mirror of
https://git.koehlerweb.org/frodovdr/guac-install
synced 2025-12-28 10:27:36 +01:00
4ce4410dec
I don't have time to test all of this lol but it appears to be in order...and much appreciated.
561 lines
18 KiB
Bash
Executable File
561 lines
18 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# Check if user is root or sudo
|
|
if ! [ $(id -u) = 0 ]; then echo "Please run this script as sudo or root"; exit 1 ; fi
|
|
|
|
# Version number of Guacamole to install
|
|
GUACVERSION="1.1.0"
|
|
|
|
# Latest Version of MySQL Connector/J if manuall install is required
|
|
# Manuall install is required if libmysql-java is not available via apt
|
|
MCJVER="8.0.19"
|
|
|
|
# Colors to use for output
|
|
YELLOW='\033[1;33m'
|
|
BLUE='\033[0;34m'
|
|
RED='\033[0;31m'
|
|
GREEN='\033[0;32m'
|
|
CYAN='\033[0;36m'
|
|
NC='\033[0m' # No Color
|
|
|
|
# Log Location
|
|
LOG="/tmp/guacamole_${GUACVERSION}_build.log"
|
|
|
|
# Initialize variable values
|
|
installTOTP=""
|
|
installDuo=""
|
|
installMySQL=""
|
|
mysqlHost=""
|
|
mysqlPort=""
|
|
mysqlRootPwd=""
|
|
guacDb=""
|
|
guacUser=""
|
|
guacPwd=""
|
|
PROMPT=""
|
|
MYSQL=""
|
|
|
|
# Get script arguments for non-interactive mode
|
|
while [ "$1" != "" ]; do
|
|
case $1 in
|
|
# Install MySQL selection
|
|
-i | --installmysql )
|
|
installMySQL=true
|
|
;;
|
|
-n | --nomysql )
|
|
installMySQL=false
|
|
;;
|
|
|
|
# MySQL server/root information
|
|
-h | --mysqlhost )
|
|
shift
|
|
mysqlHost="$1"
|
|
;;
|
|
-p | --mysqlport )
|
|
shift
|
|
mysqlPort="$1"
|
|
;;
|
|
-r | --mysqlpwd )
|
|
shift
|
|
mysqlRootPwd="$1"
|
|
;;
|
|
|
|
# Guac database/user information
|
|
-db | --guacdb )
|
|
shift
|
|
guacDb="$1"
|
|
;;
|
|
-gu | --guacuser )
|
|
shift
|
|
guacUser="$1"
|
|
;;
|
|
-gp | --guacpwd )
|
|
shift
|
|
guacpwd="$1"
|
|
;;
|
|
|
|
# MFA selection
|
|
-t | --totp )
|
|
installTOTP=true
|
|
;;
|
|
-d | --duo )
|
|
installDuo=true
|
|
esac
|
|
shift
|
|
done
|
|
|
|
if [[ -z "$installTOTP" ]] && [[ "$installDuo" != true ]]; then
|
|
# Prompt the user if they would like to install TOTP MFA, default of no
|
|
echo -e -n "${CYAN}MFA: Would you like to install TOTP? (y/N): ${NC}"
|
|
read PROMPT
|
|
if [[ $PROMPT =~ ^[Yy]$ ]]; then
|
|
installTOTP=true
|
|
installDuo=false
|
|
else
|
|
installTOTP=false
|
|
fi
|
|
fi
|
|
|
|
if [[ -z "$installDuo" ]] && [[ "$installTOTP" != true ]]; then
|
|
# Prompt the user if they would like to install Duo MFA, default of no
|
|
echo -e -n "${CYAN}MFA: Would you like to install Duo (configuration values must be set after install in /etc/guacamole/guacamole.properties)? (y/N): ${NC}"
