2017-07-20 19:46:08 +02:00
#!/bin/bash
2020-03-18 14:12:01 +01:00
# Something isn't working? # tail -f /var/log/messages /var/log/syslog /var/log/tomcat*/*.out /var/log/mysql/*.log
2017-07-20 19:46:08 +02:00
2018-09-01 16:33:32 +02:00
# Check if user is root or sudo
2020-03-18 14:12:01 +01:00
if ! [ $( id -u ) = 0 ] ; then
echo "Please run this script as sudo or root" 1>& 2
exit 1
fi
# Check to see if any old files left over
if [ " $( find . -maxdepth 1 \( -name 'guacamole-*' -o -name 'mysql-connector-java-*' \) ) " != "" ] ; then
echo "Possible temp files detected. Please review 'guacamole-*' & 'mysql-connector-java-*'" 1>& 2
exit 1
fi
2018-09-01 16:33:32 +02:00
2018-03-12 22:54:36 +01:00
# Version number of Guacamole to install
2020-03-18 14:12:01 +01:00
# Homepage ~ https://guacamole.apache.org/releases/
2023-03-04 22:09:17 +01:00
GUACVERSION = "1.5.0"
2017-07-20 19:46:08 +02:00
2020-03-18 14:12:01 +01:00
# Latest Version of MySQL Connector/J if manual install is required (if libmariadb-java/libmysql-java is not available via apt)
# Homepage ~ https://dev.mysql.com/downloads/connector/j/
2021-10-22 15:44:05 +02:00
MCJVER = "8.0.27"
2020-02-17 21:06:47 +01:00
2018-08-29 15:18:29 +02:00
# Colors to use for output
YELLOW = '\033[1;33m'
BLUE = '\033[0;34m'
RED = '\033[0;31m'
GREEN = '\033[0;32m'
2020-02-05 21:24:52 +01:00
CYAN = '\033[0;36m'
2018-08-29 15:18:29 +02:00
NC = '\033[0m' # No Color
2018-09-13 19:21:33 +02:00
# Log Location
2018-08-29 15:18:29 +02:00
LOG = " /tmp/guacamole_ ${ GUACVERSION } _build.log "
2018-09-13 19:21:33 +02:00
2020-02-10 00:40:11 +01:00
# Initialize variable values
installTOTP = ""
installDuo = ""
installMySQL = ""
mysqlHost = ""
mysqlPort = ""
mysqlRootPwd = ""
guacDb = ""
guacUser = ""
guacPwd = ""
PROMPT = ""
2020-02-17 21:56:15 +01:00
MYSQL = ""
2020-02-05 21:24:52 +01:00
2018-03-09 22:51:48 +01:00
# Get script arguments for non-interactive mode
while [ " $1 " != "" ] ; do
case $1 in
2020-02-10 00:40:11 +01:00
# Install MySQL selection
-i | --installmysql )
installMySQL = true
; ;
-n | --nomysql )
installMySQL = false
; ;
# MySQL server/root information
-h | --mysqlhost )
2018-03-09 22:51:48 +01:00
shift
2020-02-10 00:40:11 +01:00
mysqlHost = " $1 "
2018-03-09 22:51:48 +01:00
; ;
2020-02-10 00:40:11 +01:00
-p | --mysqlport )
2018-03-09 22:51:48 +01:00
shift
2020-02-10 00:40:11 +01:00
mysqlPort = " $1 "
; ;
-r | --mysqlpwd )
shift
mysqlRootPwd = " $1 "
2018-03-09 22:51:48 +01:00
; ;
2020-02-10 00:40:11 +01:00
# Guac database/user information
-db | --guacdb )
2019-04-04 19:06:13 +02:00
shift
2020-02-10 00:40:11 +01:00
guacDb = " $1 "
2019-04-04 19:06:13 +02:00
; ;
2020-02-10 00:40:11 +01:00
-gu | --guacuser )
2019-04-04 19:06:13 +02:00
shift
2020-02-10 00:40:11 +01:00
guacUser = " $1 "
2019-04-04 19:06:13 +02:00
; ;
2020-02-10 00:40:11 +01:00
-gp | --guacpwd )
shift
2020-03-05 14:56:11 +01:00
guacPwd = " $1 "
2020-02-10 00:40:11 +01:00
; ;
# MFA selection
2020-02-05 21:24:52 +01:00
-t | --totp )
installTOTP = true
; ;
2020-02-10 00:40:11 +01:00
-d | --duo )
2020-02-05 21:24:52 +01:00
installDuo = true
2020-03-05 14:56:11 +01:00
; ;
-o | --nomfa )
installTOTP = false
installDuo = false
; ;
2018-03-09 22:51:48 +01:00
esac
shift
2017-11-29 21:50:18 +01:00
done
2018-03-09 22:51:48 +01:00
2020-03-18 14:12:01 +01:00
if [ [ -z " ${ installTOTP } " ] ] && [ [ " ${ installDuo } " != true ] ] ; then
2020-02-17 21:06:47 +01:00
# Prompt the user if they would like to install TOTP MFA, default of no
2022-01-06 03:00:05 +01:00
echo -e -n " ${ CYAN } MFA: Would you like to install TOTP (choose 'N' if you want Duo)? (y/N): ${ NC } "
2020-02-10 00:40:11 +01:00
read PROMPT
2020-03-18 14:12:01 +01:00
if [ [ ${ PROMPT } = ~ ^[ Yy] $ ] ] ; then
2020-02-17 21:06:47 +01:00
installTOTP = true
2020-02-17 21:56:15 +01:00
installDuo = false
2020-02-17 21:06:47 +01:00
else
installTOTP = false
fi
2019-04-04 19:06:13 +02:00
fi
2020-03-18 14:12:01 +01:00
if [ [ -z " ${ installDuo } " ] ] && [ [ " ${ installTOTP } " != true ] ] ; then
2020-02-17 21:06:47 +01:00
# Prompt the user if they would like to install Duo MFA, default of no
2020-03-04 20:24:53 +01:00
echo -e -n " ${ CYAN } MFA: Would you like to install Duo (configuration values must be set after install in /etc/guacamole/guacamole.properties)? (y/N): ${ NC } "
