Add Ubuntu scripts
This commit is contained in:
parent
b2a29a661c
commit
b03dc1d2c6
10
ubuntu-20.04/apps/bind9/bind9.sh
Normal file
10
ubuntu-20.04/apps/bind9/bind9.sh
Normal file
@ -0,0 +1,10 @@
|
||||
#!/bin/bash
|
||||
|
||||
apt install -y bind9
|
||||
|
||||
if [ -f "/etc/iptables/rules.v4" ]; then
|
||||
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p udp -m udp --dport 53 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
|
||||
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p tcp -m tcp --dport 53 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
|
||||
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a # DNS' /etc/iptables/rules.v4
|
||||
iptables-restore /etc/iptables/rules.v4
|
||||
fi
|
10
ubuntu-20.04/apps/iperf3/iperf3.sh
Normal file
10
ubuntu-20.04/apps/iperf3/iperf3.sh
Normal file
@ -0,0 +1,10 @@
|
||||
#!/bin/bash
|
||||
|
||||
apt install -y iperf3
|
||||
|
||||
if [ -f "/etc/iptables/rules.v4" ]; then
|
||||
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p udp -m udp --dport 5201 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
|
||||
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p tcp -m tcp --dport 5201 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
|
||||
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a # IPERF' /etc/iptables/rules.v4
|
||||
iptables-restore /etc/iptables/rules.v4
|
||||
fi
|
197
ubuntu-20.04/apps/zimbra-10-zpush/zimbra-10-zpush.sh
Normal file
197
ubuntu-20.04/apps/zimbra-10-zpush/zimbra-10-zpush.sh
Normal file
@ -0,0 +1,197 @@
|
||||
#!/bin/bash
|
||||
|
||||
ZPUSHVER="2.7.1"
|
||||
ZPUSHVER=$(whiptail --title "Z-Push version" --inputbox "" 0 30 "${ZPUSHVER}" 3>&1 1>&2 2>&3)
|
||||
TIMEZONE="Europe\/Zurich"
|
||||
TIMEZONE=$(whiptail --title "Default timezone" --inputbox "" 0 30 "${TIMEZONE}" 3>&1 1>&2 2>&3)
|
||||
BACKENDVER=71
|
||||
BACKENDVER=$(whiptail --title "Backend version" --inputbox "" 0 30 "${BACKENDVER}" 3>&1 1>&2 2>&3)
|
||||
ZIMBRAURL="https://test.mbx.netm.ch"
|
||||
ZIMBRAURL=$(whiptail --title "Zimbra URL" --inputbox "" 0 30 "${ZIMBRAURL}" 3>&1 1>&2 2>&3)
|
||||
APACHE2PORT=4433
|
||||
APACHE2PORT=$(whiptail --title "Apache SSL Port" --inputbox "" 0 30 "${APACHE2PORT}" 3>&1 1>&2 2>&3)
|
||||
|
||||
main() {
|
||||
inst_dep
|
||||
inst_z-push "${ZPUSHVER}" "${TIMEZONE}"
|
||||
inst_z-push-update
|
||||
inst_z-push-backend "${BACKENDVER}" "${ZIMBRAURL}"
|
||||
inst_z-push-backend-update
|
||||
conf_apache2
|
||||
conf_logrotate
|
||||
}
|
||||
|
||||
inst_dep() {
|
||||
apt -y install php php-cli php-soap php-mbstring php-curl php-intl php-fpm
|
||||
mkdir /var/lib/z-push
|
||||
mkdir /var/log/z-push
|
||||
mkdir /var/www/z-push
|
||||
}
|
||||
|
||||
inst_z-push() { # $1=version $2=timezone
|
||||
cd || exit 1
|
||||
wget -O z-push.tar.gz https://github.com/Z-Hub/Z-Push/archive/refs/tags/"${1}".tar.gz
|
||||
tar xzvf z-push.tar.gz
|
||||
cp -r Z-Push-"${1}"/src/* /var/www/z-push