|
|
read PROMPT
|
|
if [[ $PROMPT =~ ^[Yy]$ ]]; then
|
|
installDuo=true
|
|
installTOTP=false
|
|
else
|
|
installDuo=false
|
|
fi
|
|
fi
|
|
|
|
# We can't install TOTP and Duo at the same time...
|
|
if [[ "$installTOTP" = true ]] && [ "$installDuo" = true ]; then
|
|
echo -e "${RED}MFA: The script does not support installing TOTP and Duo at the same time.${NC}"
|
|
exit 1
|
|
fi
|
|
echo
|
|
|
|
if [[ -z $installMySQL ]]; then
|
|
# Prompt the user to see if they would like to install MySQL, default of yes
|
|
echo "MySQL is required for installation, if you're using a remote MySQL Server select 'n'"
|
|
echo -e -n "${CYAN}Would you like to install MySQL? (Y/n): ${NC}"
|
|
read PROMPT
|
|
if [[ $PROMPT =~ ^[Nn]$ ]]; then
|
|
installMySQL=false
|
|
else
|
|
installMySQL=true
|
|
fi
|
|
fi
|
|
|
|
if [ "$installMySQL" = false ]; then
|
|
# We need to get additional values
|
|
read -p "Enter MySQL server hostname or IP: " mysqlHost
|
|
read -p "Enter MySQL server port [3306]: " mysqlPort
|
|
read -p "Enter Guacamole database name [guacamole_db]: " guacDb
|
|
read -p "Enter Guacamole user [guacamole_user]: " guacUser
|
|
fi
|
|
|
|
# Checking if mysql host given
|
|
if [ -z "$mysqlHost" ]; then
|
|
mysqlHost="localhost"
|
|
fi
|
|
|
|
# Checking if mysql port given
|
|
if [ -z "$mysqlPort" ]; then
|
|
mysqlPort="3306"
|
|
fi
|
|
|
|
# Checking if mysql user given
|
|
if [ -z "$guacUser" ]; then
|
|
guacUser="guacamole_user"
|
|
fi
|
|
|
|
# Checking if database name given
|
|
if [ -z "$guacDb" ]; then
|
|
guacDb="guacamole_db"
|
|
fi
|
|
|
|
# Get MySQL "Root" and "Guacamole User" password
|
|
while true; do
|
|
echo
|
|
read -s -p "Enter ${mysqlHost}'s MySQL root password: " mysqlRootPwd
|
|
echo
|
|
read -s -p "Confirm ${mysqlHost}'s MySQL root password: " PROMPT2
|
|
echo
|
|
[ "$mysqlRootPwd" = "$PROMPT2" ] && break
|
|
echo "Passwords don't match. Please try again."
|
|
done
|
|
echo
|
|
|
|
while true; do
|
|
echo -e "${BLUE}A new MySQL user will be created (${guacUser})${NC}"
|
|
read -s -p "Enter ${mysqlHost}'s MySQL guacamole user password: " guacPwd
|
|
echo
|
|
read -s -p "Confirm ${mysqlHost}'s MySQL guacamole user password: " PROMPT2
|
|
echo
|
|
[ "$guacPwd" = "$PROMPT2" ] && break
|
|
echo "Passwords don't match. Please try again."
|
|
echo
|
|
done
|
|
echo
|
|
|
|
if [ "$installMySQL" = true ]; then
|
|
# Seed MySQL install values
|
|
debconf-set-selections <<< "mysql-server mysql-server/root_password password $mysqlRootPwd"
|
|
debconf-set-selections <<< "mysql-server mysql-server/root_password_again password $mysqlRootPwd"
