Context Navigation

source: installer/opengnsys_installer_devel_esxi.sh @ 41e910b

Visit:

configure-oglivelgromero-new-oglivemainmount-efivarfsuse-local-agent-oglive

Last change on this file since 41e910b was cf14a94, checked in by Natalia Serrano <natalia.serrano@…>, 6 months ago
refs #941 try to make installer on ESXi pick oglive/ogagent from NFS
Property mode set to `100755`
File size: 72.1 KB

Line
1	#!/bin/bash
2
3	#####################################################################
4	####### Script instalador OpenGnsys
5	####### Autor: Luis Guillén <lguillen@unizar.es>
6	#####################################################################
7
8
9	#####################################################################
10	####### Funciones de configuración
11	#####################################################################
12
13	MY_BRANCH=$1
14
15	# Devuelve en la variable PASSWORD la clave introducida por el usuario (o la indicada por defecto)
16	function enterPassword ()
17	{
18	local PASSWORD2
19	local DEFAULT_PASSWORD="$1"
20
21	while : ; do
22	stty -echo
23	read -r PASSWORD
24	stty echo
25	if [ -z "$PASSWORD" ]; then
26	# Si esta vacio ponemos el valor por defecto
27	PASSWORD="${PASSWORD:-$DEFAULT_PASSWORD}"
28	break
29	else
30	if [ -n "${PASSWORD//[a-zA-Z0-9]/}" ]; then # Comprobamos que sea un valor alfanumerico
31	echo -e "\\aERROR: Password must be alphanumeric, try again..."
32	else
33	echo -n -e "\\nConfirm password: "
34	stty -echo
35	read -r PASSWORD2
36	stty echo
37	if [ "$PASSWORD" == "$PASSWORD2" ]; then
38	break
39	else
40	echo -e "\\aERROR: Passwords don't match, try again."
41	fi
42	fi
43	fi
44	echo -n -e "Please, enter a new password (${DEFAULT_PASSWORD}): "
45	done
46	}
47
48	# Recoge los datos de configuración introducidos por el usuario.
49	function userData ()
50	{
51	#### AVISO: Puede editar configuración de acceso por defecto.
52	#### WARNING: Edit default access configuration if you wish.
53	DEFAULT_MYSQL_ROOT_PASSWORD="passwordroot" # Clave por defecto root de MySQL
54	DEFAULT_OPENGNSYS_DB_USER="usuog" # Usuario por defecto de acceso a la base de datos
55	DEFAULT_OPENGNSYS_DB_PASSWD="passusuog" # Clave por defecto de acceso a la base de datos
56	DEFAULT_OPENGNSYS_CLIENT_PASSWD="og" # Clave por defecto de acceso del cliente
57	DEFAULT_OGLIVE="ogLive-noble-6.8.0-31-generic-amd64-r20240716-20241014.iso" # Cliente ogLive
58	DEFAULT_UDS_REST_URL="${DEFAULT_UDS_REST_URL:-https://uds.example.com/uds/rest/}"
59	DEFAULT_UDS_AUTHENTICATOR="${DEFAULT_UDS_AUTHENTICATOR:-Local users}"
60	DEFAULT_UDS_USER="${DEFAULT_UDS_USER:-user}"
61	DEFAULT_UDS_PASS="${DEFAULT_UDS_PASS:-pass}"
62
63	echo -e "\\nOpenGnsys Installation"
64	echo "=============================="
65
66	if [[ ! $- =~ s ]]; then
67	echo -e "\\nNot interactive mode: setting default configuration values.\\n"
68	MYSQL_ROOT_PASSWORD="$DEFAULT_MYSQL_ROOT_PASSWORD"
69	OPENGNSYS_DB_USER="$DEFAULT_OPENGNSYS_DB_USER"
70	OPENGNSYS_DB_PASSWD="$DEFAULT_OPENGNSYS_DB_PASSWD"
71	OPENGNSYS_CLIENT_PASSWD="$DEFAULT_OPENGNSYS_CLIENT_PASSWD"
72	OGLIVE="$DEFAULT_OGLIVE"
73	UDS_REST_URL="$DEFAULT_UDS_REST_URL"
74	UDS_AUTHENTICATOR="$DEFAULT_UDS_AUTHENTICATOR"
75	UDS_USER="$DEFAULT_UDS_USER"
76	UDS_PASS="$DEFAULT_UDS_PASS"
77	UDS_REST_URL="$DEFAULT_UDS_REST_URL"
78	UDS_AUTHENTICATOR="$DEFAULT_UDS_AUTHENTICATOR"
79	UDS_USER="$DEFAULT_UDS_USER"
80	UDS_PASS="$DEFAULT_UDS_PASS"
81	return
82	fi
83
84	# Clave root de MySQL
85	echo -n -e "\\nEnter root password for MySQL (${DEFAULT_MYSQL_ROOT_PASSWORD}): "
86	enterPassword "$DEFAULT_MYSQL_ROOT_PASSWORD"
87	MYSQL_ROOT_PASSWORD="$PASSWORD"
88
89	# Usuario de acceso a la base de datos
90	while : ; do
91	echo -n -e "\\n\\nEnter username for OpenGnsys console (${DEFAULT_OPENGNSYS_DB_USER}): "
92	read -r OPENGNSYS_DB_USER
93	if [ -n "${OPENGNSYS_DB_USER//[a-zA-Z0-9]/}" ]; then # Comprobamos que sea un valor alfanumerico
94	echo -e "\\aERROR: Must be alphanumeric, try again..."
95	else
96	# Si esta vacio ponemos el valor por defecto
97	OPENGNSYS_DB_USER="${OPENGNSYS_DB_USER:-$DEFAULT_OPENGNSYS_DB_USER}"
98	break
99	fi
100	done
101
102	# Clave de acceso a la base de datos
103	echo -n -e "\\nEnter password for OpenGnsys console (${DEFAULT_OPENGNSYS_DB_PASSWD}): "
104	enterPassword "$DEFAULT_OPENGNSYS_DB_PASSWD"
105	OPENGNSYS_DB_PASSWD="$PASSWORD"
106
107	# Clave de acceso del cliente
108	echo -n -e "\\n\\nEnter root password for OpenGnsys client (${DEFAULT_OPENGNSYS_CLIENT_PASSWD}): "
109	enterPassword "$DEFAULT_OPENGNSYS_CLIENT_PASSWD"
110	OPENGNSYS_CLIENT_PASSWD="$PASSWORD"
111
112	# Selección de clientes ogLive para descargar.
113	while : ; do
114	echo -e "\\n\\nChoose ogLive client to install."
115	echo -e "1) Kernel 5.11, 64-bit, EFI-compatible"
116	echo -e "2) Kernel 3.2, 32-bit"
117	echo -e "3) Both"
118	echo -n -e "Please, type a valid number (1): "
119	read -r OPT
120	case "$OPT" in
121	1\|"") OGLIVE="$DEFAULT_OGLIVE"
122	break ;;
123	2) OGLIVE="ogLive-precise-3.2.0-23-generic-r5159.iso"
124	break ;;
125	3) OGLIVE=" $DEFAULT_OGLIVE ogLive-precise-3.2.0-23-generic-r5159.iso";
126	break ;;
127	*) echo -e "\\aERROR: unknown option, try again."
128	esac
129	done
130
131	# URL de API REST de UDS
132	echo -n -e "\\nEnter UDS REST API URL (${DEFAULT_UDS_REST_URL}): "
133	read -r -ei "${DEFAULT_UDS_REST_URL}" UDS_REST_URL
134
135	# Autenticador de UDS
136	echo -n -e "\\nEnter UDS authenticator (${DEFAULT_UDS_AUTHENTICATOR}): "
137	enterPassword "$DEFAULT_UDS_AUTHENTICATOR"
138	UDS_AUTHENTICATOR="$PASSWORD"
139
140	# Usuario de UDS
141	echo -n -e "\\nEnter UDS username (${DEFAULT_UDS_USER}): "
142	read -r -ei "${DEFAULT_UDS_USER}" UDS_USER
143
144	# Contraseña de UDS
145	echo -n -e "\\nEnter UDS password (${DEFAULT_UDS_PASS}): "
146	enterPassword "$DEFAULT_UDS_PASS"
147	UDS_PASS="$PASSWORD"
148
149	unset PASSWORD
150	echo -e "\\n=============================="
151	}
152
153	# Asigna valores globales de configuración para el script.
154	function globalSetup ()
155	{
156	PROGRAMDIR=$(readlink -e "$(dirname "$0")")
157	PROGRAMNAME=$(basename "$0")
158
159	# Comprobar si se ha descargado el paquete comprimido (REMOTE=0) o sólo el instalador (REMOTE=1).
160	OPENGNSYS_SERVER="ognproject.evlt.uma.es"
161	DOWNLOADURL="https://$OPENGNSYS_SERVER/trac/downloads"
162	set -x
163	if [ -d "$PROGRAMDIR/../installer" ]; then
164	echo REMOTE=0
165	REMOTE=0
166	else
167	echo REMOTE=1
168	REMOTE=1
169	fi
170	BRANCH=$1
171	if [[ -z $BRANCH ]]; then
172	BRANCH="main"
173	fi
174	set +x
175	API_URL="https://api.github.com/repos/opengnsys/OpenGnsys"
176	GIT_REPO="https://ognproject.evlt.uma.es/gitea/opengnsys/opengnsys.git"
177
178	# Directorios de instalación y destino de OpenGnsys.
179	WORKDIR=/tmp/opengnsys_installer
180	INSTALL_TARGET=/opt/opengnsys
181	PATH=$PATH:$INSTALL_TARGET/bin
182
183	# Registro de incidencias.
184	OGLOGFILE=$INSTALL_TARGET/log/${PROGRAMNAME%.sh}.log
185	LOG_FILE=/tmp/$(basename $OGLOGFILE)
186
187	# Usuario del cliente para acceso remoto.
188	OPENGNSYS_CLIENT_USER="opengnsys"
189	# Nombre de la base datos y fichero SQL para su creación.
190	OPENGNSYS_DATABASE="ogAdmBD"
191	OPENGNSYS_DB_CREATION_FILE=opengnsys/admin/Database/${OPENGNSYS_DATABASE}.sql
192
193	# Set Default net
194	DHCPNET=${DHCPNET:-"NONE"}
195	echo Default Network is $DHCPNET
196	}
197
198	# Generar variables de configuración del instalador
199	# Variables globales:
200	# - OSDISTRIB, OSVERSION - tipo y versión de la distribución GNU/Linux
201	# - DEPENDENCIES - array de dependencias que deben estar instaladas
202	# - UPDATEPKGLIST, INSTALLPKGS, CHECKPKGS - comandos para gestión de paquetes
203	# - INSTALLEXTRADEPS - instalar dependencias no incluidas en la distribución
204	# - STARTSERVICE, ENABLESERVICE - iniciar y habilitar un servicio
205	# - STOPSERVICE, DISABLESERVICE - parar y deshabilitar un servicio
206	# - APACHESERV, APACHECFGDIR, APACHESITESDIR, APACHEUSER, APACHEGROUP - servicio y configuración de Apache
207	# - APACHEENABLEMODS, APACHEENABLESSL, APACHEMAKECERT - habilitar módulos y certificado SSL
208	# - APACHEENABLEOG, APACHEOGSITE, - habilitar sitio web de OpenGnsys
209	# - PHPFPMSERV - servicio PHP FastCGI Process Manager para Apache
210	# - INETDSERV - servicio Inetd
211	# - DHCPSERV, DHCPCFGDIR - servicio y configuración de DHCP
212	# - MYSQLSERV, TMPMYCNF - servicio MySQL y fichero temporal con credenciales de acceso
213	# - MARIADBSERV - servicio MariaDB (sustituto de MySQL en algunas distribuciones)
214	# - RSYNCSERV, RSYNCCFGDIR - servicio y configuración de Rsync
215	# - SAMBASERV, SAMBACFGDIR - servicio y configuración de Samba
216	# - TFTPSERV, TFTPCFGDIR - servicio y configuración de TFTP/PXE
217	function autoConfigure()
218	{
219	# Detectar sistema operativo del servidor (compatible con fichero os-release y con LSB).
220	if [ -f /etc/os-release ]; then
221	source /etc/os-release
222	OSDISTRIB="$ID"
223	OSVERSION="$VERSION_ID"
224	else
225	OSDISTRIB=$(lsb_release -is 2>/dev/null)
226	OSVERSION=$(lsb_release -rs 2>/dev/null)
227	fi
228	# Convertir distribución a minúsculas y obtener solo el 1er número de versión.
229	OSDISTRIB="${OSDISTRIB,,}"
230	OSVERSION="${OSVERSION%%.*}"
231
232	# Configuración según la distribución GNU/Linux (usar minúsculas).
