API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 26th, 2017
94
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.17 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/bash
  2.  
  3. # Guacamole installation
  4. # Supports Ubuntu 14.04,15.10 and Debian wheezy,jessie
  5. # 32 and 64 bit
  6. # Script to be run as sudo/root
  7. # ver 1.5
  8. # To be run on a FRESH OS install
  9. # Do not install anything other than base OS
  10. # Bharath Chari 2016
  11. # http://chari.titanium.ee
  12. # Updated 03-Feb-2016
  13.  
  14.  
  15. #Variables for guacamole/mysql connector versionsare set here.
  16. #Don't modify unless you know what you're doing
  17. GUAC_VER=0.9.9
  18. MYSQL_CONNECTOR_VERSION=5.1.38
  19.  
  20. # DO NOT MODIFY BELOW THIS LINE.
  21. echo "Checking system.."
  22. # Check if user is root or sudo
  23. if ! [ $(id -u) = 0 ]; then echo "Please run this script as sudo or root"; exit 1 ; fi
  24. # Check if this script has already been run successfully.
  25. test -f /var/lock/guac-installed.lock && { echo "Guacamole already installed. This script cannot be run"; exit 1; }
  26. # install lsb-release to check Distro version. Also gives us an idea if it's an apt based system!
  27. apt-get -qq install lsb-release -y || { echo "Unsupported distribution. Aborting installation."; exit 1; }
  28.  
  29. # fetch the codename of the distribution (eg: trusty,wily,wheezy,jessie)
  30. DISTVER=$(lsb_release -c | cut -d':' -f 2 | sed 's/[[:space:]]//g')
  31.  
  32. # Set Tomcat version depending on which distribution version else exit script
  33. case $DISTVER in
  34. trusty|wheezy)
  35. TOMCAT_VER=tomcat7
  36. ;;
  37. wily|jessie)
  38. TOMCAT_VER=tomcat8
  39. ;;
  40. *)
  41. echo "Unsupported distribution. Sorry. Installation aborted"
  42. echo "Script works on Ubuntu (trusty,wily) and Debian (wheezy,jessie)"
  43. exit 1;
  44. esac
  45.  
  46. # Set environment to non-interactive
  47. export DEBIAN_FRONTEND="noninteractive"
  48.  
  49. # Today's date
  50. TODAY=$(date +"%m-%d-%Y")
  51.  
  52. # get architecture - 32 bit or 64 bit
  53. if [ $(getconf LONG_BIT | grep 64) ]; then ARCH="x86_64"; else ARCH="i386"; fi
  54.  
  55. # Find hostname
  56. MYHOST=$(hostname -f)
  57.  
  58. #Helper functions
  59. # Generate random string for passwords and directory names
  60. genrand () { cat /dev/urandom | tr -dc '0-9A-Za-z+=_' | fold -w $1 | head -n 1 ; }
  61.  
  62.  
  63. # Create temp directory for downloads. Uses genrand() to create random string
  64. tmpdir=$(genrand 32)
  65.  
  66. cd ~
  67. mkdir $tmpdir && cd $tmpdir
  68.  
  69. # Get passwords from user
  70. clear
  71. echo "Set passwords for the system"
  72. echo "Note: Passwords will NOT be displayed on screen!"
  73. echo
  74. while true
  75. do
  76. read -s -p "Set MySQL ROOT Password: " MYSQL_ROOT_PASSWD
  77. echo
  78. read -s -p "MySQL ROOT Password (again): " password2
  79. echo
  80. [ "$MYSQL_ROOT_PASSWD" = "$password2" ] && break
  81. echo "Passwords don't match. Please try again"
  82. done
  83.  
  84. echo
  85.  
  86. while true
  87. do
  88. read -s -p "Set Guacamole DATABASE Password: " GUAC_DB_PASSWD
  89. echo
  90. read -s -p "Guacamole DATABASE Password (again): " password2
  91. echo
  92. [ "$GUAC_DB_PASSWD" = "$password2" ] && break
  93. echo "Passwords don't match. Please try again"
  94. done
  95.  
