efelon/shell_sequencer
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

refactoring changes from sequpgrade (endReturn, ...) and some modernizations

Browse Source
This commit is contained in:
Martin Winkler
2023-01-03 15:49:08 +01:00
parent 215135e8aa
commit 3c22d5729f
69 changed files with 553 additions and 654 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
seqs/backup.cfg.example
View File

@@ -3,10 +3,10 @@
# Backup sequence definitions
# A running debian needs at least the following runtime directories created to start up successfully:
## dev
## dev
## proc
## sys
## run
## run
BACKUP_TARGET="/backup"
# Exclude notation "directory/*" creates the directory but NOT its content

10
seqs/backup.sh
View File

@@ -20,7 +20,7 @@ seq_config() {
return 0
}
step_1_info() {
step_1_info() {
echo "Backup root"
echoinfo "Essential excludes are provided in the configuration template."
echoinfo "(${seq_configTemplate})"
@@ -42,7 +42,7 @@ step_1() {
step budir / "$buTarget" "${BACKUP_EXCLUDES[@]}" "$@"
}
step_3_info() {
step_3_info() {
# Backup single directory recursively
local opt=
local dir='<SOURCE>'
@@ -152,15 +152,15 @@ step_3() {
if [ $noRemount -eq 0 ]; then
# remount target to be writable
exep "mount -o rw,remount '${buTarget}' >>/dev/null 2>&1"
endReturn -o $? "Remount (${buTarget}) to be writable failed"
endReturn "Remount (${buTarget}) to be writable failed"
fi
if [ ! -w "${buTarget}" ] ; then
if [ ! -w "${buTarget}" ] ; then
error -e "Backup target (${buTarget}) is not writable"
exit 1
fi
checkInstalled
checkInstalled
exep "mv -f ${buTarget}/${buLog}0.log /tmp/${buLog}1.log 2>/dev/null"
exep "${sq_toolBin} -avxHAX --delete --info=stats2 ${buExcludes[*]} ${tmpSource} ${tmpTarget} > /tmp/${buLog}0.log"

6
seqs/basics.sh
View File

@@ -16,7 +16,7 @@ step_10_info() { echo "ssmtp installation"; }
step_10_alias() { echo "ssmtp"; }
step_10() {
exe apt update && apt install $SSMTP_DEPS
endReturn -o $? "ssmtp installation failed"
endReturn "ssmtp installation failed"
}
SSMTP_DEPS="ssmtp"
@@ -29,7 +29,7 @@ step_11() {
return 1
fi
addConf -c -f "$CONFIG_FILE_SSMTP" "$CONFIG_LOC_SSMTP"
endReturn -o $? "Could not write ssmtp configuration"
endReturn "Could not write ssmtp configuration"
if [ ! -f "$CONFIG_FILE_SSMTP_AL" ] ; then
warning -e "User aliases ($CONFIG_FILE_SSMTP_AL) not found"
@@ -37,7 +37,7 @@ step_11() {
return 1
fi
addConf -c -f "$CONFIG_FILE_SSMTP_AL" "$CONFIG_LOC_SSMTP_AL"
endReturn -o $? "Could not write ssmtp aliases"
endReturn "Could not write ssmtp aliases"
}
CONFIG_LOC_SSMTP="/etc/ssmtp/ssmtp.conf"
CONFIG_LOC_SSMTP_AL="/etc/ssmtp/revaliases"

2
seqs/basics/revaliases.cfg.example
View File

@@ -1,5 +1,5 @@
# sSMTP aliases
#
#
# Format: local_account:outgoing_address:mailhub
#
# Example: root:your_login@your.domain:mailhub.your.domain[:port]

2
seqs/basics/ssmtp.cfg.example
View File

@@ -5,7 +5,7 @@
# Make this empty to disable rewriting.
root=postmaster
# The place where the mail goes. The actual machine name is required no
# The place where the mail goes. The actual machine name is required no
# MX records are consulted. Commonly mailhosts are named mail.domain.com
mailhub=host:port
#AuthUser=

4
seqs/calibreweb.sh
View File

@@ -48,7 +48,7 @@ step_2() {
fi
if [ ! -e "$CALWEB_VENV_ROOT/bin" ]; then
exe python3 -m venv "$CALWEB_VENV_ROOT"
endReturn -o $? "Creating virtual environment failed"
endReturn "Creating virtual environment failed"
exe chown -R ${CALWEB_USER}: "$CALWEB_BASE"
else
warning "Virtual env. $CALWEB_VENV_ROOT already exists"
@@ -61,7 +61,7 @@ step_3() {
exe ${CALWEB_VENV_ROOT}/bin/pip install $toolPipName
}
step_4_info() {
step_4_info() {
echo "Install $toolName features"
echoinfo ${toolFeatures[*]}
}

2
seqs/certbot.cfg.example
View File

@@ -2,7 +2,7 @@
# Web root path where certbot will place the ACME challenge files
#
# A nginx example location which needs to placed in the server config listening on port 80
# A nginx example location which needs to placed in the server config listening on port 80
# for the first time and also in the config listeing on port 443 for renewals:
#
# location ^~ /.well-known/acme-challenge/ {

6
seqs/certbot.sh
View File

@@ -12,7 +12,7 @@ seq_config() {
# End if no configuration file exists
dry || return 1
fi
## Apt cmdline option to suppress user interaction
interactive || sq_aptOpt="-y"
@@ -28,7 +28,7 @@ step_1() {
if [ "$(which lsb_release)" == "" ] ; then
warning -e "Cannot detect OS. Assuming Ubuntu"
osName="Ubuntu"
else
else
osName=$(lsb_release -is)
distName=$(lsb_release -cs)
fi
@@ -38,7 +38,7 @@ step_1() {
osName="Ubuntu"
fi
echo " [I] Detected OS: $osName $distName"
info "Detected OS: $osName $distName"
if [ "$osName" == "Ubuntu" ] ; then
exe apt-get update

8
seqs/composer.sh
View File

@@ -53,7 +53,7 @@ step_1_alias() { echo "status"; }
step_1() {
local lDir="$(pwd)"
local lComp
getComposer || die "No composer installed"
info "Composer found: ${sq_composerBin}"
@@ -62,7 +62,7 @@ step_1() {
info -a "$(update-alternatives --list php)"
}
step_10_info() {
step_10_info() {
echo "Install ${toolName}"
echoinfo " [OPTIONS]"
echoinfo " -l: (default) install composer.phar to the current directory"
@@ -79,7 +79,7 @@ step_10() {
for _ in "${@}" ; do
case "${1:-}" in
-l) shift ;;
-g)
-g)
lLocal=0
lArgs+=(--install-dir="/usr/local/bin")
lArgs+=(--filename="composer")
@@ -92,7 +92,7 @@ step_10() {
local getArg="-l"
(( ! lLocal )) && getArg="-g"
getComposer ${getArg} && die "Composer already installed: ${sq_composerBin}"
[[ -n "${1:-}" ]] && lArgs+=(--version="${1}")
interactive || lArgs+=(--quiet)

6
seqs/coturn.sh
View File

@@ -47,7 +47,7 @@ step_10() {
local ipRegex='^[0-2]*[0-9]{1,2}\.[0-2]*[0-9]{1,2}\.[0-2]*[0-9]{1,2}\.[0-2]*[0-9]{1,2}\/*[0-9]*$'
local dnsUrl="46.182.19.48" #digitalcourage.de/support/zensurfreier-dns-server
local dnsFallbackUrl="194.150.168.168" #dns.as250.net; Berlin/Frankfurt
local lLevelSave=${LOG_LEVEL:?}
local lTimeSave=${LOG_TIME:-}
local retval=0
@@ -74,7 +74,7 @@ step_10() {
warning "Couldn't aquire public IP for ${sc_turnDomain}. Giving up."
retval=1
else
else
local confIp=`cat "$toolConf" | grep "^external-ip" | cut -d'=' -f2`
if [ "$pubIp" != "$confIp" ]; then
@@ -105,7 +105,7 @@ step_12() {
info "Setup $ipCronLoc"
addConf -s "$ipCron" "$ipCronLoc"
}
}
step_14_info() { echo "Setup ufw rules to allow upnp, optionally from a sepcific SOURCE_IP"; }
step_14_options() { echo "[SOURCE_IP]"; }

6
seqs/couchpotato.sh
View File

@@ -25,7 +25,7 @@ seq_config() {
return 0
}
step_1_info() {
step_1_info() {
echo "Install $toolName"
echoinfo "Default port: 5050"
}
@@ -34,7 +34,7 @@ step_1() {
exe apt update
exe apt install $toolDeps $APTOPT
exe pip install --upgrade pyopenssl
endReturn -o $? "Pip install pyopenssl failed"
endReturn "Pip install pyopenssl failed"
}
step_2_info() { echo "Clone git repository"; }
@@ -51,7 +51,7 @@ step_3() {
step_4_info() { echo "Create systemd service"; }
step_4() {
exe cp "$CPO_INSTALL_DIR/init/couchpotato.service" "/etc/systemd/system"
endReturn -o $? "Creating service file failed"
endReturn "Creating service file failed"
exe systemctl daemon-reload
}

18
seqs/debianrpi.sh
View File

@@ -50,18 +50,18 @@ step_1() {
if [ ! -f "$downShaFile" ] ; then
exe wget -O "$downShaFile" "$downSha256"
endReturn -o $? "Error downloading $downShaFile"
endReturn "Error downloading $downShaFile"
fi
if [ ! -f "$toolDownFile" ] ; then
exe wget -O "$toolDownFile" "$toolDownUrl"
endReturn -o $? "Error downloading $downDownFile"
endReturn "Error downloading $downDownFile"
fi
info "Checking SHA256 checksum"
exe cd $(dirname "$toolDownFile")
exe sha256sum -c "$downShaFile" >>/dev/null
endReturn -o $? "SHA256 checksum error"
exe sha256sum -c "$downShaFile" >>/dev/null
endReturn "SHA256 checksum error"
}
step_2_info() { echo "Write image to device"; }
@@ -73,7 +73,7 @@ step_2() {
fi
read_sd_dev "$SDDEV"
# check if device was confirmed
endReturn -o $? "SD card device not found"
endReturn "SD card device not found"
info "Writing $(basename "$toolDownFile")"
exep "xzcat \"$toolDownFile\" | dd of=$SDDEV bs=64k oflag=dsync status=progress"
@@ -143,7 +143,7 @@ step_12() {
fi
exe sed -i "s/#[[:space:]]*\($localUsDefault\)/\1/" "$localesConfigLoc"
endReturn -o $? "Changing locales failed"
endReturn "Changing locales failed"
exe locale-gen
exe update-locale LANG=$localUs
info "Logout and login for changes to be active"
@@ -162,7 +162,7 @@ step_14() {
return 0
fi
exe hostnamectl set-hostname "$localHostname"
endReturn -o $? "Couldn't set hostname"
endReturn "Couldn't set hostname"
exe sed -i "s/^\(127\.0\.0\.1[[:space:]]*\)\(localhost.*\)/\1\2\n\1$localHostname/" "$hostsLoc"
}
hostsLoc="/etc/hosts"
@@ -255,7 +255,7 @@ read_sd_dev() {
SDROOTDEV=
SDBOOTPUUID=
SDROOTPUUID=
echo " [I] Available devices:"
info "Available devices:"
echo
exe lsblk -p
echo
@@ -270,7 +270,7 @@ read_sd_dev() {
if [[ "$SDDEV" =~ .*blk.* ]] ; then
partExt="p"
fi
fi
if [ -z $SDBOOT ] ; then
SDBOOT=$(findmnt -no TARGET "${SDDEV}${partExt}${SDBOOTPARTNO}")

18
seqs/downloader.sh
View File

@@ -59,7 +59,7 @@ step_4() {
exe systemctl disable sonarr
}
step_5_info() {
step_5_info() {
echo "Install radarr for arm64"
echoinfo "Default port: 7878"
}
@@ -209,7 +209,7 @@ WantedBy=multi-user.target sonarr.service radarr.service
Alias=nzbget.service
#RequiredBy=sonarr.service radarr.service"
step_11_info() {
step_11_info() {
echo "Install lidarr for arm64"
echoinfo "Default port: 8686"
}
@@ -278,7 +278,7 @@ step_14() {
local bazarrGitUrl="https://github.com/morpheus65535/bazarr.git"
exe python3 -m venv "$bazarrVenv"
endReturn -o $? "Creating virtual environment failed"
endReturn "Creating virtual environment failed"
exe git clone $bazarrGitUrl "$bazarrDir"
exe chown -R $DLD_USER: "$bazarrVenv"
@@ -340,15 +340,15 @@ step_16() {
local buildPath="/tmp/unrarbuild"
cat /etc/apt/sources.list | grep -E "^deb-src" >>/dev/null 2>&1
endReturn -o $? "No deb-src entry found in /etc/apt/sources.list"
endReturn "No deb-src entry found in /etc/apt/sources.list"
exe mkdir -p "$buildPath"
exe cd "$buildPath"
exe apt build-dep unrar-nonfree ${sq_aptOpt}
exe apt source -b unrar-nonfree ${sq_aptOpt}
endReturn -o $? "unrar-nonfree build failed ($buildPath left untouched)"
endReturn "unrar-nonfree build failed ($buildPath left untouched)"
exe dpkg -i unrar*.deb
endReturn -o $? "unrar-nonfree install failed ($buildPath left untouched)"
endReturn "unrar-nonfree install failed ($buildPath left untouched)"
exe rm -rf "$buildPath"
}
@@ -448,7 +448,7 @@ step_21() {
exe service prowlarr stop
info "Moving existing $pInstallDir as backup"
exe mv "$pInstallDir" "${pInstallDir}_bu_"`date +%Y%m%d-%H%M%S`
fi
fi
exe tar xvzf "$pTar" -C "${DLD_DIR}"
exe mv "${DLD_DIR}/Prowlarr" "${DLD_DIR}/prowlarr"
@@ -465,7 +465,7 @@ step_22() {
info "Stopping sequence here."
info " Following steps only exected for fresh installation."
exit 0
fi
fi
}
step_23_info() { echo "Create prowlarr service"; }
@@ -526,7 +526,7 @@ step_30() {
exe service readarr stop
info "Moving existing $lInstallDir as backup"
exe mv "$lInstallDir" "${lInstallDir}_bu_"`date +%Y%m%d-%H%M%S`
fi
fi
exe tar xvf "$readarrTar" -C "${DLD_DIR}"
exe mv "${DLD_DIR}/Readarr" "${lInstallDir}"

4
seqs/ebackup.cfg.example
View File

@@ -19,7 +19,7 @@ EBU_SOURCE=
# Change the volume size to number MB. Default is 200MB.
#EBU_VOLSIZE=
# a command that runs duplicity e.g.
# a command that runs duplicity e.g.
# shape bandwidth use via trickle
# "trickle -s -u 640 -d 5120" # 5Mb up, 40Mb down"
#EBU_PRECMD=""
@@ -37,7 +37,7 @@ EBU_SOURCE=
#EBU_CRONTIME='1 2 * * *'
# Uncomment to save the output of the cron run to a logfile
# log file name will be "encBackup_profilename.log"
# log file name will be "encBackup_profilename.log"
#EBU_LOG_DIR='/var/log'
# Uncomment to log a message to syslog after

42
seqs/ebackup.sh
View File

@@ -15,7 +15,7 @@ seq_config() {
else
dry || return 1
fi
## Apt cmdline option to suppress user interaction
interactive || sq_aptOpt="-y"
@@ -24,7 +24,7 @@ seq_config() {
return 0
}
step_1_info() {
step_1_info() {
echo -n "Backup "
if contextHelp ; then
echo "selected profile"
@@ -58,18 +58,18 @@ step_1() {
done
if [ -z $EBU_TARGET ] || [ -z $EBU_SOURCE ] ; then
echo " [I] Nothing to do. Check $seq_configFile"
info "Nothing to do. Check $seq_configFile"
return 1
fi
if [ -n "${1:-}" ] && ( [ "$1" == "full" ] || [ "$1" == "incremental" ] ) ; then
dupArgs+=("$1")
elif [ -n "${1:-}" ] ; then
echo " [W] $toolName command \"$1\" not recognized"
warning "$toolName command \"$1\" not recognized"
return 1
fi
echo " [I] Running backup profile [$seq_profileName]"
info "Running backup profile [$seq_profileName]"
if [ "${dupArgs[0]:-}" != "full" ] && [ -n "$EBU_MAX_FULLBKP_AGE" ] ; then
dupArgs+=(--full-if-older-than "$EBU_MAX_FULLBKP_AGE")
@@ -79,7 +79,7 @@ step_1() {
fi
checkInstalled
setPassphrase
setPassphrase
exe $toolBin "${dupArgs[@]:-}" "${EBU_SOURCE:?}" "${EBU_TARGET:?}"
retVal=$?
unsetPassphrase
@@ -97,7 +97,7 @@ step_3() {
shift
if [ -z $EBU_TARGET ] || [ -z $EBU_SOURCE ] ; then
echo " [I] Nothing to do. Check $seq_configFile"
info "Nothing to do. Check $seq_configFile"
return 1
fi
@@ -107,7 +107,7 @@ step_3() {
unsetPassphrase
}
step_5_info() {
step_5_info() {
echo "Restore files from backup"
echoinfo " [OPTIONS]"
echoinfo " --file-to-restore, -f <RELPATH> : Relative path within backup"
@@ -148,7 +148,7 @@ step_5() {
fi
checkInstalled
setPassphrase
setPassphrase
exe $toolBin restore "${restoreOpt[@]}" "$EBU_TARGET" "$ebuLocalTarget"
unsetPassphrase
}
@@ -166,9 +166,9 @@ step_7() {
if [ ! -z "$EBU_MAX_AGE" ] ; then
dupCommand+="remove-older-than $EBU_MAX_AGE "
elif [ ! -z "$EBU_MAX_FULL_BACKUPS" ] ; then
elif [ ! -z "$EBU_MAX_FULL_BACKUPS" ] ; then
dupCommand+="remove-all-but-n-full $EBU_MAX_FULL_BACKUPS "
elif [ ! -z "$EBU_MAX_FULLS_WITH_INCRS" ] ; then
elif [ ! -z "$EBU_MAX_FULLS_WITH_INCRS" ] ; then
dupCommand+="remove-all-inc-of-but-n-full $EBU_MAX_FULLS_WITH_INCRS "
else
if interactive ; then warning -e "No purge option configured" ; fi
@@ -176,7 +176,7 @@ step_7() {
fi
checkInstalled
setPassphrase
setPassphrase
exe $toolBin $dupCommand --force "$ebuTarget"
unsetPassphrase
}
@@ -215,13 +215,13 @@ step_22() {
fi
checkInstalled
setPassphrase
setPassphrase
exe $toolBin list-current-files "$ebuTarget"
unsetPassphrase
}
step_70_info() {
step_70_info() {
echo -n "Manage cron file for "
if contextHelp ; then
echo -n "selected profile"
@@ -260,16 +260,16 @@ step_70() {
cronEntry+=" >$cronLog"
if [ -z "$EBU_CRONTIME" ] || [ $cronRemove -ne 0 ] ; then
echo " [I] Removing cron for profile $seq_profileName"
info "Removing cron for profile $seq_profileName"
exe rm -r "$cronScript"
else
checkFileHead "$cronScript" "$cronEntry"
if [ $? -ne 0 ] ; then
echo " [I] Update cron for profile $seq_profileName"
info "Update cron for profile $seq_profileName"
exep "sudo echo \"$cronEntry\" > \"$cronScript\""
syslogEntry "Cron file update complete [$EBU_CRONTIME]"
else
echo " [I] Cron for profile $seq_profileName is up to date"
info "Cron for profile $seq_profileName is up to date"
fi
fi
}
@@ -291,14 +291,14 @@ step_100() {
}
setPassphrase() {
if [ -z "${PASSPHRASE:-}" ] && [ -n "${EBU_PASSPHRASE:-}" ] ; then
if [ -z "${PASSPHRASE:-}" ] && [ -n "${EBU_PASSPHRASE:-}" ] ; then
export PASSPHRASE="$EBU_PASSPHRASE"
fi
}
unsetPassphrase() {
unset PASSPHRASE
}
}
checkFileHead() {
local readChar
@@ -307,7 +307,7 @@ checkFileHead() {
return 1
fi
read -r -n ${#2} readChar < "$1"
if [ "$readChar" == "$2" ] ; then
if [ "$readChar" == "$2" ] ; then
return 0
fi
return 1
@@ -325,7 +325,7 @@ checkInstalled() {
step install
fi
toolBin="${EBU_PRECMD:-} $(escpath "$(command -v $toolName)")"
fi
fi
}
# shellcheck disable=SC2034 # Appears unused

