2017-08-02 12:27:53 +02:00
|
|
|
#!/bin/bash
|
|
|
|
|
2018-09-01 16:38:30 +02:00
|
|
|
# Check if user is root or sudo
|
|
|
|
if ! [ $(id -u) = 0 ]; then echo "Please run this script as sudo or root"; exit 1 ; fi
|
|
|
|
|
2018-03-12 22:54:36 +01:00
|
|
|
# Version number of Guacamole to install
|
2022-01-06 03:00:05 +01:00
|
|
|
GUACVERSION="1.4.0"
|
2020-02-05 21:24:52 +01:00
|
|
|
|
|
|
|
# Colors to use for output
|
|
|
|
YELLOW='\033[1;33m'
|
|
|
|
BLUE='\033[0;34m'
|
|
|
|
RED='\033[0;31m'
|
|
|
|
GREEN='\033[0;32m'
|
|
|
|
CYAN='\033[0;36m'
|
|
|
|
NC='\033[0m' # No Color
|
2018-03-09 22:51:48 +01:00
|
|
|
|
2020-02-10 00:40:11 +01:00
|
|
|
# Try to get host and database from /etc/guacamole/guacamole.properties
|
|
|
|
mysqlHost=$(grep -oP 'mysql-hostname:\K.*' /etc/guacamole/guacamole.properties | awk '{print $1}')
|
|
|
|
mysqlPort=$(grep -oP 'mysql-port:\K.*' /etc/guacamole/guacamole.properties | awk '{print $1}')
|
|
|
|
guacDb=$(grep -oP 'mysql-database:\K.*' /etc/guacamole/guacamole.properties | awk '{print $1}')
|
2018-01-21 01:34:58 +01:00
|
|
|
|
2018-03-09 22:51:48 +01:00
|
|
|
# Get script arguments for non-interactive mode
|
|
|
|
while [ "$1" != "" ]; do
|
|
|
|
case $1 in
|
2020-02-10 00:40:11 +01:00
|
|
|
-h | --mysqlhost )
|
2018-03-09 22:51:48 +01:00
|
|
|
shift
|
2020-02-10 00:40:11 +01:00
|
|
|
mysqlHost="$1"
|
|
|
|
;;
|
|
|
|
-p | --mysqlport )
|
|
|
|
shift
|
|
|
|
mysqlPort="$1"
|
|
|
|
;;
|
|
|
|
-r | --mysqlpwd )
|
|
|
|
shift
|
|
|
|
mysqlrootpwd="$1"
|
2018-03-09 22:51:48 +01:00
|
|
|
;;
|
|
|
|
esac
|
|
|
|
shift
|
|
|
|
done
|
|
|
|
|
2020-02-10 00:40:11 +01:00
|
|
|
# Get MySQL host
|
|
|
|
if [ -z "$mysqlHost" ]; then
|
|
|
|
read -p "Enter MySQL Host [localhost]: " mysqlHost
|
|
|
|
echo
|
|
|
|
if [ -z "$mysqlHost" ]; then
|
|
|
|
mysqlHost="localhost"
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Get MySQL port
|
|
|
|
if [ -z "$mysqlPort" ]; then
|
|
|
|
read -p "Enter MySQL Port [3306]: " mysqlPort
|
|
|
|
echo
|
|
|
|
if [ -z "$mysqlPort" ]; then
|
|
|
|
mysqlPort="3306"
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ -n "$mysqlRootPwd" ]; then
|
|
|
|
export MYSQL_PWD=${mysqlRootPwd}
|
2020-02-17 22:15:37 +01:00
|
|
|
mysql -u root -D ${guacDb} -h ${mysqlHost} -P ${mysqlPort} -e"quit" || exit 1
|
2018-03-09 22:51:48 +01:00
|
|
|
else
|
2020-02-10 00:40:11 +01:00
|
|
|
# Get MySQL root password
|
2018-01-20 15:23:04 +01:00
|
|
|
echo
|
2018-03-09 22:51:48 +01:00
|
|
|
while true
|
|
|
|
do
|
2020-02-10 00:40:11 +01:00
|
|
|
read -s -p "Enter MySQL ROOT Password: " mysqlRootPwd
|
|
|
|
export MYSQL_PWD=${mysqlRootPwd}
|
2018-03-09 22:51:48 +01:00
|
|
|
echo
|
2020-02-10 00:40:11 +01:00
|
|
|
mysql -u root -D ${guacDb} -h ${mysqlHost} -P ${mysqlPort} -e"quit" && break
|
2018-03-09 22:51:48 +01:00
|
|
|
echo
|
|
|
|
done
|
2018-01-20 15:23:04 +01:00
|
|
|
echo
|
2018-03-09 22:51:48 +01:00
|
|
|
fi
|
