Michael T
85ba7c3a15
This script will 1. Ask for Snipe it version 1.2.8 or 2.0 2. Detect distro version (between CentOS and Debian/Ubuntu) 3. Install all software and dependencies, create vhosts. This isn't the smartest script, and it needs a little love, and I'm on the fence about SMTP settings. Would love feedback about the SMTP part, and the whole script in general. I'll be glad to fine tune it some more, I just need a point in the right direction. Hopefully if this is merged in 2.0, it won't cause a huge influx of tickets. This is the first time I've contributed to a project like this, so I don't know the social norms; if having my name at the top isn't appropriate (or fit in with the scope of Snipe It), we can remove it. No big deal, just wanted to have my name somewhere, but it's not a make-it-or-break-it thing for me :o)
331 lines
13 KiB
Bash
331 lines
13 KiB
Bash
#!/bin/bash -e
|
|
|
|
######################################################
|
|
# Snipe-It Install Script #
|
|
# Script created by Mike Tucker #
|
|
# mtucker6784@gmail.com #
|
|
# This script is just to help streamline the #
|
|
# install process for Debian and CentOS #
|
|
# based distributions. I assume you will be #
|
|
# installing as a subdomain on a fresh OS install. #
|
|
# Right now I'm n ot going to worry about SMTP setup #
|
|
# #
|
|
# Feel free to modify, but please give #
|
|
# credit where it's due. Thanks! #
|
|
######################################################
|
|
|
|
#First things first, let's set some variables and find our distro.
|
|
clear
|
|
si="Snipe-IT"
|
|
hostname="$(hostname)"
|
|
hosts=/etc/hosts
|
|
|
|
distro="$(cat /proc/version)"
|
|
ans=default
|
|
case $distro in
|
|
*Ubuntu*|*Debian*)
|
|
echo "Ubuntu/Debian detected. Carry forth."
|
|
distro=u
|
|
;;
|
|
*centos*)
|
|
echo "CentOS detected. Carry forth."
|
|
distro=c
|
|
;;
|
|
*)
|
|
echo "Not sure of this OS. Exiting for safety."
|
|
exit
|
|
;;
|
|
esac
|
|
|
|
until [[ $ans == "1.2.8" ]] || [[ $ans == "2.0" ]]; do
|
|
echo -e "Select what version of $si you want to install:\n1. 1.2.8 stable (GIT) \n2. 2.0-pre (ZIP)"
|
|
read ver
|
|
case $ver in
|
|
1 )
|
|
dir=/var/www/snipe-it
|
|
ans=1.2.8
|
|
;;
|
|
2 )
|
|
dir=/var/www/snipe-it-2.0
|
|
ans=2.0
|
|
;;
|
|
* )
|
|
echo "Please select 1 or 2"
|
|
;;
|
|
esac
|
|
done
|
|
|
|
#Get your FQDN.
|
|
echo ""
|
|
echo "$si install script - Installing $ans"
|
|
echo "Q. What is the FQDN of your server? (example: www.yourserver.com)"
|
|
read fqdn
|
|
echo ""
|
|
|
|
#Do you want to set your own passwords, or have me generate random ones?
|
|
ans=default
|
|
until [[ $ans == "yes" ]] || [[ $ans == "no" ]]; do
|
|
echo "Q. Do you want me to automatically create the MySQL root & user passwords? (y/n)"
|
|
read setpw
|
|
|
|
case $setpw in
|
|
[yY] | [yY][Ee][Ss] )
|
|
mysqlrootpw="$(echo `< /dev/urandom tr -dc _A-Za-z-0-9 | head -c6`)"
|
|
mysqluserpw="$(echo `< /dev/urandom tr -dc _A-Za-z-0-9 | head -c6`)"
|
|
echo "I'm putting this into /root/mysqlpasswords ... PLEASE REMOVE that file after you have recorded the passwords somewhere safe!"
|
|
ans="yes"
|
|
;;
|
|
|
|
[nN] | [n|N][O|o] )
|
|
echo "Q. What do you want your root PW to be?"
|
|
read mysqlrootpw
|
|
echo "Q. What do you want your snipeit user PW to be?"
|
|
read mysqluserpw
|
|
ans="no"
|
|
;;
|
|
*) echo "Invalid answer. Please type y or n"
|
|
;;
|
|
esac
|
|
done
|
|
|
|
#Snipe says we need a new 32bit key, so let's create one randomly and inject it into the file
|
|
random32="$(echo `< /dev/urandom tr -dc _A-Za-z-0-9 | head -c32`)"
|
|
|
|
#createstuff.sql will be injected to the database during install. mysqlpasswords.txt is a file that will contain the root and snipeit user passwords.