2020-02-10 00:40:11 +01:00
read PROMPT
2020-03-18 14:12:01 +01:00
if [ [ ${ PROMPT } = ~ ^[ Yy] $ ] ] ; then
2020-02-17 21:06:47 +01:00
installDuo = true
2020-02-17 21:56:15 +01:00
installTOTP = false
2020-02-17 21:06:47 +01:00
else
installDuo = false
fi
2019-04-04 19:06:13 +02:00
fi
2020-03-04 20:24:53 +01:00
# We can't install TOTP and Duo at the same time...
2020-03-18 14:12:01 +01:00
if [ [ " ${ installTOTP } " = true ] ] && [ " ${ installDuo } " = true ] ; then
echo -e " ${ RED } MFA: The script does not support installing TOTP and Duo at the same time. ${ NC } " 1>& 2
2020-03-04 20:24:53 +01:00
exit 1
fi
echo
2020-03-18 14:12:01 +01:00
if [ [ -z ${ installMySQL } ] ] ; then
2020-02-10 00:40:11 +01:00
# Prompt the user to see if they would like to install MySQL, default of yes
2020-03-04 20:24:53 +01:00
echo "MySQL is required for installation, if you're using a remote MySQL Server select 'n'"
2020-02-17 21:06:47 +01:00
echo -e -n " ${ CYAN } Would you like to install MySQL? (Y/n): ${ NC } "
2020-02-10 00:40:11 +01:00
read PROMPT
2020-03-18 14:12:01 +01:00
if [ [ ${ PROMPT } = ~ ^[ Nn] $ ] ] ; then
2020-02-17 21:06:47 +01:00
installMySQL = false
else
installMySQL = true
fi
2020-02-10 00:40:11 +01:00
fi
2020-03-18 14:12:01 +01:00
if [ " ${ installMySQL } " = false ] ; then
2020-02-10 00:40:11 +01:00
# We need to get additional values
2020-03-18 14:12:01 +01:00
[ -z " ${ mysqlHost } " ] \
&& read -p "Enter MySQL server hostname or IP: " mysqlHost
[ -z " ${ mysqlPort } " ] \
&& read -p "Enter MySQL server port [3306]: " mysqlPort
[ -z " ${ guacDb } " ] \
&& read -p "Enter Guacamole database name [guacamole_db]: " guacDb
[ -z " ${ guacUser } " ] \
&& read -p "Enter Guacamole user [guacamole_user]: " guacUser
2020-02-10 00:40:11 +01:00
fi
# Checking if mysql host given
2020-03-18 14:12:01 +01:00
if [ -z " ${ mysqlHost } " ] ; then
2020-02-10 00:40:11 +01:00
mysqlHost = "localhost"
fi
# Checking if mysql port given
2020-03-18 14:12:01 +01:00
if [ -z " ${ mysqlPort } " ] ; then
2020-02-10 00:40:11 +01:00
mysqlPort = "3306"
fi
# Checking if mysql user given
2020-03-18 14:12:01 +01:00
if [ -z " ${ guacUser } " ] ; then
2020-02-10 00:40:11 +01:00
guacUser = "guacamole_user"
2018-03-09 22:51:48 +01:00
fi
2017-11-29 21:50:18 +01:00
2020-02-10 00:40:11 +01:00
# Checking if database name given
2020-03-18 14:12:01 +01:00
if [ -z " ${ guacDb } " ] ; then
2020-02-10 00:40:11 +01:00
guacDb = "guacamole_db"
fi
2017-07-20 19:46:08 +02:00
2020-03-05 14:56:11 +01:00
if [ -z " ${ mysqlRootPwd } " ] ; then
# Get MySQL "Root" and "Guacamole User" password
while true; do
echo
read -s -p " Enter ${ mysqlHost } 's MySQL root password: " mysqlRootPwd
echo
read -s -p " Confirm ${ mysqlHost } 's MySQL root password: " PROMPT2
echo
2020-03-18 14:12:01 +01:00
[ " ${ mysqlRootPwd } " = " ${ PROMPT2 } " ] && break
echo -e " ${ RED } Passwords don't match. Please try again. ${ NC } " 1>& 2
2020-03-05 14:56:11 +01:00
done
else
2020-03-18 14:12:01 +01:00
echo -e " ${ BLUE } Read MySQL root's password from command line argument ${ NC } "
2020-03-05 14:56:11 +01:00
fi
2020-03-04 20:24:53 +01:00
echo
2020-03-05 14:56:11 +01:00
if [ -z " ${ guacPwd } " ] ; then
while true; do
echo -e " ${ BLUE } A new MySQL user will be created ( ${ guacUser } ) ${ NC } "
read -s -p " Enter ${ mysqlHost } 's MySQL guacamole user password: " guacPwd
echo
read -s -p " Confirm ${ mysqlHost } 's MySQL guacamole user password: " PROMPT2
echo
2020-03-18 14:12:01 +01:00
[ " ${ guacPwd } " = " ${ PROMPT2 } " ] && break
echo -e " ${ RED } Passwords don't match. Please try again. ${ NC } " 1>& 2
2020-03-05 14:56:11 +01:00
echo
done
else
2020-03-18 14:12:01 +01:00
echo -e " ${ BLUE } Read MySQL ${ guacUser } 's password from command line argument ${ NC } "
2020-03-05 14:56:11 +01:00
fi
2020-03-04 20:24:53 +01:00
echo
2020-03-18 14:12:01 +01:00
if [ " ${ installMySQL } " = true ] ; then
2020-03-04 20:24:53 +01:00
# Seed MySQL install values
2020-03-18 14:12:01 +01:00
debconf-set-selections <<< " mysql-server mysql-server/root_password password ${ mysqlRootPwd } "
debconf-set-selections <<< " mysql-server mysql-server/root_password_again password ${ mysqlRootPwd } "