233	case "$OSDISTRIB" in
234	ubuntu\|debian\|linuxmint)
235	DEPENDENCIES=( subversion apache2 php php-ldap php-fpm mariadb-server php-mysql isc-dhcp-server bittorrent tftp-hpa tftpd-hpa xinetd build-essential g++-multilib libmysqlclient-dev wget curl doxygen graphviz bittornado ctorrent samba rsync unzip netpipes debootstrap schroot squashfs-tools btrfs-tools procps arp-scan realpath php-curl gettext moreutils jq wakeonlan udpcast libev-dev libjansson-dev libssl-dev shim-signed grub-efi-amd64-signed gawk libdbi-dev libdbi1 libdbd-mysql liblz4-tool git stunnel4 )
236	UPDATEPKGLIST="apt-get update"
237	INSTALLPKG="apt-get -y install --force-yes"
238	CHECKPKG="dpkg -s \$package 2>/dev/null \| grep Status \| grep -qw install"
239	if which service &>/dev/null; then
240	STARTSERVICE="eval service \$service restart"
241	STOPSERVICE="eval service \$service stop"
242	else
243	STARTSERVICE="eval /etc/init.d/\$service restart"
244	STOPSERVICE="eval /etc/init.d/\$service stop"
245	fi
246	ENABLESERVICE="eval update-rc.d \$service defaults"
247	DISABLESERVICE="eval update-rc.d \$service disable"
248	APACHESERV=apache2
249	APACHECFGDIR=/etc/apache2
250	APACHESITESDIR=sites-available
251	APACHEOGSITE=opengnsys
252	APACHEUSER="www-data"
253	APACHEGROUP="www-data"
254	APACHEENABLEMODS="a2enmod ssl rewrite proxy_fcgi fastcgi actions alias"
255	APACHEENABLESSL="a2ensite default-ssl"
256	APACHEENABLEOG="a2ensite $APACHEOGSITE"
257	APACHEMAKECERT="make-ssl-cert generate-default-snakeoil --force-overwrite"
258	DHCPSERV=isc-dhcp-server
259	DHCPCFGDIR=/etc/dhcp
260	INETDSERV=xinetd
261	INETDCFGDIR=/etc/xinetd.d
262	MYSQLSERV=mysql
263	MYSQLCFGDIR=/etc/mysql/mysql.conf.d
264	MARIADBSERV=mariadb
265	PHPFPMSERV=php-fpm
266	RSYNCSERV=rsync
267	RSYNCCFGDIR=/etc
268	SAMBASERV=smbd
269	SAMBACFGDIR=/etc/samba
270	TFTPCFGDIR=/var/lib/tftpboot
271	LOCAL_CERTS_DIR=/usr/local/share/ca-certificates
272	UPDATE_CA_CMD=update-ca-certificates
273	STUNNEL_CAPATH=/etc/ssl/certs
274	;;
275	fedora\|centos)
276	DEPENDENCIES=( subversion httpd mod_ssl php-ldap php-fpm mariadb-server mysql-devel mysql-devel.i686 php-mysql dhcp tftp-server tftp xinetd binutils gcc gcc-c++ glibc-devel glibc-devel.i686 glibc-static glibc-static.i686 libstdc++-devel.i686 make wget curl doxygen graphviz ctorrent samba samba-client rsync unzip debootstrap schroot squashfs-tools python-crypto arp-scan procps-ng gettext moreutils jq net-tools udpcast libev-devel jansson-devel openssl-devel shim-x64 grub2-efi-x64 grub2-efi-x64-modules gawk libdbi-devel libdbi libdbi-dbd-mysql http://ftp.altlinux.org/pub/distributions/ALTLinux/5.1/branch/$(arch)/RPMS.classic/netpipes-4.2-alt1.$(arch).rpm )
277	[ "$OSDISTRIB" == "centos" ] && UPDATEPKGLIST="yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-$OSVERSION.noarch.rpm http://rpms.remirepo.net/enterprise/remi-release-$OSVERSION.rpm"
278	INSTALLEXTRADEPS=( 'pushd /tmp; wget -t3 http://ftp.acc.umu.se/mirror/bittornado/BitTornado-0.3.18.tar.gz && tar xvzf BitTornado-0.3.18.tar.gz && cd BitTornado-CVS && python setup.py install && ln -fs btlaunchmany.py /usr/bin/btlaunchmany && ln -fs bttrack.py /usr/bin/bttrack; popd' )
279	INSTALLPKG="yum install -y libstdc++ libstdc++.i686"
280	CHECKPKG="rpm -q --quiet \$package"
281	SYSTEMD=$(which systemctl 2>/dev/null)
282	if [ -n "$SYSTEMD" ]; then
283	STARTSERVICE="eval systemctl start \$service.service"
284	STOPSERVICE="eval systemctl stop \$service.service"
285	ENABLESERVICE="eval systemctl enable \$service.service"
286	DISABLESERVICE="eval systemctl disable \$service.service"
287	else
288	STARTSERVICE="eval service \$service start"
289	STOPSERVICE="eval service \$service stop"
290	ENABLESERVICE="eval chkconfig \$service on"
291	DISABLESERVICE="eval chkconfig \$service off"
292	fi
293	APACHESERV=httpd
294	APACHECFGDIR=/etc/httpd/conf.d
295	APACHEOGSITE=opengnsys.conf
296	APACHEUSER="apache"
297	APACHEGROUP="apache"
298	APACHEREWRITEMOD="sed -i '/rewrite/s/^#//' $APACHECFGDIR/../*.conf"
299	DHCPSERV=dhcpd
300	DHCPCFGDIR=/etc/dhcp
301	INETDSERV=xinetd
302	INETDCFGDIR=/etc/xinetd.d
303	MYSQLSERV=mysqld
304	MYSQLCFGDIR=/etc/my.cnf.d
305	MARIADBSERV=mariadb
306	PHPFPMSERV=php-fpm
307	RSYNCSERV=rsync
308	RSYNCCFGDIR=/etc
309	SAMBASERV=smb
310	SAMBACFGDIR=/etc/samba
311	TFTPSERV=tftp
312	TFTPCFGDIR=/var/lib/tftpboot
313	LOCAL_CERTS_DIR=/etc/pki/ca-trust/source/anchors
314	UPDATE_CA_CMD=update-ca-trust
315	STUNNEL_CAPATH=/etc/pki/tls/certs
316	;;
317	"") echo "ERROR: Unknown Linux distribution, please install \"lsb_release\" command."
318	exit 1 ;;
319	*) echo "ERROR: Distribution not supported by OpenGnsys."
320	exit 1 ;;
321	esac
322
323	# Fichero de credenciales de acceso a MySQL.
324	TMPMYCNF=/tmp/.my.cnf.$$
325	}
326
327
328	# Modificar variables de configuración tras instalar paquetes del sistema.
329	function autoConfigurePost()
330	{
331	local f MKNETDIR
332
333	# Configuraciones específicas para Samba y TFTP en Debian 6.
334	[ -z "$SYSTEMD" -a ! -e /etc/init.d/$SAMBASERV ] && SAMBASERV=samba
335	[ ! -e $TFTPCFGDIR ] && TFTPCFGDIR=/srv/tftp
336
337	# Preparar arranque en red con Grub.
338	for f in grub-mknetdir grub2-mknetdir; do
339	if which $f &>/dev/null; then MKNETDIR=$f; fi
340	done
341	$MKNETDIR --net-directory=$TFTPCFGDIR --subdir=grub
342	}
343
344
345	# Cargar lista de paquetes del sistema y actualizar algunas variables de configuración
346	# dependiendo de la versión instalada.
347	function updatePackageList()
348	{
349	local DHCPVERSION PHP7VERSION
350
351	# Si es necesario, actualizar la lista de paquetes disponibles.
352	[ -n "$UPDATEPKGLIST" ] && eval $UPDATEPKGLIST
353
354	# Configuración personallizada de algunos paquetes.
355	case "$OSDISTRIB" in
356	ubuntu\|linuxmint) # Postconfiguación personalizada para Ubuntu.
357	# Configuración para DHCP v3.
358	DHCPVERSION=$(apt-cache show $(apt-cache pkgnames\|egrep "dhcp.?-server$") \| \
359	awk '/Version/ {print substr($2,1,1);}' \| \
360	sort -n \| tail -1)
361	if [ $DHCPVERSION = 3 ]; then
362	DEPENDENCIES=( ${DEPENDENCIES[@]/isc-dhcp-server/dhcp3-server} )
363	DHCPSERV=dhcp3-server
364	DHCPCFGDIR=/etc/dhcp3
365	fi
366	# Configuración para PHP 7 en Ubuntu.
367	if [ -z "$(apt-cache pkgnames php7)" ]; then
368	eval $INSTALLPKG software-properties-common
369	add-apt-repository -y ppa:ondrej/php
370	eval $UPDATEPKGLIST
371	PHP7VERSION=$(apt-cache pkgnames php7 \| sort \| head -1)
372	PHPFPMSERV="${PHP7VERSION}-fpm"
373	DEPENDENCIES=( ${DEPENDENCIES[@]//php/$PHP7VERSION} )
374	fi
375	# Adaptar dependencias para libmysqlclient.
376	[ -z "$(apt-cache pkgnames libmysqlclient-dev)" ] && [ -n "$(apt-cache pkgnames libmysqlclient15)" ] && DEPENDENCIES=( ${DEPENDENCIES[@]//libmysqlclient-dev/libmysqlclient15} )
377	# Paquetes correctos en versiones nuevas.
378	[ -z "$(apt-cache pkgnames realpath)" ] && DEPENDENCIES=( ${DEPENDENCIES[@]//realpath/coreutils} )
379	[ -z "$(apt-cache pkgnames btrfs-tools)" ] && DEPENDENCIES=( ${DEPENDENCIES[@]//btrfs-tools/btrfs-progs} )
380	[ -z "$(apt-cache pkgnames bittorrent)" ] && DEPENDENCIES=( ${DEPENDENCIES[@]//bittorrent/} )
381	[ -z "$(apt-cache pkgnames bittornado)" ] && DEPENDENCIES=( ${DEPENDENCIES[@]//bittornado/} )
382	;;
383	centos) # Postconfiguación personalizada para CentOS.
384	# Configuración para PHP 7.
385	PHP7VERSION=$(yum list -q php7\* 2>/dev/null \| awk -F. '/^php/ {print $1; exit;}')
386	PHPFPMSERV="${PHP7VERSION}-${PHPFPMSERV}"
387	DEPENDENCIES=( ${PHP7VERSION} ${DEPENDENCIES[@]//php/$PHP7VERSION-php} )
388	# Cambios a aplicar a partir de CentOS 7.
389	if [ $OSVERSION -ge 7 ]; then
390	# Sustituir MySQL por MariaDB.
391	DEPENDENCIES=( ${DEPENDENCIES[*]/mysql-/mariadb-} )
392	# Instalar ctorrent de EPEL para CentOS 6 (no disponible en CentOS 7).
393	DEPENDENCIES=( ${DEPENDENCIES[*]/ctorrent/http://dl.fedoraproject.org/pub/epel/6/$(arch)/Packages/c/ctorrent-1.3.4-14.dnh3.3.2.el6.$(arch).rpm} )
394	fi
395	;;
396	fedora) # Postconfiguación personalizada para Fedora.
397	# Incluir paquetes específicos.
398	DEPENDENCIES=( ${DEPENDENCIES[@]} btrfs-progs )
399	# Sustituir MySQL por MariaDB a partir de Fedora 20.
400	[ $OSVERSION -ge 20 ] && DEPENDENCIES=( ${DEPENDENCIES[*]/mysql-/mariadb-} )
401	;;
402	esac
403	}
404
405
406	#####################################################################
407	####### Algunas funciones útiles de propósito general:
408	#####################################################################
409
410	function getDateTime()
411	{
412	date "+%Y%m%d-%H%M%S"
413	}
414
415	# Escribe a fichero y muestra por pantalla
416	function echoAndLog()
417	{
418	local DATETIME=`getDateTime`
419	echo "$1"
420	echo "$DATETIME;$SSH_CLIENT;$1" >> $LOG_FILE
421	}
422
423	# Escribe a fichero y muestra mensaje de error
424	function errorAndLog()
425	{
426	local DATETIME=`getDateTime`
427	echo "ERROR: $1"
428	echo "$DATETIME;$SSH_CLIENT;ERROR: $1" >> $LOG_FILE
429	}
430
431	# Escribe a fichero y muestra mensaje de aviso
432	function warningAndLog()
433	{
434	local DATETIME=`getDateTime`
435	echo "Warning: $1"
436	echo "$DATETIME;$SSH_CLIENT;Warning: $1" >> $LOG_FILE
437	}
438
439	# Comprueba si el elemento pasado en $2 está en el array $1
440	function isInArray()
441	{
442	if [ $# -ne 2 ]; then
443	errorAndLog "${FUNCNAME}(): invalid number of parameters"
444	exit 1
445	fi
446
447	local deps
448	local is_in_array=1
449	local element="$2"
450
451	echoAndLog "${FUNCNAME}(): checking if $2 is in $1"
452	eval "deps=( \"\${$1[@]}\" )"
453
454	# Copia local del array del parámetro 1.
