tacticalrmm/install.sh

988 lines
29 KiB
Bash
Raw Normal View History

2022-06-15 20:04:58 +00:00
#!/usr/bin/env bash
2019-10-22 22:22:36 +00:00
2023-10-01 15:59:14 +00:00
SCRIPT_VERSION="78"
2022-03-18 18:09:58 +00:00
SCRIPT_URL='https://raw.githubusercontent.com/amidaware/tacticalrmm/master/install.sh'
2020-08-24 20:10:40 +00:00
sudo apt install -y curl wget dirmngr gnupg lsb-release ca-certificates
2020-12-30 19:04:14 +00:00
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
RED='\033[0;31m'
NC='\033[0m'
2022-05-24 22:03:24 +00:00
SCRIPTS_DIR='/opt/trmm-community-scripts'
2023-06-19 05:29:10 +00:00
PYTHON_VER='3.11.4'
2022-05-24 22:03:24 +00:00
SETTINGS_FILE='/rmm/api/tacticalrmm/tacticalrmm/settings.py'
2023-08-24 21:40:51 +00:00
local_settings='/rmm/api/tacticalrmm/tacticalrmm/local_settings.py'
2022-01-24 05:07:08 +00:00
2020-08-24 20:10:40 +00:00
TMP_FILE=$(mktemp -p "" "rmminstall_XXXXXXXXXX")
2023-03-21 05:57:24 +00:00
curl -s -L "${SCRIPT_URL}" >${TMP_FILE}
2020-08-24 20:10:40 +00:00
NEW_VER=$(grep "^SCRIPT_VERSION" "$TMP_FILE" | awk -F'[="]' '{print $3}')
2020-09-28 05:19:40 +00:00
if [ "${SCRIPT_VERSION}" -ne "${NEW_VER}" ]; then
2023-03-21 05:57:24 +00:00
printf >&2 "${YELLOW}Old install script detected, downloading and replacing with the latest version...${NC}\n"
wget -q "${SCRIPT_URL}" -O install.sh
printf >&2 "${YELLOW}Script updated! Please re-run ./install.sh${NC}\n"
rm -f $TMP_FILE
exit 1
2020-08-24 20:10:40 +00:00
fi
rm -f $TMP_FILE
2022-11-12 20:58:29 +00:00
arch=$(uname -m)
if [[ "$arch" != "x86_64" ]] && [[ "$arch" != "aarch64" ]]; then
echo -ne "${RED}ERROR: Only x86_64 and aarch64 is supported, not ${arch}${NC}\n"
2022-11-12 20:58:29 +00:00
exit 1
fi
2022-12-03 08:14:53 +00:00
memTotal=$(grep -i memtotal /proc/meminfo | awk '{print $2}')
if [[ $memTotal -lt 3627528 ]]; then
2023-03-21 05:57:24 +00:00
echo -ne "${RED}ERROR: A minimum of 4GB of RAM is required.${NC}\n"
exit 1
2022-12-03 08:14:53 +00:00
fi
2023-03-21 05:57:24 +00:00
osname=$(lsb_release -si)
osname=${osname^}
osname=$(echo "$osname" | tr '[A-Z]' '[a-z]')
fullrel=$(lsb_release -sd)
codename=$(lsb_release -sc)
relno=$(lsb_release -sr | cut -d. -f1)
fullrelno=$(lsb_release -sr)
not_supported() {
echo -ne "${RED}ERROR: Only Debian 11, Debian 12 and Ubuntu 22.04 are supported.${NC}\n"
}
if [[ "$osname" == "debian" ]]; then
if [[ "$relno" -ne 11 && "$relno" -ne 12 ]]; then
not_supported
exit 1
fi
elif [[ "$osname" == "ubuntu" ]]; then
if [[ "$fullrelno" != "22.04" ]]; then
not_supported
exit 1
fi
else
not_supported
2023-03-21 05:57:24 +00:00
exit 1
fi
2019-10-22 22:22:36 +00:00
if [ $EUID -eq 0 ]; then
2020-12-19 07:45:21 +00:00
echo -ne "${RED}Do NOT run this script as root. Exiting.${NC}\n"
2019-10-22 22:22:36 +00:00
exit 1
fi
2020-10-20 01:01:45 +00:00
if [[ "$LANG" != *".UTF-8" ]]; then
printf >&2 "\n${RED}System locale must be ${GREEN}<some language>.UTF-8${RED} not ${YELLOW}${LANG}${NC}\n"
printf >&2 "${RED}Run the following command and change the default locale to your language of choice${NC}\n\n"
printf >&2 "${GREEN}sudo dpkg-reconfigure locales${NC}\n\n"
printf >&2 "${RED}You will need to log out and back in for changes to take effect, then re-run this script.${NC}\n\n"
2020-10-05 02:54:25 +00:00
exit 1
fi
if [ "$arch" = "x86_64" ]; then
pgarch='amd64'
else
pgarch='arm64'
fi
2023-10-01 15:59:14 +00:00
postgresql_repo="deb [arch=${pgarch} signed-by=/etc/apt/keyrings/postgresql-archive-keyring.gpg] https://apt.postgresql.org/pub/repos/apt/ $codename-pgdg main"
2020-09-28 05:19:40 +00:00
# prevents logging issues with some VPS providers like Vultr if this is a freshly provisioned instance that hasn't been rebooted yet
sudo systemctl restart systemd-journald.service
DJANGO_SEKRET=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 80 | head -n 1)
ADMINURL=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 70 | head -n 1)
MESHPASSWD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 25 | head -n 1)
2020-08-21 19:46:05 +00:00
pgusername=$(cat /dev/urandom | tr -dc 'a-z' | fold -w 8 | head -n 1)
pgpw=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1)
2021-01-22 00:40:09 +00:00
meshusername=$(cat /dev/urandom | tr -dc 'a-z' | fold -w 8 | head -n 1)
MESHPGUSER=$(cat /dev/urandom | tr -dc 'a-z' | fold -w 8 | head -n 1)
MESHPGPWD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1)
2019-10-22 22:22:36 +00:00
cls() {
printf "\033c"
}
print_green() {
printf >&2 "${GREEN}%0.s-${NC}" {1..80}
printf >&2 "\n"
printf >&2 "${GREEN}${1}${NC}\n"
printf >&2 "${GREEN}%0.s-${NC}" {1..80}
printf >&2 "\n"
}
cls
2023-03-21 05:57:24 +00:00
while [[ $rmmdomain != *[.]*[.]* ]]; do
