service=$INETDSERV $STARTSERVICE
1085	fi
1086
1087	echoAndLog "${FUNCNAME}(): Added Rsync configuration."
1088	return 0
1089	}
1090
1091
1092	########################################################################
1093	## Configuración servicio DHCP
1094	########################################################################
1095
1096	# Configurar servicios DHCP.
1097	function dhcpConfigure()
1098	{
1099	echoAndLog "${FUNCNAME}(): Sample DHCP configuration."
1100
1101	local errcode=0
1102	local i=0
1103	local dev=""
1104
1105	backupFile $DHCPCFGDIR/dhcpd.conf
1106	for dev in ${DEVICE[*]}; do
1107	if [ -n "${SERVERIP[i]}" ]; then
1108	backupFile $DHCPCFGDIR/dhcpd-$dev.conf
1109	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
1110	-e "s/NETIP/${NETIP[i]}/g" \
1111	-e "s/NETMASK/${NETMASK[i]}/g" \
1112	-e "s/NETBROAD/${NETBROAD[i]}/g" \
1113	-e "s/ROUTERIP/${ROUTERIP[i]}/g" \
1114	-e "s/DNSIP/$DNSIP/g" \
1115	$WORKDIR/opengnsys/server/etc/dhcpd.conf.tmpl > $DHCPCFGDIR/dhcpd-$dev.conf \|\| errcode=1
1116	fi
1117	let i++
1118	done
1119	if [ $errcode -ne 0 ]; then
1120	errorAndLog "${FUNCNAME}(): error while configuring DHCP server"
1121	return 1
1122	fi
1123	ln -f $DHCPCFGDIR/dhcpd-$DEFAULTDEV.conf $DHCPCFGDIR/dhcpd.conf
1124	service=$DHCPSERV
1125	$ENABLESERVICE; $STARTSERVICE
1126	echoAndLog "${FUNCNAME}(): Sample DHCP configured in \"$DHCPCFGDIR\"."
1127	return 0
1128	}
1129
1130
1131	#####################################################################
1132	####### Funciones específicas de la instalación de Opengnsys
1133	#####################################################################
1134
1135	# Copiar ficheros del OpenGnsys Web Console.
1136	function installWebFiles()
1137	{
1138	local COMPATDIR f
1139	local SLIMFILE="slim-2.6.1.zip"
1140	local SWAGGERFILE="swagger-ui-2.2.5.zip"
1141
1142	echoAndLog "${FUNCNAME}(): Installing web files..."
1143	# Copiar ficheros.
1144	cp -a $WORKDIR/opengnsys/admin/WebConsole/* $INSTALL_TARGET/www #*/ comentario para Doxygen.
1145	if [ $? != 0 ]; then
1146	errorAndLog "${FUNCNAME}(): Error copying web files."
1147	exit 1
1148	fi
1149
1150	# Descomprimir librerías: Slim y Swagger-UI.
1151	unzip -o $WORKDIR/opengnsys/admin/$SLIMFILE -d $INSTALL_TARGET/www/rest
1152	unzip -o $WORKDIR/opengnsys/admin/$SWAGGERFILE -d $INSTALL_TARGET/www/rest
1153
1154	# Compatibilidad con dispositivos móviles.
1155	COMPATDIR="$INSTALL_TARGET/www/principal"
1156	for f in acciones administracion aula aulas hardwares imagenes menus repositorios softwares; do
1157	sed 's/clickcontextualnodo/clicksupnodo/g' $COMPATDIR/$f.php > $COMPATDIR/$f.device.php
1158	done
1159	cp -a $COMPATDIR/imagenes.device.php $COMPATDIR/imagenes.device4.php
1160	# Acceso al manual de usuario
1161	ln -fs ../doc/userManual $INSTALL_TARGET/www/userManual
1162	# Ficheros de log de la API REST.
1163	touch $INSTALL_TARGET/log/{ogagent,remotepc,rest}.log
1164
1165	echoAndLog "${FUNCNAME}(): Web files installed successfully."
1166	}
1167
1168	function configurePHPvars()
1169	{
1170	OGADMSRV_HOSTNAME=$1
1171	OGADMSRV_PORT=$2
1172	sed "s/__OGADMSRV_HOSTNAME__/$OGADMSRV_HOSTNAME/; s/__OGADMSRV_PORT__/$OGADMSRV_PORT/" <$WORKDIR/opengnsys/server/etc/php-vars.php.tmpl >$INSTALL_TARGET/etc/php-vars.php
1173	}
1174
1175	# Copiar ficheros en la zona de descargas de OpenGnsys Web Console.
1176	function installDownloadableFiles()
1177	{
1178	local VERSIONFILE OGVERSION FILENAME TARGETFILE
1179
1180	# Obtener versión a descargar.
1181	VERSIONFILE="$INSTALL_TARGET/doc/VERSION.json"
1182	OGVERSION="$(jq -r ".ogagent // \"$INSTVERSION\"" $VERSIONFILE 2>/dev/null \|\| echo "$INSTVERSION")"
1183	FILENAME="ogagentpkgs-$OGVERSION.tar.gz"
1184	TARGETFILE=$WORKDIR/$FILENAME
1185
1186	# Descargar archivo comprimido, si es necesario.
1187	if [ -s $PROGRAMDIR/$FILENAME ]; then
1188	echoAndLog "${FUNCNAME}(): Moving $PROGRAMDIR/$FILENAME file to $(dirname $TARGETFILE)"
1189	mv $PROGRAMDIR/$FILENAME $TARGETFILE
1190	else
1191	echoAndLog "${FUNCNAME}(): Downloading $FILENAME"
1192	curl --stderr - --insecure --retry 5 --retry-delay 5 --max-time 30 $DOWNLOADURL/$FILENAME -o $TARGETFILE
1193	fi
1194	if [ ! -s $TARGETFILE ]; then
1195	errorAndLog "${FUNCNAME}(): Cannot download $FILENAME"
1196	return 1
1197	fi
1198
1199	# Descomprimir fichero en zona de descargas.
1200	tar xvzf $TARGETFILE -C $INSTALL_TARGET/www/descargas
1201	if [ $? != 0 ]; then
1202	errorAndLog "${FUNCNAME}(): Error uncompressing archive."
1203	exit 1
1204	fi
1205	}
1206
1207	# Configuración específica de Apache.
1208	function installWebConsoleApacheConf()
1209	{
1210	if [ $# -ne 2 ]; then
1211	errorAndLog "${FUNCNAME}(): invalid number of parameters"
1212	exit 1
1213	fi
1214
1215	local path_opengnsys_base="$1"
1216	local path_apache2_confd="$2"
1217	local CONSOLEDIR=${path_opengnsys_base}/www
1218	local sockfile
1219
1220	if [ ! -d $path_apache2_confd ]; then
1221	errorAndLog "${FUNCNAME}(): path to apache2 conf.d can not found, verify your server installation"
1222	return 1
1223	fi
1224
1225	mkdir -p $path_apache2_confd/{sites-available,sites-enabled}
1226
1227	echoAndLog "${FUNCNAME}(): creating apache2 config file.."
1228
1229	# Avtivar PHP-FPM.
1230	echoAndLog "${FUNCNAME}(): configuring PHP-FPM"
1231	service=$PHPFPMSERV
1232	$ENABLESERVICE; $STARTSERVICE
1233	sockfile=$(find /run/php -name "php*.sock" -type s -print 2>/dev/null \| tail -1)
1234
1235	# Activar módulos de Apache.