455	for (( i = 0 ; i < ${#deps[@]} ; i++ )); do
456	if [ "${deps[$i]}" = "${element}" ]; then
457	echoAndLog "isInArray(): $element found in array"
458	is_in_array=0
459	fi
460	done
461
462	if [ $is_in_array -ne 0 ]; then
463	echoAndLog "${FUNCNAME}(): $element NOT found in array"
464	fi
465
466	return $is_in_array
467	}
468
469
470	#####################################################################
471	####### Funciones de manejo de paquetes Debian
472	#####################################################################
473
474	function checkPackage()
475	{
476	package=$1
477	if [ -z $package ]; then
478	errorAndLog "${FUNCNAME}(): parameter required"
479	exit 1
480	fi
481	echoAndLog "${FUNCNAME}(): checking if package $package exists"
482	eval $CHECKPKG
483	if [ $? -eq 0 ]; then
484	echoAndLog "${FUNCNAME}(): package $package exists"
485	return 0
486	else
487	echoAndLog "${FUNCNAME}(): package $package doesn't exists"
488	return 1
489	fi
490	}
491
492	# Recibe array con dependencias
493	# por referencia deja un array con las dependencias no resueltas
494	# devuelve 1 si hay alguna dependencia no resuelta
495	function checkDependencies()
496	{
497	if [ $# -ne 2 ]; then
498	errorAndLog "${FUNCNAME}(): invalid number of parameters"
499	exit 1
500	fi
501
502	echoAndLog "${FUNCNAME}(): checking dependences"
503	uncompletedeps=0
504
505	# copia local del array del parametro 1
506	local deps
507	eval "deps=( \"\${$1[@]}\" )"
508
509	declare -a local_notinstalled
510
511	for (( i = 0 ; i < ${#deps[@]} ; i++ ))
512	do
513	checkPackage ${deps[$i]}
514	if [ $? -ne 0 ]; then
515	local_notinstalled[$uncompletedeps]=$package
516	let uncompletedeps=uncompletedeps+1
517	fi
518	done
519
520	# relleno el array especificado en $2 por referencia
521	for (( i = 0 ; i < ${#local_notinstalled[@]} ; i++ ))
522	do
523	eval "${2}[$i]=${local_notinstalled[$i]}"
524	done
525
526	# retorna el numero de paquetes no resueltos
527	echoAndLog "${FUNCNAME}(): dependencies uncompleted: $uncompletedeps"
528	return $uncompletedeps
529	}
530
531	# Recibe un array con las dependencias y lo instala
532	function installDependencies()
533	{
534	if [ $# -ne 1 ]; then
535	errorAndLog "${FUNCNAME}(): invalid number of parameters"
536	exit 1
537	fi
538	echoAndLog "${FUNCNAME}(): installing uncompleted dependencies"
539
540	# copia local del array del parametro 1
541	local deps
542	eval "deps=( \"\${$1[@]}\" )"
543
544	local string_deps=""
545	for (( i = 0 ; i < ${#deps[@]} ; i++ ))
546	do
547	string_deps="$string_deps ${deps[$i]}"
548	done
549
550	if [ -z "${string_deps}" ]; then
551	errorAndLog "${FUNCNAME}(): array of dependeces is empty"
552	exit 1
553	fi
554
555	OLD_DEBIAN_FRONTEND=$DEBIAN_FRONTEND # Debian/Ubuntu
556	export DEBIAN_FRONTEND=noninteractive
557
558	echoAndLog "${FUNCNAME}(): now $string_deps will be installed"
559	eval $INSTALLPKG $string_deps
560	if [ $? -ne 0 ]; then
561	errorAndLog "${FUNCNAME}(): error installing dependencies"
562	return 1
563	fi
564
565	DEBIAN_FRONTEND=$OLD_DEBIAN_FRONTEND # Debian/Ubuntu
566	test grep -q "EPEL temporal" /etc/yum.repos.d/epel.repo 2>/dev/null \|\| mv -f /etc/yum.repos.d/epel.repo.rpmnew /etc/yum.repos.d/epel.repo 2>/dev/null # CentOS/RedHat EPEL
567
568	echoAndLog "${FUNCNAME}(): dependencies installed"
569	}
570
571	# Hace un backup del fichero pasado por parámetro
572	# deja un -last y uno para el día
573	function backupFile()
574	{
575	if [ $# -ne 1 ]; then
576	errorAndLog "${FUNCNAME}(): invalid number of parameters"
577	exit 1
578	fi
579
580	local file="$1"
581	local dateymd=`date +%Y%m%d`
582
583	if [ ! -f "$file" ]; then
584	warningAndLog "${FUNCNAME}(): file $file doesn't exists"
585	return 1
586	fi
587
588	echoAndLog "${FUNCNAME}(): making $file backup"
589
590	# realiza una copia de la última configuración como last
591	cp -a "$file" "${file}-LAST"
592
593	# si para el día no hay backup lo hace, sino no
594	if [ ! -f "${file}-${dateymd}" ]; then
595	cp -a "$file" "${file}-${dateymd}"
596	fi
597
598	echoAndLog "${FUNCNAME}(): $file backup success"
599	}
600
601	#####################################################################
602	####### Funciones para el manejo de bases de datos
603	#####################################################################
604
605	# This function set password to root
606	function mysqlSetRootPassword()
607	{
608	if [ $# -ne 1 ]; then
609	errorAndLog "${FUNCNAME}(): invalid number of parameters"
610	exit 1
611	fi
612
613	local root_mysql="$1"
614	echoAndLog "${FUNCNAME}(): setting root password in MySQL server"
615	mysqladmin -u root password "$root_mysql"
616	if [ $? -ne 0 ]; then
617	errorAndLog "${FUNCNAME}(): error while setting root password in MySQL server"
618	return 1
619	fi
620	echoAndLog "${FUNCNAME}(): root password saved!"
621	return 0
622	}
623
624	# Si el servicio mysql esta ya instalado cambia la variable de la clave del root por la ya existente
625	function mysqlGetRootPassword()
626	{
627	local pass_mysql
628	local pass_mysql2
629	# Comprobar si MySQL está instalado con la clave de root por defecto.
630	if mysql -u root -p"$MYSQL_ROOT_PASSWORD" <<<"quit" 2>/dev/null; then
631	echoAndLog "${FUNCNAME}(): Using default mysql root password."
632	else
633	stty -echo
634	echo "There is a MySQL service already installed."
635	read -p "Enter MySQL root password: " pass_mysql
636	echo ""
637	read -p "Confrim password:" pass_mysql2
638	echo ""
639	stty echo
640	if [ "$pass_mysql" == "$pass_mysql2" ] ;then
641	MYSQL_ROOT_PASSWORD="$pass_mysql"
642	return 0
643	else
644	echo "The keys don't match. Do not configure the server's key,"
645	echo "transactions in the database will give error."
646	return 1
647	fi
648	fi
649	}
650
651	# comprueba si puede conectar con mysql con el usuario root
652	function mysqlTestConnection()
653	{
654	if [ $# -ne 1 ]; then
655	errorAndLog "${FUNCNAME}(): invalid number of parameters"
656	exit 1
657	fi
658
659	local root_password="$1"
660	echoAndLog "${FUNCNAME}(): checking connection to mysql..."
661	# Componer fichero con credenciales de conexión a MySQL.
662	touch $TMPMYCNF
663	chmod 600 $TMPMYCNF
664	cat << EOT > $TMPMYCNF
665	[client]
666	user=root
667	password=$root_password
668	EOT
669	# Borrar el fichero temporal si termina el proceso de instalación.
670	trap "rm -f $TMPMYCNF" 0 1 2 3 6 9 15
671	# Comprobar conexión a MySQL.
672	echo "" \| mysql --defaults-extra-file=$TMPMYCNF
673	if [ $? -ne 0 ]; then
674	errorAndLog "${FUNCNAME}(): connection to mysql failed, check root password and if daemon is running!"
675	return 1
676	else
677	echoAndLog "${FUNCNAME}(): connection success"
678	return 0
679	fi
680	}
681
682	# comprueba si la base de datos existe
683	function mysqlDbExists()
684	{
685	if [ $# -ne 1 ]; then
686	errorAndLog "${FUNCNAME}(): invalid number of parameters"
687	exit 1
688	fi
689
690	local database="$1"
691	echoAndLog "${FUNCNAME}(): checking if $database exists..."
692	echo "show databases" \| mysql --defaults-extra-file=$TMPMYCNF \| grep "^${database}$"
693	if [ $? -ne 0 ]; then
694	echoAndLog "${FUNCNAME}():database $database doesn't exists"
695	return 1
696	else
697	echoAndLog "${FUNCNAME}():database $database exists"
698	return 0
699	fi
700	}
701
702	# Comprueba si la base de datos está vacía.
703	function mysqlCheckDbIsEmpty()
704	{
705	if [ $# -ne 1 ]; then
706	errorAndLog "${FUNCNAME}(): invalid number of parameters"
707	exit 1
708	fi
709
710	local database="$1"
711	echoAndLog "${FUNCNAME}(): checking if $database is empty..."
712	num_tablas=`echo "show tables" \| mysql --defaults-extra-file=$TMPMYCNF "${database}" \| wc -l`
713	if [ $? -ne 0 ]; then
714	errorAndLog "${FUNCNAME}(): error executing query, check database and root password"
715	exit 1
716	fi
717
718	if [ $num_tablas -eq 0 ]; then
719	echoAndLog "${FUNCNAME}():database $database is empty"
720	return 0
721	else
722	echoAndLog "${FUNCNAME}():database $database has tables"
723	return 1
724	fi
725
726	}
727
728	# Importa un fichero SQL en la base de datos.
729	# Parámetros:
730	# - 1: nombre de la BD.
731	# - 2: fichero a importar.
732	# Nota: el fichero SQL puede contener las siguientes palabras reservadas:
733	# - SERVERIP: se sustituye por la dirección IP del servidor.
734	# - DBUSER: se sustituye por usuario de conexión a la BD definido en este script.
735	# - DBPASSWD: se sustituye por la clave de conexión a la BD definida en este script.
736	function mysqlImportSqlFileToDb()
737	{
738	if [ $# -ne 2 ]; then
739	errorAndLog "${FNCNAME}(): invalid number of parameters"
740	exit 1
741	fi
742
743	local database="$1"
744	local sqlfile="$2"
745	local tmpfile=$(mktemp)
746	local i=0
747	local dev=""
748	local status
749
750	if [ ! -f $sqlfile ]; then
751	errorAndLog "${FUNCNAME}(): Unable to locate $sqlfile!!"
752	return 1
753	fi
754
755	echoAndLog "${FUNCNAME}(): importing SQL file to ${database}..."
756	chmod 600 $tmpfile
757	for dev in ${DEVICE[*]}; do
758	if [ "${DEVICE[i]}" == "$DEFAULTDEV" ]; then
759	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
760	-e "s/DBUSER/$OPENGNSYS_DB_USER/g" \
761	-e "s/DBPASSWORD/$OPENGNSYS_DB_PASSWD/g" \
762	$sqlfile > $tmpfile
763	fi
764	let i++
765	done
766	mysql --defaults-extra-file=$TMPMYCNF --default-character-set=utf8 "${database}" < $tmpfile
767	status=$?
768	rm -f $tmpfile
769	if [ $status -ne 0 ]; then
770	errorAndLog "${FUNCNAME}(): error while importing $sqlfile in database $database"
771	return 1
772	fi
773	echoAndLog "${FUNCNAME}(): file imported to database $database"
774	return 0
775	}
776
777	# Crea la base de datos
778	function mysqlCreateDb()
779	{
780	if [ $# -ne 1 ]; then
781	errorAndLog "${FUNCNAME}(): invalid number of parameters"
782	exit 1
783	fi
784
785	local database="$1"
786
787	echoAndLog "${FUNCNAME}(): creating database..."
788	mysqladmin --defaults-extra-file=$TMPMYCNF create $database
789	if [ $? -ne 0 ]; then
790	errorAndLog "${FUNCNAME}(): error while creating database $database"
791	return 1
792	fi
793	# Quitar modo ONLY_FULL_GROUP_BY de MySQL (ticket #730).
794	mysql --defaults-extra-file=$TMPMYCNF -e "SET GLOBAL sql_mode=(SELECT TRIM(BOTH ',' FROM REPLACE(@@sql_mode,'ONLY_FULL_GROUP_BY','')));"
795
796	echoAndLog "${FUNCNAME}(): database $database created"
797	return 0
798	}
799
800	# Comprueba si ya está definido el usuario de acceso a la BD.
801	function mysqlCheckUserExists()
802	{
803	if [ $# -ne 1 ]; then
804	errorAndLog "${FUNCNAME}(): invalid number of parameters"
805	exit 1
806	fi
807
808	local userdb="$1"
809
810	echoAndLog "${FUNCNAME}(): checking if $userdb exists..."
811	echo "select user from user where user='${userdb}'\\G" \|mysql --defaults-extra-file=$TMPMYCNF mysql \| grep user
812	if [ $? -ne 0 ]; then
813	echoAndLog "${FUNCNAME}(): user doesn't exists"
814	return 1
815	else
816	echoAndLog "${FUNCNAME}(): user already exists"
817	return 0
818	fi
819
820	}
821
822	# Crea un usuario administrativo para la base de datos
823	function mysqlCreateAdminUserToDb()
824	{
825	if [ $# -ne 3 ]; then
826	errorAndLog "${FUNCNAME}(): invalid number of parameters"
827	exit 1
828	fi
829
830	local database="$1"
831	local userdb="$2"
832	local passdb="$3"
833
834	echoAndLog "${FUNCNAME}(): creating admin user ${userdb} to database ${database}"
835
836	cat > $WORKDIR/create_${database}.sql <<EOF
837	CREATE USER '${userdb}'@'localhost' IDENTIFIED BY '${passdb}';
838	GRANT USAGE ON . TO '${userdb}'@'localhost';
839	GRANT ALL PRIVILEGES ON ${database}.* TO '${userdb}'@'localhost' WITH GRANT OPTION;
840	FLUSH PRIVILEGES;
841	EOF
842	mysql --defaults-extra-file=$TMPMYCNF < $WORKDIR/create_${database}.sql
843	if [ $? -ne 0 ]; then
844	errorAndLog "${FUNCNAME}(): error while creating user in mysql"
845	rm -f $WORKDIR/create_${database}.sql
846	return 1
847	else
848	echoAndLog "${FUNCNAME}(): user created ok"
849	rm -f $WORKDIR/create_${database}.sql
850	return 0
851	fi
852	}
853
854
855	#####################################################################
856	####### Funciones para la descarga de código
857	#####################################################################
858
859	# Obtiene el código fuente del proyecto desde el repositorio de GitHub.
