* Thu Sep 25 2025 Jean-Philippe Pialasse <jpp@koozali.org> 8.11.1-1.sme
- first release for Rocky 8 SME 11
This commit is contained in:
151
root/usr/bin/rocky2sme
Normal file
151
root/usr/bin/rocky2sme
Normal file
@@ -0,0 +1,151 @@
|
||||
#!/bin/bash
|
||||
|
||||
|
||||
echo "Welcome to the Rocky Linux to Koozali SME Server script. Are you sure you have at least one ethernet interface before proceeding ? Hit Ctrl+C if unsure, press 'enter' if you are OK to proceed."
|
||||
read testme
|
||||
|
||||
echo "disabling and removing SELinux"
|
||||
sed -i -e 's/rhgb quiet/selinux=0/g' /boot/grub2/grub.cfg
|
||||
sed -i -e 's/^SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config
|
||||
setenforce 0
|
||||
dnf remove selinux-policy-targeted -y 1>/dev/null
|
||||
|
||||
echo "##########################################################################"
|
||||
echo "setting dnf repo for SME Server"
|
||||
mkdir -p /tmp/repo.bak
|
||||
mv /etc/yum.repos.d/*.repo /tmp/repo.bak/
|
||||
cp /etc/yum.prosmerepos.d/* /etc/yum.repos.d/
|
||||
|
||||
echo "##########################################################################"
|
||||
echo "importing rpm gpg keys"
|
||||
#yum install wget -y 1>/dev/null
|
||||
for i in $( ls /usr/share/doc/smeserver-rocky2sme/keys ); do
|
||||
rpm --import /usr/share/doc/smeserver-rocky2sme/keys/$i
|
||||
done
|
||||
|
||||
echo "##########################################################################"
|
||||
echo "cleaning dnf cache"
|
||||
dnf --enablerepo=* clean all 1>/dev/null
|
||||
|
||||
echo "##########################################################################"
|
||||
echo "dnf upgrade to install last updates, this may take a while, output is hidden unless there is an error, be patient:"
|
||||
yum upgrade -y 1>/dev/null
|
||||
|
||||
# they might have come back with upgrade...
|
||||
rm /etc/yum.repos.d/Rocky*.repo -rf
|
||||
|
||||
echo "##########################################################################"
|
||||
echo "dnf set modules:"
|
||||
dnf module switch-to php:remi-8.4 -y
|
||||
dnf module switch-to mariadb:10.5 -y
|
||||
dnf module switch-to python36:3.6 -y
|
||||
dnf module enable redis:remi-7.2 -y
|
||||
dnf module enable httpd:2.4 -y
|
||||
|
||||
echo "##########################################################################"
|
||||
echo "dnf install, installing SME Server ... this may take a while:"
|
||||
dnf install @smeserver -y
|
||||
|
||||
# check
|
||||
if [[ -f /sbin/e-smith/console ]]; then
|
||||
echo "... all seems good untill now"
|
||||
else
|
||||
echo "... exiting something is missing, try again dnf --disablerepo=* --enablerepo=smeos install @smeserver -y"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "##########################################################################"
|
||||
echo "dnf upgrade"
|
||||
dnf upgrade -y 1>/dev/null
|
||||
|
||||
echo "##########################################################################"
|
||||
echo "starting runit, so we can run a few services"
|
||||
/usr/bin/systemctl restart runit.service
|
||||
|
||||
echo "##########################################################################"
|
||||
echo "cleaning /var/service/"
|
||||
find /var/service/ -type f -iname control -exec rm {} \;
|
||||
|
||||
echo "##########################################################################"
|
||||
echo "starting syslog"
|
||||
/usr/bin/systemctl restart rsyslog
|
||||
|
||||
echo "##########################################################################"
|
||||
echo "running post-install event for SME..."
