diff options
Diffstat (limited to 'installer/opengnsys_update.sh')
-rwxr-xr-x | installer/opengnsys_update.sh | 100 |
1 files changed, 76 insertions, 24 deletions
diff --git a/installer/opengnsys_update.sh b/installer/opengnsys_update.sh index 1182b6eb..68978b3d 100755 --- a/installer/opengnsys_update.sh +++ b/installer/opengnsys_update.sh @@ -118,7 +118,9 @@ function autoConfigure() # Configuración según la distribución de Linux. if [ -f /etc/debian_version ]; then # Distribución basada en paquetes Deb. - DEPENDENCIES=( curl rsync btrfs-tools procps arp-scan realpath php-curl gettext moreutils jq wakeonlan udpcast shim-signed grub-efi-amd64-signed php-fpm python-pip ) + DEPENDENCIES=( curl rsync btrfs-tools procps arp-scan realpath php-curl gettext moreutils jq wakeonlan udpcast libev-dev libjansson-dev shim-signed grub-efi-amd64-signed php-fpm python-pip ) + # Paquete correcto para realpath. + [ -z "$(apt-cache pkgnames realpath)" ] && DEPENDENCIES=( ${DEPENDENCIES[@]//realpath/coreutils} ) UPDATEPKGLIST="add-apt-repository -y ppa:ondrej/php; apt-get update" INSTALLPKGS="apt-get -y install" DELETEPKGS="apt-get -y purge" @@ -141,7 +143,7 @@ function autoConfigure() INETDCFGDIR=/etc/xinetd.d elif [ -f /etc/redhat-release ]; then # Distribución basada en paquetes rpm. - DEPENDENCIES=( curl rsync btrfs-progs procps-ng arp-scan gettext moreutils jq net-tools udpcast shim-x64 grub2-efi-x64 grub2-efi-x64-modules python-pip ) + DEPENDENCIES=( curl rsync btrfs-progs procps-ng arp-scan gettext moreutils jq net-tools udpcast libev-devel shim-x64 grub2-efi-x64 grub2-efi-x64-modules python-pip ) # Repositorios para PHP 7 en CentOS. [ "$OSDISTRIB" == "centos" ] && UPDATEPKGLIST="yum update -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-$OSVERSION.noarch.rpm http://rpms.remirepo.net/enterprise/remi-release-$OSVERSION.rpm" INSTALLPKGS="yum install -y" @@ -167,7 +169,7 @@ function autoConfigure() : fi for service in apache2 httpd; do - [ -d /etc/$service ] && APACHECFGDIR="/etc/$service" + [ -d "/etc/$service" ] && APACHECFGDIR="/etc/$service" if $SERVICESTATUS &>/dev/null; then APACHESERV="$service"; fi done for service in dhcpd dhcpd3-server isc-dhcp-server; do @@ -300,7 +302,6 @@ function importSqlFile() local mycnf=/tmp/.my.cnf.$$ local status local APIKEY=$(php -r 'echo md5(uniqid(rand(), true));') - REPOKEY=$(php -r 'echo md5(uniqid(rand(), true));') if [ ! -r $sqlfile ]; then errorAndLog "${FUNCNAME}(): Unable to read $sqlfile!!" @@ -430,7 +431,10 @@ function downloadCode() echoAndLog "${FUNCNAME}(): downloading code..." - curl "${url}" -o opengnsys.zip && unzip opengnsys.zip && mv "OpenGnsys-$BRANCH" opengnsys + curl "$url" -o opengnsys.zip && \ + unzip -qo opengnsys.zip && \ + rm -fr opengnsys && \ + mv "OpenGnsys-$BRANCH" opengnsys if [ $? -ne 0 ]; then errorAndLog "${FUNCNAME}(): error getting code from ${url}, verify your user and password" return 1 @@ -470,7 +474,7 @@ function checkVersion() if [ $REMOTE -eq 1 ]; then NEWVERSION=$(curl -s $RAW_URL/doc/VERSION.json 2>/dev/null | jq -r '.version') else - NEWVERSION=$(jq -r '.version' $PROGRAMDIR/doc/VERSION.json 2>/dev/null) + NEWVERSION=$(jq -r '.version' $PROGRAMDIR/../doc/VERSION.json 2>/dev/null) fi [[ "$NEWVERSION" =~ pre ]] && PRE=1 @@ -494,7 +498,7 @@ function getNetworkSettings() SERVERIP="$ServidorAdm" DEVICES="$(ip -o link show up | awk '!/loopback/ {sub(/:.*/,"",$2); print $2}')" for dev in $DEVICES; do - [ -z "$SERVERIP" ] && SERVERIP=$(ip -o addr show dev $dev | awk '$3~/inet$/ {sub (/\/.*/, ""); print ($4)}') + [ -z "$SERVERIP" ] && SERVERIP=$(ip -o addr show dev $dev | awk '$3~/inet$/ {sub (/\/.*/, ""); print ($4); exit;}') done } @@ -544,6 +548,19 @@ EOT echoAndLog "${FUNCNAME}(): client files successfully updated" } +# Crear certificado para la firma de cargadores de arranque, si es necesario. +function createCerts () +{ + local SSLCFGDIR=$INSTALL_TARGET/client/etc/ssl + mkdir -p $SSLCFGDIR/{certs,private} + if [ ! -f $SSLCFGDIR/private/opengnsys.key ]; then + echoAndLog "${FUNCNAME}(): creating certificate files" + openssl req -new -x509 -newkey rsa:2048 -keyout $SSLCFGDIR/private/opengnsys.key -out $SSLCFGDIR/certs/opengnsys.crt -nodes -days 3650 -subj "/CN=OpenGnsys/" + openssl x509 -in $SSLCFGDIR/certs/opengnsys.crt -out $SSLCFGDIR/certs/opengnsys.cer -outform DER + echoAndLog "${FUNCNAME}(): certificate successfully created" + fi +} + # Configurar HTTPS y exportar usuario y grupo del servicio Apache. function apacheConfiguration () { @@ -571,7 +588,7 @@ function apacheConfiguration () else template=$WORKDIR/opengnsys/server/etc/apache.conf.tmpl fi - sockfile=$(find /run/php -name "php*.sock" -type s -print 2>/dev/null) + sockfile=$(find /run/php -name "php*.sock" -type s -print 2>/dev/null | tail -1) # Actualizar configuración de Apache a partir de fichero de plantilla. for config in $APACHECFGDIR/{,sites-available/}opengnsys.conf; do if [ -e $config ]; then @@ -745,7 +762,7 @@ function createDirs() { # Crear estructura de directorios. echoAndLog "${FUNCNAME}(): creating directory paths in ${INSTALL_TARGET}" - local dir + local dir MKNETDIR mkdir -p ${INSTALL_TARGET}/{bin,doc,etc,lib,sbin,www} mkdir -p ${INSTALL_TARGET}/{client,images/groups} @@ -757,12 +774,19 @@ function createDirs() [ -d $dir ] && ln -fs $dir ${INSTALL_TARGET}/tftpboot done fi - mkdir -p $INSTALL_TARGET/tftpboot/menu.lst/examples + mkdir -p $INSTALL_TARGET/tftpboot/{menu.lst,grub}/examples if [ $? -ne 0 ]; then errorAndLog "${FUNCNAME}(): error while creating dirs. Do you have write permissions?" return 1 fi ! [ -f $INSTALL_TARGET/tftpboot/menu.lst/templates/00unknown ] && mv $INSTALL_TARGET/tftpboot/menu.lst/templates/* $INSTALL_TARGET/tftpboot/menu.lst/examples + ! [ -f $INSTALL_TARGET/tftpboot/grub/templates/10 ] && mv $INSTALL_TARGET/tftpboot/grub/templates/* $INSTALL_TARGET/tftpboot/grub/examples + + # Preparar arranque en red con Grub. + for f in grub-mknetdir grub2-mknetdir; do + if which $f &>/dev/null; then MKNETDIR=$f; fi + done + $MKNETDIR --net-directory=$TFTPCFGDIR --subdir=grub # Crear usuario ficticio. if id -u $OPENGNSYS_CLIENTUSER &>/dev/null; then @@ -825,6 +849,7 @@ function updateDatabase() fi popd >/dev/null + REPOKEY=$(php -r 'echo md5(uniqid(rand(), true));') if [ -n "$FILES" ]; then for file in $FILES; do importSqlFile $OPENGNSYS_DBUSER $OPENGNSYS_DBPASSWORD $OPENGNSYS_DATABASE $DBDIR/$file @@ -889,6 +914,18 @@ function updateServerFiles() cp -a $WORKDIR/opengnsys/admin/Sources/Services/opengnsys.init /etc/init.d/opengnsys NEWFILES="$NEWFILES /etc/init.d/opengnsys" fi + if ! diff -q $WORKDIR/opengnsys/admin/Sources/Services/opengnsys.default /etc/default/opengnsys >/dev/null; then + echoAndLog "${FUNCNAME}(): updating new default file" + backupFile /etc/default/opengnsys + # Buscar si hay nuevos parámetros. + local var valor + while IFS="=" read -e var valor; do + [[ $var =~ ^# ]] || \ + grep -q "^$var=" /etc/default/opengnsys || \ + echo "$var=$valor" >> /etc/default/opengnsys + done < $WORKDIR/opengnsys/admin/Sources/Services/opengnsys.default + NEWFILES="$NEWFILES /etc/default/opengnsys" + fi if egrep -q "(UrlMsg=.*msgbrowser.php)|(UrlMenu=http://)" $INSTALL_TARGET/client/etc/ogAdmClient.cfg 2>/dev/null; then echoAndLog "${FUNCNAME}(): updating new client config file" backupFile $INSTALL_TARGET/client/etc/ogAdmClient.cfg @@ -903,6 +940,15 @@ function updateServerFiles() [ ! -f /etc/cron.d/imagedelete ] && echo "* * * * * root [ -x $INSTALL_TARGET/bin/deletepreimage ] && $INSTALL_TARGET/bin/deletepreimage" > /etc/cron.d/imagedelete [ ! -f /etc/cron.d/ogagentqueue ] && echo "* * * * * root [ -x $INSTALL_TARGET/bin/ogagentqueue.cron ] && $INSTALL_TARGET/bin/ogagentqueue.cron" > /etc/cron.d/ogagentqueue echoAndLog "${FUNCNAME}(): server files successfully updated" + + # Se modifican los nombres de las plantilla PXE por compatibilidad con los equipos UEFI. + if [ -f $INSTALL_TARGET/tftpboot/menu.lst/templates/01 ]; then + BIOSPXEDIR="$INSTALL_TARGET/tftpboot/menu.lst/templates" + mv $BIOSPXEDIR/01 $BIOSPXEDIR/10 + sed -i "s/\bMBR\b/1hd/" $BIOSPXEDIR/10 + sed -i "s/\b1hd-1partition\b/1hd-1os/" $BIOSPXEDIR/11 + sed -i "s/\b1hd-2partition\b/1hd-2os/" $BIOSPXEDIR/12 + fi } #################################################################### @@ -946,9 +992,8 @@ function compileServices() popd # Parar antiguo servicio de repositorio y añadir clave de acceso REST en su fichero de configuración. pgrep ogAdmRepo > /dev/null && service="ogAdmRepo" $STOPSERVICE - grep -q '^ApiToken=' $INSTALL_TARGET/etc/ogAdmRepo.cfg && \ - sed -i "s/^ApiToken=.*$/ApiToken=$REPOKEY/" $INSTALL_TARGET/etc/ogAdmRepo.cfg || \ - sed -i "$ a\ApiToken=$REPOKEY/" $INSTALL_TARGET/etc/ogAdmRepo.cfg + sed -i -n -e "/^ApiToken=/!p" -e "$ a\ApiToken=$REPOKEY" $INSTALL_TARGET/etc/ogAdmRepo.cfg + sed -i -n -e "/^APITOKEN=/!p" -e "$ a\APITOKEN=$REPOKEY" $INSTALL_TARGET/etc/ogAdmServer.cfg # Compilar OpenGnsys Agent echoAndLog "${FUNCNAME}(): Recompiling OpenGnsys Server Agent" pushd $WORKDIR/opengnsys/admin/Sources/Services/ogAdmAgent @@ -980,8 +1025,8 @@ function compileServices() # Actualizar cliente OpenGnsys function updateClient() { - #local FILENAME=ogLive-precise-3.2.0-23-generic-r5159.iso # 1.1.0-rc6 (old) - local FILENAME=ogLive-xenial-4.13.0-17-generic-amd64-r5520.iso # 1.1.0-rc6 + #local FILENAME=ogLive-precise-3.2.0-23-generic-r5159.iso # 1.1.0-rc6 (32-bit) + local FILENAME=ogLive-bionic-5.0.0-27-generic-amd64-r20190830.7208cc9.iso # 1.1.1-rc5 local SOURCEFILE=$DOWNLOADURL/$FILENAME local TARGETFILE=$(oglivecli config download-dir)/$FILENAME local SOURCELENGTH @@ -995,7 +1040,7 @@ function updateClient() oglivecli convert fi # Comprobar si debe actualizarse el cliente. - SOURCELENGTH=$(curl -sI $SOURCEFILE 2>&1 | awk '/Content-Length:/ {print $2}') + SOURCELENGTH=$(curl -sI $SOURCEFILE 2>&1 | awk '/Content-Length:/ {gsub("\r", ""); print $2}') TARGETLENGTH=$(stat -c "%s" $TARGETFILE 2>/dev/null) [ -z $TARGETLENGTH ] && TARGETLENGTH=0 if [ "$SOURCELENGTH" != "$TARGETLENGTH" ]; then @@ -1009,7 +1054,7 @@ function updateClient() echoAndLog "${FUNCNAME}(): Updatting ogLive client" oglivecli install $FILENAME - CLIENTUPDATED=${FILENAME%.*} + INSTALLEDOGLIVE=${FILENAME%.*} echoAndLog "${FUNCNAME}(): ogLive successfully updated" else @@ -1067,8 +1112,14 @@ function updateSummary() # Actualizar fichero de versión y revisión. local VERSIONFILE REVISION VERSIONFILE="$INSTALL_TARGET/doc/VERSION.json" - # Revisión: rAñoMesDía.Gitcommit (8 caracteres de fecha y 7 primeros de commit). - REVISION=$(curl -s "$API_URL" | jq '"r" + (.commit.commit.committer.date | gsub("-"; "")[:8]) + "." + (.commit.sha[:7])') + # Obtener revisión. + if [ $REMOTE -eq 1 ]; then + # Revisión: rAñoMesDía.Gitcommit (8 caracteres de fecha y 7 primeros de commit). + REVISION=$(curl -s "$API_URL" | jq '"r" + (.commit.commit.committer.date | split("-") | join("")[:8]) + "." + (.commit.sha[:7])') + else + # Parámetro "release" del fichero JSON. + REVISION=$(jq -r '.release' $PROGRAMDIR/../doc/VERSION.json 2>/dev/null) + fi [ -f $VERSIONFILE ] || echo '{ "project": "OpenGnsys" }' > $VERSIONFILE jq ".release=$REVISION" $VERSIONFILE | sponge $VERSIONFILE VERSION="$(jq -r '[.project, .version, .codename, .release] | join(" ")' $VERSIONFILE 2>/dev/null)" @@ -1096,8 +1147,8 @@ function updateSummary() echoAndLog "Warnings:" echoAndLog " - You must to clear web browser cache before loading OpenGnsys page" echoAndLog " - Generated new key to access Repository REST API (file ogAdmRepo.cfg)" - if [ -n "$CLIENTUPDATED" ]; then - echoAndLog " - ogLive Client is updated to: $CLIENTUPDATED" + if [ -n "$INSTALLEDOGLIVE" ]; then + echoAndLog " - Installed new ogLive Client: $INSTALLEDOGLIVE" fi if [ -n "$MYSQLCONFIG" ]; then echoAndLog " - MySQL must be reconfigured, run next code as DB root user and restart service:" @@ -1190,11 +1241,12 @@ fi # Configurar Rsync. rsyncConfigure -# Actualizar ficheros del cliente +# Actualizar ficheros del cliente. updateClientFiles +createCerts updateInterfaceAdm -# Actualizar páqinas web +# Actualizar páqinas web. apacheConfiguration updateWebFiles if [ $? -ne 0 ]; then @@ -1222,7 +1274,7 @@ checkFiles # Mostrar resumen de actualización. updateSummary -#rm -rf $WORKDIR +rm -rf $WORKDIR echoAndLog "OpenGnsys update finished at $(date)" popd |