|
|
fi
|
|
|
|
# Different version of Ubuntu and Debian have different package names...
|
|
source /etc/os-release
|
|
if [[ "${NAME}" == "Ubuntu" ]]; then
|
|
# Ubuntu > 18.04 does not include universe repo by default
|
|
# Add the "Universe" repo, don't update
|
|
add-apt-repository -yn universe
|
|
# Set package names depending on version
|
|
JPEGTURBO="libjpeg-turbo8-dev"
|
|
if [[ "${VERSION_ID}" == "16.04" ]]; then
|
|
LIBPNG="libpng12-dev"
|
|
else
|
|
LIBPNG="libpng-dev"
|
|
fi
|
|
if [ "$installMySQL" = true ]; then
|
|
MYSQL="mysql-server mysql-client mysql-common mysql-utilities"
|
|
# Checking if (any kind of) mysql-client or compatible command installed. This is useful for existing mariadb server
|
|
elif [ -x "$(command -v mysql)" ]; then
|
|
MYSQL=""
|
|
else
|
|
MYSQL="mysql-client"
|
|
fi
|
|
elif [[ "${NAME}" == *"Debian"* ]] || [[ "${NAME}" == *"Raspbian GNU/Linux"* ]] || [[ "${NAME}" == *"Kali GNU/Linux"* ]]; then
|
|
JPEGTURBO="libjpeg62-turbo-dev"
|
|
if [[ "${PRETTY_NAME}" == *"stretch"* ]] || [[ "${PRETTY_NAME}" == *"buster"* ]] || [[ "${PRETTY_NAME}" == *"Kali GNU/Linux Rolling"* ]]; then
|
|
LIBPNG="libpng-dev"
|
|
else
|
|
LIBPNG="libpng12-dev"
|
|
fi
|
|
if [ "$installMySQL" = true ]; then
|
|
MYSQL="default-mysql-server default-mysql-client mysql-common"
|
|
# Checking if (any kind of) mysql-client or compatible command installed. This is useful for existing mariadb server
|
|
elif [ -x "$(command -v mysql)" ]; then
|
|
MYSQL=""
|
|
else
|
|
MYSQL="default-mysql-client"
|
|
fi
|
|
else
|
|
echo "Unsupported Distro - Ubuntu, Debian, Kali or Raspbian Only"
|
|
exit 1
|
|
fi
|
|
|
|
# Update apt so we can search apt-cache for newest tomcat version supported & libmysql-java
|
|
echo -e "${BLUE}Updating apt...${NC}"
|
|
apt-get -qq update
|
|
|
|
# Check if libmysql-java is available
|
|
if [[ $(apt-cache show libmysql-java 2> /dev/null | egrep "Version:" | wc -l) -gt 0 ]]; then
|
|
LIBJAVA="libmysql-java"
|
|
else
|
|
LIBJAVA=""
|
|
echo -e "${YELLOW}libmysql-java not available. Will download ${MCJVER} and install manually${NC}"
|
|
fi
|
|
echo
|
|
|
|
# tomcat9 is the latest version
|
|
# tomcat8.0 is end of life, but tomcat8.5 is current
|
|
# fallback is tomcat7
|
|
if [[ $(apt-cache show tomcat9 2> /dev/null | egrep "Version: 9" | wc -l) -gt 0 ]]; then
|
|
TOMCAT="tomcat9"
|
|
elif [[ $(apt-cache show tomcat8 2> /dev/null | egrep "Version: 8.[5-9]" | wc -l) -gt 0 ]]; then
|
|
TOMCAT="tomcat8"
|
|
else
|
|
TOMCAT="tomcat7"
|
|
fi
|
|
|
|
# Uncomment to manually force a tomcat version
|
|
#TOMCAT=""
|
|
|
|
# Install features
|
|
echo -e "${BLUE}Installing packages. This might take a few minutes...${NC}"
|
|
|
|
# Don't prompt during install
|
|
export DEBIAN_FRONTEND=noninteractive
|
|
|
|
# Required packages
|
|
apt-get -y install build-essential libcairo2-dev ${JPEGTURBO} ${LIBPNG} libossp-uuid-dev libavcodec-dev libavutil-dev \
|
|
libswscale-dev freerdp2-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libpulse-dev libssl-dev \
