Add playSMS install, improve global install
This commit is contained in:
parent
ce4a730f6c
commit
16f6c4c0bf
|
@ -0,0 +1,123 @@
|
|||
#!/bin/bash
|
||||
|
||||
MY_PATH="`dirname \"$0\"`" # relative
|
||||
MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized
|
||||
|
||||
unset err
|
||||
|
||||
echo -e "${c_yellow}Choisissez un nom de domain pour playsms: $c_"
|
||||
read PSMS_DOMAIN
|
||||
|
||||
sudo apt -y update
|
||||
sudo apt -y install nginx php7.3-fpm php7.3-gd php7.3-mysql php7.3-curl php7.3-imap php7.3-mbstring php7.3-xml php7.3-cli mysql-server
|
||||
|
||||
## Create database
|
||||
|
||||
if [[ ! $(sudo mysql -e "show databases;" | grep playsms) ]]; then
|
||||
sudo mysql -e "CREATE DATABASE playsms"
|
||||
sudo mysql -e "CREATE USER 'playsms'@'localhost' IDENTIFIED BY 'playsms@mdp+';"
|
||||
sudo mysql -e "GRANT ALL PRIVILEGES ON playsms.* TO 'playsms'@'localhost';"
|
||||
sudo mysql -e "FLUSH PRIVILEGES;"
|
||||
fi
|
||||
|
||||
## Clone repo playSMS
|
||||
git clone https://github.com/antonraharja/playSMS.git $MY_PATH/playsms
|
||||
|
||||
cp $MY_PATH/templates/install-playsms.conf $MY_PATH/playsms/install.conf
|
||||
pwdDB=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 42 | head -n 1)
|
||||
sed -i "s/_pwdDB/$pwdDB/g" $MY_PATH/playsms/install.conf
|
||||
|
||||
sudo chmod u+x $MY_PATH/playsms/install-playsms.sh
|
||||
cd $MY_PATH/playsms
|
||||
sudo ./install-playsms.sh
|
||||
cd $MY_PATH
|
||||
sudo rm -rf playsms
|
||||
|
||||
|
||||
## Start playsmsd on boot
|
||||
sudo /usr/local/bin/playsmsd start
|
||||
[[ ! $(grep playsmsd /etc/rc.local) ]] && sudo sed -i '/^exit 0.*/i /usr/local/bin/playsmsd start' /etc/rc.local
|
||||
|
||||
## Tests
|
||||
if [[ $(sudo playsmsd status) =~ "is running" ]]; then
|
||||
echo -e "${c_green}playSMS a été installé correctement et le daemon est démarré =)$c_"
|
||||
else
|
||||
echo -e "${c_red}Une erreur est survenu$c_"
|
||||
err=1
|
||||
fi
|
||||
|
||||
## Config NGINX
|
||||
|
||||
[[ ! -d /etc/nginx/def_conf ]] && sudo mkdir /etc/nginx/def_conf/
|
||||
sudo cp $MY_PATH/templates/proxypass.conf /etc/nginx/def_conf/
|
||||
sudo cp $MY_PATH/templates/playsms.conf /etc/nginx/conf.d/
|
||||
sudo sed -i "s/_PSMS_DOMAIN/$PSMS_DOMAIN/" /etc/nginx/conf.d/playsms.conf
|
||||
|
||||
## Active SSL
|
||||
|
||||
manageSSL() {
|
||||
|
||||
local action=$1
|
||||
[[ ! $action =~ ^(on|off|certif)$ ]] && echo "Veuillez choisir ssl, nonssl ou certif pour créer un certificat ssl" && exit 1
|
||||
|
||||
install_certbot(){
|
||||
if [[ $(grep buster /etc/os-release) ]]; then
|
||||
[[ -z $(cat /etc/apt/sources.list | grep "buster-backports main") ]] && echo "deb http://deb.debian.org/debian buster-backports main" >> /etc/apt/sources.list
|
||||
sudo apt update
|
||||
sudo apt install certbot python-certbot-nginx -t buster-backports -y
|
||||
elif [[ $(grep stretch /etc/os-release) ]]; then
|
||||
sudo apt update
|
||||
sudo apt install certbot python-certbot-nginx -y
|
||||
fi
|
||||
}
|
||||
|
||||
create_certificate() {
|
||||