echo -ne "${YELLOW}Enter the subdomain for the backend (e.g. api.example.com)${NC}: "
read rmmdomain
done
2023-03-21 05:57:24 +00:00
while [[ $frontenddomain != *[.]*[.]* ]]; do
echo -ne "${YELLOW}Enter the subdomain for the frontend (e.g. rmm.example.com)${NC}: "
read frontenddomain
done
2023-03-21 05:57:24 +00:00
while [[ $meshdomain != *[.]*[.]* ]]; do
echo -ne "${YELLOW}Enter the subdomain for meshcentral (e.g. mesh.example.com)${NC}: "
read meshdomain
done
echo -ne "${YELLOW}Enter the root domain (e.g. example.com or example.co.uk)${NC}: "
2020-08-13 02:35:14 +00:00
read rootdomain
2023-03-21 05:57:24 +00:00
while [[ $letsemail != *[@]*[.]* ]]; do
echo -ne "${YELLOW}Enter a valid email address for django and meshcentral${NC}: "
read letsemail
done
2023-08-11 05:14:43 +00:00
if grep -q manage_etc_hosts /etc/hosts; then
2023-08-11 22:07:59 +00:00
sudo sed -i '/manage_etc_hosts: true/d' /etc/cloud/cloud.cfg >/dev/null
echo -e "\nmanage_etc_hosts: false" | sudo tee --append /etc/cloud/cloud.cfg >/dev/null
2023-08-11 05:14:43 +00:00
sudo systemctl restart cloud-init >/dev/null
fi
2020-08-30 02:41:44 +00:00
CHECK_HOSTS=$(grep 127.0.1.1 /etc/hosts | grep "$rmmdomain" | grep "$meshdomain" | grep "$frontenddomain")
HAS_11=$(grep 127.0.1.1 /etc/hosts)
2020-08-30 02:41:44 +00:00
if ! [[ $CHECK_HOSTS ]]; then
2021-04-04 01:13:27 +00:00
print_green 'Adding subdomains to hosts file'
if [[ $HAS_11 ]]; then
sudo sed -i "/127.0.1.1/s/$/ ${rmmdomain} ${frontenddomain} ${meshdomain}/" /etc/hosts
else
2023-03-21 05:57:24 +00:00
echo "127.0.1.1 ${rmmdomain} ${frontenddomain} ${meshdomain}" | sudo tee --append /etc/hosts >/dev/null
2021-04-04 01:13:27 +00:00
fi
fi
2020-08-30 02:41:44 +00:00
BEHIND_NAT=false
IPV4=$(ip -4 addr | sed -ne 's|^.* inet \([^/]*\)/.* scope global.*$|\1|p' | head -1)
if echo "$IPV4" | grep -qE '^(10\.|172\.1[6789]\.|172\.2[0-9]\.|172\.3[01]\.|192\.168)'; then
2023-03-21 05:57:24 +00:00
BEHIND_NAT=true
2020-08-30 02:41:44 +00:00
fi
2023-08-24 21:40:51 +00:00
insecure=false
if [[ $* == *--insecure* ]]; then
insecure=true
fi
sudo apt install -y software-properties-common
sudo apt update
2023-08-24 21:40:51 +00:00
sudo apt install -y openssl
if [[ "$insecure" = true ]]; then
print_green 'Generating self-signed cert'
certdir='/etc/ssl/tactical'
sudo mkdir -p $certdir
sudo chown ${USER}:${USER} $certdir
sudo chmod 770 $certdir
2023-08-29 23:53:19 +00:00
CERT_PRIV_KEY=${certdir}/key.pem
CERT_PUB_KEY=${certdir}/cert.pem
2023-08-24 21:40:51 +00:00
openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 \
-nodes -keyout ${CERT_PRIV_KEY} -out ${CERT_PUB_KEY} -subj "/CN=${rootdomain}" \
-addext "subjectAltName=DNS:${rootdomain},DNS:*.${rootdomain}"
2023-08-24 21:40:51 +00:00
else
sudo apt install -y certbot
print_green 'Getting wildcard cert'
2020-10-17 23:48:58 +00:00
2023-03-21 05:57:24 +00:00
sudo certbot certonly --manual -d *.${rootdomain} --agree-tos --no-bootstrap --preferred-challenges dns -m ${letsemail} --no-eff-email
2023-08-24 21:40:51 +00:00
while [[ $? -ne 0 ]]; do
sudo certbot certonly --manual -d *.${rootdomain} --agree-tos --no-bootstrap --preferred-challenges dns -m ${letsemail} --no-eff-email
done
CERT_PRIV_KEY=/etc/letsencrypt/live/${rootdomain}/privkey.pem
CERT_PUB_KEY=/etc/letsencrypt/live/${rootdomain}/fullchain.pem
fi
2020-10-17 23:48:58 +00:00
2020-11-26 03:42:27 +00:00
sudo chown ${USER}:${USER} -R /etc/letsencrypt
2020-10-17 23:48:58 +00:00
2019-10-22 22:22:36 +00:00
print_green 'Installing Nginx'
2023-10-01 15:59:14 +00:00
sudo mkdir -p /etc/apt/keyrings
wget -qO - https://nginx.org/packages/keys/nginx_signing.key | sudo gpg --dearmor -o /etc/apt/keyrings/nginx-archive-keyring.gpg
2023-03-21 05:57:24 +00:00
nginxrepo="$(
cat <<EOF
2023-10-01 15:59:14 +00:00
deb [signed-by=/etc/apt/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/$osname $codename nginx
EOF
)"
2023-03-21 05:57:24 +00:00
echo "${nginxrepo}" | sudo tee /etc/apt/sources.list.d/nginx.list >/dev/null
sudo apt update
2019-10-22 22:22:36 +00:00
sudo apt install -y nginx
2020-06-23 01:34:48 +00:00
sudo systemctl stop nginx
2022-07-09 08:09:24 +00:00
nginxdefaultconf='/etc/nginx/nginx.conf'
2023-03-21 05:57:24 +00:00
nginxconf="$(
cat <<EOF
worker_rlimit_nofile 1000000;
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 4096;
}
http {
sendfile on;
tcp_nopush on;
types_hash_max_size 2048;
server_names_hash_bucket_size 64;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
EOF
)"
2023-03-21 05:57:24 +00:00
echo "${nginxconf}" | sudo tee $nginxdefaultconf >/dev/null
2023-03-21 05:57:24 +00:00
for i in sites-available sites-enabled; do
sudo mkdir -p /etc/nginx/$i
done
2019-10-22 22:22:36 +00:00
print_green 'Installing NodeJS'
curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | sudo gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg
NODE_MAJOR=18
echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_$NODE_MAJOR.x nodistro main" | sudo tee /etc/apt/sources.list.d/nodesource.list
2019-10-22 22:22:36 +00:00
sudo apt update
sudo apt install -y gcc g++ make
sudo apt install -y nodejs
sudo npm install -g npm
2019-10-22 22:22:36 +00:00
2022-05-24 22:03:24 +00:00
print_green "Installing Python ${PYTHON_VER}"
2020-12-02 10:40:20 +00:00
2021-02-21 07:37:19 +00:00
sudo apt install -y build-essential zlib1g-dev libncurses5-dev libgdbm-dev libnss3-dev libssl-dev libreadline-dev libffi-dev libsqlite3-dev libbz2-dev
numprocs=$(nproc)
cd ~
2022-03-10 00:57:55 +00:00
wget https://www.python.org/ftp/python/${PYTHON_VER}/Python-${PYTHON_VER}.tgz
tar -xf Python-${PYTHON_VER}.tgz
cd Python-${PYTHON_VER}
2021-02-21 07:37:19 +00:00
./configure --enable-optimizations
make -j $numprocs
sudo make altinstall
cd ~
2022-03-10 00:57:55 +00:00
sudo rm -rf Python-${PYTHON_VER} Python-${PYTHON_VER}.tgz
2020-12-02 10:40:20 +00:00
2021-02-21 07:37:19 +00:00
print_green 'Installing redis and git'
sudo apt install -y redis git
2020-12-02 10:40:20 +00:00
print_green 'Installing postgresql'
echo "$postgresql_repo" | sudo tee /etc/apt/sources.list.d/pgdg.list
2023-10-01 15:59:14 +00:00
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo gpg --dearmor -o /etc/apt/keyrings/postgresql-archive-keyring.gpg
2020-12-02 10:40:20 +00:00
sudo apt update
sudo apt install -y postgresql-15
sleep 2
2022-09-11 20:23:18 +00:00
sudo systemctl enable --now postgresql
2023-03-21 05:57:24 +00:00
until pg_isready >/dev/null; do
2022-09-11 20:23:18 +00:00
echo -ne "${GREEN}Waiting for PostgreSQL to be ready${NC}\n"
sleep 3
2023-03-21 05:57:24 +00:00
done
2020-12-02 10:40:20 +00:00
print_green 'Creating database for trmm'
2020-12-02 10:40:20 +00:00
sudo -u postgres psql -c "CREATE DATABASE tacticalrmm"
sudo -u postgres psql -c "CREATE USER ${pgusername} WITH PASSWORD '${pgpw}'"
sudo -u postgres psql -c "ALTER ROLE ${pgusername} SET client_encoding TO 'utf8'"
sudo -u postgres psql -c "ALTER ROLE ${pgusername} SET default_transaction_isolation TO 'read committed'"
sudo -u postgres psql -c "ALTER ROLE ${pgusername} SET timezone TO 'UTC'"
sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE tacticalrmm TO ${pgusername}"
sudo -u postgres psql -c "ALTER DATABASE tacticalrmm OWNER TO ${pgusername}"
sudo -u postgres psql -c "GRANT USAGE, CREATE ON SCHEMA PUBLIC TO ${pgusername}"
print_green 'Creating database for meshcentral'
sudo -u postgres psql -c "CREATE DATABASE meshcentral"
sudo -u postgres psql -c "CREATE USER ${MESHPGUSER} WITH PASSWORD '${MESHPGPWD}'"
sudo -u postgres psql -c "ALTER ROLE ${MESHPGUSER} SET client_encoding TO 'utf8'"
sudo -u postgres psql -c "ALTER ROLE ${MESHPGUSER} SET default_transaction_isolation TO 'read committed'"
sudo -u postgres psql -c "ALTER ROLE ${MESHPGUSER} SET timezone TO 'UTC'"
sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE meshcentral TO ${MESHPGUSER}"
sudo -u postgres psql -c "ALTER DATABASE meshcentral OWNER TO ${MESHPGUSER}"
sudo -u postgres psql -c "GRANT USAGE, CREATE ON SCHEMA PUBLIC TO ${MESHPGUSER}"
2020-12-02 10:40:20 +00:00
2022-05-24 22:03:24 +00:00
print_green 'Cloning repos'
2020-12-02 10:40:20 +00:00
sudo mkdir /rmm
sudo chown ${USER}:${USER} /rmm
sudo mkdir -p /var/log/celery
sudo chown ${USER}:${USER} /var/log/celery
2022-03-18 18:09:58 +00:00
git clone https://github.com/amidaware/tacticalrmm.git /rmm/
2020-12-02 10:40:20 +00:00
cd /rmm
git config user.email "admin@example.com"
git config user.name "Bob"
git checkout master
2022-01-24 05:07:08 +00:00
sudo mkdir -p ${SCRIPTS_DIR}
sudo chown ${USER}:${USER} ${SCRIPTS_DIR}
git clone https://github.com/amidaware/community-scripts.git ${SCRIPTS_DIR}/
cd ${SCRIPTS_DIR}
2022-01-21 23:11:27 +00:00
git config user.email "admin@example.com"
git config user.name "Bob"
2022-01-22 04:27:14 +00:00
git checkout main
2022-01-21 23:11:27 +00:00
2021-08-29 08:13:04 +00:00
print_green 'Downloading NATS'
if [ "$arch" = "x86_64" ]; then
natsarch='amd64'
else
natsarch='arm64'
fi
2022-05-24 22:03:24 +00:00
NATS_SERVER_VER=$(grep "^NATS_SERVER_VER" "$SETTINGS_FILE" | awk -F'[= "]' '{print $5}')
2021-08-29 08:13:04 +00:00
nats_tmp=$(mktemp -d -t nats-XXXXXXXXXX)
wget https://github.com/nats-io/nats-server/releases/download/v${NATS_SERVER_VER}/nats-server-v${NATS_SERVER_VER}-linux-${natsarch}.tar.gz -P ${nats_tmp}
tar -xzf ${nats_tmp}/nats-server-v${NATS_SERVER_VER}-linux-${natsarch}.tar.gz -C ${nats_tmp}
sudo mv ${nats_tmp}/nats-server-v${NATS_SERVER_VER}-linux-${natsarch}/nats-server /usr/local/bin/
