From 077e892e6d98b8a0e91d540fafd1badca33a66a9 Mon Sep 17 00:00:00 2001 From: Daniel Hansson Date: Wed, 4 Oct 2023 16:39:48 +0200 Subject: [PATCH 01/11] installation script tuning --- install.sh | 125 ++++++++--------------------------------------------- 1 file changed, 18 insertions(+), 107 deletions(-) diff --git a/install.sh b/install.sh index d4fbc15..e819158 100644 --- a/install.sh +++ b/install.sh @@ -1,7 +1,11 @@ #!/bin/bash +# We need to source directly from the Github repo to be able to use the functions here # shellcheck disable=2034,2059,2164 true +SCRIPT_NAME="Install script" +# shellcheck source=lib.sh +source <(curl -sL https://raw.githubusercontent.com/rustdesk/rustdesk-server-pro/main/lib.sh) # see https://github.com/koalaman/shellcheck/wiki/Directive # This script will do the following to install RustDesk Server Pro @@ -14,118 +18,25 @@ true ################################################################################################################## -if [[ "$EUID" -ne 0 ]] -then - echo "Sorry, you are not root. You now have two options:" - echo - echo "1. Use SUDO directly:" - echo " a) :~$ sudo bash install.sh" - echo - echo "2. Become ROOT and then type your command:" - echo " a) :~$ sudo -i" - echo " b) :~# bash install.sh" - echo - echo "More information can be found here: https://unix.stackexchange.com/a/3064" - exit 1 -fi - -# Identify OS -if [ -f /etc/os-release ] -then - # freedesktop.org and systemd - # shellcheck source=/dev/null - source /etc/os-release - OS=$NAME - VER=$VERSION_ID - UPSTREAM_ID=${ID_LIKE,,} - - # Fallback to ID_LIKE if ID was not 'ubuntu' or 'debian' - if [ "${UPSTREAM_ID}" != "debian" ] && [ "${UPSTREAM_ID}" != "ubuntu" ] - then - UPSTREAM_ID="$(echo "${ID_LIKE,,}" | sed s/\"//g | cut -d' ' -f1)" - fi - -elif type lsb_release >/dev/null 2>&1 -then - # linuxbase.org - OS=$(lsb_release -si) - VER=$(lsb_release -sr) -elif [ -f /etc/lsb-release ] -then - # For some versions of Debian/Ubuntu without lsb_release command - # shellcheck source=/dev/null - source /etc/os-release - OS=$DISTRIB_ID - VER=$DISTRIB_RELEASE -elif [ -f /etc/debian_version ] -then - # Older Debian, Ubuntu, etc. - OS=Debian - VER=$(cat /etc/debian_version) -elif [ -f /etc/SuSE-release ] -then - # Older SuSE, etc. - OS=SuSE - VER=$(cat /etc/SuSE-release) -elif [ -f /etc/redhat-release ] -then - # Older Red Hat, CentOS, etc. - OS=RedHat - VER=$(cat /etc/redhat-release) -else - # Fall back to uname, e.g. "Linux ", also works for BSD, etc. - OS=$(uname -s) - VER=$(uname -r) -fi +# This must run as root +root_check -# Setup prereqs for server -# Common named prereqs -PREREQ=(curl wget unzip tar whiptail) -PREREQDEB=(dnsutils ufw) -PREREQRPM=(bind-utils) -PREREQARCH=(bind) - -echo "Installing prerequisites" -if [ "${ID}" = "debian" ] || [ "$OS" = "Ubuntu" ] || [ "$OS" = "Debian" ] || [ "${UPSTREAM_ID}" = "ubuntu" ] || [ "${UPSTREAM_ID}" = "debian" ] -then - apt-get update - apt-get install -y "${PREREQ[@]}" "${PREREQDEB[@]}" -elif [ "$OS" = "CentOS" ] || [ "$OS" = "RedHat" ] || [ "${UPSTREAM_ID}" = "rhel" ] || [ "${OS}" = "Almalinux" ] || [ "${UPSTREAM_ID}" = "Rocky*" ] -then -# openSUSE 15.4 fails to run the relay service and hangs waiting for it -# Needs more work before it can be enabled -# || [ "${UPSTREAM_ID}" = "suse" ] - yum update -y - yum install -y "${PREREQ[@]}" "${PREREQRPM[@]}" # git -elif [ "${ID}" = "arch" ] || [ "${UPSTREAM_ID}" = "arch" ] -then - pacman -Syu - pacman -S "${PREREQ[@]}" "${PREREQARCH[@]}" -else - echo "Unsupported OS!" - # Here you could ask the user for permission to try and install anyway - # If they say yes, then do the install - # If they say no, exit the script - exit 1 -fi - -# Download the lib file -if ! curl -fSL https://raw.githubusercontent.com/rustdesk/rustdesk-server-pro/main/lib.sh -o lib.sh -then - echo "Failed to download the lib.sh file. Please try again" - exit 1 -fi - -# shellcheck disable=2034,2059,2164 -true -# shellcheck source=lib.sh -source lib.sh +# Install needed dependencies +install_linux_package curl +install_linux_package wget +install_linux_package unzip +install_linux_package tar +install_linux_package whiptail +install_linux_package dnsutils +install_linux_package ufw +install_linux_package bind-utils +install_linux_package bind # Select user for installation -msg_box "Rustdesk needs to be installed as root, but you can still do some parts as an unprivileged user. +msg_box "Rustdesk can be installed as an unprivileged user, but we need root for everything else. Running with an unprivileged user enhances security, and is recommended." -if yesno_box_yes "Do you want to use an unprivileged user where it's possible?" +if yesno_box_yes "Do you want to use an unprivileged user for Rustdesk?" then while : do From 7366541dce1a5d08a67dc4b40bed3e873e9f95be Mon Sep 17 00:00:00 2001 From: Daniel Hansson Date: Wed, 4 Oct 2023 16:41:28 +0200 Subject: [PATCH 02/11] add root function to lib --- lib.sh | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/lib.sh b/lib.sh index 6b6e75f..8eececf 100644 --- a/lib.sh +++ b/lib.sh @@ -14,6 +14,35 @@ WANIP4=$(curl -s -k -m 5 -4 https://api64.ipify.org) ############ Functions +is_root() { + if [[ "$EUID" -ne 0 ]] + then + return 1 + else + return 0 + fi +} + +root_check() { +if ! is_root +then + msg_box "Sorry, you are not root. You now have two options: + +1. Use SUDO directly: + a) :~$ sudo bash name-of-script.sh + +2. Become ROOT and then type your command: + a) :~$ sudo -i + b) :~# bash name-of-script.sh + +In both cases above you can leave out $SCRIPTS/ if the script +is directly in your PATH. + +More information can be found here: https://unix.stackexchange.com/a/3064" + exit 1 +fi +} + print_text_in_color() { printf "%b%s%b\n" "$1" "$2" "$Color_Off" } From e802c03a478ad3d57f59c72eda633c7a94958104 Mon Sep 17 00:00:00 2001 From: Daniel Hansson Date: Wed, 4 Oct 2023 19:12:40 +0200 Subject: [PATCH 03/11] install curl before anything else --- install.sh | 57 +++++++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 48 insertions(+), 9 deletions(-) diff --git a/install.sh b/install.sh index e819158..49dcd99 100644 --- a/install.sh +++ b/install.sh @@ -1,13 +1,5 @@ #!/bin/bash -# We need to source directly from the Github repo to be able to use the functions here -# shellcheck disable=2034,2059,2164 -true -SCRIPT_NAME="Install script" -# shellcheck source=lib.sh -source <(curl -sL https://raw.githubusercontent.com/rustdesk/rustdesk-server-pro/main/lib.sh) -# see https://github.com/koalaman/shellcheck/wiki/Directive - # This script will do the following to install RustDesk Server Pro # 1. Install some dependencies # 2. Setup UFW firewall if available @@ -18,12 +10,58 @@ source <(curl -sL https://raw.githubusercontent.com/rustdesk/rustdesk-server-pro ################################################################################################################## +# We need curl to fetch the lib +# There are the package managers for different OS: +# osInfo[/etc/redhat-release]=yum +# osInfo[/etc/arch-release]=pacman +# osInfo[/etc/gentoo-release]=emerge +# osInfo[/etc/SuSE-release]=zypp +# osInfo[/etc/debian_version]=apt-get +# osInfo[/etc/alpine-release]=apk +packagesNeeded='curl' +if [ -x "$(command -v apt-get)" ] +then + sudo apt-get install $packagesNeeded +elif [ -x "$(command -v apk)" ] +then + sudo apk add --no-cache $packagesNeeded +elif [ -x "$(command -v dnf)" ] +then + sudo dnf install $packagesNeeded +elif [ -x "$(command -v zypper)" ] +then + sudo zypper install $packagesNeeded +elif [ -x "$(command -v pacman)" ] +then + sudo pacman -S install $packagesNeeded +elif [ -x "$(command -v yum)" ] +then + sudo yum install $packagesNeeded +elif [ -x "$(command -v emerge)" ] +then + sudo emerge -av $packagesNeeded +else + echo "FAILED TO INSTALL PACKAGE: Package manager not found. You must manually install: $packagesNeeded">&2 +fi + +# We need to source directly from the Github repo to be able to use the functions here +# shellcheck disable=2034,2059,2164 +true +SCRIPT_NAME="Install script" +# shellcheck source=lib.sh +source <(curl -sL https://raw.githubusercontent.com/rustdesk/rustdesk-server-pro/main/lib.sh) +# see https://github.com/koalaman/shellcheck/wiki/Directive + +################################################################################################################## + # This must run as root root_check +# We need the WAN IP +get_wanip4 + # Install needed dependencies install_linux_package curl -install_linux_package wget install_linux_package unzip install_linux_package tar install_linux_package whiptail @@ -60,6 +98,7 @@ fi # Output debugging info if $DEBUG set if [ "$DEBUG" = "true" ] then + identify_os print_text_in_color "$ICyan" "OS: $OS" print_text_in_color "$ICyan" "VER: $VER" print_text_in_color "$ICyan" "UPSTREAM_ID: $UPSTREAM_ID" From 2ceee1ca3da9a30e69b7f4ac7ade3d7e0e1fd078 Mon Sep 17 00:00:00 2001 From: Daniel Hansson Date: Wed, 4 Oct 2023 19:13:55 +0200 Subject: [PATCH 04/11] only get WAN IP if actually needed avoid unnecessary traffic --- lib.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/lib.sh b/lib.sh index 8eececf..1204fa1 100644 --- a/lib.sh +++ b/lib.sh @@ -10,7 +10,9 @@ RUSTDESK_INSTALL_DIR=/var/lib/rustdesk-server RUSTDESK_LOG_DIR=/var/log/rustdesk-server ARCH=$(uname -m) TITLE="RustDesk Linux installer" -WANIP4=$(curl -s -k -m 5 -4 https://api64.ipify.org) +get_wanip4() { + WANIP4=$(curl -s -k -m 5 -4 https://api64.ipify.org) +} ############ Functions From a59e309333c4b91317b5ccd8279859dd515468e1 Mon Sep 17 00:00:00 2001 From: Daniel Hansson Date: Wed, 4 Oct 2023 19:16:43 +0200 Subject: [PATCH 05/11] SC --- install.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/install.sh b/install.sh index 49dcd99..8a8272d 100644 --- a/install.sh +++ b/install.sh @@ -48,9 +48,11 @@ fi # shellcheck disable=2034,2059,2164 true SCRIPT_NAME="Install script" +export SCRIPT_NAME # shellcheck source=lib.sh source <(curl -sL https://raw.githubusercontent.com/rustdesk/rustdesk-server-pro/main/lib.sh) # see https://github.com/koalaman/shellcheck/wiki/Directive +unset SCRIPT_NAME ################################################################################################################## From bf6ab0af5f9376168593a220d96cdac463392ee5 Mon Sep 17 00:00:00 2001 From: Daniel Hansson Date: Wed, 4 Oct 2023 19:18:02 +0200 Subject: [PATCH 06/11] remove info --- lib.sh | 3 --- 1 file changed, 3 deletions(-) diff --git a/lib.sh b/lib.sh