From c6d01d58d54eeda75a69a60f4ec84fb3f3e1ea2e Mon Sep 17 00:00:00 2001 From: Jonas Almroth Date: Mon, 27 Sep 2021 08:34:52 +0200 Subject: [PATCH 1/2] Add unattended installation script for Debian 10/11 and Ubuntu 20.04 --- utils/unattended-setup-debian.sh | 334 +++++++++++++++++++++++++++++++ 1 file changed, 334 insertions(+) create mode 100644 utils/unattended-setup-debian.sh diff --git a/utils/unattended-setup-debian.sh b/utils/unattended-setup-debian.sh new file mode 100644 index 000000000..92cd442e6 --- /dev/null +++ b/utils/unattended-setup-debian.sh @@ -0,0 +1,334 @@ +#!/usr/bin/env bash +# +# Unattended Linshare installation on Debian 10/11 and Ubuntu 20.04 +# +# Variables +export LS_VERSION="4.2.2" +export MDB_VERSION="4.2" +export TNS_VERSION="2.1.1" +export PGPASSWORD="ThisIsNotAPassword" +export ADMIN_HOST="linshare-admin.local" +export USER_HOST="linshare-user.local" +export UPLOAD_HOST="linshare-upload.local" +export WWW_ROOT="/var/www" +export LS_TMPDIR="/tmp/linshare_data" +# Start a Python web server in the directory where you have downloaded the Linshare files from http://download.linshare.org/versions/ +# 192.168.1.1 is the IP address of the host with the downloaded files. +# (If you want to download the files directly from the repository, you need to install maven and rewrite the getFile() function.) +## python3 -m http.server 9000 +export DL_SRC="http://192.168.1.1:9000" + +# Constants (do not change) +export CFG_FILE="/etc/linshare/linshare.properties" +export PGHOST="localhost" +export PGDATABASE="linshare" +export PGUSER="linshare" + +mkdir -p ${LS_TMPDIR} + +OS=$(lsb_release -s -c) +case ${OS} in + focal) + echo "Detected operating system: Ubuntu 20.04 (Focal Fossa)" + export PG_VERSION="12" + echo "deb [ arch=amd64 ] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/${MDB_VERSION} multiverse" > ${LS_TMPDIR}/mongodb-org-${MDB_VERSION}.list + ;; + buster) + echo "Detected operating system: Debian 10 (Buster)" + export PG_VERSION="11" + echo "deb [ arch=amd64 ] https://repo.mongodb.org/apt/debian buster/mongodb-org/${MDB_VERSION} main" > ${LS_TMPDIR}/mongodb-org-${MDB_VERSION}.list + ;; + bullseye) + echo "Detected operating system: Debian 11 (Bullseye)" + export PG_VERSION="13" + echo "deb [ arch=amd64 ] https://repo.mongodb.org/apt/debian buster/mongodb-org/${MDB_VERSION} main" > ${LS_TMPDIR}/mongodb-org-${MDB_VERSION}.list + ;; + *) + echo "ERROR : Unsupported distribution ${OS}. Supported versions are Ubuntu 20.04 (Focal Fossa), Debian 10 (Buster) and Debian 11 (Bullseye)." + exit 1 +esac + +function installDependencies() { + echo "Install dependencies" + + apt update + apt install -y gnupg gnupg2 + + mkdir -p /etc/apt/sources.list.d/ + mv ${LS_TMPDIR}/mongodb-org-${MDB_VERSION}.list /etc/apt/sources.list.d/ + wget -qO - https://www.mongodb.org/static/pgp/server-${MDB_VERSION}.asc | apt-key add - + apt update + apt install -y openjdk-11-jdk unzip bzip2 postgresql tomcat9 apache2 mongodb-org +} + +function getFile() { + local _MYFILE=$1 + + cd ${LS_TMPDIR} + if [ ! -f "${_MYFILE}" ]; then + wget --quiet ${DL_SRC}/${_MYFILE} + if [ "$?" -ne 0 ]; then + echo "ERROR 404: The file ${DL_SRC}/${_MYFILE} was not found. Terminating script." + exit 1 + fi + fi + if [ ! -f "${_MYFILE}.sha1" ]; then + wget --quiet ${DL_SRC}/${_MYFILE}.sha1 + if [ "$?" -ne 0 ]; then + echo "ERROR 404: The file ${DL_SRC}/${_MYFILE}.sha1 was not found. Terminating script." + exit 1 + fi + fi + # The checksum verification is an ugly hack because the sha1 files are missing the file name. + SHA1_FILE=$(sha1sum ${_MYFILE} | cut -d' ' -f1) + SHA1_VERIFY=$(cat ${_MYFILE}.sha1) + if [ "${SHA1_FILE}" == "${SHA1_VERIFY}" ]; then + echo "File: ${_MYFILE} is downloaded and checksums match." + else + echo "File: ${_MYFILE} could not be downloaded correctly or checksums don't match." + echo "ERROR: Terminating script." + exit 1 + fi +} + +function downloadFiles() { + echo "Download linshare archives" + cd ${LS_TMPDIR} + getFile "linshare-core-${LS_VERSION}-documentation-webservices.tar.bz2" + getFile "linshare-ui-admin-${LS_VERSION}.tar.bz2" + getFile "linshare-ui-upload-request-${LS_VERSION}.tar.bz2" + getFile "linshare-ui-user-${LS_VERSION}.tar.bz2" + getFile "linshare-core-${LS_VERSION}-sql.tar.bz2" + getFile "linshare-core-${LS_VERSION}.war" +} + +function unpackLinshareCore() { + echo "Unpack Linshare Core" + mkdir -p /etc/linshare + unzip -o -j -d /etc/linshare/ ${LS_TMPDIR}/linshare-core-${LS_VERSION}.war WEB-INF/classes/{linshare,log4j}.* + mv ${CFG_FILE}.sample ${CFG_FILE} +} + +function configurePostgres() { + echo "Configure Postgres ${PG_VERSION}" + cat <> /etc/postgresql/${PG_VERSION}/main/pg_hba.conf +# TYPE DATABASE USER CIDR-ADDRESS METHOD +local ${PGDATABASE} ${PGUSER} md5 +host ${PGDATABASE} ${PGUSER} 127.0.0.1/32 md5 +host ${PGDATABASE} ${PGUSER} ::1/128 md5 +EOF + + systemctl restart postgresql + + tar xjvf ${LS_TMPDIR}/linshare-core-${LS_VERSION}-sql.tar.bz2 -C ${LS_TMPDIR} + + cat < ${LS_TMPDIR}/postgres-initial.sql +CREATE ROLE linshare + ENCRYPTED PASSWORD '${PGPASSWORD}' + NOSUPERUSER NOCREATEDB NOCREATEROLE INHERIT LOGIN; + +CREATE DATABASE ${PGDATABASE} + WITH OWNER = ${PGUSER} + ENCODING = 'UTF8' + TABLESPACE = pg_default + LC_COLLATE = 'en_US.UTF-8' + LC_CTYPE = 'en_US.UTF-8' + CONNECTION LIMIT = -1; +GRANT ALL ON DATABASE ${PGDATABASE} TO ${PGUSER}; +\q +EOF + + runuser -l postgres -c "psql -f ${LS_TMPDIR}/postgres-initial.sql" + psql -f ${LS_TMPDIR}/linshare-core-sql/postgresql/createSchema.sql + psql -f ${LS_TMPDIR}/linshare-core-sql/postgresql/import-postgresql.sql + + sed -i "s/linshare.db.username=.*/linshare.db.username=${PGUSER}/g" ${CFG_FILE} + sed -i "s/linshare.db.password=.