2021-08-29 08:13:04 +00:00
sudo chmod +x /usr/local/bin/nats-server
sudo chown ${USER}:${USER} /usr/local/bin/nats-server
rm -rf ${nats_tmp}
2019-10-22 22:22:36 +00:00
print_green 'Installing MeshCentral'
2022-05-24 22:03:24 +00:00
MESH_VER=$(grep "^MESH_VER" "$SETTINGS_FILE" | awk -F'[= "]' '{print $5}')
2020-12-02 10:40:20 +00:00
2019-10-22 22:22:36 +00:00
sudo mkdir -p /meshcentral/meshcentral-data
2020-02-01 21:58:23 +00:00
sudo chown ${USER}:${USER} -R /meshcentral
2019-10-22 22:22:36 +00:00
cd /meshcentral
sudo chown ${USER}:${USER} -R /meshcentral
2023-08-18 04:28:58 +00:00
mesh_pkg="$(
cat <<EOF
{
"dependencies": {
"archiver": "5.3.1",
"meshcentral": "${MESH_VER}",
"otplib": "10.2.3",
"pg": "8.7.1",
"pgtools": "0.3.2"
}
}
EOF
)"
echo "${mesh_pkg}" >/meshcentral/package.json
2023-03-21 05:57:24 +00:00
meshcfg="$(
cat <<EOF
2019-10-22 22:22:36 +00:00
{
"settings": {
"cert": "${meshdomain}",
2019-10-22 22:22:36 +00:00
"WANonly": true,
"minify": 1,
"port": 4430,
"aliasPort": 443,
"redirPort": 800,
"allowLoginToken": true,
"allowFraming": true,
"agentPing": 35,
"allowHighQualityDesktop": true,
"tlsOffload": "127.0.0.1",
"agentCoreDump": false,
"compression": true,
"wsCompression": true,
"agentWsCompression": true,
"maxInvalidLogin": { "time": 5, "count": 5, "coolofftime": 30 },
"postgres": {
"user": "${MESHPGUSER}",
"password": "${MESHPGPWD}",
"port": "5432",
"host": "localhost"
}
2019-10-22 22:22:36 +00:00
},
"domains": {
"": {
"title": "Tactical RMM",
"title2": "Tactical RMM",
"newAccounts": false,
"certUrl": "https://${meshdomain}:443/",
"geoLocation": true,
"cookieIpCheck": false,
2021-01-10 00:15:11 +00:00
"mstsc": true
2019-10-22 22:22:36 +00:00
}
}
}
EOF
)"
2023-03-21 05:57:24 +00:00
echo "${meshcfg}" >/meshcentral/meshcentral-data/config.json
2019-10-22 22:22:36 +00:00
2023-08-18 04:28:58 +00:00
npm install
2023-03-21 05:57:24 +00:00
localvars="$(
cat <<EOF
2019-10-22 22:22:36 +00:00
SECRET_KEY = "${DJANGO_SEKRET}"
DEBUG = False
ALLOWED_HOSTS = ['${rmmdomain}']
ADMIN_URL = "${ADMINURL}/"
2019-10-22 22:22:36 +00:00
CORS_ORIGIN_WHITELIST = [
"https://${frontenddomain}"
]
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.postgresql',
2019-12-14 10:17:16 +00:00
'NAME': 'tacticalrmm',
2019-10-22 22:22:36 +00:00
'USER': '${pgusername}',
'PASSWORD': '${pgpw}',
'HOST': 'localhost',
'PORT': '5432',
}
}
MESH_USERNAME = "${meshusername}"
MESH_SITE = "https://${meshdomain}"
REDIS_HOST = "localhost"
ADMIN_ENABLED = True
2019-10-22 22:22:36 +00:00
EOF
)"
2023-08-24 21:40:51 +00:00
echo "${localvars}" >$local_settings
if [[ "$insecure" = true ]]; then
echo "TRMM_INSECURE = True" | tee --append $local_settings >/dev/null
fi
2019-10-22 22:22:36 +00:00
if [ "$arch" = "x86_64" ]; then
natsapi='nats-api'
else
natsapi='nats-api-arm64'
fi
sudo cp /rmm/natsapi/bin/${natsapi} /usr/local/bin/nats-api
sudo chown ${USER}:${USER} /usr/local/bin/nats-api
sudo chmod +x /usr/local/bin/nats-api
2020-01-19 23:50:31 +00:00
print_green 'Installing the backend'
2022-05-24 22:03:24 +00:00
SETUPTOOLS_VER=$(grep "^SETUPTOOLS_VER" "$SETTINGS_FILE" | awk -F'[= "]' '{print $5}')
WHEEL_VER=$(grep "^WHEEL_VER" "$SETTINGS_FILE" | awk -F'[= "]' '{print $5}')
2021-05-05 01:41:39 +00:00
cd /rmm/api
2023-03-20 01:58:54 +00:00
python3.11 -m venv env
source /rmm/api/env/bin/activate
cd /rmm/api/tacticalrmm
2020-05-11 20:32:37 +00:00
pip install --no-cache-dir --upgrade pip
2021-05-05 01:41:39 +00:00
pip install --no-cache-dir setuptools==${SETUPTOOLS_VER} wheel==${WHEEL_VER}
pip install --no-cache-dir -r /rmm/api/tacticalrmm/requirements.txt
2020-01-19 23:50:31 +00:00
python manage.py migrate
2020-08-10 20:29:42 +00:00
python manage.py collectstatic --no-input
2021-11-13 21:30:01 +00:00
python manage.py create_natsapi_conf
2022-10-18 00:23:10 +00:00
python manage.py create_uwsgi_conf
python manage.py load_chocos
python manage.py load_community_scripts
2022-05-24 22:03:24 +00:00
WEB_VERSION=$(python manage.py get_config webversion)
2020-01-19 23:50:31 +00:00
printf >&2 "${YELLOW}%0.s*${NC}" {1..80}
printf >&2 "\n"
2023-09-01 22:03:51 +00:00
printf >&2 "${YELLOW}Please create your login for the RMM website${NC}\n"
2020-01-19 23:50:31 +00:00
printf >&2 "${YELLOW}%0.s*${NC}" {1..80}
printf >&2 "\n"
echo -ne "Username: "
read djangousername
python manage.py createsuperuser --username ${djangousername} --email ${letsemail}
python manage.py create_installer_user
2020-01-19 23:50:31 +00:00
RANDBASE=$(python manage.py generate_totp)
cls
2020-05-02 23:27:24 +00:00
python manage.py generate_barcode ${RANDBASE} ${djangousername} ${frontenddomain}
2020-01-19 23:50:31 +00:00
deactivate
read -n 1 -s -r -p "Press any key to continue..."
