diff --git a/.github/workflows/create.yml b/.github/workflows/create.yml index e4395ea9..4b1f03c4 100644 --- a/.github/workflows/create.yml +++ b/.github/workflows/create.yml @@ -12,10 +12,8 @@ jobs: env: TAGS: latest steps: - - uses: actions/checkout@v2 - with: - token: ${{ secrets.ACCESS_TOKEN }} - + - uses: actions/checkout@master + - name: Creating run: | cd apps && python3 create.py diff --git a/apps/add b/apps/add index a10e9c47..8b137891 100644 --- a/apps/add +++ b/apps/add @@ -1 +1 @@ -phpmyadmin + diff --git a/apps/application.yml b/apps/application.yml index cfc45dab..3fc8ffbc 100644 --- a/apps/application.yml +++ b/apps/application.yml @@ -20,8 +20,8 @@ roles: - { role: role_common, tags: "role_common" } - { role: role_cloud, tags: "role_cloud" } - - { role: role_nginx, tags: "role_nginx" } - { role: "{{appname}}", tags: "{{appname}}" } + - { role: role_nginx, tags: "role_nginx" } - { role: role_init, tags: "role_init" } - { role: role_preend, tags: "preend" } - { role: role_end, tags: "role_end" } diff --git a/apps/requirements.yml b/apps/requirements.yml index c21b50df..d3f5a12f 100644 --- a/apps/requirements.yml +++ b/apps/requirements.yml @@ -1,6 +1 @@ -- src: http://github.com/websoft9/role_common -- src: http://github.com/websoft9/role_cloud -- src: http://github.com/websoft9/role_nginx -- src: http://github.com/websoft9/role_init -- src: http://github.com/websoft9/role_preend -- src: http://github.com/websoft9/role_end + diff --git a/apps/roles/Template/meta/main.yml b/apps/roles/Template/meta/main.yml index 9d0ee241..c630162c 100644 --- a/apps/roles/Template/meta/main.yml +++ b/apps/roles/Template/meta/main.yml @@ -1,5 +1,6 @@ --- -dependencies: [] +dependencies: + - phpmyadmin allow_duplicates: true diff --git a/apps/roles/erpnext/meta/main.yml b/apps/roles/erpnext/meta/main.yml index 82eb7066..0854528a 100644 --- a/apps/roles/erpnext/meta/main.yml +++ b/apps/roles/erpnext/meta/main.yml @@ -1,5 +1,6 @@ --- -dependencies: [phpmyadmin] +dependencies: + - phpmyadmin galaxy_info: author: diff --git a/apps/roles/metabase/files/create_users.sh b/apps/roles/metabase/files/create_users.sh deleted file mode 100644 index 11d7232b..00000000 --- a/apps/roles/metabase/files/create_users.sh +++ /dev/null @@ -1,50 +0,0 @@ -#!/bin/sh -# copy from: https://www.metabase.com/learn/administration/serialization#add-users-to-our-metabase-origin-environment - -ADMIN_EMAIL=${MB_ADMIN_EMAIL:-admin@metabase.local} -ADMIN_PASSWORD=${MB_ADMIN_PASSWORD:-Metapass123} - -METABASE_HOST=${MB_HOSTNAME} -METABASE_PORT=${MB_PORT:-3000} - -echo "โŒš๏ธŽ Waiting for Metabase to start" -while (! curl -s -m 5 http://${METABASE_HOST}:${METABASE_PORT}/api/session/properties -o /dev/null); do sleep 5; done - -echo "๐Ÿ˜Ž Creating admin user" - -SETUP_TOKEN=$(curl -s -m 5 -X GET \ - -H "Content-Type: application/json" \ - http://${METABASE_HOST}:${METABASE_PORT}/api/session/properties \ - | jq -r '.