|
|
libvorbis-dev libwebp-dev libwebsockets-dev wget \
|
|
freerdp2-x11 libtool-bin ghostscript dpkg-dev \
|
|
${MYSQL} ${LIBJAVA} ${TOMCAT} &>> ${LOG}
|
|
|
|
# If apt fails to run completely the rest of this isn't going to work...
|
|
if [ $? -ne 0 ]; then
|
|
echo -e "${RED}Failed. See ${LOG}${NC}"
|
|
exit 1
|
|
else
|
|
echo -e "${GREEN}OK${NC}"
|
|
fi
|
|
|
|
# Set SERVER to be the preferred download server from the Apache CDN
|
|
SERVER="http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/${GUACVERSION}"
|
|
echo -e "${BLUE}Downloading files...${NC}"
|
|
|
|
# Download Guacamole Server
|
|
wget -q --show-progress -O guacamole-server-${GUACVERSION}.tar.gz ${SERVER}/source/guacamole-server-${GUACVERSION}.tar.gz
|
|
if [ $? -ne 0 ]; then
|
|
echo -e "${RED}Failed to download guacamole-server-${GUACVERSION}.tar.gz"
|
|
echo -e "${SERVER}/source/guacamole-server-${GUACVERSION}.tar.gz${NC}"
|
|
exit 1
|
|
else
|
|
# Extract Guacamole Files
|
|
tar -xzf guacamole-server-${GUACVERSION}.tar.gz
|
|
fi
|
|
echo -e "${GREEN}Downloaded guacamole-server-${GUACVERSION}.tar.gz${NC}"
|
|
|
|
# Download Guacamole Client
|
|
wget -q --show-progress -O guacamole-${GUACVERSION}.war ${SERVER}/binary/guacamole-${GUACVERSION}.war
|
|
if [ $? -ne 0 ]; then
|
|
echo -e "${RED}Failed to download guacamole-${GUACVERSION}.war"
|
|
echo -e "${SERVER}/binary/guacamole-${GUACVERSION}.war${NC}"
|
|
exit 1
|
|
fi
|
|
echo -e "${GREEN}Downloaded guacamole-${GUACVERSION}.war${NC}"
|
|
|
|
# Download Guacamole authentication extensions (Database)
|
|
wget -q --show-progress -O guacamole-auth-jdbc-${GUACVERSION}.tar.gz ${SERVER}/binary/guacamole-auth-jdbc-${GUACVERSION}.tar.gz
|
|
if [ $? -ne 0 ]; then
|
|
echo -e "${RED}Failed to download guacamole-auth-jdbc-${GUACVERSION}.tar.gz"
|
|
echo -e "${SERVER}/binary/guacamole-auth-jdbc-${GUACVERSION}.tar.gz"
|
|
exit 1
|
|
else
|
|
tar -xzf guacamole-auth-jdbc-${GUACVERSION}.tar.gz
|
|
fi
|
|
echo -e "${GREEN}Downloaded guacamole-auth-jdbc-${GUACVERSION}.tar.gz${NC}"
|
|
|
|
# Download Guacamole authentication extensions
|
|
|
|
# TOTP
|
|
if [ "$installTOTP" = true ]; then
|
|
wget -q --show-progress -O guacamole-auth-totp-${GUACVERSION}.tar.gz ${SERVER}/binary/guacamole-auth-totp-${GUACVERSION}.tar.gz
|
|
if [ $? -ne 0 ]; then
|
|
echo -e "${RED}Failed to download guacamole-auth-totp-${GUACVERSION}.tar.gz"
|
|
echo -e "${SERVER}/binary/guacamole-auth-totp-${GUACVERSION}.tar.gz"
|
|
exit 1
|
|
else
|
|
tar -xzf guacamole-auth-totp-${GUACVERSION}.tar.gz
|
|