2020-03-04 20:24:53 +01:00
fi
2020-12-27 06:41:33 +01:00
# Different version of Ubuntu/Linux Mint and Debian have different package names...
2018-01-20 15:23:04 +01:00
source /etc/os-release
2020-12-27 06:41:33 +01:00
if [ [ " ${ NAME } " = = "Ubuntu" ] ] || [ [ " ${ NAME } " = = "Linux Mint" ] ] ; then
2020-03-04 20:24:53 +01:00
# Ubuntu > 18.04 does not include universe repo by default
2020-02-17 21:06:47 +01:00
# Add the "Universe" repo, don't update
2021-07-30 22:54:55 +02:00
add-apt-repository -y universe
2020-02-17 21:06:47 +01:00
# Set package names depending on version
2017-07-29 21:33:15 +02:00
JPEGTURBO = "libjpeg-turbo8-dev"
2020-02-05 21:24:52 +01:00
if [ [ " ${ VERSION_ID } " = = "16.04" ] ] ; then
2018-01-20 15:23:04 +01:00
LIBPNG = "libpng12-dev"
else
LIBPNG = "libpng-dev"
fi
2020-03-18 14:12:01 +01:00
if [ " ${ installMySQL } " = true ] ; then
2020-05-05 14:42:30 +02:00
MYSQL = "mysql-server mysql-client mysql-common"
2020-02-23 18:57:27 +01:00
# Checking if (any kind of) mysql-client or compatible command installed. This is useful for existing mariadb server
2020-03-18 14:12:01 +01:00
elif [ -x " $( command -v mysql ) " ] ; then
2020-02-23 20:27:15 +01:00
MYSQL = ""
2020-02-17 21:56:15 +01:00
else
MYSQL = "mysql-client"
fi
2020-12-27 06:41:33 +01:00
elif [ [ " ${ NAME } " = = *"Debian" * ] ] || [ [ " ${ NAME } " = = *"Raspbian GNU/Linux" * ] ] || [ [ " ${ NAME } " = = *"Kali GNU/Linux" * ] ] || [ [ " ${ NAME } " = = "LMDE" ] ] ; then
2017-07-29 21:33:15 +02:00
JPEGTURBO = "libjpeg62-turbo-dev"
2021-09-01 00:22:31 +02:00
if [ [ " ${ PRETTY_NAME } " = = *"bullseye" * ] ] || [ [ " ${ PRETTY_NAME } " = = *"stretch" * ] ] || [ [ " ${ PRETTY_NAME } " = = *"buster" * ] ] || [ [ " ${ PRETTY_NAME } " = = *"Kali GNU/Linux Rolling" * ] ] || [ [ " ${ NAME } " = = "LMDE" ] ] ; then
2018-01-20 15:23:04 +01:00
LIBPNG = "libpng-dev"
else
LIBPNG = "libpng12-dev"
2018-01-20 21:32:22 +01:00
fi
2020-03-18 14:12:01 +01:00
if [ " ${ installMySQL } " = true ] ; then
2020-02-17 21:56:15 +01:00
MYSQL = "default-mysql-server default-mysql-client mysql-common"
2020-02-23 20:25:48 +01:00
# Checking if (any kind of) mysql-client or compatible command installed. This is useful for existing mariadb server
2020-03-18 14:12:01 +01:00
elif [ -x " $( command -v mysql ) " ] ; then
2020-02-23 20:27:15 +01:00
MYSQL = ""
2020-02-17 21:56:15 +01:00
else
MYSQL = "default-mysql-client"
fi
2018-01-20 15:23:04 +01:00
else
2020-12-27 06:41:33 +01:00
echo "Unsupported distribution - Debian, Kali, Raspbian, Linux Mint or Ubuntu only"
2018-09-13 19:21:33 +02:00
exit 1
2017-07-29 21:33:15 +02:00
fi
2020-03-18 14:12:01 +01:00
# Update apt so we can search apt-cache for newest Tomcat version supported & libmariadb-java/libmysql-java
2020-02-17 21:06:47 +01:00
echo -e " ${ BLUE } Updating apt... ${ NC } "
2018-09-13 20:47:37 +02:00
apt-get -qq update
2020-03-18 14:12:01 +01:00
# Check if libmariadb-java/libmysql-java is available
# Debian 10 >= ~ https://packages.debian.org/search?keywords=libmariadb-java
if [ [ $( apt-cache show libmariadb-java 2> /dev/null | wc -l ) -gt 0 ] ] ; then
# When something higher than 1.1.0 is out ~ https://issues.apache.org/jira/browse/GUACAMOLE-852
#echo -e "${BLUE}Found libmariadb-java package...${NC}"
#LIBJAVA="libmariadb-java"
# For v1.1.0 and lower
echo -e " ${ YELLOW } Found libmariadb-java package (known issues). Will download libmysql-java ${ MCJVER } and install manually ${ NC } "
LIBJAVA = ""
# Debian 9 <= ~ https://packages.debian.org/search?keywords=libmysql-java
elif [ [ $( apt-cache show libmysql-java 2> /dev/null | wc -l ) -gt 0 ] ] ; then
echo -e " ${ BLUE } Found libmysql-java package... ${ NC } "
2020-02-17 21:06:47 +01:00
LIBJAVA = "libmysql-java"
else
2020-03-18 14:12:01 +01:00
echo -e " ${ YELLOW } lib{mariadb,mysql}-java not available. Will download mysql-connector-java- ${ MCJVER } .tar.gz and install manually ${ NC } "
2020-02-17 21:06:47 +01:00
LIBJAVA = ""
fi
# tomcat9 is the latest version
# tomcat8.0 is end of life, but tomcat8.5 is current
# fallback is tomcat7
2020-03-18 14:12:01 +01:00
if [ [ $( apt-cache show tomcat9 2> /dev/null | egrep "Version: 9" | wc -l ) -gt 0 ] ] ; then
echo -e " ${ BLUE } Found tomcat9 package... ${ NC } "
2020-02-17 21:06:47 +01:00
TOMCAT = "tomcat9"
2020-03-18 14:12:01 +01:00
elif [ [ $( apt-cache show tomcat8 2> /dev/null | egrep "Version: 8.[5-9]" | wc -l ) -gt 0 ] ] ; then
echo -e " ${ BLUE } Found tomcat8.5+ package... ${ NC } "
2018-01-20 15:23:04 +01:00
TOMCAT = "tomcat8"
2020-03-18 14:12:01 +01:00
elif [ [ $( apt-cache show tomcat7 2> /dev/null | egrep "Version: 7" | wc -l ) -gt 0 ] ] ; then
echo -e " ${ BLUE } Found tomcat7 package... ${ NC } "