2023-03-21 05:57:24 +00:00
rmmservice="$(
cat <<EOF
2019-10-22 22:22:36 +00:00
[Unit]
2019-12-14 10:17:16 +00:00
Description=tacticalrmm uwsgi daemon
2020-11-19 07:18:48 +00:00
After=network.target postgresql.service
2019-10-22 22:22:36 +00:00
[Service]
User=${USER}
Group=www-data
WorkingDirectory=/rmm/api/tacticalrmm
Environment="PATH=/rmm/api/env/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
ExecStart=/rmm/api/env/bin/uwsgi --ini app.ini
2020-03-28 05:17:01 +00:00
Restart=always
RestartSec=10s
2019-10-22 22:22:36 +00:00
[Install]
WantedBy=multi-user.target
EOF
)"
2023-03-21 05:57:24 +00:00
echo "${rmmservice}" | sudo tee /etc/systemd/system/rmm.service >/dev/null
2019-10-22 22:22:36 +00:00
2023-03-21 05:57:24 +00:00
daphneservice="$(
cat <<EOF
2021-04-03 00:24:31 +00:00
[Unit]
2022-10-07 17:15:37 +00:00
Description=django channels daemon v2
2021-04-03 00:24:31 +00:00
After=network.target
[Service]
User=${USER}
Group=www-data
WorkingDirectory=/rmm/api/tacticalrmm
Environment="PATH=/rmm/api/env/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
ExecStart=/rmm/api/env/bin/daphne -u /rmm/daphne.sock tacticalrmm.asgi:application
2022-10-07 17:15:37 +00:00
ExecStartPre=rm -f /rmm/daphne.sock
ExecStartPre=rm -f /rmm/daphne.sock.lock
2021-04-03 00:24:31 +00:00
Restart=always
RestartSec=3s
[Install]
WantedBy=multi-user.target
EOF
)"
2023-03-21 05:57:24 +00:00
echo "${daphneservice}" | sudo tee /etc/systemd/system/daphne.service >/dev/null
2021-04-03 00:24:31 +00:00
2023-03-21 05:57:24 +00:00
natsservice="$(
cat <<EOF
2020-11-26 03:42:27 +00:00
[Unit]
Description=NATS Server
2021-11-13 21:30:01 +00:00
After=network.target
2020-11-26 03:42:27 +00:00
[Service]
PrivateTmp=true
Type=simple
ExecStart=/usr/local/bin/nats-server -c /rmm/api/tacticalrmm/nats-rmm.conf
ExecReload=/usr/bin/kill -s HUP \$MAINPID
ExecStop=/usr/bin/kill -s SIGINT \$MAINPID
User=${USER}
Group=${USER}
2020-11-26 03:42:27 +00:00
Restart=always
RestartSec=5s
2021-12-09 00:06:33 +00:00
LimitNOFILE=1000000
2020-11-26 03:42:27 +00:00
[Install]
WantedBy=multi-user.target
EOF
)"
2023-03-21 05:57:24 +00:00
echo "${natsservice}" | sudo tee /etc/systemd/system/nats.service >/dev/null
2020-11-26 03:42:27 +00:00
2023-03-21 05:57:24 +00:00
natsapi="$(
cat <<EOF
2021-11-13 21:30:01 +00:00
[Unit]
Description=TacticalRMM Nats Api v1
After=nats.service
[Service]
Type=simple
ExecStart=/usr/local/bin/nats-api
User=${USER}
Group=${USER}
Restart=always
RestartSec=5s
[Install]
WantedBy=multi-user.target
EOF
)"
2023-03-21 05:57:24 +00:00
echo "${natsapi}" | sudo tee /etc/systemd/system/nats-api.service >/dev/null
2021-11-13 21:30:01 +00:00
2023-03-21 05:57:24 +00:00
nginxrmm="$(
cat <<EOF
2019-10-22 22:22:36 +00:00
server_tokens off;
2019-12-14 10:17:16 +00:00
upstream tacticalrmm {
server unix:////rmm/api/tacticalrmm/tacticalrmm.sock;
2019-10-22 22:22:36 +00:00
}
2020-11-21 03:07:59 +00:00
map \$http_user_agent \$ignore_ua {
2020-11-21 02:47:23 +00:00
"~python-requests.*" 0;
"~go-resty.*" 0;
default 1;
}
2019-10-22 22:22:36 +00:00
server {
listen 80;
listen [::]:80;
2019-10-22 22:22:36 +00:00
server_name ${rmmdomain};
return 301 https://\$server_name\$request_uri;
}
server {
listen 443 ssl reuseport;
listen [::]:443 ssl;
2019-10-22 22:22:36 +00:00
server_name ${rmmdomain};
2019-10-23 00:56:07 +00:00
client_max_body_size 300M;
2020-12-22 05:14:44 +00:00
access_log /rmm/api/tacticalrmm/tacticalrmm/private/log/access.log combined if=\$ignore_ua;
error_log /rmm/api/tacticalrmm/tacticalrmm/private/log/error.log;
2020-10-17 23:48:58 +00:00
ssl_certificate ${CERT_PUB_KEY};
ssl_certificate_key ${CERT_PRIV_KEY};
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers EECDH+AESGCM:EDH+AESGCM;
ssl_ecdh_curve secp384r1;
ssl_stapling on;
ssl_stapling_verify on;
add_header X-Content-Type-Options nosniff;
2019-10-22 22:22:36 +00:00
location /static/ {
root /rmm/api/tacticalrmm;
add_header "Access-Control-Allow-Origin" "https://${frontenddomain}";
2019-10-22 22:22:36 +00:00
}
location /private/ {
2019-10-22 22:22:36 +00:00
internal;
add_header "Access-Control-Allow-Origin" "https://${frontenddomain}";
alias /rmm/api/tacticalrmm/tacticalrmm/private/;
2019-10-22 22:22:36 +00:00
}
location /assets/ {
internal;
add_header "Access-Control-Allow-Origin" "https://${frontenddomain}";
alias /opt/tactical/reporting/assets/;
}
2021-04-03 00:24:31 +00:00