860	function downloadCode()
861	{
862	if [ $# -ne 1 ]; then
863	errorAndLog "${FUNCNAME}(): invalid number of parameters"
864	exit 1
865	fi
866
867	local url="$1"
868
869	echoAndLog "${FUNCNAME}(): downloading code from '$url'..."
870
871	RETRIES=5
872	DELAY=4
873	COUNT=1
874	while [ $COUNT -lt $RETRIES ]; do
875	GIT_SSL_NO_VERIFY=1 git clone $url
876	if [ $? -eq 0 ]; then
877	RETRIES=0
878	break
879	fi
880	let COUNT=$COUNT+1
881	sleep $DELAY
882	done
883
884	if [ $? -ne 0 ]; then
885	errorAndLog "${FUNCNAME}(): error getting OpenGnsys code from $url"
886	return 1
887	fi
888	rm -rf opengnsys/.git
889	echoAndLog "${FUNCNAME}(): code was downloaded"
890	return 0
891	}
892
893
894	############################################################
895	### Detectar red
896	############################################################
897
898	# Convierte nº de bits (notación CIDR) en máscara de red (gracias a FriedZombie en openwrt.org).
899	cidr2mask ()
900	{
901	# Number of args to shift, 255..255, first non-255 byte, zeroes
902	set -- $[ 5 - ($1 / 8) ] 255 255 255 255 $[ (255 << (8 - ($1 % 8))) & 255 ] 0 0 0
903	[ $1 -gt 1 ] && shift $1 \|\| shift
904	echo ${1-0}.${2-0}.${3-0}.${4-0}
905	}
906
907	# Obtener los parámetros de red de la interfaz por defecto.
908	function getNetworkSettings()
909	{
910	# Arrays globales definidas:
911	# - DEVICE: nombres de dispositivos de red activos.
912	# - SERVERIP: IPs locales del servidor.
913	# - NETIP: IPs de redes.
914	# - NETMASK: máscaras de red.
915	# - NETBROAD: IPs de difusión de redes.
916	# - ROUTERIP: IPs de routers.
917	# Otras variables globales:
918	# - DEFAULTDEV: dispositivo de red por defecto.
919	# - DNSIP: IP del servidor DNS principal.
920
921	local i=0
922	local dev=""
923
924	echoAndLog "${FUNCNAME}(): Detecting network parameters."
925	DEVICE=( $(ip -o link show up \| awk '!/loopback/ {sub(/[:@].*/,"",$2); print $2}') )
926	if [ -z "$DEVICE" ]; then
927	errorAndLog "${FUNCNAME}(): Network devices not detected."
928	exit 1
929	fi
930	for dev in ${DEVICE[*]}; do
931	SERVERIP[i]=$(ip -o addr show dev "$dev" \| awk '$3~/inet$/ {sub (/\/.*/, ""); print ($4); exit;}')
932	if [ -n "${SERVERIP[i]}" ]; then
933	NETMASK[i]=$( cidr2mask $(ip -o addr show dev "$dev" \| awk '$3~/inet$/ {sub (/.*\//, "", $4); print ($4); exit;}') )
934	NETBROAD[i]=$(ip -o addr show dev "$dev" \| awk '$3~/inet$/ {print ($6); exit;}')
935	NETIP[i]=$(ip route list proto kernel \| awk -v d="$dev" '$3==d && /src/ {sub (/\/.*/,""); print $1; exit;}')
936	ROUTERIP[i]=$(ip route list default \| awk -v d="$dev" '$5==d {print $3; exit;}')
937	if [ $DHCPNET == ${NETIP[i]} ]; then
938	DEFAULTDEV="$dev"
939	else
940	DEFAULTDEV=${DEFAULTDEV:-"$dev"}
941	fi
942	fi
943	let i++
944	done
945	DNSIP=$(systemd-resolve --status 2>/dev/null \| awk '/DNS Servers:/ {print $3; exit;}')
946	[ -z "$DNSIP" ] && DNSIP=$(awk '/nameserver/ {print $2; exit;}' /etc/resolv.conf)
947	if [ -z "${NETIP[]}" -o -z "${NETMASK[]}" ]; then
948	errorAndLog "${FUNCNAME}(): Network not detected."
949	exit 1
950	fi
951
952	# Variables de ejecución de Apache
953	# - APACHE_RUN_USER
954	# - APACHE_RUN_GROUP
955	if [ -f $APACHECFGDIR/envvars ]; then
956	source $APACHECFGDIR/envvars
957	fi
958	APACHE_RUN_USER=${APACHE_RUN_USER:-"$APACHEUSER"}
959	APACHE_RUN_GROUP=${APACHE_RUN_GROUP:-"$APACHEGROUP"}
960
961	echoAndLog "${FUNCNAME}(): Default network device: $DEFAULTDEV."
962	}
963
964
965	############################################################
966	### Esqueleto para el Servicio pxe y contenedor tftpboot ###
967	############################################################
968
969	function tftpConfigure()
970	{
971	echoAndLog "${FUNCNAME}(): Configuring TFTP service."
972	# Habilitar TFTP y reiniciar Inetd.
973	if [ -n "$TFTPSERV" ]; then
974	if [ -f $INETDCFGDIR/$TFTPSERV ]; then
975	perl -pi -e 's/disable.*/disable = no/' $INETDCFGDIR/$TFTPSERV
976	else
977	service=$TFTPSERV
978	$ENABLESERVICE; $STARTSERVICE
979	fi
980	fi
981	service=$INETDSERV
982	$ENABLESERVICE; $STARTSERVICE
983
984	# comprobamos el servicio tftp
985	sleep 1
986	testPxe
987	}
988
989	# Comprueba que haya conexión al servicio TFTP/PXE.
990	function testPxe ()
991	{
992	echoAndLog "${FUNCNAME}(): Checking TFTP service... please wait."
993	echo "test" >$TFTPCFGDIR/testpxe
994	tftp -v 127.0.0.1 -c get testpxe /tmp/testpxe && echoAndLog "TFTP service is OK." \|\| errorAndLog "TFTP service is down."
995	rm -f $TFTPCFGDIR/testpxe /tmp/testpxe
996	}
997
998
999	########################################################################
1000	## Configuración servicio Samba
1001	########################################################################
1002
1003	# Configurar servicios Samba.
1004	function smbConfigure()
1005	{
1006	echoAndLog "${FUNCNAME}(): Configuring Samba service."
1007
1008	backupFile $SAMBACFGDIR/smb.conf
1009
1010	# Copiar plantailla de recursos para OpenGnsys
1011	sed -e "s/OPENGNSYSDIR/${INSTALL_TARGET//\//\\/}/g" \
1012	$WORKDIR/opengnsys/server/etc/smb-og.conf.tmpl > $SAMBACFGDIR/smb-og.conf
1013	# Configurar y recargar Samba"
1014	perl -pi -e "s/WORKGROUP/OPENGNSYS/; s/server string \=.*/server string \= OpenGnsys Samba Server/" $SAMBACFGDIR/smb.conf
1015	if ! grep -q "smb-og" $SAMBACFGDIR/smb.conf; then
1016	echo "include = $SAMBACFGDIR/smb-og.conf" >> $SAMBACFGDIR/smb.conf
1017	fi
1018	service=$SAMBASERV
1019	$ENABLESERVICE; $STARTSERVICE
1020	if [ $? -ne 0 ]; then
1021	errorAndLog "${FUNCNAME}(): error while configure Samba"
1022	return 1
1023	fi
1024	# Crear clave para usuario de acceso a los recursos.
1025	echo -ne "$OPENGNSYS_CLIENT_PASSWD\n$OPENGNSYS_CLIENT_PASSWD\n" \| smbpasswd -a -s $OPENGNSYS_CLIENT_USER
1026
1027	echoAndLog "${FUNCNAME}(): Added Samba configuration."
1028	return 0
1029	}
1030
1031
1032	########################################################################
1033	## Configuración servicio Rsync
1034	########################################################################
1035
1036	# Configurar servicio Rsync.
1037	function rsyncConfigure()
1038	{
1039	echoAndLog "${FUNCNAME}(): Configuring Rsync service."
1040
1041	backupFile $RSYNCCFGDIR/rsyncd.conf
1042
1043	# Configurar acceso a Rsync.
1044	sed -e "s/CLIENTUSER/$OPENGNSYS_CLIENT_USER/g" \
1045	$WORKDIR/opengnsys/repoman/etc/rsyncd.conf.tmpl > $RSYNCCFGDIR/rsyncd.conf
1046	# Habilitar Rsync y reiniciar Inetd.
1047	if [ -n "$RSYNCSERV" ]; then
1048	if [ -f /etc/default/rsync ]; then
1049	perl -pi -e 's/RSYNC_ENABLE=.*/RSYNC_ENABLE=inetd/' /etc/default/rsync
1050	fi
1051	if [ -f $INETDCFGDIR/rsync ]; then
1052	perl -pi -e 's/disable.*/disable = no/' $INETDCFGDIR/rsync
1053	else
1054	cat << EOT > $INETDCFGDIR/rsync
1055	service rsync
1056	{
1057	disable = no
1058	socket_type = stream
1059	wait = no
1060	user = root
1061	server = $(which rsync)
1062	server_args = --daemon
1063	log_on_failure += USERID
1064	flags = IPv6
1065	}
1066	EOT
1067	fi
1068	service=$RSYNCSERV $ENABLESERVICE
1069	service=$INETDSERV $STARTSERVICE
1070	fi
1071
1072	echoAndLog "${FUNCNAME}(): Added Rsync configuration."
1073	return 0
1074	}
1075
1076
1077	########################################################################
1078	## Configuración servicio DHCP
1079	########################################################################
1080
1081	# Configurar servicios DHCP.
1082	function dhcpConfigure()
1083	{
1084	echoAndLog "${FUNCNAME}(): Sample DHCP configuration."
1085
1086	local errcode=0
1087	local i=0
1088	local dev=""
1089
1090	backupFile $DHCPCFGDIR/dhcpd.conf
1091	for dev in ${DEVICE[*]}; do
1092	if [ -n "${SERVERIP[i]}" ]; then
1093	backupFile $DHCPCFGDIR/dhcpd-$dev.conf
1094	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
1095	-e "s/NETIP/${NETIP[i]}/g" \
1096	-e "s/NETMASK/${NETMASK[i]}/g" \
1097	-e "s/NETBROAD/${NETBROAD[i]}/g" \
1098	-e "s/ROUTERIP/${ROUTERIP[i]}/g" \
1099	-e "s/DNSIP/$DNSIP/g" \
1100	$WORKDIR/opengnsys/server/etc/dhcpd.conf.tmpl > $DHCPCFGDIR/dhcpd-$dev.conf \|\| errcode=1
1101	fi
1102	let i++
1103	done
1104	if [ $errcode -ne 0 ]; then
1105	errorAndLog "${FUNCNAME}(): error while configuring DHCP server"
1106	return 1
1107	fi
1108	ln -f $DHCPCFGDIR/dhcpd-$DEFAULTDEV.conf $DHCPCFGDIR/dhcpd.conf
1109	service=$DHCPSERV
1110	$ENABLESERVICE; $STARTSERVICE
1111	echoAndLog "${FUNCNAME}(): Sample DHCP configured in \"$DHCPCFGDIR\"."
1112	return 0
1113	}
1114
1115
1116	#####################################################################
1117	####### Funciones específicas de la instalación de Opengnsys
1118	#####################################################################
1119
1120	# Copiar ficheros del OpenGnsys Web Console.
1121	function installWebFiles()
1122	{
1123	local COMPATDIR f
1124	local SLIMFILE="slim-2.6.1.zip"
1125	local SWAGGERFILE="swagger-ui-2.2.5.zip"
1126
1127	echoAndLog "${FUNCNAME}(): Installing web files..."
1128	# Copiar ficheros.
1129	cp -a $WORKDIR/opengnsys/admin/WebConsole/* $INSTALL_TARGET/www #*/ comentario para Doxygen.
1130	if [ $? != 0 ]; then
1131	errorAndLog "${FUNCNAME}(): Error copying web files."
1132	exit 1
1133	fi
1134
1135	# Descomprimir librerías: Slim y Swagger-UI.
1136	unzip -o $WORKDIR/opengnsys/admin/$SLIMFILE -d $INSTALL_TARGET/www/rest
1137	unzip -o $WORKDIR/opengnsys/admin/$SWAGGERFILE -d $INSTALL_TARGET/www/rest
1138
1139	# Compatibilidad con dispositivos móviles.
1140	COMPATDIR="$INSTALL_TARGET/www/principal"
1141	for f in acciones administracion aula aulas hardwares imagenes menus repositorios softwares; do
1142	sed 's/clickcontextualnodo/clicksupnodo/g' $COMPATDIR/$f.php > $COMPATDIR/$f.device.php
1143	done
1144	cp -a $COMPATDIR/imagenes.device.php $COMPATDIR/imagenes.device4.php
1145	# Acceso al manual de usuario
1146	ln -fs ../doc/userManual $INSTALL_TARGET/www/userManual
1147	# Ficheros de log de la API REST.
1148	touch $INSTALL_TARGET/log/{ogagent,remotepc,rest}.log
1149
1150	echoAndLog "${FUNCNAME}(): Web files installed successfully."