1236	$APACHEENABLEMODS
1237	# Activar HTTPS.
1238	$APACHEENABLESSL
1239	$APACHEMAKECERT
1240	# Genera configuración de consola web a partir del fichero plantilla.
1241	if [ -n "$(apachectl -v \| grep "2\.[0-2]")" ]; then
1242	# Configuración para versiones anteriores de Apache.
1243	sed -e "s,CONSOLEDIR,$CONSOLEDIR,g" \
1244	$WORKDIR/opengnsys/server/etc/apache-prev2.4.conf.tmpl > $path_apache2_confd/$APACHESITESDIR/${APACHEOGSITE}
1245	else
1246	# Configuración específica a partir de Apache 2.4
1247	if [ -n "$sockfile" ]; then
1248	sed -e "s,CONSOLEDIR,$CONSOLEDIR,g" \
1249	-e "s,proxy:fcgi:.,proxy:unix:${sockfile%% }\|fcgi://localhost\",g" \
1250	$WORKDIR/opengnsys/server/etc/apache.conf.tmpl > $path_apache2_confd/$APACHESITESDIR/${APACHEOGSITE}.conf
1251	else
1252	sed -e "s,CONSOLEDIR,$CONSOLEDIR,g" \
1253	$WORKDIR/opengnsys/server/etc/apache.conf.tmpl > $path_apache2_confd/$APACHESITESDIR/${APACHEOGSITE}.conf
1254	fi
1255	fi
1256	$APACHEENABLEOG
1257	if [ $? -ne 0 ]; then
1258	errorAndLog "${FUNCNAME}(): config file can't be linked to apache conf, verify your server installation"
1259	return 1
1260	fi
1261	echoAndLog "${FUNCNAME}(): config file created and linked, restarting apache daemon"
1262	service=$APACHESERV
1263	$ENABLESERVICE; $STARTSERVICE
1264	return 0
1265	}
1266
1267
1268	# Crear documentación Doxygen para la consola web.
1269	function makeDoxygenFiles()
1270	{
1271	echoAndLog "${FUNCNAME}(): Making Doxygen web files..."
1272	$WORKDIR/opengnsys/installer/ogGenerateDoc.sh \
1273	$WORKDIR/opengnsys/client/engine $INSTALL_TARGET/www
1274	if [ ! -d "$INSTALL_TARGET/www/html" ]; then
1275	errorAndLog "${FUNCNAME}(): unable to create Doxygen web files."
1276	return 1
1277	fi
1278	mv "$INSTALL_TARGET/www/html" "$INSTALL_TARGET/www/api"
1279	echoAndLog "${FUNCNAME}(): Doxygen web files created successfully."
1280	}
1281
1282
1283	# Crea la estructura base de la instalación de opengnsys
1284	function createDirs()
1285	{
1286	if [ $# -ne 1 ]; then
1287	errorAndLog "${FUNCNAME}(): invalid number of parameters"
1288	exit 1
1289	fi
1290
1291	local path_opengnsys_base="$1"
1292
1293	# Crear estructura de directorios.
1294	echoAndLog "${FUNCNAME}(): creating directory paths in $path_opengnsys_base"
1295	mkdir -p $path_opengnsys_base
1296	mkdir -p $path_opengnsys_base/bin
1297	mkdir -p $path_opengnsys_base/client/{cache,images,log}
1298	mkdir -p $path_opengnsys_base/doc
1299	mkdir -p $path_opengnsys_base/etc
1300	mkdir -p $path_opengnsys_base/lib
1301	mkdir -p $path_opengnsys_base/log/clients
1302	ln -fs $path_opengnsys_base/log /var/log/opengnsys
1303	mkdir -p $path_opengnsys_base/sbin
1304	mkdir -p $path_opengnsys_base/www
1305	mkdir -p $path_opengnsys_base/images/groups
1306	mkdir -p $TFTPCFGDIR
1307	ln -fs $TFTPCFGDIR $path_opengnsys_base/tftpboot
1308	mkdir -p $path_opengnsys_base/tftpboot/{menu.lst,grub}
1309	if [ $? -ne 0 ]; then
1310	errorAndLog "${FUNCNAME}(): error while creating dirs. Do you have write permissions?"
1311	return 1
1312	fi
1313
1314	# Crear usuario ficticio.
1315	if id -u $OPENGNSYS_CLIENT_USER &>/dev/null; then
1316	echoAndLog "${FUNCNAME}(): user \"$OPENGNSYS_CLIENT_USER\" is already created"
1317	else
1318	echoAndLog "${FUNCNAME}(): creating OpenGnsys user"
1319	useradd $OPENGNSYS_CLIENT_USER 2>/dev/null
1320	if [ $? -ne 0 ]; then
1321	errorAndLog "${FUNCNAME}(): error creating OpenGnsys user"
1322	return 1
1323	fi
1324	fi
1325
1326	# Mover el fichero de registro de instalación al directorio de logs.
1327	echoAndLog "${FUNCNAME}(): moving installation log file"
1328	mv $LOG_FILE $OGLOGFILE && LOG_FILE=$OGLOGFILE
1329	chmod 600 $LOG_FILE
1330
1331	echoAndLog "${FUNCNAME}(): directory paths created"
1332	return 0
1333	}
1334
1335	# Copia ficheros de configuración y ejecutables genéricos del servidor.
1336	function copyServerFiles ()
1337	{
1338	if [ $# -ne 1 ]; then
1339	errorAndLog "${FUNCNAME}(): invalid number of parameters"
1340	exit 1
1341	fi
1342
1343	local path_opengnsys_base="$1"
1344
1345	# Lista de ficheros y directorios origen y de directorios destino.
1346	local SOURCES=( server/tftpboot \
1347	/usr/lib/shim/shimx64.efi.signed \
1348	/usr/lib/grub/x86_64-efi-signed/grubnetx64.efi.signed \
1349	server/bin \
1350	repoman/bin \
1351	server/lib \
1352	admin/Sources/Services/ogAdmServerAux
1353	admin/Sources/Services/ogAdmRepoAux
1354	installer/opengnsys_uninstall.sh \
1355	installer/opengnsys_update.sh \
1356	installer/opengnsys_export.sh \
1357	installer/opengnsys_import.sh \
1358	doc )
1359	local TARGETS=( tftpboot \
1360	tftpboot \
1361	tftpboot/grubx64.efi \
1362	bin \
1363	bin \
1364	lib \
1365	sbin \
1366	sbin \
1367	lib \
1368	lib \
1369	lib \
1370	lib \
1371	doc )
1372
1373	if [ ${#SOURCES[@]} != ${#TARGETS[@]} ]; then
1374	errorAndLog "${FUNCNAME}(): inconsistent number of array items"
1375	exit 1
1376	fi
1377
1378	# Copiar ficheros.