  96. echo
  97.  
  98. while true
  99. do
  100. read -s -p "Set Guacamole (guacadmin) WEB ADMIN Password: " GUAC_ADMIN_PASSWORD
  101. echo
  102. read -s -p "Guacamole (guacadmin) WEB ADMIN Password (again): " password2
  103. echo
  104. [ "$GUAC_ADMIN_PASSWORD" = "$password2" ] && break
  105. echo "Passwords don't match. Please try again"
  106. done
  107.  
  108.  
  109.  
  110. # End password input
  111.  
  112.  
  113. # Upgrade all packages
  114. apt-get update && apt-get upgrade -y
  115.  
  116. #Install required dependencies
  117. echo "Installing packages"
  118. # Tomcat version is determined by distro
  119. apt-get -qq install $TOMCAT_VER -y
  120. apt-get -qq install $TOMCAT_VER-admin $TOMCAT_VER-docs -y
  121.  
  122. apt-get -qq install ntp -y
  123. apt-get -qq install build-essential -y
  124. apt-get -qq install libcairo2-dev libjpeg62* libpng12-dev libossp-uuid-dev -y
  125. apt-get -qq install libfreerdp-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libpulse-dev libssl-dev libvorbis-dev -y
  126. apt-get -qq install default-jdk -y
  127. apt-get -qq install debconf-utils fail2ban -y
  128.  
  129. #MySQL install with preset password stored in variable MYSQL_ROOT_PASSWD
  130. echo mysql-server mysql-server/root_password password $MYSQL_ROOT_PASSWD | debconf-set-selections
  131. echo mysql-server mysql-server/root_password_again password $MYSQL_ROOT_PASSWD | debconf-set-selections
  132. apt-get -qq install mysql-server -y
  133.  
  134. # Fetch and install guacamole server and client
  135. echo "Downloading and configuring guacamole.."
  136. #Fetch/compile/install guacamole-server-version defined in variable GUAC_VER
  137. wget -O guacamole-server-$GUAC_VER.tar.gz http://sourceforge.net/projects/guacamole/files/current/source/guacamole-server-$GUAC_VER.tar.gz
  138. tar -zxvf guacamole-server-$GUAC_VER.tar.gz
  139. cd guacamole-server-$GUAC_VER/
  140. ./configure --with-init-dir=/etc/init.d
  141. make
  142. make install;
  143. ldconfig
  144.  
  145. #Fetch / install client, JDBC-auth and mysql connectors
  146. mkdir -p /var/lib/guacamole && cd /var/lib/guacamole/
  147. wget http://sourceforge.net/projects/guacamole/files/current/binary/guacamole-$GUAC_VER.war -O guacamole.war
  148. ln -s /var/lib/guacamole/guacamole.war /var/lib/$TOMCAT_VER/webapps/guacamole.war
  149. mkdir -p ~/$tmpdir/guacamole/sqlauth && cd ~/$tmpdir/guacamole/sqlauth
  150. wget -O guacamole-auth-jdbc-$GUAC_VER.tar.gz http://sourceforge.net/projects/guacamole/files/current/extensions/guacamole-auth-jdbc-$GUAC_VER.tar.gz
  151. tar -zxvf guacamole-auth-jdbc-$GUAC_VER.tar.gz
  152. wget -O mysql-connector-java-$MYSQL_CONNECTOR_VERSION.tar.gz http://dev.mysql.com/get/Downloads/Connector/j/mysql-connector-java-$MYSQL_CONNECTOR_VERSION.tar.gz
  153. tar -zxf mysql-connector-java-$MYSQL_CONNECTOR_VERSION.tar.gz
  154. mkdir -p /usr/share/$TOMCAT_VER/.guacamole/{extensions,lib}
  155. mv guacamole-auth-jdbc-$GUAC_VER/mysql/guacamole-auth-jdbc-mysql-$GUAC_VER.jar /usr/share/$TOMCAT_VER/.guacamole/extensions/
  156. mv mysql-connector-java-$MYSQL_CONNECTOR_VERSION/mysql-connector-java-$MYSQL_CONNECTOR_VERSION-bin.jar /usr/share/$TOMCAT_VER/.guacamole/lib/
  157. service mysql restart
  158.  