1151	}
1152
1153	function configurePHPvars()
1154	{
1155	OGADMSRV_HOSTNAME=$1
1156	OGADMSRV_PORT=$2
1157	sed "s/__OGADMSRV_HOSTNAME__/$OGADMSRV_HOSTNAME/; s/__OGADMSRV_PORT__/$OGADMSRV_PORT/" <$WORKDIR/opengnsys/server/etc/php-vars.php.tmpl >$INSTALL_TARGET/etc/php-vars.php
1158	}
1159
1160	# Copiar ficheros en la zona de descargas de OpenGnsys Web Console.
1161	function installDownloadableFiles()
1162	{
1163	local VERSIONFILE OGVERSION FILENAME TARGETFILE
1164
1165	# Obtener versión a descargar.
1166	set -x
1167	VERSIONFILE="$INSTALL_TARGET/doc/VERSION.json"
1168	OGVERSION="$(jq -r ".ogagent // \"$INSTVERSION\"" $VERSIONFILE 2>/dev/null \|\| echo "$INSTVERSION")"
1169	FILENAME="ogagentpkgs-$OGVERSION.tar.gz"
1170	TARGETFILE=$WORKDIR/$FILENAME
1171
1172	# Descargar archivo comprimido, si es necesario.
1173	if [ -s $PROGRAMDIR/$FILENAME ]; then
1174	echoAndLog "${FUNCNAME}(): Moving $PROGRAMDIR/$FILENAME file to $(dirname $TARGETFILE)"
1175	mv $PROGRAMDIR/$FILENAME $TARGETFILE
1176	else
1177	echoAndLog "${FUNCNAME}(): Downloading $FILENAME"
1178	curl --stderr - --insecure --retry 5 --retry-delay 5 --max-time 30 $DOWNLOADURL/$FILENAME -o $TARGETFILE
1179	fi
1180	if [ ! -s $TARGETFILE ]; then
1181	errorAndLog "${FUNCNAME}(): Cannot download $FILENAME"
1182	return 1
1183	fi
1184
1185	# Descomprimir fichero en zona de descargas.
1186	tar xvzf $TARGETFILE -C $INSTALL_TARGET/www/descargas
1187	if [ $? != 0 ]; then
1188	errorAndLog "${FUNCNAME}(): Error uncompressing archive."
1189	exit 1
1190	fi
1191	set +x
1192	}
1193
1194	# Configuración específica de Apache.
1195	function installWebConsoleApacheConf()
1196	{
1197	if [ $# -ne 2 ]; then
1198	errorAndLog "${FUNCNAME}(): invalid number of parameters"
1199	exit 1
1200	fi
1201
1202	local path_opengnsys_base="$1"
1203	local path_apache2_confd="$2"
1204	local CONSOLEDIR=${path_opengnsys_base}/www
1205	local sockfile
1206
1207	if [ ! -d $path_apache2_confd ]; then
1208	errorAndLog "${FUNCNAME}(): path to apache2 conf.d can not found, verify your server installation"
1209	return 1
1210	fi
1211
1212	mkdir -p $path_apache2_confd/{sites-available,sites-enabled}
1213
1214	echoAndLog "${FUNCNAME}(): creating apache2 config file.."
1215
1216	# Avtivar PHP-FPM.
1217	echoAndLog "${FUNCNAME}(): configuring PHP-FPM"
1218	service=$PHPFPMSERV
1219	$ENABLESERVICE; $STARTSERVICE
1220	sockfile=$(find /run/php -name "php*.sock" -type s -print 2>/dev/null \| tail -1)
1221
1222	# Activar módulos de Apache.
1223	$APACHEENABLEMODS
1224	# Activar HTTPS.
1225	$APACHEENABLESSL
1226	$APACHEMAKECERT
1227	# Genera configuración de consola web a partir del fichero plantilla.
1228	if [ -n "$(apachectl -v \| grep "2\.[0-2]")" ]; then
1229	# Configuración para versiones anteriores de Apache.
1230	sed -e "s,CONSOLEDIR,$CONSOLEDIR,g" \
1231	$WORKDIR/opengnsys/server/etc/apache-prev2.4.conf.tmpl > $path_apache2_confd/$APACHESITESDIR/${APACHEOGSITE}
1232	else
1233	# Configuración específica a partir de Apache 2.4
1234	if [ -n "$sockfile" ]; then
1235	sed -e "s,CONSOLEDIR,$CONSOLEDIR,g" \
1236	-e "s,proxy:fcgi:.,proxy:unix:${sockfile%% }\|fcgi://localhost\",g" \
1237	$WORKDIR/opengnsys/server/etc/apache.conf.tmpl > $path_apache2_confd/$APACHESITESDIR/${APACHEOGSITE}.conf
1238	else
1239	sed -e "s,CONSOLEDIR,$CONSOLEDIR,g" \
1240	$WORKDIR/opengnsys/server/etc/apache.conf.tmpl > $path_apache2_confd/$APACHESITESDIR/${APACHEOGSITE}.conf
1241	fi
1242	fi
1243	$APACHEENABLEOG
1244	if [ $? -ne 0 ]; then
1245	errorAndLog "${FUNCNAME}(): config file can't be linked to apache conf, verify your server installation"
1246	return 1
1247	fi
1248	echoAndLog "${FUNCNAME}(): config file created and linked, restarting apache daemon"
1249	service=$APACHESERV
1250	$ENABLESERVICE; $STARTSERVICE
1251	return 0
1252	}
1253
1254
1255	# Crear documentación Doxygen para la consola web.
1256	function makeDoxygenFiles()
1257	{
1258	echoAndLog "${FUNCNAME}(): Making Doxygen web files..."
1259	$WORKDIR/opengnsys/installer/ogGenerateDoc.sh \
1260	$WORKDIR/opengnsys/client/engine $INSTALL_TARGET/www
1261	if [ ! -d "$INSTALL_TARGET/www/html" ]; then
1262	errorAndLog "${FUNCNAME}(): unable to create Doxygen web files."
1263	return 1
1264	fi
1265	mv "$INSTALL_TARGET/www/html" "$INSTALL_TARGET/www/api"
1266	echoAndLog "${FUNCNAME}(): Doxygen web files created successfully."
1267	}
1268
1269
1270	# Crea la estructura base de la instalación de opengnsys
1271	function createDirs()
1272	{
1273	if [ $# -ne 1 ]; then
1274	errorAndLog "${FUNCNAME}(): invalid number of parameters"
1275	exit 1
1276	fi
1277
1278	local path_opengnsys_base="$1"
1279
1280	# Crear estructura de directorios.
1281	echoAndLog "${FUNCNAME}(): creating directory paths in $path_opengnsys_base"
1282	mkdir -p $path_opengnsys_base
1283	mkdir -p $path_opengnsys_base/bin
1284	mkdir -p $path_opengnsys_base/client/{cache,images,log}
1285	mkdir -p $path_opengnsys_base/doc
1286	mkdir -p $path_opengnsys_base/etc
1287	mkdir -p $path_opengnsys_base/lib
1288	mkdir -p $path_opengnsys_base/log/clients
1289	ln -fs $path_opengnsys_base/log /var/log/opengnsys
1290	mkdir -p $path_opengnsys_base/sbin
1291	mkdir -p $path_opengnsys_base/www
1292	mkdir -p $path_opengnsys_base/images/groups
1293	mkdir -p $TFTPCFGDIR
1294	ln -fs $TFTPCFGDIR $path_opengnsys_base/tftpboot
1295	mkdir -p $path_opengnsys_base/tftpboot/{menu.lst,grub}
1296	if [ $? -ne 0 ]; then
1297	errorAndLog "${FUNCNAME}(): error while creating dirs. Do you have write permissions?"
1298	return 1
1299	fi
1300
1301	# Crear usuario ficticio.
1302	if id -u $OPENGNSYS_CLIENT_USER &>/dev/null; then
1303	echoAndLog "${FUNCNAME}(): user \"$OPENGNSYS_CLIENT_USER\" is already created"
1304	else
1305	echoAndLog "${FUNCNAME}(): creating OpenGnsys user"
1306	useradd $OPENGNSYS_CLIENT_USER 2>/dev/null
1307	if [ $? -ne 0 ]; then
1308	errorAndLog "${FUNCNAME}(): error creating OpenGnsys user"
1309	return 1
1310	fi
1311	fi
1312
1313	# Mover el fichero de registro de instalación al directorio de logs.
1314	echoAndLog "${FUNCNAME}(): moving installation log file"
1315	mv $LOG_FILE $OGLOGFILE && LOG_FILE=$OGLOGFILE
1316	chmod 600 $LOG_FILE
1317
1318	echoAndLog "${FUNCNAME}(): directory paths created"
1319	return 0
1320	}
1321
1322	# Copia ficheros de configuración y ejecutables genéricos del servidor.
1323	function copyServerFiles ()
1324	{
1325	if [ $# -ne 1 ]; then
1326	errorAndLog "${FUNCNAME}(): invalid number of parameters"
1327	exit 1
1328	fi
1329
1330	local path_opengnsys_base="$1"
1331
1332	# Lista de ficheros y directorios origen y de directorios destino.
1333	local SOURCES=( server/tftpboot \
1334	/usr/lib/shim/shimx64.efi.signed \
1335	/usr/lib/grub/x86_64-efi-signed/grubnetx64.efi.signed \
1336	server/bin \
1337	repoman/bin \
1338	server/lib \
1339	admin/Sources/Services/ogAdmServerAux
1340	admin/Sources/Services/ogAdmRepoAux
1341	installer/opengnsys_uninstall.sh \
1342	installer/opengnsys_update.sh \
1343	installer/opengnsys_export.sh \
1344	installer/opengnsys_import.sh \
1345	doc )
1346	local TARGETS=( tftpboot \
1347	tftpboot \
1348	tftpboot/grubx64.efi \
1349	bin \
1350	bin \
1351	lib \
1352	sbin \
1353	sbin \
1354	lib \
1355	lib \
1356	lib \
1357	lib \
1358	doc )
1359
1360	if [ ${#SOURCES[@]} != ${#TARGETS[@]} ]; then
1361	errorAndLog "${FUNCNAME}(): inconsistent number of array items"
1362	exit 1
1363	fi
1364
1365	# Copiar ficheros.