location ~ ^/ws/ {
proxy_pass http://unix:/rmm/daphne.sock;
proxy_http_version 1.1;
proxy_set_header Upgrade \$http_upgrade;
2021-04-03 00:50:28 +00:00
proxy_set_header Connection "upgrade";
2021-04-03 00:24:31 +00:00
proxy_redirect off;
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host \$server_name;
}
2022-06-26 21:41:06 +00:00
location ~ ^/natsws {
proxy_pass http://127.0.0.1:9235;
proxy_http_version 1.1;
proxy_set_header Host \$host;
proxy_set_header Upgrade \$http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-Host \$host:\$server_port;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
}
2019-10-22 22:22:36 +00:00
location / {
2019-12-14 10:17:16 +00:00
uwsgi_pass tacticalrmm;
2019-10-22 22:22:36 +00:00
include /etc/nginx/uwsgi_params;
2022-05-24 22:03:24 +00:00
uwsgi_read_timeout 300s;
2019-10-22 22:22:36 +00:00
uwsgi_ignore_client_abort on;
}
}
EOF
)"
2023-03-21 05:57:24 +00:00
echo "${nginxrmm}" | sudo tee /etc/nginx/sites-available/rmm.conf >/dev/null
2019-10-22 22:22:36 +00:00
2023-03-21 05:57:24 +00:00
nginxmesh="$(
cat <<EOF
2019-10-22 22:22:36 +00:00
server {
listen 80;
listen [::]:80;
2019-10-22 22:22:36 +00:00
server_name ${meshdomain};
2020-12-02 10:40:20 +00:00
return 301 https://\$server_name\$request_uri;
2019-10-22 22:22:36 +00:00
}
server {
listen 443 ssl;
listen [::]:443 ssl;
2019-10-22 22:22:36 +00:00
proxy_send_timeout 330s;
proxy_read_timeout 330s;
server_name ${meshdomain};
2020-10-17 23:48:58 +00:00
ssl_certificate ${CERT_PUB_KEY};
ssl_certificate_key ${CERT_PRIV_KEY};
2019-10-22 22:22:36 +00:00
ssl_session_cache shared:WEBSSL:10m;
ssl_protocols TLSv1.2 TLSv1.3;
2019-10-22 22:22:36 +00:00
ssl_prefer_server_ciphers on;
ssl_ciphers EECDH+AESGCM:EDH+AESGCM;
ssl_ecdh_curve secp384r1;
ssl_stapling on;
ssl_stapling_verify on;
add_header X-Content-Type-Options nosniff;
2019-10-22 22:22:36 +00:00
location / {
proxy_pass http://127.0.0.1:4430/;
proxy_http_version 1.1;
2020-12-02 10:40:20 +00:00
proxy_set_header Host \$host;
2019-10-22 22:22:36 +00:00
proxy_set_header Upgrade \$http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-Host \$host:\$server_port;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
}
}
EOF
)"
2023-03-21 05:57:24 +00:00
echo "${nginxmesh}" | sudo tee /etc/nginx/sites-available/meshcentral.conf >/dev/null
2019-10-22 22:22:36 +00:00
sudo ln -s /etc/nginx/sites-available/rmm.conf /etc/nginx/sites-enabled/rmm.conf
sudo ln -s /etc/nginx/sites-available/meshcentral.conf /etc/nginx/sites-enabled/meshcentral.conf
sudo mkdir /etc/conf.d
2023-03-21 05:57:24 +00:00
celeryservice="$(
cat <<EOF
2019-10-22 22:22:36 +00:00
[Unit]
Description=Celery Service V2
2020-11-19 07:18:48 +00:00
After=network.target redis-server.service postgresql.service
2019-10-22 22:22:36 +00:00
[Service]
Type=forking
User=${USER}
Group=${USER}
EnvironmentFile=/etc/conf.d/celery.conf
WorkingDirectory=/rmm/api/tacticalrmm
ExecStart=/bin/sh -c '\${CELERY_BIN} -A \$CELERY_APP multi start \$CELERYD_NODES --pidfile=\${CELERYD_PID_FILE} --logfile=\${CELERYD_LOG_FILE} --loglevel="\${CELERYD_LOG_LEVEL}" \$CELERYD_OPTS'
ExecStop=/bin/sh -c '\${CELERY_BIN} multi stopwait \$CELERYD_NODES --pidfile=\${CELERYD_PID_FILE} --loglevel="\${CELERYD_LOG_LEVEL}"'
ExecReload=/bin/sh -c '\${CELERY_BIN} -A \$CELERY_APP multi restart \$CELERYD_NODES --pidfile=\${CELERYD_PID_FILE} --logfile=\${CELERYD_LOG_FILE} --loglevel="\${CELERYD_LOG_LEVEL}" \$CELERYD_OPTS'
2020-03-28 05:17:01 +00:00
Restart=always
RestartSec=10s
2019-10-22 22:22:36 +00:00
[Install]
WantedBy=multi-user.target
EOF
)"
2023-03-21 05:57:24 +00:00
echo "${celeryservice}" | sudo tee /etc/systemd/system/celery.service >/dev/null
2019-10-22 22:22:36 +00:00
2023-03-21 05:57:24 +00:00
celeryconf="$(
cat <<EOF
2019-10-22 22:22:36 +00:00
CELERYD_NODES="w1"
CELERY_BIN="/rmm/api/env/bin/celery"
2019-10-22 22:22:36 +00:00
2019-12-14 10:17:16 +00:00
CELERY_APP="tacticalrmm"
2019-10-22 22:22:36 +00:00
CELERYD_MULTI="multi"
2022-04-09 17:09:54 +00:00
CELERYD_OPTS="--time-limit=86400 --autoscale=20,2"
2019-10-22 22:22:36 +00:00
CELERYD_PID_FILE="/rmm/api/tacticalrmm/%n.pid"
2019-10-22 22:22:36 +00:00
CELERYD_LOG_FILE="/var/log/celery/%n%I.log"
2020-12-22 05:14:44 +00:00
CELERYD_LOG_LEVEL="ERROR"
2019-10-22 22:22:36 +00:00
CELERYBEAT_PID_FILE="/rmm/api/tacticalrmm/beat.pid"
2019-10-22 22:22:36 +00:00