2018-01-20 15:23:04 +01:00
|
|
|
|
|
|
|
# Get Tomcat Version
|
|
|
|
TOMCAT=$(ls /etc/ | grep tomcat)
|
2017-07-22 00:49:40 +02:00
|
|
|
|
2018-01-20 15:23:04 +01:00
|
|
|
# Get Current Guacamole Version
|
|
|
|
OLDVERSION=$(grep -oP 'Guacamole.API_VERSION = "\K[0-9\.]+' /var/lib/${TOMCAT}/webapps/guacamole/guacamole-common-js/modules/Version.js)
|
2017-08-02 13:24:36 +02:00
|
|
|
|
2017-12-01 18:49:26 +01:00
|
|
|
# Set SERVER to be the preferred download server from the Apache CDN
|
2018-01-21 01:34:58 +01:00
|
|
|
SERVER="http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/${GUACVERSION}"
|
2017-02-04 04:19:36 +01:00
|
|
|
|
2020-02-05 21:24:52 +01:00
|
|
|
# Stop tomcat and guac
|
2017-08-02 13:24:36 +02:00
|
|
|
service ${TOMCAT} stop
|
2020-02-05 21:24:52 +01:00
|
|
|
service guacd stop
|
|
|
|
|
|
|
|
# Update apt so we can search apt-cache
|
|
|
|
apt-get -qq update
|
|
|
|
|
|
|
|
# Install additional packages if they do not exist yet
|
2020-07-04 03:24:18 +02:00
|
|
|
apt-get -y install freerdp2-dev freerdp2-x11 libtool-bin libwebsockets-dev libavformat-dev
|
2017-02-04 04:19:36 +01:00
|
|
|
|
2017-12-01 18:49:26 +01:00
|
|
|
# Download Guacamole server
|
2020-02-17 22:15:37 +01:00
|
|
|
wget -q --show-progress -O guacamole-server-${GUACVERSION}.tar.gz ${SERVER}/source/guacamole-server-${GUACVERSION}.tar.gz
|
2018-01-21 01:34:58 +01:00
|
|
|
if [ $? -ne 0 ]; then
|
|
|
|
echo "Failed to download guacamole-server-${GUACVERSION}.tar.gz"
|
|
|
|
echo "${SERVER}/source/guacamole-server-${GUACVERSION}.tar.gz"
|
2017-12-01 18:49:26 +01:00
|
|
|
exit
|
2020-02-17 22:15:37 +01:00
|
|
|
else
|
|
|
|
tar -xzf guacamole-server-${GUACVERSION}.tar.gz
|
2017-12-01 18:49:26 +01:00
|
|
|
fi
|
|
|
|
|
|
|
|
# Download Guacamole client
|
2020-02-17 22:15:37 +01:00
|
|
|
wget -q --show-progress -O guacamole-${GUACVERSION}.war ${SERVER}/binary/guacamole-${GUACVERSION}.war
|
2018-01-21 01:34:58 +01:00
|
|
|
if [ $? -ne 0 ]; then
|
|
|
|
echo "Failed to download guacamole-${GUACVERSION}.war"
|
|
|
|
echo "${SERVER}/binary/guacamole-${GUACVERSION}.war"
|
2017-12-01 18:49:26 +01:00
|
|
|
exit
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Download SQL components
|
2020-02-17 22:15:37 +01:00
|
|
|
wget -q --show-progress -O guacamole-auth-jdbc-${GUACVERSION}.tar.gz ${SERVER}/binary/guacamole-auth-jdbc-${GUACVERSION}.tar.gz
|
2018-01-21 01:34:58 +01:00
|
|
|
if [ $? -ne 0 ]; then
|
|
|
|
echo "Failed to download guacamole-auth-jdbc-${GUACVERSION}.tar.gz"
|
|
|
|
echo "${SERVER}/binary/guacamole-auth-jdbc-${GUACVERSION}.tar.gz"
|
2017-12-01 18:49:26 +01:00
|
|
|
exit
|
2020-02-17 22:15:37 +01:00
|
|
|
else
|
|
|
|
tar -xzf guacamole-auth-jdbc-${GUACVERSION}.tar.gz
|
|
|
|
rm /etc/guacamole/extensions/guacamole-auth-jdbc-*.jar
|
|
|
|
cp guacamole-auth-jdbc-${GUACVERSION}/mysql/guacamole-auth-jdbc-mysql-${GUACVERSION}.jar /etc/guacamole/extensions/
|