2018-01-20 15:23:04 +01:00
TOMCAT = "tomcat7"
2020-03-18 14:12:01 +01:00
else
echo -e " ${ RED } Failed. Can't find Tomcat package ${ NC } " 1>& 2
exit 1
2017-09-20 16:44:39 +02:00
fi
2020-03-18 14:12:01 +01:00
# Uncomment to manually force a Tomcat version
2018-01-20 15:23:04 +01:00
#TOMCAT=""
2017-08-22 04:54:27 +02:00
# Install features
2020-03-04 20:24:53 +01:00
echo -e " ${ BLUE } Installing packages. This might take a few minutes... ${ NC } "
2018-08-29 15:18:29 +02:00
2020-03-04 20:24:53 +01:00
# Don't prompt during install
2019-07-02 16:27:59 +02:00
export DEBIAN_FRONTEND = noninteractive
2020-03-04 20:24:53 +01:00
# Required packages
2020-07-04 03:24:18 +02:00
apt-get -y install build-essential libcairo2-dev ${ JPEGTURBO } ${ LIBPNG } libossp-uuid-dev libavcodec-dev libavformat-dev libavutil-dev \
2020-02-05 21:24:52 +01:00
libswscale-dev freerdp2-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libpulse-dev libssl-dev \
2021-03-09 19:11:16 +01:00
libvorbis-dev libwebp-dev libwebsockets-dev freerdp2-x11 libtool-bin ghostscript dpkg-dev wget crudini libc-bin \
2020-03-04 20:24:53 +01:00
${ MYSQL } ${ LIBJAVA } ${ TOMCAT } & >> ${ LOG }
2019-01-23 23:15:59 +01:00
2020-03-04 20:24:53 +01:00
# If apt fails to run completely the rest of this isn't going to work...
2019-01-23 23:15:59 +01:00
if [ $? -ne 0 ] ; then
2020-03-18 14:12:01 +01:00
echo -e " ${ RED } Failed. See ${ LOG } ${ NC } " 1>& 2
2019-01-23 23:15:59 +01:00
exit 1
2019-01-23 23:57:57 +01:00
else
2019-01-23 23:15:59 +01:00
echo -e " ${ GREEN } OK ${ NC } "
fi
2020-03-18 14:12:01 +01:00
echo
2017-07-20 19:46:08 +02:00
2017-11-11 17:03:42 +01:00
# Set SERVER to be the preferred download server from the Apache CDN
2018-01-21 01:34:58 +01:00
SERVER = " http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/ ${ GUACVERSION } "
2020-03-04 20:24:53 +01:00
echo -e " ${ BLUE } Downloading files... ${ NC } "
2018-01-20 22:54:25 +01:00
2017-11-29 21:50:18 +01:00
# Download Guacamole Server
2018-08-29 15:18:29 +02:00
wget -q --show-progress -O guacamole-server-${ GUACVERSION } .tar.gz ${ SERVER } /source/guacamole-server-${ GUACVERSION } .tar.gz
2018-01-21 01:34:58 +01:00
if [ $? -ne 0 ] ; then
2020-03-18 14:12:01 +01:00
echo -e " ${ RED } Failed to download guacamole-server- ${ GUACVERSION } .tar.gz " 1>& 2
2018-09-13 19:21:33 +02:00
echo -e " ${ SERVER } /source/guacamole-server- ${ GUACVERSION } .tar.gz ${ NC } "
exit 1
2020-02-17 21:56:15 +01:00
else
2020-03-04 20:24:53 +01:00
# Extract Guacamole Files
2020-02-17 21:56:15 +01:00
tar -xzf guacamole-server-${ GUACVERSION } .tar.gz
2017-11-29 21:50:18 +01:00
fi
2018-09-13 19:21:33 +02:00
echo -e " ${ GREEN } Downloaded guacamole-server- ${ GUACVERSION } .tar.gz ${ NC } "
2017-11-29 21:50:18 +01:00
# Download Guacamole Client
2018-08-29 15:18:29 +02:00
wget -q --show-progress -O guacamole-${ GUACVERSION } .war ${ SERVER } /binary/guacamole-${ GUACVERSION } .war
2018-01-21 01:34:58 +01:00
if [ $? -ne 0 ] ; then
2020-03-18 14:12:01 +01:00
echo -e " ${ RED } Failed to download guacamole- ${ GUACVERSION } .war " 1>& 2
2018-09-13 19:21:33 +02:00
echo -e " ${ SERVER } /binary/guacamole- ${ GUACVERSION } .war ${ NC } "
exit 1
2017-11-29 21:50:18 +01:00
fi
2018-09-13 19:21:33 +02:00
echo -e " ${ GREEN } Downloaded guacamole- ${ GUACVERSION } .war ${ NC } "
2017-11-29 21:50:18 +01:00
2019-05-18 20:53:48 +02:00
# Download Guacamole authentication extensions (Database)
2018-08-29 15:18:29 +02:00
wget -q --show-progress -O guacamole-auth-jdbc-${ GUACVERSION } .tar.gz ${ SERVER } /binary/guacamole-auth-jdbc-${ GUACVERSION } .tar.gz
2018-01-21 01:34:58 +01:00
if [ $? -ne 0 ] ; then
2020-03-18 14:12:01 +01:00
echo -e " ${ RED } Failed to download guacamole-auth-jdbc- ${ GUACVERSION } .tar.gz " 1>& 2
2018-09-13 19:21:33 +02:00
echo -e " ${ SERVER } /binary/guacamole-auth-jdbc- ${ GUACVERSION } .tar.gz "
exit 1
2020-02-17 21:56:15 +01:00
else
tar -xzf guacamole-auth-jdbc-${ GUACVERSION } .tar.gz
2017-11-29 21:50:18 +01:00
fi
2018-09-13 19:21:33 +02:00
echo -e " ${ GREEN } Downloaded guacamole-auth-jdbc- ${ GUACVERSION } .tar.gz ${ NC } "
2020-02-10 00:40:11 +01:00
2020-02-05 21:24:52 +01:00
# Download Guacamole authentication extensions
2020-02-17 21:06:47 +01:00
# TOTP
2020-03-18 14:12:01 +01:00
if [ " ${ installTOTP } " = true ] ; then
2020-02-17 21:06:47 +01:00
wget -q --show-progress -O guacamole-auth-totp-${ GUACVERSION } .tar.gz ${ SERVER } /binary/guacamole-auth-totp-${ GUACVERSION } .tar.gz
if [ $? -ne 0 ] ; then
2020-03-18 14:12:01 +01:00
echo -e " ${ RED } Failed to download guacamole-auth-totp- ${ GUACVERSION } .tar.gz " 1>& 2
2020-02-17 21:06:47 +01:00