|
||||
rm z-push.tar.gz
|
||||
rm -r Z-Push-"${1}"
|
||||
# Config
|
||||
sed -i "s/'TIMEZONE', ''/'TIMEZONE', '${2}'/" /var/www/z-push/config.php
|
||||
sed -i "s/'BACKEND_PROVIDER', ''/'BACKEND_PROVIDER', 'BackendZimbra'/" /var/www/z-push/config.php
|
||||
}
|
||||
|
||||
inst_z-push-update() {
|
||||
cat << 'EOF' > /usr/local/bin/mtm-zpushupdate
|
||||
show_help() {
|
||||
echo "mtm-zpushupdate version"
|
||||
echo ""
|
||||
echo "Example :"
|
||||
echo "mtm-zpushupdate 2.7.1"
|
||||
echo "Look at :"
|
||||
echo "https://github.com/Z-Hub/Z-Push/releases"
|
||||
}
|
||||
|
||||
if [ "${1}" == "" ]; then
|
||||
show_help
|
||||
exit 1
|
||||
fi
|
||||
|
||||
cd || exit 1
|
||||
wget -O z-push.tar.gz https://github.com/Z-Hub/Z-Push/archive/refs/tags/"${1}".tar.gz
|
||||
tar xzvf z-push.tar.gz
|
||||
mv /var/www/z-push /var/www/z-push.upd
|
||||
mkdir /var/www/z-push
|
||||
cp -r Z-Push-"${1}"/src/* /var/www/z-push
|
||||
mv /var/www/z-push/config.php /var/www/z-push/config.php.new
|
||||
mv /var/www/z-push.upd/config.php /var/www/z-push/
|
||||
mv /var/www/z-push.upd/backend/zimbra /var/www/z-push/backend/
|
||||
# chown -R www-data:www-data /var/www/z-push
|
||||
systemctl restart apache2.service
|
||||
rm -r /var/www/z-push.upd
|
||||
rm z-push.tar.gz
|
||||
rm -r Z-Push-"${1}"
|
||||
diff /var/www/z-push/config.php /var/www/z-push/config.php.new
|
||||
EOF
|
||||
chmod 755 /usr/local/bin/mtm-zpushupdate
|
||||
}
|
||||
|
||||
inst_z-push-backend() { # $1=version $2=zimbraurl
|
||||
cd || exit 1
|
||||
wget https://sourceforge.net/projects/zimbrabackend/files/Release"${1}"/zimbra"${1}".tgz/download
|
||||
tar -xf download
|
||||
cp -r zimbra"${1}" /var/www/z-push/backend/zimbra
|
||||
rm download
|
||||
rm -r zimbra"${1}"
|
||||
# Config
|
||||
sed -i "/define('ZIMBRA_URL', 'https:\/\/127.0.0.1');/a \ define('ZIMBRA_URL', '${2}');" /var/www/z-push/backend/zimbra/config.php
|
||||
}
|
||||
|
||||
inst_z-push-backend-update() {
|
||||
cat << 'EOF' > /usr/local/bin/mtm-zpushbackendupdate
|
||||
show_help() {
|
||||
echo "mtm-zpushbackendupdate version"
|
||||
echo ""
|
||||
echo "Example :"
|
||||
echo "mtm-zpushbackendupdate 71"
|
||||
echo "Look at :"
|
||||
echo "https://sourceforge.net/projects/zimbrabackend/files"
|
||||
}
|
||||
|
||||
if [ "${1}" == "" ]; then
|
||||
show_help
|
||||
exit 1
|
||||
fi
|
||||
|
||||
cd || exit 1
|
||||
wget https://sourceforge.net/projects/zimbrabackend/files/Release"${1}"/zimbra"${1}".tgz/download
|
||||
tar -xf download
|
||||
mv /var/www/z-push/backend/zimbra /var/www/z-push/backend/zimbra.upd
|
||||
cp -r zimbra"${1}" /var/www/z-push/backend/zimbra
|
||||
mv /var/www/z-push/backend/zimbra/config.php /var/www/z-push/backend/zimbra/config.php.new
|
||||
mv /var/www/z-push/backend/zimbra.upd/config.php /var/www/z-push/backend/zimbra/config.php
|
||||
# chown -R www-data:www-data /var/www/z-push/backend/zimbra
|
||||
systemctl restart apache2.service