CELERYBEAT_LOG_FILE="/var/log/celery/beat.log"
EOF
)"
2023-03-21 05:57:24 +00:00
echo "${celeryconf}" | sudo tee /etc/conf.d/celery.conf >/dev/null
2019-10-22 22:22:36 +00:00
2023-03-21 05:57:24 +00:00
celerybeatservice="$(
cat <<EOF
2019-10-22 22:22:36 +00:00
[Unit]
Description=Celery Beat Service V2
2020-11-19 07:18:48 +00:00
After=network.target redis-server.service postgresql.service
2019-10-22 22:22:36 +00:00
[Service]
Type=simple
User=${USER}
Group=${USER}
EnvironmentFile=/etc/conf.d/celery.conf
WorkingDirectory=/rmm/api/tacticalrmm
ExecStart=/bin/sh -c '\${CELERY_BIN} -A \${CELERY_APP} beat --pidfile=\${CELERYBEAT_PID_FILE} --logfile=\${CELERYBEAT_LOG_FILE} --loglevel=\${CELERYD_LOG_LEVEL}'
2020-03-28 05:17:01 +00:00
Restart=always
RestartSec=10s
2019-10-22 22:22:36 +00:00
[Install]
WantedBy=multi-user.target
EOF
)"
2023-03-21 05:57:24 +00:00
echo "${celerybeatservice}" | sudo tee /etc/systemd/system/celerybeat.service >/dev/null
2019-10-22 22:22:36 +00:00
2020-09-08 02:57:05 +00:00
sudo chown ${USER}:${USER} -R /etc/conf.d/
2019-10-22 22:22:36 +00:00
2023-03-21 05:57:24 +00:00
meshservice="$(
cat <<EOF
2019-10-22 22:22:36 +00:00
[Unit]
Description=MeshCentral Server
After=network.target postgresql.service nginx.service
2019-10-22 22:22:36 +00:00
[Service]
Type=simple
LimitNOFILE=1000000
2020-02-01 21:58:23 +00:00
ExecStart=/usr/bin/node node_modules/meshcentral
2019-10-22 22:22:36 +00:00
Environment=NODE_ENV=production
WorkingDirectory=/meshcentral
2020-02-01 21:58:23 +00:00
User=${USER}
Group=${USER}
2019-10-22 22:22:36 +00:00
Restart=always
2020-03-28 05:17:01 +00:00
RestartSec=10s
2019-10-22 22:22:36 +00:00
[Install]
WantedBy=multi-user.target
EOF
)"
2023-03-21 05:57:24 +00:00
echo "${meshservice}" | sudo tee /etc/systemd/system/meshcentral.service >/dev/null
2019-10-22 22:22:36 +00:00
sudo systemctl daemon-reload
2022-05-15 06:59:00 +00:00
if [ -d ~/.npm ]; then
sudo chown -R $USER:$GROUP ~/.npm
fi
if [ -d ~/.config ]; then
sudo chown -R $USER:$GROUP ~/.config
fi
2019-10-22 22:22:36 +00:00
print_green 'Installing the frontend'
2022-05-24 22:03:24 +00:00
webtar="trmm-web-v${WEB_VERSION}.tar.gz"
wget -q https://github.com/amidaware/tacticalrmm-web/releases/download/v${WEB_VERSION}/${webtar} -O /tmp/${webtar}
2019-10-22 22:22:36 +00:00
sudo mkdir -p /var/www/rmm
2022-05-24 22:03:24 +00:00
sudo tar -xzf /tmp/${webtar} -C /var/www/rmm
2023-03-21 05:57:24 +00:00
echo "window._env_ = {PROD_URL: \"https://${rmmdomain}\"}" | sudo tee /var/www/rmm/dist/env-config.js >/dev/null
2019-10-22 22:22:36 +00:00
sudo chown www-data:www-data -R /var/www/rmm/dist
2022-05-24 22:03:24 +00:00
rm -f /tmp/${webtar}
2019-10-22 22:22:36 +00:00
2023-03-21 05:57:24 +00:00
nginxfrontend="$(
cat <<EOF
2019-10-22 22:22:36 +00:00
server {
server_name ${frontenddomain};
charset utf-8;
location / {
root /var/www/rmm/dist;
try_files \$uri \$uri/ /index.html;
add_header Cache-Control "no-store, no-cache, must-revalidate";
2019-11-17 10:12:40 +00:00
add_header Pragma "no-cache";
2019-10-22 22:22:36 +00:00
}
error_log /var/log/nginx/frontend-error.log;
access_log /var/log/nginx/frontend-access.log;
listen 443 ssl;
listen [::]:443 ssl;
2020-10-17 23:48:58 +00:00
ssl_certificate ${CERT_PUB_KEY};
ssl_certificate_key ${CERT_PRIV_KEY};
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers EECDH+AESGCM:EDH+AESGCM;
ssl_ecdh_curve secp384r1;
ssl_stapling on;
ssl_stapling_verify on;
add_header X-Content-Type-Options nosniff;
2019-10-22 22:22:36 +00:00
}
server {
if (\$host = ${frontenddomain}) {
return 301 https://\$host\$request_uri;
}
listen 80;
listen [::]:80;
2019-10-22 22:22:36 +00:00
server_name ${frontenddomain};
return 404;
}
EOF
)"
2023-03-21 05:57:24 +00:00
echo "${nginxfrontend}" | sudo tee /etc/nginx/sites-available/frontend.conf >/dev/null
2019-10-22 22:22:36 +00:00
sudo ln -s /etc/nginx/sites-available/frontend.conf /etc/nginx/sites-enabled/frontend.conf
print_green 'Enabling Services'
2019-10-22 22:22:36 +00:00
2023-03-21 05:57:24 +00:00
for i in rmm.service daphne.service celery.service celerybeat.service nginx; do
2019-10-22 22:22:36 +00:00
sudo systemctl enable ${i}
sudo systemctl stop ${i}
sudo systemctl start ${i}
2019-10-22 22:22:36 +00:00
done
sleep 5
sudo systemctl enable meshcentral
2023-09-01 22:03:51 +00:00
print_green 'Starting meshcentral and waiting for it to be ready'