1379	echoAndLog "${FUNCNAME}(): copying files to server directories"
1380
1381	pushd $WORKDIR/opengnsys
1382	local i
1383	for (( i = 0; i < ${#SOURCES[@]}; i++ )); do
1384	if [ -f "${SOURCES[$i]}" ]; then
1385	echoAndLog "Copying ${SOURCES[$i]} to $path_opengnsys_base/${TARGETS[$i]}"
1386	cp -a "${SOURCES[$i]}" "${path_opengnsys_base}/${TARGETS[$i]}"
1387	elif [ -d "${SOURCES[$i]}" ]; then
1388	echoAndLog "Copying content of ${SOURCES[$i]} to $path_opengnsys_base/${TARGETS[$i]}"
1389	cp -a "${SOURCES[$i]}"/* "${path_opengnsys_base}/${TARGETS[$i]}"
1390	else
1391	warningAndLog "Unable to copy ${SOURCES[$i]} to $path_opengnsys_base/${TARGETS[$i]}"
1392	fi
1393	done
1394
1395	popd
1396	}
1397
1398	####################################################################
1399	### Funciones de TLS
1400	####################################################################
1401
1402	CA_DIR=/root/CA
1403	OG_BASEDIR=/opt/opengnsys
1404
1405	function gatherCertsInfo()
1406	{
1407	ERRORS=0
1408	## BUG cuando REMOTE=1, $WORKDIR/opengnsys es el contenido del zip (producido al vuelo con 'git archive'), y naturalmente no contiene ./user-certs
1409	## este código debe buscar los certificados en otro sitio adicional
1410	if [ -f $WORKDIR/opengnsys/user-certs/ca.crt.pem ]; then
1411	echoAndLog "CA provided by the user, checking presence of all certificates"
1412
1413	TLS_DATA_CA_CERTFILE=$WORKDIR/opengnsys/user-certs/ca.crt.pem
1414	TLS_DATA_OGADMSRV_CERTFILE=$WORKDIR/opengnsys/user-certs/ogAdmSrv.crt.pem
1415	TLS_DATA_OGADMSRV_KEYFILE=$WORKDIR/opengnsys/user-certs/ogAdmSrv.key.pem
1416	TLS_DATA_WEBCONSOLE_CERTFILE=$WORKDIR/opengnsys/user-certs/WebConsole.crt.pem
1417	TLS_DATA_WEBCONSOLE_KEYFILE=$WORKDIR/opengnsys/user-certs/WebConsole.key.pem
1418
1419	## el usuario tiene que facilitar todos los certificados
1420	## si falta alguno, no podemos generarlo aquí porque habría que tener la privkey de la CA, y el usuario no nos la debe dar
1421	if [ ! -f $TLS_DATA_OGADMSRV_CERTFILE ]; then errorAndLog "ogAdmSrv certificate not found"; ERRORS=1; fi
1422	if [ ! -f $TLS_DATA_OGADMSRV_KEYFILE ]; then errorAndLog "ogAdmSrv privkey not found"; ERRORS=1; fi
1423	if [ ! -f $TLS_DATA_WEBCONSOLE_CERTFILE ]; then errorAndLog "WebConsole certificate not found"; ERRORS=1; fi
1424	if [ ! -f $TLS_DATA_WEBCONSOLE_KEYFILE ]; then errorAndLog "WebConsole privkey not found"; ERRORS=1; fi
1425
1426	if [ $ERRORS -eq 0 ]; then
1427	## validar que las privkeys no tengan contraseña para que opengnsys pueda arrancar de forma desatendida
1428	if ! openssl rsa -in $TLS_DATA_OGADMSRV_KEYFILE -passin pass:42 -noout; then errorAndLog "ogAdmSrv privkey is encrypted"; ERRORS=1; fi
1429	if ! openssl rsa -in $TLS_DATA_WEBCONSOLE_KEYFILE -passin pass:42 -noout; then errorAndLog "WebConsole privkey is encrypted"; ERRORS=1; fi
1430
1431	if [ $ERRORS -eq 0 ]; then
1432	# obtener los subject de cada certificado
1433	# la salida de openssl es tal que "subject=C = ES, ST = Madrid, L = Madrid, CN = test.example.org"
1434	# con el sed cocinamos la salida
1435	# además añadimos un / al principio para que el CN final sea correcto: "/C=ES/ST=Madrid/L=Madrid/CN=test.opengnsys.local"
1436	TLS_DATA_CA_SUBJ=/$( openssl x509 -in $TLS_DATA_CA_CERTFILE -subject -noout \|sed 's/^subject=//; s/ *//g; s/,/\//g')
1437	TLS_DATA_OGADMSRV_SUBJ=/$( openssl x509 -in $TLS_DATA_OGADMSRV_CERTFILE -subject -noout \|sed 's/^subject=//; s/ *//g; s/,/\//g')
1438	TLS_DATA_WEBCONSOLE_SUBJ=/$(openssl x509 -in $TLS_DATA_WEBCONSOLE_CERTFILE -subject -noout \|sed 's/^subject=//; s/ *//g; s/,/\//g')
1439
1440	# obtener CN a partir del subject
1441	TLS_DATA_CA_CN=$( echo $TLS_DATA_CA_SUBJ \|sed 's/.CN=\([^/$]\).*/\1/')
1442	TLS_DATA_OGADMSRV_CN=$( echo $TLS_DATA_OGADMSRV_SUBJ \|sed 's/.CN=\([^/$]\).*/\1/')
1443	TLS_DATA_WEBCONSOLE_CN=$( echo $TLS_DATA_WEBCONSOLE_SUBJ \|sed 's/.CN=\([^/$]\).*/\1/')
1444
1445	# los CN de los componentes que aceptan conexiones deberían resolver a una IP
1446	if ! nslookup $TLS_DATA_OGADMSRV_CN &>/dev/null; then errorAndLog "ogAdmSrv CN doesn't resolve to an IP"; ERRORS=1; fi
1447
1448	if [ $ERRORS -eq 0 ]; then
1449	echoAndLog "Provided CA and certs are ok"
1450	fi
1451	fi
1452	fi
1453	fi
1454
1455	## aquí también hay que tener en cuenta el sitio adicional para los user-certs
1456	if [ ! -f $WORKDIR/opengnsys/user-certs/ca.crt.pem -o $ERRORS -eq 1 ]; then
1457	echoAndLog "CA and certs not provided by the user or issues found, we will generate a new CA and all certs"
1458
1459	TLS_DATA_CA_CN=ca.opengnsys.local
1460	TLS_DATA_CA_SUBJ=/CN=ca.opengnsys.local
1461	TLS_DATA_CA_CERTFILE=$CA_DIR/certs/ca.crt.pem
1462	TLS_DATA_CA_EXPIRY=7300 # this variable is used later to make some decisions
1463
1464	TLS_DATA_OGADMSRV_CN=ogAdmSrv.opengnsys.local
1465	TLS_DATA_OGADMSRV_SUBJ=/CN=ogAdmSrv.opengnsys.local
1466	TLS_DATA_OGADMSRV_CERTFILE=$CA_DIR/certs/ogAdmSrv.crt.pem
1467	TLS_DATA_OGADMSRV_KEYFILE=$CA_DIR/private/ogAdmSrv.key.pem
1468	TLS_DATA_OGADMSRV_EXPIRY=375
1469
1470	TLS_DATA_WEBCONSOLE_CN=WebConsole.opengnsys.local
1471	TLS_DATA_WEBCONSOLE_SUBJ=/CN=WebConsole.opengnsys.local
1472	TLS_DATA_WEBCONSOLE_CERTFILE=$CA_DIR/certs/WebConsole.crt.pem
1473	TLS_DATA_WEBCONSOLE_KEYFILE=$CA_DIR/private/WebConsole.key.pem
1474	TLS_DATA_WEBCONSOLE_EXPIRY=375