echo -e " ${ SERVER } /binary/guacamole-auth-totp- ${ GUACVERSION } .tar.gz "
exit 1
2020-02-17 21:56:15 +01:00
else
tar -xzf guacamole-auth-totp-${ GUACVERSION } .tar.gz
2020-02-17 21:06:47 +01:00
fi
echo -e " ${ GREEN } Downloaded guacamole-auth-totp- ${ GUACVERSION } .tar.gz ${ NC } "
2019-05-18 20:53:48 +02:00
fi
2020-02-17 21:06:47 +01:00
# Duo
2020-03-18 14:12:01 +01:00
if [ " ${ installDuo } " = true ] ; then
2020-02-17 21:06:47 +01:00
wget -q --show-progress -O guacamole-auth-duo-${ GUACVERSION } .tar.gz ${ SERVER } /binary/guacamole-auth-duo-${ GUACVERSION } .tar.gz
if [ $? -ne 0 ] ; then
2020-03-18 14:12:01 +01:00
echo -e " ${ RED } Failed to download guacamole-auth-duo- ${ GUACVERSION } .tar.gz " 1>& 2
2020-02-17 21:06:47 +01:00
echo -e " ${ SERVER } /binary/guacamole-auth-duo- ${ GUACVERSION } .tar.gz "
exit 1
2020-02-17 21:56:15 +01:00
else
tar -xzf guacamole-auth-duo-${ GUACVERSION } .tar.gz
2020-02-17 21:06:47 +01:00
fi
echo -e " ${ GREEN } Downloaded guacamole-auth-duo- ${ GUACVERSION } .tar.gz ${ NC } "
fi
2020-02-05 21:24:52 +01:00
2020-03-18 14:12:01 +01:00
# Deal with missing MySQL Connector/J
if [ [ -z $LIBJAVA ] ] ; then
2020-02-17 21:06:47 +01:00
# Download MySQL Connector/J
wget -q --show-progress -O mysql-connector-java-${ MCJVER } .tar.gz https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-java-${ MCJVER } .tar.gz
if [ $? -ne 0 ] ; then
2020-03-18 14:12:01 +01:00
echo -e " ${ RED } Failed to download mysql-connector-java- ${ MCJVER } .tar.gz " 1>& 2
2020-02-17 21:06:47 +01:00
echo -e " https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-java- ${ MCJVER } .tar.gz ${ NC } "
exit 1
2020-02-17 21:56:15 +01:00
else
tar -xzf mysql-connector-java-${ MCJVER } .tar.gz
2020-02-17 21:06:47 +01:00
fi
echo -e " ${ GREEN } Downloaded mysql-connector-java- ${ MCJVER } .tar.gz ${ NC } "
2020-03-18 14:12:01 +01:00
else
echo -e " ${ YELLOW } Skipping manually installing MySQL Connector/J ${ NC } "
2020-02-05 21:24:52 +01:00
fi
2020-02-17 21:06:47 +01:00
echo -e " ${ GREEN } Downloading complete. ${ NC } "
2020-03-04 20:24:53 +01:00
echo
2020-02-17 21:06:47 +01:00
2017-08-22 04:54:27 +02:00
# Make directories
2020-03-18 14:12:01 +01:00
rm -rf /etc/guacamole/lib/
rm -rf /etc/guacamole/extensions/
mkdir -p /etc/guacamole/lib/
mkdir -p /etc/guacamole/extensions/
2017-07-20 19:46:08 +02:00
2021-09-01 02:06:26 +02:00
# Fix for #196
mkdir -p /usr/sbin/.config/freerdp
chown daemon:daemon /usr/sbin/.config/freerdp
2021-10-22 15:41:42 +02:00
# Fix for #197
mkdir -p /var/guacamole
chown daemon:daemon /var/guacamole
2020-03-04 20:24:53 +01:00
# Install guacd (Guacamole-server)
2020-03-18 14:12:01 +01:00
cd guacamole-server-${ GUACVERSION } /
2018-03-12 23:15:26 +01:00
2020-03-18 14:12:01 +01:00
echo -e " ${ BLUE } Building Guacamole-Server with GCC $( gcc --version | head -n1 | grep -oP '\)\K.*' | awk '{print $1}' ) ${ NC } "
2018-08-29 15:18:29 +02:00
2022-05-09 16:01:56 +02:00
# Fix for warnings #222
export CFLAGS = "-Wno-error"
2020-03-04 20:24:53 +01:00
echo -e " ${ BLUE } Configuring Guacamole-Server. This might take a minute... ${ NC } "
2021-08-21 04:15:38 +02:00
./configure --with-systemd-dir= /etc/systemd/system & >> ${ LOG }
2019-01-23 23:15:59 +01:00
if [ $? -ne 0 ] ; then
2021-01-19 23:25:08 +01:00
echo "Failed to configure guacamole-server"
echo "Trying again with --enable-allow-freerdp-snapshots"
2021-08-21 04:15:38 +02:00
./configure --with-systemd-dir= /etc/systemd/system --enable-allow-freerdp-snapshots
2021-01-19 23:25:08 +01:00
if [ $? -ne 0 ] ; then
echo "Failed to configure guacamole-server - again"
exit
fi
2018-03-12 23:15:26 +01:00
else
2019-01-23 23:15:59 +01:00
echo -e " ${ GREEN } OK ${ NC } "
2018-03-12 23:15:26 +01:00
fi
2019-01-23 23:15:59 +01:00
2020-03-04 20:24:53 +01:00
echo -e " ${ BLUE } Running Make on Guacamole-Server. This might take a few minutes... ${ NC } "
2019-01-23 23:15:59 +01:00
make & >> ${ LOG }
if [ $? -ne 0 ] ; then
2020-03-18 14:12:01 +01:00
echo -e " ${ RED } Failed. See ${ LOG } ${ NC } " 1>& 2
2019-01-23 23:15:59 +01:00
exit 1
else
echo -e " ${ GREEN } OK ${ NC } "
fi
2020-03-04 20:24:53 +01:00
echo -e " ${ BLUE } Running Make Install on Guacamole-Server... ${ NC } "
2019-01-23 23:15:59 +01:00
make install & >> ${ LOG }
if [ $? -ne 0 ] ; then
2020-03-18 14:12:01 +01:00
echo -e " ${ RED } Failed. See ${ LOG } ${ NC } " 1>& 2
2019-01-23 23:15:59 +01:00
exit 1
else
echo -e " ${ GREEN } OK ${ NC } "
fi
2017-07-20 19:46:08 +02:00
ldconfig
2020-03-04 20:24:53 +01:00
echo
2017-07-20 19:46:08 +02:00
2020-03-04 20:24:53 +01:00
# Move files to correct locations (guacamole-client & Guacamole authentication extensions)
cd ..