fi
|
|
echo -e "${GREEN}Downloaded guacamole-auth-totp-${GUACVERSION}.tar.gz${NC}"
|
|
fi
|
|
|
|
# Duo
|
|
if [ "$installDuo" = true ]; then
|
|
wget -q --show-progress -O guacamole-auth-duo-${GUACVERSION}.tar.gz ${SERVER}/binary/guacamole-auth-duo-${GUACVERSION}.tar.gz
|
|
if [ $? -ne 0 ]; then
|
|
echo -e "${RED}Failed to download guacamole-auth-duo-${GUACVERSION}.tar.gz"
|
|
echo -e "${SERVER}/binary/guacamole-auth-duo-${GUACVERSION}.tar.gz"
|
|
exit 1
|
|
else
|
|
tar -xzf guacamole-auth-duo-${GUACVERSION}.tar.gz
|
|
fi
|
|
echo -e "${GREEN}Downloaded guacamole-auth-duo-${GUACVERSION}.tar.gz${NC}"
|
|
fi
|
|
|
|
# Deal with Missing MySQL Connector/J
|
|
if [[ -z $JAVALIB ]]; then
|
|
# Download MySQL Connector/J
|
|
wget -q --show-progress -O mysql-connector-java-${MCJVER}.tar.gz https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-java-${MCJVER}.tar.gz
|
|
if [ $? -ne 0 ]; then
|
|
echo -e "${RED}Failed to download mysql-connector-java-${MCJVER}.tar.gz"
|
|
echo -e "https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-java-${MCJVER}.tar.gz${NC}"
|
|
exit 1
|
|
else
|
|
tar -xzf mysql-connector-java-${MCJVER}.tar.gz
|
|
fi
|
|
echo -e "${GREEN}Downloaded mysql-connector-java-${MCJVER}.tar.gz${NC}"
|
|
fi
|
|
echo -e "${GREEN}Downloading complete.${NC}"
|
|
echo
|
|
|
|
# Make directories
|
|
rm -rf /etc/guacamole/extensions
|
|
mkdir -p /etc/guacamole/lib
|
|
mkdir -p /etc/guacamole/extensions
|
|
|
|
# Install guacd (Guacamole-server)
|
|
cd guacamole-server-${GUACVERSION}
|
|
|
|
echo -e "${BLUE}Building Guacamole-Server with GCC $(gcc --version | head -n1 | grep -oP '\)\K.*' | awk '{print $1}') ${NC}"
|
|
|
|
echo -e "${BLUE}Configuring Guacamole-Server. This might take a minute...${NC}"
|
|
./configure --with-init-dir=/etc/init.d &>> ${LOG}
|
|
if [ $? -ne 0 ]; then
|
|
echo -e "${RED}Failed. See ${LOG}${NC}"
|
|
exit 1
|
|
else
|
|
echo -e "${GREEN}OK${NC}"
|
|
fi
|
|
|
|
echo -e "${BLUE}Running Make on Guacamole-Server. This might take a few minutes...${NC}"
|
|
make &>> ${LOG}
|
|
if [ $? -ne 0 ]; then
|
|
echo -e "${RED}Failed. See ${LOG}${NC}"
|
|
exit 1
|
|
else
|
|
echo -e "${GREEN}OK${NC}"
|
|
fi
|
|
|
|
echo -e "${BLUE}Running Make Install on Guacamole-Server...${NC}"
|
|
make install &>> ${LOG}
|
|
if [ $? -ne 0 ]; then
|
|
echo -e "${RED}Failed. See ${LOG}${NC}"
|
|
exit 1
|
|
else
|
|
echo -e "${GREEN}OK${NC}"
|
|
fi
|
|
ldconfig
|
|
echo
|
|
|
|
# Move files to correct locations (guacamole-client & Guacamole authentication extensions)
|
|
cd ..
