-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathresilio-uar.sh
197 lines (166 loc) · 7.98 KB
/
resilio-uar.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
#!/bin/sh
# ToDo: is it really needed?
#rpm --import $RESILIO_REPO_KEY
# Referencia al fichero de configuración
# https://help.resilio.com/hc/en-us/articles/206178884-Running-Sync-in-configuration-mode
# y ejemplo completo de fichero; http://internal.resilio.com/support/sample.conf
#
# Referencia a storage path (almacena temporales, database, etc;
# https://help.resilio.com/hc/en-us/articles/206664690-Sync-Storage-folder
echo '*** Validating requirements ***'
# Checks if the user running the script is root
if [ $EUID != 0 ];
then
echo -e "\e[1;31mPlease run as root (try using 'su' or 'sudo' )'\e[0m"
exit 1
else
echo 'Script is runned by "root" user'
fi
# Checks if your computer architecture is valid
_ARCH=$(uname -a)
if [[ $_ARCH == *"x86_64"* ]];
then
echo 'Architecture: '$_ARCH
else
echo -e "\e[1;31mSORRY!! This script is intended for x86_64 architectures\e[0m"
exit 1
fi
# Checks if resilio is already installed on your system
RESILIO_PACKAGE_FIND=$(rpm -qa resilio-sync)
if [[ $RESILIO_PACKAGE_FIND ]];
then
echo -e "\e[1;31mPlease remove resilio-sync first (uninstall manually or run uninstall script)\e[0m"
exit 1
else
echo 'It seems that resilio-sync is not installed on your system'
fi
# Specify user and group running resilio for this computer
# ToDo: add as param, if not specified use default user and group
echo -n 'Specify the user will run the service and press [ENTER](Default is \"rslsync:rslsync\"): '
read RESILIO_USER
if [[ -z $RESILIO_USER ]];
then
RESILIO_USER='rslsync'
RESILIO_GROUP='rslsync'
else
echo -n 'Specify group: '
read RESILIO_GROUP
if [[ -z $RESILIO_GROUP ]];
then
echo -e 'You must specify a valid existing group'
exit 1
fi
fi
# ToDo: User and group must be present in the system or be rslsync:rslsync
# if [ `id -u $RESILIO_USER 2>/dev/null || echo -1` -ge 0 ]; then
# echo FOUND
# fi
#
# For user (>0 user exists)=> getent passwd $RESILIO_USER | grep -c .
# For group (>0 user exists)=> getent passwd $RESILIO_GROUP | grep -c .
# Specify a device name for this computer
# ToDo: add as param, if not specified use hostname
echo -n 'Specify a device name to identify this computer and press [ENTER](Default: "'$(hostname)'"]: '
read DEVICE_NAME
if [[ -z $DEVICE_NAME ]];
then
DEVICE_NAME=$(hostname)
fi
# Variables definition
RESILIO_REPO_KEY='https://linux-packages.resilio.com/resilio-sync/key.asc'
RESILIO_REPO_X86_64='https://linux-packages.resilio.com/resilio-sync/rpm/x86_64'
RESILIO_PACKAGE_NAME='resilio-sync'
# ToDo: deal with specified user home dir
RESILIO_USER_HOME_DIR='/home/'$RESILIO_USER
RESILIO_USER_HOME_DIR_4SED='\/home\/'$RESILIO_USER
RESILIO_USER_HOME_DIR_CONFIG=$RESILIO_USER_HOME_DIR'/.config/resilio-sync'
RESILIO_CONFIG_DIR='/etc/resilio-sync'
RESILIO_SERVICE_DIR='/lib/systemd/system'
RESILIO_SSL_PRIVATE_KEY_FILE='private.key'
RESILIO_SSL_CERT_FILE='cert.pem'
# Installation day (for config backup files)
# ToDo: Use this variable for backup files such as config.json
INSTALL_DATE=`date +%Y-%m-%d`
echo
echo
echo "*** Installing Resilio Sync ***"
# Import repository key
rpm --import $RESILIO_REPO_KEY
# Add repository
echo 'Adding resilio repository ('$RESILIO_REPO_X86_64')'
zypper ar -cfp 90 $RESILIO_REPO_X86_64 resilio
# Install resilio package
echo 'Installing '$RESILIO_PACKAGE_NAME' package'
zypper --non-interactive --no-gpg-checks install $RESILIO_PACKAGE_NAME
echo '*** Installation finished ***'
