summaryrefslogtreecommitdiffstats
path: root/installer/opengnsys_update.sh
diff options
context:
space:
mode:
Diffstat (limited to 'installer/opengnsys_update.sh')
-rwxr-xr-xinstaller/opengnsys_update.sh100
1 files changed, 76 insertions, 24 deletions
diff --git a/installer/opengnsys_update.sh b/installer/opengnsys_update.sh
index 1182b6eb..68978b3d 100755
--- a/installer/opengnsys_update.sh
+++ b/installer/opengnsys_update.sh
@@ -118,7 +118,9 @@ function autoConfigure()
# Configuración según la distribución de Linux.
if [ -f /etc/debian_version ]; then
# Distribución basada en paquetes Deb.
- DEPENDENCIES=( curl rsync btrfs-tools procps arp-scan realpath php-curl gettext moreutils jq wakeonlan udpcast shim-signed grub-efi-amd64-signed php-fpm python-pip )
+ DEPENDENCIES=( curl rsync btrfs-tools procps arp-scan realpath php-curl gettext moreutils jq wakeonlan udpcast libev-dev libjansson-dev shim-signed grub-efi-amd64-signed php-fpm python-pip )
+ # Paquete correcto para realpath.
+ [ -z "$(apt-cache pkgnames realpath)" ] && DEPENDENCIES=( ${DEPENDENCIES[@]//realpath/coreutils} )
UPDATEPKGLIST="add-apt-repository -y ppa:ondrej/php; apt-get update"
INSTALLPKGS="apt-get -y install"
DELETEPKGS="apt-get -y purge"
@@ -141,7 +143,7 @@ function autoConfigure()
INETDCFGDIR=/etc/xinetd.d
elif [ -f /etc/redhat-release ]; then
# Distribución basada en paquetes rpm.
- DEPENDENCIES=( curl rsync btrfs-progs procps-ng arp-scan gettext moreutils jq net-tools udpcast shim-x64 grub2-efi-x64 grub2-efi-x64-modules python-pip )
+ DEPENDENCIES=( curl rsync btrfs-progs procps-ng arp-scan gettext moreutils jq net-tools udpcast libev-devel shim-x64 grub2-efi-x64 grub2-efi-x64-modules python-pip )
# Repositorios para PHP 7 en CentOS.
[ "$OSDISTRIB" == "centos" ] && UPDATEPKGLIST="yum update -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-$OSVERSION.noarch.rpm http://rpms.remirepo.net/enterprise/remi-release-$OSVERSION.rpm"
INSTALLPKGS="yum install -y"
@@ -167,7 +169,7 @@ function autoConfigure()
:
fi
for service in apache2 httpd; do
- [ -d /etc/$service ] && APACHECFGDIR="/etc/$service"
+ [ -d "/etc/$service" ] && APACHECFGDIR="/etc/$service"
if $SERVICESTATUS &>/dev/null; then APACHESERV="$service"; fi
done
for service in dhcpd dhcpd3-server isc-dhcp-server; do
@@ -300,7 +302,6 @@ function importSqlFile()
local mycnf=/tmp/.my.cnf.$$
local status
local APIKEY=$(php -r 'echo md5(uniqid(rand(), true));')
- REPOKEY=$(php -r 'echo md5(uniqid(rand(), true));')
if [ ! -r $sqlfile ]; then
errorAndLog "${FUNCNAME}(): Unable to read $sqlfile!!"
@@ -430,7 +431,10 @@ function downloadCode()
echoAndLog "${FUNCNAME}(): downloading code..."