["setup-token"]' -) - -MB_TOKEN=$(curl -s -X POST \ - -H "Content-type: application/json" \ - http://${METABASE_HOST}:${METABASE_PORT}/api/setup \ - -d '{ - "token": "'${SETUP_TOKEN}'", - "user": { - "email": "'${ADMIN_EMAIL}'", - "first_name": "Metabase", - "last_name": "Admin", - "password": "'${ADMIN_PASSWORD}'" - }, - "prefs": { - "allow_tracking": false, - "site_name": "Metawhat" - } -}' | jq -r '.id') - - -echo -e "\n๐Ÿ‘ฅ Creating some basic users: " -curl -s "http://${METABASE_HOST}:${METABASE_PORT}/api/user" \ - -H 'Content-Type: application/json' \ - -H "X-Metabase-Session: ${MB_TOKEN}" \ - -d '{"first_name":"Basic","last_name":"User","email":"basic@somewhere.com","login_attributes":{"region_filter":"WA"},"password":"'${ADMIN_PASSWORD}'"}' - -curl -s "http://${METABASE_HOST}:${METABASE_PORT}/api/user" \ - -H 'Content-Type: application/json' \ - -H "X-Metabase-Session: ${MB_TOKEN}" \ - -d '{"first_name":"Basic 2","last_name":"User","email":"basic2@somewhere.com","login_attributes":{"region_filter":"CA"},"password":"'${ADMIN_PASSWORD}'"}' - -echo -e "\n๐Ÿ‘ฅ Basic users created!" \ No newline at end of file diff --git a/apps/roles/metabase/files/template.sh b/apps/roles/metabase/files/template.sh new file mode 100644 index 00000000..8b137891 --- /dev/null +++ b/apps/roles/metabase/files/template.sh @@ -0,0 +1 @@ + diff --git a/apps/roles/metabase/meta/main.yml b/apps/roles/metabase/meta/main.yml index cbb0858d..bdad16df 100644 --- a/apps/roles/metabase/meta/main.yml +++ b/apps/roles/metabase/meta/main.yml @@ -1,5 +1,6 @@ --- -dependencies: [] +dependencies: + - phpmyadmin galaxy_info: author: diff --git a/apps/roles/metabase/tasks/main.yml b/apps/roles/metabase/tasks/main.yml index f760b910..55033968 100644 --- a/apps/roles/metabase/tasks/main.yml +++ b/apps/roles/metabase/tasks/main.yml @@ -1,8 +1,18 @@ +- name: Copy create_users.sh to /opt/ + template: + src: create_users.sh + dest: /opt/create_users.sh + +- name: Install {{appname}} + include_tasks: tasks/install.yml + vars: + app: "metabase" + - name: wait for {{appname}} start wait_for: port: "{{nginx_reverse_proxy_port}}" delay: 10 - timeout: 120 + timeout: 120 - name: Check {{appname}} Version shell: | diff --git a/apps/roles/metabase/tasks/pre.yml b/apps/roles/metabase/tasks/pre.yml deleted file mode 100644 index e0f0f873..00000000 --- a/apps/roles/metabase/tasks/pre.yml +++ /dev/null @@ -1,4 +0,0 @@ -- name: Copy create_users.sh to /opt/ - template: - src: create_users.sh - dest: /opt/create_users.sh diff --git a/apps/roles/metabase/templates/create_users.sh b/apps/roles/metabase/templates/create_users.sh index 11d7232b..8045518c 100644 --- a/apps/roles/metabase/templates/create_users.sh +++ b/apps/roles/metabase/templates/create_users.sh @@ -2,7 +2,7 @@ # copy from: https://www.metabase.com/learn/administration/serialization#add-users-to-our-metabase-origin-environment ADMIN_EMAIL=${MB_ADMIN_EMAIL:-admin@metabase.local} -ADMIN_PASSWORD=${MB_ADMIN_PASSWORD:-Metapass123} +ADMIN_PASSWORD=${POWER_PASSWORD:-Metapass123} METABASE_HOST=${MB_HOSTNAME} METABASE_PORT=${MB_PORT:-3000} @@ -47,4 +47,4 @@ curl -s "http://${METABASE_HOST}:${METABASE_PORT}/api/user" \ -H "X-Metabase-Session: ${MB_TOKEN}" \ -d '{"first_name":"Basic 2","last_name":"User","email":"basic2@somewhere.com","login_attributes":{"region_filter":"CA"},"password":"'${ADMIN_PASSWORD}'"}' -echo -e "\n๐Ÿ‘ฅ Basic users created!" \ No newline at end of file +echo -e "\n๐Ÿ‘ฅ Basic users created!" diff --git a/apps/roles/metabase/vars/main.yml b/apps/roles/metabase/vars/main.yml index 950c72e7..2c5d623e 100644 --- a/apps/roles/metabase/vars/main.yml +++ b/apps/roles/metabase/vars/main.yml @@ -1,26 +1 @@ -common_install_docker: True - - nginx_reverse_proxy_port: "9001" -nginx_certbot: True - -init_docker: - metabase: - admin_username: "admin@metabase.local" - admin_password: "123456" - db: mysql - db_name: metabase - db_username: root - db_password: "123456" - service_after: "docker.service" - compose_path: "/data/apps/metabase/docker-compose.yml" - compose_commands: - - sudo sed -i "s/123456/$new_password/g" /data/apps/metabase/.env - volumes: - - /data/apps/metabase/volumes - commands: - - sudo systemctl stop nginx - - cd /opt - - chmod +x create_users.sh - - MB_HOSTNAME=localhost MB_PORT=9001 MB_ADMIN_PASSWORD=$new_password ./create_users.sh - - sudo systemctl start nginx diff --git a/apps/roles/role_common/tasks/main.yml b/apps/roles/role_common/tasks/main.yml index b576f7ce..a2e11abe 100644 --- a/apps/roles/role_common/tasks/main.yml +++ b/apps/roles/role_common/tasks/main.yml @@ -65,9 +65,6 @@ - cert - apps failed_when: False - -- name: Create /data/wwwroot softlink to /data/apps - shell: ln -sf /data/apps /data/wwwroot - block: - name: set a regular hostname, remove "." @@ -110,3 +107,14 @@ - name: Check Docker Version shell: sudo sh -c "docker -v 1>> /data/logs/install_version.txt" + +# Softlink +- name: Create a symbolic link + file: + src: '{{item.src}}' + dest: '{{item.dest}}' + state: link + force: yes + with_items: + - {src: /data/apps/, dest: /data/wwwroot } + - {src: /var/lib/docker/,dest: /data/docker} diff --git a/apps/roles/role_init/README.md b/apps/roles/role_init/README.md index 28367bec..ec667f93 100644 --- a/apps/roles/role_init/README.md +++ b/apps/roles/role_init/README.md @@ -12,176 +12,16 @@ Ansible Role: init | Operating system | CentOS7.x Ubuntu AmazonLinux | | Python ็‰ˆๆœฌ | Python2 | | Python ็ป„ไปถ | | -| Runtime | MySQL, MariaDB, PostgreSQL, MongoDB | +| Runtime | Docker and DB | ## Related roles -ๆœฌ Role ๅœจ่ฏญๆณ•ไธŠๅผ•็”จไบ†ไธปๅ˜้‡๏ผŒ็จ‹ๅบ่ฟ่กŒๆ—ถ้œ€่ฆ็กฎไฟๅทฒ็ป่ฟ่กŒ๏ผš mysql | mariadb | postgresql | mongodb ็ญ‰ Roleใ€‚ไปฅ mysql ไธบไพ‹๏ผš +ๆœฌ Role ๅผ•็”จ่Œƒไพ‹๏ผš ``` roles: - - {role: role_common, tags: "role_common"} - - {role: role_cloud, tags: "role_cloud"} - - {role: role_mysql, tags: "role_mysql"} - - {role: role_docker, tags: "role_docker"} - - {role: role_docker_phpmyadmin, tags: "role_docker_phpmyadmin"} - - {role: role_init_password, tags: "role_init_password"} + - {role: role_init, tags: "role_init"} ``` -## Variables - -ๆœฌ Role ไธป่ฆๅ˜้‡ไปฅๅŠไฝฟ็”จๆ–นๆณ•ๅฆ‚ไธ‹๏ผš - -| **Items** | **Details** | **Format** | **ๆ˜ฏๅฆๅˆๅง‹ๅŒ–** | -| ------------------| ------------------|-----|-----| -| init_db | ๅ‚่€ƒไธ‹ๆ–น | ๅญ—ๅ…ธ | ๅฆ | -| init_application | [...] | ๅญ—ๅ…ธ | ๅฆ | - -ๆณจๆ„๏ผš -1. init_db, init_application, init_docker ๅˆๅง‹ๅŒ–ๅœจ้กน็›ฎไธปๅ˜้‡ๆ–‡ไปถไธญ็ปŸไธ€ไฟฎๆ”นใ€‚ -2. ้ป˜่ฎคๆ•ฐๆฎๅบ“็ฎก็†ๅ‘˜ๅฏ†็ ๅˆๅง‹ๅŒ–่Œƒไพ‹๏ผˆ็จ‹ๅบๅทฒ็ป่‡ชๅŠจๅค„็†้šๆœบๅฏ†็ ่„šๆœฌไธŽๅ…ถservice็š„ๅ…ˆๅŽๅ…ณ็ณป๏ผ‰ - ``` - init_db: - mongodb: - admin: root - users: ["react"] - password: "123456" - - init_db: - mysql: - admin: root - users: ["wordpress","discuz"] - password: "123456" - - init_db: - postgresql: - admin: postgres - users: ["wordpress","discuz"] - password: "123456" - service_before: - service_after: php-fpm.service - - init_db: - postgresql: - admin: postgres - users: ["wordpress","discuz"] - password: "123456" - - init_db: - mysql: - admin: root - users: ["discuz"] - password: "123456" - config_paths: - - /data/wwwroot/discuz/upload/config/config_global_default.php - - init_db: - mysql: - admin: root - users: ["discuz"] - password: "123456" - config_paths: - - /data/wwwroot/discuz/upload/config/config_global_default.php - commands: - - sudo wp change -u default_account -p default_password to $new_password - - sudo systemctl restart xxxx - ``` -3. ้ป˜่ฎคๅบ”็”จ็ฎก็†ๅ‘˜ๅฏ†็ ๅˆๅง‹่Œƒไพ‹๏ผˆๆญคๆ–นๆกˆๅช้€‚็”จไบŽไฟฎๆ”นๆ–‡ไปถ๏ผ‰ - ``` - init_application: - wordpress: - username: admin - password: "123456" - service_before: - service_after: php-fpm.service - config_paths: - - /data/wwwroot/wordpress/wp-config.php - - /data/wwwroot/wordpress/wp-config2.php - commands: - - sudo wp change -u default_account -p default_password to $new_password - - sudo systemctl restart xxxx - - discuz: - username: admin - password: "123456" - service_before: - service_after: php-fpm.service - config_paths: - - /data/wwwroot/wordpress/wp-config.php - - /data/wwwroot/wordpress/wp-config3.php - commands: - - sudo wp change -u default_account -p default_password to $new_password - - sudo systemctl restart xxxx - - init_application: - grafana: - username: admin - password: "admin" - service_before: - service_after: grafana-server - commands: - - sudo grafana-cli admin reset-admin-password $new_password - ``` -4. ้ป˜่ฎคDockerๅบ”็”จ็ฎก็†ๅ‘˜ๅฏ†็ ๅˆๅง‹่Œƒไพ‹๏ผˆๆญคๆ–นๆกˆ้€‚็”จไบŽไฟฎๆ”นDocker็›ธๅ…ณ๏ผ‰ - ``` - init_docker: - pgadmin: - admin_username: user@domain.com - admin_password: "SuperSecret" - service_after: "docker.service" - compose_path: "/data/apps/pgadmin/docker-compose.yml" - compose_commands: - - sudo sed -i "s/SuperSecret/$new_password/g" /data/apps/pgadmin/docker-compose.yml - - init_docker: - seafile: - admin_username: me@example.com - admin_password: "admin123" - db: mysql - db_name: seafile_db - db_username: root - db_password: "123456" - service_after: "docker.service" - compose_path: "/data/docker-compose.yml" - compose_commands: - - 'sudo sed -i "s/MYSQL_ROOT_PASSWORD=.*/MYSQL_ROOT_PASSWORD=$new_password/g" /data/docker-compose.yml' - - 'sudo sed -i "s/DB_ROOT_PASSWD=.*/DB_ROOT_PASSWD=$new_password/g" /data/docker-compose.yml' - - 'sudo sed -i "s/SEAFILE_ADMIN_PASSWORD=.*/SEAFILE_ADMIN_PASSWORD=$new_password/g" /data/docker-compose.yml' - volumes: - - /opt/seafile-mysql - - /opt/seafile-data - commands: - - sudo sudo sh -c "cat /data/config/onlyoffice.conf 1>> /opt/seafile-data/seafile/conf/seahub_settings.py" - - sudo sed -i "s/seafile.example.com/$(curl ifconfig.me)/g" /opt/seafile-data/seafile/conf/seahub_settings.py - - sudo sed -i "s/seafile.example.com/$(curl ifconfig.me)/g" /opt/seafile-data/seafile/conf/ccnet.conf - - sudo docker restart seafile - ``` - -## Example - -``` -- name: MySQL - hosts: all - become: yes - become_method: sudo - vars_files: - - vars/main.yml - - roles: - - {role: role_common, tags: "role_common"} - - {role: role_cloud, tags: "role_cloud"} - - {role: role_mysql, tags: "role_mysql"} - - {role: role_docker, tags: "role_docker"} - - {role: role_docker_phpmyadmin, tags: "role_docker_phpmyadmin"} - - {role: role_init_password, tags: "role_init_password"} - - {role: role_end, tags: "role_end"} -``` - -## FAQ - -#### ้‡‡็”จๅ“ช็งๆ–นๅผๅฎž็Žฐๅผ€ๆœบ่ฟ่กŒไธ€ๆฌก๏ผŸ - -systemd - diff --git a/apps/roles/role_init/tasks/main.yml b/apps/roles/role_init/tasks/main.yml index febc472d..7dc0d8f2 100644 --- a/apps/roles/role_init/tasks/main.yml +++ b/apps/roles/role_init/tasks/main.yml @@ -1,15 +1,7 @@ -- block: - - name: Create credentials Folder - file: - path: /credentials - state: directory - - - name: Create a symbolic link of app - file: - src: "{{installpath}}/{{item}}/.env" - dest: "/credentials/{{item}}_password.txt" - state: link - loop: "{{applist.stdout_lines}}" +- name: Create credentials Folder + file: + path: /credentials + state: directory - name: Copy Init Script template: diff --git a/apps/roles/role_init/templates/init.sh.jinja2 b/apps/roles/role_init/templates/init.sh.jinja2 index 2803d346..8404dfbe 100644 --- a/apps/roles/role_init/templates/init.sh.jinja2 +++ b/apps/roles/role_init/templates/init.sh.jinja2 @@ -4,13 +4,49 @@ new_password=$(pwgen -ncCs 14 1)! sudo sleep 10s sudo sh -c 'echo "init-password started at" $(date -d now) 1>> /tmp/init_debug.txt' -#1 init for applist of .env {% for app_name in applist.stdout_lines %} + +#1 init for applist of .env sudo docker compose -f /data/apps/{{app_name}}/docker-compose.yml down -v -sudo sed -i "s/_PASSWORD=.*/_PASSWORD=$new_password/g" /data/apps/{{app_name}}/.env -sudo docker compose -f /data/apps/{{app_name}}/docker-compose.yml up -d --no-recreate -{% endfor %} + +# init password +sudo sed -i "s/POWER_PASSWORD=.*/POWER_PASSWORD=$new_password/g" /data/apps/{{app_name}}/.env +# has_app_encrypt +has_app_encrypt=$(cat /data/apps/{{app_name}}/.env |grep "APP_ENCRYPT_PASSWORD=") +if [ $has_app_encrypt != "" ]; then + echo "Encrypt password" 1>> /tmp/init_debug.txt + app_encrypt_password=$(bash /data/apps/{{app_name}}/src/encrypt.sh $new_password) + sudo sed -i "s/APP_ENCRYPT_PASSWORD=.*/APP_ENCRYPT_PASSWORD=$app_encrypt_password/g" /data/apps/{{app_name}}/.env +fi + +# change all the variables to real value,such as DB_MYSQL_PASSWORD=$APP_PASSWORD=>DB_MYSQL_PASSWORD=ues983ks9309023! +cd /data/apps/{{app_name}} +export $(cat .env) +envsubst < .env > temp +cat temp > .env +rm -f temp + +# init APP_URL +app_url_replace=$(cat /data/apps/{{app_name}}/.env |grep APP_URL_REPLACE) +if [ $app_url_replace == "APP_URL_REPLACE=true" ]; then + echo "Change APP_URL" 1>> /tmp/init_debug.txt + public_ip=`wget -O - https://download.websoft9.com/ansible/get_ip.sh | bash` + sudo sed -i "s/APP_URL=.*/APP_URL=$public_ip/g" /data/apps/{{app_name}}/.env +else + echo "There is not APP_URL" +fi + +# delete POWER_PASSWORD +sudo sed -i "s/POWER_PASSWORD=.*//g" /data/apps/{{app_name}}/.env +sudo docker compose -f /data/apps/{{app_name}}/docker-compose.yml up -d #2 init for applist of special +echo "Executing after_up.sh" 1>> /tmp/init_debug.txt +bash /data/apps/{{app_name}}/src/after_up.sh + +{% endfor %} + +# create password file for guests +cat /data/apps/{{appname}}/.env |grep 'DB_\|APP_' > /credentials/password.txt sudo sh -c 'echo "init docker ended at" $(date -d now) 1>> /tmp/init_debug.txt' diff --git a/apps/tasks/install.yml b/apps/tasks/install.yml index 9b6525c0..0f3e8e8f 100644 --- a/apps/tasks/install.yml +++ b/apps/tasks/install.yml @@ -4,8 +4,9 @@ - name: Git Clone app docker repository block: - - name: Delete {{app}} dir for sec_installation + - name: Delete {{app}} dir for Second installation shell: rm -rf {{installpath}}/{{app}} + - name: Clone {{app}} in Websoft9 git: repo: "https://github.com/Websoft9/docker-{{app}}.git" diff --git a/scripts/README.md b/scripts/README.md new file mode 100644 index 00000000..34a0939d --- /dev/null +++ b/scripts/README.md @@ -0,0 +1,28 @@ +# Scripts + +## install.sh + +install.sh ๆ˜ฏๆˆ‘ไปฌๆไพ›็š„ไธ€้”ฎๅฎ‰่ฃ…่„šๆœฌ๏ผŒ็”จไบŽ้ƒจ็ฝฒๅŸบไบŽAnsible็š„ๅบ”็”จ้กน็›ฎ + +``` +#ๅฎ‰่ฃ…้กน็›ฎ๏ผŒๅˆๅง‹ๅŒ– +wget -N https://raw.githubusercontent.com/Websoft9/ansible-linux/master/scripts/install.sh; bash install.sh -r magento -i 1 + + +#ๅฎ‰่ฃ…้กน็›ฎ๏ผŒไธๅˆๅง‹ๅŒ– +wget -N https://raw.githubusercontent.com/Websoft9/ansible-linux/master/scripts/install.sh; bash install.sh -r magento -i 0 ๆˆ– +wget -N https://raw.githubusercontent.com/Websoft9/ansible-linux/master/scripts/install.sh; bash install.sh -r magento +``` +install.sh ๆ”ฏๆŒไธคไธชๅ‚ๆ•ฐ๏ผš + +* -r ไปฃ่กจ้กน็›ฎๅ็งฐ๏ผŒไพ‹ๅฆ‚๏ผšmagento, lamp, lnmp, wordpress, joomla, gitlab ็ญ‰ +* -i ไปฃ่กจๆ˜ฏๅฆๅˆๅง‹ๅŒ–๏ผŒๆ”ฏๆŒ 0๏ผˆ้ป˜่ฎคๅ€ผ๏ผ‰ๅ’Œ1 ไธค็งๅ‚ๆ•ฐ + +## reset_mysql_password.sh + +1. ่ฏฅ่„šๆœฌ็›ฎๅ‰ๅช้€‚็”จไบŽCentOS7ไปฅไธŠ็š„็ณป็ปŸๅ’ŒMySQL5.6็‰ˆๆœฌ๏ผ› +2. ่ฏฅ่„šๆœฌๅŸบไบŽ https://github.com/EwigeveMicca/Mysql_ResetPasswd_Script ่ฟ›่กŒไฟฎๆ”น๏ผ› +3. ไฝฟ็”จๆ–นๆณ•๏ผš่ฟœ็จ‹่ฟžๆŽฅๅˆฐๆœๅŠกๅ™จ๏ผŒ่ฟ่กŒไธ€ไธ‹ๅ‘ฝไปค๏ผŒๆŒ‰ๆ็คบ่พ“ๅ…ฅๆ–ฐๅฏ†็ ๅณๅฏใ€‚ + ``` + sudo git clone https://github.com/Websoft9/linuxscript.git; cd linuxscript/Mysql_ResetPasswd_Script;sudo sh reset_mysql_password.sh + ``` diff --git a/scripts/enable_ssh_root.sh b/scripts/enable_ssh_root.sh new file mode 100644 index 00000000..2a021bcc --- /dev/null +++ b/scripts/enable_ssh_root.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +sudo sed -i 's/#PermitRootLogin yes/PermitRootLogin yes/' /etc/ssh/sshd_config +sudo systemctl restart sshd +sudo passwd root diff --git a/scripts/get_ip.sh b/scripts/get_ip.sh new file mode 100644 index 00000000..c508a60d --- /dev/null +++ b/scripts/get_ip.sh @@ -0,0 +1,41 @@ +#!/bin/bash +url_list=( + api.ipify.org + bot.whatismyipaddress.com + icanhazip.com + ifconfig.co + ident.me + ifconfig.me + icanhazip.com + ipecho.net/plain + ipinfo.io/ip + ip.sb + whatismyip.akamai.com + inet-ip.info +) + +curl_ip(){ + curl --connect-timeout 1 -m 2 $1 2>/dev/null + return $? +} + +debug(){ + for x in ${url_list[*]} + do + curl_ip $x + done +} + +print_ip(){ + for n in ${url_list[*]} + do + public_ip=`curl_ip $n` + check_ip=`echo $public_ip | awk -F"." '{print NF}'` + if [ ! -z "$public_ip" -a $check_ip -eq "4" ]; then + echo $public_ip + exit 0 + fi + done +} +#debug +print_ip diff --git a/scripts/install.sh b/scripts/install.sh new file mode 100644 index 00000000..00986dde --- /dev/null +++ b/scripts/install.sh @@ -0,0 +1,100 @@ +#!/bin/bash +export PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin +clear + +# Check if user is root +[ $(id -u) != "0" ] && { echo "Error: You must be root to run this script, please use 'sudo su -' command to change root"; exit 1; } + +version(){ + echo "version: 0.1" + echo "updated date: 2019-12-30" +} + +Show_Help(){ + version + echo "Usage: $0 command ...[parameters]... + --help, -h Show this help message + --version, -v Show version info + " +} + +# r:repository; i:init +while getopts ":r:"":i:" opt +do + case $opt in + r) + repo_name=$OPTARG;; + i) + repo_init=$OPTARG + ;; + ?) + echo "no repository" + exit 1;; + esac +done +echo $repo_name +echo $repo_init + +echo "Pre-installation is starting, please wait for 1-3 minutes..." + +# python2 -m pip == pip2 +# python3 -m pip == pip3 +# pip is already installed if you are using Python 2 >=2.7.9 or Python 3 >=3.4 +# OracleLinux