-
Notifications
You must be signed in to change notification settings - Fork 0
/
____runme.sh
executable file
·343 lines (278 loc) · 9.65 KB
/
____runme.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
#!/bin/bash
set -e
##########################################
# g-booking server installation script #
##########################################
trap 'catch $? $LINENO' EXIT
catch() {
if [ "$1" != "0" ]; then
# error handling goes here
echo "Error $1 occurred on $2"
fi
}
dnf -y install wget chrony firewalld tar bind-utils.x86_64 curl kpatch
EIP=`dig emergency.g-booking.com +short`
echo -n '<?xml version="1.0" encoding="utf-8"?>
<zone target="DROP">
<short>Public</short>
<description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description>
<rule family="ipv4">
<source address="' >/etc/firewalld/zones/public.xml
echo -n $EIP >>/etc/firewalld/zones/public.xml
echo -n '"/>
<port port="22" protocol="tcp"/>
<accept/>
</rule>
</zone>
' >>/etc/firewalld/zones/public.xml
systemctl enable firewalld
systemctl start firewalld
cd /root
BASEDIR=$(pwd)
if test "$BASEDIR" != '/root'; then
echo "I am NOT in /root which is where I want to be. Check I am running as root";
exit;
fi
[ -f /etc/redhat-release ] && echo "" || exit
echo "g-Booking server installation started
";
[ -d "/gbooking" ] && echo "g-booking directory exists...I am aborting so you can have a rethink." || echo "Thunderbirds are GO!"
[ -d "/gbooking" ] && exit
systemctl enable chronyd
systemctl start chronyd
timedatectl set-timezone UTC
cd /root
rm -rf cpan* perl* ccrypt*
echo "Fetching scripts and data files..."
wget -c https://github.com/squizzster/ginstall/raw/master/cpan.tar
#wget -c https://gitlab.com/g-booking/g-install/-/raw/master/cpan.tar
wget -c https://github.com/squizzster/ginstall/raw/54e2edb69bf99e064714a8202088d54dbba9b5de/perl-5.34.0.tar.gz
#wget -c https://gitlab.com/g-booking/g-install/-/raw/master/perl-5.34.0.tar.gz
wget -c https://github.com/squizzster/ginstall/raw/master/ccrypt-1.11.tar.gz
#wget -c https://gitlab.com/g-booking/g-install/-/raw/master/ccrypt-1.11.tar.gz
wget -c https://github.com/squizzster/ginstall/raw/master/install_cpan.pl
#wget -c https://gitlab.com/g-booking/g-install/-/raw/master/install_cpan.pl?inline=false
wget -c https://github.com/squizzster/ginstall/raw/master/encode_decode
#wget -c https://gitlab.com/g-booking/g-install/-/raw/master/encode_decode?inline=false
#wget -c https://github.com/squizzster/ginstall/raw/master/curl-7.78.0.tar.gz
#wget -c https://gitlab.com/g-booking/g-install/-/raw/master/curl-7.78.0.tar.gz
### Need to check error messsage and then actually decide what to do otherwise just x 2 chances of exiting the script but we dont have one of those
echo "Installing encode_decode"
mv /root/encode_decode /usr/local/bin
chmod 555 /usr/local/bin/encode_decode
echo "Updating system"
dnf -y upgrade
dnf -y update
dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
dnf -y config-manager --set-enabled powertools
curl -L https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | bash
dnf -y install firewalld gcc gcc-c++ make openssl-devel git libdb-devel openssl-devel rclone libaio libsepol lsof boost-program-options MariaDB-server MariaDB-client mod_ssl redis mysql-devel memcached.x86_64 libmemcached.x86_64 libmemcached-libs.x86_64 systemd-devel systemd-libs cpan traceroute telnet sysbench libpng-devel zlib-devel libgcrypt libgcrypt-devel compat-libpthread-nonshared bzip2 google-authenticator qrencode-libs bind-utils ncdu nodejs libsecret-devel gnupg1.x86_64 scl-utils gcc-toolset-9 git cmake3 zlib-devel boost-devel boost boost-devel boost-build glpk glpk-devel nload
wget ftp:https://ftp.pbone.net/mirror/ftp.centos.org/8.4.2105/PowerTools/x86_64/os/Packages/asio-devel-1.10.8-7.module_el8.3.0+757+d382997d.x86_64.rpm
dnf -y install asio-devel-1.10.8-7.module_el8.3.0+757+d382997d.x86_64.rpm
rm -f asio-devel-1.10.8-7.module_el8.3.0+757+d382997d.x86_64.rpm
#scl enable gcc-toolset-9 bash
## Postgres not used at moment
##dnf -y install postgresql perl-pgsql_perl5 pg_top perl-DBD-Pg postgresql-contrib java-11-openjdk
systemctl enable mariadb
systemctl start mariadb
echo "Adding mysql";
nohup mysql_upgrade &
#mysql_secure_installation
sleep 20;
echo "Adding zones";
mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root mysql
systemctl stop mariadb
systemctl disable mariadb
systemctl enable firewalld
## Update curl as early versions have security issues. Maybe, probably... could be... but do it anyway.
#tar -xf curl-7.78.0.tar.gz
#cd curl-7.78.0
#./configure --with-openssl
#make
#make install
#cd ..
#ln -f /usr/local/bin/curl /usr/bin/curl
>/root/ccrypt.stat
gzip -fd ccrypt-1.11.tar.gz
tar -xf ccrypt-1.11.tar
cd ./ccrypt-1.11
./configure
make
make install
cd ..
gzip -d perl-5.34.0.tar.gz
tar -xf perl-5.34.0.tar
cd perl-5.34.0
sh Configure -de
make
##make test ### PRODUCTION
>/root/perl.stat
make install
curl -L https://github.com/squizzster/ginstall/raw/master/cpanminus.pl | perl - App::cpanminus
mkdir -p /gbooking/g-booking-server/install/cpan
cd /gbooking/g-booking-server/install/cpan
tar -xf /root/cpan.tar
rm -f /root/cpan.tar
cd /root
#wget https://apache.mirrors.nublue.co.uk/kafka/2.8.0/kafka_2.13-2.8.0.tgz
#tar -xf kafka_2.13-2.8.0.tgz
#mv kafka_2.13-2.8.0 /usr/local/kafka
#echo '[Unit]
#Description=Apache Zookeeper server
#Documentation=http:https://zookeeper.apache.org
#Requires=network.target remote-fs.target
#After=network.target remote-fs.target
#
#[Service]
#Type=simple
#ExecStart=/usr/bin/bash /usr/local/kafka/bin/zookeeper-server-start.sh /usr/local/kafka/config/zookeeper.properties
#ExecStop=/usr/bin/bash /usr/local/kafka/bin/zookeeper-server-stop.sh
#Restart=on-abnormal
#
#[Install]
#WantedBy=multi-user.target' >/etc/systemd/system/zookeeper.service
#
#echo '[Unit]
#Description=Apache Kafka Server
#Documentation=http:https://kafka.apache.org/documentation.html
#Requires=zookeeper.service
#
#[Service]
#Type=simple
#Environment="JAVA_HOME=/usr/lib/jvm/jre-11-openjdk"
#ExecStart=/usr/bin/bash /usr/local/kafka/bin/kafka-server-start.sh /usr/local/kafka/config/server.properties
#ExecStop=/usr/bin/bash /usr/local/kafka/bin/kafka-server-stop.sh
#
#[Install]
#WantedBy=multi-user.target' >/etc/systemd/system/kafka.service
#
##systemctl daemon-reload
##systemctl enable zookeeper
##systemctl enable kafka
##systemctl start zookeeper
##systemctl start kafka
#sudo tee /etc/yum.repos.d/rabbitmq_erlang.repo<<EOF
#[rabbitmq_erlang]
#name=rabbitmq_erlang
#baseurl=https://packagecloud.io/rabbitmq/erlang/el/8/x86_64
#repo_gpgcheck=1
#gpgcheck=1
#enabled=1
## PackageCloud's repository key and RabbitMQ package signing key
#gpgkey=https://packagecloud.io/rabbitmq/erlang/gpgkey
#https://dl.bintray.com/rabbitmq/Keys/rabbitmq-release-signing-key.asc
#sslverify=1
#sslcacert=/etc/pki/tls/certs/ca-bundle.crt
#metadata_expire=300
#
#[rabbitmq_erlang-source]
#name=rabbitmq_erlang-source
#baseurl=https://packagecloud.io/rabbitmq/erlang/el/8/SRPMS
#repo_gpgcheck=1
#gpgcheck=0
#enabled=1