- curl "${url}" -o opengnsys.zip && unzip opengnsys.zip && mv "OpenGnsys-$BRANCH" opengnsys
+ curl "$url" -o opengnsys.zip && \
+ unzip -qo opengnsys.zip && \
+ rm -fr opengnsys && \
+ mv "OpenGnsys-$BRANCH" opengnsys
if [ $? -ne 0 ]; then
errorAndLog "${FUNCNAME}(): error getting code from ${url}, verify your user and password"
return 1
@@ -470,7 +474,7 @@ function checkVersion()
if [ $REMOTE -eq 1 ]; then
NEWVERSION=$(curl -s $RAW_URL/doc/VERSION.json 2>/dev/null | jq -r '.version')
else
- NEWVERSION=$(jq -r '.version' $PROGRAMDIR/doc/VERSION.json 2>/dev/null)
+ NEWVERSION=$(jq -r '.version' $PROGRAMDIR/../doc/VERSION.json 2>/dev/null)
fi
[[ "$NEWVERSION" =~ pre ]] && PRE=1
@@ -494,7 +498,7 @@ function getNetworkSettings()
SERVERIP="$ServidorAdm"
DEVICES="$(ip -o link show up | awk '!/loopback/ {sub(/:.*/,"",$2); print $2}')"
for dev in $DEVICES; do
- [ -z "$SERVERIP" ] && SERVERIP=$(ip -o addr show dev $dev | awk '$3~/inet$/ {sub (/\/.*/, ""); print ($4)}')
+ [ -z "$SERVERIP" ] && SERVERIP=$(ip -o addr show dev $dev | awk '$3~/inet$/ {sub (/\/.*/, ""); print ($4); exit;}')
done
}
@@ -544,6 +548,19 @@ EOT
echoAndLog "${FUNCNAME}(): client files successfully updated"
}
+# Crear certificado para la firma de cargadores de arranque, si es necesario.
+function createCerts ()
+{
+ local SSLCFGDIR=$INSTALL_TARGET/client/etc/ssl
+ mkdir -p $SSLCFGDIR/{certs,private}
+ if [ ! -f $SSLCFGDIR/private/opengnsys.key ]; then
+ echoAndLog "${FUNCNAME}(): creating certificate files"
+ openssl req -new -x509 -newkey rsa:2048 -keyout $SSLCFGDIR/private/opengnsys.key -out $SSLCFGDIR/certs/opengnsys.crt -nodes -days 3650 -subj "/CN=OpenGnsys/"
+ openssl x509 -in $SSLCFGDIR/certs/opengnsys.crt -out $SSLCFGDIR/certs/opengnsys.cer -outform DER
+ echoAndLog "${FUNCNAME}(): certificate successfully created"
+ fi
+}
+
# Configurar HTTPS y exportar usuario y grupo del servicio Apache.
function apacheConfiguration ()
{
@@ -571,7 +588,7 @@ function apacheConfiguration ()
else
template=$WORKDIR/opengnsys/server/etc/apache.conf.tmpl
fi
- sockfile=$(find /run/php -name "php*.sock" -type s -print 2>/dev/null)
+ sockfile=$(find /run/php -name "php*.sock" -type s -print 2>/dev/null | tail -1)
# Actualizar configuración de Apache a partir de fichero de plantilla.
for config in $APACHECFGDIR/{,sites-available/}opengnsys.conf; do
if [ -e $config ]; then
@@ -745,7 +762,7 @@ function createDirs()
{
# Crear estructura de directorios.
echoAndLog "${FUNCNAME}(): creating directory paths in ${INSTALL_TARGET}"
- local dir
+ local dir MKNETDIR
mkdir -p ${INSTALL_TARGET}/{bin,doc,etc,lib,sbin,www}
mkdir -p ${INSTALL_TARGET}/{client,images/groups}
@@ -757,12 +774,19 @@ function createDirs()
[ -d $dir ] && ln -fs $dir ${INSTALL_TARGET}/tftpboot
done
fi
- mkdir -p $INSTALL_TARGET/tftpboot/menu.lst/examples
+ mkdir -p $INSTALL_TARGET/tftpboot/{menu.lst,grub}/examples
if [ $? -ne 0 ]; then
errorAndLog "${FUNCNAME}(): error while creating dirs. Do you have write permissions?"
return 1
fi
! [ -f $INSTALL_TARGET/tftpboot/menu.lst/templates/00unknown ] && mv $INSTALL_TARGET/tftpboot/menu.lst/templates/* $INSTALL_TARGET/tftpboot/menu.lst/examples
+ ! [ -f $INSTALL_TARGET/tftpboot/grub/templates/10 ] && mv $INSTALL_TARGET/tftpboot/grub/templates/* $INSTALL_TARGET/tftpboot/grub/examples
+
+ # Preparar arranque en red con Grub.