need install oaclelinux-developer-release-e* oracle-nodejs-release-e* oracle-epel-release-e* in Image before this script + +if command -v yum > /dev/null; then + sudo yum clean all 1>/dev/null 2>&1 + sudo yum makecache 1>/dev/null 2>&1 + sudo yum install -y epel-release 1>/dev/null 2>&1 + + sudo yum install yum-utils git libselinux-python git python python3 git -y 1>/dev/null 2>&1 + sudo yum install python-pip -y 1>/dev/null 2>&1 + sudo yum install python2-pip -y 1>/dev/null 2>&1 + sudo yum install python3-pip -y 1>/dev/null 2>&1 + sudo python3 -m pip install -U --force-reinstall requests docker 1>/dev/null 2>&1 + if command -v amazon-linux-extras > /dev/null; then + echo "amazon-linux-extras install ansible2" + sudo amazon-linux-extras install ansible2 + else + echo "yum install ansible" + sudo yum install ansible sshpass -y 1>/dev/null 2>&1 + fi +fi + +if command -v apt > /dev/null; then + sudo apt-get update 1>/dev/null 2>&1 + sudo apt-get install git python python3 git -y 1>/dev/null 2>&1 + sudo apt-get install python-pip -y 1>/dev/null 2>&1 + sudo apt-get install python2-pip -y 1>/dev/null 2>&1 + sudo apt-get install python3-pip -y 1>/dev/null 2>&1 + if [[ $(cat /etc/os-release |grep VERSION_CODENAME |cut -d= -f2) == xenial ]];then + curl -fsSL -o- https://bootstrap.pypa.io/pip/3.5/get-pip.py | python3.5 + fi + sudo python3 -m pip install -U --force-reinstall requests docker 1>/dev/null 2>&1 + sudo apt-get update 1>/dev/null 2>&1 + sudo apt install software-properties-common -y 1>/dev/null 2>&1 + if [[ $(cat /etc/os-release |grep VERSION_CODENAME |cut -d= -f2) == focal ]];then + curl https://bootstrap.pypa.io/pip/2.7/get-pip.py -o /tmp/get-pip.py 1>/dev/null 2>&1 + python2 /tmp/get-pip.py 1>/dev/null 2>&1 + elif [[ $(cat /etc/os-release |grep VERSION_CODENAME |cut -d= -f2) == bionic ]];then + sudo apt-add-repository --yes --update ppa:ansible/ansible + fi + sudo apt install ansible sshpass -y +fi +sudo python3 -m pip install --upgrade pip +sudo python2 -m pip -V +sudo python3 -m pip -V +sudo echo "Pre-installation has beend completed" + +if [[ $repo_name != "" ]] +then +sudo rm -rf /tmp/ansible-$repo_name +cd /tmp +sudo git clone https://github.com/Websoft9/ansible-$repo_name.git +cd /tmp/ansible-$repo_name +ansible-galaxy install -r requirements.yml -f +sudo touch /tmp/ansible-$repo_name/hosts +sudo echo "localhost" > /tmp/ansible-$repo_name/hosts +ansible-playbook -i hosts $repo_name.yml -c local -e init=$repo_init +echo "System must restart after 2s, then installation completed"; sleep 2 ; sudo reboot +fi diff --git a/scripts/reset_mysql57_password.sh b/scripts/reset_mysql57_password.sh new file mode 100644 index 00000000..582bde93 --- /dev/null +++ b/scripts/reset_mysql57_password.sh @@ -0,0 +1,52 @@ +#!/bin/bash +PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin +export PATH + +# Check if user is root +if [ $(id -u) != "0" ]; then +echo -e "โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€” +[ERROR] It is detected that you do not use root permissions to execute the script. +Please use the root account to log in to SSH to run this script +โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”" +exit + +fi + +clear +echo -e "โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€” +Please enter the MySQL password you need to set up +Tip: do not enter a blank password. +โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”" + +mysql_root_password="" +read -p "(Please enter the MySQL password you need to set up):" mysql_root_password +if [ "$mysql_root_password" = "" ]; then +echo "[ERROR] Please do not enter blank password\n" +exit 1 +fi +printf "stop MySQL service......