index 1204fa1..08a6f78 100644 --- a/lib.sh +++ b/lib.sh @@ -37,9 +37,6 @@ then a) :~$ sudo -i b) :~# bash name-of-script.sh -In both cases above you can leave out $SCRIPTS/ if the script -is directly in your PATH. - More information can be found here: https://unix.stackexchange.com/a/3064" exit 1 fi From 381558aeddad9602738e52f379b08f32f420e06b Mon Sep 17 00:00:00 2001 From: Daniel Hansson Date: Wed, 4 Oct 2023 19:46:53 +0200 Subject: [PATCH 07/11] do more with less --- install.sh | 49 ++++++++++++++++++------------------------------- 1 file changed, 18 insertions(+), 31 deletions(-) diff --git a/install.sh b/install.sh index 8a8272d..d9ec130 100644 --- a/install.sh +++ b/install.sh @@ -3,7 +3,7 @@ # This script will do the following to install RustDesk Server Pro # 1. Install some dependencies # 2. Setup UFW firewall if available -# 3. Create 2 folders /var/lib/rustdesk-server and /var/log/rustdesk-server ("$RUSTDESK_LOG_DIR") +# 3. Create 2 folders /var/lib/rustdesk-server and /var/log/rustdesk-server ("$RUSTDESK_INSTALL_DIR" and "$RUSTDESK_LOG_DIR") # 4. Download and extract RustDesk Pro Services to the above folder # 5. Create systemd services for hbbs and hbbr # 6. If you choose Domain, it will install Nginx and Certbot, allowing the API to be available on port 443 (https) and get an SSL certificate over port 80, it is automatically renewed @@ -41,7 +41,7 @@ elif [ -x "$(command -v emerge)" ] then sudo emerge -av $packagesNeeded else - echo "FAILED TO INSTALL PACKAGE: Package manager not found. You must manually install: $packagesNeeded">&2 + echo "FAILED TO INSTALL PACKAGE! Package manager not found. You must manually install: $packagesNeeded">&2 fi # We need to source directly from the Github repo to be able to use the functions here @@ -69,8 +69,11 @@ install_linux_package tar install_linux_package whiptail install_linux_package dnsutils install_linux_package ufw -install_linux_package bind-utils install_linux_package bind +if ! install_linux_package bind-utils +then + install_linux_package bind9 +fi # Select user for installation msg_box "Rustdesk can be installed as an unprivileged user, but we need root for everything else. @@ -358,41 +361,26 @@ Please check https://www.whatsmydns.net/#A/${RUSTDESK_DOMAIN} if the IP seems co exit 1 fi - - print_text_in_color "$IGreen" "Installing Nginx" - if [ "${ID}" = "debian" ] || [ "$OS" = "Ubuntu" ] || [ "$OS" = "Debian" ] || [ "${UPSTREAM_ID}" = "ubuntu" ] || [ "${UPSTREAM_ID}" = "debian" ] - then - if yesno_box_yes "We use Certbot to generate the free TLS certificate from Let's Encrypt. + print_text_in_color "$IGreen" "Installing Nginx and Cerbot..." + if yesno_box_yes "We use Certbot to generate the free TLS certificate from Let's Encrypt. The default behavior of installing Certbot is to use the snap package which auto updates, and provides the latest version of Certbot. If you don't like snap packages, you can opt out now and we'll use regular (old) deb packages instead. Do you want to install Certbot with snap? (recommended)" then - apt-get install nginx -y - apt-get install snapd -y - snap install certbot --classic + install_linux_package nginx + if ! install_linux_package snapd + print_text_in_color "$IRed" "Sorry, snapd wasn't found on your system, reverting to python-certbot." + install_linux_package python3-certbot-nginx + else + snap install certbot --classic + fi else - apt-get install nginx -y - apt-get install python3-certbot-nginx -y - fi - elif [ "$OS" = "CentOS" ] || [ "$OS" = "RedHat" ] || [ "${UPSTREAM_ID}" = "rhel" ] || [ "${OS}" = "Almalinux" ] || [ "${UPSTREAM_ID}" = "Rocky*" ] - then - # openSUSE 15.4 fails to run the relay service and hangs waiting for it - # Needs more work before it can be enabled - # || [ "${UPSTREAM_ID}" = "suse" ] - yum -y install nginx - yum -y install python3-certbot-nginx - elif [ "${ID}" = "arch" ] || [ "${UPSTREAM_ID}" = "arch" ] - then - pacman -S install nginx - pacman -S install python3-certbot-nginx - else - msg_box "Sorry, your OS is unsupported" - if ! yesno_box_no "It might work anyway though... Do you want to give it a shot?" - then - exit 1 + install_linux_package nginx + install_linux_package python3-certbot-nginx fi fi + # Add Nginx config if [ ! -f "/etc/nginx/sites-available/rustdesk.conf" ] then rm -f "/etc/nginx/sites-available/rustdesk.conf" @@ -470,4 +458,3 @@ fi print_text_in_color "$IGreen" "Cleaning up..." rm -f rustdesk-server-linux-"${ACTUAL_TAR_NAME}".zip rm -rf "${ACTUAL_TAR_NAME}" -rm -f lib.sh From 1053198d41a0edbe33588b08badf3abee7869d96 Mon Sep 17 00:00:00 2001 From: Daniel Hansson Date: Wed, 4 Oct 2023 19:52:16 +0200 Subject: [PATCH 08/11] SC --- install.sh | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/install.sh b/install.sh index d9ec130..35181dc 100644 --- a/install.sh +++ b/install.sh @@ -18,30 +18,29 @@ # osInfo[/etc/SuSE-release]=zypp # osInfo[/etc/debian_version]=apt-get # osInfo[/etc/alpine-release]=apk -packagesNeeded='curl' if [ -x "$(command -v apt-get)" ] then - sudo apt-get install $packagesNeeded + sudo apt-get install curl elif [ -x "$(command -v apk)" ] then - sudo apk add --no-cache $packagesNeeded + sudo apk add --no-cache curl elif [ -x "$(command -v dnf)" ] then - sudo dnf install $packagesNeeded + sudo dnf install curl elif [ -x "$(command -v zypper)" ] then - sudo zypper install $packagesNeeded + sudo zypper install curl elif [ -x "$(command -v pacman)" ] then - sudo pacman -S install $packagesNeeded + sudo pacman -S install curl elif [ -x "$(command -v yum)" ] then - sudo yum install $packagesNeeded + sudo yum install curl elif [ -x "$(command -v emerge)" ] then - sudo emerge -av $packagesNeeded + sudo emerge -av curl else - echo "FAILED TO INSTALL PACKAGE! Package manager not found. You must manually install: $packagesNeeded">&2 + echo "FAILED TO INSTALL PACKAGE! Package manager not found. You must manually install: curl" fi # We need to source directly from the Github repo to be able to use the functions here @@ -361,23 +360,24 @@ Please check https://www.whatsmydns.net/#A/${RUSTDESK_DOMAIN} if the IP seems co exit 1 fi + # Install packages print_text_in_color "$IGreen" "Installing Nginx and Cerbot..." if yesno_box_yes "We use Certbot to generate the free TLS certificate from Let's Encrypt. The default behavior of installing Certbot is to use the snap package which auto updates, and provides the latest version of Certbot. If you don't like snap packages, you can opt out now and we'll use regular (old) deb packages instead. Do you want to install Certbot with snap? (recommended)" + then + install_linux_package nginx + if ! install_linux_package snapd then - install_linux_package nginx - if ! install_linux_package snapd - print_text_in_color "$IRed" "Sorry, snapd wasn't found on your system, reverting to python-certbot." - install_linux_package python3-certbot-nginx - else - snap install certbot --classic - fi - else - install_linux_package nginx + print_text_in_color "$IRed" "Sorry, snapd