|
||||
rm -r /var/www/z-push/backend/zimbra.upd
|
||||
rm download
|
||||
rm -r zimbra"${1}"
|
||||
diff /var/www/z-push/backend/zimbra/config.php /var/www/z-push/backend/zimbra/config.php.new
|
||||
EOF
|
||||
chmod 755 /usr/local/bin/mtm-zpushbackendupdate
|
||||
}
|
||||
|
||||
conf_apache2() {
|
||||
chown -R www-data:www-data /var/lib/z-push
|
||||
chown -R www-data:www-data /var/log/z-push
|
||||
# chown -R www-data:www-data /var/www/z-push
|
||||
a2dissite 000-default.conf
|
||||
a2enmod ssl
|
||||
a2enmod proxy_fcgi setenvif
|
||||
a2enconf php7.4-fpm
|
||||
|
||||
cat << EOF > /etc/apache2/ports.conf
|
||||
<IfModule ssl_module>
|
||||
Listen ${APACHE2PORT}
|
||||
</IfModule>
|
||||
<IfModule mod_gnutls.c>
|
||||
Listen ${APACHE2PORT}
|
||||
</IfModule>
|
||||
EOF
|
||||
|
||||
cat << EOF > /etc/apache2/sites-available/z-push.conf
|
||||
<IfModule mod_ssl.c>
|
||||
<VirtualHost _default_:${APACHE2PORT}>
|
||||
ServerAdmin admin@mtm.lan
|
||||
ServerName 127.0.0.1
|
||||
|
||||
# Indexes + Directory Root.
|
||||
DirectoryIndex index.php
|
||||
DocumentRoot /var/www/z-push/
|
||||
Alias /Microsoft-Server-ActiveSync /var/www/z-push/index.php
|
||||
AliasMatch (?i)/Autodiscover/Autodiscover.xml /var/www/z-push/autodiscover/autodiscover.php
|
||||
|
||||
<Directory />
|
||||
Require all granted
|
||||
#AllowOverride None
|
||||
</Directory>
|
||||
|
||||
php_flag magic_quotes_gpc off
|
||||
php_flag register_globals off
|
||||
php_flag magic_quotes_runtime off
|
||||
php_flag short_open_tag on
|
||||
|
||||
# Logfiles
|
||||
ErrorLog /var/log/z-push/error.log
|
||||
CustomLog /var/log/z-push/access.log combined
|
||||
|
||||
# SSL
|
||||
SSLEngine on
|
||||
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
|
||||
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
|
||||
</VirtualHost>
|
||||
</IfModule>
|
||||
EOF
|
||||
a2ensite z-push.conf
|
||||
systemctl restart apache2.service
|
||||
}
|
||||
|
||||
conf_logrotate() {
|
||||
cat << EOF > /etc/logrotate.d/z-push
|
||||
/var/log/z-push/*.log {
|
||||
daily
|
||||
missingok
|
||||
rotate 14
|
||||
compress
|
||||
delaycompress
|
||||
notifempty
|
||||
}
|
||||
EOF
|
||||
}
|
||||
|
||||
main
|
||||
|
||||
# iptables
|
||||
if [ -f "/etc/iptables/rules.v4" ]; then
|
||||
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p tcp -m tcp --dport '"${APACHE2PORT}"' -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
|
||||
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a # Z-PUSH' /etc/iptables/rules.v4
|
||||
iptables-restore /etc/iptables/rules.v4
|
||||
fi
|
66
ubuntu-20.04/apps/zimbra-10/zimbra-10.sh
Normal file
66
ubuntu-20.04/apps/zimbra-10/zimbra-10.sh
Normal file
@ -0,0 +1,66 @@
|
||||
#!/bin/bash
|
||||
|
||||
MTMZMBUILDER="http://10.80.70.167"
|
||||
MTMZMBUILDER=$(whiptail --title "ZM Builder URL" --inputbox "" 0 30 "${MTMZMBUILDER}" 3>&1 1>&2 2>&3)
|
||||
ZIMBRAVER=10.0.5
|
||||