38
seqs/ejabberd.yml
View File

@@ -8,8 +8,8 @@ log_rate_limit: 100
hosts:
- "mydomain.eu"
listen:
-
listen:
-
port: 5222
ip: "::"
module: ejabberd_c2s
@@ -37,11 +37,11 @@ listen:
access: c2s
zlib: true
resend_on_timeout: if_offline
-
-
port: 5269
ip: "::"
module: ejabberd_s2s_in
-
-
port: 5280
ip: "::"
module: ejabberd_http
@@ -124,8 +124,8 @@ acl:
user:
- "myuser": "mydomain.eu"
#- "@localhost"
local:
local:
user_regexp: ""
loopback:
@@ -160,23 +160,23 @@ access_rules:
announce:
- allow: admin
## Only admins can use the configuration interface:
configure:
configure:
- allow: admin
## Only accounts of the local ejabberd server can create rooms:
muc_create:
muc_create:
- allow: local
## Only accounts on the local ejabberd server can create Pubsub nodes:
pubsub_createnode:
pubsub_createnode:
- allow: local
## In-band registration allows registration of any possible username.
## To disable in-band registration, replace 'allow' with 'deny'.
register:
- deny
register:
- deny
## Only allow to register from localhost
trusted_network:
trusted_network:
- allow: loopback
## Do not establish S2S connections with bad servers
s2s:
s2s:
## - deny:
## - ip: "XXX.XXX.XXX.XXX/32"
## - deny:
@@ -185,7 +185,7 @@ access_rules:
language: "en"
modules:
modules:
mod_adhoc: {}
mod_admin_extra: {}
mod_announce: # recommends mod_adhoc
@@ -216,7 +216,7 @@ modules:
## docroot: "/var/www"
## accesslog: "/var/log/ejabberd/access.log"
mod_last: {}
mod_muc:
mod_muc:
## host: "conference.@HOST@"
access:
- allow
@@ -227,7 +227,7 @@ modules:
## mod_muc_log: {}
mod_muc_admin: {}
## mod_multicast: {}
mod_offline:
mod_offline:
access_max_user_messages: max_user_offline_messages
mod_ping: {}
## mod_pres_counter:
@@ -236,7 +236,7 @@ modules:
mod_privacy: {}
mod_private: {}
## mod_proxy65: {}
mod_pubsub:
mod_pubsub:
access_createnode: pubsub_createnode
## reduces resource comsumption, but XEP incompliant
#ignore_pep_from_offline: true
@@ -246,7 +246,7 @@ modules:
max_items_node: 1000
default_node_config:
max_items: 1000
plugins:
plugins:
- "flat"
- "hometree"
- "pep" # pep requires mod_caps
@@ -283,7 +283,7 @@ modules:
##
## access_from: deny
## access: register
# No registration, but allow existing accounts to change password
access: none
mod_roster:

8
seqs/element-web.sh
View File

@@ -33,7 +33,7 @@ step_1() {
return 0
}
step_20_info() {
step_20_info() {
echo -n "Create a backup"
if (( sq_config )) ; then
echo " at $ELEMENT_WEB_BACKUP"
@@ -116,10 +116,10 @@ step_22() {
if [ ! -e "$tempExtract" ] ; then
exe mkdir -p "$tempDown"
exe wget -O "$tempLoc" "$downUrl"
endReturn -o $? "Download failed: $downUrl"
endReturn "Download failed: $downUrl"
exe cd "$tempDown"
exe tar -xf "$tempLoc"
endReturn -o $? "Extract failed: $tempLoc"
endReturn "Extract failed: $tempLoc"
else
info "Found existing download: $tempExtract"
fi
@@ -130,7 +130,7 @@ step_22() {
exe mv "$ELEMENT_WEB_LOC" "$tempBu"
step backup "$tempBu"
endReturn -o $? "Backup failed; $ELEMENT_WEB_LOC renamed!"
endReturn "Backup failed; $ELEMENT_WEB_LOC renamed!"
info "Installing version $latestVersion to $ELEMENT_WEB_LOC"
exe mv "$tempExtract" "$ELEMENT_WEB_LOC"
exe chown -R www-data: "$ELEMENT_WEB_LOC"

2
seqs/fail2ban/filter.d/nextcloud.conf
View File

@@ -1,4 +1,4 @@
[Definition]
failregex = ^.*\"remoteAddr\":\"<HOST>\".*Trusted domain error.*$
^.*\"remoteAddr\":\"<HOST>\".*Login failed:.*$
^.*\"remoteAddr\":\"<HOST>\".*Login failed:.*$

6
seqs/fail2ban/jail.d/ip-blacklist.conf
View File

@@ -7,10 +7,10 @@ logpath = /etc/fail2ban/ip.blacklist
maxretry = 0
findtime = 600
# infinite ban
#bantime = -1
#bantime = -1
# 1 day ban
#bantime = 24h
#bantime = 24h
# 2 day ban
bantime = 48h
bantime = 48h
# 10 minute ban
#bantime = 10m

2
seqs/fail2ban/jail.d/nextcloud.conf
View File

@@ -4,4 +4,4 @@ logpath = /var/nc_data/nextcloud.log
port = http,https
filter = nextcloud
maxretry = 3
bantime = 24h
bantime = 24h

20
seqs/fhem.sh
View File

@@ -34,21 +34,21 @@ step_1() {
#exe apt update
exe apt install $toolDeps $toolDeps2 "$aptOpt"
#exe apt install "$toolDeps2" "$aptOpt"
endReturn -o $? "Installation of prerequisits failed"
endReturn "Installation of prerequisits failed"
}
step_2_info() { echo "Install jabber prerequisits"; echoinfo "(May be skipped)"; }
step_2() {
exe apt install $toolDepsJabber "$aptOpt"
endReturn -o $? "Installation of prerequisits for jabber failed"
endReturn "Installation of prerequisits for jabber failed"
}
step_3_info() { echo "Download and install $toolName version $toolVersion"; }
step_3() {
exe wget "$toolUrl" -O "$downPath"
endReturn -o $? "Download of $toolName failed"
endReturn "Download of $toolName failed"
exe dpkg -i "$downPath"
endReturn -o $? "Installation of $toolName failed"
endReturn "Installation of $toolName failed"
info "$toolName is now running on http://$(hostname -I | cut -d " " -f 1):8083"
}
downPath="/tmp/$toolDpkg"
@@ -56,14 +56,14 @@ downPath="/tmp/$toolDpkg"
step_20_info() { echo "List $toolName prerequisits"; }
step_20_alias() { echo "listdeps"; }
step_20() {
echo " [I] $toolName prerequisits:"
info "$toolName prerequisits:"
echo "$toolDeps $toolDeps2"
}
step_30_info() { echo "Create user $toolUser"; }
step_30() {
exe useradd --system --home "$toolHome" --gid dialout --shell /bin/false "$toolUser"
endReturn -o $? "Creating user $toolUser failed"
endReturn "Creating user $toolUser failed"
}
step_32_info() { echo "Create $toolName systemd service"; }
@@ -78,11 +78,11 @@ step_34_alias() { echo "downgrade_xmpp"; }
step_34() {
if [ ! -f $libnetDown ]; then
exe wget "$libnetUrl" -O "$libnetDown"
endReturn -o $? "Download of $libnetUrl failed"
endReturn "Download of $libnetUrl failed"
fi
if [ ! -f $libxmlDown ]; then
exe wget "$libxmlUrl" -O "$libxmlDown"
endReturn -o $? "Download of $libxmlUrl failed"
endReturn "Download of $libxmlUrl failed"
fi
local aptOption=
@@ -104,7 +104,7 @@ step_34() {
saveReturn $?
exe dpkg -i "$libnetDown"
saveReturn $?
exe apt install libnet-jabber-perl $aptOption
exe apt install libnet-jabber-perl $aptOption
saveReturn $?
endReturn "Failed removing packages; Manual fix required"
@@ -124,7 +124,7 @@ step_35() {
aptPinFile="/etc/apt/preferences.d/00_FhemJabber"
aptPinXmpp="Package: libnet-xmpp-perl
Pin: version 1.02-3*
Pin-Priority: 1000
Pin-Priority: 1000
Package: libxml-stream-perl
Pin: version 1.23-2

2
seqs/fhem/20-FhemIf.rules
View File

@@ -1,6 +1,6 @@
# Datei: /etc/udev/rules.d/20-FehmIf.rules
# Gerät CUL868 busware.de (homematic RF) an USB
SUBSYSTEM=="tty", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="204b", SYMLINK+="tty_CUL868"
SUBSYSTEM=="tty", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="204b", SYMLINK+="tty_CUL868"
SUBSYSTEM=="tty", ATTRS{idVendor}=="0658", ATTRS{idProduct}=="0200", SYMLINK+="tty_Zwave"
SUBSYSTEM=="tty", ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6001", ATTRS{serial}=="A40352S9", SYMLINK+="ttyUSB_RS485"
SUBSYSTEM=="tty", ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6001", ATTRS{serial}=="A103R0XO", SYMLINK+="ttyUSB_LinkUSBi"

8
seqs/freeradius.sh
View File

@@ -39,11 +39,11 @@ step_50() {
local frDbSchema="$toolConfLoc/mods-config/sql/main/mysql/schema.sql"
local frDbSetup="$toolConfLoc/mods-config/sql/main/mysql/setup.sql"
exe "$WDIR"/mysql.sh createdb -c utf8 -d "$FRAD_DB_NAME" -u "$FRAD_DB_USER"
endReturn -o $? "Creating database failed"
endReturn "Creating database failed"
exep "mysql -uroot \"$FRAD_DB_NAME\" < $frDbSchema"
#exep "mysql -uroot \"$FRAD_DB_NAME\" < $frDbSetup"
exep "mysql -uroot \"$FRAD_DB_NAME\" < $drDbInit"
exep "mysql -uroot \"$FRAD_DB_NAME\" < $frDbSchema"
#exep "mysql -uroot \"$FRAD_DB_NAME\" < $frDbSetup"
exep "mysql -uroot \"$FRAD_DB_NAME\" < $drDbInit"
}

16
seqs/friendica.sh
View File

@@ -40,16 +40,16 @@ step_20() {
fi
exe "${seq_dir}/mysql.sh" -qq backup "$FR_DATABASE" "$FR_BACKUP"
endReturn -o $? "Backup mysql database failed"
endReturn "Backup mysql database failed"
[ ! -e "$tempRoot" ] && endReturn -o 1 -f "Friendica root $tempRoot not found"
local wwwBackup="$FR_BACKUP/${toolName}_www_`date +%Y%m%d-%H%M%S`.tar.gz"
local dataBackup="$FR_BACKUP/${toolName}_data_`date +%Y%m%d-%H%M%S`.tar.gz"
echo " [I] Backing up webserver directory to $wwwBackup"
info "Backing up webserver directory to $wwwBackup"
exe cd "$tempRoot/.."
exe tar czf "$wwwBackup" $(basename "$tempRoot")
echo " [I] Backing up data directory to $dataBackup"
info "Backing up data directory to $dataBackup"
exe cd "$FR_LOC_DATA/.."
exe tar czf "$dataBackup" $(basename "$FR_LOC_DATA")
}
@@ -110,21 +110,21 @@ step_22() {
if [ ! -e "$tempExtract" ] ; then
exe mkdir -p "$tempDown"
exe wget -O "$tempLoc" $downUrl
endReturn -o $? "Download failed: $downUrl"
endReturn "Download failed: $downUrl"
exe cd "$tempDown"
exe tar -xf "$tempLoc"
endReturn -o $? "Extract failed: $tempLoc"
endReturn "Extract failed: $tempLoc"
else
info "Found existing download: $tempExtract"
fi
if [ ! -e "$tempExtractAddons" ] ; then
exe wget -O "$tempLocAddons" $downUrlAddons
endReturn -o $? "Download failed: $downUrlAddons"
endReturn "Download failed: $downUrlAddons"
exe cd "$tempDown"
exe mkdir -p "$tempExtractAddons"
exe tar -xC "${tempExtractAddons}" -f "$tempLocAddons"
endReturn -o $? "Extract failed: $tempLocAddons"
endReturn "Extract failed: $tempLocAddons"
else
info "Found existing download: $tempExtractAddons"
fi
@@ -135,7 +135,7 @@ step_22() {
exe mv "$FR_LOC" "$tempBu"
step backup "$tempBu"
endReturn -o $? "Backup failed; $FR_LOC renamed!"
endReturn "Backup failed; $FR_LOC renamed!"
info "Installing version $latestVersion to $FR_LOC"
exe systemctl stop friendica.service
exe mv "$tempExtract" "$FR_LOC"

31
seqs/git.sh
View File

@@ -1,34 +1,5 @@
#!/bin/bash
toolName=git
# Get script working directory
# (when called from a different directory and even when called via symlink)
WDIR="$(cd "$(dirname -- "$(realpath ${BASH_SOURCE[0]})")" >>/dev/null 2>&1 && pwd)"
APTOPT=
CONFIG=0
SCRIPT_FILE=$(basename -- $0)
SCRIPT_NAME=${SCRIPT_FILE%%.*}
CONFIG_FILE_NAME="${SCRIPT_NAME}.cfg"
CONFIG_FILE_TEMPLATE="$WDIR/${CONFIG_FILE_NAME}.example"
seq_config() {
## or to use sequencer api with global config file:
#initSeqConfig "$CONFIG_FILE_NAME" "$CONFIG_FILE_TEMPLATE"
#if [ $? -eq 0 ] ; then
# CONFIG=1
#else
# # End if no configuration file exists
# dry || return -1
#fi
## Apt cmdline option to suppress user interaction
quiet && APTOPT="-y"
## Return of non zero value will abort the sequence
return 0
}
step_1_info() { echo "Setup global git aliases"; }
step_1_alias() { echo "alias"; }
step_1() {
@@ -48,5 +19,7 @@ step_1() {
exe git config --global alias.ll 'log'
}
# shellcheck disable=SC2034 # Appears unused
readonly sqr_minVersion=16
# shellcheck disable=SC1091 # Don't follow this source
. /usr/local/bin/sequencer.sh

18
seqs/gitea.sh
View File

@@ -29,7 +29,7 @@ seq_config() {
fi
[ ! -z "$(command -v gitea)" ] && versionNow=$(gitea --version | sed 's/.*version \([0-9.]\+\).*/\1/')
checkArchitecture
checkArchitecture
giteaIniLoc="${SEQ_GITEA_CONF_DIR}/app.ini"
info "Gitea work: $SEQ_GITEA_WORK_DIR"
@@ -61,7 +61,7 @@ step_1() {
}
step_2_info() {
checkArchitecture
checkArchitecture
echo "Downloading $toolName to user home from:"
echoinfo "$giteaDownload"
}
@@ -92,7 +92,7 @@ step_4() {
exe install -g $SEQ_GITEA_USER -m 770 -d "$giteaLogDir"
info -n "Copying gitea to global location and making it executable..."
exe install -b -m 755 -T "$giteaDownFile" "$SEQ_GITEA_BIN_LOC" && info -d "ok"
endReturn -o $? "Failed to install $SEQ_GITEA_BIN_LOC"
endReturn "Failed to install $SEQ_GITEA_BIN_LOC"
}
step_5_info() { echo "Creating systemd service"; }
@@ -143,10 +143,10 @@ step_10() {
exe "${seq_origin}/mysql.sh" -qq createdb --charset utf8mb4
}
step_12_info() {
if [ ! -z "$versionNow" ] ; then
step_12_info() {
if [ ! -z "$versionNow" ] ; then
if [ "$giteaVersion" == "$versionNow" ] ; then
echo "No upgrade available. Already on latest: $versionNow"
echo "No upgrade available. Already on latest: $versionNow"
else
echo "Download new version $giteaVersion to /usr/local/bin"
echoinfo " - installed version: $versionNow -"
@@ -159,7 +159,7 @@ step_12_alias() { echo "upgrade"; }
step_12() {
endIfEmpty versionNow "Please install $toolName first"
exe wget -O "$giteaDownFile" $giteaDownload
endReturn -o $? "Download failed"
endReturn "Download failed"
if [ -f "$SEQ_GITEA_BIN_LOC" ] ; then
local toolBackup="${SEQ_GITEA_BACKUP_DIR}/gitea_${versionNow}"
@@ -167,10 +167,10 @@ step_12() {
saveReturn $?
endReturn
sqr::echo -n "Backing up existing executable to ${toolBackup}..."
exe cp -ar "$SEQ_GITEA_BIN_LOC" "$toolBackup" && sqr::echo "ok" || sqr::echo "nok"
exe cp -ar "$SEQ_GITEA_BIN_LOC" "$toolBackup" && sqr::echo "ok" || sqr::echo "nok"
fi
exe install --backup=none -m 755 -T "$giteaDownFile" "$SEQ_GITEA_BIN_LOC"
endReturn -o $? "Upgrade failed"
endReturn "Upgrade failed"
exe service gitea start
}