wasn't found on your system, reverting to python-certbot." install_linux_package python3-certbot-nginx + else + snap install certbot --classic fi + else + install_linux_package nginx + install_linux_package python3-certbot-nginx fi # Add Nginx config From 11420ebaf633e036186bd8e24ddd548457b434c8 Mon Sep 17 00:00:00 2001 From: Daniel Hansson Date: Wed, 4 Oct 2023 20:09:54 +0200 Subject: [PATCH 09/11] more improvements --- install.sh | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/install.sh b/install.sh index 35181dc..5255e74 100644 --- a/install.sh +++ b/install.sh @@ -18,31 +18,33 @@ # osInfo[/etc/SuSE-release]=zypp # osInfo[/etc/debian_version]=apt-get # osInfo[/etc/alpine-release]=apk +NEEDED_DEPS=(curl whiptail) if [ -x "$(command -v apt-get)" ] then - sudo apt-get install curl + sudo apt-get install "${NEEDED_DEPS[@]}" -y elif [ -x "$(command -v apk)" ] then - sudo apk add --no-cache curl + sudo apk add --no-cache "${NEEDED_DEPS[@]}" elif [ -x "$(command -v dnf)" ] then - sudo dnf install curl + sudo dnf install "${NEEDED_DEPS[@]}" elif [ -x "$(command -v zypper)" ] then - sudo zypper install curl + sudo zypper install "${NEEDED_DEPS[@]}" elif [ -x "$(command -v pacman)" ] then - sudo pacman -S install curl + sudo pacman -S install "${NEEDED_DEPS[@]}" elif [ -x "$(command -v yum)" ] then - sudo yum install curl + sudo yum install "${NEEDED_DEPS[@]}" elif [ -x "$(command -v emerge)" ] then - sudo emerge -av curl + sudo emerge -av "${NEEDED_DEPS[@]}" else - echo "FAILED TO INSTALL PACKAGE! Package manager not found. You must manually install: curl" + echo "FAILED TO INSTALL PACKAGE! Package manager not found. You must manually install: ${NEEDED_DEPS[@]}" fi + # We need to source directly from the Github repo to be able to use the functions here # shellcheck disable=2034,2059,2164 true @@ -62,10 +64,8 @@ root_check get_wanip4 # Install needed dependencies -install_linux_package curl install_linux_package unzip install_linux_package tar -install_linux_package whiptail install_linux_package dnsutils install_linux_package ufw install_linux_package bind From c397a07425cdebd8b3c26a7f87d1fdcda47df5b2 Mon Sep 17 00:00:00 2001 From: Daniel Hansson Date: Wed, 4 Oct 2023 20:23:48 +0200 Subject: [PATCH 10/11] if ! bind9 then bind --- install.sh | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/install.sh b/install.sh index 5255e74..d582d14 100644 --- a/install.sh +++ b/install.sh @@ -68,10 +68,13 @@ install_linux_package unzip install_linux_package tar install_linux_package dnsutils install_linux_package ufw -install_linux_package bind -if ! install_linux_package bind-utils +if ! install_linux_package bind9-utils then - install_linux_package bind9 + install_linux_package bind-utils +fi +if ! install_linux_package bind9 +then + install_linux_package bind fi # Select user for installation From cc30226afd5a50cc1ed4f6e11f65e36778f16120 Mon Sep 17 00:00:00 2001 From: Daniel Hansson Date: Wed, 4 Oct 2023 20:27:37 +0200 Subject: [PATCH 11/11] make SC happy --- install.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/install.sh b/install.sh index d582d14..c9d1cb8 100644 --- a/install.sh +++ b/install.sh @@ -41,7 +41,8 @@ elif [ -x "$(command -v emerge)" ] then sudo emerge -av "${NEEDED_DEPS[@]}" else - echo "FAILED TO INSTALL PACKAGE! Package manager not found. You must manually install: ${NEEDED_DEPS[@]}" + echo "FAILED TO INSTALL PACKAGE! Package manager not found. You must manually install:" "${NEEDED_DEPS[@]}" + exit 1 fi