sudo certbot --nginx certonly --non-interactive --agree-tos -m $USER@$PSMS_DOMAIN -d $PSMS_DOMAIN && echo "Le certificat de $PSMS_DOMAIN a bien été déployé" || echo "Une erreur s'est produite lors de la création du certificat SSL"
|
||||
|
||||
## Cronification
|
||||
[[ ! -e /opt/scripts ]] && sudo mkdir /opt/scripts
|
||||
sudo cp $MY_PATH/templates/ssl_renew.sh /opt/scripts/
|
||||
[[ -z $(sudo crontab -l | grep "/opt/scripts/ssl_renew.sh") ]] && (sudo crontab -l ; sudo echo "12 2 * * 1 /opt/scripts/ssl_renew.sh") | sudo crontab -u root -
|
||||
}
|
||||
|
||||
|
||||
case $action in
|
||||
on)
|
||||
sudo sed -i 's/ #if/ if/' /etc/nginx/conf.d/playsms.conf
|
||||
|
||||
sudo sed -i "s/listen 443;/listen 443 ssl;/" /etc/nginx/conf.d/playsms.conf
|
||||
[[ ! -d /etc/nginx/includes ]] && sudo mkdir /etc/nginx/includes
|
||||
sudo cp $MY_PATH/templates/ssl.conf /etc/nginx/includes/
|
||||
sudo sed -i "/Content-Security-Policy/a \ include includes/ssl.conf;\n ssl_certificate /etc/letsencrypt/live/$PSMS_DOMAIN/fullchain.pem;\n ssl_certificate_key /etc/letsencrypt/live/$PSMS_DOMAIN/privkey.pem;" /etc/nginx/conf.d/playsms.conf
|
||||
;;
|
||||
|
||||
off)
|
||||
sudo sed -i 's/ if/ #if/' /etc/nginx/conf.d/playsms.conf
|
||||
sudo sed -i '/ssl.conf;/d' /etc/nginx/conf.d/playsms.conf
|
||||
sudo sed -i '/ssl_certificate/d' /etc/nginx/conf.d/playsms.conf
|
||||
;;
|
||||
certif)
|
||||
[[ -z $(which certbot) ]] && install_certbot
|
||||
[[ -n /etc/letsencrypt/live/$PSMS_DOMAIN/fullchain.pem ]] && create_certificate
|
||||
;;
|
||||
|
||||
esac
|
||||
}
|
||||
|
||||
echo -e "${c_yellow}playSMS ne fonctionne pas sans certifcat SSL.$c_"
|
||||
printf "${c_yellow}Voulez activer installer un certificat SSL maintenant pour $PSMS_DOMAIN ? (o/n) $c_"
|
||||
read askSSL
|
||||
if [[ $askSSL =~ ^(o|y|yes|oui|Y|O|YES)$ ]]; then
|
||||
manageSSL certif
|
||||
if sudo test -f /etc/letsencrypt/live/$PSMS_DOMAIN/fullchain.pem; then manageSSL on; else manageSSL off && echo "Une erreur s'est produite, basculement vers le mode non SSL"; fi
|
||||
http=https
|
||||
else
|
||||
manageSSL off
|
||||
http=http
|
||||
fi
|
||||
|
||||
sudo service nginx restart
|
||||
|
||||
[[ ! $err ]] && echo -e "${c_green}Félicitation ! playSMS est accessible via l'URL $http://$PSMS_DOMAIN" || echo -e "${c_red}Installation incomplète$c_"
|
||||
|
||||
exit 0
|
|
@ -0,0 +1,7 @@
|
|||
#!/bin/bash
|
||||
|
||||
ADMINPSEUDO=
|
||||
ADMINPHONE=
|
||||
MASTERPHONE=
|
||||
ADRESSE=
|
||||
|
|
@ -0,0 +1,43 @@
|
|||
# MySQL database username
|
||||
DBUSER="playsms"
|
||||
|
||||
# MySQL database password
|
||||
DBPASS="_pwdDB"
|
||||
|
||||
# MySQL database name
|
||||
DBNAME="playsms"
|
||||
|
||||
# MySQL database host
|
||||
DBHOST="localhost"
|
||||
|
||||
# MySQL database port
|
||||
DBPORT="3306"
|
||||
|
||||
# Web server's user, for example apache2 user by default is www-data
|
||||
# note: please make sure your web server user
|
||||
WEBSERVERUSER="www-data"
|
||||
|
||||
# Web server's group, for example apache2 group by default is www-data
|
||||
# note: please make sure your web server group
|
||||