## PackageCloud's repository key and RabbitMQ package signing key
#gpgkey=https://packagecloud.io/rabbitmq/erlang/gpgkey
#https://dl.bintray.com/rabbitmq/Keys/rabbitmq-release-signing-key.asc
#sslverify=1
#sslcacert=/etc/pki/tls/certs/ca-bundle.crt
#metadata_expire=300
#EOF
#
#sudo yum clean all
#sudo yum -y makecache
#
#curl -s https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.rpm.sh | sudo bash
#dnf makecache -y --disablerepo='*' --enablerepo='rabbitmq_rabbitmq-server'
#dnf -y install --nogpgcheck erlang
#dnf -y install rabbitmq-server
#
##systemctl enable --now rabbitmq-server.service
#
#
#
#
#
#
#
#
### OK, some final task..
echo '##### gbooking v1.0 ######
HostKey /etc/ssh/ssh_host_ed25519_key
SyslogFacility AUTHPRIV
LogLevel INFO
StrictModes yes
LoginGraceTime 15
PermitRootLogin yes
MaxAuthTries 1
MaxSessions 5
PermitRootLogin without-password
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication no
PermitEmptyPasswords no
TCPKeepAlive yes
#Banner none
ChallengeResponseAuthentication yes
KerberosAuthentication no
GSSAPIAuthentication no
PubkeyAcceptedKeyTypes ssh-ed25519
UsePAM yes
X11Forwarding no
PrintMotd yes
PermitUserEnvironment no
AllowAgentForwarding no
AllowTcpForwarding no
PermitTunnel no
' >/etc/ssh/sshd_config
mkdir -p /root/.ssh
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMF5PmJ+ma3VLnPWsGctt+MSxd8l1Cfzz27E/Em2xSe2 [email protected]' >/root/.ssh/authorized_keys
curl -L https://github.com/squizzster/ginstall/raw/master/node_checker >node_checker
chmod 100 node_checker
echo '[Unit]
Description = g-Booking Node Checker. Every minute I check-in with central command.
[Service]
Type = notify
ExecStart = /usr/local/bin/perl /root/node_checker
ExecReload = /bin/kill -HUP $MAINPID
WatchdogSec = 180
TimeoutSec = 400
[Install]
WantedBy=multi-user.target
' >/etc/systemd/system/node_checker.service
systemctl daemon-reload
systemctl enable node_checker
cd /root
#wget https://www.openssl.org/source/openssl-1.1.1k.tar.gz
#tar -xf openssl-1.1.1k.tar.gz
#rm openssl-1.1.1k.tar.gz
#cd openssl-*
#./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl shared zlib
#make
#make test
#make install
#cd /root
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/master/install.sh | bash
cd /gbooking/g-booking-server/install/cpan
cpanm *.gz
curl -L https://github.com/squizzster/ginstall/raw/master/install_cpan.pl | perl
dnf -y kpatch auto
systemctl start kpatch
rm -rf c* p* /root/.cpan* /gbooking *.sh std* original* noh* ins* /tmp/*
>/var/log/messages
>/var/log/secure
>/var/log/firewalld
echo "
rebooting in 1 minute...
rebooting in 1 minute...
rebooting in 1 minute...
rebooting in 1 minute...
use shutdown -c
to cancel.
"
shutdown -r +1
sleep 58
>/var/log/messages
>/var/log/secure
>/var/log/firewalld
sleep 20