|
|
#Again, this file should be removed, which will be a prompt at the end of the script.
|
|
createstufffile=/root/createstuff.sql
|
|
passwordfile=/root/mysqlpasswords.txt
|
|
|
|
echo >> $createstufffile "CREATE DATABASE snipeit;"
|
|
echo >> $createstufffile "GRANT ALL PRIVILEGES ON snipeit.* TO snipeit@localhost IDENTIFIED BY '$mysqluserpw';"
|
|
echo >> $passwordfile "MySQL Passwords..."
|
|
echo >> $passwordfile "Root: $mysqlrootpw"
|
|
echo >> $passwordfile "User (snipeit): $mysqluserpw"
|
|
echo >> $passwordfile "32 bit random string: $random32"
|
|
echo "MySQL ROOT password: $mysqlrootpw"
|
|
echo "MySQL USER (snipeit) password: $mysqluserpw"
|
|
echo "32 bit random string: $random32"
|
|
echo "These passwords have been exported to /root/mysqlpasswords.txt...I recommend You delete this file for security purposes"
|
|
|
|
#Let us make it so only root can read the file. Again, this isn't best practice, so please remove these after the install.
|
|
chown root:root $passwordfile $creatstufffile
|
|
chmod 700 $passwordfile $createstufffile
|
|
|
|
if [[ $distro == "u" ]]; then
|
|
#Update/upgrade Debian/Ubuntu repositories, get the latest version of git.
|
|
apachefile=/etc/apache2/sites-available/$fqdn.conf
|
|
sudo apt-get update ; sudo apt-get -y upgrade ; sudo apt-get install -y git unzip
|
|
|
|
if [[ $ver == "1" ]]; then
|
|
sudo git clone https://github.com/snipe/snipe-it.git $dir
|
|
else
|
|
wget https://github.com/snipe/snipe-it/archive/2.0.zip
|
|
sudo unzip 2.0.zip -d /var/www/
|
|
fi
|
|
|
|
#We already established MySQL root & user PWs, so we dont need to be prompted. Let's go ahead and install Apache, PHP and MySQL.
|
|
sudo DEBIAN_FRONTEND=noninteractive apt-get install -y lamp-server^
|
|
sudo apt-get install -y php5 php5-mcrypt php5-curl php5-mysql
|
|
|
|
#Create MySQL accounts
|
|
echo "Create MySQL accounts"
|
|
sudo mysqladmin -u root password $mysqlrootpw
|
|
sudo mysql -u root -p$mysqlrootpw < /root/createstuff.sql
|
|
|
|
#Enable mcrypt and rewrite
|
|
sudo php5enmod mcrypt
|
|
sudo a2enmod rewrite
|
|
sudo ls -al /etc/apache2/mods-enabled/rewrite.load
|
|
|
|
#Create a new virtual host for Apache.
|
|
echo >> $apachefile ""
|
|
echo >> $apachefile ""
|
|
echo >> $apachefile "<VirtualHost *:80>"
|
|
echo >> $apachefile "ServerAdmin webmaster@localhost"
|
|
echo >> $apachefile " <Directory $dir/public>"
|
|
echo >> $apachefile " Require all granted"
|
|
echo >> $apachefile " AllowOverride All"
|
|
echo >> $apachefile " </Directory>"
|
|
echo >> $apachefile " DocumentRoot $dir/public"
|
|
echo >> $apachefile " ServerName $fqdn"
|
|
echo >> $apachefile " ErrorLog "\${APACHE_LOG_DIR}"/error.log"
|
|
echo >> $apachefile " CustomLog "\${APACHE_LOG_DIR}"/access.log combined"
|
|
echo >> $apachefile "</VirtualHost>"
|
|
echo >> $hosts "127.0.0.1 $hostname $fqdn"
|
|
a2ensite $fqdn.conf
|
|
|
|
#Change permissions on directories
|
|
sudo chmod -R 755 $dir/app/storage
|
|
sudo chmod -R 755 $dir/app/private_uploads
|
|
sudo chmod -R 755 $dir/public/uploads
|
|
sudo chown -R www-data:www-data /var/www/
|
|
echo "Finished permission changes."
|
|
|
|
#Modify the Snipe-It files necessary for a production environment.