2017-12-01 18:49:26 +01:00
|
|
|
fi
|
|
|
|
|
2018-03-12 23:15:26 +01:00
|
|
|
# Upgrade Guacamole Server
|
|
|
|
cd guacamole-server-${GUACVERSION}
|
2021-08-21 04:17:56 +02:00
|
|
|
./configure --with-systemd-dir=/etc/systemd/system
|
2021-01-06 18:56:21 +01:00
|
|
|
if [ $? -ne 0 ]; then
|
|
|
|
echo "Failed to configure guacamole-server"
|
|
|
|
echo "Trying again with --enable-allow-freerdp-snapshots"
|
2021-08-21 04:17:56 +02:00
|
|
|
./configure --with-systemd-dir=/etc/systemd/system --enable-allow-freerdp-snapshots
|
2021-01-06 18:56:21 +01:00
|
|
|
if [ $? -ne 0 ]; then
|
|
|
|
echo "Failed to configure guacamole-server - again"
|
|
|
|
exit
|
|
|
|
fi
|
|
|
|
fi
|
2019-01-23 23:15:59 +01:00
|
|
|
make
|
|
|
|
make install
|
2018-03-12 22:44:55 +01:00
|
|
|
|
2017-02-04 04:19:36 +01:00
|
|
|
ldconfig
|
|
|
|
systemctl enable guacd
|
|
|
|
cd ..
|
|
|
|
|
2017-12-01 18:49:26 +01:00
|
|
|
# Upgrade Guacamole Client
|
2018-01-21 01:34:58 +01:00
|
|
|
mv guacamole-${GUACVERSION}.war /etc/guacamole/guacamole.war
|
2017-02-04 04:19:36 +01:00
|
|
|
|
2018-01-20 15:23:04 +01:00
|
|
|
# Get list of SQL Upgrade Files
|
2018-01-21 01:34:58 +01:00
|
|
|
UPGRADEFILES=($(ls -1 guacamole-auth-jdbc-${GUACVERSION}/mysql/schema/upgrade/ | sort -V))
|
2018-01-20 15:23:04 +01:00
|
|
|
|
|
|
|
# Compare SQL Upgrage Files against old version, apply upgrades as needed
|
|
|
|
for FILE in ${UPGRADEFILES[@]}
|
|
|
|
do
|
|
|
|
FILEVERSION=$(echo ${FILE} | grep -oP 'upgrade-pre-\K[0-9\.]+(?=\.)')
|
2020-02-05 21:24:52 +01:00
|
|
|
if [[ $(echo -e "${FILEVERSION}\n${OLDVERSION}" | sort -V | head -n1) == ${OLDVERSION} && ${FILEVERSION} != ${OLDVERSION} ]]; then
|
2020-02-10 00:40:11 +01:00
|
|
|
echo "Patching ${guacDb} with ${FILE}"
|
|
|
|
mysql -u root -D ${guacDb} -h ${mysqlHost} -P ${mysqlPort} < guacamole-auth-jdbc-${GUACVERSION}/mysql/schema/upgrade/${FILE}
|
2018-01-20 15:23:04 +01:00
|
|
|
fi
|
|
|
|
done
|
2017-02-04 04:19:36 +01:00
|
|
|
|
2020-02-05 21:24:52 +01:00
|
|
|
# Check for either TOTP or Duo extensions and ugprade if found
|
|
|
|
for file in /etc/guacamole/extensions/guacamole-auth-totp*.jar; do
|
|
|
|
if [[ -f $file ]]; then
|
|
|
|
# Upgrade TOTP
|
|
|
|
echo -e "${BLUE}TOTP extension was found, upgrading...${NC}"
|
|
|
|
rm /etc/guacamole/extensions/guacamole-auth-totp*.jar
|
|
|
|
wget -q --show-progress -O guacamole-auth-totp-${GUACVERSION}.tar.gz ${SERVER}/binary/guacamole-auth-totp-${GUACVERSION}.tar.gz
|
|
|
|
if [ $? -ne 0 ]; then
|
|
|
|
echo -e "${RED}Failed to download guacamole-auth-totp-${GUACVERSION}.tar.gz"
|
|
|
|
echo -e "${SERVER}/binary/guacamole-auth-totp-${GUACVERSION}.tar.gz"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
echo -e "${GREEN}Downloaded guacamole-auth-totp-${GUACVERSION}.tar.gz${NC}"
|
|
|
|
tar -xzf guacamole-auth-totp-${GUACVERSION}.tar.gz
|
|
|
|
cp guacamole-auth-totp-${GUACVERSION}/guacamole-auth-totp-${GUACVERSION}.jar /etc/guacamole/extensions/