+ for f in grub-mknetdir grub2-mknetdir; do
+ if which $f &>/dev/null; then MKNETDIR=$f; fi
+ done
+ $MKNETDIR --net-directory=$TFTPCFGDIR --subdir=grub
# Crear usuario ficticio.
if id -u $OPENGNSYS_CLIENTUSER &>/dev/null; then
@@ -825,6 +849,7 @@ function updateDatabase()
fi
popd >/dev/null
+ REPOKEY=$(php -r 'echo md5(uniqid(rand(), true));')
if [ -n "$FILES" ]; then
for file in $FILES; do
importSqlFile $OPENGNSYS_DBUSER $OPENGNSYS_DBPASSWORD $OPENGNSYS_DATABASE $DBDIR/$file
@@ -889,6 +914,18 @@ function updateServerFiles()
cp -a $WORKDIR/opengnsys/admin/Sources/Services/opengnsys.init /etc/init.d/opengnsys
NEWFILES="$NEWFILES /etc/init.d/opengnsys"
fi
+ if ! diff -q $WORKDIR/opengnsys/admin/Sources/Services/opengnsys.default /etc/default/opengnsys >/dev/null; then
+ echoAndLog "${FUNCNAME}(): updating new default file"
+ backupFile /etc/default/opengnsys
+ # Buscar si hay nuevos parámetros.
+ local var valor
+ while IFS="=" read -e var valor; do
+ [[ $var =~ ^# ]] || \
+ grep -q "^$var=" /etc/default/opengnsys || \
+ echo "$var=$valor" >> /etc/default/opengnsys
+ done < $WORKDIR/opengnsys/admin/Sources/Services/opengnsys.default
+ NEWFILES="$NEWFILES /etc/default/opengnsys"
+ fi
if egrep -q "(UrlMsg=.*msgbrowser.php)|(UrlMenu=http://)" $INSTALL_TARGET/client/etc/ogAdmClient.cfg 2>/dev/null; then
echoAndLog "${FUNCNAME}(): updating new client config file"
backupFile $INSTALL_TARGET/client/etc/ogAdmClient.cfg
@@ -903,6 +940,15 @@ function updateServerFiles()
[ ! -f /etc/cron.d/imagedelete ] && echo "* * * * * root [ -x $INSTALL_TARGET/bin/deletepreimage ] && $INSTALL_TARGET/bin/deletepreimage" > /etc/cron.d/imagedelete
[ ! -f /etc/cron.d/ogagentqueue ] && echo "* * * * * root [ -x $INSTALL_TARGET/bin/ogagentqueue.cron ] && $INSTALL_TARGET/bin/ogagentqueue.cron" > /etc/cron.d/ogagentqueue
echoAndLog "${FUNCNAME}(): server files successfully updated"
+
+ # Se modifican los nombres de las plantilla PXE por compatibilidad con los equipos UEFI.
+ if [ -f $INSTALL_TARGET/tftpboot/menu.lst/templates/01 ]; then
+ BIOSPXEDIR="$INSTALL_TARGET/tftpboot/menu.lst/templates"
+ mv $BIOSPXEDIR/01 $BIOSPXEDIR/10
+ sed -i "s/\bMBR\b/1hd/" $BIOSPXEDIR/10
+ sed -i "s/\b1hd-1partition\b/1hd-1os/" $BIOSPXEDIR/11
+ sed -i "s/\b1hd-2partition\b/1hd-2os/" $BIOSPXEDIR/12
+ fi
}
####################################################################
@@ -946,9 +992,8 @@ function compileServices()
popd
# Parar antiguo servicio de repositorio y añadir clave de acceso REST en su fichero de configuración.
pgrep ogAdmRepo > /dev/null && service="ogAdmRepo" $STOPSERVICE
- grep -q '^ApiToken=' $INSTALL_TARGET/etc/ogAdmRepo.cfg && \
- sed -i "s/^ApiToken=.*$/ApiToken=$REPOKEY/" $INSTALL_TARGET/etc/ogAdmRepo.cfg || \
- sed -i "$ a\ApiToken=$REPOKEY/" $INSTALL_TARGET/etc/ogAdmRepo.cfg
+ sed -i -n -e "/^ApiToken=/!p" -e "$ a\ApiToken=$REPOKEY" $INSTALL_TARGET/etc/ogAdmRepo.cfg
+ sed -i -n -e "/^APITOKEN=/!p" -e "$ a\APITOKEN=$REPOKEY" $INSTALL_TARGET/etc/ogAdmServer.cfg
# Compilar OpenGnsys Agent
echoAndLog "${FUNCNAME}(): Recompiling OpenGnsys Server Agent"
pushd $WORKDIR/opengnsys/admin/Sources/Services/ogAdmAgent
@@ -980,8 +1025,8 @@ function compileServices()
# Actualizar cliente OpenGnsys
function updateClient()
{
- #local FILENAME=ogLive-precise-3.2.0-23-generic-r5159.iso # 1.1.0-rc6 (old)
- local FILENAME=ogLive-xenial-4.13.0-17-generic-amd64-r5520.iso # 1.1.0-rc6
+ #local FILENAME=ogLive-precise-3.2.0-23-generic-r5159.iso # 1.1.0-rc6 (32-bit)
+ local FILENAME=ogLive-bionic-5.0.0-27-generic-amd64-r20190830.7208cc9.iso # 1.1.1-rc5
local SOURCEFILE=$DOWNLOADURL/$FILENAME
local TARGETFILE=$(oglivecli config download-dir)/$FILENAME
local SOURCELENGTH
@@ -995,7 +1040,7 @@ function updateClient()