1475	fi
1476
1477	# otras cosas de TLS no cubiertas arriba por no estar relacionadas con los certificados
1478	TLS_DATA_OGADMSRV_LISTEN_PORT=48888
1479
1480	return 0
1481	}
1482
1483	function _genCA ()
1484	{
1485	SUBJ=$1
1486	EXPIRY_DAYS=$2
1487	openssl genrsa -out private/ca.key.pem 4096 2>/dev/null
1488	openssl req -config openssl.cnf -key private/ca.key.pem -new -x509 -days $EXPIRY_DAYS -sha256 -subj $SUBJ -out certs/ca.crt.pem
1489
1490	return 0
1491	}
1492
1493	function _genCert ()
1494	{
1495	COMPONENT=$1
1496	SUBJ=$2
1497	EXPIRY_DAYS=$3
1498
1499	openssl genrsa -out private/$COMPONENT.key.pem 2048 2>/dev/null
1500	openssl req -config openssl.cnf -key private/$COMPONENT.key.pem -new -sha256 -subj $SUBJ -out csr/$COMPONENT.csr.pem
1501	openssl ca -config openssl.cnf -batch -days $EXPIRY_DAYS -notext -md sha256 -in csr/$COMPONENT.csr.pem -out certs/$COMPONENT.crt.pem
1502
1503	return 0
1504	}
1505
1506	function genAllCerts ()
1507	{
1508	mkdir -p $CA_DIR
1509	pushd $CA_DIR
1510	cat >openssl.cnf <<EOF
1511	[ca]
1512	default_ca = CA_default
1513
1514	[CA_default]
1515	dir = $CA_DIR
1516	certs = $CA_DIR/certs
1517	new_certs_dir = $CA_DIR/newcerts
1518	database = $CA_DIR/index.txt
1519	serial = $CA_DIR/serial
1520	default_md = sha256
1521	policy = policy_loose
1522
1523	private_key = $CA_DIR/private/ca.key.pem
1524	certificate = $CA_DIR/certs/ca.crt.pem
1525
1526	[policy_loose]
1527	countryName = optional
1528	stateOrProvinceName = optional
1529	localityName = optional
1530	organizationName = optional
1531	organizationalUnitName = optional
1532	commonName = supplied
1533	emailAddress = optional
1534
1535	[req]
1536	default_bits = 2048
1537	distinguished_name = req_distinguished_name
1538	default_md = sha256
1539
1540	[req_distinguished_name]
1541	countryName = Country Name (2 letter code)
1542	EOF
1543	mkdir certs csr newcerts private
1544	chmod 0700 private
1545	touch index.txt index.txt.attr
1546	echo 1000 >serial
1547
1548	_genCA $TLS_DATA_CA_SUBJ $TLS_DATA_CA_EXPIRY
1549	_genCert ogAdmSrv $TLS_DATA_OGADMSRV_SUBJ $TLS_DATA_OGADMSRV_EXPIRY
1550	_genCert WebConsole $TLS_DATA_WEBCONSOLE_SUBJ $TLS_DATA_WEBCONSOLE_EXPIRY
1551
1552	popd
1553	return 0
1554	}
1555
1556	function installAllCerts ()
1557	{
1558	mkdir -p $OG_BASEDIR/etc/ssl
1559
1560	## CA cert goes to the OS store
1561	cp $TLS_DATA_CA_CERTFILE $LOCAL_CERTS_DIR/opengnsys-ca.crt
1562
1563	## ogAdmSrv cert & key go to the application store
1564	cp $TLS_DATA_OGADMSRV_CERTFILE $TLS_DATA_OGADMSRV_KEYFILE $OG_BASEDIR/etc/ssl/
1565	## certs of ogAdmSrv clients go to the OS store (stunnel seems to require this)
1566	cp $TLS_DATA_WEBCONSOLE_CERTFILE $LOCAL_CERTS_DIR/opengnsys-WebConsole.crt
1567
1568	## WebConsole cert & key go to the application store
1569	cp $TLS_DATA_WEBCONSOLE_CERTFILE $TLS_DATA_WEBCONSOLE_KEYFILE $OG_BASEDIR/etc/ssl/
1570
1571	$UPDATE_CA_CMD
1572	chmod 0640 $OG_BASEDIR/etc/ssl/*
1573	chown stunnel4:www-data $OG_BASEDIR/etc/ssl/*
1574
1575	return 0
1576	}
1577
1578	# si generamos nuestros propios certificados, los CNs tienen que resolver a alguna IP
1579	# no podemos dar por hecho que algún servidor DNS por ahí fuera resuelva los CNs que hemos generado al instalar
1580	function makeCommonNamesResolvable ()
1581	{
1582	# ogAdmSrv
1583	local i=0
1584	for dev in ${DEVICE[*]}; do
1585	echoAndLog "${FUNCNAME}(): evaluating dev (${DEVICE[i]}) against defaultdev ($DEFAULTDEV)"
1586	if [ "${DEVICE[i]}" == "$DEFAULTDEV" ]; then
1587	ETC_HOSTS_IP=${SERVERIP[i]}
1588	echoAndLog "${FUNCNAME}(): will use dev (${DEVICE[i]}) IP ($ETC_HOSTS_IP)"
1589	break
1590	fi
1591	let i++
1592	done
1593
1594	if [ -z $ETC_HOSTS_IP ]; then
1595	echoAndLog "${FUNCNAME}(): Don't know what IP address to add to /etc/hosts for ogAdmSrv"
1596	else
1597	echo "$ETC_HOSTS_IP $TLS_DATA_OGADMSRV_CN" >>/etc/hosts
1598	fi
1599
1600	return 0
1601	}
1602
1603	function configureStunnel ()
1604	{
1605	local i=0
1606	for dev in ${DEVICE[*]}; do
1607	echoAndLog "${FUNCNAME}(): evaluating dev (${DEVICE[i]}) against defaultdev ($DEFAULTDEV)"
1608	if [ "${DEVICE[i]}" == "$DEFAULTDEV" ]; then
1609	LISTEN_IP=${SERVERIP[i]}
1610	echoAndLog "${FUNCNAME}(): will use dev (${DEVICE[i]}) IP ($LISTEN_IP)"
1611	break
1612	fi
1613	let i++
1614	done
1615
1616	if [ -z $LISTEN_IP ]; then
1617	echoAndLog "${FUNCNAME}(): Don't know what IP address to listen on"
1618	return 1
1619	fi
1620
1621	cat >/etc/stunnel/ogAdmSrv.conf <<EOF
1622	setuid = stunnel4
1623	setgid = stunnel4
1624	pid = /var/run/stunnel4/ogAdmSrv.pid
1625
1626	[ogAdmSrv]
1627	accept = $LISTEN_IP:$TLS_DATA_OGADMSRV_LISTEN_PORT
1628	connect = 127.0.0.1:8888
1629	cert = $OG_BASEDIR/etc/ssl/ogAdmSrv.crt.pem
1630	key = $OG_BASEDIR/etc/ssl/ogAdmSrv.key.pem
1631	capath = $STUNNEL_CAPATH
1632	requireCert = yes
1633	verifyPeer = yes
1634	verifyChain = yes
1635	EOF
1636
1637	sed -i -e '/^ENABLED=/s/0/1/' /etc/default/stunnel4
1638	service=stunnel4
1639	$STARTSERVICE
1640	return 0
1641	}
1642
1643
1644	####################################################################
1645	### Funciones de compilación de código fuente de servicios
1646	####################################################################
1647
1648	# Compilar los servicios de OpenGnsys
1649	function servicesCompilation ()