|
|
|
|
echo -e "${GREEN}TOTP copied to extensions.${NC}"
|
|
|
|
break
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
|
|
|
|
for file in /etc/guacamole/extensions/guacamole-auth-duo*.jar; do
|
|
|
|
if [[ -f $file ]]; then
|
|
|
|
# Upgrade Duo
|
|
|
|
echo -e "${BLUE}Duo extension was found, upgrading...${NC}"
|
|
|
|
rm /etc/guacamole/extensions/guacamole-auth-duo*.jar
|
|
|
|
wget -q --show-progress -O guacamole-auth-duo-${GUACVERSION}.tar.gz ${SERVER}/binary/guacamole-auth-duo-${GUACVERSION}.tar.gz
|
|
|
|
if [ $? -ne 0 ]; then
|
|
|
|
echo -e "${RED}Failed to download guacamole-auth-duo-${GUACVERSION}.tar.gz"
|
|
|
|
echo -e "${SERVER}/binary/guacamole-auth-duo-${GUACVERSION}.tar.gz"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
echo -e "${GREEN}Downloaded guacamole-auth-duo-${GUACVERSION}.tar.gz${NC}"
|
|
|
|
tar -xzf guacamole-auth-duo-${GUACVERSION}.tar.gz
|
|
|
|
cp guacamole-auth-duo-${GUACVERSION}/guacamole-auth-duo-${GUACVERSION}.jar /etc/guacamole/extensions/
|
|
|
|
echo -e "${GREEN}Duo copied to extensions.${NC}"
|
|
|
|
|
|
|
|
break
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
|
2023-01-03 17:50:41 +01:00
|
|
|
# Handle upgrading SAML plugin if present
|
|
|
|
for file in /etc/guacamole/extensions/guacamole-auth-saml*.jar; do
|
|
|
|
if [[ -f $file ]]; then
|
|
|
|
# Upgrade SAML
|
|
|
|
echo -e "${BLUE}SAML extension was found, upgrading...${NC}"
|
|
|
|
rm /etc/guacamole/extensions/guacamole-auth-saml*.jar
|
|
|
|
wget -q --show-progress -O guacamole-auth-saml-${GUACVERSION}.tar.gz ${SERVER}/binary/guacamole-auth-saml-${GUACVERSION}.tar.gz
|
|
|
|
if [ $? -ne 0 ]; then
|
|
|
|
echo -e "${RED}Failed to download guacamole-auth-saml-${GUACVERSION}.tar.gz"
|
|
|
|
echo -e "${SERVER}/binary/guacamole-auth-saml-${GUACVERSION}.tar.gz"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
echo -e "${GREEN}Downloaded guacamole-auth-saml-${GUACVERSION}.tar.gz${NC}"
|
|
|
|
tar -xzf guacamole-auth-saml-${GUACVERSION}.tar.gz
|
|
|
|
cp guacamole-auth-saml-${GUACVERSION}/guacamole-auth-saml-${GUACVERSION}.jar /etc/guacamole/extensions/
|
|
|
|
echo -e "${GREEN}SAML copied to extensions.${NC}"
|
|
|
|
|
|
|
|
break
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
|
2022-04-14 15:14:09 +02:00
|
|
|
# Fix for #196
|
|
|
|
mkdir -p /usr/sbin/.config/freerdp
|
|
|
|
chown daemon:daemon /usr/sbin/.config/freerdp
|
|
|
|
|
|
|
|
# Fix for #197
|
|
|
|
mkdir -p /var/guacamole
|
|
|
|
chown daemon:daemon /var/guacamole
|
|
|
|
|
2020-02-10 00:40:11 +01:00
|
|
|
# Start tomcat and Guacamole
|
|
|
|
echo -e "${BLUE}Starting tomcat and guacamole...${NC}"
|
2017-08-02 13:24:36 +02:00
|
|
|
service ${TOMCAT} start
|
2018-01-21 03:54:43 +01:00
|
|
|
service guacd start
|
2017-02-04 04:19:36 +01:00
|
|
|
|
|
|
|
# Cleanup
|
|
|
|
rm -rf guacamole*
|
2018-01-20 15:23:04 +01:00
|
|
|
unset MYSQL_PWD
|