2019-10-22 22:22:36 +00:00
sudo systemctl restart meshcentral
sleep 3
# The first time we start meshcentral, it will need some time to generate certs and install plugins.
# This will take anywhere from a few seconds to a few minutes depending on the server's hardware
# We will know it's ready once the last line of the systemd service stdout is 'MeshCentral HTTP server running on port.....'
while ! [[ $CHECK_MESH_READY ]]; do
CHECK_MESH_READY=$(sudo journalctl -u meshcentral.service -b --no-pager | grep "MeshCentral HTTP server running on port")
echo -ne "${GREEN}Mesh Central not ready yet...${NC}\n"
sleep 5
done
2019-10-22 22:22:36 +00:00
print_green 'Generating meshcentral login token key'
MESHTOKENKEY=$(node /meshcentral/node_modules/meshcentral --logintokenkey)
2023-03-21 05:57:24 +00:00
meshtoken="$(
cat <<EOF
MESH_TOKEN_KEY = "${MESHTOKENKEY}"
EOF
)"
2023-08-24 21:40:51 +00:00
echo "${meshtoken}" | tee --append $local_settings >/dev/null
print_green 'Creating meshcentral account and group'
sudo systemctl stop meshcentral
2022-03-10 00:57:55 +00:00
sleep 1
cd /meshcentral
node node_modules/meshcentral --createaccount ${meshusername} --pass ${MESHPASSWD} --email ${letsemail}
2022-03-10 00:57:55 +00:00
sleep 1
node node_modules/meshcentral --adminaccount ${meshusername}
sudo systemctl start meshcentral
sleep 5
while ! [[ $CHECK_MESH_READY2 ]]; do
CHECK_MESH_READY2=$(sudo journalctl -u meshcentral.service -b --no-pager | grep "MeshCentral HTTP server running on port")
echo -ne "${GREEN}Mesh Central not ready yet...${NC}\n"
sleep 5
done
node node_modules/meshcentral/meshctrl.js --url wss://${meshdomain}:443 --loginuser ${meshusername} --loginpass ${MESHPASSWD} AddDeviceGroup --name TacticalRMM
2022-03-10 00:57:55 +00:00
sleep 1
2020-11-26 03:42:27 +00:00
sudo systemctl enable nats.service
2020-07-02 08:02:56 +00:00
cd /rmm/api/tacticalrmm
source /rmm/api/env/bin/activate
python manage.py initial_db_setup
2020-11-26 03:42:27 +00:00
python manage.py reload_nats
2020-07-02 08:02:56 +00:00
deactivate
2020-11-26 03:42:27 +00:00
sudo systemctl start nats.service
2020-07-02 08:02:56 +00:00
2021-11-13 21:30:01 +00:00
sleep 1
sudo systemctl enable nats-api.service
sudo systemctl start nats-api.service
## disable django admin
2023-08-24 21:40:51 +00:00
sed -i 's/ADMIN_ENABLED = True/ADMIN_ENABLED = False/g' $local_settings
2020-07-02 08:02:56 +00:00
print_green 'Restarting services'
2023-03-21 05:57:24 +00:00
for i in rmm.service daphne.service celery.service celerybeat.service; do
sudo systemctl stop ${i}
sudo systemctl start ${i}
done
printf >&2 "${YELLOW}%0.s*${NC}" {1..80}
2019-10-22 22:22:36 +00:00
printf >&2 "\n\n"
printf >&2 "${YELLOW}Installation complete!${NC}\n\n"
printf >&2 "${YELLOW}Access your rmm at: ${GREEN}https://${frontenddomain}${NC}\n\n"
2021-01-22 00:40:09 +00:00
printf >&2 "${YELLOW}MeshCentral username: ${GREEN}${meshusername}${NC}\n"
printf >&2 "${YELLOW}MeshCentral password: ${GREEN}${MESHPASSWD}${NC}\n\n"
if [ "$BEHIND_NAT" = true ]; then
2023-03-21 05:57:24 +00:00
echo -ne "${YELLOW}Read below if your router does NOT support Hairpin NAT${NC}\n\n"
echo -ne "${GREEN}If you will be accessing the web interface of the RMM from the same LAN as this server,${NC}\n"
echo -ne "${GREEN}you'll need to make sure your 3 subdomains resolve to ${IPV4}${NC}\n"
echo -ne "${GREEN}This also applies to any agents that will be on the same local network as the rmm.${NC}\n"
echo -ne "${GREEN}You'll also need to setup port forwarding in your router on port 443${NC}\n\n"
fi
printf >&2 "${YELLOW}%0.s*${NC}" {1..80}
2019-11-17 10:12:40 +00:00
printf >&2 "\n"