1366	echoAndLog "${FUNCNAME}(): copying files to server directories"
1367
1368	pushd $WORKDIR/opengnsys
1369	local i
1370	for (( i = 0; i < ${#SOURCES[@]}; i++ )); do
1371	if [ -f "${SOURCES[$i]}" ]; then
1372	echoAndLog "Copying ${SOURCES[$i]} to $path_opengnsys_base/${TARGETS[$i]}"
1373	cp -a "${SOURCES[$i]}" "${path_opengnsys_base}/${TARGETS[$i]}"
1374	elif [ -d "${SOURCES[$i]}" ]; then
1375	echoAndLog "Copying content of ${SOURCES[$i]} to $path_opengnsys_base/${TARGETS[$i]}"
1376	cp -a "${SOURCES[$i]}"/* "${path_opengnsys_base}/${TARGETS[$i]}"
1377	else
1378	warningAndLog "Unable to copy ${SOURCES[$i]} to $path_opengnsys_base/${TARGETS[$i]}"
1379	fi
1380	done
1381
1382	popd
1383	}
1384
1385	####################################################################
1386	### Funciones de TLS
1387	####################################################################
1388
1389	CA_DIR=/root/CA
1390	OG_BASEDIR=/opt/opengnsys
1391
1392	function gatherCertsInfo()
1393	{
1394	ERRORS=0
1395	## BUG cuando REMOTE=1, $WORKDIR/opengnsys es el contenido del zip (producido al vuelo con 'git archive'), y naturalmente no contiene ./user-certs
1396	## este código debe buscar los certificados en otro sitio adicional
1397	if [ -f $WORKDIR/opengnsys/user-certs/ca.crt.pem ]; then
1398	echoAndLog "CA provided by the user, checking presence of all certificates"
1399
1400	TLS_DATA_CA_CERTFILE=$WORKDIR/opengnsys/user-certs/ca.crt.pem
1401	TLS_DATA_OGADMSRV_CERTFILE=$WORKDIR/opengnsys/user-certs/ogAdmSrv.crt.pem
1402	TLS_DATA_OGADMSRV_KEYFILE=$WORKDIR/opengnsys/user-certs/ogAdmSrv.key.pem
1403	TLS_DATA_WEBCONSOLE_CERTFILE=$WORKDIR/opengnsys/user-certs/WebConsole.crt.pem
1404	TLS_DATA_WEBCONSOLE_KEYFILE=$WORKDIR/opengnsys/user-certs/WebConsole.key.pem
1405
1406	## el usuario tiene que facilitar todos los certificados
1407	## si falta alguno, no podemos generarlo aquí porque habría que tener la privkey de la CA, y el usuario no nos la debe dar
1408	if [ ! -f $TLS_DATA_OGADMSRV_CERTFILE ]; then errorAndLog "ogAdmSrv certificate not found"; ERRORS=1; fi
1409	if [ ! -f $TLS_DATA_OGADMSRV_KEYFILE ]; then errorAndLog "ogAdmSrv privkey not found"; ERRORS=1; fi
1410	if [ ! -f $TLS_DATA_WEBCONSOLE_CERTFILE ]; then errorAndLog "WebConsole certificate not found"; ERRORS=1; fi
1411	if [ ! -f $TLS_DATA_WEBCONSOLE_KEYFILE ]; then errorAndLog "WebConsole privkey not found"; ERRORS=1; fi
1412
1413	if [ $ERRORS -eq 0 ]; then
1414	## validar que las privkeys no tengan contraseña para que opengnsys pueda arrancar de forma desatendida
1415	if ! openssl rsa -in $TLS_DATA_OGADMSRV_KEYFILE -passin pass:42 -noout; then errorAndLog "ogAdmSrv privkey is encrypted"; ERRORS=1; fi
1416	if ! openssl rsa -in $TLS_DATA_WEBCONSOLE_KEYFILE -passin pass:42 -noout; then errorAndLog "WebConsole privkey is encrypted"; ERRORS=1; fi
1417
1418	if [ $ERRORS -eq 0 ]; then
1419	# obtener los subject de cada certificado
1420	# la salida de openssl es tal que "subject=C = ES, ST = Madrid, L = Madrid, CN = test.example.org"
1421	# con el sed cocinamos la salida
1422	# además añadimos un / al principio para que el CN final sea correcto: "/C=ES/ST=Madrid/L=Madrid/CN=test.opengnsys.local"
1423	TLS_DATA_CA_SUBJ=/$( openssl x509 -in $TLS_DATA_CA_CERTFILE -subject -noout \|sed 's/^subject=//; s/ *//g; s/,/\//g')
1424	TLS_DATA_OGADMSRV_SUBJ=/$( openssl x509 -in $TLS_DATA_OGADMSRV_CERTFILE -subject -noout \|sed 's/^subject=//; s/ *//g; s/,/\//g')
1425	TLS_DATA_WEBCONSOLE_SUBJ=/$(openssl x509 -in $TLS_DATA_WEBCONSOLE_CERTFILE -subject -noout \|sed 's/^subject=//; s/ *//g; s/,/\//g')
1426
1427	# obtener CN a partir del subject
1428	TLS_DATA_CA_CN=$( echo $TLS_DATA_CA_SUBJ \|sed 's/.CN=\([^/$]\).*/\1/')
1429	TLS_DATA_OGADMSRV_CN=$( echo $TLS_DATA_OGADMSRV_SUBJ \|sed 's/.CN=\([^/$]\).*/\1/')
1430	TLS_DATA_WEBCONSOLE_CN=$( echo $TLS_DATA_WEBCONSOLE_SUBJ \|sed 's/.CN=\([^/$]\).*/\1/')
1431
1432	# los CN de los componentes que aceptan conexiones deberían resolver a una IP
1433	if ! nslookup $TLS_DATA_OGADMSRV_CN &>/dev/null; then errorAndLog "ogAdmSrv CN doesn't resolve to an IP"; ERRORS=1; fi
1434
1435	if [ $ERRORS -eq 0 ]; then
1436	echoAndLog "Provided CA and certs are ok"
1437	fi
1438	fi
1439	fi
1440	fi
1441
1442	## aquí también hay que tener en cuenta el sitio adicional para los user-certs
1443	if [ ! -f $WORKDIR/opengnsys/user-certs/ca.crt.pem -o $ERRORS -eq 1 ]; then
1444	echoAndLog "CA and certs not provided by the user or issues found, we will generate a new CA and all certs"
1445
1446	TLS_DATA_CA_CN=ca.opengnsys.local
1447	TLS_DATA_CA_SUBJ=/CN=ca.opengnsys.local
1448	TLS_DATA_CA_CERTFILE=$CA_DIR/certs/ca.crt.pem
1449	TLS_DATA_CA_EXPIRY=7300 # this variable is used later to make some decisions
1450
1451	TLS_DATA_OGADMSRV_CN=ogAdmSrv.opengnsys.local
1452	TLS_DATA_OGADMSRV_SUBJ=/CN=ogAdmSrv.opengnsys.local
1453	TLS_DATA_OGADMSRV_CERTFILE=$CA_DIR/certs/ogAdmSrv.crt.pem
1454	TLS_DATA_OGADMSRV_KEYFILE=$CA_DIR/private/ogAdmSrv.key.pem
1455	TLS_DATA_OGADMSRV_EXPIRY=375
1456
1457	TLS_DATA_WEBCONSOLE_CN=WebConsole.opengnsys.local
1458	TLS_DATA_WEBCONSOLE_SUBJ=/CN=WebConsole.opengnsys.local
1459	TLS_DATA_WEBCONSOLE_CERTFILE=$CA_DIR/certs/WebConsole.crt.pem
1460	TLS_DATA_WEBCONSOLE_KEYFILE=$CA_DIR/private/WebConsole.key.pem
1461	TLS_DATA_WEBCONSOLE_EXPIRY=375
1462	fi
1463
1464	# otras cosas de TLS no cubiertas arriba por no estar relacionadas con los certificados
1465	TLS_DATA_OGADMSRV_LISTEN_PORT=48888
1466
1467	return 0
1468	}
1469
1470	function _genCA ()
1471	{
1472	SUBJ=$1
1473	EXPIRY_DAYS=$2
1474	openssl genrsa -out private/ca.key.pem 4096 2>/dev/null
1475	openssl req -config openssl.cnf -key private/ca.key.pem -new -x509 -days $EXPIRY_DAYS -sha256 -subj $SUBJ -out certs/ca.crt.pem
1476
1477	return 0
1478	}
1479
1480	function _genCert ()
1481	{
1482	COMPONENT=$1
1483	SUBJ=$2
1484	EXPIRY_DAYS=$3
1485
1486	openssl genrsa -out private/$COMPONENT.key.pem 2048 2>/dev/null
1487	openssl req -config openssl.cnf -key private/$COMPONENT.key.pem -new -sha256 -subj $SUBJ -out csr/$COMPONENT.csr.pem
1488	openssl ca -config openssl.cnf -batch -days $EXPIRY_DAYS -notext -md sha256 -in csr/$COMPONENT.csr.pem -out certs/$COMPONENT.crt.pem
1489
1490	return 0
1491	}
1492
1493	function genAllCerts ()
1494	{
1495	mkdir -p $CA_DIR
1496	pushd $CA_DIR
1497	cat >openssl.cnf <<EOF
1498	[ca]
1499	default_ca = CA_default
1500
1501	[CA_default]
1502	dir = $CA_DIR
1503	certs = $CA_DIR/certs
1504	new_certs_dir = $CA_DIR/newcerts
1505	database = $CA_DIR/index.txt
1506	serial = $CA_DIR/serial
1507	default_md = sha256
1508	policy = policy_loose
1509
1510	private_key = $CA_DIR/private/ca.key.pem
1511	certificate = $CA_DIR/certs/ca.crt.pem
1512
1513	[policy_loose]
1514	countryName = optional
1515	stateOrProvinceName = optional
1516	localityName = optional
1517	organizationName = optional
1518	organizationalUnitName = optional
1519	commonName = supplied
1520	emailAddress = optional
1521
1522	[req]
1523	default_bits = 2048
1524	distinguished_name = req_distinguished_name
1525	default_md = sha256
1526
1527	[req_distinguished_name]
1528	countryName = Country Name (2 letter code)
1529	EOF
1530	mkdir certs csr newcerts private
1531	chmod 0700 private
1532	touch index.txt index.txt.attr
1533	echo 1000 >serial
1534
1535	_genCA $TLS_DATA_CA_SUBJ $TLS_DATA_CA_EXPIRY
1536	_genCert ogAdmSrv $TLS_DATA_OGADMSRV_SUBJ $TLS_DATA_OGADMSRV_EXPIRY
1537	_genCert WebConsole $TLS_DATA_WEBCONSOLE_SUBJ $TLS_DATA_WEBCONSOLE_EXPIRY
1538
1539	popd
1540	return 0
1541	}
1542
1543	function installAllCerts ()
1544	{
1545	mkdir -p $OG_BASEDIR/etc/ssl
1546
1547	## CA cert goes to the OS store
1548	cp $TLS_DATA_CA_CERTFILE $LOCAL_CERTS_DIR/opengnsys-ca.crt
1549
1550	## ogAdmSrv cert & key go to the application store
1551	cp $TLS_DATA_OGADMSRV_CERTFILE $TLS_DATA_OGADMSRV_KEYFILE $OG_BASEDIR/etc/ssl/
1552	## certs of ogAdmSrv clients go to the OS store (stunnel seems to require this)
1553	cp $TLS_DATA_WEBCONSOLE_CERTFILE $LOCAL_CERTS_DIR/opengnsys-WebConsole.crt
1554
1555	## WebConsole cert & key go to the application store
1556	cp $TLS_DATA_WEBCONSOLE_CERTFILE $TLS_DATA_WEBCONSOLE_KEYFILE $OG_BASEDIR/etc/ssl/
1557
1558	$UPDATE_CA_CMD
1559	chmod 0640 $OG_BASEDIR/etc/ssl/*
1560	chown stunnel4:www-data $OG_BASEDIR/etc/ssl/*
1561
1562	return 0
1563	}
1564
1565	# si generamos nuestros propios certificados, los CNs tienen que resolver a alguna IP
1566	# no podemos dar por hecho que algún servidor DNS por ahí fuera resuelva los CNs que hemos generado al instalar
1567	function makeCommonNamesResolvable ()
1568	{
1569	# ogAdmSrv
1570	local i=0
1571	for dev in ${DEVICE[*]}; do
1572	echoAndLog "${FUNCNAME}(): evaluating dev (${DEVICE[i]}) against defaultdev ($DEFAULTDEV)"
1573	if [ "${DEVICE[i]}" == "$DEFAULTDEV" ]; then
1574	ETC_HOSTS_IP=${SERVERIP[i]}
1575	echoAndLog "${FUNCNAME}(): will use dev (${DEVICE[i]}) IP ($ETC_HOSTS_IP)"
1576	break
1577	fi
1578	let i++
1579	done
1580
1581	if [ -z $ETC_HOSTS_IP ]; then
1582	echoAndLog "${FUNCNAME}(): Don't know what IP address to add to /etc/hosts for ogAdmSrv"
1583	else
1584	echo "$ETC_HOSTS_IP $TLS_DATA_OGADMSRV_CN" >>/etc/hosts
1585	fi
1586
1587	return 0
1588	}
1589
1590	function configureStunnel ()
1591	{
1592	local i=0
1593	for dev in ${DEVICE[*]}; do
1594	echoAndLog "${FUNCNAME}(): evaluating dev (${DEVICE[i]}) against defaultdev ($DEFAULTDEV)"
1595	if [ "${DEVICE[i]}" == "$DEFAULTDEV" ]; then
1596	LISTEN_IP=${SERVERIP[i]}
1597	echoAndLog "${FUNCNAME}(): will use dev (${DEVICE[i]}) IP ($LISTEN_IP)"
1598	break
1599	fi
1600	let i++
1601	done
1602
1603	if [ -z $LISTEN_IP ]; then
1604	echoAndLog "${FUNCNAME}(): Don't know what IP address to listen on"
1605	return 1
1606	fi
1607
1608	cat >/etc/stunnel/ogAdmSrv.conf <<EOF
1609	setuid = stunnel4
1610	setgid = stunnel4
1611	pid = /var/run/stunnel4/ogAdmSrv.pid
1612
1613	[ogAdmSrv]
1614	accept = $LISTEN_IP:$TLS_DATA_OGADMSRV_LISTEN_PORT
1615	connect = 127.0.0.1:8888
1616	cert = $OG_BASEDIR/etc/ssl/ogAdmSrv.crt.pem
1617	key = $OG_BASEDIR/etc/ssl/ogAdmSrv.key.pem
1618	capath = $STUNNEL_CAPATH
1619	requireCert = yes
1620	verifyPeer = yes
1621	verifyChain = yes
1622	EOF
1623
1624	sed -i -e '/^ENABLED=/s/0/1/' /etc/default/stunnel4
1625	service=stunnel4
1626	$STARTSERVICE
1627	return 0
1628	}
1629
1630
1631	####################################################################
1632	### Funciones de compilación de código fuente de servicios
1633	####################################################################
1634
1635	# Compilar los servicios de OpenGnsys
1636	function servicesCompilation ()
1637	{
1638	local hayErrores=0
1639
1640	# Compilar OpenGnsys Server
1641	echoAndLog "${FUNCNAME}(): Compiling OpenGnsys Admin Server"
1642	pushd $WORKDIR/opengnsys/admin/Sources/Services/ogAdmServer
1643	make && mv ogAdmServer $INSTALL_TARGET/sbin
1644	if [ $? -ne 0 ]; then
1645	echoAndLog "${FUNCNAME}(): error while compiling OpenGnsys Admin Server"
1646	hayErrores=1
1647	fi
1648	popd
1649	# Compilar OpenGnsys Agent
1650	echoAndLog "${FUNCNAME}(): Compiling OpenGnsys Agent"
1651	pushd $WORKDIR/opengnsys/admin/Sources/Services/ogAdmAgent
1652	make && mv ogAdmAgent $INSTALL_TARGET/sbin
1653	if [ $? -ne 0 ]; then
1654	echoAndLog "${FUNCNAME}(): error while compiling OpenGnsys Agent"
1655	hayErrores=1
1656	fi
1657	popd
1658	# Compilar OpenGnsys Client
1659	echoAndLog "${FUNCNAME}(): Compiling OpenGnsys Admin Client"
1660	pushd $WORKDIR/opengnsys/admin/Sources/Clients/ogAdmClient
1661	make && mv ogAdmClient ../../../../client/shared/bin
1662	if [ $? -ne 0 ]; then
1663	echoAndLog "${FUNCNAME}(): error while compiling OpenGnsys Admin Client"
1664	hayErrores=1
1665	fi
1666	popd
1667
1668	return $hayErrores
1669	}
1670
1671	####################################################################
1672	### Funciones de copia de la Interface de administración
1673	####################################################################
1674
1675	# Copiar carpeta de Interface
1676	function copyInterfaceAdm ()
1677	{
1678	local hayErrores=0
1679
1680	# Crear carpeta y copiar Interface
1681	echoAndLog "${FUNCNAME}(): Copying Administration Interface Folder"
1682	cp -ar $WORKDIR/opengnsys/admin/Interface $INSTALL_TARGET/client/interfaceAdm
1683	if [ $? -ne 0 ]; then
1684	echoAndLog "${FUNCNAME}(): error while copying Administration Interface Folder"
1685	hayErrores=1
1686	fi
1687
1688	return $hayErrores
1689	}
1690
1691
1692	####################################################################
1693	### Funciones instalacion cliente opengnsys
1694	####################################################################
1695
1696	function copyClientFiles()
1697	{
1698	local errstatus=0
1699
1700	echoAndLog "${FUNCNAME}(): Copying OpenGnsys Client files."