WEBSERVERGROUP="www-data"
|
||||
|
||||
# Path to playSMS extracted source files
|
||||
PATHSRC="$(pwd)"
|
||||
|
||||
# Path to playSMS web files
|
||||
# note: please make sure your web root path, in this example its /var/www/html
|
||||
PATHWEB="/var/www/playsms"
|
||||
|
||||
# Path to playSMS additional files
|
||||
PATHLIB="/var/www/playsms/lib/"
|
||||
|
||||
# Path to playSMS daemon and other binary files
|
||||
PATHBIN="/usr/local/bin"
|
||||
|
||||
# Path to playSMS log files
|
||||
PATHLOG="/var/log/playsms"
|
||||
|
||||
# Path to playSMS daemon configuration file
|
||||
# note: this example will create playsmsd.conf in /etc
|
||||
PATHCONF="/etc"
|
||||
|
|
@ -0,0 +1,40 @@
|
|||
server {
|
||||
listen 80;
|
||||
listen 443;
|
||||
listen [::]:443 ssl;
|
||||
server_name _PSMS_DOMAIN;
|
||||
|
||||
add_header Content-Security-Policy upgrade-insecure-requests;
|
||||
add_header 'Access-Control-Allow-Origin' '*';
|
||||
|
||||
#if ($http_x_forwarded_proto = "http") { return 301 https://$server_name$request_uri; }
|
||||
|
||||
location / {
|
||||
try_files $uri/ $uri /index.php?/$request_uri; # =404;
|
||||
include /etc/nginx/def_conf/proxypass.conf;
|
||||
}
|
||||
|
||||
|
||||
index index.php index.html;
|
||||
root /var/www/playsms/;
|
||||
|
||||
# set expiration of assets to MAX for caching
|
||||
location ~* \.(ico|css|js|gif|jpe?g|png)(\?[0-9]+)?$ {
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
# php parsing
|
||||
location ~ \.php$ {
|
||||
include fastcgi_params;
|
||||
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME $request_filename;
|
||||
}
|
||||
|
||||
error_log /var/log/nginx/playsms_error.log;
|
||||
access_log /var/log/nginx/playsms_access.log;
|
||||
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forward-Proto http;
|
||||
proxy_set_header X-Nginx-Proxy true;
|
||||
|
|
@ -0,0 +1,16 @@
|
|||
ssl_session_timeout 4h;
|
||||
ssl_session_cache shared:SSL:50m;
|
||||
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-CBC-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
|
||||
ssl_prefer_server_ciphers on;
|
||||
|
||||
add_header Strict-Transport-Security max-age=15768000;
|
||||
|
||||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
|
||||
resolver 8.8.8.8 8.8.4.4 valid=86400;
|
||||
resolver_timeout 10;
|
||||
|
||||
ssl_session_tickets on;
|
|
@ -0,0 +1,26 @@
|
|||
#!/bin/bash
|
||||
|
||||
log="/var/log/ssl_renew.log"
|
||||
date=$(date +%d-%m-%Y)
|
||||
|
||||
renew=$(certbot renew --pre-hook "service nginx stop" --post-hook "service nginx start")
|
||||
|
||||
echo "####################################################################################" >> $log
|
||||
echo "#################################### $date ####################################" >> $log
|
||||
echo "####################################################################################" >> $log
|
||||
|
||||
echo "$renew" >> $log
|
||||
|
||||
if [[ $renew = *"No hooks were run"* ]]; then
|
||||
echo "Rien n'a été fait" >> $log
|
||||
else
|
||||
sleep 5
|
||||
sudo service nginx stop
|
||||
sleep 1