2
seqs/grocy.sh
View File

@@ -95,7 +95,7 @@ step_22() {
fi
fi
exe wget ${downUrl} -q -O "${sq_grocyDownLoc}"
endReturn -o $? "Download failed"
endReturn "Download failed"
if [ -e "${sc_grocyDir}" ] ; then
step backup
exe rm -rf "${sc_grocyDir}/${sc_grocyViewcache}"

112
seqs/jitsi.sh
View File

@@ -2,24 +2,6 @@
toolName="jitsi-meet"
# Get script working directory
# (when called from a different directory)
WDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >>/dev/null 2>&1 && pwd )"
#CONFIG=0
#CONFIG_FILE_NAME="${toolName}.cfg"
#CONFIG_FILE_TEMPLATE="$WDIR/${CONFIG_FILE_NAME}.example"
#step_config() {
#echo "Called once before executing steps."
## e.g. to source a config file manually:
#. "$CONFIG_FILE"
## or to use sequencer api:
#initSeqConfig "$CONFIG_FILE_NAME" "$CONFIG_FILE_TEMPLATE"
#if [ $? -eq 0 ] ; then
# CONFIG=1
#fi
#}
step_1_info() { echo "Installation of prerequisits"; }
step_1_alias() { echo "prepare"; }
step_1() {
@@ -50,7 +32,7 @@ step_5_info() { echo "Install nginx webserver"; }
step_5_alias() { echo "webserver"; }
step_5() {
exe apt install nginx
endReturn -o $? "Installation of webserver nginx failed"
endReturn "Installation of webserver nginx failed"
exe mkdir -p /etc/nginx/sites-available
exe mkdir -p /etc/nginx/sites-enabled
exe mkdir -p /etc/nginx/modules-enabled
@@ -61,12 +43,12 @@ step_6_info() { echo "Install ufw firewall"; }
step_6_alias() { echo "firewall"; }
step_6() {
exe apt install ufw
endReturn -o $? "Installation of firewall ufw failed"
endReturn "Installation of firewall ufw failed"
}
step_7_info() { echo "Setup ufw firewall to run $toolName"; }
step_7() {
echo " [I] Configure ufw firewall"
info "Configure ufw firewall"
exe ufw allow 22/tcp
exe ufw allow 80/tcp
exe ufw allow 443/tcp
@@ -87,57 +69,61 @@ step_9() {
exe mv /etc/nginx/sites-available/*.conf /etc/nginx/conf.d
exe mv /etc/nginx/conf.d/default.conf /etc/nginx/sites-available
exe service nginx restart
echo " [I] Check /etc/nginx/conf.d for unwanted configurations"
info "Check /etc/nginx/conf.d for unwanted configurations"
}
step_10_info() { echo "WIP post-install tasks"; }
step_10() {
echo " [I] Tasks to be automated"
echo
echo " * Make jitsi installation password protected"
echo " (https://github.com/jitsi/jicofo#secure-domain)"
echo " Creating new rooms will require username and password"
echo
echo " ** /etc/prosody/conf.avail/[your-hostname].cfg.lua"
echo
echo " a) Enable authentication on your main domain:"
echo
echo " VirtualHost \"jitsi-meet.example.com\""
echo " authentication = \"internal_plain\""
echo
echo " b) Add new virtual host with anonymous login method for guests:"
echo
echo " VirtualHost \"guest.jitsi-meet.example.com\""
echo " authentication = \"anonymous\""
echo " c2s_require_encryption = false"
echo
echo " ** /etc/jitsi/meet/[your-hostname]-config.js"
echo
echo " var config = {"
echo " hosts: {"
echo " domain: 'jitsi-meet.example.com',"
echo " anonymousdomain: 'guest.jitsi-meet.example.com',"
echo " ..."
echo " },"
echo " ..."
echo " }"
echo
echo " ** /etc/jitsi/jicofo/sip-communicator.properties"
echo " add new line:"
echo
echo " org.jitsi.jicofo.auth.URL=XMPP:jitsi-meet.example.com"
echo
echo " ** Create prosody user(s):"
echo
echo " prosodyctl register <username> jitsi-meet.example.com <password>"
echo
echo " [I] Use step \"restart\" after these changes"
color green
cat << WIP_END
# Tasks to be automated
* Make jitsi installation password protected
(https://github.com/jitsi/jicofo#secure-domain)
Creating new rooms will require username and password
** /etc/prosody/conf.avail/[your-hostname].cfg.lua
a) Enable authentication on your main domain:
VirtualHost "jitsi-meet.example.com"
authentication = "internal_plain"
b) Add new virtual host with anonymous login method for guests:
VirtualHost "guest.jitsi-meet.example.com"
authentication = "anonymous"
c2s_require_encryption = false
** /etc/jitsi/meet/[your-hostname]-config.js
var config = {
hosts: {
domain: 'jitsi-meet.example.com',
anonymousdomain: 'guest.jitsi-meet.example.com',
...
},
...
}
** /etc/jitsi/jicofo/sip-communicator.properties
add new line:
org.jitsi.jicofo.auth.URL=XMPP:jitsi-meet.example.com
** Create prosody user(s):
prosodyctl register <username> jitsi-meet.example.com <password>
WIP_END
color none
info "Use step \"restart\" after these changes"
}
step_20_info() { echo "Restart all $toolName components"; }
step_20_alias() { echo "restart"; }
step_20() {
echo " [I] Restart jitsi-meet components"
info "Restart jitsi-meet components"
exep "service prosody restart&& service jicofo restart && service jitsi-videobridge2 restart"
}

8
seqs/kodi.sh
View File

@@ -71,7 +71,7 @@ After = systemd-user-sessions.service network.target sound.target
# Wants = mysql.service
[Service]
User = ${toolUser}
User = ${toolUser}
Group = ${toolUser}
Type = simple
ExecStart = /usr/bin/kodi-standalone
@@ -80,7 +80,7 @@ Restart = always
RestartSec = 15
[Install]
WantedBy = multi-user.target"
WantedBy = multi-user.target"
step_5_info() { echo "Enable text input for USB keyboards within $toolName"; }
step_5() {
@@ -107,7 +107,7 @@ bootConfigLoc="/boot/config.txt"
bootConfig="
# Modifications for $toolName
start_x=1
gpu_mem=320"
gpu_mem=320"
step_7_info() { echo "Reboot is needed for all changes to take effect"; }
step_7() {
@@ -192,7 +192,7 @@ step_40() {
info "$i"
done
interactive && read -r -p "Are you sure? (y)/[n] " answer
case "$answer" in
case "$answer" in
y|Y)
exe rm "${musicDb[@]}";;
*)

30
seqs/ldap.sh
View File

@@ -12,7 +12,7 @@ seq_config() {
# End if no configuration file exists
dry || return 1
fi
## Apt cmdline option to suppress user interaction
interactive || sq_aptOpt="-y"
@@ -98,11 +98,11 @@ objectClass: organizationalUnit
step_8_info() { echo "Setup SSL secured ldaps:// access"; }
step_8() {
sudo -u $toolUser test -r "$LDAP_CERT_KEY" >>/dev/null 2>&1
endReturn -o $? "$toolUser cannot access certificate key file: $LDAP_CERT_KEY"
endReturn "$toolUser cannot access certificate key file: $LDAP_CERT_KEY"
sudo -u $toolUser test -r "$LDAP_CERT" >>/dev/null 2>&1
endReturn -o $? "$toolUser cannot access certificate file: $LDAP_CERT"
endReturn "$toolUser cannot access certificate file: $LDAP_CERT"
sudo -u $toolUser test -r "$LDAP_CERT_CA" >>/dev/null 2>&1
endReturn -o $? "$toolUser cannot access CA certificate file: $LDAP_CERT_CA"
endReturn "$toolUser cannot access CA certificate file: $LDAP_CERT_CA"
local tempLdif=`eval "echo \"$sslSetup\""`
exep "echo \"$tempLdif\" | ldapmodify -Y EXTERNAL -H ldapi:///"
@@ -208,10 +208,10 @@ step_102() {
fi
variable2Ldif add "$addUser"
endReturn -o $? "Adding user failed"
endReturn "Adding user failed"
}
userId=
addUser="dn: uid=\$userId,\$LDAP_OU_USERS,\$LDAP_DC
addUser="dn: uid=\$userId,\$LDAP_OU_USERS,\$LDAP_DC
cn: \$userCn
givenName: \$givenName
sn: \$userSn
@@ -235,10 +235,10 @@ step_103_alias() { echo "passwd"; }
step_103() {
shift
if [ -n "${1:-}" ] ; then
echo " [I] Password operation for $1"
info "Password operation for $1"
userId="$1"
elif [ ! -z $userId ] ; then
echo " [I] Password operation for $userId"
info "Password operation for $userId"
else
error -e "No user id provided"
return 1
@@ -253,9 +253,9 @@ step_105() {
shift
if [ -n "${1:-}" ] ; then
userId="$1"
echo " [I] User operation for $userId"
info "User operation for $userId"
elif [ ! -z $userId ] ; then
echo " [I] User operation for $userId"
info "User operation for $userId"
else
error -e "No user id provided"
return 1
@@ -268,7 +268,7 @@ step_105() {
variable2Ldif modify "$removeFromgroup"
variable2Ldif modify "$add2group"
endReturn -o $? "Adding user to group failed"
endReturn "Adding user to group failed"
}
#remove empty member
add2group="dn: cn=\$groupName,\$LDAP_OU_GROUPS,\$LDAP_DC
@@ -289,9 +289,9 @@ step_107() {
shift
if [ -n "${1:-}" ] ; then
userId="$1"
echo " [I] User operation for $userId"
info "User operation for $userId"
elif [ ! -z $userId ] ; then
echo " [I] User operation for $userId"
info "User operation for $userId"
else
error -e "No user id provided"
return 1
@@ -354,7 +354,7 @@ step_200_options() { echo "<ADDITONAL ATTRIBUTES...>"; }
step_200_alias() { echo "listgroups"; }
step_200() {
shift
echo " [I] Available groups:"
info "Available groups:"
exe ldapsearch -x -LLL -H ldap:/// -b ${LDAP_OU_GROUPS},${LDAP_DC} dn gidNumber $*
}
@@ -363,7 +363,7 @@ step_200_options() { echo "<ADDITONAL ATTRIBUTES...>"; }
step_202_alias() { echo "listusers"; }
step_202() {
shift
echo " [I] Available user:"
info "Available user:"
exe ldapsearch -x -LLL -H ldap:/// -b ${LDAP_OU_USERS},${LDAP_DC} dn uidNumber gidNumber $*
}

22
seqs/librenms.sh
View File

@@ -20,7 +20,7 @@ seq_config() {
else
dry || return 1
fi
return 0
}
@@ -30,13 +30,13 @@ step_1() {
exe apt update
}
step_2_info() {
step_2_info() {
echo "Installing $toolName dependencies:"
echoinfo "$libreDeps"
}
step_2() {
exe apt install $libreDeps ${sq_aptOpt}
endReturn -o $? "Failed to install $toolName dependencies"
endReturn "Failed to install $toolName dependencies"
}
step_3_info() {
@@ -47,7 +47,7 @@ step_3_info() {
step_3() {
fetchPhpVersion
exe apt install "${librePhpDeps[@]/#/php${phpVersion}-}" ${sq_aptOpt}
endReturn -o $? "Failed to install $toolName php dependencies"
endReturn "Failed to install $toolName php dependencies"
}
step_4_info() { echo "Adding $toolName user ($toolUser)"; }
@@ -67,7 +67,7 @@ step_5() {
step_6_info() { echo "Installing $toolName using composer"; }
step_6() {
exe sudo -u librenms "${LNMS_DIR}/scripts/composer_wrapper.php" install --no-dev
endReturn -o $? "Failed to install php dependencies"
endReturn "Failed to install php dependencies"
}
step_10_info() { echo "Create mysql database for $toolName"; }
@@ -77,7 +77,7 @@ step_10() {
libreDbOpt="-d $LNMS_DB_NAME"
fi
exe "${seq_origin}"/mysql.sh ${sqr_args} createdb --charset utf8 "$libreDbOpt"
endReturn -o $? "Failed to create mysql database $LNMS_DB_NAME"
endReturn "Failed to create mysql database $LNMS_DB_NAME"
}
step_11_info() { echo "MariaDB configuration"; }
@@ -256,12 +256,12 @@ step_42() {
exe setfacl -R -m g::rwx "${LNMS_DIR}/rrd" "${LNMS_DIR}/logs" "${LNMS_DIR}/bootstrap/cache/" "${LNMS_DIR}/storage/"
}
fetchPhpVersion() {
if [ -n "${phpVersion}" ] ; then
return 0
fi
fetchPhpVersion() {
if [ -n "${phpVersion}" ] ; then
return 0
fi
phpVersion="$(php -r 'echo PHP_MAJOR_VERSION.".".PHP_MINOR_VERSION;')"
phpVersion="$(php -r 'echo PHP_MAJOR_VERSION.".".PHP_MINOR_VERSION;')"
}
# shellcheck disable=SC2034 # Appears unused

12
seqs/mailserver.sh
View File

@@ -30,7 +30,7 @@ seq_config() {
else
dry || return 1
fi
## Apt cmdline option to suppress user interaction
interactive || sq_aptOpt="-y"
@@ -195,7 +195,7 @@ step_9() {
MDA_EOF
}
step_20_info() {
step_20_info() {
echo "Install postfixadmin and create mysql database"
echoinfo "Virtualize mailboxes, domains and aliases by using a mysql database"
}
@@ -236,7 +236,7 @@ step_22() {
exe postconf -e "virtual_alias_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_maps.cf, proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_domain_catchall_maps.cf"
exe postconf -e "virtual_transport = lmtp:unix:private/dovecot-lmtp"
# Apex domain removed, it is handled as virtual domain now
# Apex domain removed, it is handled as virtual domain now
exe postconf -e "mydestination = \$myhostname, localhost.\$mydomain, localhost"
# Base location for the virtual maildirs
exe postconf -e "virtual_mailbox_base = $MAS_VIRTUAL_FOLDER_BASE"
@@ -342,7 +342,7 @@ step_50() {
}
saslPassFile="$mtaConfLoc/sasl_password"
step_52_info() {
step_52_info() {
echo "Grant access for specific (local) hostnames"
echoinfo "Workaround when local clients connect to 25 with different ips (v6)"
}
@@ -361,7 +361,7 @@ step_52() {
}
mtaClientAccessLoc="$mtaConfLoc/client_access"
step_54_info() {
step_54_info() {
echo "Deny recipient access for listed mail addresses"
}
step_54_alias() { echo "recipient_access"; }
@@ -402,7 +402,7 @@ step_56() {
}
mtaSenderRelayLoc="$mtaConfLoc/sender_relay"
step_100_info() {
step_100_info() {
echo "Send testmail [-u SYSTEMUSER | -f FROM] [TO]"
echoinfo "Send as current user to postmaster@\$MAS_DOMAIN by default"
}