1701	cp -a $WORKDIR/opengnsys/client/shared/* $INSTALL_TARGET/client
1702	if [ $? -ne 0 ]; then
1703	errorAndLog "${FUNCNAME}(): error while copying client estructure"
1704	errstatus=1
1705	fi
1706
1707	echoAndLog "${FUNCNAME}(): Copying OpenGnsys Cloning Engine files."
1708	mkdir -p $INSTALL_TARGET/client/lib/engine/bin
1709	cp -a $WORKDIR/opengnsys/client/engine/.lib $INSTALL_TARGET/client/lib/engine/bin
1710	if [ $? -ne 0 ]; then
1711	errorAndLog "${FUNCNAME}(): error while copying engine files"
1712	errstatus=1
1713	fi
1714
1715	if [ $errstatus -eq 0 ]; then
1716	echoAndLog "${FUNCNAME}(): client copy files success."
1717	else
1718	errorAndLog "${FUNCNAME}(): client copy files with errors"
1719	fi
1720
1721	return $errstatus
1722	}
1723
1724
1725	# Crear certificados para la firma de cargadores de arranque.
1726	function createCerts ()
1727	{
1728	local SSLCFGDIR=$INSTALL_TARGET/client/etc/ssl
1729	echoAndLog "${FUNCNAME}(): creating certificate files"
1730	mkdir -p $SSLCFGDIR/{certs,private}
1731	openssl req -new -x509 -newkey rsa:2048 -keyout $SSLCFGDIR/private/opengnsys.key -out $SSLCFGDIR/certs/opengnsys.crt -nodes -days 3650 -subj "/CN=OpenGnsys/"
1732	openssl x509 -in $SSLCFGDIR/certs/opengnsys.crt -out $SSLCFGDIR/certs/opengnsys.cer -outform DER
1733	echoAndLog "${FUNCNAME}(): certificate successfully created"
1734	}
1735
1736
1737	# Crear cliente OpenGnsys.
1738	function clientCreate()
1739	{
1740	if [ $# -ne 1 ]; then
1741	errorAndLog "${FUNCNAME}(): invalid number of parameters"
1742	exit 1
1743	fi
1744
1745	local FILENAME="$1"
1746	local TARGETFILE=$INSTALL_TARGET/lib/$FILENAME
1747
1748	# Descargar cliente, si es necesario.
1749	if [ -s $PROGRAMDIR/$FILENAME ]; then
1750	echoAndLog "${FUNCNAME}(): Moving $PROGRAMDIR/$FILENAME file to $(dirname $TARGETFILE)"
1751	mv $PROGRAMDIR/$FILENAME $TARGETFILE
1752	else
1753	echoAndLog "${FUNCNAME}(): Downloading $FILENAME"
1754	oglivecli download $FILENAME
1755	fi
1756	if [ ! -s $TARGETFILE ]; then
1757	errorAndLog "${FUNCNAME}(): Error loading $FILENAME"
1758	return 1
1759	fi
1760
1761	# Montar imagen, copiar cliente ogclient y desmontar.
1762	echoAndLog "${FUNCNAME}(): Installing ogLive Client"
1763	echo -ne "$OPENGNSYS_CLIENT_PASSWD\n$OPENGNSYS_CLIENT_PASSWD\n" \| \
1764	oglivecli install $FILENAME
1765
1766	echoAndLog "${FUNCNAME}(): Client generation success"
1767	}
1768
1769
1770	# Configuración básica de servicios de OpenGnsys
1771	function openGnsysConfigure()
1772	{
1773	local i=0
1774	local dev=""
1775	local CONSOLEURL
1776
1777	echoAndLog "${FUNCNAME}(): Copying init files."
1778	cp -a $WORKDIR/opengnsys/admin/Sources/Services/opengnsys.init /etc/init.d/opengnsys
1779	cp -a $WORKDIR/opengnsys/admin/Sources/Services/opengnsys.default /etc/default/opengnsys
1780	# Deshabilitar servicios de BitTorrent si no están instalados.
1781	if [ ! -e /usr/bin/bttrack ]; then
1782	sed -i 's/RUN_BTTRACKER="yes"/RUN_BTTRACKER="no"/; s/RUN_BTSEEDER="yes"/RUN_BTSEEDER="no"/' \
1783	/etc/default/opengnsys
1784	fi
1785	echoAndLog "${FUNCNAME}(): Creating cron files."
1786	echo "* * * * * root [ -x $INSTALL_TARGET/bin/torrent-creator ] && $INSTALL_TARGET/bin/torrent-creator" > /etc/cron.d/torrentcreator
1787	echo "5 * * * * root [ -x $INSTALL_TARGET/bin/torrent-tracker ] && $INSTALL_TARGET/bin/torrent-tracker" > /etc/cron.d/torrenttracker
1788	echo "* * * * * root [ -x $INSTALL_TARGET/bin/deletepreimage ] && $INSTALL_TARGET/bin/deletepreimage" > /etc/cron.d/imagedelete
1789	echo "* * * * * root [ -x $INSTALL_TARGET/bin/ogagentqueue.cron ] && $INSTALL_TARGET/bin/ogagentqueue.cron" > /etc/cron.d/ogagentqueue
1790	echo "/5 * * * root cd $INSTALL_TARGET/www && php uds-set-service-pool.php" > /etc/cron.d/uds-set-service-pool
1791
1792	echoAndLog "${FUNCNAME}(): Creating logrotate configuration files."
1793	sed -e "s/OPENGNSYSDIR/${INSTALL_TARGET//\//\\/}/g" \
1794	$WORKDIR/opengnsys/server/etc/logrotate.tmpl > /etc/logrotate.d/opengnsysServer
1795
1796	sed -e "s/OPENGNSYSDIR/${INSTALL_TARGET//\//\\/}/g" \
1797	$WORKDIR/opengnsys/repoman/etc/logrotate.tmpl > /etc/logrotate.d/opengnsysRepo
1798
1799	echoAndLog "${FUNCNAME}(): Creating OpenGnsys config files."
1800	for dev in ${DEVICE[*]}; do
1801	if [ -n "${SERVERIP[i]}" ]; then
1802	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
1803	-e "s/DBUSER/$OPENGNSYS_DB_USER/g" \
1804	-e "s/DBPASSWORD/$OPENGNSYS_DB_PASSWD/g" \
1805	-e "s/DATABASE/$OPENGNSYS_DATABASE/g" \
1806	$WORKDIR/opengnsys/admin/Sources/Services/ogAdmServer/ogAdmServer.cfg > $INSTALL_TARGET/etc/ogAdmServer-$dev.cfg
1807	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
1808	$WORKDIR/opengnsys/repoman/etc/ogAdmRepo.cfg.tmpl > $INSTALL_TARGET/etc/ogAdmRepo-$dev.cfg
1809	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
1810	-e "s/DBUSER/$OPENGNSYS_DB_USER/g" \
1811	-e "s/DBPASSWORD/$OPENGNSYS_DB_PASSWD/g" \
1812	-e "s/DATABASE/$OPENGNSYS_DATABASE/g" \
1813	$WORKDIR/opengnsys/admin/Sources/Services/ogAdmAgent/ogAdmAgent.cfg > $INSTALL_TARGET/etc/ogAdmAgent-$dev.cfg
1814	CONSOLEURL="https://${SERVERIP[i]}/opengnsys"
1815	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
1816	-e "s/DBUSER/$OPENGNSYS_DB_USER/g" \
1817	-e "s/DBPASSWORD/$OPENGNSYS_DB_PASSWD/g" \
1818	-e "s/DATABASE/$OPENGNSYS_DATABASE/g" \
1819	-e "s/OPENGNSYSURL/${CONSOLEURL//\//\\/}/g" \
1820	$INSTALL_TARGET/www/controlacceso.php > $INSTALL_TARGET/www/controlacceso-$dev.php
1821	sed -e "s/SERVERIP/${SERVERIP[i]}/g" \
1822	-e "s/OPENGNSYSURL/${CONSOLEURL//\//\\/}/g" \
1823	$WORKDIR/opengnsys/admin/Sources/Clients/ogAdmClient/ogAdmClient.cfg > $INSTALL_TARGET/client/etc/ogAdmClient-$dev.cfg
1824	if [ "$dev" == "$DEFAULTDEV" ]; then
1825	OPENGNSYS_CONSOLEURL="$CONSOLEURL"
1826	fi
1827	fi
1828	let i++
1829	done
1830	ln -f $INSTALL_TARGET/etc/ogAdmServer-$DEFAULTDEV.cfg $INSTALL_TARGET/etc/ogAdmServer.cfg
1831	ln -f $INSTALL_TARGET/etc/ogAdmRepo-$DEFAULTDEV.cfg $INSTALL_TARGET/etc/ogAdmRepo.cfg
1832	ln -f $INSTALL_TARGET/etc/ogAdmAgent-$DEFAULTDEV.cfg $INSTALL_TARGET/etc/ogAdmAgent.cfg
1833	ln -f $INSTALL_TARGET/client/etc/ogAdmClient-$DEFAULTDEV.cfg $INSTALL_TARGET/client/etc/ogAdmClient.cfg
1834	ln -f $INSTALL_TARGET/www/controlacceso-$DEFAULTDEV.php $INSTALL_TARGET/www/controlacceso.php
1835
1836	sed -e "s%__UDSRESTURL__%$UDS_REST_URL%g" \
1837	-e "s%__UDSAUTH__%$UDS_AUTHENTICATOR%g" \
1838	-e "s%__UDSUSER__%$UDS_USER%g" \
1839	-e "s%__UDSPASS__%$UDS_PASS%g" \
1840	<$INSTALL_TARGET/www/includes/uds.php \|sponge $INSTALL_TARGET/www/includes/uds.php
1841	chmod 0640 $INSTALL_TARGET/www/includes/uds.php
1842
1843	# Configuración del motor de clonación.
1844	# - Zona horaria del servidor.
1845	TZ=$(timedatectl status\|awk -F"[:()]" '/Time.*zone/ {print $2}')
1846	cat << EOT >> $INSTALL_TARGET/client/etc/engine.cfg
1847	# OpenGnsys Server timezone.
1848	TZ="${TZ// /}"
1849	EOT
1850
1851	# Revisar permisos generales.
1852	if [ -x $INSTALL_TARGET/bin/checkperms ]; then
1853	echoAndLog "${FUNCNAME}(): Checking permissions."
1854	OPENGNSYS_DIR="$INSTALL_TARGET" OPENGNSYS_USER="$OPENGNSYS_CLIENT_USER" APACHE_USER="$APACHE_RUN_USER" APACHE_GROUP="$APACHE_RUN_GROUP" checkperms
1855	fi
1856
1857	# Evitar inicio de duplicado en Ubuntu 14.04 (Upstart y SysV Init).
1858	if [ -f /etc/init/${MYSQLSERV}.conf -a -n "$(which initctl 2>/dev/null)" ]; then
1859	service=$MYSQLSERV
1860	$DISABLESERVICE
1861	fi
1862
1863	# Actualizar tokens de autenticación e iniciar los servicios.
1864	service="opengnsys"
1865	$ENABLESERVICE
1866	if [ -x $INSTALL_TARGET/bin/settoken ]; then
1867	echoAndLog "${FUNCNAME}(): Setting authentication tokens and starting OpenGnsys services."
1868	$INSTALL_TARGET/bin/settoken "$OPENGNSYS_DB_USER"
1869	$INSTALL_TARGET/bin/settoken -f
1870	else
1871	echoAndLog "${FUNCNAME}(): Starting OpenGnsys services."
1872	$STARTSERVICE
1873	fi
1874	}
1875
1876
1877	#####################################################################
1878	####### Función de resumen informativo de la instalación
1879	#####################################################################
1880
1881	function installationSummary()
1882	{
1883	local VERSIONFILE REVISION
1884
1885	# Crear fichero de versión y revisión, si no existe.
1886	VERSIONFILE="$INSTALL_TARGET/doc/VERSION.json"
1887	[ -f $VERSIONFILE ] \|\| echo '{ "project": "OpenGnsys" }' >$VERSIONFILE
1888	# Incluir datos de revisión, si se está instalando desde el repositorio
1889	# de código o si no está incluida en el fichero de versión.
1890	if [ $REMOTE -eq 1 ] \|\| [ -z "$(jq -r '.release' $VERSIONFILE)" ]; then
1891	# Revisión: rAñoMesDía.Gitcommit (8 caracteres de fecha y 7 primeros de commit).
1892	RELEASE=$(curl -s "$API_URL/branches/$BRANCH" \| jq -r '"r" + (.commit.commit.committer.date \| split("-") \| join("")[:8]) + "." + (.commit.sha[:7])' 2>/dev/null)
1893	# Obtener revisión para etiqueta de versión en vez de rama de código.