|
|
mv guacamole-${GUACVERSION}.war /etc/guacamole/guacamole.war
|
|
mv guacamole-auth-jdbc-${GUACVERSION}/mysql/guacamole-auth-jdbc-mysql-${GUACVERSION}.jar /etc/guacamole/extensions/
|
|
|
|
# Create Symbolic Link for Tomcat
|
|
ln -sf /etc/guacamole/guacamole.war /var/lib/${TOMCAT}/webapps/
|
|
|
|
# Deal with MySQL Connector/J
|
|
if [[ -z $JAVALIB ]]; then
|
|
mv mysql-connector-java-${MCJVER}/mysql-connector-java-${MCJVER}.jar /etc/guacamole/lib/mysql-connector-java.jar
|
|
else
|
|
ln -s /usr/share/java/mysql-connector-java.jar /etc/guacamole/lib/
|
|
fi
|
|
|
|
# Move TOTP Files
|
|
if [ "$installTOTP" = true ]; then
|
|
mv guacamole-auth-totp-${GUACVERSION}/guacamole-auth-totp-${GUACVERSION}.jar /etc/guacamole/extensions/
|
|
fi
|
|
|
|
# Move Duo Files
|
|
if [ "$installDuo" = true ]; then
|
|
mv guacamole-auth-duo-${GUACVERSION}/guacamole-auth-duo-${GUACVERSION}.jar /etc/guacamole/extensions/
|
|
fi
|
|
|
|
# Configure guacamole.properties
|
|
rm -f /etc/guacamole/guacamole.properties
|
|
touch /etc/guacamole/guacamole.properties
|
|
echo "mysql-hostname: ${mysqlHost}" >> /etc/guacamole/guacamole.properties
|
|
echo "mysql-port: ${mysqlPort}" >> /etc/guacamole/guacamole.properties
|
|
echo "mysql-database: ${guacDb}" >> /etc/guacamole/guacamole.properties
|
|
echo "mysql-username: ${guacUser}" >> /etc/guacamole/guacamole.properties
|
|
echo "mysql-password: ${guacPwd}" >> /etc/guacamole/guacamole.properties
|
|
|
|
# Output Duo configuration settings but comment them out for now
|
|
if [ "$installDuo" = true ]; then
|
|
echo "# duo-api-hostname: " >> /etc/guacamole/guacamole.properties
|
|
echo "# duo-integration-key: " >> /etc/guacamole/guacamole.properties
|
|
echo "# duo-secret-key: " >> /etc/guacamole/guacamole.properties
|
|
echo "# duo-application-key: " >> /etc/guacamole/guacamole.properties
|
|
echo -e "${YELLOW}Duo is installed, it will need to be configured via guacamole.properties${NC}"
|
|
fi
|
|
|
|
# restart tomcat
|
|
echo -e "${BLUE}Restarting tomcat service & enable at boot...${NC}"
|
|
service ${TOMCAT} restart
|
|
if [ $? -ne 0 ]; then
|
|
echo -e "${RED}Failed${NC}"
|
|
exit 1
|
|
else
|
|
echo -e "${GREEN}OK${NC}"
|
|
fi
|
|
# Start at boot
|
|
systemctl enable ${TOMCAT}
|
|
echo
|
|
|
|
if [ "$installMySQL" = true ]; then
|
|
# restart mysql
|
|
echo -e "${BLUE}Restarting MySQL service & enable at boot...${NC}"
|
|
service mysql restart
|
|
if [ $? -ne 0 ]; then
|
|
echo -e "${RED}Failed${NC}"
|
|
exit 1
|
|
else
|
|
echo -e "${GREEN}OK${NC}"
|
|
fi
|
|
# Start at boot
|
|
systemctl enable mysql
|
|
echo
|
|
fi
|
|
|
|
|
|
# restart mysql
|
|
echo -e "${BLUE}Restarting mysql...${NC}"
|
|
|
|
service mysql restart
|
|
if [ $? -ne 0 ]; then
|
|
echo -e "${RED}Failed${NC}"
|
|
exit 1
|
|
else
|
|
echo -e "${GREEN}OK${NC}"
|
|
fi
|
|
|
|
# Create $guacDb and grant $guacUser permissions to it
|
|
|
|
# SQL code
|
|
guacUserHost="localhost"
|
|
|
|
if [[ "$mysqlHost" != "localhost" ]]; then
|
|
guacUserHost="%"