42
seqs/matrix-commander.sh
View File

@@ -1,29 +1,17 @@
#!/bin/bash
toolName=matrix-commander
toolCloneUrl='https://github.com/8go/matrix-commander.git'
toolDeps="python3-pip python3-venv libolm-dev"
readonly toolName=matrix-commander
readonly toolCloneUrl='https://github.com/8go/matrix-commander.git'
readonly toolDeps="python3-pip python3-venv libolm-dev"
toolCredentialDir=
toolEncStoreDir=
# Get script working directory
# (when called from a different directory)
WDIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" >>/dev/null 2>&1 && pwd)"
APTOPT=
CONFIG=0
SCRIPT_FILE=$(basename -- $0)
SCRIPT_NAME=${SCRIPT_FILE%%.*}
CONFIG_FILE_NAME="${SCRIPT_NAME}.cfg"
CONFIG_FILE_TEMPLATE="$WDIR/${CONFIG_FILE_NAME}.example"
sq_aptOpt=
seq_config() {
## or to use sequencer api with global config file:
initSeqConfig "$CONFIG_FILE_NAME" "$CONFIG_FILE_TEMPLATE"
if [ $? -eq 0 ] ; then
CONFIG=1
else
if ! initSeqConfig "${seq_configName:?}" "${seq_configTemplate:?}" ; then
# End if no configuration file exists
dry || return -1
fi
@@ -32,7 +20,7 @@ seq_config() {
toolEncStoreDir="$MACO_BASE_DIR/.local/share/matrix-commander"
## Apt cmdline option to suppress user interaction
quiet && APTOPT="-y"
quiet && sq_aptOpt="-y"
## Return of non zero value will abort the sequence
return 0
@@ -45,7 +33,7 @@ step_1() {
exe "$MACO_BASE_DIR/bin/python3" "$MACO_DIR/matrix_commander/matrix_commander.py" "$@"
}
step_3_info() {
step_3_info() {
echo "Send message"
echoinfo "Each string ([MESSAGE]) is send as separate message"
}
@@ -53,13 +41,13 @@ step_3_options() { echo "[MESSAGE] [MESSAGE] ..."; }
step_3_alias() { echo "message"; }
step_3() {
shift
step run -m "$@"
step run -m "$@"
}
step_50_info() { echo "Install $toolName dependencies"; }
step_50_alias() { echo "install"; }
step_50() {
apt install $toolDeps $APTOPT
apt install $toolDeps $sq_aptOpt
}
step_51_info() { echo "Add system user ${MACO_USER:-}"; }
@@ -75,7 +63,7 @@ step_52() {
[ -e "$MACO_BASE_DIR" ] && endReturn -o 1 "$toolName already installed"
exe python3 -m venv "$MACO_BASE_DIR"
endReturn -o $? "Creating virtual environment failed"
endReturn "Creating virtual environment failed"
exe git clone $toolCloneUrl "$MACO_DIR"
exe chown -R $MACO_USER: "$MACO_BASE_DIR"
@@ -95,7 +83,7 @@ NOTES_END
exe sudo -u $MACO_USER ${MACO_BASE_DIR}/bin/pip install -r ${MACO_DIR}/requirements.txt
}
step_55_info() {
step_55_info() {
echo "Create systemd service for $toolName"
echoinfo "(Make sure to modify the service content in the step configuration)"
}
@@ -114,7 +102,7 @@ step_57() {
step run
[ -e ./store ] && exe mv store "$toolEncStoreDir"
info "use \"$SEQ_NAME run --verify\" to verify against an existing session (like Element)"
info "use \"$SEQ_NAME run --verify\" to verify against an existing session (like Element)"
}
step_60_alias() { echo "notes"; }
@@ -124,7 +112,7 @@ step_60() {
# Verify matrix-commander "device"
For emoji verification to work, the matrix-commander user needs to be at least in one room.
Enter the room on Element and goto
Enter the room on Element and goto
* Room Info -> People -> select matrix commander user -> Security -> sessions -> matrix-commander session
* verify with emojis
@@ -134,11 +122,13 @@ Enter the room on Element and goto
matrix-commander expects the following files to be in place for the user to be able to
send/receive messages
credentials.json - $MACO_BASE_DIR/.config/matrix-commander/credentials.json
credentials.json - $MACO_BASE_DIR/.config/matrix-commander/credentials.json
store - $MACO_BASE_DIR/.local/share/matrix-commander/store
NOTES_EOF
}
# shellcheck disable=SC2034 # Appears unused
readonly sqr_minVersion=16
# shellcheck disable=SC1091 # Don't follow this source
. /usr/local/bin/sequencer.sh

36
seqs/matrix.sh
View File

@@ -59,7 +59,7 @@ step_1_info() { echo "Installing $toolName dependencies"; }
step_1_alias() { echo "install"; }
step_1() {
exe apt update
endReturn -o $? "Updating apt repositories failed"
endReturn "Updating apt repositories failed"
if [ "$osName" != "Raspbian" ] ; then
toolDepsRaspi=""
@@ -72,7 +72,7 @@ step_2_alias() { echo "createdb"; }
step_2() {
readDatabaseInfos
exe cd ~postgres
exe cd ~postgres
exe su -c "psql -c \"CREATE USER ${postgresUser} WITH ENCRYPTED password '${postgresPass}';\"" - postgres
exe su -c "psql -c \"CREATE DATABASE ${postgresDb} ENCODING \"UTF8\" LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER ${postgresUser};\"" - postgres
exe su -c "psql -c \"GRANT ALL PRIVILEGES ON DATABASE \"${postgresDb}\" to ${postgresUser};\"" - postgres
@@ -151,7 +151,7 @@ SyslogIdentifier=synapse
[Install]
WantedBy=multi-user.target"
step_10_info() {
step_10_info() {
echo -n "Upgrade $toolName installation"
if ! contextHelp ; then
echo " at $MATRIX_HOME"
@@ -188,7 +188,7 @@ step_12() {
exe service ${toolServiceName} restart
}
step_14_info() {
step_14_info() {
echo "Show $toolName version"
}
step_14_options() { echo "[IP]:8008"; }
@@ -212,7 +212,7 @@ step_16_options() { echo "[OPTION] [IP]:8008"; }
step_16_alias() { echo "listuser"; }
step_16() {
adminTokenCheck
endReturn -o $? "Admin token needed. Check $seq_configFile"
endReturn "Admin token needed. Check $seq_configFile"
shift
local synapseIP=localhost
@@ -242,7 +242,7 @@ step_18() {
exe /opt/synapse/venv/bin/register_new_matrix_user -c "$MATRIX_HOME/homeserver.yaml" $toolUrlLocal
}
step_20_info() {
step_20_info() {
shift
echo -n "Reset user password"
contextExe && echoinfo " for ${1:-}" || echo
@@ -270,7 +270,7 @@ step_20() {
exep "echo \"$string\" | su postgres -c 'psql -d synapse -f -'"
}
step_22_info() {
step_22_info() {
echo "List all rooms"
echoinfo "[OPTION]"
echoinfo " -r : Raw json output"
@@ -279,7 +279,7 @@ step_22_options() { echo "[OPTION] [IP]:8008"; }
step_22_alias() { echo "listrooms"; }
step_22() {
adminTokenCheck
endReturn -o $? "Admin token needed. Check $seq_configFile"
endReturn "Admin token needed. Check $seq_configFile"
shift
local arg
@@ -304,7 +304,7 @@ step_22() {
exep "curl -sS --header \"Authorization: Bearer $MATRIX_ACCESS\" \"$apiCall\" | python -m json.tool $grepOut"
}
step_24_info() {
step_24_info() {
echo "List all room members"
echoinfo "[OPTION]"
echoinfo " -r : Raw json output"
@@ -313,7 +313,7 @@ step_24_options() { echo "[OPTION] [ROOM ID] [IP]:8008"; }
step_24_alias() { echo "listmember"; }
step_24() {
adminTokenCheck
endReturn -o $? "Admin token needed. Check $seq_configFile"
endReturn "Admin token needed. Check $seq_configFile"
shift
local roomId=""
@@ -343,7 +343,7 @@ step_24() {
exep "curl -sS --header \"Authorization: Bearer $MATRIX_ACCESS\" \"$apiCall\" | python -m json.tool $grepOut"
}
step_26_info() {
step_26_info() {
echo "Delete rooms without local users"
echoinfo " [IP] : default is localhost"
}
@@ -351,7 +351,7 @@ step_26_options() { echo "[IP]:8008"; }
step_26_alias() { echo "purge"; }
step_26() {
adminTokenCheck
endReturn -o $? "Admin token needed. Check $seq_configFile"
endReturn "Admin token needed. Check $seq_configFile"
shift
local i
@@ -378,7 +378,7 @@ step_28_options() { echo "<ROOM ID> [IP]:8008"; }
step_28_alias() { echo "deleteroom"; }
step_28() {
adminTokenCheck
endReturn -o $? "Admin token needed. Check $seq_configFile"
endReturn "Admin token needed. Check $seq_configFile"
shift
local roomId=""
@@ -393,7 +393,7 @@ step_28() {
[ -n "${1:-}" ] && synapseIP="$1"
echo " [I] Deleting room with ID: $roomId"
info "Deleting room with ID: $roomId"
local apiCall="http://${synapseIP}:8008/_synapse/admin/v2/rooms/$roomId"
exep "curl -sS --header \"Authorization: Bearer $MATRIX_ACCESS\" \
@@ -437,11 +437,11 @@ step_30() {
postgresDb="$1"
fi
echo " [I] Stopping ${toolServiceName}"
info "Stopping ${toolServiceName}"
exe service ${toolServiceName} stop
endReturn -o $? "Couldn't stop ${toolServiceName}. Stopping debloat."
endReturn "Couldn't stop ${toolServiceName}. Stopping debloat."
exe cd ~postgres
exe cd ~postgres
exe su -c "psql -d ${postgresDb} -c \"REINDEX${pgVerboseReId}DATABASE ${postgresDb};\"" - postgres
exe su -c "psql -c \"VACUUM FULL${pgVerboseVac};\"" - postgres
@@ -454,7 +454,7 @@ step_50_alias() { echo "dropdb"; }
step_50() {
readDatabaseInfos
exe cd ~postgres
exe cd ~postgres
exe su -c "psql -c \"DROP DATABASE ${postgresDb};\"" - postgres
}

22
seqs/matterbridge.sh
View File

@@ -39,14 +39,14 @@ seq_config() {
fi
}
step_1_info() {
step_1_info() {
echo "Downloading $toolName version ${toolVersion} to ${toolLoc} from:"
echoinfo "$toolDownload"
}
step_1_alias() { echo "install"; }
step_1() {
step upgrade
endReturn -o $? "Download failed"
endReturn "Download failed"
}
step_2_info() { echo "Create required directory structure"; }
@@ -65,13 +65,13 @@ step_3() {
step_4_info() { echo "Creating systemd service"; }
step_4() {
addConf -s "$toolService" "$toolServiceLoc"
endReturn -o $? "Creating service failed"
endReturn "Creating service failed"
}
step_5_info() { echo "Enable $toolName service"; }
step_5() {
exe systemctl enable ${toolName}
echo " [I] Before proceeding to run ${toolName} you need to modify ${toolConfigLoc} first"
info "Before proceeding to run ${toolName} you need to modify ${toolConfigLoc} first"
echo
}
@@ -105,10 +105,10 @@ step_10() {
}
versionNow=$([ -n "$(command -v ${toolName})" ] && ${toolName} --version | sed 's/.*version: \([0-9.]\+\).*/\1/')
step_12_info() {
if [ -n "${versionNow}" ] ; then
step_12_info() {
if [ -n "${versionNow}" ] ; then
if [ "$toolVersion" == "$versionNow" ] ; then
echo "No upgrade available. Already on latest: $versionNow"
echo "No upgrade available. Already on latest: $versionNow"
else
echo "Download new version $toolVersion to $toolDir"
echoinfo " - installed version: $versionNow -"
@@ -122,7 +122,7 @@ step_12_alias() { echo "upgrade"; }
step_12() {
step backup
exe wget -O "$toolLoc" "${toolDownload}"
endReturn -o $? "Download failed"
endReturn "Download failed"
exe chmod +x "$toolLoc"
exe service ${toolName} restart >>/dev/null 2>&1
return 0
@@ -151,14 +151,14 @@ step_30() {
esac
[[ "${goArch}" == "armhf" ]] && goArch="armv6l"
local goDownUrl="https://go.dev/dl/${goVer}.linux-${goArch}.tar.gz"
# Download latest go
if [ ! -e "${goDir}" ] ; then
info "Download go${goVer}: ${goDownUrl}"
exe wget -O "${goDownLoc}" "${goDownUrl}"
endReturn -o $? "Download ${goVer} failed"
endReturn "Download ${goVer} failed"
exe tar -C "$(dirname -- "${goDir}")" -xzf "${goDownLoc}"
endReturn -o $? "Extraction ${goVer} failed"
endReturn "Extraction ${goVer} failed"
fi
}

20
seqs/mayan-edms.sh
View File

@@ -54,7 +54,7 @@ step_2() {
graphviz libfuse2 libjpeg-dev libmagic1 libpq-dev libpng-dev libtiff-dev libldap2-dev libsasl2-dev \
poppler-utils postgresql python3-dev python3-pip python3-venv python3-virtualenv \
redis-server sane-utils supervisor tesseract-ocr tesseract-ocr-deu zlib1g-dev -y
endReturn -o $? "Binary dependencies installation failed"
endReturn "Binary dependencies installation failed"
exe systemctl enable supervisor
exe systemctl stop supervisor
@@ -65,7 +65,7 @@ step_3() {
exe adduser --disabled-password --disabled-login --no-create-home --gecos "" mayan
exe usermod -a -G users mayan
exe python3 -m venv ${toolRoot}
endReturn -o $? "Creating virtual environment failed"
endReturn "Creating virtual environment failed"
exe chown -R mayan:mayan ${toolRoot}
}
@@ -74,7 +74,7 @@ step_4_alias() { echo "createdb"; }
step_4() {
readDatabaseInfos
exe cd ~postgres
exe cd ~postgres
exe sudo -u postgres psql -c "CREATE USER ${postgresUser} WITH password '${postgresPass}';"
# -O owner : Specifies the database user who will own the new database.
exe sudo -u postgres createdb -O ${postgresUser} ${postgresDb}
@@ -86,9 +86,9 @@ step_5() {
step upgradepip
exe sudo -u mayan ${toolRoot}/bin/pip install --no-cache-dir mayan-edms=="${toolVersion}"
endReturn -o $? "pip install for $toolName failed"
endReturn "pip install for $toolName failed"
exe sudo -u mayan ${toolRoot}/bin/pip install --no-cache-dir psycopg2==2.8.4 redis==3.4.1
endReturn -o $?
endReturn
}
step_6_info() { echo "Supervisord configuration for $toolName"; }
@@ -133,10 +133,10 @@ step_10() {
step upgradepip
exe curl -o "$uninstallRemovalsLoc" https://gitlab.com/mayan-edms/mayan-edms/raw/master/removals.txt
exe sudo -u mayan ${toolRoot}/bin/pip uninstall -r "$uninstallRemovalsLoc"
endReturn -o $?
endReturn
exe systemctl stop supervisor
exe sudo -u mayan ${toolRoot}/bin/pip install --no-cache-dir mayan-edms=="${toolVersion}"
endReturn -o $?
endReturn
toolScript performupgrade
#toolScript preparestatic --noinput # only < 3.4
case "${1:-}" in
@@ -158,7 +158,7 @@ step_13() {
if dry; then
echo " dryrun"
else
read command
read command
fi
else
command="$@"
@@ -178,7 +178,7 @@ step_20_alias() { echo "backupdb"; }
step_20() {
local DELYEAR=$(($(date +%Y)-2))
if [ ! -s ~/.pgpass ] ; then
echo " [I] For unattended backup please define ~/.pgpass containing credentials for user mayan"
info "For unattended backup please define ~/.pgpass containing credentials for user mayan"
echo " e.g. localhost:5432:mayan:mayan:pass4mayan"
echo "Backup custom pg format with standard user / database: mayan / mayan"
fi
@@ -191,7 +191,7 @@ toolDbBackupFolder=${toolMediaFolder}/backupdb
step_22_info() { echo "Postgres database restore"; }
step_22_alias() { echo "restoredb"; }
step_22() {
echo " [I] Postgres database restore procedure"
info "Postgres database restore procedure"
echo "1. Create a empty postgres database first (step 4)"
echo "2. psql -h <host> -U <database user> -d <database name> -W -f <sql dump file>"
echo " e.g. psql -h 127.0.0.1 -U mayan -d mayan -W -f 2018-06-07_18-10-56.sql"

20
seqs/motioneye.sh
View File

@@ -39,7 +39,7 @@ seq_config() {
SEQ_OSNAME="Ubuntu"
fi
echo " [I] Detected OS: $SEQ_OSNAME $SEQ_DISTNAME"
info "Detected OS: $SEQ_OSNAME $SEQ_DISTNAME"
}
step_1_info() { echo "Install $toolName dependencies"; }
@@ -54,7 +54,7 @@ step_1() {
fi
exe apt update
endReturn -o $? "Updating apt repositories failed"
endReturn "Updating apt repositories failed"
if quiet ; then
aptOption="-y"
@@ -75,24 +75,24 @@ step_2() {
fi
if [ "$motionUrl" == "" ]; then
echo " [W] Unsupported OS"
warning "Unsupported OS"
return 1
fi
exe wget -O "$motionDownload" $motionUrl
endReturn -o $? "Download motion failed"
endReturn "Download motion failed"
}
motionDownload="/tmp/motion.deb"
step_3_info() { echo "Install downloaded motion version"; }
step_3() {
if [ ! -f "$motionDownload" ]; then
echo " [I] No downloaded motion found attempting download"
info "No downloaded motion found attempting download"
step 2
fi
exe dpkg -i "$motionDownload"
endReturn -o $? "Installing motion failed"
endReturn "Installing motion failed"
}
step_4_info() { echo "Upgrade python pip"; }
@@ -100,13 +100,13 @@ step_4_alias() { echo "upgradepip"; }
step_4()
{
exe pip install --upgrade pip
endReturn -o $? "Upgrading pip failed"
endReturn "Upgrading pip failed"
}
step_5_info() { echo "Install $toolName"; }
step_5() {
exe pip install motioneye
endReturn -o $? "Installing $toolName failed"
endReturn "Installing $toolName failed"
}
step_6_info() { echo "Prepare configuration directory $toolCfgDir"; }
@@ -129,7 +129,7 @@ motioneyeMediaDir="/var/lib/motioneye"
step_8_info() { echo "Create $toolName service"; }
step_8() {
exe cp "$motioneyeServiceSource" "$motioneyeServiceTarget"
endReturn -o $? "Creating service failed"
endReturn "Creating service failed"
exe systemctl daemon-reload
exe systemctl enable motioneye
exe systemctl start motioneye
@@ -142,7 +142,7 @@ step_20_alias() { echo "upgrade"; }
step_20() {
step "upgradepip"
exe pip install motioneye --upgrade
endReturn -o $? "Upgrading $toolName failed"
endReturn "Upgrading $toolName failed"
exe systemctl restart motioneye
}

