-
Notifications
You must be signed in to change notification settings - Fork 0
/
guac-install.sh
executable file
·319 lines (273 loc) · 9.5 KB
/
guac-install.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
#!/bin/bash
# Check if user is root or sudo
if ! [ $(id -u) = 0 ]; then echo "Please run this script as sudo or root"; exit 1 ; fi
# Version number of Guacamole to install
GUACVERSION="1.0.0"
# Colors to use for output
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
RED='\033[0;31m'
GREEN='\033[0;32m'
NC='\033[0m' # No Color
# Log Location
LOG="/tmp/guacamole_${GUACVERSION}_build.log"
# Get script arguments for non-interactive mode
while [ "$1" != "" ]; do
case $1 in
-m | --mysqlpwd )
shift
mysqlpwd="$1"
;;
-g | --guacpwd )
shift
guacpwd="$1"
;;
-u | --mysqluser )
shift
mysqluser="$1"
;;
-d | --database )
shift
DB="$1"
;;
esac
shift
done
# Checking if mysql user given
if [ -z "$mysqluser" ]; then
mysqluser="guacamole_user"
fi
# Checking if database name given
if [ -z "$DB" ]; then
DB="guacamole_db"
fi
# Get MySQL root password and Guacamole User password
if [ -n "$mysqlpwd" ] && [ -n "$guacpwd" ]; then
mysqlrootpassword=$mysqlpwd
guacdbuserpassword=$guacpwd
else
echo
while true
do
read -s -p "Enter a MySQL ROOT Password: " mysqlrootpassword
echo
read -s -p "Confirm MySQL ROOT Password: " password2
echo
[ "$mysqlrootpassword" = "$password2" ] && break
echo "Passwords don't match. Please try again."
echo
done
echo
while true
do
read -s -p "Enter a Guacamole User Database Password: " guacdbuserpassword
echo
read -s -p "Confirm Guacamole User Database Password: " password2
echo
[ "$guacdbuserpassword" = "$password2" ] && break
echo "Passwords don't match. Please try again."
echo
done
echo
fi
debconf-set-selections <<< "mysql-server mysql-server/root_password password $mysqlrootpassword"
debconf-set-selections <<< "mysql-server mysql-server/root_password_again password $mysqlrootpassword"
# Ubuntu and Debian have different package names for libjpeg
# Ubuntu and Debian versions have differnet package names for libpng-dev
# Ubuntu 18.04 does not include universe repo by default
source /etc/os-release
if [[ "${NAME}" == "Ubuntu" ]]
then
JPEGTURBO="libjpeg-turbo8-dev"
if [[ "${VERSION_ID}" == "18.04" ]]
then
sed -i 's/bionic main$/bionic main universe/' /etc/apt/sources.list
fi
if [[ "${VERSION_ID}" == "16.04" ]]
then
LIBPNG="libpng12-dev"
else
LIBPNG="libpng-dev"
fi
elif [[ "${NAME}" == *"Debian"* ]] || [[ "${NAME}" == *"Raspbian"* ]]
then
JPEGTURBO="libjpeg62-turbo-dev"
if [[ "${PRETTY_NAME}" == *"stretch"* ]]
then
LIBPNG="libpng-dev"
else
LIBPNG="libpng12-dev"
fi
else
echo "Unsupported Distro - Ubuntu or Debian Only"