\n" +systemctl stop mysqld +printf "Setting the MySQL permissions table\n" +/usr/bin/mysqld_safe --skip-grant-tables >/dev/null 2>&1 & +printf "The permissions table is being refreshed and the password is reset\n" +sleep 10 +/usr/bin/mysql -u root mysql << EOF +update user set password = Password('$mysql_root_password') where User = 'root'; +EOF + +reset_status=`echo $?` +if [ $reset_status = "0" ]; then +printf "The MySQL password has been set up successfully. Now restore the MySQL permissions table\n" +killall mysqld +sleep 10 +printf "The MySQL service is being restarted\n" +systemctl start mysqld +echo -e "โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€” +The MySQL password has been reset. +\033[33m $mysql_root_password \033[0m +โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”" +else +echo -e "โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€” +[ERROR] Unable to reset the MySQL password. +โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”" +fi diff --git a/scripts/reset_mysql_password.sh b/scripts/reset_mysql_password.sh new file mode 100644 index 00000000..582bde93 --- /dev/null +++ b/scripts/reset_mysql_password.sh @@ -0,0 +1,52 @@ +#!/bin/bash +PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin +export PATH + +# Check if user is root +if [ $(id -u) != "0" ]; then +echo -e "โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€” +[ERROR] It is detected that you do not use root permissions to execute the script. +Please use the root account to log in to SSH to run this script +โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”" +exit + +fi + +clear +echo -e "โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€” +Please enter the MySQL password you need to set up +Tip: do not enter a blank password. +โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”" + +mysql_root_password="" +read -p "(Please enter the MySQL password you need to set up):" mysql_root_password +if [ "$mysql_root_password" = "" ]; then +echo "[ERROR] Please do not enter blank password\n" +exit 1 +fi +printf "stop MySQL service......\n" +systemctl stop mysqld +printf "Setting the MySQL permissions table\n" +/usr/bin/mysqld_safe --skip-grant-tables >/dev/null 2>&1 & +printf "The permissions table is being refreshed and the password is reset\n" +sleep 10 +/usr/bin/mysql -u root mysql << EOF +update user set password = Password('$mysql_root_password') where User = 'root'; +EOF + +reset_status=`echo $?` +if [ $reset_status = "0" ]; then +printf "The MySQL password has been set up successfully. Now restore the MySQL permissions table\n" +killall mysqld +sleep 10 +printf "The MySQL service is being restarted\n" +systemctl start mysqld +echo -e "โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€” +The MySQL password has been reset. +\033[33m $mysql_root_password \033[0m +โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”" +else +echo -e "โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€” +[ERROR] Unable to reset the MySQL password. +โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”โ€”" +fi