|
|
replace "'www.yourserver.com'" "'$hostname'" -- $dir/bootstrap/start.php
|
|
cp $dir/app/config/production/database.example.php $dir/app/config/production/database.php
|
|
replace "'snipeit_laravel'," "'snipeit'," -- $dir/app/config/production/database.php
|
|
replace "'travis'," "'snipeit'," -- $dir/app/config/production/database.php
|
|
replace " 'password' => ''," " 'password' => '$mysqluserpw'," -- $dir/app/config/production/database.php
|
|
replace "'http://production.yourserver.com'," "'http://$fqdn'," -- $dir/app/config/production/database.php
|
|
cp $dir/app/config/production/app.example.php $dir/app/config/production/app.php
|
|
replace "'http://production.yourserver.com'," "'http://$fqdn'," -- $dir/app/config/production/app.php
|
|
replace "'Change_this_key_or_snipe_will_get_ya'," "'$random32'," -- $dir/app/config/production/app.php
|
|
cp $dir/app/config/production/mail.example.php $dir/app/config/production/mail.php
|
|
|
|
#Install / configure composer
|
|
sudo curl -sS https://getcomposer.org/installer | php
|
|
mv composer.phar /usr/local/bin/composer
|
|
cd $dir/
|
|
composer install --no-dev --prefer-source
|
|
php artisan app:install --env=production
|
|
|
|
service apache2 restart
|
|
else
|
|
#Make directories so we can create a new apache vhost
|
|
sudo mkdir /etc/httpd/
|
|
sudo mkdir /etc/httpd/sites-available/
|
|
sudo mkdir /etc/httpd/sites-enabled/
|
|
apachefile=/etc/httpd/sites-available/$fqdn.conf
|
|
apachefileen=/etc/httpd/sites-enabled/$fqdn.conf
|
|
apachecfg=/etc/httpd/conf/httpd.conf
|
|
|
|
#Allow us to get the mysql engine
|
|
sudo rpm -Uvh http://dev.mysql.com/get/mysql-community-release-el7-5.noarch.rpm
|
|
sudo yum -y install httpd mysql-server wget git unzip
|
|
|
|
if [[ $ver == "1" ]]; then
|
|
sudo git clone https://github.com/snipe/snipe-it.git $dir
|
|
else
|
|
wget https://github.com/snipe/snipe-it/archive/2.0.zip
|
|
sudo unzip 2.0.zip -d /var/www/
|
|
fi
|
|
|
|
sudo /sbin/service mysqld start
|
|
|
|
#Create MySQL accounts
|
|
echo "Create MySQL accounts"
|
|
sudo mysqladmin -u root password $mysqlrootpw
|
|
echo ""
|
|
echo "***Your Current ROOT password is---> $mysqlrootpw"
|
|
echo "***Use $mysqlrootpw at the following prompt for root login***"
|
|
sudo /usr/bin/mysql_secure_installation
|
|
|
|
#Install PHP stuff.
|
|
sudo yum -y install php php-mysql php-bcmath.x86_64 php-cli.x86_64 php-common.x86_64 php-embedded.x86_64 php-gd.x86_64 php-mbstring
|
|
wget http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm
|
|
rpm -ivh epel-release-7-5.noarch.rpm
|
|
yum install -y --enablerepo="epel" php-mcrypt
|
|
|
|
#Create the new virtual host in Apache.
|
|
echo >> $apachefile ""
|
|
echo >> $apachefile ""
|
|
echo >> $apachefile "<VirtualHost *:80>"
|
|
echo >> $apachefile "ServerAdmin webmaster@localhost"
|
|
echo >> $apachefile " <Directory $dir/public>"
|
|
echo >> $apachefile " Require all granted"
|
|
echo >> $apachefile " AllowOverride All"
|
|
echo >> $apachefile " Options +Indexes"
|
|
echo >> $apachefile " </Directory>"
|
|
echo >> $apachefile " DocumentRoot $dir/public"
|
|
echo >> $apachefile " ServerName $fqdn"
|
|
echo >> $apachefile " ErrorLog /var/log/httpd/snipe.error.log"
|
|
echo >> $apachefile " CustomLog /var/log/access.log combined"
|
|
echo >> $apachefile "</VirtualHost>"
|
|
echo >> $hosts "127.0.0.1 $hostname $fqdn"
|
|
sudo ln -s $apachefile $apachefileen
|
|
|
|
#Enable rewrite and vhost
|
|
echo >> $apachecfg "LoadModule rewrite_module modules/mod_rewrite.so"
|
|
echo >> $apachecfg "IncludeOptional sites-enabled/*.conf"
|
|
|
|
#Change permissions on directories
|
|
sudo chmod -R 755 $dir/app/storage
|
|
sudo chmod -R 755 $dir/app/private_uploads
|
|
sudo chmod -R 755 $dir/public/uploads
|
|
sudo chown -R apache:apache /var/www/
|
|
|
|
service httpd restart
|
|
|
|
#Modify the Snipe-It files necessary for a production environment.