*/linshare.db.password=${PGPASSWORD}/g" ${CFG_FILE} +} + +function configureMongoDB() { + echo "Configure MongoDB ${MDB_VERSION}" + chown -R mongodb:mongodb /var/lib/mongodb + systemctl start mongod + systemctl enable mongod + echo "Starting mongodb ..." + sleep 5 + mongo < /etc/default/tomcat9 +JAVA_OPTS="${JAVA_OPTS} -Xms512m -Xmx2048m" +JAVA_OPTS="${JAVA_OPTS} -Dlinshare.config.path=file:/etc/linshare/" +JAVA_OPTS="${JAVA_OPTS} -Dlog4j.configuration=file:/etc/linshare/log4j.properties" +JAVA_OPTS="${JAVA_OPTS} -Dspring.profiles.active=default,jcloud,batches" +EOF + + mkdir -p /etc/systemd/system/tomcat9.service.d + mkdir -p /var/lib/linshare/tmp + mkdir -p /var/lib/linshare/filesystemstorage + chown -R tomcat:tomcat /var/lib/linshare + + cat <> /etc/systemd/system/tomcat9.service.d/override.conf +[Service] +ReadWritePaths=/var/lib/linshare +EOF + + mv ${LS_TMPDIR}/linshare-core-${LS_VERSION}.war /var/lib/tomcat9/webapps/linshare.war + + MATCH="jarsToSkip" + NEWLINE="jclouds-bouncycastle-1.9.2.jar,bcprov-*.jar,\\\\" + sed -i "/${MATCH}/a ${NEWLINE}" /var/lib/tomcat9/conf/catalina.properties + + systemctl daemon-reload + systemctl restart tomcat9 +} + +function configureApache() { + echo "Configure Apache" + + mkdir -p ${WWW_ROOT} + + tar xjf ${LS_TMPDIR}/linshare-ui-user-${LS_VERSION}.tar.bz2 -C ${WWW_ROOT}/ + chown -R www-data: ${WWW_ROOT}/linshare-ui-user + + echo "Enable modules" + a2enmod ssl + a2enmod headers + a2enmod proxy proxy_http + a2dissite 000-default + + echo "Create User UI virtualhost" + cat < /etc/apache2/sites-available/linshare-ui-user.conf + +ServerName ${USER_HOST} +DocumentRoot ${WWW_ROOT}/linshare-ui-user + + ProxyPass http://127.0.0.1:8080/linshare + ProxyPassReverse http://127.0.0.1:8080/linshare + ProxyPassReverseCookiePath /linshare / + + # Workaround to remove httpOnly flag (could also be done with tomcat) + Header edit Set-Cookie "(JSESSIONID=.*); Path.*" "\$1; Path=/" + # For https, you should add Secure flag. + # Header edit Set-Cookie "(JSESSIONID=.*); Path.*" "\$1; Path=/; Secure" + + #This header is added to avoid the JSON cache issue on IE. + Header set Cache-Control "max-age=0,no-cache,no-store" + + +ErrorLog /var/log/apache2/linshare-user-error.log +CustomLog /var/log/apache2/linshare-user-access.log combined + +EOF + + a2ensite linshare-ui-user + + echo "Create Admin UI virtualhost" + tar xjf ${LS_TMPDIR}/linshare-ui-admin-${LS_VERSION}.tar.bz2 -C ${WWW_ROOT}/ + chown -R www-data: ${WWW_ROOT}/linshare-ui-admin + + cat < /etc/apache2/sites-available/linshare-ui-admin.conf + +ServerName ${ADMIN_HOST} +DocumentRoot ${WWW_ROOT}/linshare-ui-admin + + ProxyPass http://127.0.0.1:8080/linshare + ProxyPassReverse http://127.0.0.1:8080/linshare + ProxyPassReverseCookiePath /linshare / + + # Workaround to remove httpOnly flag (could also be done with tomcat) + Header edit Set-Cookie "(JSESSIONID=.*); Path.*" "\$1; Path=/" + # For https, you should add Secure flag. + # Header edit Set-Cookie "(JSESSIONID=.*); Path.