40
seqs/mysql.sh
View File

@@ -31,7 +31,7 @@ step_6_alias() { echo install; }
step_6() {
exe apt update
exe apt install $databasePackages
endReturn -o $? "Error instaling $databaseName"
endReturn "Error instaling $databaseName"
}
step_7_info() { echo "Secure ${databaseName} installation"; }
@@ -89,7 +89,7 @@ step_10() {
shift 2 ;;
--remote|-r)
dbRemote="${2:-}"
shift 2 ;;
shift 2 ;;
*)
break ;;
esac
@@ -105,17 +105,17 @@ step_10() {
esac
if [ -z "$dbName" ] ; then
echo " [I] Existing mysql databases:"
info "Existing mysql databases:"
exe mysql -u root -e 'SHOW DATABASES;'
read -p "Enter database name: " dbName
fi
endIfEmpty dbName "database name"
exe mysql -u root -e 'CREATE DATABASE '$dbName' '"$dbOption"';'
endReturn -o $? "Cannot create database $dbName"
endReturn "Cannot create database $dbName"
}
step_11_info() {
step_11_info() {
echo "Create mysql user"
echoinfo " [OPTIONS]"
echoinfo " --user, -u : user name"
@@ -141,14 +141,14 @@ step_11() {
shift 2 ;;
--remote|-r)
dbRemote="${2:-}"
shift 2 ;;
shift 2 ;;
*)
break ;;
esac
done
if [ -z "$dbUser" ] ; then
echo " [I] Existing mysql user:"
info "Existing mysql user:"
exe mysql -u root -e 'SELECT User, Host FROM mysql.user;'
read -p "Enter mysql user name: " dbUser
fi
@@ -163,11 +163,11 @@ step_11() {
info "Enter mysql password: ...skipped..."
fi
exe mysql -u root -e 'CREATE USER '"'"$dbUser"'"'@'"'"$dbRemote"'"' IDENTIFIED BY '"'"$dbPass"'"';'
endReturn -o $? "Error creating mysql user"
endReturn "Error creating mysql user"
fi
}
step_12_info() {
step_12_info() {
echo "Grant privileges"
echoinfo " [OPTIONS]"
echoinfo " --database, -d : 'database name'.*"
@@ -193,19 +193,19 @@ step_12() {
shift 2 ;;
--remote|-r)
dbRemote="${2:-}"
shift 2 ;;
shift 2 ;;
*)
break ;;
esac
done
exe mysql -u root -e 'GRANT ALL PRIVILEGES ON '$dbName'.* TO '"'"$dbUser"'"'@'"'"$dbRemote"'"';'
endReturn -o $? "Error assigning privileges on database"
endReturn "Error assigning privileges on database"
exe mysql -u root -e 'FLUSH PRIVILEGES;'
}
step_14_info() {
step_14_info() {
echo "Revoke all granted privilegs"
echoinfo " [OPTIONS]"
echoinfo " --user, -u : user name"
@@ -224,14 +224,14 @@ step_14() {
shift 2 ;;
--remote|-r)
dbRemote="${2:-}"
shift 2 ;;
shift 2 ;;
*)
break ;;
esac
done
exe mysql -u root -e 'REVOKE ALL, GRANT OPTION FROM '"'"$dbUser"'"'@'"'"$dbRemote"'"';'
endReturn -o $? "Error revoking privileges for user $dbUser"
endReturn "Error revoking privileges for user $dbUser"
exe mysql -u root -e 'FLUSH PRIVILEGES;'
}
@@ -250,7 +250,7 @@ step_32() {
echo -e "\nDrop dbuser by: mysql -u root -e 'DROP USER dbuser@localhost;'"
}
step_34_info() {
step_34_info() {
echo "Show privileges"
echoinfo " [OPTIONS]"
echoinfo " --user, -u : user name"
@@ -269,7 +269,7 @@ step_34() {
shift 2 ;;
--remote|-r)
dbRemote="${2:-}"
shift 2 ;;
shift 2 ;;
*)
break ;;
esac
@@ -286,8 +286,8 @@ step_36() {
echo "Please provide a database name. e.g. $0 sizedb mydb_db"
else
exe mysql -u root -e 'SELECT table_schema "DB Name",
ROUND(SUM(data_length + index_length) / 1024 / 1024, 1) "DB Size in MB"
FROM information_schema.tables
ROUND(SUM(data_length + index_length) / 1024 / 1024, 1) "DB Size in MB"
FROM information_schema.tables
WHERE table_schema="'$2'"
GROUP BY table_schema;'
fi
@@ -311,9 +311,9 @@ step_50() {
endReturn -o 1 -f "${2:-} does not exist"
fi
echo " [I] Dumping database $dbName to $buTarget"
info "Dumping database $dbName to $buTarget"
exep "mysqldump --single-transaction $dbName > \"$(realpath $buTarget)/${dbName}_backup_$(date +%Y%m%d-%H%M%S).sql\""
endReturn -o $? "Error creating $dbName backup"
endReturn "Error creating $dbName backup"
}
step_52_info() { echo "Restore a mysql database"; }

8
seqs/nextcloud.sh
View File

@@ -1,7 +1,7 @@
#!/usr/bin/env bash
# Dependency to other seqs
# - mysql.sh (soft; Missing informational output)
# - mysql.sh (soft; Missing informational output)
readonly toolName="nextcloud"
localOcc=("echo" "occ not found!")
@@ -31,7 +31,7 @@ step_20() {
return 1
fi
exe cd "$sc_ncInstallDir"
exe sudo -u www-data php "$ncInstaller"
exe sudo -u www-data php "$ncInstaller"
}
ncInstaller="updater/updater.phar"
@@ -57,7 +57,7 @@ step_102() {
if [ -z $1 ] ; then
error -e "No database provided"
if [ -f "${seq_origin}/mysql.sh" ] ; then
echo " [I] Available mysql databases:"
info "Available mysql databases:"
"${seq_origin}/mysql.sh" -qq listdb
fi
return 1
@@ -73,7 +73,7 @@ step_102() {
fi
exe mysql -u root -D ${ncdb} -e 'delete FROM oc_bruteforce_attempts WHERE IP="'${ip}'";'
endReturn -o $? "Error deleting ip $ip"
endReturn "Error deleting ip $ip"
}
step_104_info() { echo "Reset and rescan the music library in the background for one user"; }

12
seqs/nginx.sh
View File

@@ -12,7 +12,7 @@ sq_aptOpt=
seq_config() {
## Apt cmdline option to suppress user interaction
interactive || sq_aptOpt="-y"
## Return of non zero value will abort the sequence
return 0
}
@@ -55,7 +55,7 @@ step_10() {
exe apt update
}
step_11_info() {
step_11_info() {
echo "Installation of ${toolName} packages:"
echoinfo "${sq_toolDeps}"
}
@@ -63,7 +63,7 @@ step_11_alias() { echo "install"; }
step_11() {
exe apt update
exe apt install ${sq_toolDeps} ${sq_aptOpt:-}
endReturn -o $? "Failed to install ${toolName}"
endReturn "Failed to install ${toolName}"
}
step_12_info() {
@@ -90,7 +90,7 @@ step_12() {
info "Removing user nginx"
exe deluser ${lQuiet} nginx || true # allowed to fail if non existent
if [[ ! -e "/var/www" ]] ; then
if [[ ! -e "/var/www" ]] ; then
info "Create default web server directory."
exe mkdir "/var/www"
exe chown www-data: "/var/www"
@@ -114,7 +114,7 @@ step_13() {
exe apt install ${sq_toolDeps} ${sq_aptOpt:-}
fi
# create webroot
# create webroot
exe mkdir -p "$siteLetsencryptWww"
info -n "Restarting Nginx..."
@@ -136,7 +136,7 @@ siteDefaultLoc="/etc/nginx/conf.d/default"
siteDefaultIp4="server {
listen 80 default_server;
include ${snippetLetsencryptLoc};
include ${snippetLetsencryptLoc};
}"
step_20_info() { echo "Installation notes"; }

4
seqs/olivetin.sh
View File

@@ -63,9 +63,9 @@ downloadLatest() {
if [ ! -e "$tempInstall" ] ; then
exe mkdir -p "$tempDown"
exe wget -O "$tempInstall" $downUrl
endReturn -o $? "Download failed: $downUrl"
endReturn "Download failed: $downUrl"
else
echo " [I] Found existing download: $tempInstall"
info "Found existing download: $tempInstall"
fi
}
tempDown="/tmp/olivetin"

18
seqs/onlyoffice.sh
View File

@@ -56,7 +56,7 @@ step_1_alias() { echo "install"; }
step_1() {
exe apt update
exe apt install $dockerDeps $APTOPT
endReturn -o $? "Docker dependencies installation failed"
endReturn "Docker dependencies installation failed"
}
step_2_info() { echo "Install Docker repository"; }
@@ -66,9 +66,9 @@ step_2() {
# Add stable repository
exe add-apt-repository "deb [arch=amd64] ${dockerRepoUrl} $(lsb_release -cs) stable"
endReturn -o $? "Failed to add Docker repository"
endReturn "Failed to add Docker repository"
exe apt update
endReturn -o $? "Docker repository not available"
endReturn "Docker repository not available"
}
step_3_info() { echo "Install latest Docker version"; }
@@ -81,7 +81,7 @@ step_3() {
fi
exe apt install $dockerPackages $aptOption
echo " [I] You may test the installation by running:"
info "You may test the installation by running:"
echo " sudo docker run hello-world"
}
@@ -108,7 +108,7 @@ step_5() {
if [ ! -z "$2" ] ; then
secret="$2"
elif [ ! -z "$dockerSecret" ]; then
secret="$dockerSecret"
secret="$dockerSecret"
elif interactive ; then
exe read -s -p "JWT Secret: " secret
fi
@@ -143,7 +143,7 @@ step_7() {
warning -e "No $toolName Docker container found"
fi
exe docker pull $dockerImageName
endReturn -o $? "Error getting $toolName Docker update"
endReturn "Error getting $toolName Docker update"
step startoo
}
@@ -153,12 +153,12 @@ step_10_alias() { echo "ls"; }
step_10() {
exe docker container ls
echo
echo " [I] To stop a container run:"
info "To stop a container run:"
echo " docker stop [CONTAINER ID]"
echo " e.g.: docker stop 70f1c5c81be2"
}
step_12_info() {
step_12_info() {
echo "Clean unused Docker data"
echoinfo "(unused containers, dangling images, networks, build cache and volumes)"
}
@@ -182,7 +182,7 @@ step_102() {
case $answer in
[yY])
exe service docker stop
exe rm -rf /var/lib/docker
exe rm -rf /var/lib/docker
;;
*)
return 0

40
seqs/openvpn.sh
View File

@@ -1,36 +1,14 @@
#!/bin/bash
toolName=openvpn
toolDeps=openvpn
toolDefaultConf="/etc/default/openvpn"
toolUserScriptsLoc="/usr/lib/openvpn"
readonly toolName=openvpn
readonly toolDeps=openvpn
readonly toolDefaultConf="/etc/default/openvpn"
readonly toolUserScriptsLoc="/usr/lib/openvpn"
# Get script working directory
# (when called from a different directory)
WDIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" >>/dev/null 2>&1 && pwd)"
APTOPT=
CONFIG=0
SCRIPT_FILE=$(basename -- $0)
SCRIPT_NAME=${SCRIPT_FILE%%.*}
CONFIG_FILE_NAME="${SCRIPT_NAME}.cfg"
CONFIG_FILE_TEMPLATE="$WDIR/${CONFIG_FILE_NAME}.example"
CONFIG_DIR="$WDIR/$SCRIPT_NAME"
sq_aptOpt=
seq_config() {
#echo "Called once before executing steps."
## e.g. to source a config file manually:
#. "$CONFIG_FILE"
## or to use sequencer api with global config file:
#initSeqConfig "$CONFIG_FILE_NAME" "$CONFIG_FILE_TEMPLATE"
## or to use sequencer api with profile config file support:
#initSeqConfig -p "$SCRIPT_NAME" "$CONFIG_FILE_TEMPLATE"
#if [ $? -eq 0 ] ; then
# CONFIG=1
#else
# # End if no configuration file exists
# dry || return -1
#fi
quiet && APTOPT="-y"
interactive || sq_aptOpt="-y"
return 0
}
@@ -38,7 +16,7 @@ step_1_info() { echo "Install $toolName"; }
step_1_alias() { echo "install"; }
step_1() {
exe apt update
exe apt install $toolDeps $APTOPT
exe apt install $toolDeps $sq_aptOpt
}
step_2_info() { echo "Install customized helper scripts to $toolUserScriptsLoc"; }
@@ -46,7 +24,7 @@ step_2() {
exep "mkdir \"$toolUserScriptsLoc\" 2>>/dev/null"
[ $? -ne 0 ] && \
warning "$toolUserScriptsLoc already exists. Not overwriting existing files."
exe cp -n "$CONFIG_DIR"/* "$toolUserScriptsLoc"
exe cp -n "${seq_origin}/${seq_fileName}"/* "$toolUserScriptsLoc"
}
step_10_info() { echo "Open openvpn system start configuration"; }
@@ -55,5 +33,7 @@ step_10() {
exe vi "$toolDefaultConf"
}
# shellcheck disable=SC2034 # Appears unused
readonly sqr_minVersion=16
# shellcheck disable=SC1091 # Don't follow this source
. /usr/local/bin/sequencer.sh

2
seqs/openvpn/my.conf
View File

@@ -8,7 +8,7 @@
verb 1
# Always add custom nameserver
#dhcp-option DNS 208.67.222.222
#dhcp-option DNS 208.67.222.222
#dhcp-option DNS 84.200.69.80
# Mute common false alarm on WiFi networks

36
seqs/paperless-venv.sh
View File

@@ -76,11 +76,11 @@ step_3() {
status)
serviceCommand="is-active"
info -n "paperless-webserver: "
exe systemctl "${serviceCommand:?}" paperless-webserver
exe systemctl "${serviceCommand:?}" paperless-webserver
info -na "paperless-scheduler: "
exe systemctl "${serviceCommand:?}" paperless-scheduler
exe systemctl "${serviceCommand:?}" paperless-scheduler
info -na "paperless-consumer : "
exe systemctl "${serviceCommand:?}" paperless-consumer
exe systemctl "${serviceCommand:?}" paperless-consumer
info -na "paperless-task-queue: "
exe systemctl "${serviceCommand:?}" paperless-task-queue.service
return 0 ;;
@@ -90,9 +90,9 @@ step_3() {
error "Unknown command ${1:-"-"}"
return 1 ;;
esac
exe systemctl "${serviceCommand:?}" paperless-webserver
exe systemctl "${serviceCommand:?}" paperless-scheduler
exe systemctl "${serviceCommand:?}" paperless-consumer
exe systemctl "${serviceCommand:?}" paperless-webserver
exe systemctl "${serviceCommand:?}" paperless-scheduler
exe systemctl "${serviceCommand:?}" paperless-consumer
exe systemctl "${serviceCommand:?}" paperless-task-queue
}
@@ -100,8 +100,8 @@ step_10_info() { echo "Install python3"; }
step_10_alias() { echo "install"; }
step_10() {
exe apt update
exe apt install ${toolDeps} ${aptOpt:-}
exe apt install ${toolDepsOcr} ${aptOpt:-}
exe apt install ${toolDeps} ${aptOpt:-}
exe apt install ${toolDepsOcr} ${aptOpt:-}
}
step_11_info() { echo "Add system user"; }
@@ -111,7 +111,7 @@ step_11() {
fi
exe adduser --disabled-password --disabled-login --gecos "" --home "${sc_paperlessHome}" "${sc_paperlessUser:?}"
}
step_12_info() { echo "Install/upgrade ${toolName}"; }
step_12_alias() { echo "upgrade"; }
step_12() {
@@ -127,7 +127,7 @@ step_12() {
fi
fi
exe wget ${downUrl} -q -O "${sq_paperlessDownLoc}"
endReturn -o $? "Download failed"
endReturn "Download failed"
if [ -e "${sc_paperlessDir}" ] ; then
if step backup --nostart; then
@@ -139,7 +139,7 @@ step_12() {
exe mv "${sc_paperlessDir}" "${sc_paperlessDir}_bu"
fi
exe mkdir -p "${sc_paperlessHome}"
exe mkdir -p "${sc_paperlessHome}"
exe tar -xf "${sq_paperlessDownLoc}" -C "${sc_paperlessHome}"
exe chown -R "${sc_paperlessUser}": "${sc_paperlessHome}"
@@ -154,7 +154,7 @@ step_12() {
info "Starting post upgrade procedure"
step postupgrade
step service start
die "Upgrade finished"
die "Upgrade finished"
fi
}
@@ -194,17 +194,17 @@ step_19_alias() { echo 'nltk'; }
step_19() {
info 'Installing nltk'
exe "${sc_paperlessVenv}/bin/pip3" install -U nltk
endReturn -o $? "Failed to install nlkt"
endReturn "Failed to install nlkt"
exe cd "${sc_paperlessHome}/data"
exe mkdir -p "nltk"
exe "${sc_paperlessVenv}/bin/python3" -m nltk.downloader -d ./nltk/ snowball_data stopwords punkt
endReturn -o $? "Failed to install nlkt modules snowball stopwords punkt"
endReturn "Failed to install nlkt modules snowball stopwords punkt"
step service restart
}
step_30_info() {
step_30_info() {
echo "Retag existing documents"
echoinfo "OPTIONS"
echoinfo " -c, --correspondent"
@@ -222,7 +222,7 @@ step_30() {
exe sudo -u "${sc_paperlessUser}" "${sc_paperlessVenv}/bin/python3" manage.py document_retagger "$@"
}
step_32_info() {
step_32_info() {
echo "Manage document search index"
echoinfo " reindex - (default) create index from scratch"
echoinfo " optimize - updates index to increase search speed and"
@@ -292,7 +292,7 @@ step_100() {
../../{consume,data,media}
* To allow access directly via ip address
PAPERLESS_ALLOWED_HOSTS=$(hostname -I | awk '{print $1;}')
* recommended settings
* recommended settings
PAPERLESS_FILENAME_FORMAT={created_year}/{title}
PAPERLESS_SECRET_KEY=change-me
PAPERLESS_OCR_LANGUAGE=deu+eng
@@ -309,7 +309,7 @@ $(cd "${sc_paperlessDir}"/scripts 2>/dev/null && for f in *.service; do echo "
To chose a custom listen address and port for gunicorn
(default address: [..], default port: 8000)
* /etc/ImageMagick-x/policy.xml
* enable access to pdfs
* enable access to pdfs
<policy domain="coder" rights="read|write" pattern="PDF" />
# Nginx proxy