1650	{
1651	local hayErrores=0
1652
1653	# Compilar OpenGnsys Server
1654	echoAndLog "${FUNCNAME}(): Compiling OpenGnsys Admin Server"
1655	pushd $WORKDIR/opengnsys/admin/Sources/Services/ogAdmServer
1656	make && mv ogAdmServer $INSTALL_TARGET/sbin
1657	if [ $? -ne 0 ]; then
1658	echoAndLog "${FUNCNAME}(): error while compiling OpenGnsys Admin Server"
1659	hayErrores=1
1660	fi
1661	popd
1662	# Compilar OpenGnsys Agent
1663	echoAndLog "${FUNCNAME}(): Compiling OpenGnsys Agent"
1664	pushd $WORKDIR/opengnsys/admin/Sources/Services/ogAdmAgent
1665	make && mv ogAdmAgent $INSTALL_TARGET/sbin
1666	if [ $? -ne 0 ]; then
1667	echoAndLog "${FUNCNAME}(): error while compiling OpenGnsys Agent"
1668	hayErrores=1
1669	fi
1670	popd
1671	# Compilar OpenGnsys Client
1672	echoAndLog "${FUNCNAME}(): Compiling OpenGnsys Admin Client"
1673	pushd $WORKDIR/opengnsys/admin/Sources/Clients/ogAdmClient
1674	make && mv ogAdmClient ../../../../client/shared/bin
1675	if [ $? -ne 0 ]; then
1676	echoAndLog "${FUNCNAME}(): error while compiling OpenGnsys Admin Client"
1677	hayErrores=1
1678	fi
1679	popd
1680
1681	return $hayErrores
1682	}
1683
1684	####################################################################
1685	### Funciones de copia de la Interface de administración
1686	####################################################################
1687
1688	# Copiar carpeta de Interface
1689	function copyInterfaceAdm ()
1690	{
1691	local hayErrores=0
1692
1693	# Crear carpeta y copiar Interface
1694	echoAndLog "${FUNCNAME}(): Copying Administration Interface Folder"
1695	cp -ar $WORKDIR/opengnsys/admin/Interface $INSTALL_TARGET/client/interfaceAdm
1696	if [ $? -ne 0 ]; then
1697	echoAndLog "${FUNCNAME}(): error while copying Administration Interface Folder"
1698	hayErrores=1
1699	fi
1700
1701	return $hayErrores
1702	}
1703
1704
1705	####################################################################
1706	### Funciones instalacion cliente opengnsys
1707	####################################################################
1708
1709	function copyClientFiles()
1710	{
1711	local errstatus=0
1712
1713	echoAndLog "${FUNCNAME}(): Copying OpenGnsys Client files."
1714	cp -a $WORKDIR/opengnsys/client/shared/* $INSTALL_TARGET/client
1715	if [ $? -ne 0 ]; then
1716	errorAndLog "${FUNCNAME}(): error while copying client estructure"
1717	errstatus=1
1718	fi
1719
1720	echoAndLog "${FUNCNAME}(): Copying OpenGnsys Cloning Engine files."
1721	mkdir -p $INSTALL_TARGET/client/lib/engine/bin
1722	cp -a $WORKDIR/opengnsys/client/engine/.lib $INSTALL_TARGET/client/lib/engine/bin
1723	if [ $? -ne 0 ]; then
1724	errorAndLog "${FUNCNAME}(): error while copying engine files"
1725	errstatus=1
1726	fi
1727
1728	if [ $errstatus -eq 0 ]; then
1729	echoAndLog "${FUNCNAME}(): client copy files success."
1730	else
1731	errorAndLog "${FUNCNAME}(): client copy files with errors"
1732	fi
1733
1734	return $errstatus
1735	}
1736
1737
1738	# Crear certificados para la firma de cargadores de arranque.
1739	function createCerts ()
1740	{
1741	local SSLCFGDIR=$INSTALL_TARGET/client/etc/ssl
1742	echoAndLog "${FUNCNAME}(): creating certificate files"
1743	mkdir -p $SSLCFGDIR/{certs,private}
1744	openssl req -new -x509 -newkey rsa:2048 -keyout $SSLCFGDIR/private/opengnsys.key -out $SSLCFGDIR/certs/opengnsys.crt -nodes -days 3650 -subj "/CN=OpenGnsys/"
1745	openssl x509 -in $SSLCFGDIR/certs/opengnsys.crt -out $SSLCFGDIR/certs/opengnsys.cer -outform DER
1746	echoAndLog "${FUNCNAME}(): certificate successfully created"
1747	}
1748
1749
1750	# Crear cliente OpenGnsys.
1751	function clientCreate()
1752	{
1753	if [ $# -ne 1 ]; then
1754	errorAndLog "${FUNCNAME}(): invalid number of parameters"
1755	exit 1
1756	fi
1757
1758	local FILENAME="$1"
1759	local TARGETFILE=$INSTALL_TARGET/lib/$FILENAME
1760
1761	# Descargar cliente, si es necesario.
1762	if [ -s $PROGRAMDIR/$FILENAME ]; then
1763	echoAndLog "${FUNCNAME}(): Moving $PROGRAMDIR/$FILENAME file to $(dirname $TARGETFILE)"
1764	mv $PROGRAMDIR/$FILENAME $TARGETFILE
1765	else
1766	echoAndLog "${FUNCNAME}(): Downloading $FILENAME"
1767	oglivecli download $FILENAME
1768	fi
1769	if [ ! -s $TARGETFILE ]; then
1770	errorAndLog "${FUNCNAME}(): Error loading $FILENAME"
1771	return 1
1772	fi
1773
1774	# Montar imagen, copiar cliente ogclient y desmontar.
1775	echoAndLog "${FUNCNAME}(): Installing ogLive Client"
1776	echo -ne "$OPENGNSYS_CLIENT_PASSWD\n$OPENGNSYS_CLIENT_PASSWD\n" \| \
1777	oglivecli install $FILENAME
1778
1779	echoAndLog "${FUNCNAME}(): Client generation success"
1780	}
1781
1782
1783	# Configuración básica de servicios de OpenGnsys
1784	function openGnsysConfigure()
1785	{
1786	local i=0
1787	local dev=""
1788	local CONSOLEURL
1789
1790	echoAndLog "${FUNCNAME}(): Copying init files."
1791	cp -a $WORKDIR/opengnsys/admin/Sources/Services/opengnsys.init /etc/init.d/opengnsys
1792	cp -a $WORKDIR/opengnsys/admin/Sources/Services/opengnsys.default /etc/default/opengnsys
1793	# Deshabilitar servicios de BitTorrent si no están instalados.
1794	if [ ! -e /usr/bin/bttrack ]; then
1795	sed -i 's/RUN_BTTRACKER="yes"/RUN_BTTRACKER="no"/; s/RUN_BTSEEDER="yes"/RUN_BTSEEDER="no"/' \
1796	/etc/default/opengnsys
1797	fi
1798	echoAndLog "${FUNCNAME}(): Creating cron files."