2020-03-18 14:12:01 +01:00
mv -f guacamole-${ GUACVERSION } .war /etc/guacamole/guacamole.war
mv -f guacamole-auth-jdbc-${ GUACVERSION } /mysql/guacamole-auth-jdbc-mysql-${ GUACVERSION } .jar /etc/guacamole/extensions/
2020-02-17 21:06:47 +01:00
# Create Symbolic Link for Tomcat
2020-03-04 14:42:01 +01:00
ln -sf /etc/guacamole/guacamole.war /var/lib/${ TOMCAT } /webapps/
2017-07-20 19:46:08 +02:00
2020-02-17 21:06:47 +01:00
# Deal with MySQL Connector/J
2020-03-18 14:12:01 +01:00
if [ [ -z $LIBJAVA ] ] ; then
echo -e " ${ BLUE } Moving mysql-connector-java- ${ MCJVER } .jar (/etc/guacamole/lib/mysql-connector-java.jar)... ${ NC } "
mv -f mysql-connector-java-${ MCJVER } /mysql-connector-java-${ MCJVER } .jar /etc/guacamole/lib/mysql-connector-java.jar
elif [ -e /usr/share/java/mariadb-java-client.jar ] ; then
echo -e " ${ BLUE } Linking mariadb-java-client.jar (/etc/guacamole/lib/mariadb-java-client.jar)... ${ NC } "
ln -sf /usr/share/java/mariadb-java-client.jar /etc/guacamole/lib/mariadb-java-client.jar
elif [ -e /usr/share/java/mysql-connector-java.jar ] ; then
echo -e " ${ BLUE } Linking mysql-connector-java.jar (/etc/guacamole/lib/mysql-connector-java.jar)... ${ NC } "
ln -sf /usr/share/java/mysql-connector-java.jar /etc/guacamole/lib/mysql-connector-java.jar
2020-02-17 21:06:47 +01:00
else
2020-03-18 14:12:01 +01:00
echo -e " ${ RED } Can't find *.jar file ${ NC } " 1>& 2
exit 1
2020-02-17 21:06:47 +01:00
fi
2020-03-18 14:12:01 +01:00
echo
2020-02-17 21:06:47 +01:00
# Move TOTP Files
2020-03-18 14:12:01 +01:00
if [ " ${ installTOTP } " = true ] ; then
echo -e " ${ BLUE } Moving guacamole-auth-totp- ${ GUACVERSION } .jar (/etc/guacamole/extensions/)... ${ NC } "
mv -f guacamole-auth-totp-${ GUACVERSION } /guacamole-auth-totp-${ GUACVERSION } .jar /etc/guacamole/extensions/
echo
2019-10-28 17:08:49 +01:00
fi
2020-02-17 21:06:47 +01:00
# Move Duo Files
2020-03-18 14:12:01 +01:00
if [ " ${ installDuo } " = true ] ; then
echo -e " ${ BLUE } Moving guacamole-auth-duo- ${ GUACVERSION } .jar (/etc/guacamole/extensions/)... ${ NC } "
mv -f guacamole-auth-duo-${ GUACVERSION } /guacamole-auth-duo-${ GUACVERSION } .jar /etc/guacamole/extensions/
echo
2020-02-05 21:24:52 +01:00
fi
2017-07-20 19:46:08 +02:00
# Configure guacamole.properties
2019-06-09 20:17:01 +02:00
rm -f /etc/guacamole/guacamole.properties
touch /etc/guacamole/guacamole.properties
2020-02-10 00:40:11 +01:00
echo " mysql-hostname: ${ mysqlHost } " >> /etc/guacamole/guacamole.properties
echo " mysql-port: ${ mysqlPort } " >> /etc/guacamole/guacamole.properties
echo " mysql-database: ${ guacDb } " >> /etc/guacamole/guacamole.properties
echo " mysql-username: ${ guacUser } " >> /etc/guacamole/guacamole.properties
echo " mysql-password: ${ guacPwd } " >> /etc/guacamole/guacamole.properties
# Output Duo configuration settings but comment them out for now
2020-03-18 14:12:01 +01:00
if [ " ${ installDuo } " = true ] ; then
2020-02-17 21:06:47 +01:00
echo "# duo-api-hostname: " >> /etc/guacamole/guacamole.properties
echo "# duo-integration-key: " >> /etc/guacamole/guacamole.properties
echo "# duo-secret-key: " >> /etc/guacamole/guacamole.properties
echo "# duo-application-key: " >> /etc/guacamole/guacamole.properties
echo -e " ${ YELLOW } Duo is installed, it will need to be configured via guacamole.properties ${ NC } "
2020-02-05 21:24:52 +01:00
fi
2020-03-18 14:12:01 +01:00
# Restart Tomcat
echo -e " ${ BLUE } Restarting Tomcat service & enable at boot... ${ NC } "
2017-08-02 13:24:36 +02:00
service ${ TOMCAT } restart
2018-08-29 15:18:29 +02:00
if [ $? -ne 0 ] ; then
2020-03-18 14:12:01 +01:00
echo -e " ${ RED } Failed ${ NC } " 1>& 2
2018-09-13 19:21:33 +02:00
exit 1
else
echo -e " ${ GREEN } OK ${ NC } "
fi
2020-03-04 20:24:53 +01:00
# Start at boot
systemctl enable ${ TOMCAT }
echo
2020-04-08 15:40:49 +02:00
# Set MySQL password
export MYSQL_PWD = ${ mysqlRootPwd }
2020-03-18 14:12:01 +01:00