38
seqs/paperless.sh
View File

@@ -75,11 +75,11 @@ step_3() {
status)
serviceCommand="is-active"
info -n " paperless-webserver: "
exe systemctl "${serviceCommand:?}" paperless-webserver
exe systemctl "${serviceCommand:?}" paperless-webserver
info -na " paperless-scheduler: "
exe systemctl "${serviceCommand:?}" paperless-scheduler
exe systemctl "${serviceCommand:?}" paperless-scheduler
info -na " paperless-consumer: "
exe systemctl "${serviceCommand:?}" paperless-consumer
exe systemctl "${serviceCommand:?}" paperless-consumer
info -na "paperless-task-queue: "
exe systemctl "${serviceCommand:?}" paperless-task-queue.service
return 0 ;;
@@ -89,9 +89,9 @@ step_3() {
error "Unknown command ${1:-"-"}"
return 1 ;;
esac
exe systemctl "${serviceCommand:?}" paperless-webserver
exe systemctl "${serviceCommand:?}" paperless-scheduler
exe systemctl "${serviceCommand:?}" paperless-consumer
exe systemctl "${serviceCommand:?}" paperless-webserver
exe systemctl "${serviceCommand:?}" paperless-scheduler
exe systemctl "${serviceCommand:?}" paperless-consumer
exe systemctl "${serviceCommand:?}" paperless-task-queue
}
@@ -99,8 +99,8 @@ step_10_info() { echo "Install python3"; }
step_10_alias() { echo "install"; }
step_10() {
exe apt update
exe apt install ${toolDeps} ${aptOpt:-}
exe apt install ${toolDepsOcr} ${aptOpt:-}
exe apt install ${toolDeps} ${aptOpt:-}
exe apt install ${toolDepsOcr} ${aptOpt:-}
}
step_11_info() { echo "Add system user"; }
@@ -108,9 +108,9 @@ step_11() {
if id "${toolUser}" >/dev/null 2>&1 ; then
endReturn -o 1 "User ${toolUser} already exists"
fi
exe adduser "${toolUser}" --system --group --home "${sc_paperlessHome}"
exe adduser "${toolUser}" --system --group --home "${sc_paperlessHome}"
}
step_12_info() { echo "Install/upgrade ${toolName}"; }
step_12_alias() { echo "upgrade"; }
step_12() {
@@ -126,7 +126,7 @@ step_12() {
fi
fi
exe wget ${downUrl} -q -O "${sq_paperlessDownLoc}"
endReturn -o $? "Download failed"
endReturn "Download failed"
if [ -e "${sc_paperlessDir}" ] ; then
if step backup --nostart; then
@@ -137,7 +137,7 @@ step_12() {
toolUpgrade=1
exe mv "${sc_paperlessDir}" "${sc_paperlessDir}_bu"
fi
exe tar -xf "${sq_paperlessDownLoc}" -C "${sc_paperlessHome}"
exe chown -R "${toolUser}": "${sc_paperlessDir}"
@@ -152,7 +152,7 @@ step_12() {
info "Starting post upgrade procedure"
step postupgrade
step service start
die "Upgrade finished"
die "Upgrade finished"
fi
}
@@ -180,7 +180,7 @@ step_16() {
exe sudo -Hu paperless python3 manage.py migrate
}
step_18_info() {
step_18_info() {
echo "Retag existing documents"
echoinfo "OPTIONS"
echoinfo " -c, --correspondent"
@@ -198,7 +198,7 @@ step_18() {
exe sudo -Hu paperless python3 manage.py document_retagger "$@"
}
step_20_info() {
step_20_info() {
echo "Manage document search index"
echoinfo " reindex - (default) create index from scratch"
echoinfo " optimize - updates index to increase search speed and"
@@ -271,7 +271,7 @@ step_100() {
redis://:password@localhost:6379
* consume,data,media direcotries (${sc_paperlessHome}/...)
../../{consume,data,media}
* recommended settings
* recommended settings
PAPERLESS_FILENAME_FORMAT={created_year}/{title}
PAPERLESS_SECRET_KEY=change-me
PAPERLESS_OCR_LANGUAGE=deu+eng
@@ -283,13 +283,13 @@ $(cd "${sc_paperlessDir}"/scripts && for f in *.service; do echo " $f"; done)
* WorkingDirectory=/opt/paperless/paperless-ngx/src
* path to celery: ${sc_paperlessHome}/.local/bin/celery
* service files webserver
* Environment="PAPERLESS_PORT=8084"
* Environment="PAPERLESS_PORT=8084"
To chose a custom listen port for gunicorn
* gunicorn.conf.py
* bind = f'0.0.0.0:{os.getenv("PAPERLESS_PORT", 8000)}'
* bind = f'0.0.0.0:{os.getenv("PAPERLESS_PORT", 8000)}'
If IPv6 is disabled/not avilable the first start takes very long
* /etc/ImageMagick-x/policy.xml
* enable access to pdfs
* enable access to pdfs
<policy domain="coder" rights="read|write" pattern="PDF" />
# Nginx proxy

8
seqs/php.sh
View File

@@ -38,7 +38,7 @@ seq_config() {
# Prepare php packages to be installed
sq_phpPackages="${sc_phpPackages[@]/#/${sq_phpName}-}"
sq_FpmConfig="/etc/php/${sc_phpVersion:?}/fpm/conf.d/90-custom_pi.ini"
sq_CliConfig="/etc/php/${sc_phpVersion:?}/cli/conf.d/90-custom_pi.ini"
sq_PoolConfig="/etc/php/${sc_phpVersion:?}/fpm/pool.d/www.conf"
@@ -104,7 +104,7 @@ step_10() {
exe apt-get update
}
step_11_info() {
step_11_info() {
echo "Installation of ${toolName:-'-'} packages:"
echoinfo "${sq_phpPackages:-"(customize with '${seq_name} -c')"}"
}
@@ -136,10 +136,10 @@ step_22_info() { echo "Configure ${toolName} pool ondemand"; }
step_22_alias() { echo "conf_pool_ondemand"; }
step_22() {
info "Setting ${toolName} pool to 'ondemand'"
addConf -a "" "$sq_FpmIni"
exe sed -i "s/^[;[:space:]]*pm =.*/pm = ondemand/" "$sq_PoolConfig"
restart_php
}

16
seqs/pixelfed.sh
View File

@@ -44,9 +44,9 @@ step_1() {
step_2_info() { echo -e "Installing $toolName dependencies"; }
step_2() {
exe apt install "${toolPhpDeps[@]/#/${sq_phpName}-}" $toolDeps ${sq_aptOpt}
endReturn -o $? "Installing deps for $toolName failed"
endReturn "Installing deps for $toolName failed"
exe service ${sq_phpName}-fpm restart
endReturn -o $? "Problems starting $toolName"
endReturn "Problems starting $toolName"
}
step_3_info() { echo -e "Get $toolName using git"; }
@@ -63,7 +63,7 @@ step_4() {
exe cd "${toolPath:?}"
exe ${seq_origin:?}/composer.sh -qq install
exe sudo -u www-data ${sq_phpName:?} composer.phar install --no-ansi --no-interaction --optimize-autoloader
endReturn -o $? "Composer install error"
endReturn "Composer install error"
}
step_5_info() { echo "Create mysql database for $toolName"; }
@@ -97,10 +97,10 @@ step_7() {
step_8_info() { echo "Create pixelfed (horzion) service"; }
step_8() {
addConf -c "${horizonService}" "${horizonServiceLoc}"
endReturn -o $? "Failed to add horizon service"
endReturn "Failed to add horizon service"
exe systemctl daemon-reload
exe systemctl enable pixelfed.service
exe service pixelfed start
exe service pixelfed start
}
horizonServiceLoc="/etc/systemd/system/pixelfed.service"
horizonService="\
@@ -149,7 +149,7 @@ step_10() {
addConf -c "$lNginxConfig" "$nginxConfigLoc"
exe ln -s "$nginxConfigLoc" "$nginxConfigEnable"
exe nginx -t
endReturn -o $? "Nginx configuration check error"
endReturn "Nginx configuration check error"
exe service nginx restart
}
@@ -247,9 +247,9 @@ step_100_alias() { echo "upgrade"; }
step_100() {
exe cd ${toolPath:?}
exe git pull origin $toolTag
endReturn -o $? "git pull failed"
endReturn "git pull failed"
exe git checkout $toolTag
endReturn -o $? "git checkout failed"
endReturn "git checkout failed"
}
step_101_info() { echo "Recommended post update procedure"; }

40
seqs/postfixadmin.sh
View File

@@ -25,15 +25,15 @@ seq_config() {
else
dry || return 1
fi
## Apt cmdline option to suppress user interaction
interactive || sq_aptOpt="-y"
## Return of non zero value will abort the sequence
return 0
}
step_1_info() {
step_1_info() {
# eval needed to expand sourced configuration variables
echo "Install $toolName dependencies:"
echoinfo "${toolPhpDeps[@]/#/php${PFA_PHP_VERSION:-}-}"
@@ -53,7 +53,7 @@ step_3_info() { echo "Install fetchmail"; }
step_3_alias() { echo "install_fetchmail"; }
step_3() {
exe apt install $fetchmailDeps ${sq_aptOpt:-}
endReturn -o $? "Failed to install fetchmail"
endReturn "Failed to install fetchmail"
exe systemctl stop fetchmail
exe systemctl disable fetchmail
}
@@ -69,7 +69,7 @@ step_4() {
echo " [$toolAdditionsLoc/fetchmail.pl]"
echo " # Change path to fetchmail.conf (see above)"
echo
echo " [I] Run step \"timer\" when configuration is done"
info "Run step \"timer\" when configuration is done"
}
step_6_info() {
@@ -153,16 +153,16 @@ step_18() {
isInstalled=$(grep -E "${latestVersion}" "${PFA_WEB_LOC}/version" >>/dev/null 2>&1 && echo "1" || echo "0")
if [ $isInstalled -eq 1 ] ; then
echo " [I] Version $latestVersion is already installed"
info "Version $latestVersion is already installed"
return 1
else
echo " [I] Update to $latestVersion available"
info "Update to $latestVersion available"
fi
return 0
}
step_20_info() {
step_20_info() {
echo -n "Create a backup"
if [ $sq_config -ne 0 ] ; then
echo " at $PFA_BACKUP"
@@ -189,7 +189,7 @@ step_20() {
fi
local srvBackup="$PFA_BACKUP/${toolName}_`date +%Y%m%d-%H%M%S`.tar.gz"
echo " [I] Backing up server directory to $srvBackup"
info "Backing up server directory to $srvBackup"
exe cd "$tempRoot/.."
exe tar czf "$srvBackup" $(basename "$tempRoot")
@@ -252,12 +252,12 @@ step_22() {
if [ ! -e "$tempExtract" ] ; then
exe mkdir -p "$tempDown"
exe wget -O "$tempLoc" $downUrl
endReturn -o $? "Download failed: $downUrl"
endReturn "Download failed: $downUrl"
exe cd "$tempDown"
exe tar -xf "$tempLoc"
endReturn -o $? "Extract failed: $tempLoc"
endReturn "Extract failed: $tempLoc"
else
echo " [I] Found existing download: $tempExtract"
info "Found existing download: $tempExtract"
fi
# Installation
@@ -266,12 +266,12 @@ step_22() {
if [ -e "$PFA_SRV_LOC" ] ; then
exe mv "$PFA_SRV_LOC" "$tempBu"
step backup "$tempBu"
endReturn -o $? "Backup failed; $PFA_SRV_LOC renamed!"
endReturn "Backup failed; $PFA_SRV_LOC renamed!"
fi
echo " [I] Installing version $latestVersion to $PFA_SRV_LOC"
info "Installing version $latestVersion to $PFA_SRV_LOC"
exe cp -ar "$tempExtract" "$PFA_SRV_LOC"
exe mkdir -p $(dirname "$PFA_WEB_LOC")
echo " [I] Create symlink to $PFA_WEB_LOC"
info "Create symlink to $PFA_WEB_LOC"
exe ln -fs "$PFA_SRV_LOC/public" "$PFA_WEB_LOC"
# Setting file permissions
@@ -280,20 +280,20 @@ step_22() {
# Configuration
local webConf="$tempBu/$toolConfName"
if [ -e "$webConf" ] ; then
echo " [I] Copying configuration"
info "Copying configuration"
exe cp -ar "$webConf" "$PFA_SRV_LOC/"
else
echo " [I] Creating empty configuration file $PFA_SRV_LOC/$toolConfName"
info "Creating empty configuration file $PFA_SRV_LOC/$toolConfName"
exep "echo -e \"# Created by ${seq_origin:?}/$(basename $0)\\n\\n# Changeme\" > \"$PFA_SRV_LOC/$toolConfName\""
fi
# Templates
local templatesLoc="$tempBu/$toolTemplates"
if [ -e "$templatesLoc" ] ; then
echo " [I] Copying $toolTemplates"
info "Copying $toolTemplates"
exe cp -ar "$templatesLoc" "$toolTemplatesLoc"
else
echo " [I] Creating empty directory $toolTemplatesLoc"
info "Creating empty directory $toolTemplatesLoc"
exe mkdir -p "$toolTemplatesLoc"
exe chown -R www-data: "$toolTemplatesLoc"
fi
@@ -309,7 +309,7 @@ step_23() {
exe rm -rf "$tempDown"
}
step_100_info() {
step_100_info() {
echo "Execute $toolName client script"
echoinfo "[OPTIONS] are passed on to $toolName-cli unmodified"
}

10
seqs/postgres.sh
View File

@@ -62,7 +62,7 @@ step_11_info() { echo "Installing $toolName dependencies"; }
step_11_alias() { echo "install"; }
step_11() {
exe apt update
endReturn -o $? "Updating apt repositories failed"
endReturn "Updating apt repositories failed"
exe apt install $toolDeps ${sq_aptOpt}
}
@@ -71,7 +71,7 @@ step_20_alias() { echo "createdb"; }
step_20() {
readDatabaseInfos
exe cd ~postgres
exe cd ~postgres
exe su ${toolUser} -c "psql -c \"CREATE USER ${postgresUser} WITH ENCRYPTED password '${postgresPass}';\""
exe su ${toolUser} -c "psql -c \"CREATE DATABASE ${postgresDb} ENCODING \"UTF8\" LC_COLLATE='C' LC_CTYPE='C' template=template0 OWNER ${postgresUser};\""
exe su ${toolUser} -c "psql -c \"GRANT ALL PRIVILEGES ON DATABASE \"${postgresDb}\" to ${postgresUser};\""
@@ -137,7 +137,7 @@ step_40() {
dbname="$postgresDb"
fi
#if [ ! -s ~/.pgpass ] ; then
# echo " [I] For unattended backup please define ~/.pgpass containing credentials"
# info "For unattended backup please define ~/.pgpass containing credentials"
# echo " e.g. localhost:5432:database:user:pass"
#fi
# -Fc custom format
@@ -150,7 +150,7 @@ step_40() {
step_42_info() { echo "Postgres database restore"; }
step_42_alias() { echo "restoredb"; }
step_42() {
echo " [I] Postgres database restore procedure"
info "Postgres database restore procedure"
echo "1. Create a empty postgres database first (step 4)"
echo "2. psql -h <host> -U <database user> -d <database name> -W -f <sql dump file>"
echo " e.g. psql -h 127.0.0.1 -U synapse -d synapse -W -f 2018-06-07_18-10-56.sql"
@@ -165,7 +165,7 @@ step_42() {
exe su ${toolUser} -c "psql -c '\du'"
}
step_44_info() {
step_44_info() {
local DELYEAR=$(($(date +%Y)-2))
echo "Clean all ${DELYEAR} backups of a database";
}

2
seqs/postgrey.sh
View File

@@ -34,7 +34,7 @@ step_1() {
exe apt install "$toolDeps" $aptOpt
}
step_2_info() {
step_2_info() {
echo "Add cron to update whitelist_clients from"
echoinfo "$updateUrl"
}

10
seqs/pyload.sh
View File

@@ -16,7 +16,7 @@ seq_config() {
fi
interactive || sq_aptOpt="-y"
return 0
}
@@ -41,7 +41,7 @@ step_2() {
exe rm -rf unrar-*
}
step_3_info() {
step_3_info() {
echo "Install dependencies"
echoinfo " [TARGET] (default: raspi)"
echoinfo " raspi: Raspberry Pi OS"
@@ -52,7 +52,7 @@ step_3_alias() { echo "deps"; }
step_3() {
shift
local lDeps="$toolDeps"
case "${1:-}" in
case "${1:-}" in
debian)
lDeps="$toolDepsDebian";;
raspi);;
@@ -76,7 +76,7 @@ step_3() {
step_4_info() { echo "Get $toolName from $toolDownload and create dedicated user"; }
step_4() {
exe git clone -b $toolBranch $toolDownload "$PYL_INSTALL_DIR"
endReturn -o $? "Git clone failed"
endReturn "Git clone failed"
exe adduser --system --home "$PYL_CONFIG_DIR" "$PYL_USER"
}
@@ -121,7 +121,7 @@ step_10() {
exe service $toolName stop
exe cd "$PYL_INSTALL_DIR"
exe git pull
echo " [I] Service is not started automatically"
info "Service is not started automatically"
echo " Do so manually with: service $toolName start"
}