# rslsync user and group should have been created.
echo
echo
echo '*** Generation of own certificates and move to user config directory ***'
# Generate own certificates
echo 'Generating ssl key and certificate'
# Generates key and cert (expires in 3650 days)
# openssl req -newkey rsa:4096 -nodes -keyout $RESILIO_SSL_PRIVATE_KEY_FILE -x509 -days 3650 -out $RESILIO_SSL_CERT_FILE
openssl req -newkey rsa:4096 -nodes -keyout $RESILIO_SSL_PRIVATE_KEY_FILE -x509 -days 3650 -out $RESILIO_SSL_CERT_FILE -subj "/C=XX/ST=Resilio Sync/L=mine/O=Me & Myself/OU=Myself/CN=myself.none"
# Move generated files to user configuration directory
mkdir -p $RESILIO_USER_HOME_DIR_CONFIG
mv $RESILIO_SSL_PRIVATE_KEY_FILE $RESILIO_USER_HOME_DIR_CONFIG
mv $RESILIO_SSL_CERT_FILE $RESILIO_USER_HOME_DIR_CONFIG
# Only owner (rslsync) can rw the files
#chown -R rslsync:rslsync $RESILIO_USER_HOME_DIR_CONFIG
chown -R $RESILIO_USER:$RESILIO_GROUP $RESILIO_USER_HOME_DIR_CONFIG
#chmod -R 600 $RESILIO_USER_HOME_DIR_CONFIG
chmod -R u+rwX,g-rX,o-rX $RESILIO_USER_HOME_DIR_CONFIG
echo 'Generation of own certificates and move to user config directory finished'
echo
echo
echo 'Configuring '$RESILIO_CONFIG_DIR'/config.json'
mkdir -p $RESILIO_USER_HOME_DIR'/.resilio-sync/.sync'
# Only owner (rslsync) can rw the files in resilio data directory
chown -R $RESILIO_USER:$RESILIO_GROUP $RESILIO_USER_HOME_DIR'/.resilio-sync'
chmod -R u+rwX,g+rX,o+rX $RESILIO_USER_HOME_DIR'/.resilio-sync'
# Append device name and generates .bak file
sed -i.bak '0,/{/a\ "device_name\" : \"'$DEVICE_NAME'\",' $RESILIO_CONFIG_DIR'/config.json'
# Configure storage_path
sed -i '/storage_path/c\ \"storage_path\" : \"'$RESILIO_USER_HOME_DIR'\/.resilio-sync\/.sync\",' $RESILIO_CONFIG_DIR'/config.json'
# Configure pid_file path
sed -i '/pid_file/c\ \"pid_file\" : \"'$RESILIO_USER_HOME_DIR'\/.resilio-sync\/sync.pid\",' $RESILIO_CONFIG_DIR'/config.json'
# Set https only
sed -i -e '/}/ {i\ ,"force_https" : true' -e ':a' -e '$!{n;ba' -e '};}' $RESILIO_CONFIG_DIR'/config.json'
# Set path to ssl configuration (key and certificate)
sed -i -e '/}/ {i\ ,"ssl_certificate" : \"'$RESILIO_USER_HOME_DIR_CONFIG'/'$RESILIO_SSL_CERT_FILE'\"' -e ':a' -e '$!{n;ba' -e '};}' $RESILIO_CONFIG_DIR'/config.json'
sed -i -e '/}/ {i\ ,"ssl_private_key" : \"'$RESILIO_USER_HOME_DIR_CONFIG'/'$RESILIO_SSL_PRIVATE_KEY_FILE'\"' -e ':a' -e '$!{n;ba' -e '};}' $RESILIO_CONFIG_DIR'/config.json'
echo 'Configuration config.json finished'
echo
echo
echo 'Configuring '$RESILIO_SERVICE_DIR'resilio-sync.service'
#( set -x;
# Change .pid file location
sed -i.bak -e 's/PIDFile.*/PIDFile='$RESILIO_USER_HOME_DIR_4SED'\/.resilio-sync\/sync.pid/g' $RESILIO_SERVICE_DIR'/resilio-sync.service'
# Change the user and group running the service (and ownership when sharing files)
sed -i -e 's/User.*/User='$RESILIO_USER'/g' $RESILIO_SERVICE_DIR'/resilio-sync.service'
sed -i -e 's/Group.*/Group='$RESILIO_GROUP'/g' $RESILIO_SERVICE_DIR'/resilio-sync.service'
sed -i -e 's/Environment="SYNC_USER.*/Environment="SYNC_USER='$RESILIO_USER'\"/g' $RESILIO_SERVICE_DIR'/resilio-sync.service'
sed -i -e 's/Environment="SYNC_GROUP.*/Environment="SYNC_GROUP='$RESILIO_GROUP'\"/g' $RESILIO_SERVICE_DIR'/resilio-sync.service'
#sed -i -e 's/ExecStartPre.*/ExecStartPre="\/bin\/chown -R '$RESILIO_USER':'$RESILIO_GROUP' \/var\/run\/resilio-sync"/g' $RESILIO_SERVICE_DIR'/resilio-sync.service'
#)
# ToDo: give the chance to define your own user or rslsync user.
# if it is your own user is easier but has to add to (check if group users is needed)
# if it is own user maybe rslsync user creation is not needed
# ** no hacer lo del usuario y hacer un cron q actualice los directorios compartidos de vez en cuando por si hay nuevos añadiendo ACL de compartición ??????
# en el cron hacer un chown a usuario:users del directorio raiz compartido y añadir grant ACL
# cómo saber los directorios compartidos??? creo uqe no se puede, no lo deja en el log
# Enable and start service
echo 'Enabling and starting resilio service'
( set -x;
systemctl enable resilio-sync
systemctl start resilio-sync
)
echo
echo 'Now resilio should be up and running on your system'
echo '* Resilio service running as '$RESILIO_USER' user and '$RESILIO_GROUP' group'
echo '* Home user directory; '$RESILIO_USER_HOME_DIR
echo '* Configuration file; '$RESILIO_CONFIG_DIR'/config.json'
echo '* Configuration file backup; '$RESILIO_CONFIG_DIR'/config.json.bak'
echo '* Service configuration file; ' $RESILIO_SERVICE_DIR'/resilio-sync.service'
echo 'Try https://127.0.0.1/8888 to acess WebUI (first time access need to define user and password)'