|
|
replace "'www.yourserver.com'" "'$hostname'" -- $dir/bootstrap/start.php
|
|
cp $dir/app/config/production/database.example.php $dir/app/config/production/database.php
|
|
replace "'snipeit_laravel'," "'snipeit'," -- $dir/app/config/production/database.php
|
|
replace "'travis'," "'snipeit'," -- $dir/app/config/production/database.php
|
|
replace " 'password' => ''," " 'password' => '$mysqluserpw'," -- $dir/app/config/production/database.php
|
|
replace "'http://production.yourserver.com'," "'http://$fqdn'," -- $dir/app/config/production/database.php
|
|
cp $dir/app/config/production/app.example.php $dir/app/config/production/app.php
|
|
replace "'http://production.yourserver.com'," "'http://$fqdn'," -- $dir/app/config/production/app.php
|
|
replace "'Change_this_key_or_snipe_will_get_ya'," "'$random32'," -- $dir/app/config/production/app.php
|
|
cp $dir/app/config/production/mail.example.php $dir/app/config/production/mail.php
|
|
|
|
#Install / configure composer
|
|
cd $dir
|
|
sudo mysql -u root -p$mysqlrootpw < /root/createstuff.sql
|
|
sudo curl -sS https://getcomposer.org/installer | php
|
|
php composer.phar install --no-dev --prefer-source
|
|
php artisan app:install --env=production
|
|
|
|
#Add SELinux and firewall exception/rules. You'll have to allow 443 if you want ssl connectivity.
|
|
chcon -R -h -t httpd_sys_script_rw_t $dir/
|
|
firewall-cmd --zone=public --add-port=80/tcp --permanent
|
|
firewall-cmd --reload
|
|
|
|
service httpd restart
|
|
fi
|
|
|
|
#Todo(?) To Mail or Not To Mail environment here.
|
|
#echo "Q. Do you want me to install sendmail and help you configure your mail environment?"
|
|
#echo "Please note that while I'll install sendmail, I'll still send you to a nano environment to edit the mail.php file at the end of this install."
|
|
#read setpw
|
|
#case $setpw in
|
|
#
|
|
# [yY] | [yY][Ee][Ss] )
|
|
# apt-get install -y sendmail
|
|
# installmail=yes
|
|
# ;;
|
|
#
|
|
# [nN] | [n|N][O|o] )
|
|
# echo "Ok, no problem."
|
|
# ;;
|
|
# *) echo "Invalid answer"
|
|
# ;;
|
|
#esac
|
|
|
|
echo ""; echo ""; echo ""
|
|
echo "***I have no idea about your mail environment, so if you want email capability, open up the following***"
|
|
echo "nano -w $dir/app/config/production/mail.php"
|
|
echo "And edit the attributes appropriately."
|
|
sleep 1
|
|
|
|
echo "";echo "";echo ""
|
|
ans=default
|
|
until [[ $ans == "yes" ]] || [[ $ans == "no" ]]; do
|
|
echo "Q. Shall I delete the password files I created? (Remember to record the passwords before deleting) (y/n)"
|
|
read setpw
|
|
case $setpw in
|
|
|
|
[yY] | [yY][Ee][Ss] )
|
|
rm $createstufffile
|
|
rm $passwordfile
|
|
echo "$createstufffile and $passwordfile files have been removed."
|
|
ans=yes
|
|
;;
|
|
[nN] | [n|N][O|o] )
|
|
echo "Ok, I won't remove the file. Please for the love of security, record the passwords and delete this file regardless."
|
|
echo "$si cannot be held responsible if this file is compromised!"
|
|
echo "From Snipe: I cannot encourage or even facilitate poor security practices, and still sleep the few, frantic hours I sleep at night."
|
|
ans=no
|
|
;;
|
|
*)
|
|
echo "Please select a valid option"
|
|
;;
|
|
esac
|
|
done
|
|
|
|
echo ""
|
|
echo ""
|
|
echo "***$si should now be installed. open up http://$fqdn in a web browser to verify.***"
|
|
#echo "***If you want mail capabilities, open $dir/app/config/production/mail.php and fill out the attributes***"
|
|
sleep 1
|