|
||||
killall nginx
|
||||
sleep 3
|
||||
sudo service nginx restart &>> $log
|
||||
echo "Des certificats ont été renouvellés" >> $log
|
||||
fi
|
||||
|
||||
exit 0
|
|
@ -0,0 +1,7 @@
|
|||
#!/bin/bash
|
||||
|
||||
ADMINPSEUDO=poka
|
||||
ADMINPHONE=0650573417
|
||||
MASTERPHONE=0699999999
|
||||
ADRESSE=Blois
|
||||
|
68
install.sh
68
install.sh
|
@ -8,59 +8,58 @@ MY_PATH="`dirname \"$0\"`" # relative
|
|||
MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized
|
||||
init_loc="$MY_PATH/shell/init.sh"
|
||||
now=$(date +%Y-%m-%d)
|
||||
repOption=$1
|
||||
#force_req="o"
|
||||
|
||||
## Update G1sms+ code
|
||||
git pull
|
||||
args="$@"
|
||||
[[ $args =~ all ]] && repOption=o
|
||||
[[ $args =~ noptions ]] && repOption=n
|
||||
[[ $args =~ force ]] && force_req=o
|
||||
[[ $args =~ noask ]] && noask=o
|
||||
|
||||
chmod u+x $MY_PATH/.install/*.sh
|
||||
unset err
|
||||
|
||||
if [ "$EUID" -eq 0 ]
|
||||
then echo -e "${c_red}Veuillez ne pas executez ce script en root. Choisissez un utilisateur pour votre serveur G1sms+ (nous recommandons l'utilisateur pi)$c_"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
## Update G1sms+ code
|
||||
git pull || err=1
|
||||
|
||||
chmod u+x $MY_PATH/.install/*.sh
|
||||
|
||||
$MY_PATH/.install/export_colors.sh
|
||||
[[ -f ~/.bash_aliases ]] && source ~/.bash_aliases
|
||||
|
||||
## Vérifie si IPFS est installé
|
||||
if [[ $force_req == "o" || -z $(which ipfs) || -z $(which gammu) ]];then
|
||||
echo -e "${c_yellow}IPFS ou gammu n'ont pas été détectés sur votre machine, nous allons installer tous les prérequis...$c_"
|
||||
$MY_PATH/.install/install_requirements.sh
|
||||
$MY_PATH/.install/configure_ipfs_layer.sh
|
||||
$MY_PATH/.install/1-install_requirements.sh || err=1
|
||||
$MY_PATH/.install/2-configure_ipfs_layer.sh || err=1
|
||||
else
|
||||
echo -e "${c_green}IPFS et gammu sont déjà installé !$c_"
|
||||
fi
|
||||
|
||||
echo -e "${c_yellow}Ce script va désormais configurer votre noeud G1sms+$c_"
|
||||
IPFS=$(ps auxf --sort=+utime | grep -w ipfs | grep -v -E 'color=auto|grep' | tail -n 1 | cut -d " " -f 1);
|
||||
YOU=$(ps auxf --sort=+utime | grep -w ipfs | grep -v -E 'color=auto|grep' | tail -n 1 | cut -d " " -f 1);
|
||||
|
||||
[[ -f .profile ]] && source .profile
|
||||
if [[ -f $MY_PATH/.install/templates/init.sh ]]; then
|
||||
echo -e "${c_light}Quel est l'utilisateur du système IPFS (détecté: $IPFS)?$c_"
|
||||
read YOU
|
||||
if [[ "$YOU" == "" ]]; then YOU=$IPFS; fi
|
||||
[[ ! $ADMINPSEUDO ]] && echo -e "${c_light}Votre PSEUDO? (celui de votre Compte membre Duniter)$c_" && read ADMINPSEUDO
|
||||
[[ "$ADMINPSEUDO" == "" ]] && echo -e "${c_red}IMPOSSIBLE DE CONTINUER$c_" && exit 1
|
||||
|
||||
echo -e "${c_light}Votre PSEUDO? (celui de votre Compte membre Duniter)$c_"
|
||||
read ADMINPSEUDO
|
||||
if [[ "$ADMINPSEUDO" == "" ]]; then echo -e "${c_red}IMPOSSIBLE DE CONTINUER$c_"; exit; fi
|
||||
[[ ! $ADMINPHONE ]] && echo -e "${c_light}Le Numéro de téléphone SMS Admin? (Support de ce noeud) (ex +33611223344)$c_" && read ADMINPHONE
|
||||