1799	echo "* * * * * root [ -x $INSTALL_TARGET/bin/torrent-creator ] && $INSTALL_TARGET/bin/torrent-creator" > /etc/cron.d/torrentcreator
1800	echo "5 * * * * root [ -x $INSTALL_TARGET/bin/torrent-tracker ] && $INSTALL_TARGET/bin/torrent-tracker" > /etc/cron.d/torrenttracker
1801	echo "* * * * * root [ -x $INSTALL_TARGET/bin/deletepreimage ] && $INSTALL_TARGET/bin/deletepreimage" > /etc/cron.d/imagedelete
1802	echo "* * * * * root [ -x $INSTALL_TARGET/bin/ogagentqueue.cron ] && $INSTALL_TARGET/bin/ogagentqueue.cron" > /etc/cron.d/ogagentqueue
1803	echo "/5 * * * root cd $INSTALL_TARGET/www && php uds-set-service-pool.php" > /etc/cron.d/uds-set-service-pool
1804
1805	echoAndLog "${FUNCNAME}(): Creating logrotate configuration files."
1806	sed -e "s/OPENGNSYSDIR/${INSTALL_TARGET//\//\\/}/g" \
1807	$WORKDIR/opengnsys/server/etc/logrotate.tmpl > /etc/logrotate.d/opengnsysServer
1808
1809	sed -e "s/OPENGNSYSDIR/${INSTALL_TARGET//\//\\/}/g" \
1810	$WORKDIR/opengnsys/repoman/etc/logrotate.tmpl > /etc/logrotate.d/opengnsysRepo
1811
1812	echoAndLog "${FUNCNAME}(): Creating OpenGnsys config files."
1813	for dev in ${DEVICE[*]}; do
1814	if [ -n "${SERVERIP[i]}" ]; then
1815	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
1816	-e "s/DBUSER/$OPENGNSYS_DB_USER/g" \
1817	-e "s/DBPASSWORD/$OPENGNSYS_DB_PASSWD/g" \
1818	-e "s/DATABASE/$OPENGNSYS_DATABASE/g" \
1819	$WORKDIR/opengnsys/admin/Sources/Services/ogAdmServer/ogAdmServer.cfg > $INSTALL_TARGET/etc/ogAdmServer-$dev.cfg
1820	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
1821	$WORKDIR/opengnsys/repoman/etc/ogAdmRepo.cfg.tmpl > $INSTALL_TARGET/etc/ogAdmRepo-$dev.cfg
1822	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
1823	-e "s/DBUSER/$OPENGNSYS_DB_USER/g" \
1824	-e "s/DBPASSWORD/$OPENGNSYS_DB_PASSWD/g" \
1825	-e "s/DATABASE/$OPENGNSYS_DATABASE/g" \
1826	$WORKDIR/opengnsys/admin/Sources/Services/ogAdmAgent/ogAdmAgent.cfg > $INSTALL_TARGET/etc/ogAdmAgent-$dev.cfg
1827	CONSOLEURL="https://${SERVERIP[i]}/opengnsys"
1828	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
1829	-e "s/DBUSER/$OPENGNSYS_DB_USER/g" \
1830	-e "s/DBPASSWORD/$OPENGNSYS_DB_PASSWD/g" \
1831	-e "s/DATABASE/$OPENGNSYS_DATABASE/g" \
1832	-e "s/OPENGNSYSURL/${CONSOLEURL//\//\\/}/g" \
1833	$INSTALL_TARGET/www/controlacceso.php > $INSTALL_TARGET/www/controlacceso-$dev.php
1834	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
1835	-e "s/OPENGNSYSURL/${CONSOLEURL//\//\\/}/g" \
1836	$WORKDIR/opengnsys/admin/Sources/Clients/ogAdmClient/ogAdmClient.cfg > $INSTALL_TARGET/client/etc/ogAdmClient-$dev.cfg
1837	if [ "$dev" == "$DEFAULTDEV" ]; then
1838	OPENGNSYS_CONSOLEURL="$CONSOLEURL"
1839	fi
1840	fi
1841	let i++
1842	done
1843	ln -f $INSTALL_TARGET/etc/ogAdmServer-$DEFAULTDEV.cfg $INSTALL_TARGET/etc/ogAdmServer.cfg
1844	ln -f $INSTALL_TARGET/etc/ogAdmRepo-$DEFAULTDEV.cfg $INSTALL_TARGET/etc/ogAdmRepo.cfg
1845	ln -f $INSTALL_TARGET/etc/ogAdmAgent-$DEFAULTDEV.cfg $INSTALL_TARGET/etc/ogAdmAgent.cfg
1846	ln -f $INSTALL_TARGET/client/etc/ogAdmClient-$DEFAULTDEV.cfg $INSTALL_TARGET/client/etc/ogAdmClient.cfg
1847	ln -f $INSTALL_TARGET/www/controlacceso-$DEFAULTDEV.php $INSTALL_TARGET/www/controlacceso.php
1848
1849	sed -e "s%__UDSRESTURL__%$UDS_REST_URL%g" \
1850	-e "s%__UDSAUTH__%$UDS_AUTHENTICATOR%g" \
1851	-e "s%__UDSUSER__%$UDS_USER%g" \
1852	-e "s%__UDSPASS__%$UDS_PASS%g" \
1853	<$INSTALL_TARGET/www/includes/uds.php \|sponge $INSTALL_TARGET/www/includes/uds.php
1854	chmod 0640 $INSTALL_TARGET/www/includes/uds.php
1855
1856	# Configuración del motor de clonación.
1857	# - Zona horaria del servidor.
1858	TZ=$(timedatectl status\|awk -F"[:()]" '/Time.*zone/ {print $2}')
1859	cat << EOT >> $INSTALL_TARGET/client/etc/engine.cfg
1860	# OpenGnsys Server timezone.
1861	TZ="${TZ// /}"
1862	EOT
1863
1864	# Revisar permisos generales.
1865	if [ -x $INSTALL_TARGET/bin/checkperms ]; then
1866	echoAndLog "${FUNCNAME}(): Checking permissions."
1867	OPENGNSYS_DIR="$INSTALL_TARGET" OPENGNSYS_USER="$OPENGNSYS_CLIENT_USER" APACHE_USER="$APACHE_RUN_USER" APACHE_GROUP="$APACHE_RUN_GROUP" checkperms
1868	fi
1869
1870	# Evitar inicio de duplicado en Ubuntu 14.04 (Upstart y SysV Init).
1871	if [ -f /etc/init/${MYSQLSERV}.conf -a -n "$(which initctl 2>/dev/null)" ]; then
1872	service=$MYSQLSERV
1873	$DISABLESERVICE
1874	fi
1875
1876	# Actualizar tokens de autenticación e iniciar los servicios.
1877	service="opengnsys"
1878	$ENABLESERVICE
1879	if [ -x $INSTALL_TARGET/bin/settoken ]; then
1880	echoAndLog "${FUNCNAME}(): Setting authentication tokens and starting OpenGnsys services."
1881	$INSTALL_TARGET/bin/settoken "$OPENGNSYS_DB_USER"
1882	$INSTALL_TARGET/bin/settoken -f
1883	else
1884	echoAndLog "${FUNCNAME}(): Starting OpenGnsys services."
1885	$STARTSERVICE
1886	fi
1887	}
1888
1889
1890	#####################################################################
1891	####### Función de resumen informativo de la instalación
1892	#####################################################################
1893
1894	function installationSummary()
1895	{
1896	local VERSIONFILE REVISION
1897
1898	# Crear fichero de versión y revisión, si no existe.
