#!/bin/bash MY_PID=$$ perror() { echo "$@" >> /root/init.log [ "$MY_PID" != "$$" ] && kill "$MY_PID" if ! grep -q "rclocal_script.sh has thrown an error" /etc/motd; then cat <<-EOF >> /etc/motd WARNING! rclocal_script.sh has thrown an error! Please read /root/init.log and take appropriate measures! This server may not work correctly! EOF fi exit 5 } echo "$(basename $0) gestartet: $(date "+%Y-%m-%d %H:%m:%S")" >> /root/init.log [ -r "/root/installer/config" ] || perror "Installationsfehler: Keine firstrun-config gefunden!" source "/root/installer/config" || { echo "Fehler beim Sourcen der firstrun-config." >> /root/init.log; exit 1; } [ -z "$MYSQL_ROOT_PASS" ] && perror "Installationsfehler: WARNUNG: Aktuelles MySQL-root-Passwort nicht bekannt!" generate_password() { tr -dc _A-Za-z0-9 < /dev/urandom | head -c 16 } patchfiles() { # ... # Warning: does not escape! FIND=$1 REPLACE=$2 shift 2 while [ $# -gt 0 ]; do sed -i "s/${FIND}/${REPLACE}/g" "$1" shift done } echo -n "Lösche alte ssh-Schlüssel ..." >> /root/init.log rm -f /etc/ssh/ssh_host_*key* 2>/dev/null echo " done." echo -n "Generating new ssh keys..." >> /root/init.log ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N "" -t rsa -q ssh-keygen -f /etc/ssh/ssh_host_dsa_key -N "" -t dsa -q ssh-keygen -f /etc/ssh/ssh_host_ecdsa_key -N "" -t ecdsa -q echo "... done." >> /root/init.log export LANG=de_DE.UTF-8 echo "Generiere intern genutzte Passwörter (z.B. MySQL-Zugänge) neu ..." >> /root/init.log umask 0077 MYSQL_ROOT_NEW=$(generate_password) mysqladmin -u root -p"${MYSQL_ROOT_PASS}" password "${MYSQL_ROOT_NEW}" || perror "Neusetzen des root-MySQL-Passworts fehlgeschlagen" # Just in case... sed -i "s/^MYSQL_ROOT_PASS=.*\$/MYSQL_ROOT_PASS=${MYSQL_ROOT_NEW}/g" "/root/installer/config" MYSQL_SAT_NEW=$(generate_password) echo "SET PASSWORD FOR 'sat'@'localhost' = PASSWORD('$MYSQL_SAT_NEW');" | mysql -u root -p"${MYSQL_ROOT_NEW}" || perror "Neusetzen des sat-MySQL-Passworts fehlgeschlagen." MYSQL_OPENSLX_NEW=$(generate_password) echo "SET PASSWORD FOR 'openslx'@'localhost' = PASSWORD('$MYSQL_OPENSLX_NEW');" | mysql -u root -p"${MYSQL_ROOT_NEW}" || perror "Neusetzen des openslx-MySQL-Passworts fehlgeschlagen." # Debian 9 (stretch) does not seem to have a debian-sys-maint user anymore. MYSQL_SYSMAINT_NEW=$(generate_password) if grep -q debian-sys-maint /etc/mysql/debian.cnf; then echo "SET PASSWORD FOR 'debian-sys-maint'@'localhost' = PASSWORD('$MYSQL_SYSMAINT_NEW');" | mysql -u root -p"${MYSQL_ROOT_NEW}" || perror "Neusetzen des debian-sys-maint-Passworts fehlgeschlagen." # Patching debian-sys-maint password into /etc/mysql/debian.cnf: patchfiles 'password *=.*$' "password = $MYSQL_SYSMAINT_NEW" "/etc/mysql/debian.cnf" fi # Store mysql root pass in root's home echo "$MYSQL_ROOT_NEW" > /root/mysqlpass chmod 600 /root/mysqlpass echo -n "Konfigurationsdateien werden aktualisiert..." >> /root/init.log # sat mysql pass # Patch dmsd patchfiles "%MYSQL_SAT_PASS%" "$MYSQL_SAT_NEW" "$DMSDDIR/config.properties" # openslx mysql pass # Patching openslx-mysql-userpass into slx-admin config: patchfiles "%MYSQL_OPENSLX_PASS%" "$MYSQL_OPENSLX_NEW" "$WWWDIR/slx-admin/config.php" echo " ok." >> /root/init.log echo "Dienste werden aktiviert..." >> /root/init.log # Enable bwLehrpool related services for i in dmsd.service taskmanager.service; do systemctl enable $i [ $? -ne 0 ] && echo "Warnung - konnte systemd-Service $i nicht aktivieren!" >> /root/init.log systemctl start $i done # Write MOTD cat > /etc/motd < /etc/sat_version sed -i "/rclocal_script.sh/d" /etc/rc.local unlink "/root/installer/config" 2>/dev/null unlink "/root/installer/rclocal_script.sh" 2>/dev/null mv /etc/rc.local.sik /etc/rc.local exit 0