oglivecli convert
fi
# Comprobar si debe actualizarse el cliente.
- SOURCELENGTH=$(curl -sI $SOURCEFILE 2>&1 | awk '/Content-Length:/ {print $2}')
+ SOURCELENGTH=$(curl -sI $SOURCEFILE 2>&1 | awk '/Content-Length:/ {gsub("\r", ""); print $2}')
TARGETLENGTH=$(stat -c "%s" $TARGETFILE 2>/dev/null)
[ -z $TARGETLENGTH ] && TARGETLENGTH=0
if [ "$SOURCELENGTH" != "$TARGETLENGTH" ]; then
@@ -1009,7 +1054,7 @@ function updateClient()
echoAndLog "${FUNCNAME}(): Updatting ogLive client"
oglivecli install $FILENAME
- CLIENTUPDATED=${FILENAME%.*}
+ INSTALLEDOGLIVE=${FILENAME%.*}
echoAndLog "${FUNCNAME}(): ogLive successfully updated"
else
@@ -1067,8 +1112,14 @@ function updateSummary()
# Actualizar fichero de versión y revisión.
local VERSIONFILE REVISION
VERSIONFILE="$INSTALL_TARGET/doc/VERSION.json"
- # Revisión: rAñoMesDía.Gitcommit (8 caracteres de fecha y 7 primeros de commit).
- REVISION=$(curl -s "$API_URL" | jq '"r" + (.commit.commit.committer.date | gsub("-"; "")[:8]) + "." + (.commit.sha[:7])')
+ # Obtener revisión.
+ if [ $REMOTE -eq 1 ]; then
+ # Revisión: rAñoMesDía.Gitcommit (8 caracteres de fecha y 7 primeros de commit).
+ REVISION=$(curl -s "$API_URL" | jq '"r" + (.commit.commit.committer.date | split("-") | join("")[:8]) + "." + (.commit.sha[:7])')
+ else
+ # Parámetro "release" del fichero JSON.
+ REVISION=$(jq -r '.release' $PROGRAMDIR/../doc/VERSION.json 2>/dev/null)
+ fi
[ -f $VERSIONFILE ] || echo '{ "project": "OpenGnsys" }' > $VERSIONFILE
jq ".release=$REVISION" $VERSIONFILE | sponge $VERSIONFILE
VERSION="$(jq -r '[.project, .version, .codename, .release] | join(" ")' $VERSIONFILE 2>/dev/null)"
@@ -1096,8 +1147,8 @@ function updateSummary()
echoAndLog "Warnings:"
echoAndLog " - You must to clear web browser cache before loading OpenGnsys page"
echoAndLog " - Generated new key to access Repository REST API (file ogAdmRepo.cfg)"
- if [ -n "$CLIENTUPDATED" ]; then
- echoAndLog " - ogLive Client is updated to: $CLIENTUPDATED"
+ if [ -n "$INSTALLEDOGLIVE" ]; then
+ echoAndLog " - Installed new ogLive Client: $INSTALLEDOGLIVE"
fi
if [ -n "$MYSQLCONFIG" ]; then
echoAndLog " - MySQL must be reconfigured, run next code as DB root user and restart service:"
@@ -1190,11 +1241,12 @@ fi
# Configurar Rsync.
rsyncConfigure
-# Actualizar ficheros del cliente
+# Actualizar ficheros del cliente.
updateClientFiles
+createCerts
updateInterfaceAdm
-# Actualizar páqinas web
+# Actualizar páqinas web.
apacheConfiguration
updateWebFiles
if [ $? -ne 0 ]; then
@@ -1222,7 +1274,7 @@ checkFiles
# Mostrar resumen de actualización.
updateSummary
-#rm -rf $WORKDIR
+rm -rf $WORKDIR
echoAndLog "OpenGnsys update finished at $(date)"
popd