1899	VERSIONFILE="$INSTALL_TARGET/doc/VERSION.json"
1900	[ -f $VERSIONFILE ] \|\| echo '{ "project": "OpenGnsys" }' >$VERSIONFILE
1901	# Incluir datos de revisión, si se está instalando desde el repositorio
1902	# de código o si no está incluida en el fichero de versión.
1903	if [ $REMOTE -eq 1 ] \|\| [ -z "$(jq -r '.release' $VERSIONFILE)" ]; then
1904	# Revisión: rAñoMesDía.Gitcommit (8 caracteres de fecha y 7 primeros de commit).
1905	RELEASE=$(curl -s "$API_URL/branches/$BRANCH" \| jq -r '"r" + (.commit.commit.committer.date \| split("-") \| join("")[:8]) + "." + (.commit.sha[:7])' 2>/dev/null)
1906	# Obtener revisión para etiqueta de versión en vez de rama de código.
1907	[ -z "$RELEASE" ] && RELEASE=$(curl -s $(curl -s "$API_URL/tags" \| jq -r ".[] \| select(.name==\"$BRANCH\").commit.url" 2>/dev/null) \| jq -r '"r" + (.commit.committer.date \| split("-") \| join("")[:8]) + "." + .sha[:7]' 2>/dev/null)
1908	jq ".release=\"$RELEASE\"" $VERSIONFILE \| sponge $VERSIONFILE
1909	fi
1910	VERSION="$(jq -r '[.project, .version, .codename, .release] \| join(" ")' $VERSIONFILE 2>/dev/null)"
1911
1912	# Mostrar información.
1913	echo
1914	echoAndLog "OpenGnsys Installation Summary"
1915	echo "=============================="
1916	echoAndLog "Project version: $VERSION"
1917	echoAndLog "Installation directory: $INSTALL_TARGET"
1918	echoAndLog "Installation log file: $LOG_FILE"
1919	echoAndLog "Repository directory: $INSTALL_TARGET/images"
1920	echoAndLog "DHCP configuration directory: $DHCPCFGDIR"
1921	echoAndLog "TFTP configuration directory: $TFTPCFGDIR"
1922	echoAndLog "Installed ogLive client: $(oglivecli list \| awk '{print $2}')"
1923	echoAndLog "Samba configuration directory: $SAMBACFGDIR"
1924	echoAndLog "Web Console URL: $OPENGNSYS_CONSOLEURL"
1925	echoAndLog "Web Console access data: entered by the user"
1926	if grep -q "^RUN_BTTRACK.*no" /etc/default/opengnsys; then
1927	echoAndLog "BitTorrent service is disabled."
1928	fi
1929	echo
1930	echoAndLog "Post-Installation Instructions:"
1931	echo "==============================="
1932	echoAndLog "You can improve server security by configuring firewall and SELinux,"
1933	echoAndLog " running \"$INSTALL_TARGET/lib/security-config\" script as root."
1934	echoAndLog "It's strongly recommended to synchronize this server with an NTP server."
1935	echoAndLog "Review or edit all configuration files."
1936	echoAndLog "Insert DHCP configuration data and restart service."
1937	echoAndLog "Optional: If you want to use BURG as boot manager, run"
1938	echoAndLog " \"curl $DOWNLOADURL/burg.tgz -o $INSTALL_TARGET/client/lib/burg.tgz\" as root."
1939	echoAndLog "Optional: Log-in as Web Console admin user."
1940	echoAndLog " - Review default Organization data and assign access to users."
1941	echoAndLog "Log-in as Web Console organization user."
1942	echoAndLog " - Insert OpenGnsys data (labs, computers, menus, etc)."
1943	echo
1944	}
1945
1946
1947
1948	#####################################################################
1949	####### Proceso de instalación de OpenGnsys
1950	#####################################################################
1951
1952	# Sólo ejecutable por usuario root
1953	if [ "$(whoami)" != 'root' ]; then
1954	echo "ERROR: this program must run under root privileges!!"
1955	exit 1
1956	fi
1957
1958	globalSetup $MY_BRANCH
1959	# Comprobar instalación previa.
1960	if cat $INSTALL_TARGET/doc/VERSION.* &>/dev/null; then
1961	echo "ERROR: OpenGnsys is already installed. Run \"$INSTALL_TARGET/lib/opengnsys_update.sh\" as root to update."
1962	exit 2
1963	fi
1964
1965	echoAndLog "OpenGnsys installation begins at $(date)"
1966	# Introducir datos de configuración y establecer variables globales.
1967	userData
1968
1969	mkdir -p $WORKDIR
1970	pushd $WORKDIR
1971
1972	# Detectar datos iniciales de auto-configuración del instalador.
1973	autoConfigure
1974
1975	# Detectar parámetros de red y comprobar si hay conexión.
1976	getNetworkSettings
1977	if [ $? -ne 0 ]; then
1978	errorAndLog "Error reading default network settings."
1979	exit 1
1980	fi
1981	checkNetworkConnection
1982	if [ $? -ne 0 ]; then
1983	errorAndLog "Error connecting to server. Causes:"
1984	errorAndLog " - Network is unreachable, review devices parameters."
1985	errorAndLog " - You are inside a private network, configure the proxy service."
1986	errorAndLog " - Server is temporally down, try agian later."
1987	exit 1
1988	fi
1989
1990	# Detener servicios de OpenGnsys, si están activos previamente.
1991	[ -f /etc/init.d/opengnsys ] && /etc/init.d/opengnsys stop
1992
1993	# Actualizar repositorios
1994	updatePackageList
1995
1996	# Instalación de dependencias (paquetes de sistema operativo).
1997	declare -a notinstalled
1998	checkDependencies DEPENDENCIES notinstalled
1999	if [ $? -ne 0 ]; then
2000	installDependencies notinstalled
2001	if [ $? -ne 0 ]; then
2002	echoAndLog "Error while installing some dependeces, please verify your server installation before continue"
2003	exit 1
2004	fi
2005	fi
2006	if [ -n "$INSTALLEXTRADEPS" ]; then
2007	echoAndLog "Installing extra dependencies"
2008	for (( i=0; i<${#INSTALLEXTRADEPS[*]}; i++ )); do
2009	eval ${INSTALLEXTRADEPS[i]}
2010	done
2011	fi
2012
2013	# Detectar datos de auto-configuración después de instalar paquetes.
2014	autoConfigurePost
2015
2016	# Arbol de directorios de OpenGnsys.
2017	createDirs ${INSTALL_TARGET}
2018	if [ $? -ne 0 ]; then
2019	errorAndLog "Error while creating directory paths!"
2020	exit 1
2021	fi
2022
2023	# Si es necesario, descarga el repositorio de código en directorio temporal
2024	if [ $REMOTE -eq 1 ]; then
2025	downloadCode $GIT_REPO
2026	if [ $? -ne 0 ]; then
2027	errorAndLog "Error while getting code from the repository"
2028	exit 1
2029	fi
2030	else
2031	ln -fs "$(dirname $PROGRAMDIR)" opengnsys
2032	fi
2033
2034	# TLS
2035	gatherCertsInfo
2036	if [ $? -ne 0 ]; then
2037	errorAndLog 'Not all required certificates have been provided, or privkey or DNS issues'
2038	exit 1
2039	fi
2040	[ $TLS_DATA_CA_EXPIRY ] && genAllCerts ## el usuario no nos ha dado sus certificados: generamos unos
2041	installAllCerts
2042	[ $TLS_DATA_CA_EXPIRY ] && makeCommonNamesResolvable ## el usuario no nos ha dado sus certificados: configuramos resolución de nombres en /etc/hosts
2043	configureStunnel
2044	if [ $? -ne 0 ]; then
2045	errorAndLog 'Error while setting stunnel up'
2046	exit 1
2047	fi
2048
2049	# Compilar código fuente de los servicios de OpenGnsys.