[[ "$ADMINPHONE" == "" ]] && echo -e "${c_red}IMPOSSIBLE DE CONTINUER$c_" && exit 1
|
||||
|
||||
echo -e "${c_light}Le Numéro de téléphone SMS Admin? (Support de ce noeud) (ex +33611223344)$c_"
|
||||
read ADMINPHONE
|
||||
if [[ "$ADMINPHONE" == "" ]]; then echo -e "${c_red}IMPOSSIBLE DE CONTINUER$c_"; exit; fi
|
||||
[[ ! $MASTERPHONE ]] && echo -e "${c_light}Le numéro de la carte SIM, du module SMS. AUCUNE liaison SMS? Laissez vide (défaut: +33600000000)$c_" && read MASTERPHONE
|
||||
[[ "$MASTERPHONE" == "" ]] && MASTERPHONE="+33600000000"
|
||||
|
||||
echo -e "${c_light}Le numéro de la carte SIM, du module SMS. AUCUNE liaison SMS? Laissez vide (défaut: +33600000000)$c_"
|
||||
read MASTERPHONE
|
||||
if [[ "$MASTERPHONE" == "" ]]; then MASTERPHONE="+33600000000"; fi
|
||||
[[ ! $ADRESSE ]] && echo -e "${c_light}L'adresse où se trouve votre G1Node pour indiquer où venir chercher ses G1Tag (ex: au G1FabLab de Toulouse)$c_" && read ADRESSE
|
||||
|
||||
echo -e "${c_light}L'adresse où se trouve votre G1Node pour indiquer où venir chercher ses G1Tag (ex: au G1FabLab de Toulouse)$c_"
|
||||
read ADRESSE
|
||||
|
||||
echo -e "${c_light}${c_blue}LES PARAMETRES SONT BONS? Appliquer? ENTER ou CTRL-C ?$c_"
|
||||
read
|
||||
echo -e "ADMINPSEUDO: $ADMINPSEUDO\nADMINPHONE: $ADMINPHONE\nMASTERPHONE: $MASTERPHONE\nADRESSE: $ADRESSE"
|
||||
[[ $noask != "o" ]] && echo -e "${c_light}${c_blue}LES PARAMETRES SONT BONS? Appliquer? ENTER ou CTRL-C ?$c_" && read
|
||||
|
||||
[[ -f shell/init.sh ]] && mv shell/init.sh shell/init.sh.old
|
||||
cp $MY_PATH/.install/templates/init.sh shell/init.sh
|
||||
cp $MY_PATH/.install/templates/init.sh shell/init.sh || err=1
|
||||
|
||||
sed -i s/pi/$YOU/g $init_loc
|
||||
sed -i s/+33600000000/$MASTERPHONE/g $init_loc
|
||||
|
@ -68,13 +67,24 @@ if [[ -f $MY_PATH/.install/templates/init.sh ]]; then
|
|||
sed -i s/+33647683646/$ADMINPHONE/g $init_loc
|
||||
sed -i s/Fred/$ADMINPSEUDO/g $init_loc
|
||||
|
||||
cat $init_loc
|
||||
cat $init_loc || err=1
|
||||
else
|
||||
echo -e "${c_red}init.sh introuvable...$c_"
|
||||
err=1
|
||||
exit 1
|
||||
fi
|
||||
|
||||
## Installation optionnel de copylaradio
|
||||
## Installations optionnels
|
||||
|
||||
repOld=$repOption
|
||||
[[ -z $repOption ]] && echo -e "${c_yellow}Voulez-vous installer les modules complémentaires de copylaradio ? (o/n)$c_" && read repOption
|
||||
[[ $repOption =~ ^(o|1|yes|options)$ ]] && .install/install_optional.sh
|
||||
[[ $repOption =~ ^(o|1|yes|options|a|all)$ ]] && .install/3-install_copylaradio.sh; repOption=$repOld
|
||||
[[ -z $repOption ]] && echo -e "${c_yellow}Voulez-vous installer l'interface web playSMS ? (o/n)$c_" && read repOption
|
||||
[[ $repOption =~ ^(o|1|yes|options|a|all)$ ]] && .install/4-install_playsms.sh; repOption=$repOld
|
||||
|
||||
if [[ $err ]]; then
|
||||
echo -e "---\n${c_red}L'installation n'est mal déroulé =($c_"
|
||||
else
|
||||
echo -e "---\n${c_green}L'installation de votre noeud G1SMS est terminé !\nBienvenue à bord =)$c_"
|
||||
fi
|
||||
exit 0
|
||||
|
|
Loading…
Reference in New Issue