62
seqs/raspberry.sh
View File

@@ -58,7 +58,7 @@ evalArgs() {
for _ in "$@"; do
case "${1:-}" in
-a|--arch)
if [ -n "${2:-}" ]; then
if [ -n "${2:-}" ]; then
PIARCH="$2"
((argCount+=2))
else
@@ -74,7 +74,7 @@ evalArgs() {
return $argCount
}
step_1_info() {
step_1_info() {
# Shift away args
shift; local lArgs=( "$@" ); evalArgs "${lArgs[@]}"; shift $?
@@ -99,7 +99,7 @@ step_1() {
fi
if [ ! -f "$downImgLoc" ] ; then
exe unxz "$downLoc"
endReturn -o $? "Unzip raspios image $PIARCH failed"
endReturn "Unzip raspios image $PIARCH failed"
fi
}
downDay=$(date +%Y%m%d)
@@ -108,13 +108,13 @@ downImgName="raspios_${downDay}.img"
downImgLoc="${downDir}/${downImgName}"
downLoc="${downDir}/${downImgName}.xz"
step_2_info() {
step_2_info() {
# Shift away args
shift; local lArgs=( "$@" ); evalArgs "${lArgs[@]}"; shift $?
echo "Write Raspberry Pi OS image to SD card"
echoinfo "This operation will delete all data previously on the SD card!"
contextExe && [ -n "${1:-}" ] && echoinfo " [SD CARD DEVICE]: $1"
contextExe && [ -n "${1:-}" ] && echoinfo " [SD CARD DEVICE]: $1"
}
step_2_options() { echo "[OPTIONS] [SD CARD DEVICE]"; }
step_2_alias() { echo "writesd"; }
@@ -151,7 +151,7 @@ step_2() {
exe read -p " Press enter to contiue."
}
step_3_info() {
step_3_info() {
# Shift away args
shift; local lArgs=( "$@" ); evalArgs "${lArgs[@]}"; shift $?
@@ -164,7 +164,7 @@ step_3_options() { echo "[SD CARD DEVICE]"; }
step_3() {
# Shift away args
shift; local lArgs=( "$@" ); evalArgs "${lArgs[@]}"; shift $?
if [ -z "${1:-}" ] && [ -n "${SDDEV:-}" ] ; then
if quiet ; then
@@ -186,7 +186,7 @@ step_3() {
fi
read_sd_dev "${1:-}"
endReturn -o $? "SD card device not found"
endReturn "SD card device not found"
if [ ! -w "$SDBOOT" ] ; then
error -e "SD card boot partion not writeable"
@@ -215,7 +215,7 @@ step_3() {
exe cp -ar "$SDROOT"/etc/fstab "$SDROOT"/etc/fstab.sd
}
step_4_info() {
step_4_info() {
# Shift away args
shift; local lArgs=( "$@" ); evalArgs "${lArgs[@]}"; shift $?
@@ -232,13 +232,13 @@ step_4() {
shift; local lArgs=( "$@" ); evalArgs "${lArgs[@]}"; shift $?
read_sd_dev "${1:-}"
endReturn -o $? "SD detection error $?"
endReturn "SD detection error $?"
read_hd_dev "${2:-}"
endReturn -o $? "HD detection error"
echo " [I] SD: $SDDEV"
endReturn "HD detection error"
info "SD: $SDDEV"
echo " $SDBOOT [$SDBOOTPUUID]"
echo " $SDROOT [$SDROOTPUUID]"
echo " [I] HD: $HDDEV"
info "HD: $HDDEV"
echo " $HDROOT [$HDROOTPUUID]"
echo " $HDSWAP [$HDSWAPPUUID]"
echo
@@ -270,7 +270,7 @@ step_4() {
echo
# Resize second partition of SD to max. possible size
echo " [I] Resize root partion of SD: ${SDROOT} "
info "Resize root partion of SD: ${SDROOT} "
step resizesd "$SDDEV"
if [ $? -ne 0 ] ; then
warning -e "Something seems to have failed during resize"
@@ -286,7 +286,7 @@ step_4() {
fi
}
step_5_info() {
step_5_info() {
# Shift away args
shift; local lArgs=( "$@" ); evalArgs "${lArgs[@]}"; shift $?
@@ -306,30 +306,30 @@ step_5() {
error -e "Not ready yet...TODO"
#return 1
read_sd_dev "${1:-}"
endReturn -o $? "SD detection error $?"
endReturn "SD detection error $?"
read_hd_dev "${2:-}"
endReturn -o $? "HD detection error"
echo " [I] SD: $SDDEV"
endReturn "HD detection error"
info "SD: $SDDEV"
echo " $SDBOOT [$SDBOOTPUUID]"
echo " $SDROOT [$SDROOTPUUID]"
echo " [I] HD: $HDDEV"
info "HD: $HDDEV"
echo " $HDROOT [$HDROOTPUUID]"
echo " $HDSWAP [$HDSWAPPUUID]"
echo
# TODO how to partition HD
echo " [I] $HDDEV is expected to be partitioned with root and swap"
info "$HDDEV is expected to be partitioned with root and swap"
echo " TODO create a step for partitioning script support?!"
echo
# Initial rsync of system to HD
echo " [I] Clone SD root to HD root:"
info "Clone SD root to HD root:"
echo " rsync -avxHAX --numeric-ids --info=stats2 $SDROOT/ $HDROOT/"
echo
# Modify fstab on HD for root and swap on HD
echo " [I] modify $HDROOT/etc/fstab"
info "modify $HDROOT/etc/fstab"
echo " PARTUUID=$SDBOOTPUUID /boot vfat ro,defaults 0 2"
echo " PARTUUID=$SDROOTPUUID /backup ext4 ro,defaults,noatime 0 2"
echo " PARTUUID=$HDROOTPUUID / ext4 defaults,noatime 0 1"
@@ -337,7 +337,7 @@ step_5() {
echo
# etc
echo " [I] modify $HDROOT/etc/dhcpcd.conf for static IPs"
info "modify $HDROOT/etc/dhcpcd.conf for static IPs"
}
read_sd_dev() {
@@ -356,7 +356,7 @@ read_sd_dev() {
SDROOTDEV=
SDBOOTPUUID=
SDROOTPUUID=
echo " [I] Available devices:"
info "Available devices:"
echo
exe lsblk -p
echo
@@ -371,7 +371,7 @@ read_sd_dev() {
if [[ "$SDDEV" =~ .*blk.* ]] ; then
partExt="p"
fi
fi
if [ -z $SDBOOT ] ; then
SDBOOT=$(findmnt -no TARGET "${SDDEV}${partExt}${SDBOOTPARTNO}")
@@ -403,7 +403,7 @@ read_hd_dev() {
HDROOT=
HDROOTPUUID=
HDSWAPPUUID=
echo " [I] Available devices:"
info "Available devices:"
echo
exe lsblk -p
echo
@@ -462,7 +462,7 @@ step_22() {
error -e "No SD found"
return 1
fi
echo " [I] Device to be resized: $SDROOTDEV"
info "Device to be resized: $SDROOTDEV"
exe umount -q "$SDROOT"
exe parted -s "$SDDEV" "resizepart $SDROOTPARTNO -1" quit
@@ -493,7 +493,7 @@ step_24() {
if [ ! -z "$2" ] && [ "$2" == "-p" ] ; then
exep "grep \"$ledPowerBright\" $startScript >>/dev/null"
if [ $? -eq 0 ] ; then
echo " [I] Power LED brightness already used. Please check $startScript manually for:"
info "Power LED brightness already used. Please check $startScript manually for:"
echo " $ledOffCmd"
return 1
fi
@@ -564,7 +564,7 @@ step_34() {
exe $tvserviceOffCmd
exep "grep \"$tvserviceBin\" $startScript >>/dev/null"
if [ $? -eq 0 ] ; then
echo " [I] Tvservice already used. Please check $startScript manually for:"
info "Tvservice already used. Please check $startScript manually for:"
echo " $tvserviceOffCmd"
return 1
fi
@@ -584,7 +584,7 @@ checkBootConfig() {
local re_check="^[[:blank:]]*[^#]*${1}[[:blank:]]*=[[:blank:]]*$2"
grep -rqE "$re_check" "$RPI_BOOT_CONFIG"
return $?
return $?
}
step_100_alias() { echo "notes"; }
@@ -619,7 +619,7 @@ step_100() {
* Configure vim to remember last position in a file
Uncomment the following in [/etc/vim/vimrc]
Uncomment the following in [/etc/vim/vimrc]
> \`au BufReadPost ...\`
NOTES_EOF

36
seqs/redis.sh
View File

@@ -1,34 +1,26 @@
#!/bin/bash
toolName=redis
toolDeps=redis-server
# Get script working directory
# (when called from a different directory)
WDIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" >>/dev/null 2>&1 && pwd)"
CONFIG=0
SCRIPT_NAME=$(basename -- $0)
SCRIPT_NAME=${SCRIPT_NAME%%.*}
CONFIG_FILE_NAME="${SCRIPT_NAME}.cfg"
CONFIG_FILE_TEMPLATE="$WDIR/${CONFIG_FILE_NAME}.example"
readonly toolName=redis
readonly toolDeps=redis-server
sq_aptOpt=
seq_config() {
initSeqConfig "$CONFIG_FILE_NAME" "$CONFIG_FILE_TEMPLATE"
if [ $? -eq 0 ] ; then
CONFIG=1
if ! initSeqConfig "${seq_configName:?}" "${seq_configTemplate:?}" ; then
# End if no configuration file exists
dry || return 1
fi
## Apt cmdline option to suppress user interaction
interactive || sq_aptOpt="-y"
return 0
}
step_1_info() { echo "Install $toolName"; }
step_1_alias() { echo "install"; }
step_1() {
local aptOpt=
if quiet;then
aptOpt="-y"
fi
exe apt update
exe apt install $toolDeps $aptOpt
exe apt install $toolDeps $sq_aptOpt
}
step_2_info() { echo "Installation notes"; }
@@ -64,7 +56,7 @@ requirepass verystrongpassword
NOTES_EOF
}
step_10_info() {
step_10_info() {
echo "Execute redis-cli commands"
echoinfo " [CLI COMMAND]"
echoinfo " e.g. info"
@@ -82,5 +74,7 @@ step_10() {
fi
}
# shellcheck disable=SC2034 # Appears unused
readonly sqr_minVersion=16
# shellcheck disable=SC1091 # Don't follow this source
. /usr/local/bin/sequencer.sh

24
seqs/roundcube.sh
View File

@@ -20,7 +20,7 @@ seq_config() {
# End if no configuration file exists
dry || return 1
fi
# Apt cmdline option to suppress user interaction
interactive || sq_aptOpt="-y"
@@ -66,7 +66,7 @@ step_2() {
step_3_info() { echo "Configure $toolName"; }
step_3_alias() { echo "config"; }
step_3() {
echo " [I] Recommended composer packages to be added to \"require\" section:"
info "Recommended composer packages to be added to \"require\" section:"
echo ' "alexandregz/twofactor_gauthenticator": "dev-master",'
echo ' "johndoh/contextmenu": "*",'
echo ' "kitist/html5_notifier": "*",'
@@ -76,12 +76,12 @@ step_3() {
exe vi "$RC_LOC/composer.json"
step postupgrade
echo " [I] Generating mysql database $RC_DATABASE"
info "Generating mysql database $RC_DATABASE"
echo
exe ${seq_origin:?}/mysql.sh createdb -c utf8mb4
echo
echo " [I] Now visit: http://url-to-roundcube/installer/"
info "Now visit: http://url-to-roundcube/installer/"
echo
echo " ! Check the database password in $RC_LOC/config/config.inc.php"
echo " afterwards, the installer may have corrupted some special character"
@@ -132,7 +132,7 @@ I also installed 'php-pear' since one error indicated connection to it.
TROUBLE_END
}
step_20_info() {
step_20_info() {
echo -n "Create a backup"
if (( ${sq_config} )) ; then
echo " at $RC_BACKUP"
@@ -151,7 +151,7 @@ step_20() {
fi
exe ${seq_origin:?}/mysql.sh -qq backup "$RC_DATABASE" "$RC_BACKUP"
local wwwBackup="$RC_BACKUP/${toolName}_www_`date +%Y%m%d-%H%M%S`.tar.gz"
echo " [I] Backing up webserver directory to $wwwBackup"
info "Backing up webserver directory to $wwwBackup"
exe cd "$RC_LOC/.."
exe tar czf "$wwwBackup" $(basename "$RC_LOC")
}
@@ -195,16 +195,16 @@ step_22() {
downloadLatest
step backup
echo " [I] Installing version $latestVersion to $RC_LOC"
info "Installing version $latestVersion to $RC_LOC"
exe "$tempInstall" "$RC_LOC"
echo " [I] Make sure to check composer.json-dist file for upstream changes"
info "Make sure to check composer.json-dist file for upstream changes"
}
step_23_info() { echo "Post upgrade procedure"; }
step_23_alias() { echo "postupgrade"; }
step_23() {
exe cd "$RC_LOC"
echo " [I] Starting post update procedure"
info "Starting post update procedure"
exe php composer.phar update --no-dev
}
@@ -233,12 +233,12 @@ downloadLatest() {
if [ ! -e "$tempExtract" ] ; then
exe mkdir -p "$tempDown"
exe wget -O "$tempLoc" $downUrl
endReturn -o $? "Download failed: $downUrl"
endReturn "Download failed: $downUrl"
exe cd "$tempDown"
exe tar -xf "$tempLoc"
endReturn -o $? "Extract failed: $tempLoc"
endReturn "Extract failed: $tempLoc"
else
echo " [I] Found existing download: $tempExtract"
info "Found existing download: $tempExtract"
fi
}
tempDown="/tmp/roundcube"

6
seqs/rspamd.sh
View File

@@ -259,10 +259,10 @@ step_60() {
exe ./setVersion.sh "${version}" # check for latest tag
confirm -f -y -n "remove arm64 from ENABLE_LUAJIT ifneq"
exe editor debian/rules
exe editor debian/rules
confirm -f -y -n "enable WANT_SYSTEMD_UNITS, disable ENABLE_LUAJIT"
exe editor CMakeLists.txt
exe mkdir -p "${buildDir}"
exe cd "${buildDir}"
exe cmake "${cloneDir}" -DENABLE_HYPERSCAN=OFF
@@ -320,7 +320,7 @@ step_65() {
info "Building version ${version} in ${buildDir}"
exe mkdir -p "${buildHome}"
exe cd "${buildHome}"
exe git clone --recursive "${toolGit}"
exe git clone --recursive "${toolGit}"
info "Checkout version ${version}"
exe cd "${cloneDir}"
exe git checkout tags/${version} # check for latest tag

33
seqs/rsyslog.sh
View File

@@ -5,16 +5,13 @@
# source:
# - https://selivan.github.io/2017/02/07/rsyslog-log-forward-save-filename-handle-multi-line-failover.html
toolName="rsyslog"
toolConfig="/etc/rsyslog.conf"
readonly toolName="rsyslog"
readonly toolConfig="/etc/rsyslog.conf"
# Get script working directory
# (when called from a different directory)
WDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >>/dev/null 2>&1 && pwd )"
CONFIG_SNMP="$WDIR/${toolName}/10-snmp.conf"
CONFIG_CRON="$WDIR/${toolName}/10-cron.conf"
CONFIG_RNGD="$WDIR/${toolName}/10-rngd.conf"
CONFIG_REMOTE="$WDIR/${toolName}/90-remote.conf"
CONFIG_SNMP="${seq_origin}/${toolName}/10-snmp.conf"
CONFIG_CRON="${seq_origin}/${toolName}/10-cron.conf"
CONFIG_RNGD="${seq_origin}/${toolName}/10-rngd.conf"
CONFIG_REMOTE="${seq_origin}/${toolName}/90-remote.conf"
step_1_info() { echo "Install $toolName"; }
step_1_alias() { echo "install"; }
@@ -27,14 +24,14 @@ step_2_info() { echo "Check configuration"; }
step_2_alias() { echo "checkconf"; }
step_2() {
exe rsyslogd -N 1 -f "$toolConfig"
endReturn -o $? "Invalid $toolName configuration"
endReturn "Invalid $toolName configuration"
}
step_10_info() { echo "Reduce snmpd syslog messages"; }
step_10_alias() { echo "snmpd"; }
step_10() {
addConf -s -f "$CONFIG_SNMP" "$CONFIG_SNMP_DEST"
endReturn -o $?
endReturn
step checkconf
exe service rsyslog restart
@@ -45,7 +42,7 @@ step_12_info() { echo "Reduce cron syslog messages"; }
step_12_alias() { echo "cron"; }
step_12() {
addConf -s -f "$CONFIG_CRON" "$CONFIG_CRON_DEST"
endReturn -o $?
endReturn
step checkconf
exe service rsyslog restart
@@ -56,7 +53,7 @@ step_14_info() { echo "Reduce rngd syslog messages"; }
step_14_alias() { echo "rngd"; }
step_14() {
addConf -s -f "$CONFIG_RNGD" "$CONFIG_RNGD_DEST"
endReturn -o $?
endReturn
step checkconf
exe service rsyslog restart
@@ -69,17 +66,17 @@ step_16_alias() { echo "remote"; }
step_16() {
local rex='^[0-9\.]+\:[0-9]+$'
local remoteHost=""
# Check if string is a ipv4 address and port
# Check if string is a ipv4 address and port
if [[ "$2" =~ $rex ]] ; then
remoteHost=$2
else
error -e "No valid IP:PORT detected: $2"
return 1
fi
fi
addConf -s -f "$CONFIG_REMOTE" "$CONFIG_REMOTE_DEST"
endReturn -o $? "Custom remote host $remoteHost not applied to destination or check ${sqr_missingConf:-}"
endReturn "Custom remote host $remoteHost not applied to destination or check ${sqr_missingConf:-}"
exe sed -i "s/12\.34\.56\.78\:514/${remoteHost}/" "$CONFIG_REMOTE_DEST"
endReturn -o $? "Couldn't apply $remoteHost to $CONFIG_REMOTE_DEST"
endReturn "Couldn't apply $remoteHost to $CONFIG_REMOTE_DEST"
step checkconf
exe service rsyslog restart
@@ -104,5 +101,7 @@ step_30() {
SERVER_EOF
}
# shellcheck disable=SC2034 # Appears unused
readonly sqr_minVersion=16
# shellcheck disable=SC1091 # Don't follow this source
. /usr/local/bin/sequencer.sh