ZIMBRAVER=$(whiptail --title "Zimbra version" --inputbox "" 0 30 "${ZIMBRAVER}" 3>&1 1>&2 2>&3)
|
||||
|
||||
DNSIP=$(grep "nameserver " /etc/resolv.conf | awk -F ' ' '{print $2}')
|
||||
FQDN=$(hostname -A)
|
||||
|
||||
apt -y remove postfix
|
||||
apt -y autoremove
|
||||
|
||||
mkdir v"${ZIMBRAVER}"
|
||||
cd v"${ZIMBRAVER}" || exit 1
|
||||
wget "${MTMZMBUILDER}"/zcs-"${ZIMBRAVER}".tgz
|
||||
tar xf zcs-*.tgz
|
||||
cd "$(ls -d ./*/)" || exit 1
|
||||
systemctl disable systemd-resolved.service
|
||||
systemctl stop systemd-resolved.service
|
||||
./install.sh
|
||||
cd || exit 1
|
||||
sed -i "s/127.0.0.1/${DNSIP}/" /etc/resolv.conf
|
||||
sudo -u zimbra bash -c "/opt/zimbra/bin/zmprov mcf zimbraPublicServiceHostname ${FQDN}"
|
||||
sudo -u zimbra bash -c "/opt/zimbra/bin/zmprov mcf zimbraPublicServicePort 443"
|
||||
|
||||
cat << 'EOF' > /usr/local/bin/mtm-zmupdate
|
||||
#!/bin/bash
|
||||
MTMZMBUILDER=${1}
|
||||
ZIMBRAVER=${2}
|
||||
|
||||
show_help() {
|
||||
echo "mtm-zmupdate zmbuilder zmversion"
|
||||
echo ""
|
||||
echo "Example :"
|
||||
echo "mtm-zmupdate https://x.x.x.x 10.0.5"
|
||||
}
|
||||
|
||||
if [ "${MTMZMBUILDER}" == "" ] || [ "${ZIMBRAVER}" == "" ]; then
|
||||
show_help
|
||||
exit 1
|
||||
fi
|
||||
|
||||
cd || exit 1
|
||||
mkdir v"${ZIMBRAVER}"
|
||||
cd v"${ZIMBRAVER}" || exit 1
|
||||
wget "${MTMZMBUILDER}"/zcs-"${ZIMBRAVER}".tgz
|
||||
tar xf zcs-*.tgz
|
||||
cd "$(ls -d ./*/)" || exit 1
|
||||
./install.sh
|
||||
|
||||
cd || exit 1
|
||||
EOF
|
||||
chmod 755 /usr/local/bin/mtm-zmupdate
|
||||
|
||||
apt update
|
||||
apt -y dist-upgrade
|
||||
|
||||
if [ -f "/etc/iptables/rules.v4" ]; then
|
||||
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p tcp -m tcp --dport 8443 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
|
||||
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p tcp -m tcp --dport 7071 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
|
||||
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p tcp -m tcp --dport 443 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
|
||||
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a -A INPUT -p tcp -m tcp --dport 25 -m state --state NEW -j ACCEPT' /etc/iptables/rules.v4
|
||||
sed -i '/^-A INPUT -i lo -j ACCEPT.*/a # ZIMBRA' /etc/iptables/rules.v4
|
||||
iptables-restore /etc/iptables/rules.v4
|
||||
fi
|
@ -100,11 +100,6 @@ NetCleanUpSystemdResolved() {
|
||||
|
||||
APTSetProxy() {
|
||||
proxy=""
|
||||
if [ "${IPV4:0:9}" == "10.80.80." ]; then
|
||||
proxy="http://10.80.80.5:8080/"
|
||||
elif [ "${IPV4:0:6}" == "10.80." ]; then
|
||||
proxy="http://10.80.70.5:8080/"
|
||||
fi
|
||||
proxy=$(whiptail --title "Proxy" --inputbox "ex : http://192.168.1.200/ or leave empty for none" 0 30 "${proxy}" 3>&1 1>&2 2>&3)
|
||||
# shellcheck disable=SC2181
|
||||
if [ "$?" = "0" ]; then
|
||||
@ -138,19 +133,21 @@ APTInstallBase() {
|
||||
options+=("clevis-net" "" off)
|
||||