|
|
echo -e "${YELLOW}MySQL Guacamole user is set to accept login from any host, please change this for security reasons if possible.${NC}"
|
|
fi
|
|
|
|
# Set MySQL password
|
|
export MYSQL_PWD=${mysqlRootPwd}
|
|
|
|
# Check for $guacDb already being there
|
|
echo -e "${BLUE}Checking MySQL for existing database (${guacDb})${NC}"
|
|
SQLCODE="
|
|
SELECT SCHEMA_NAME FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME='${guacDb}';"
|
|
|
|
# Execute SQL code
|
|
MYSQL_RESULT=$( echo ${SQLCODE} | mysql -u root -D information_schema -h ${mysqlHost} -P ${mysqlPort} )
|
|
if [[ $MYSQL_RESULT != "" ]]; then
|
|
echo -e "${RED}It appears there is already a MySQL database (${guacDb}) on ${mysqlHost}${NC}"
|
|
echo -e "${RED}Try: mysql -e 'drop database ${guacDb}'${NC}"
|
|
exit 1
|
|
else
|
|
echo -e "${GREEN}OK${NC}"
|
|
fi
|
|
|
|
# Check for $guacUser already being there
|
|
echo -e "${BLUE}Checking MySQL for existing user (${guacUser})${NC}"
|
|
SQLCODE="
|
|
SELECT COUNT(*) FROM mysql.user WHERE user = '${guacUser}';"
|
|
|
|
# Execute SQL code
|
|
MYSQL_RESULT=$( echo ${SQLCODE} | mysql -u root -h ${mysqlHost} -P ${mysqlPort} | grep '0' )
|
|
if [[ $MYSQL_RESULT == "" ]]; then
|
|
echo -e "${RED}It appears there is already a MySQL user (${guacUser}) on ${mysqlHost}${NC}"
|
|
echo -e "${RED}Try: mysql -e \"DROP USER '${guacUser}'@'${guacUserHost}';\"${NC}"
|
|
exit 1
|
|
else
|
|
echo -e "${GREEN}OK${NC}"
|
|
fi
|
|
|
|
# Create database & user, then set permissions
|
|
SQLCODE="
|
|
CREATE DATABASE IF NOT EXISTS ${guacDb};
|
|
create user if not exists '${guacUser}'@'${guacUserHost}' identified by \"${guacPwd}\";
|
|
GRANT SELECT,INSERT,UPDATE,DELETE ON ${guacDb}.* TO '${guacUser}'@'${guacUserHost}';
|
|
flush privileges;"
|
|
|
|
# Execute SQL code
|
|
echo ${SQLCODE} | mysql -u root -h ${mysqlHost} -P ${mysqlPort}
|
|
|
|
# Add Guacamole schema to newly created database
|
|
echo -e "${BLUE}Adding database tables...${NC}"
|
|
cat guacamole-auth-jdbc-${GUACVERSION}/mysql/schema/*.sql | mysql -u root -D ${guacDb} -h ${mysqlHost} -P ${mysqlPort}
|
|
if [ $? -ne 0 ]; then
|
|
echo -e "${RED}Failed${NC}"
|
|
exit 1
|
|
else
|
|
echo -e "${GREEN}OK${NC}"
|
|
fi
|
|
echo
|
|
|
|
# Ensure guacd is started
|
|
echo -e "${BLUE}Starting guacamole service & enable at boot...${NC}"
|
|
service guacd start
|
|
systemctl enable guacd
|
|
echo
|
|
|
|
# Cleanup
|
|
echo -e "${BLUE}Cleanup install files...${NC}"
|
|
rm -rf guacamole-*
|
|
rm -rf mysql-connector-java-*
|
|
unset MYSQL_PWD
|
|
echo
|
|
|
|
# Done
|
|
echo -e "${BLUE}Installation Complete\n- Visit: http://localhost:8080/guacamole/\n- Default login (username/password): guacadmin/guacadmin\n***Be sure to change the password***.${NC}"
|
|
|
|
if [ "$installDuo" = true ]; then
|
|
echo -e "${YELLOW}\nDon't forget to configure Duo in guacamole.properties. You will not be able to login otherwise.\nhttps://guacamole.apache.org/doc/${GUACVERSION}/gug/duo-auth.html${NC}"
|
|
fi
|