2050	servicesCompilation
2051	if [ $? -ne 0 ]; then
2052	errorAndLog "Error while compiling OpenGnsys services"
2053	exit 1
2054	fi
2055
2056	# Copiar carpeta Interface entre administración y motor de clonación.
2057	copyInterfaceAdm
2058	if [ $? -ne 0 ]; then
2059	errorAndLog "Error while copying Administration Interface"
2060	exit 1
2061	fi
2062
2063	# Configuración de TFTP.
2064	tftpConfigure
2065
2066	# Configuración de Samba.
2067	smbConfigure
2068	if [ $? -ne 0 ]; then
2069	errorAndLog "Error while configuring Samba server!"
2070	exit 1
2071	fi
2072
2073	# Configuración de Rsync.
2074	rsyncConfigure
2075
2076	# Configuración ejemplo DHCP.
2077	dhcpConfigure
2078	if [ $? -ne 0 ]; then
2079	errorAndLog "Error while copying your dhcp server files!"
2080	exit 1
2081	fi
2082
2083	# Copiar ficheros de servicios OpenGnsys Server.
2084	copyServerFiles ${INSTALL_TARGET}
2085	if [ $? -ne 0 ]; then
2086	errorAndLog "Error while copying the server files!"
2087	exit 1
2088	fi
2089	INSTVERSION=$(jq -r '.version' $INSTALL_TARGET/doc/VERSION.json)
2090
2091	# Instalar base de datos de OpenGnsys Admin.
2092	isInArray notinstalled "mysql-server" \|\| isInArray notinstalled "mariadb-server"
2093	if [ $? -eq 0 ]; then
2094	# Enable database manager (MySQL, if missing, MariaDB).
2095	service=$MYSQLSERV
2096	$ENABLESERVICE
2097	if [ $? != 0 ]; then
2098	service=$MARIADBSERV
2099	$ENABLESERVICE
2100	fi
2101	# Start database manager.
2102	$STARTSERVICE
2103	# Asignar clave del usuario "root".
2104	mysqlSetRootPassword "${MYSQL_ROOT_PASSWORD}"
2105	else
2106	# Si ya está instalado el gestor de bases de datos, obtener clave de "root".
2107	mysqlGetRootPassword
2108	fi
2109
2110	# Copy MySQL configuration template
2111	cp $WORKDIR/opengnsys/server/etc/mysqld-og.cnf $MYSQLCFGDIR 2>/dev/null
2112	# Restart database manager.
2113	$STARTSERVICE
2114
2115	mysqlTestConnection "${MYSQL_ROOT_PASSWORD}"
2116	if [ $? -ne 0 ]; then
2117	errorAndLog "Error while connection to mysql"
2118	exit 1
2119	fi
2120	mysqlDbExists ${OPENGNSYS_DATABASE}
2121	if [ $? -ne 0 ]; then
2122	echoAndLog "Creating Web Console database"
2123	mysqlCreateDb ${OPENGNSYS_DATABASE}
2124	if [ $? -ne 0 ]; then
2125	errorAndLog "Error while creating Web Console database"
2126	exit 1
2127	fi
2128	else
2129	echoAndLog "Web Console database exists, ommiting creation"
2130	fi
2131
2132	mysqlCheckUserExists ${OPENGNSYS_DB_USER}
2133	if [ $? -ne 0 ]; then
2134	echoAndLog "Creating user in database"
2135	mysqlCreateAdminUserToDb ${OPENGNSYS_DATABASE} ${OPENGNSYS_DB_USER} "${OPENGNSYS_DB_PASSWD}"
2136	if [ $? -ne 0 ]; then
2137	errorAndLog "Error while creating database user"
2138	exit 1
2139	fi
2140
2141	fi
2142
2143	mysqlCheckDbIsEmpty ${OPENGNSYS_DATABASE}
2144	if [ $? -eq 0 ]; then
2145	echoAndLog "Creating tables..."
2146	if [ -f $WORKDIR/$OPENGNSYS_DB_CREATION_FILE ]; then
2147	mysqlImportSqlFileToDb ${OPENGNSYS_DATABASE} $WORKDIR/$OPENGNSYS_DB_CREATION_FILE
2148	else
2149	errorAndLog "Unable to locate $WORKDIR/$OPENGNSYS_DB_CREATION_FILE!!"
2150	exit 1
2151	fi
2152	else
2153	# Si existe fichero ogBDAdmin-VersLocal-VersRepo.sql; aplicar cambios.
2154	REPOVERSION=$(jq -r '.version' $WORKDIR/opengnsys/doc/VERSION.json)
2155	OPENGNSYS_DB_UPDATE_FILE="opengnsys/admin/Database/$OPENGNSYS_DATABASE-$INSTVERSION-$REPOVERSION.sql"
2156	if [ -f $WORKDIR/$OPENGNSYS_DB_UPDATE_FILE ]; then
2157	echoAndLog "Updating tables from version $INSTVERSION to $REPOVERSION"
2158	mysqlImportSqlFileToDb ${OPENGNSYS_DATABASE} $WORKDIR/$OPENGNSYS_DB_UPDATE_FILE
2159	else
2160	echoAndLog "Database unchanged."
2161	fi
2162	fi
2163	# Eliminar fichero temporal con credenciales de acceso a MySQL.
2164	rm -f $TMPMYCNF
2165
2166	# Copiando páqinas web.
2167	installWebFiles
2168	# Configurar variables de PHP
2169	configurePHPvars $TLS_DATA_OGADMSRV_CN $TLS_DATA_OGADMSRV_LISTEN_PORT
2170	# Descargar/descomprimir archivos descargables.
2171	installDownloadableFiles
2172	# Generar páqinas web de documentación de la API
2173	makeDoxygenFiles
2174
2175	# Creando configuración de Apache.
2176	installWebConsoleApacheConf $INSTALL_TARGET $APACHECFGDIR
2177	if [ $? -ne 0 ]; then
2178	errorAndLog "Error configuring Apache for OpenGnsys Admin"
2179	exit 1
2180	fi
2181
2182	popd
2183
2184	# Crear la estructura de los accesos al servidor desde el cliente (shared)
2185	copyClientFiles
2186	if [ $? -ne 0 ]; then
2187	errorAndLog "Error creating client structure"
2188	fi
2189
2190	# Crear certificado para firmar cargadores
2191	createCerts
2192
2193	# Crear la estructura del cliente de OpenGnsys.
2194	for i in $OGLIVE; do
2195	if ! clientCreate "$i"; then
2196	errorAndLog "Error creating client $i"
2197	exit 1
2198	fi
2199	done
2200
2201	# Configuración de servicios de OpenGnsys
2202	openGnsysConfigure
2203
2204	# Mostrar sumario de la instalación e instrucciones de post-instalación.
2205	installationSummary
2206
2207	rm -rf $WORKDIR
2208	echoAndLog "OpenGnsys installation finished at $(date)"
2209	exit 0
2210

Note: See TracBrowser for help on using the repository browser.

Download in other formats: