From 2b00219981fbc33f1131390a6a051e7d9f2e8295 Mon Sep 17 00:00:00 2001 From: Javier Sánchez Parra Date: Mon, 28 Jan 2019 10:22:57 +0100 Subject: #892: Use ogAdmServer Wake on Lan * gestor_Comando.php only execute wakeonlan_repo.php when wake up command is called. * wakeonlan_repo.php send new needed parameters for ogAdmServer WoL. * repository.php use ogAdmServer WoL instead of wakeonlan perl script. * opengnsys_installer.sh and opengnsys_update.sh don't have wakeonlan perl script dependency anymore. # Please enter the commit message for your changes. Lines starting # with '#' will be kept; you may remove them yourself if you want to. # An empty message aborts the commit. # # Date: Mon Jan 28 10:22:57 2019 +0100 # # On branch devel # Your branch is ahead of 'origin/devel' by 1 commit. # (use "git push" to publish your local commits) # # Changes to be committed: # modified: admin/WebConsole/comandos/gestores/gestor_Comandos.php # modified: admin/WebConsole/comandos/gestores/wakeonlan_repo.php # modified: admin/WebConsole/rest/repository.php # modified: installer/opengnsys_installer.sh # modified: installer/opengnsys_update.sh # # Untracked files: # 0001-892-Use-ogAdmServer-Wake-on-Lan.patch # 0001-892-Use-ogAdmServer-Wake-on-Lan.zip # --- installer/opengnsys_installer.sh | 2 +- installer/opengnsys_update.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'installer') diff --git a/installer/opengnsys_installer.sh b/installer/opengnsys_installer.sh index 17d36253..fd07d843 100755 --- a/installer/opengnsys_installer.sh +++ b/installer/opengnsys_installer.sh @@ -170,7 +170,7 @@ OSVERSION="${OSVERSION%%.*}" # Configuración según la distribución GNU/Linux (usar minúsculas). case "$OSDISTRIB" in ubuntu|debian|linuxmint) - DEPENDENCIES=( subversion apache2 php php-ldap php-fpm mysql-server php-mysql isc-dhcp-server bittorrent tftp-hpa tftpd-hpa xinetd build-essential g++-multilib libmysqlclient-dev wget curl doxygen graphviz bittornado ctorrent samba rsync unzip netpipes debootstrap schroot squashfs-tools btrfs-tools procps arp-scan realpath php-curl gettext moreutils jq wakeonlan udpcast libev-dev shim-signed grub-efi-amd64-signed ) + DEPENDENCIES=( subversion apache2 php php-ldap php-fpm mysql-server php-mysql isc-dhcp-server bittorrent tftp-hpa tftpd-hpa xinetd build-essential g++-multilib libmysqlclient-dev wget curl doxygen graphviz bittornado ctorrent samba rsync unzip netpipes debootstrap schroot squashfs-tools btrfs-tools procps arp-scan realpath php-curl gettext moreutils jq udpcast libev-dev shim-signed grub-efi-amd64-signed ) UPDATEPKGLIST="apt-get update" INSTALLPKG="apt-get -y install --force-yes" CHECKPKG="dpkg -s \$package 2>/dev/null | grep Status | grep -qw install" diff --git a/installer/opengnsys_update.sh b/installer/opengnsys_update.sh index 8880fd6f..09142865 100755 --- a/installer/opengnsys_update.sh +++ b/installer/opengnsys_update.sh @@ -118,7 +118,7 @@ function autoConfigure() # Configuración según la distribución de Linux. if [ -f /etc/debian_version ]; then # Distribución basada en paquetes Deb. - DEPENDENCIES=( curl rsync btrfs-tools procps arp-scan realpath php-curl gettext moreutils jq wakeonlan udpcast libev-dev shim-signed grub-efi-amd64-signed php-fpm ) + DEPENDENCIES=( curl rsync btrfs-tools procps arp-scan realpath php-curl gettext moreutils jq udpcast libev-dev shim-signed grub-efi-amd64-signed php-fpm ) # Paquete correcto para realpath. [ -z "$(apt-cache pkgnames realpath)" ] && DEPENDENCIES=( ${DEPENDENCIES[@]//realpath/coreutils} ) UPDATEPKGLIST="add-apt-repository -y ppa:ondrej/php; apt-get update" -- cgit v1.2.3-18-g5258 From ea016a46cd299cf7e9bd5f028f73393e19b5abe7 Mon Sep 17 00:00:00 2001 From: "Ramón M. Gómez" Date: Thu, 7 Feb 2019 10:35:55 +0100 Subject: #784: Fixing Apache configuration error when multiple instances of PHP-FPM are installed. --- installer/opengnsys_installer.sh | 2 +- installer/opengnsys_update.