  159. # Create Guacamole mysql user and db
  160. mysql --host=localhost --user=root --password=$MYSQL_ROOT_PASSWD << END
  161.  
  162. CREATE DATABASE IF NOT EXISTS guacdb;
  163. CREATE USER 'guacuser'@'localhost' IDENTIFIED BY '$GUAC_DB_PASSWD';
  164. grant select,insert,update,delete on guacdb.* to 'guacuser'@'localhost';
  165. flush privileges;
  166.  
  167. END
  168.  
  169. cd ~/$tmpdir/guacamole/sqlauth/guacamole-auth-jdbc-$GUAC_VER/mysql/schema/
  170. cat ./*.sql | mysql --host=localhost --user=root --password=$MYSQL_ROOT_PASSWD guacdb
  171.  
  172. # Create guacamole.properties file
  173. mkdir -p /etc/guacamole/
  174. cat > /etc/guacamole/guacamole.properties << EOG
  175.  
  176. mysql-hostname: localhost
  177. mysql-port: 3306
  178. mysql-database: guacdb
  179. mysql-username: guacuser
  180. mysql-password:$GUAC_DB_PASSWD
  181.  
  182. mysql-disallow-duplicate-connections: false
  183.  
  184. EOG
  185.  
  186. ln -s /etc/guacamole/guacamole.properties /usr/share/$TOMCAT_VER/.guacamole/
  187.  
  188. # Change default guacadmin password in guacdb
  189. mysql --host=localhost --user=root --password=$MYSQL_ROOT_PASSWD << END
  190.  
  191. USE guacdb;
  192. SET @salt = UNHEX(SHA2(UUID(), 256));
  193. UPDATE guacamole_user
  194. SET
  195. password_salt = @salt,
  196. password_hash = UNHEX(SHA2(CONCAT('$GUAC_ADMIN_PASSWORD', HEX(@salt)), 256))
  197. WHERE
  198. username = 'guacadmin';
  199.  
  200. END
  201.  
  202. #Adding patch for entropy in virtual machines
  203. sec_file=/jre/lib/security/java.security
  204. java_path=$(dirname $(dirname $(readlink -f $(which javac))))
  205. if grep -xq "urandom" $java_path$sec_file ; then
  206. echo "File already patched to use /dev/urandom"
  207. else
  208. echo "securerandom.source=file:/dev/./urandom">> $java_path$sec_file
  209. fi
  210.  
  211. # Add links for FreeRDP depending on architecture
  212. mkdir -p /usr/lib/$ARCH-linux-gnu/freerdp/
  213. ln -s /usr/local/lib/freerdp/guac*.so /usr/lib/$ARCH-linux-gnu/freerdp/
  214.  
  215. # Adding startup services
  216. case $DISTVER in
  217. trusty|wheezy|wily)
  218. update-rc.d guacd defaults
  219. update-rc.d mysql defaults
  220. update-rc.d $TOMCAT_VER defaults
  221. ;;
  222. jessie)
  223. systemctl enable $TOMCAT_VER
  224. systemctl enable mysql
  225. systemctl enable guacd
  226. ;;
  227. *)
  228. esac
  229.  
  230.  
  231.  
  232. ## Cleaning up
  233. cd ~
  234. rm -rf $tmpdir
  235.  
  236. touch /var/lock/guac-installed.lock
  237. echo "Done"
  238. echo
  239. echo "#################################################################################"
  240. echo "Guacamole install complete. Reboot server now - sudo shutdown -r now"
  241. echo "After rebooting, you can access your installation at http://$MYHOST:8080/guacamole"
  242. echo "#################################################################################"
  243. exit 0;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!