*" "\$1; Path=/; Secure" + + #This header is added to avoid the JSON cache issue on IE. + Header set Cache-Control "max-age=0,no-cache,no-store" + + +ErrorLog /var/log/apache2/linshare-admin-error.log +CustomLog /var/log/apache2/linshare-admin-access.log combined + +EOF + + a2ensite linshare-ui-admin + + echo "Create upload request component virtualhost" + tar xjf ${LS_TMPDIR}/linshare-ui-upload-request-${LS_VERSION}.tar.bz2 -C ${WWW_ROOT}/ + chown -R www-data: ${WWW_ROOT}/linshare-ui-upload-request + + cat < /etc/apache2/sites-available/linshare-ui-upload-request.conf + +ServerName ${UPLOAD_HOST} +DocumentRoot ${WWW_ROOT}/linshare-ui-upload-request + + ProxyPass http://127.0.0.1:8080/linshare + ProxyPassReverse http://127.0.0.1:8080/linshare + ProxyPassReverseCookiePath /linshare / + + # Workaround to remove httpOnly flag (could also be done with tomcat) + Header edit Set-Cookie "(JSESSIONID=.*); Path.*" "\$1; Path=/" + # For https, you should add Secure flag. + # Header edit Set-Cookie "(JSESSIONID=.*); Path.*" "\$1; Path=/; Secure" + + #This header is added to avoid the JSON cache issue on IE. + Header set Cache-Control "max-age=0,no-cache,no-store" + + +ErrorLog /var/log/apache2/linshare-ui-upload-request-error.log +CustomLog /var/log/apache2/linshare-ui-upload-request-access.log combined + +EOF + + a2ensite linshare-ui-upload-request + + systemctl restart apache2 +} + +function installThumbnailServer() { + apt install -y libreoffice + + getFile "thumbnail-server-${TNS_VERSION}-config.yml" + getFile "thumbnail-server-${TNS_VERSION}.jar" + + mv ${LS_TMPDIR}/thumbnail-server-${TNS_VERSION}-config.yml /etc/linshare/linshare-thumbnail-server.yml + mv ${LS_TMPDIR}/thumbnail-server-${TNS_VERSION}.jar /usr/local/sbin/linshare-thumbnail-server.jar + + cat </lib/systemd/system/linshare-thumbnail-server.service +[Unit] +Description=LinShare thumbnail server +After=network.target + +[Service] +Type=idle +KillMode=process +ExecStart=/usr/bin/java -jar /usr/local/sbin/linshare-thumbnail-server.jar server /etc/linshare/linshare-thumbnail-server.yml + +[Install] +WantedBy=multi-user.target +Alias=linshare-thumbnail-server.service +EOF + + systemctl daemon-reload + systemctl enable linshare-thumbnail-server.service + systemctl start linshare-thumbnail-server.service +} + +# Run installation tasks! +installDependencies +downloadFiles +unpackLinshareCore +configurePostgres +configureMongoDB +configureTomcat +configureApache +## Optional +installThumbnailServer From 5a99cb4e6b4a6c9b40fa745315b32533ae5e16b4 Mon Sep 17 00:00:00 2001 From: Jonas Almroth Date: Tue, 28 Sep 2021 14:11:22 +0200 Subject: [PATCH 2/2] Bug fix: Enable thumbnails --- utils/unattended-setup-debian.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/utils/unattended-setup-debian.sh b/utils/unattended-setup-debian.sh index 92cd442e6..e0e985532 100644 --- a/utils/unattended-setup-debian.sh +++ b/utils/unattended-setup-debian.sh @@ -302,6 +302,8 @@ function installThumbnailServer() { mv ${LS_TMPDIR}/thumbnail-server-${TNS_VERSION}-config.yml /etc/linshare/linshare-thumbnail-server.yml mv ${LS_TMPDIR}/thumbnail-server-${TNS_VERSION}.jar /usr/local/sbin/linshare-thumbnail-server.jar + sed -i 's/linshare.documents.thumbnail.enable=.*/linshare.documents.thumbnail.enable=true/g' /etc/linshare/linshare.properties + cat </lib/systemd/system/linshare-thumbnail-server.service [Unit] Description=LinShare thumbnail server