if [ " ${ installMySQL } " = true ] ; then
2020-04-08 15:40:49 +02:00
2020-03-18 14:12:01 +01:00
# Restart MySQL service
2020-03-04 20:24:53 +01:00
echo -e " ${ BLUE } Restarting MySQL service & enable at boot... ${ NC } "
service mysql restart
if [ $? -ne 0 ] ; then
2020-03-18 14:12:01 +01:00
echo -e " ${ RED } Failed ${ NC } " 1>& 2
2020-03-04 20:24:53 +01:00
exit 1
else
echo -e " ${ GREEN } OK ${ NC } "
fi
# Start at boot
systemctl enable mysql
echo
2020-03-04 14:42:01 +01:00
2020-03-18 14:12:01 +01:00
# Default locations of MySQL config file
for x in /etc/mysql/mariadb.conf.d/50-server.cnf \
/etc/mysql/mysql.conf.d/mysqld.cnf \
/etc/mysql/my.cnf \
; do
# Check the path exists
if [ -e " ${ x } " ] ; then
# Does it have the necessary section
if grep -q '^\[mysqld\]$' " ${ x } " ; then
mysqlconfig = " ${ x } "
# no point keep checking!
break
fi
fi
done
2020-03-04 14:42:01 +01:00
2020-03-18 14:12:01 +01:00
if [ -z " ${ mysqlconfig } " ] ; then
echo -e " ${ YELLOW } Couldn't detect MySQL config file - you may need to manually enter timezone settings ${ NC } "
else
# Is there already a value?
if grep -q "^default_time_zone[[:space:]]?=" " ${ mysqlconfig } " ; then
echo -e " ${ YELLOW } Timezone already defined in ${ mysqlconfig } ${ NC } "
else
timezone = " $( cat /etc/timezone ) "
if [ -z " ${ timezone } " ] ; then
echo -e " ${ YELLOW } Couldn't find timezone, using UTC ${ NC } "
timezone = "UTC"
fi
echo -e " ${ YELLOW } Setting timezone as ${ timezone } ${ NC } "
# Fix for https://issues.apache.org/jira/browse/GUACAMOLE-760
mysql_tzinfo_to_sql /usr/share/zoneinfo 2>/dev/null | mysql -u root -D mysql -h ${ mysqlHost } -P ${ mysqlPort }
crudini --set ${ mysqlconfig } mysqld default_time_zone " ${ timezone } "
# Restart to apply
service mysql restart
echo
fi
fi
2020-03-04 14:42:01 +01:00
fi
2020-03-18 14:12:01 +01:00
# Create ${guacDb} and grant ${guacUser} permissions to it
2017-07-20 19:46:08 +02:00
2017-08-22 04:54:27 +02:00
# SQL code
2020-02-10 00:40:11 +01:00
guacUserHost = "localhost"
2020-03-18 14:12:01 +01:00
if [ [ " ${ mysqlHost } " != "localhost" ] ] ; then
2020-02-10 00:40:11 +01:00
guacUserHost = "%"
echo -e " ${ YELLOW } MySQL Guacamole user is set to accept login from any host, please change this for security reasons if possible. ${ NC } "
fi
2020-03-18 14:12:01 +01:00
# Check for ${guacDb} already being there
2020-03-04 20:24:53 +01:00
echo -e " ${ BLUE } Checking MySQL for existing database ( ${ guacDb } ) ${ NC } "
2017-07-20 19:46:08 +02:00
SQLCODE = "
2020-03-04 20:24:53 +01:00
SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME = '${guacDb}' ; "
# Execute SQL code
MYSQL_RESULT = $( echo ${ SQLCODE } | mysql -u root -D information_schema -h ${ mysqlHost } -P ${ mysqlPort } )
if [ [ $MYSQL_RESULT != "" ] ] ; then
2020-03-18 14:12:01 +01:00
echo -e " ${ RED } It appears there is already a MySQL database ( ${ guacDb } ) on ${ mysqlHost } ${ NC } " 1>& 2
echo -e " ${ RED } Try: mysql -e 'DROP DATABASE ${ guacDb } ' ${ NC } " 1>& 2
#exit 1
2020-03-04 20:24:53 +01:00
else
echo -e " ${ GREEN } OK ${ NC } "
fi
2020-03-18 14:12:01 +01:00
# Check for ${guacUser} already being there
2020-03-04 20:24:53 +01:00
echo -e " ${ BLUE } Checking MySQL for existing user ( ${ guacUser } ) ${ NC } "
SQLCODE = "
SELECT COUNT( *) FROM mysql.user WHERE user = '${guacUser}' ; "
# Execute SQL code
2020-03-18 14:12:01 +01:00
MYSQL_RESULT = $( echo ${ SQLCODE } | mysql -u root -D mysql -h ${ mysqlHost } -P ${ mysqlPort } | grep '0' )
2020-03-04 20:24:53 +01:00
if [ [ $MYSQL_RESULT = = "" ] ] ; then
2020-03-18 14:12:01 +01:00
echo -e " ${ RED } It appears there is already a MySQL user ( ${ guacUser } ) on ${ mysqlHost } ${ NC } " 1>& 2
echo -e " ${ RED } Try: mysql -e \"DROP USER ' ${ guacUser } '@' ${ guacUserHost } '; FLUSH PRIVILEGES;\" ${ NC } " 1>& 2
#exit 1
2020-03-04 20:24:53 +01:00
else
echo -e " ${ GREEN } OK ${ NC } "
fi
# Create database & user, then set permissions
SQLCODE = "