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'installer') diff --git a/installer/opengnsys_installer.sh b/installer/opengnsys_installer.sh index fd07d843..87b06835 100755 --- a/installer/opengnsys_installer.sh +++ b/installer/opengnsys_installer.sh @@ -1151,7 +1151,7 @@ function installWebConsoleApacheConf() echoAndLog "${FUNCNAME}(): configuring PHP-FPM" service=$PHPFPMSERV $ENABLESERVICE; $STARTSERVICE - sockfile=$(find /run/php -name "php*.sock" -type s -print 2>/dev/null) + sockfile=$(find /run/php -name "php*.sock" -type s -print 2>/dev/null | tail -1) # Activar módulos de Apache. $APACHEENABLEMODS diff --git a/installer/opengnsys_update.sh b/installer/opengnsys_update.sh index 09142865..2fcd3be8 100755 --- a/installer/opengnsys_update.sh +++ b/installer/opengnsys_update.sh @@ -571,7 +571,7 @@ function apacheConfiguration () else template=$WORKDIR/opengnsys/server/etc/apache.conf.tmpl fi - sockfile=$(find /run/php -name "php*.sock" -type s -print 2>/dev/null) + sockfile=$(find /run/php -name "php*.sock" -type s -print 2>/dev/null | tail -1) # Actualizar configuración de Apache a partir de fichero de plantilla. for config in $APACHECFGDIR/{,sites-available/}opengnsys.conf; do if [ -e $config ]; then -- cgit v1.2.3-18-g5258 From 6bd2e1e7ba1bb7f9911d95a3a4ed688b0cae1e58 Mon Sep 17 00:00:00 2001 From: "Ramón M. Gómez" Date: Thu, 7 Feb 2019 12:04:07 +0100 Subject: #736: Installer script no longer disables firewall or SELinux, and recommends using {{{security-config}}} script. --- installer/opengnsys_installer.sh | 28 ++++------------------------ 1 file changed, 4 insertions(+), 24 deletions(-) (limited to 'installer') diff --git a/installer/opengnsys_installer.sh b/installer/opengnsys_installer.sh index 87b06835..f559552c 100755 --- a/installer/opengnsys_installer.sh +++ b/installer/opengnsys_installer.sh @@ -145,7 +145,6 @@ OPENGNSYS_DB_CREATION_FILE=opengnsys/admin/Database/${OPENGNSYS_DATABASE}.sql # - APACHEENABLEOG, APACHEOGSITE, - habilitar sitio web de OpenGnsys # - PHPFPMSERV - servicio PHP FastCGI Process Manager para Apache # - INETDSERV - servicio Inetd -# - FIREWALLSERV - servicio de cortabuegos IPTables/FirewallD # - DHCPSERV, DHCPCFGDIR - servicio y configuración de DHCP # - MYSQLSERV, TMPMYCNF - servicio MySQL y fichero temporal con credenciales de acceso # - MARIADBSERV - servicio MariaDB (sustituto de MySQL en algunas distribuciones) @@ -232,11 +231,6 @@ case "$OSDISTRIB" in APACHEREWRITEMOD="sed -i '/rewrite/s/^#//' $APACHECFGDIR/../*.conf" DHCPSERV=dhcpd DHCPCFGDIR=/etc/dhcp - if firewall-cmd --state &>/dev/null; then - FIREWALLSERV=firewalld - else - FIREWALLSERV=iptables - fi INETDSERV=xinetd INETDCFGDIR=/etc/xinetd.d MYSQLSERV=mysqld @@ -268,13 +262,6 @@ local f # Configuraciones específicas para Samba y TFTP en Debian 6. [ -z "$SYSTEMD" -a ! -e /etc/init.d/$SAMBASERV ] && SAMBASERV=samba [ ! -e $TFTPCFGDIR ] && TFTPCFGDIR=/srv/tftp - -# Configuraciones específicas para SELinux permisivo en distintas versiones. -[ -f /selinux/enforce ] && echo 0 > /selinux/enforce -for f in /etc/sysconfig/selinux /etc/selinux/config; do - [ -f $f ] && perl -pi -e 's/SELINUX=enforcing/SELINUX=permissive/g' $f -done -selinuxenabled 2>/dev/null && setenforce 0 2>/dev/null } @@ -823,13 +810,7 @@ function downloadCode() # Comprobar si existe conexión. function checkNetworkConnection() { - echoAndLog "${FUNCNAME}(): Disabling Firewall: $FIREWALLSERV." - if [ -n "$FIREWALLSERV" ]; then - service=$FIREWALLSERV - $STOPSERVICE; $DISABLESERVICE - fi - - echoAndLog "${FUNCNAME}(): Checking OpenGnsys server conectivity." + echoAndLog "${FUNCNAME}(): Checking OpenGnsys server connectivity." OPENGNSYS_SERVER=${OPENGNSYS_SERVER:-"opengnsys.es"} if which wget &>/dev/null; then wget --spider -q $OPENGNSYS_SERVER @@ -1576,16 +1557,15 @@ function installationSummary() echoAndLog "Installed ogLive client(s): $(oglivecli list | awk '{print $2}')" echoAndLog "Samba configuration directory: $SAMBACFGDIR" echoAndLog "Web Console URL: $OPENGNSYS_CONSOLEURL" - echoAndLog "Web Console access data: specified in installer script" + echoAndLog "Web Console access data: entered by the user" if grep -q "^RUN_BTTRACK.