1894	[ -z "$RELEASE" ] && RELEASE=$(curl -s $(curl -s "$API_URL/tags" \| jq -r ".[] \| select(.name==\"$BRANCH\").commit.url" 2>/dev/null) \| jq -r '"r" + (.commit.committer.date \| split("-") \| join("")[:8]) + "." + .sha[:7]' 2>/dev/null)
1895	jq ".release=\"$RELEASE\"" $VERSIONFILE \| sponge $VERSIONFILE
1896	fi
1897	VERSION="$(jq -r '[.project, .version, .codename, .release] \| join(" ")' $VERSIONFILE 2>/dev/null)"
1898
1899	# Mostrar información.
1900	echo
1901	echoAndLog "OpenGnsys Installation Summary"
1902	echo "=============================="
1903	echoAndLog "Project version: $VERSION"
1904	echoAndLog "Installation directory: $INSTALL_TARGET"
1905	echoAndLog "Installation log file: $LOG_FILE"
1906	echoAndLog "Repository directory: $INSTALL_TARGET/images"
1907	echoAndLog "DHCP configuration directory: $DHCPCFGDIR"
1908	echoAndLog "TFTP configuration directory: $TFTPCFGDIR"
1909	echoAndLog "Installed ogLive client: $(oglivecli list \| awk '{print $2}')"
1910	echoAndLog "Samba configuration directory: $SAMBACFGDIR"
1911	echoAndLog "Web Console URL: $OPENGNSYS_CONSOLEURL"
1912	echoAndLog "Web Console access data: entered by the user"
1913	if grep -q "^RUN_BTTRACK.*no" /etc/default/opengnsys; then
1914	echoAndLog "BitTorrent service is disabled."
1915	fi
1916	echo
1917	echoAndLog "Post-Installation Instructions:"
1918	echo "==============================="
1919	echoAndLog "You can improve server security by configuring firewall and SELinux,"
1920	echoAndLog " running \"$INSTALL_TARGET/lib/security-config\" script as root."
1921	echoAndLog "It's strongly recommended to synchronize this server with an NTP server."
1922	echoAndLog "Review or edit all configuration files."
1923	echoAndLog "Insert DHCP configuration data and restart service."
1924	echoAndLog "Optional: If you want to use BURG as boot manager, run"
1925	echoAndLog " \"curl $DOWNLOADURL/burg.tgz -o $INSTALL_TARGET/client/lib/burg.tgz\" as root."
1926	echoAndLog "Optional: Log-in as Web Console admin user."
1927	echoAndLog " - Review default Organization data and assign access to users."
1928	echoAndLog "Log-in as Web Console organization user."
1929	echoAndLog " - Insert OpenGnsys data (labs, computers, menus, etc)."
1930	echo
1931	}
1932
1933
1934
1935	#####################################################################
1936	####### Proceso de instalación de OpenGnsys
1937	#####################################################################
1938
1939	# Sólo ejecutable por usuario root
1940	if [ "$(whoami)" != 'root' ]; then
1941	echo "ERROR: this program must run under root privileges!!"
1942	exit 1
1943	fi
1944
1945	globalSetup $MY_BRANCH
1946	# Comprobar instalación previa.
1947	if cat $INSTALL_TARGET/doc/VERSION.* &>/dev/null; then
1948	echo "ERROR: OpenGnsys is already installed. Run \"$INSTALL_TARGET/lib/opengnsys_update.sh\" as root to update."
1949	exit 2
1950	fi
1951
1952	echoAndLog "OpenGnsys installation begins at $(date)"
1953	# Introducir datos de configuración y establecer variables globales.
1954	userData
1955
1956	mkdir -p $WORKDIR
1957	pushd $WORKDIR
1958
1959	# Detectar datos iniciales de auto-configuración del instalador.
1960	autoConfigure
1961
1962	# Detectar parámetros de red y comprobar si hay conexión.
1963	getNetworkSettings
1964	if [ $? -ne 0 ]; then
1965	errorAndLog "Error reading default network settings."
1966	exit 1
1967	fi
1968
1969	# Detener servicios de OpenGnsys, si están activos previamente.
1970	[ -f /etc/init.d/opengnsys ] && /etc/init.d/opengnsys stop
1971
1972	# Actualizar repositorios
1973	updatePackageList
1974
1975	# Instalación de dependencias (paquetes de sistema operativo).
1976	declare -a notinstalled
1977	checkDependencies DEPENDENCIES notinstalled
1978	if [ $? -ne 0 ]; then
1979	installDependencies notinstalled
1980	if [ $? -ne 0 ]; then
1981	echoAndLog "Error while installing some dependeces, please verify your server installation before continue"
1982	exit 1
1983	fi
1984	fi
1985	if [ -n "$INSTALLEXTRADEPS" ]; then
1986	echoAndLog "Installing extra dependencies"
1987	for (( i=0; i<${#INSTALLEXTRADEPS[*]}; i++ )); do
1988	eval ${INSTALLEXTRADEPS[i]}
1989	done
1990	fi
1991
1992	# Detectar datos de auto-configuración después de instalar paquetes.
1993	autoConfigurePost
1994
1995	# Arbol de directorios de OpenGnsys.
1996	createDirs ${INSTALL_TARGET}
1997	if [ $? -ne 0 ]; then
1998	errorAndLog "Error while creating directory paths!"
1999	exit 1
2000	fi
2001
2002	# Si es necesario, descarga el repositorio de código en directorio temporal
2003	set -x
2004	if [ $REMOTE -eq 1 ]; then
2005	downloadCode $GIT_REPO
2006	if [ $? -ne 0 ]; then
2007	errorAndLog "Error while getting code from the repository"
2008	exit 1
2009	fi
2010	else
2011	ln -fs "$(dirname $PROGRAMDIR)" opengnsys
2012	fi
2013	set +x
2014
2015	# TLS
2016	gatherCertsInfo
2017	if [ $? -ne 0 ]; then
2018	errorAndLog 'Not all required certificates have been provided, or privkey or DNS issues'
2019	exit 1
2020	fi
2021	[ $TLS_DATA_CA_EXPIRY ] && genAllCerts ## el usuario no nos ha dado sus certificados: generamos unos
2022	installAllCerts
2023	[ $TLS_DATA_CA_EXPIRY ] && makeCommonNamesResolvable ## el usuario no nos ha dado sus certificados: configuramos resolución de nombres en /etc/hosts
2024	configureStunnel
2025	if [ $? -ne 0 ]; then
2026	errorAndLog 'Error while setting stunnel up'
2027	exit 1
2028	fi
2029
2030	# Compilar código fuente de los servicios de OpenGnsys.
2031	servicesCompilation
2032	if [ $? -ne 0 ]; then
2033	errorAndLog "Error while compiling OpenGnsys services"
2034	exit 1
2035	fi
2036
2037	# Copiar carpeta Interface entre administración y motor de clonación.
2038	copyInterfaceAdm
2039	if [ $? -ne 0 ]; then
2040	errorAndLog "Error while copying Administration Interface"
2041	exit 1
2042	fi
2043
2044	# Configuración de TFTP.
2045	tftpConfigure
2046
2047	# Configuración de Samba.
2048	smbConfigure
2049	if [ $? -ne 0 ]; then
2050	errorAndLog "Error while configuring Samba server!"
2051	exit 1
2052	fi
2053
2054	# Configuración de Rsync.
2055	rsyncConfigure
2056
2057	# Configuración ejemplo DHCP.
2058	dhcpConfigure
2059	if [ $? -ne 0 ]; then
2060	errorAndLog "Error while copying your dhcp server files!"
2061	exit 1
2062	fi
2063
2064	# Copiar ficheros de servicios OpenGnsys Server.
2065	copyServerFiles ${INSTALL_TARGET}
2066	if [ $? -ne 0 ]; then
2067	errorAndLog "Error while copying the server files!"
2068	exit 1
2069	fi
2070	INSTVERSION=$(jq -r '.version' $INSTALL_TARGET/doc/VERSION.json)
2071
2072	# Instalar base de datos de OpenGnsys Admin.
2073	isInArray notinstalled "mysql-server" \|\| isInArray notinstalled "mariadb-server"
2074	if [ $? -eq 0 ]; then
2075	# Enable database manager (MySQL, if missing, MariaDB).
2076	service=$MYSQLSERV
2077	$ENABLESERVICE
2078	if [ $? != 0 ]; then
2079	service=$MARIADBSERV
2080	$ENABLESERVICE
2081	fi
2082	# Start database manager.
2083	$STARTSERVICE
2084	# Asignar clave del usuario "root".
2085	mysqlSetRootPassword "${MYSQL_ROOT_PASSWORD}"
2086	else
2087	# Si ya está instalado el gestor de bases de datos, obtener clave de "root".
2088	mysqlGetRootPassword
2089	fi
2090
2091	# Copy MySQL configuration template
2092	cp $WORKDIR/opengnsys/server/etc/mysqld-og.cnf $MYSQLCFGDIR 2>/dev/null
2093	# Restart database manager.
2094	$STARTSERVICE
2095
2096	mysqlTestConnection "${MYSQL_ROOT_PASSWORD}"
2097	if [ $? -ne 0 ]; then
2098	errorAndLog "Error while connection to mysql"
2099	exit 1
2100	fi
2101	mysqlDbExists ${OPENGNSYS_DATABASE}
2102	if [ $? -ne 0 ]; then
2103	echoAndLog "Creating Web Console database"
2104	mysqlCreateDb ${OPENGNSYS_DATABASE}
2105	if [ $? -ne 0 ]; then
2106	errorAndLog "Error while creating Web Console database"
2107	exit 1
2108	fi
2109	else
2110	echoAndLog "Web Console database exists, ommiting creation"
2111	fi
2112
2113	mysqlCheckUserExists ${OPENGNSYS_DB_USER}
2114	if [ $? -ne 0 ]; then
2115	echoAndLog "Creating user in database"
2116	mysqlCreateAdminUserToDb ${OPENGNSYS_DATABASE} ${OPENGNSYS_DB_USER} "${OPENGNSYS_DB_PASSWD}"
2117	if [ $? -ne 0 ]; then
2118	errorAndLog "Error while creating database user"
2119	exit 1
2120	fi
2121
2122	fi
2123
2124	mysqlCheckDbIsEmpty ${OPENGNSYS_DATABASE}
2125	if [ $? -eq 0 ]; then
2126	echoAndLog "Creating tables..."
2127	if [ -f $WORKDIR/$OPENGNSYS_DB_CREATION_FILE ]; then
2128	mysqlImportSqlFileToDb ${OPENGNSYS_DATABASE} $WORKDIR/$OPENGNSYS_DB_CREATION_FILE
2129	else
2130	errorAndLog "Unable to locate $WORKDIR/$OPENGNSYS_DB_CREATION_FILE!!"
2131	exit 1
2132	fi
2133	else
2134	# Si existe fichero ogBDAdmin-VersLocal-VersRepo.sql; aplicar cambios.
2135	REPOVERSION=$(jq -r '.version' $WORKDIR/opengnsys/doc/VERSION.json)
2136	OPENGNSYS_DB_UPDATE_FILE="opengnsys/admin/Database/$OPENGNSYS_DATABASE-$INSTVERSION-$REPOVERSION.sql"
2137	if [ -f $WORKDIR/$OPENGNSYS_DB_UPDATE_FILE ]; then
2138	echoAndLog "Updating tables from version $INSTVERSION to $REPOVERSION"
2139	mysqlImportSqlFileToDb ${OPENGNSYS_DATABASE} $WORKDIR/$OPENGNSYS_DB_UPDATE_FILE
2140	else
2141	echoAndLog "Database unchanged."
2142	fi
2143	fi
2144	# Eliminar fichero temporal con credenciales de acceso a MySQL.
2145	rm -f $TMPMYCNF
2146
2147	# Copiando páqinas web.
2148	installWebFiles
2149	# Configurar variables de PHP
2150	configurePHPvars $TLS_DATA_OGADMSRV_CN $TLS_DATA_OGADMSRV_LISTEN_PORT
2151	# Descargar/descomprimir archivos descargables.
2152	installDownloadableFiles
2153	# Generar páqinas web de documentación de la API
2154	makeDoxygenFiles
2155
2156	# Creando configuración de Apache.
2157	installWebConsoleApacheConf $INSTALL_TARGET $APACHECFGDIR
2158	if [ $? -ne 0 ]; then
2159	errorAndLog "Error configuring Apache for OpenGnsys Admin"
2160	exit 1
2161	fi
2162
2163	popd
2164
2165	# Crear la estructura de los accesos al servidor desde el cliente (shared)
2166	copyClientFiles
2167	if [ $? -ne 0 ]; then
2168	errorAndLog "Error creating client structure"
2169	fi
2170
2171	# Crear certificado para firmar cargadores
2172	createCerts
2173
2174	# Crear la estructura del cliente de OpenGnsys.
2175	for i in $OGLIVE; do
2176	if ! clientCreate "$i"; then
2177	errorAndLog "Error creating client $i"
2178	exit 1
2179	fi
2180	done
2181
2182	# Configuración de servicios de OpenGnsys
2183	openGnsysConfigure
2184
2185	# Mostrar sumario de la instalación e instrucciones de post-instalación.
2186	installationSummary
2187
2188	rm -rf $WORKDIR
2189	echoAndLog "OpenGnsys installation finished at $(date)"
2190	exit 0
2191

Note: See TracBrowser for help on using the repository browser.

Download in other formats: