From b04a451f954a830ddf3ec60a8eb868c0b6a4455c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BB=91=E6=AD=8C-=E5=85=B1=E7=A9=B7=E5=9B=BD=E9=99=85?= =?UTF-8?q?=E5=A4=A7=E4=B8=AD=E5=8D=8E=E5=8C=BACFO?= <47450409+dysf888@users.noreply.github.com> Date: Mon, 12 Dec 2022 22:50:36 +0800 Subject: [PATCH] Fix fatal permission issue Fix non-arch system execution installation arch system related software errors Fix the problem that the created user has login permissions, etc. --- script/install_en.sh | 390 +++++++++++++++++++++++-------------------- 1 file changed, 205 insertions(+), 185 deletions(-) diff --git a/script/install_en.sh b/script/install_en.sh index dcf79af834..aee4e3e4ae 100755 --- a/script/install_en.sh +++ b/script/install_en.sh @@ -2,7 +2,7 @@ #======================================================== # System Required: CentOS 7+ / Debian 8+ / Ubuntu 16+ / Alpine 3+ / -# Arch not tested +# Arch has only been tested once, if there is any problem, please report with screenshots Dysf888@pm.me # Description: Nezha Monitoring Install Script # Github: https://github.com/naiba/nezha #======================================================== @@ -24,25 +24,25 @@ os_arch="" pre_check() { [ "$os_alpine" != 1 ] && ! command -v systemctl >/dev/null 2>&1 && echo "This system is not supported: systemctl not found" && exit 1 - + # check root [[ $EUID -ne 0 ]] && echo -e "${red}ERROR: ${plain} This script must be run with the root user!\n" && exit 1 - + ## os_arch if [[ $(uname -m | grep 'x86_64') != "" ]]; then os_arch="amd64" - elif [[ $(uname -m | grep 'i386\|i686') != "" ]]; then + elif [[ $(uname -m | grep 'i386\|i686') != "" ]]; then os_arch="386" - elif [[ $(uname -m | grep 'aarch64\|armv8b\|armv8l') != "" ]]; then + elif [[ $(uname -m | grep 'aarch64\|armv8b\|armv8l') != "" ]]; then os_arch="arm64" - elif [[ $(uname -m | grep 'arm') != "" ]]; then + elif [[ $(uname -m | grep 'arm') != "" ]]; then os_arch="arm" - elif [[ $(uname -m | grep 's390x') != "" ]]; then + elif [[ $(uname -m | grep 's390x') != "" ]]; then os_arch="s390x" - elif [[ $(uname -m | grep 'riscv64') != "" ]]; then + elif [[ $(uname -m | grep 'riscv64') != "" ]]; then os_arch="riscv64" fi - + GITHUB_RAW_URL="raw.githubusercontent.com/naiba/nezha/master" GITHUB_URL="github.com" Get_Docker_URL="get.docker.com" @@ -68,7 +68,7 @@ confirm() { update_script() { echo -e "> Update Script" - + curl -sL https://${GITHUB_RAW_URL}/script/install_en.sh -o /tmp/nezha.sh new_version=$(cat /tmp/nezha.sh | grep "NZ_VERSION" | head -n 1 | awk -F "=" '{print $2}' | sed 's/\"//g;s/,//g;s/ //g') if [ ! -n "$new_version" ]; then @@ -77,7 +77,7 @@ update_script() { fi echo -e "The current latest version is: ${new_version}" mv -f /tmp/nezha.sh ./nezha.sh && chmod a+x ./nezha.sh - + echo -e "Execute new script after 3s" sleep 3s clear @@ -92,23 +92,43 @@ before_show_menu() { install_base() { (command -v git >/dev/null 2>&1 && command -v curl >/dev/null 2>&1 && command -v wget >/dev/null 2>&1 && command -v unzip >/dev/null 2>&1 && command -v getenforce >/dev/null 2>&1) || - (install_soft curl wget git unzip) + (install_soft curl wget git unzip) } +install_arch(){ + echo -e "${green}Info: ${plain} Archlinux needs to add nezha-agent user to install libselinux. It will be deleted automatically after installation. It is recommended to check manually\n" + read -e -r -p "Do you need to install libselinux? [Y/n] " input + case $input in + [yY][eE][sS] | [yY]) + useradd -m nezha-agent + sed -i "$ a\nezha-agent ALL=(ALL ) NOPASSWD:ALL" /etc/sudoers + sudo -iu nezha-agent yay -S libselinux --noconfirm + sed -i '/nezha-agent/d' /etc/sudoers && sleep 30s && killall -u nezha-agent&&userdel nezha-agent + echo -e "${red}Info: ${plain}user nezha-agent has been deleted, Be sure to check it manually!\n" + ;; + [nN][oO] | [nN]) + echo "Libselinux will not be installed" + ;; + *) + echo "Libselinux will not be installed" + exit 0 + ;; + esac +} + install_soft() { - # The official Arch library does not contain selinux components (command -v yum >/dev/null 2>&1 && yum makecache && yum install $* selinux-policy -y) || - (command -v apt >/dev/null 2>&1 && apt update && apt install $* selinux-utils -y) || - (command -v pacman >/dev/null 2>&1 && pacman -Syu $*) || - (command -v apt-get >/dev/null 2>&1 && apt-get update && apt-get install $* selinux-utils -y) || - (command -v apk >/dev/null 2>&1 && apk update && apk add $* -f) + (command -v apt >/dev/null 2>&1 && apt update && apt install $* selinux-utils -y) || + (command -v pacman >/dev/null 2>&1 && pacman -Syu $* yay --noconfirm && install_arch) || + (command -v apt-get >/dev/null 2>&1 && apt-get update && apt-get install $* selinux-utils -y) || + (command -v apk >/dev/null 2>&1 && apk update && apk add $* -f) } install_dashboard() { install_base - + echo -e "> Install Panel" - + # Nezha Monitoring Folder if [ ! -d "${NZ_DASHBOARD_PATH}" ]; then mkdir -p $NZ_DASHBOARD_PATH @@ -116,21 +136,21 @@ install_dashboard() { echo "You may have already installed the dashboard, repeated installation will overwrite the data, please pay attention to backup." read -e -r -p "Exit the installation? [Y/n] " input case $input in - [yY][eE][sS] | [yY]) - echo "Exit the installation." - exit 0 + [yY][eE][sS] | [yY]) + echo "Exit the installation." + exit 0 ;; - [nN][oO] | [nN]) - echo "Continue." + [nN][oO] | [nN]) + echo "Continue." ;; - *) - echo "Exit the installation." - exit 0 + *) + echo "Exit the installation." + exit 0 ;; esac fi chmod 777 -R $NZ_DASHBOARD_PATH - + command -v docker >/dev/null 2>&1 if [[ $? != 0 ]]; then echo -e "Installing Docker" @@ -143,9 +163,9 @@ install_dashboard() { systemctl start docker.service echo -e "${green}Docker${plain} installed successfully" fi - + modify_dashboard_config 0 - + if [[ $# == 0 ]]; then before_show_menu fi @@ -154,24 +174,24 @@ install_dashboard() { selinux(){ #Check SELinux if [ "$os_alpine" != 1 ];then - getenforce | grep '[Ee]nfor' - if [ $? -eq 0 ];then - echo -e "SELinux running,closing now!" - setenforce 0 &>/dev/null - find_key="SELINUX=" - sed -ri "/^$find_key/c${find_key}disabled" /etc/selinux/config - fi + getenforce | grep '[Ee]nfor' + if [ $? -eq 0 ];then + echo -e "SELinux running,closing now!" + setenforce 0 &>/dev/null + find_key="SELINUX=" + sed -ri "/^$find_key/c${find_key}disabled" /etc/selinux/config + fi fi } install_agent() { install_base selinux - + echo -e "> Install Nezha Agent" - + echo -e "Obtaining Agent version" - + local version=$(curl -m 10 -sL "https://api.github.com/repos/naiba/nezha/releases/latest" | grep "tag_name" | head -n 1 | awk -F ":" '{print $2}' | sed 's/\"//g;s/,//g;s/ //g') if [ ! -n "$version" ]; then version=$(curl -m 10 -sL "https://fastly.jsdelivr.net/gh/naiba/nezha/" | grep "option\.value" | awk -F "'" '{print $2}' | sed 's/naiba\/nezha@/v/g') @@ -179,35 +199,35 @@ install_agent() { if [ ! -n "$version" ]; then version=$(curl -m 10 -sL "https://gcore.jsdelivr.net/gh/naiba/nezha/" | grep "option\.value" | awk -F "'" '{print $2}' | sed 's/naiba\/nezha@/v/g') fi - + if [ ! -n "$version" ]; then echo -e "Fail to obtaine agent version, please check if the network can link https://api.github.com/repos/naiba/nezha/releases/latest" return 0 else echo -e "The current latest version is: ${version}" fi - + # Nezha Monitoring Folder mkdir -p $NZ_AGENT_PATH chmod 777 -R $NZ_AGENT_PATH - + echo -e "Downloading Agent" wget -t 2 -T 10 -O nezha-agent_linux_${os_arch}.zip https://${GITHUB_URL}/naiba/nezha/releases/download/${version}/nezha-agent_linux_${os_arch}.zip >/dev/null 2>&1 if [[ $? != 0 ]]; then echo -e "${red}Fail to download agent, please check if the network can link ${GITHUB_URL}${plain}" return 0 fi - + unzip -qo nezha-agent_linux_${os_arch}.zip && - mv nezha-agent $NZ_AGENT_PATH && - rm -rf nezha-agent_linux_${os_arch}.zip README.md - + mv nezha-agent $NZ_AGENT_PATH && + rm -rf nezha-agent_linux_${os_arch}.zip README.md + if [ $# -ge 3 ]; then modify_agent_config "$@" else modify_agent_config 0 fi - + if [[ $# == 0 ]]; then before_show_menu fi @@ -215,20 +235,20 @@ install_agent() { modify_agent_config() { echo -e "> Modify Agent Configuration" - + if [ "$os_alpine" != 1 ];then - wget -t 2 -T 10 -O $NZ_AGENT_SERVICE https://${GITHUB_RAW_URL}/script/nezha-agent.service >/dev/null 2>&1 - if [[ $? != 0 ]]; then - echo -e "${red}Fail to download service, please check if the network can link ${GITHUB_RAW_URL}${plain}" - return 0 - fi + wget -t 2 -T 10 -O $NZ_AGENT_SERVICE https://${GITHUB_RAW_URL}/script/nezha-agent.service >/dev/null 2>&1 + if [[ $? != 0 ]]; then + echo -e "${red}Fail to download service, please check if the network can link ${GITHUB_RAW_URL}${plain}" + return 0 + fi fi - + if [ $# -lt 3 ]; then echo "Please add Agent in the admin panel first, record the secret" && - read -ep "Please enter a domain that resolves to the IP where the panel is located (no CDN sets): " nz_grpc_host && - read -ep "Please enter the panel RPC port: (5555)" nz_grpc_port && - read -ep "Please enter the Agent secret: " nz_client_secret + read -ep "Please enter a domain that resolves to the IP where the panel is located (no CDN sets): " nz_grpc_host && + read -ep "Please enter the panel RPC port: (5555)" nz_grpc_port && + read -ep "Please enter the Agent secret: " nz_client_secret if [[ -z "${nz_grpc_host}" || -z "${nz_client_secret}" ]]; then echo -e "${red}All options cannot be empty${plain}" before_show_menu @@ -242,32 +262,32 @@ modify_agent_config() { nz_grpc_port=$2 nz_client_secret=$3 fi - + if [ "$os_alpine" != 1 ];then - sed -i "s/nz_grpc_host/${nz_grpc_host}/" ${NZ_AGENT_SERVICE} - sed -i "s/nz_grpc_port/${nz_grpc_port}/" ${NZ_AGENT_SERVICE} - sed -i "s/nz_client_secret/${nz_client_secret}/" ${NZ_AGENT_SERVICE} - - shift 3 - if [ $# -gt 0 ]; then - args=" $*" - sed -i "/ExecStart/ s/$/${args}/" ${NZ_AGENT_SERVICE} - fi + sed -i "s/nz_grpc_host/${nz_grpc_host}/" ${NZ_AGENT_SERVICE} + sed -i "s/nz_grpc_port/${nz_grpc_port}/" ${NZ_AGENT_SERVICE} + sed -i "s/nz_client_secret/${nz_client_secret}/" ${NZ_AGENT_SERVICE} + + shift 3 + if [ $# -gt 0 ]; then + args=" $*" + sed -i "/ExecStart/ s/$/${args}/" ${NZ_AGENT_SERVICE} + fi else - echo "@reboot nohup ${NZ_AGENT_PATH}/nezha-agent -s ${nz_grpc_host}:${nz_grpc_port} -p ${nz_client_secret} >/dev/null 2>&1 &" >> /etc/crontabs/root - crond + echo "@reboot nohup ${NZ_AGENT_PATH}/nezha-agent -s ${nz_grpc_host}:${nz_grpc_port} -p ${nz_client_secret} >/dev/null 2>&1 &" >> /etc/crontabs/root + crond fi - + echo -e "Agent configuration ${green} modified successfully, please wait for agent self-restart to take effect${plain}" - + if [ "$os_alpine" != 1 ];then - systemctl daemon-reload - systemctl enable nezha-agent - systemctl restart nezha-agent + systemctl daemon-reload + systemctl enable nezha-agent + systemctl restart nezha-agent else - nohup ${NZ_AGENT_PATH}/nezha-agent -s ${nz_grpc_host}:${nz_grpc_port} -p ${nz_client_secret} >/dev/null 2>&1 & + nohup ${NZ_AGENT_PATH}/nezha-agent -s ${nz_grpc_host}:${nz_grpc_port} -p ${nz_client_secret} >/dev/null 2>&1 & fi - + if [[ $# == 0 ]]; then before_show_menu fi @@ -275,36 +295,36 @@ modify_agent_config() { modify_dashboard_config() { echo -e "> Modify Panel Configuration" - + echo -e "Download Docker Script" wget -t 2 -T 10 -O /tmp/nezha-docker-compose.yaml https://${GITHUB_RAW_URL}/script/docker-compose.yaml >/dev/null 2>&1 if [[ $? != 0 ]]; then echo -e "${red}Script failed to get, please check if the network can link ${GITHUB_RAW_URL}${plain}" return 0 fi - + wget -t 2 -T 10 -O /tmp/nezha-config.yaml https://${GITHUB_RAW_URL}/script/config.yaml >/dev/null 2>&1 if [[ $? != 0 ]]; then echo -e "${red}Script failed to get, please check if the network can link ${GITHUB_RAW_URL}${plain}" return 0 fi - + echo "About the GitHub Oauth2 application: create it at https://github.com/settings/developers, no review required, and fill in the http(s)://domain_or_IP/oauth2/callback" && - echo "(Not recommended) About the Gitee Oauth2 application: create it at https://gitee.com/oauth/applications, no auditing required, and fill in the http(s)://domain_or_IP/oauth2/callback" && - read -ep "Please enter the OAuth2 provider (github/gitlab/jihulab/gitee, default github): " nz_oauth2_type && - read -ep "Please enter the Client ID of the Oauth2 application: " nz_github_oauth_client_id && - read -ep "Please enter the Client Secret of the Oauth2 application: " nz_github_oauth_client_secret && - read -ep "Please enter your GitHub/Gitee login name as the administrator, separated by commas: " nz_admin_logins && - read -ep "Please enter the site title: " nz_site_title && - read -ep "Please enter the site access port: (default 8008)" nz_site_port && - read -ep "Please enter the RPC port to be used for Agent access: (default 5555)" nz_grpc_port - + echo "(Not recommended) About the Gitee Oauth2 application: create it at https://gitee.com/oauth/applications, no auditing required, and fill in the http(s)://domain_or_IP/oauth2/callback" && + read -ep "Please enter the OAuth2 provider (github/gitlab/jihulab/gitee, default github): " nz_oauth2_type && + read -ep "Please enter the Client ID of the Oauth2 application: " nz_github_oauth_client_id && + read -ep "Please enter the Client Secret of the Oauth2 application: " nz_github_oauth_client_secret && + read -ep "Please enter your GitHub/Gitee login name as the administrator, separated by commas: " nz_admin_logins && + read -ep "Please enter the site title: " nz_site_title && + read -ep "Please enter the site access port: (default 8008)" nz_site_port && + read -ep "Please enter the RPC port to be used for Agent access: (default 5555)" nz_grpc_port + if [[ -z "${nz_admin_logins}" || -z "${nz_github_oauth_client_id}" || -z "${nz_github_oauth_client_secret}" || -z "${nz_site_title}" ]]; then echo -e "${red}All options cannot be empty${plain}" before_show_menu return 1 fi - + if [[ -z "${nz_site_port}" ]]; then nz_site_port=8008 fi @@ -314,7 +334,7 @@ modify_dashboard_config() { if [[ -z "${nz_oauth2_type}" ]]; then nz_oauth2_type=github fi - + sed -i "s/nz_oauth2_type/${nz_oauth2_type}/" /tmp/nezha-config.yaml sed -i "s/nz_admin_logins/${nz_admin_logins}/" /tmp/nezha-config.yaml sed -i "s/nz_grpc_port/${nz_grpc_port}/" /tmp/nezha-config.yaml @@ -325,15 +345,15 @@ modify_dashboard_config() { sed -i "s/nz_site_port/${nz_site_port}/" /tmp/nezha-docker-compose.yaml sed -i "s/nz_grpc_port/${nz_grpc_port}/g" /tmp/nezha-docker-compose.yaml sed -i "s/nz_image_url/${Docker_IMG}/" /tmp/nezha-docker-compose.yaml - + mkdir -p $NZ_DASHBOARD_PATH/data mv -f /tmp/nezha-config.yaml ${NZ_DASHBOARD_PATH}/data/config.yaml mv -f /tmp/nezha-docker-compose.yaml ${NZ_DASHBOARD_PATH}/docker-compose.yaml - + echo -e "Dashboard configuration ${green} modified successfully, please wait for Dashboard self-restart to take effect${plain}" - + restart_and_update - + if [[ $# == 0 ]]; then before_show_menu fi @@ -341,7 +361,7 @@ modify_dashboard_config() { restart_and_update() { echo -e "> Restart and Update the Panel" - + cd $NZ_DASHBOARD_PATH docker compose version @@ -354,14 +374,14 @@ restart_and_update() { docker-compose down docker-compose up -d fi - + if [[ $? == 0 ]]; then echo -e "${green}Nezha Monitoring Restart Successful${plain}" echo -e "Default panel address: ${yellow}domain:Site_access_port${plain}" else echo -e "${red}The restart failed, probably because the boot time exceeded two seconds, please check the log information later${plain}" fi - + if [[ $# == 0 ]]; then before_show_menu fi @@ -369,20 +389,20 @@ restart_and_update() { start_dashboard() { echo -e "> Start Panel" - + docker compose version if [[ $? == 0 ]]; then cd $NZ_DASHBOARD_PATH && docker compose up -d else cd $NZ_DASHBOARD_PATH && docker-compose up -d fi - + if [[ $? == 0 ]]; then echo -e "${green}Nezha Monitoring Start Successful${plain}" else echo -e "${red}Failed to start, please check the log message later${plain}" fi - + if [[ $# == 0 ]]; then before_show_menu fi @@ -390,20 +410,20 @@ start_dashboard() { stop_dashboard() { echo -e "> Stop Panel" - + docker compose version if [[ $? == 0 ]]; then cd $NZ_DASHBOARD_PATH && docker compose down else cd $NZ_DASHBOARD_PATH && docker-compose down fi - + if [[ $? == 0 ]]; then echo -e "${green}Nezha Monitoring Stop Successful${plain}" else echo -e "${red}Failed to stop, please check the log message later${plain}" fi - + if [[ $# == 0 ]]; then before_show_menu fi @@ -411,14 +431,14 @@ stop_dashboard() { show_dashboard_log() { echo -e "> View Panel Log" - + docker compose version if [[ $? == 0 ]]; then cd $NZ_DASHBOARD_PATH && docker compose logs -f else cd $NZ_DASHBOARD_PATH && docker-compose logs -f fi - + if [[ $# == 0 ]]; then before_show_menu fi @@ -426,18 +446,18 @@ show_dashboard_log() { uninstall_dashboard() { echo -e "> Uninstall Panel" - + docker compose version if [[ $? == 0 ]]; then cd $NZ_DASHBOARD_PATH && docker compose down else cd $NZ_DASHBOARD_PATH && docker-compose down fi - + rm -rf $NZ_DASHBOARD_PATH docker rmi -f ghcr.io/naiba/nezha-dashboard > /dev/null 2>&1 clean_all - + if [[ $# == 0 ]]; then before_show_menu fi @@ -445,9 +465,9 @@ uninstall_dashboard() { show_agent_log() { echo -e "> View Agent Log" - + journalctl -xf -u nezha-agent.service - + if [[ $# == 0 ]]; then before_show_menu fi @@ -455,20 +475,20 @@ show_agent_log() { uninstall_agent() { echo -e "> Uninstall Agent" - + if [ "$os_alpine" != 1 ];then - systemctl disable nezha-agent.service - systemctl stop nezha-agent.service - rm -rf $NZ_AGENT_SERVICE - systemctl daemon-reload + systemctl disable nezha-agent.service + systemctl stop nezha-agent.service + rm -rf $NZ_AGENT_SERVICE + systemctl daemon-reload else - sed -i "/nezha-agent/d" /etc/crontabs/root - pkill nezha + sed -i "/nezha-agent/d" /etc/crontabs/root + pkill nezha fi - + rm -rf $NZ_AGENT_PATH clean_all - + if [[ $# == 0 ]]; then before_show_menu fi @@ -476,9 +496,9 @@ uninstall_agent() { restart_agent() { echo -e "> Restart Agent" - + systemctl restart nezha-agent.service - + if [[ $# == 0 ]]; then before_show_menu fi @@ -534,52 +554,52 @@ show_menu() { ${green}0.${plain} Exit Script " echo && read -ep "Please enter [0-13]: " num - + case "${num}" in - 0) - exit 0 + 0) + exit 0 ;; - 1) - install_dashboard + 1) + install_dashboard ;; - 2) - modify_dashboard_config + 2) + modify_dashboard_config ;; - 3) - start_dashboard + 3) + start_dashboard ;; - 4) - stop_dashboard + 4) + stop_dashboard ;; - 5) - restart_and_update + 5) + restart_and_update ;; - 6) - show_dashboard_log + 6) + show_dashboard_log ;; - 7) - uninstall_dashboard + 7) + uninstall_dashboard ;; - 8) - install_agent + 8) + install_agent ;; - 9) - modify_agent_config + 9) + modify_agent_config ;; - 10) - show_agent_log + 10) + show_agent_log ;; - 11) - uninstall_agent + 11) + uninstall_agent ;; - 12) - restart_agent + 12) + restart_agent ;; - 13) - update_script + 13) + update_script ;; - *) - echo -e "${red}Please enter the correct number [0-13]${plain}" + *) + echo -e "${red}Please enter the correct number [0-13]${plain}" ;; esac } @@ -588,51 +608,51 @@ pre_check if [[ $# > 0 ]]; then case $1 in - "install_dashboard") - install_dashboard 0 + "install_dashboard") + install_dashboard 0 ;; - "modify_dashboard_config") - modify_dashboard_config 0 + "modify_dashboard_config") + modify_dashboard_config 0 ;; - "start_dashboard") - start_dashboard 0 + "start_dashboard") + start_dashboard 0 ;; - "stop_dashboard") - stop_dashboard 0 + "stop_dashboard") + stop_dashboard 0 ;; - "restart_and_update") - restart_and_update 0 + "restart_and_update") + restart_and_update 0 ;; - "show_dashboard_log") - show_dashboard_log 0 + "show_dashboard_log") + show_dashboard_log 0 ;; - "uninstall_dashboard") - uninstall_dashboard 0 + "uninstall_dashboard") + uninstall_dashboard 0 ;; - "install_agent") - shift - if [ $# -ge 3 ]; then - install_agent "$@" - else - install_agent 0 - fi + "install_agent") + shift + if [ $# -ge 3 ]; then + install_agent "$@" + else + install_agent 0 + fi ;; - "modify_agent_config") - modify_agent_config 0 + "modify_agent_config") + modify_agent_config 0 ;; - "show_agent_log") - show_agent_log 0 + "show_agent_log") + show_agent_log 0 ;; - "uninstall_agent") - uninstall_agent 0 + "uninstall_agent") + uninstall_agent 0 ;; - "restart_agent") - restart_agent 0 + "restart_agent") + restart_agent 0 ;; - "update_script") - update_script 0 + "update_script") + update_script 0 ;; - *) show_usage ;; + *) show_usage ;; esac else show_menu