sel=$(whiptail --title "Basic Install" --checklist "" 0 0 0 "${options[@]}" 3>&1 1>&2 2>&3)
|
||||
# shellcheck disable=SC2181
|
||||
# shellcheck disable=SC2001
|
||||
if [ "$?" = "0" ]; then
|
||||
pkg=""
|
||||
for itm in ${sel}; do
|
||||
case ${itm} in
|
||||
'"iptables-persistent"')
|
||||
pkg="${pkg} $(echo ${itm} | sed 's/"//g')"
|
||||
pkg="${pkg} $(echo "${itm}" | sed 's/"//g')"
|
||||
IPTablesPostInstall;;
|
||||
'"clevis-net"')
|
||||
pkg="${pkg} clevis clevis-luks clevis-systemd clevis-initramfs clevis-tpm2";;
|
||||
*)
|
||||
pkg="${pkg} $(echo ${itm} | sed 's/"//g')";;
|
||||
pkg="${pkg} $(echo "${itm}" | sed 's/"//g')";;
|
||||
esac
|
||||
done
|
||||
# shellcheck disable=SC2086
|
||||
apt install -y ${pkg}
|
||||
for itm in ${sel}; do
|
||||
case ${itm} in
|
||||
@ -227,10 +224,11 @@ ClevisNetInit() {
|
||||
done
|
||||
IFS=$IFS_ORIG
|
||||
DEV=$(whiptail --title "Select root LUKS part" --menu "" 0 0 0 "${options[@]}" 3>&1 1>&2 2>&3)
|
||||
# shellcheck disable=SC2181
|
||||
if [ "$?" = "0" ]; then
|
||||
TANGURL=$(whiptail --title "Tang Server" --inputbox "URL" 0 30 "" 3>&1 1>&2 2>&3)
|
||||
if [ "$?" = "0" ]; then
|
||||
clevis luks bind -d ${DEV} tang "{\"url\": \"${TANGURL}\"}"
|
||||
clevis luks bind -d "${DEV}" tang "{\"url\": \"${TANGURL}\"}"
|
||||
systemctl enable clevis-luks-askpass.path
|
||||
fi
|
||||
fi
|
||||
@ -258,6 +256,7 @@ InstApps() {
|
||||
options+=("zimbra-10-zpush" "Need zimbra 10" off)
|
||||
options+=("misc-apps" "..." off)
|
||||
sel=$(whiptail --title "More Apps" --checklist "" 0 0 0 "${options[@]}" 3>&1 1>&2 2>&3)
|
||||
# shellcheck disable=SC2181
|
||||
if [ "$?" = "0" ]; then
|
||||
for itm in ${sel}; do
|
||||
case ${itm//\"/} in
|
||||
@ -266,9 +265,9 @@ InstApps() {
|
||||
archived-apps)
|
||||
InstArchivedApps;;
|
||||
*)
|
||||
cd /tmp
|
||||
wget matmoul.ch/inst/ubuntu-20.04/${itm//\"/}.sh
|
||||
bash ./${itm//\"/}.sh;;
|
||||
cd /tmp || exit
|
||||
wget "${BASE_URL}"/${DIR_URL}/apps/"${ITM//\"/}"/"${ITM//\"/}".sh
|
||||
bash ./"${itm//\"/}".sh "${BASE_URL}"/${DIR_URL}/apps/"${ITM//\"/}";;
|
||||
esac
|
||||
done
|
||||
fi
|
||||
@ -278,17 +277,18 @@ InstMiscApps() {
|
||||
options+=("bind9" "" off)
|
||||
options+=("iperf3" "" off)
|
||||
sel=$(whiptail --title "Misc Apps" --checklist "" 0 0 0 "${options[@]}" 3>&1 1>&2 2>&3)
|
||||
# shellcheck disable=SC2181
|
||||
if [ "$?" = "0" ]; then
|
||||
for itm in ${sel}; do
|
||||
cd /tmp
|
||||
wget matmoul.ch/inst/ubuntu-20.04/${itm//\"/}.sh
|
||||
bash ./${itm//\"/}.sh
|
||||
cd /tmp || exit
|
||||
wget "${BASE_URL}"/${DIR_URL}/apps/"${ITM//\"/}"/"${ITM//\"/}".sh
|
||||
bash ./"${itm//\"/}".sh "${BASE_URL}"/${DIR_URL}/apps/"${ITM//\"/}"
|
||||
done
|
||||
fi
|
||||
}
|
||||
|
||||
Reboot() {
|
||||
if $(whiptail --yesno "Reboot ?" 0 0 3>&1 1>&2 2>&3); then
|
||||
if whiptail --yesno "Reboot ?" 0 0 3>&1 1>&2 2>&3; then
|
||||
reboot
|
||||
fi
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user