exit 1
fi
# Update apt so we can search apt-cache for newest tomcat version supported
apt-get -qq update
# Tomcat 8.0.x is End of Life, however Tomcat 7.x is not...
# If Tomcat 8.5.x or newer is available install it, otherwise install Tomcat 7
# I have not testing with Tomcat9...
if [[ $(apt-cache show tomcat8 | egrep "Version: 8.[5-9]" | wc -l) -gt 0 ]]
then
TOMCAT="tomcat8"
else
TOMCAT="tomcat7"
fi
if [ -z $(command -v mysql) ]
then
MYSQL="mysql-server mysql-client mysql-common mysql-utilities"
else
MYSQL=""
fi
# Uncomment to manually force a tomcat version
#TOMCAT=""
# Install features
echo -e "${BLUE}Installing dependencies. This might take a few minutes...${NC}"
export DEBIAN_FRONTEND=noninteractive
apt-get -y install build-essential libcairo2-dev ${JPEGTURBO} ${LIBPNG} libossp-uuid-dev libavcodec-dev libavutil-dev \
libswscale-dev libfreerdp-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libpulse-dev libssl-dev \
libvorbis-dev libwebp-dev ${MYSQL} libmysql-java ${TOMCAT} freerdp-x11 \
ghostscript wget dpkg-dev &>> ${LOG}
if [ $? -ne 0 ]; then
echo -e "${RED}Failed. See ${LOG}${NC}"
exit 1
else
echo -e "${GREEN}OK${NC}"
fi
# Set SERVER to be the preferred download server from the Apache CDN
SERVER="http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/${GUACVERSION}"
echo -e "${BLUE}Downloading Files...${NC}"
# Download Guacamole Server
wget -q --show-progress -O guacamole-server-${GUACVERSION}.tar.gz ${SERVER}/source/guacamole-server-${GUACVERSION}.tar.gz
if [ $? -ne 0 ]; then
echo -e "${RED}Failed to download guacamole-server-${GUACVERSION}.tar.gz"
echo -e "${SERVER}/source/guacamole-server-${GUACVERSION}.tar.gz${NC}"
exit 1
fi
echo -e "${GREEN}Downloaded guacamole-server-${GUACVERSION}.tar.gz${NC}"
# Download Guacamole Client
wget -q --show-progress -O guacamole-${GUACVERSION}.war ${SERVER}/binary/guacamole-${GUACVERSION}.war
if [ $? -ne 0 ]; then
echo -e "${RED}Failed to download guacamole-${GUACVERSION}.war"
echo -e "${SERVER}/binary/guacamole-${GUACVERSION}.war${NC}"
exit 1
fi
echo -e "${GREEN}Downloaded guacamole-${GUACVERSION}.war${NC}"
# Download Guacamole authentication extensions (Database)
wget -q --show-progress -O guacamole-auth-jdbc-${GUACVERSION}.tar.gz ${SERVER}/binary/guacamole-auth-jdbc-${GUACVERSION}.tar.gz
if [ $? -ne 0 ]; then
echo -e "${RED}Failed to download guacamole-auth-jdbc-${GUACVERSION}.tar.gz"
echo -e "${SERVER}/binary/guacamole-auth-jdbc-${GUACVERSION}.tar.gz"
exit 1
fi
echo -e "${GREEN}Downloaded guacamole-auth-jdbc-${GUACVERSION}.tar.gz${NC}"
# Optional
# Download Guacamole authentication extensions (TOTP)
read -p 'Would you like to install two factor authentication (y/n)? ' varinput
if [[ $varinput =~ ^[Yy]$ ]]; then
wget -q --show-progress -O guacamole-auth-totp-${GUACVERSION}.tar.gz ${SERVER}/binary/guacamole-auth-totp-${GUACVERSION}.tar.gz
if [ $? -ne 0 ]; then
echo -e "${RED}Failed to download guacamole-auth-totp-${GUACVERSION}.tar.gz"
echo -e "${SERVER}/binary/guacamole-auth-totp-${GUACVERSION}.tar.gz"
exit 1
fi
echo -e "${GREEN}Downloaded guacamole-auth-totp-${GUACVERSION}.tar.gz${NC}"
echo -e "${GREEN}Downloading complete.${NC}"
tar -xzf guacamole-auth-totp-${GUACVERSION}.tar.gz
mkdir -p /etc/guacamole/extensions
cp guacamole-auth-totp-${GUACVERSION}/guacamole-auth-totp-${GUACVERSION}.jar /etc/guacamole/extensions/
fi
# Extract Guacamole files
tar -xzf guacamole-server-${GUACVERSION}.tar.gz
tar -xzf guacamole-auth-jdbc-${GUACVERSION}.tar.gz
# Make directories
mkdir -p /etc/guacamole/lib
# If folder doesn't exist
if ! [[ -d "/etc/guacamole/extensions" ]]; then
mkdir -p /etc/guacamole/extensions
fi
# Install guacd
cd guacamole-server-${GUACVERSION}
echo -e "${BLUE}Building Guacamole with GCC $(gcc --version | head -n1 | grep -oP '\)\K.*' | awk '{print $1}') ${NC}"
echo -e "${BLUE}Configuring. This might take a minute...${NC}"
./configure --with-init-dir=/etc/init.d &>> ${LOG}
if [ $? -ne 0 ]; then
echo -e "${RED}Failed. See ${LOG}${NC}"
exit 1
else
echo -e "${GREEN}OK${NC}"
fi
echo -e "${BLUE}Running Make. This might take a few minutes...${NC}"
make &>> ${LOG}
if [ $? -ne 0 ]; then
echo -e "${RED}Failed. See ${LOG}${NC}"
exit 1
else
echo -e "${GREEN}OK${NC}"
fi
echo -e "${BLUE}Running Make Install...${NC}"
make install &>> ${LOG}
if [ $? -ne 0 ]; then
echo -e "${RED}Failed. See ${LOG}${NC}"
exit 1
else
echo -e "${GREEN}OK${NC}"
fi
ldconfig
systemctl enable guacd
cd ..
# Get build-folder
BUILD_FOLDER=$(dpkg-architecture -qDEB_BUILD_GNU_TYPE)
# Move files to correct locations
mv guacamole-${GUACVERSION}.war /etc/guacamole/guacamole.war
ln -s /etc/guacamole/guacamole.war /var/lib/${TOMCAT}/webapps/
ln -s /usr/local/lib/freerdp/guac*.so /usr/lib/${BUILD_FOLDER}/freerdp/
ln -s /usr/share/java/mysql-connector-java.jar /etc/guacamole/lib/
cp guacamole-auth-jdbc-${GUACVERSION}/mysql/guacamole-auth-jdbc-mysql-${GUACVERSION}.jar /etc/guacamole/extensions/
# Configure guacamole.properties
rm -f /etc/guacamole/guacamole.properties
touch /etc/guacamole/guacamole.properties
echo "mysql-hostname: localhost" >> /etc/guacamole/guacamole.properties
echo "mysql-port: 3306" >> /etc/guacamole/guacamole.properties
echo "mysql-database: ${DB}" >> /etc/guacamole/guacamole.properties
echo "mysql-username: ${mysqluser}" >> /etc/guacamole/guacamole.properties
echo "mysql-password: ${guacdbuserpassword}" >> /etc/guacamole/guacamole.properties
# restart tomcat
echo -e "${BLUE}Restarting tomcat...${NC}"
service ${TOMCAT} restart
if [ $? -ne 0 ]; then
echo -e "${RED}Failed${NC}"
exit 1
else
echo -e "${GREEN}OK${NC}"
fi
# Create guacamole_db and grant $mysqluser permissions to it
# SQL code
SQLCODE="
create database ${DB};
create user if not exists '${mysqluser}'@'localhost' identified by \"${guacdbuserpassword}\";
GRANT SELECT,INSERT,UPDATE,DELETE ON guacamole_db.* TO '${mysqluser}'@'localhost';
flush privileges;"
# Execute SQL code
echo ${SQLCODE} | mysql -u root -p${mysqlrootpassword}
# Add Guacamole schema to newly created database
echo -e "Adding db tables..."
cat guacamole-auth-jdbc-${GUACVERSION}/mysql/schema/*.sql | mysql -u root -p${mysqlrootpassword} ${DB}
if [ $? -ne 0 ]; then
echo -e "${RED}Failed${NC}"
exit 1
else
echo -e "${GREEN}OK${NC}"
fi
# Ensure guacd is started
service guacd start
# Cleanup
echo -e "${BLUE}Cleanup install files...${NC}"
rm -rf guacamole-*
if [ $? -ne 0 ]; then
echo -e "${RED}Failed${NC}"
exit 1
else
echo -e "${GREEN}OK${NC}"
fi
echo -e "${BLUE}Installation Complete\nhttp://localhost:8080/guacamole/\nDefault login guacadmin:guacadmin\nBe sure to change the password.${NC}"