#!/bin/bash echo "Welcome to the CentOS to SME Server script. Are you sure you have at least one ethernet interface before proceeding ? Hit Ctrl+C if unsure, press 'enter' if you are OK to proceed." read testme echo "disabling and removing SELinux" sed -i -e 's/rhgb quiet/selinux=0/g' /boot/grub2/grub.cfg sed -i -e 's/^SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config setenforce 0 yum remove selinux-policy-targeted -y 1>/dev/null echo "##########################################################################" echo "setting yum repo for SME Server" mkdir -p /tmp/repo.bak mv /etc/yum.repos.d/*.repo /tmp/repo.bak/ cp /etc/yum.prosmerepos.d/* /etc/yum.repos.d/ echo "##########################################################################" echo "importing rpm gpg keys" #yum install wget -y 1>/dev/null for i in $( ls /usr/share/doc/smeserver-centos2sme/keys ); do rpm --import /usr/share/doc/smeserver-centos2sme/keys/$i done echo "##########################################################################" echo "cleaning yum cache" yum --enablerepo=* clean all 1>/dev/null #echo "##########################################################################" #echo "Removing dhcp-common" # from https://forums.contribs.org/index.php/topic,53304.msg276453/topicseen.html#msg276453 # Stefano found deps issues #rpm -e --nodeps dhcp-common echo "##########################################################################" echo "yum upgrade to install last updates, this may take a while, output is hidden unless there is an error, be patient:" #echo "****log noise is expected about modified RPMDB outside of yum. and missing dhcp-common. That is expected.****" yum upgrade -y 1>/dev/null # they might have come back with upgrade... rm /etc/yum.repos.d/CentOS*.repo -rf echo "##########################################################################" echo "cleaning rpm not necessary or possibly conflicting: postfix, sendmail" yum remove sendmail postfix -y 1>/dev/null # would make a test here to check if initscript was updated or not ... echo "##########################################################################" echo "yum groupinstall, installing SME Server ... this may take a while:" yum --disablerepo=* --enablerepo=smeos,smeupdates groupinstall base -y echo "##########################################################################" echo "add missing rpms, in case " yum install net-tools bind-utils vim-common vim-enhanced vim-filesystem wget yum-plugin-changelog wodim yum-cron zip traceroute tokyocabinet tmpwatch time telnet tdb-tools tcpdump sysfsutils syslinux strace setserial rsync rp-pppoe redhat-rpm-config unzip urlview usbutils usermode at bc boost-iostreams boost-random bzip2 cyrus-sasl cyrus-sasl-md5 device-mapper-multipath device-mapper-multipath-libs dwz ed elfutils fetchmail ftp gdb glib hdparm hesiod iptraf-ng iptstate iscsi-initiator-utils iscsi-initiator-utils-iscsiuio isdn4k-util librados2 lm_sensors lockdev logwatch lrzsz lsof mhash minicom mkbootdisk mlocate mtools mt-st mutt OpenIPMI OpenIPMI-libs OpenIPMI-modalias patch perl-srpm-macros perl-Sys-CPU perl-Sys-MemInfo perl-Thread-Queue psmisc python-dateutil python-srpm-macros redhat-rpm-config rpm-build isdn4k-utils qmail -y 1>/dev/null echo "##########################################################################" echo "removing unwanted rpm, in case " yum remove snappy selinux-policy wpa_supplicant virt-what tuned centos-logos chrony dracut-config-rescue dracut-network ebtables ethtool expect firewalld firewalld-filesystem fxload gobject-introspection iprutils ipset ipset-libs polkit-pkla-compat -y 1>/dev/null # check if [[ -f /sbin/e-smith/console ]]; then echo "... all seems good untill now" else echo "... exiting something is missing, try again yum --disablerepo=* --enablerepo=smeos,smeupdates groupinstall base -y" exit 1 fi echo "##########################################################################" echo "yum upgrade" yum upgrade -y 1>/dev/null echo "##########################################################################" echo "starting runit, so we can run a few services" /etc/runit/2 & echo "##########################################################################" echo "cleaning /var/service/" find /var/service/ -type f -iname control -exec rm {} \; echo "##########################################################################" echo "start syslog" #/etc/init.d/rsyslog start /usr/bin/systemctl restart rsyslog echo "##########################################################################" echo "running post-install event for SME..." echo "but before, we unlink the S10init-passwords action" unlink /etc/e-smith/events/post-install/S10init-passwords /sbin/e-smith/signal-event post-install echo "##########################################################################" echo "set admin password as set" #need syslog to work. so just in case #/etc/init.d/rsyslog restart /usr/bin/systemctl restart rsyslog /sbin/e-smith/db accounts setprop admin PasswordSet yes /sbin/e-smith/db configuration set PasswordSet yes /sbin/e-smith/db configuration setprop bootstrap-console Restore disabled echo "... as we copy your current root password as admin password" # here copy root password to admin user !!! grep $USER /etc/shadow | cut -f 2 -d ':'>/tmp/encrypted usermod -p $(cat /tmp/encrypted) admin rm /tmp/encrypted -f # to test, there is chances it is salted, alternatively # echo "Please give now the password for the created admin user :" # passwd admin echo "##########################################################################" echo "Cleaning /service subfolders" find /var/service/ -type f -iname control -exec rm {} \; echo "##########################################################################" echo "force quota check" touch /forcequotacheck #start rsyslogd service in case , as console needs it to run... #/etc/init.d/rsyslog restart /usr/bin/systemctl restart rsyslog.service echo "##########################################################################" echo "now time to configure your server using the SME Server console" # maybe improve here to launch the configure this server directly #/sbin/e-smith/console /usr/bin/perl -Mesmith::console -Mesmith::console::configure -e "esmith::console::configure->new->doit(esmith::console->new,esmith::ConfigDB->open)" echo "##########################################################################" echo "set SSHD to accept root login with rsa key" /sbin/e-smith/db configuration setprop sshd status enabled PermitRootLogin yes access public /sbin/e-smith/expand-template /etc/ssh/ssh_config /sbin/e-smith/expand-template /etc/ssh/sshd_config /usr/bin/systemctl restart sshd.service # a sshd reload does not regenerate the keys and failed # doing one after to do the rest (masq etc.) /sbin/e-smith/signal-event remoteaccess-update echo "##########################################################################" echo "Enable access to server-manager to the following IPs:" echo "Please type IP.IP.IP.IP/255.255.255.255,IP2.IP2.IP2.IP2/255.255.255.255 to allow access to the manager from the desired IP. Leave blank if you do want to have access to the manager from outside the lan. Fill with 0.0.0.0/0.0.0.0 if you live on the edge!" read validfrom if [ ! -z "$validfrom" ]; then /sbin/e-smith/db configuration setprop httpd-admin ValidFrom $validfrom /sbin/e-smith/signal-event post-upgrade else echo "nothing to do" fi echo "##########################################################################" echo "Last cleaning:" # last tidying find /var/service/ -type f -iname control -exec rm {} \; yum remove NetworkManager-libnm libteam teamd python-configobj parted python-decorator python-linux-procf python-perf python-pyude python-schedutils python-slip python-slip-dbu mozjs17 microcode_ctl -y # just in case before reboot /sbin/e-smith/db configuration set PasswordSet yes /sbin/e-smith/db configuration setprop bootstrap-console Restore disabled echo "##########################################################################" echo "you just have to issue a '/sbin/e-smith/signal-event reboot'; or simply 'reboot' and enjoy your SME" echo "But before that, are you sure you have added a working SSH key to ~/.ssh/authorized_keys ?" echo "##########################################################################"