*no" /etc/default/opengnsys; then echoAndLog "BitTorrent service is disabled." fi echo echoAndLog "Post-Installation Instructions:" echo "===============================" - echoAndLog "Firewall service has been disabled and SELinux mode set to" - echoAndLog " permissive during OpenGnsys installation. Please check" - echoAndLog " ${FIREWALLSERV:-firewall} and SELinux configuration, if needed." + echoAndLog "You can improve server security by configuring firewall and SELinux," + echoAndLog " running \"$INSTALL_TARGET/lib/security-config\" script as root." echoAndLog "It's strongly recommended to synchronize this server with an NTP server." echoAndLog "Review or edit all configuration files." echoAndLog "Insert DHCP configuration data and restart service." -- cgit v1.2.3-18-g5258 From ccfd26b92bbed78e2eb8b2561aeb2ab488258d93 Mon Sep 17 00:00:00 2001 From: "Ramón M. Gómez" Date: Thu, 21 Feb 2019 12:40:54 +0100 Subject: #739: Vagrant provisioning scripts try to get the name of the internal network interface. --- installer/vagrant/Vagrantfile-1.0.6b-vbox | 2 +- installer/vagrant/Vagrantfile-devel-vbox | 2 +- installer/vagrant/Vagrantfile-prod-vbox | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'installer') diff --git a/installer/vagrant/Vagrantfile-1.0.6b-vbox b/installer/vagrant/Vagrantfile-1.0.6b-vbox index 2db25e1c..4317c654 100644 --- a/installer/vagrant/Vagrantfile-1.0.6b-vbox +++ b/installer/vagrant/Vagrantfile-1.0.6b-vbox @@ -42,7 +42,7 @@ fi # Install OpenGnsys and change server address. wget -q https://opengnsys.es/svn/tags/opengnsys-1.0.6b/installer/opengnsys_installer.sh -O - | bash || exit $? mv /opt/opengnsys/log/bash.log /opt/opengnsys/log/opengnsys_installer.log -echo y | /opt/opengnsys/bin/setserveraddr eth1 +echo y | /opt/opengnsys/bin/setserveraddr $(ip -o link show | tail -1 | cut -d: -f2) # Insert DHCP data. for ((i=#{NCLIENTS+10}; i>10; i--)); do sed -i "/^}$/ i host pc${i} { hardware ethernet #{MACPREFIX}:${i}; fixed-address #{NETPREFIX}.${i}; }" /etc/dhcp/dhcpd.conf diff --git a/installer/vagrant/Vagrantfile-devel-vbox b/installer/vagrant/Vagrantfile-devel-vbox index 7aac2c56..ee330e93 100644 --- a/installer/vagrant/Vagrantfile-devel-vbox +++ b/installer/vagrant/Vagrantfile-devel-vbox @@ -45,7 +45,7 @@ elif which wget &>/dev/null; then fi $DOWNLOAD -s https://raw.githubusercontent.com/opengnsys/OpenGnsys/devel/installer/opengnsys_installer.sh | bash || exit $? mv /opt/opengnsys/log/bash.log /opt/opengnsys/log/opengnsys_installer.log -echo y | /opt/opengnsys/bin/setserveraddr enp0s8 +echo y | /opt/opengnsys/bin/setserveraddr $(ip -o link show | tail -1 | cut -d: -f2) # Insert DHCP data. for ((i=#{NCLIENTS+10}; i>10; i--)); do sed -i "/^}$/ i host pc${i} { hardware ethernet #{MACPREFIX}:${i}; fixed-address #{NETPREFIX}.${i}; }" /etc/dhcp/dhcpd.conf diff --git a/installer/vagrant/Vagrantfile-prod-vbox b/installer/vagrant/Vagrantfile-prod-vbox index adeccce7..5cfc94d5 100644 --- a/installer/vagrant/Vagrantfile-prod-vbox +++ b/installer/vagrant/Vagrantfile-prod-vbox @@ -45,7 +45,7 @@ elif which wget &>/dev/null; then fi $DOWNLOAD -s https://raw.githubusercontent.com/opengnsys/OpenGnsys/master/installer/opengnsys_installer.sh | bash || exit $? mv /opt/opengnsys/log/bash.log /opt/opengnsys/log/opengnsys_installer.log -echo y | /opt/opengnsys/bin/setserveraddr enp0s8 +echo y | /opt/opengnsys/bin/setserveraddr $(ip -o link show | tail -1 | cut -d: -f2) # Insert DHCP data. for ((i=#{NCLIENTS+10}; i>10; i--)); do sed -i "/^}$/ i host pc${i} { hardware ethernet #{MACPREFIX}:${i}; fixed-address #{NETPREFIX}.${i}; }" /etc/dhcp/dhcpd.conf -- cgit v1.2.3-18-g5258