2020-03-18 14:12:01 +01:00
DROP DATABASE IF EXISTS ${ guacDb } ;
2020-03-04 20:24:53 +01:00
CREATE DATABASE IF NOT EXISTS ${ guacDb } ;
2020-03-18 14:12:01 +01:00
CREATE USER IF NOT EXISTS '${guacUser}' @'${guacUserHost}' IDENTIFIED BY \" ${ guacPwd } \" ;
2020-02-10 00:40:11 +01:00
GRANT SELECT,INSERT,UPDATE,DELETE ON ${ guacDb } .* TO '${guacUser}' @'${guacUserHost}' ;
2020-03-18 14:12:01 +01:00
FLUSH PRIVILEGES; "
2017-07-20 19:46:08 +02:00
2017-08-22 04:54:27 +02:00
# Execute SQL code
2020-03-18 14:12:01 +01:00
echo ${ SQLCODE } | mysql -u root -D mysql -h ${ mysqlHost } -P ${ mysqlPort }
2017-07-20 19:46:08 +02:00
2017-08-22 04:54:27 +02:00
# Add Guacamole schema to newly created database
2020-03-04 20:24:53 +01:00
echo -e " ${ BLUE } Adding database tables... ${ NC } "
2020-02-10 00:40:11 +01:00
cat guacamole-auth-jdbc-${ GUACVERSION } /mysql/schema/*.sql | mysql -u root -D ${ guacDb } -h ${ mysqlHost } -P ${ mysqlPort }
2018-08-29 15:18:29 +02:00
if [ $? -ne 0 ] ; then
2020-03-18 14:12:01 +01:00
echo -e " ${ RED } Failed ${ NC } " 1>& 2
2018-09-13 19:21:33 +02:00
exit 1
else
echo -e " ${ GREEN } OK ${ NC } "
fi
2020-03-04 20:24:53 +01:00
echo
2017-07-20 19:46:08 +02:00
2022-01-20 22:53:12 +01:00
# Create guacd.conf file required for 1.4.0
echo -e " ${ BLUE } Create guacd.conf file... ${ NC } "
cat >> /etc/guacamole/guacd.conf <<- "EOF"
[ server]
bind_host = 0.0.0.0
bind_port = 4822
EOF
2018-01-21 03:57:00 +01:00
# Ensure guacd is started
2020-03-18 14:12:01 +01:00
echo -e " ${ BLUE } Starting guacd service & enable at boot... ${ NC } "
service guacd stop 2>/dev/null
2018-01-21 03:57:00 +01:00
service guacd start
2020-03-04 20:24:53 +01:00
systemctl enable guacd
echo
2018-01-21 03:57:00 +01:00
2020-05-07 16:38:39 +02:00
# Deal with ufw and/or iptables
# Check if ufw is a valid command
if [ -x " $( command -v ufw ) " ] ; then
# Check if ufw is active (active|inactive)
if [ [ $( ufw status | grep inactive | wc -l) -eq 0 ] ] ; then
# Check if 8080 is not already allowed
if [ [ $( ufw status | grep "8080/tcp" | grep "ALLOW" | grep "Anywhere" | wc -l) -eq 0 ] ] ; then
# ufw is running, but 8080 is not allowed, add it
ufw allow 8080/tcp comment 'allow tomcat'
fi
fi
fi
# It's possible that someone is just running pure iptables...
# Check if iptables is a valid running service
systemctl is-active --quiet iptables
if [ $? -eq 0 ] ; then
# Check if 8080 is not already allowed
# FYI: This same command matches the rule added with ufw (-A ufw-user-input -p tcp -m tcp --dport 22 -j ACCEPT)
2020-06-24 00:54:35 +02:00
if [ [ $( iptables --list-rules | grep -- "-p tcp" | grep -- "--dport 8080" | grep -- "-j ACCEPT" | wc -l) -eq 0 ] ] ; then
2020-05-07 16:38:39 +02:00
# ALlow it
iptables -A INPUT -p tcp --dport 8080 --jump ACCEPT
fi
fi
# I think there is another service called firewalld that some people could be running instead
# Unless someone opens an issue about it or submits a pull request, I'm going to ignore it for now
2017-07-20 19:46:08 +02:00
# Cleanup
2018-09-13 19:21:33 +02:00
echo -e " ${ BLUE } Cleanup install files... ${ NC } "
2017-07-20 19:46:08 +02:00
rm -rf guacamole-*
2020-02-17 21:06:47 +01:00
rm -rf mysql-connector-java-*
2020-02-10 00:40:11 +01:00
unset MYSQL_PWD
2020-03-04 20:24:53 +01:00
echo
2018-08-29 15:18:29 +02:00
2020-02-17 21:06:47 +01:00
# Done
2020-03-04 20:24:53 +01:00
echo -e " ${ BLUE } Installation Complete\n- Visit: http://localhost:8080/guacamole/\n- Default login (username/password): guacadmin/guacadmin\n***Be sure to change the password***. ${ NC } "
2020-02-17 21:06:47 +01:00
2020-03-18 14:12:01 +01:00
if [ " ${ installDuo } " = true ] ; then
2020-03-04 20:24:53 +01:00
echo -e " ${ YELLOW } \nDon't forget to configure Duo in guacamole.properties. You will not be able to login otherwise.\nhttps://guacamole.apache.org/doc/ ${ GUACVERSION } /gug/duo-auth.html ${ NC } "
2020-02-17 21:06:47 +01:00
fi