|
||||
echo "but before, we unlink the S10init-passwords action"
|
||||
unlink /etc/e-smith/events/post-install/S10init-passwords
|
||||
/sbin/e-smith/signal-event post-install
|
||||
|
||||
echo "##########################################################################"
|
||||
echo "set admin password as set, to avoid locking you on reboot"
|
||||
#need syslog to work. so just in case
|
||||
#/etc/init.d/rsyslog restart
|
||||
/usr/bin/systemctl restart rsyslog
|
||||
/sbin/e-smith/db accounts setprop admin PasswordSet yes
|
||||
/sbin/e-smith/db configuration set PasswordSet yes
|
||||
/sbin/e-smith/db configuration setprop bootstrap-console Restore disabled
|
||||
|
||||
echo "... as we copy your current root password as admin password"
|
||||
# here copy root password to admin user !!!
|
||||
grep $USER /etc/shadow | cut -f 2 -d ':'>/tmp/encrypted
|
||||
usermod -p $(cat /tmp/encrypted) admin
|
||||
rm /tmp/encrypted -f
|
||||
echo "... if access to server manager fails with admin, log to cli as root and do :"
|
||||
echo "passwd admin"
|
||||
# to test, there is chances it is salted, alternatively
|
||||
# echo "Please give now the password for the created admin user :"
|
||||
# passwd admin
|
||||
|
||||
echo "##########################################################################"
|
||||
echo "Cleaning /service subfolders"
|
||||
find /var/service/ -type f -iname control -exec rm {} \;
|
||||
|
||||
echo "##########################################################################"
|
||||
echo "force quota check"
|
||||
touch /forcequotacheck
|
||||
|
||||
#restart rsyslogd service in case , as console needs it to run...
|
||||
echo "##########################################################################"
|
||||
echo "retarting syslog"
|
||||
/usr/bin/systemctl restart rsyslog.service
|
||||
|
||||
echo "##########################################################################"
|
||||
echo "now time to configure your server using the SME Server console"
|
||||
/usr/bin/perl -Mesmith::console -Mesmith::console::configure -e "esmith::console::configure->new->doit(esmith::console->new,esmith::ConfigDB->open)"
|
||||
|
||||
echo "##########################################################################"
|
||||
echo "set SSHD to accept root login with rsa key"
|
||||
/sbin/e-smith/db configuration setprop sshd status enabled PermitRootLogin yes access public
|
||||
/sbin/e-smith/expand-template /etc/ssh/ssh_config
|
||||
/sbin/e-smith/expand-template /etc/ssh/sshd_config
|
||||
/usr/bin/systemctl restart sshd.service
|
||||
# a sshd reload does not regenerate the keys and failed
|
||||
# doing one after to do the rest (masq etc.)
|
||||
/sbin/e-smith/signal-event remoteaccess-update
|
||||
|
||||
echo "##########################################################################"
|
||||
echo "Enable access to server-manager to the following IPs:"
|
||||
echo "Please type IP.IP.IP.IP/255.255.255.255,IP2.IP2.IP2.IP2/255.255.255.255 to allow access to the manager from the desired IP. Leave blank if you do want to have access to the manager from outside the lan. Fill with 0.0.0.0/0.0.0.0 if you live on the edge!"
|
||||
read validfrom
|
||||
if [ ! -z "$validfrom" ]; then
|
||||
/sbin/e-smith/db configuration setprop httpd-admin ValidFrom $validfrom
|
||||
/sbin/e-smith/signal-event post-upgrade
|
||||
else
|
||||
echo "nothing to do"
|
||||
fi
|
||||
|
||||
|
||||
echo "##########################################################################"
|
||||
echo "Last cleaning:"
|
||||
# last tidying
|
||||
find /var/service/ -type f -iname control -exec rm {} \;
|
||||
|
||||
# just in case before reboot
|
||||
/sbin/e-smith/db configuration set PasswordSet yes
|
||||
/sbin/e-smith/db configuration setprop bootstrap-console Restore disabled
|
||||
|
||||
|
||||
echo "##########################################################################"
|
||||
echo "you just have to issue a '/sbin/e-smith/signal-event reboot'; or simply 'reboot' and enjoy your SME"
|
||||
echo "But before that, are you sure you have added a working SSH key to ~/.ssh/authorized_keys ?"
|
||||
echo "##########################################################################"
|
||||
Reference in New Issue
Block a user