54
seqs/snmp.sh
View File

@@ -25,10 +25,10 @@ step_1() {
else
exe apt install $toolName
fi
endReturn -o $? "$toolName installation failed"
endReturn "$toolName installation failed"
}
step_2_info() {
step_2_info() {
echo "Setup snmp v3 access"
echoinfo " -s : Stop after creating authentication entry"
}
@@ -50,9 +50,9 @@ step_2() {
*)
info
info "Installation aborted"
return 1;
return 1;
;;
esac
esac
fi
read -p "SNMPv3 Username: " v3User
@@ -70,7 +70,7 @@ step_2() {
# this line will be replaced on start of snmpd with a line starting with:
# usmUser
v3AuthEntry="createUser ${v3User} SHA \"${v3Pass}\" DES"
v3AuthEntry="createUser ${v3User} SHA \"${v3Pass}\" DES"
addConf -a "$v3AuthEntry" "$v3AuthLoc"
shift
@@ -113,7 +113,7 @@ step_5() {
[ -n "${1:-}" ] && lInterface="$1"
# Check if interface exists
ip -br a | grep -E "^$lInterface" >>/dev/null 2>&1
endReturn -o $? "Interface $lInterface does not exist"
endReturn "Interface $lInterface does not exist"
exe ufw allow in on $lInterface to any port 161 proto udp comment "snmp"
}
@@ -127,7 +127,7 @@ step_20() {
fi
exe wget https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/raspberry.sh -O "${rpiExtendLoc}"
endReturn -o $? "Download failed"
endReturn "Download failed"
exe chmod +x "$rpiExtendLoc"
addConf -a "extend raspberry /etc/snmp/raspberry.sh" "$toolConfig"
@@ -146,13 +146,13 @@ rpiSudoersContent="${toolSysUser} ALL=(ALL) NOPASSWD: /etc/snmp/raspberry.sh, /u
step_22_info() { echo "Extend $toolName with OS update availablity"; }
step_22_alias() { echo "osupdate"; }
step_22() {
checkExtend osupdate
checkExtend osupdate
if [ "$?" != "0" ]; then
return 1
fi
exe wget https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/osupdate -O "${osUpdateExtendLoc}"
endReturn -o $? "Download failed"
endReturn "Download failed"
exe chmod +x "$osUpdateExtendLoc"
addConf -a "extend osupdate $osUpdateExtendLoc" "$toolConfig"
@@ -184,7 +184,7 @@ step_25() {
exe bash -i
info "Interactive shell ended. Continuing with $0."
exe nginx -t
endReturn -o $? "Nginx configuration error"
endReturn "Nginx configuration error"
exe service nginx restart
;;
@@ -211,7 +211,7 @@ step_26_alias() { echo "phpfpm_config"; }
step_26() {
exe sed -i "s/^;\(pm\.status_path\)/\1/" "$phpPoolConfigLoc"
exe php-fpm${phpVersionStr} -t
endReturn -o $? "Invalid php configuration"
endReturn "Invalid php configuration"
service php${phpVersionStr}-fpm restart
}
@@ -227,7 +227,7 @@ step_27() {
fi
exe wget https://github.com/librenms/librenms-agent/raw/master/snmp/phpfpmsp -O "${phpfpmExtendLoc}"
endReturn -o $? "Download failed"
endReturn "Download failed"
exe chmod +x "$phpfpmExtendLoc"
addConf -a "extend phpfpmsp ${phpfpmExtendLoc}" "$toolConfig"
@@ -253,7 +253,7 @@ step_29() {
exe bash -i
info "Interactive shell ended. Continuing with $0."
exe nginx -t
endReturn -o $? "Nginx configuration error"
endReturn "Nginx configuration error"
exe service nginx restart
;;
@@ -279,7 +279,7 @@ step_30() {
fi
exe wget https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/nginx -O "${nginxExtendLoc}"
endReturn -o $? "Download failed"
endReturn "Download failed"
exe chmod +x "$nginxExtendLoc"
addConf -a "extend nginx ${nginxExtendLoc}" "$toolConfig"
@@ -293,9 +293,9 @@ step_32_info() { echo "Extend for postfix detailed and queue"; }
step_32_alias() { echo "postfix"; }
step_32() {
exe wget https://github.com/librenms/librenms-agent/raw/master/snmp/postfix-queues -O "${postfixQueuesExtendLoc}"
endReturn -o $? "Download postfix-queues failed"
endReturn "Download postfix-queues failed"
exe wget https://github.com/librenms/librenms-agent/raw/master/snmp/postfixdetailed -O "${postfixScript}"
endReturn -o $? "Download postfixdetailed failed"
endReturn "Download postfixdetailed failed"
exe chmod +x "${postfixQueuesExtendLoc}"
exe chmod +x "${postfixScript}"
@@ -352,7 +352,7 @@ step_37_info() { echo "Extend for fail2ban jail information"; }
step_37_alias() { echo "fail2ban"; }
step_37(){
exe wget https://github.com/librenms/librenms-agent/raw/master/snmp/fail2ban -O "${fail2banExtendLoc}"
endReturn -o $? "Download postfix failed"
endReturn "Download postfix failed"
exe chmod +x "$fail2banExtendLoc"
@@ -384,7 +384,7 @@ step_40() {
fi
exe wget https://raw.githubusercontent.com/librenms/librenms-agent/master/snmp/distro -O "${distroExtendLoc}"
endReturn -o $? "Download distro detection script failed"
endReturn "Download distro detection script failed"
exe chmod +x "$distroExtendLoc"
info "Create distro extend"
@@ -395,7 +395,7 @@ step_40() {
distroExtendLoc="${toolConfigLoc}/distro"
step_42_info() {
step_42_info() {
echo "Gather dhcp information from a dhcpd lease file"
echoinfo "pi-hole lease file not supported"
}
@@ -409,10 +409,10 @@ step_42() {
[ $? -ne 0 ] && return 0
exe apt install dhcpd-pools ${sq_aptOpt}
endReturn -o $? "Install dhcpd-pools failed"
endReturn "Install dhcpd-pools failed"
exe wget $locExtUrl -O "${locExtLoc}"
endReturn -o $? "Download $locExtName script failed"
endReturn "Download $locExtName script failed"
exe chmod +x "$locExtLoc"
info "Create extend for $locExtName"
@@ -421,7 +421,7 @@ step_42() {
info "Create config for $locExtName"
addConf -s "$dhcpExtendConfig" "$dhcpExtendConfigLoc"
echo " [W] Adapt config $dhcpExtendConfigLoc manually and restart snmpd"
warning "Adapt config $dhcpExtendConfigLoc manually and restart snmpd"
}
dhcpExtendConfigLoc="${toolConfigLoc}/dhcp.json"
dhcpExtendConfig="{\"leasefile\": \"/var/lib/dhcp/dhcpd.leases\"
@@ -438,7 +438,7 @@ step_44() {
[ $? -ne 0 ] && return 0
exe wget $locExtUrl -O "${locExtLoc}"
endReturn -o $? "Download $locExtName script failed"
endReturn "Download $locExtName script failed"
exe chmod +x "$locExtLoc"
info "Create extend for $locExtName"
@@ -483,7 +483,7 @@ step_46() {
exe apt install $piholeDeps ${sq_aptOpt}
exe wget $locExtUrl -O "${locExtLoc}"
endReturn -o $? "Download $locExtName script failed"
endReturn "Download $locExtName script failed"
exe chmod +x "$locExtLoc"
info "Create extend for $locExtName"
@@ -493,7 +493,7 @@ step_46() {
color red
echo -e " [W] Check the following in the extend script and restart snmpd:\n"
else
echo " [I] Check the follwing in the extend script:"
info "Check the follwing in the extend script:"
fi
echo "(API_AUTH_KEY) Add your pi-hole API key"
echo " (API_URL) and check the API URL"
@@ -562,9 +562,9 @@ checkExtend() {
exep "cat \"$toolConfig\" | grep -e '^\s*extend\s\+${1}' >>/dev/null 2>&1"
# Only warn if entry exists and dry-run is not seleted
if [ $? -eq 0 ] && ! dry ; then
if [ $? -eq 0 ] && ! dry ; then
return 1
fi
fi
return 0
}

2
seqs/snmpd.conf
View File

@@ -46,7 +46,7 @@ trapsink localhost public
# Event MIB - automatically generate alerts
# Remember to activate the 'createUser' lines above
iquerySecName internalUser
iquerySecName internalUser
rouser internalUser
# AgentX Sub-agents

4
seqs/spamass.sh
View File

@@ -22,7 +22,7 @@ CONFIG_FILE_TEMPLATE="$WDIR/${CONFIG_FILE_NAME}.example"
# #fi
#}
step_1_info() {
step_1_info() {
echo "Install packages: $toolDeps"
echoinfo "May take a long time"
}
@@ -34,7 +34,7 @@ step_1() {
fi
exe apt update
exe apt install $toolDeps $aptOpt
}
}
step_20_info() { echo "List spam/ham counts"; }
step_20_alias() { echo "list"; }

8
seqs/ssh.sh
View File

@@ -20,7 +20,7 @@ step_3_alias() { echo "create"; }
step_3() {
exep "ssh-keygen -l -f $toolIdentity 2>>/dev/null"
if [ $? -eq 0 ]; then
echo " [I] Using key found at $toolIdentity."
info "Using key found at $toolIdentity."
return 0
fi
exe ssh-keygen -b 4096 -t rsa -C "$(hostname)" -N "" -f $(realpath $toolIdentity)
@@ -70,7 +70,7 @@ step_5() {
exe ssh-copy-id -p ${sshPort} ${sshOption} ${sshHost}
}
step_10_info() {
step_10_info() {
echo "Send command(ssh)/file(scp) list to remote(s)"
echoinfo "[USER:HOST] and [PORT] are overwritten by \"host\" command from <CMDLIST>"
}
@@ -105,7 +105,7 @@ step_10() {
# STRING2 h - port
# f - destination file path
# c - not used
#
#
# OPTIONS h - not used
# f - Options passed to scp
# c - not used
@@ -160,7 +160,7 @@ parseList() {
if [ -z "$aHost" ]; then
errorMsg="No host found"
saveReturn 1
else
else
exe scp $lopt -P $aPort $lsrc ${aHost}:$ldst
saveReturn $?
errorMsg="scp to $aHost failed with $?"

8
seqs/synapse-admin.sh
View File

@@ -40,7 +40,7 @@ step_1_info() { echo "Status"; }
step_1_alias() { echo "status"; }
step_1() {
getVersions
if [[ -z "${versionNow}" ]] ; then
if [[ -z "${versionNow}" ]] ; then
info "Version ${versionNew} available to install"
elif [[ ${versionNew} == ${versionNow} ]] ; then
color green
@@ -57,7 +57,7 @@ step_10() {
local loBackup="${sc_synadmLoc}.bu"
local loTemp="/tmp/${toolName}.tar.gz"
# get download URL
# get download URL
getVersions
if [[ -e "${sc_synadmLoc}" ]]; then
@@ -69,7 +69,7 @@ step_10() {
exe mv "${loBackup}" "${sc_synadmLoc}" 2>/dev/null
else
exe tar -xf "${loTemp}" -C "$(dirname -- "${sc_synadmLoc}")"
endReturn -o $? "Extraction failed"
endReturn "Extraction failed"
exe mv "$(dirname -- "${sc_synadmLoc}")/${toolName}-${versionNew}" "${sc_synadmLoc}"
exe chown -R root: "${sc_synadmLoc}"
info "Downloaded to ${sc_synadmLoc}"
@@ -90,7 +90,7 @@ server {
server_name _;
access_log /var/log/nginx/synapse_admin_access.log;
error_log /var/log/nginx/synapse_admin_error.log;
error_log /var/log/nginx/synapse_admin_error.log;
include /etc/nginx/ssl.conf;
error_page 497 https://\$host:\$server_port\$request_uri;

4
seqs/torrentwatch.sh
View File

@@ -127,11 +127,11 @@ step_30() {
return 1
fi
echo " [I] Upgrading data"
info "Upgrading data"
exe mv "$toolConfigLoc/lib" "$toolConfigLoc/lib_bu"
exe cp -ar "$gitLibLoc/lib" "$toolConfigLoc/"
echo " [I] Upgrading html"
info "Upgrading html"
exe mv "$toolHtmlLoc" "${toolHtmlLoc}_bu"
exe cp -ar "$gitHtmlLoc" "$toolHtmlLoc"
exe cp -arL "$toolBackupLoc/config.php" "$toolHtmlLoc"

2
seqs/tvheadend.sh
View File

@@ -16,7 +16,7 @@ step_1() {
echo -n "Downloading tvheadend repository key ... "
exe wget -qO- https://doozer.io/keys/tvheadend/tvheadend/pgp | sudo apt-key add -
endReturn -o $? "Download of repository key failed"
endReturn "Download of repository key failed"
addConf -c "$sourceEntry" "$sourceList"
}

2
seqs/ufw.sh
View File

@@ -69,7 +69,7 @@ step_23() {
}
step_26_info() {
echo "Allow cifs mounts on eth0"
echo "Allow cifs mounts on eth0"
echoinfo " [PORT] (default 445)"
echoinfo " 139 : Cifs version 1.0"
echoinfo " 445 : Cifs version 2.0+"

4
seqs/vim.sh
View File

@@ -44,13 +44,13 @@ step_3() {
local ecUrl='https://github.com/editorconfig/editorconfig-vim.git'
if [ ! -e "$ecDir" ]; then
info "Installing editorconfig plugin"
exe mkdir -p "$ecDir"
exe mkdir -p "$ecDir"
exe cd "$ecDir"
exe git clone "$ecUrl"
else
info "Upgrading editorconfig plugin"
exe cd "$ecDir"
exe git pull
exe git pull
fi
}

14
seqs/webserverUbuntu.sh
View File

@@ -6,7 +6,7 @@ phpVersion="7.3"
phpName="php$phpVersion"
phpPackages="${phpName}-fpm ${phpName}-json ${phpName}-mysql ${phpName}-curl ${phpName}-intl ${phpName}-gd ${phpName}-zip ${phpName}-xml ${phpName}-mbstring php-imagick php-apcu"
step_1_info() {
step_1_info() {
echo "Installation of $serverName packages:"
echoinfo "$serverPackages"
}
@@ -14,7 +14,7 @@ step_1_alias() { echo "install"; }
step_1() {
exe apt update
exe apt install $serverPackages
endReturn -o $? "Server package installation error"
endReturn "Server package installation error"
}
step_2_info() { echo "Basic nginx configuration for initial letsencrypt certificate creation"; }
@@ -31,12 +31,12 @@ step_2() {
exe apt install nginx
fi
# create webroot
# create webroot
exe mkdir -p "$siteLetsencryptWww"
echo -n " [I] Restarting Nginx ... "
exe service nginx restart && echo "ok"
endReturn -o $? "Nginx error during startup"
endReturn "Nginx error during startup"
}
snippetLetsencryptLoc="/etc/nginx/snippets/letsencrypt.conf"
siteLetsencryptWww="/var/www/letsencrypt"
@@ -49,7 +49,7 @@ siteDefaultLoc="/etc/nginx/sites-available/default"
siteDefaultIp4="server {
listen 80 default_server;
include ${snippetLetsencryptLoc};
include ${snippetLetsencryptLoc};
}"
step_3_info() {
@@ -58,7 +58,7 @@ step_3_info() {
}
step_3() {
exe apt install $phpPackages
endReturn -o $? "$phpName error during startup"
endReturn "$phpName error during startup"
}
phpFpmConfigLocation="/etc/php/${phpVersion}/fpm/conf.d/90-custom_pi.ini"
phpFpmConfig="\
@@ -88,7 +88,7 @@ step_4() {
echo -n "Restarting ${phpName} ..."
exe service ${phpName}-fpm restart
endReturn -o $? "$phpName error during restart"
endReturn "$phpName error during restart"
echo "ok"
}

4
seqs/whoogle.sh
View File

@@ -40,7 +40,7 @@ step_20() {
exe apt-get install "${toolDeps[@]}" ${sq_aptOpt}
info "Installing ${toolName} from ${sq_gitUrl}"
exe git clone "${sq_gitUrl}" "${sc_whoogleDir:?}"
endReturn -o $? "Cloning ${toolName} failed"
endReturn "Cloning ${toolName} failed"
exe cd "${sc_whoogleDir:?}"
exe python3 -m venv venv
@@ -84,7 +84,7 @@ step_30_info() { echo "Upgrade installation using git"; }
step_30_alias() { echo "upgrade"; }
step_30() {
exe cd "${sc_whoogleDir:?}"
endReturn -o $? "${toolName} doesn't seam to be installed"
endReturn "${toolName} doesn't seam to be installed"
exe service "${toolName}" stop
exe git pull
}

41
seqs/wireguard.sh
View File

@@ -1,33 +1,14 @@
#!/bin/bash
toolName=wireguard
toolBin=wg
toolDefaultConf=wg0
toolService=wg-quick@$toolDefaultConf
# Get script working directory
# (when called from a different directory)
WDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >>/dev/null 2>&1 && pwd )"
CONFIG=0
CONFIG_FILE_NAME="${toolName}.cfg"
CONFIG_FILE_TEMPLATE="$WDIR/${CONFIG_FILE_NAME}.example"
#step_config() {
#echo "Called once before executing steps."
## e.g. to source a config file manually:
#. "$CONFIG_FILE"
## or to use sequencer api:
#initSeqConfig "$CONFIG_FILE_NAME" "$CONFIG_FILE_TEMPLATE"
#if [ $? -eq 0 ] ; then
# CONFIG=1
#fi
#}
readonly toolName=wireguard
readonly toolDefaultConf=wg0
readonly toolService=wg-quick@$toolDefaultConf
step_1_info() { echo "Prepare installation of $toolName"; }
step_1_alias() { echo "install"; }
step_1_alias() { echo "setup"; }
step_1() {
exe apt install raspberrypi-kernel-headers
endReturn -o $? "Installation of kernel headers failed"
endReturn "Installation of kernel headers failed"
addConf -s "deb http://deb.debian.org/debian/ unstable main" "/etc/apt/sources.list.d/unstable.list"
exep "wget -O - https://ftp-master.debian.org/keys/archive-key-$(lsb_release -sr).asc | sudo apt-key add -"
addConf -s "$pinEntry" "/etc/apt/preferences.d/limit-unstable"
@@ -38,6 +19,7 @@ Pin: release a=unstable
Pin-Priority: 150"
step_2_info() { echo "Installing $toolName"; }
step_2_alias() { echo "install"; }
step_2() {
local aptOpt=""
if quiet ; then
@@ -46,7 +28,7 @@ step_2() {
exe apt install $toolName $aptOpt
}
step_3_info() {
step_3_info() {
echo "Enable ipv4 forwarding to allow local access via VPN"
echoinfo "(may be skipped)"
}
@@ -82,12 +64,7 @@ step_14() {
}
defaultConfLoc="/etc/$toolName/$toolDefaultConf.conf"
step_20_info() { echo "Usage notes"; }
step_20() {
echo " [I] Some usage Notes"
}
# shellcheck disable=SC2034 # Appears unused
readonly sqr_minVersion=16
# shellcheck disable=SC1091 # Don't follow this source
. /usr/local/bin/sequencer.sh