2022-06-15 20:04:58 +00:00
#!/usr/bin/env bash
2020-10-17 04:41:47 +00:00
2024-04-25 22:03:22 +00:00
SCRIPT_VERSION = "58"
2022-03-18 18:09:58 +00:00
SCRIPT_URL = 'https://raw.githubusercontent.com/amidaware/tacticalrmm/master/restore.sh'
2020-10-17 04:41:47 +00:00
2021-02-24 20:39:02 +00:00
sudo apt update
2023-09-01 21:12:22 +00:00
sudo apt install -y curl wget dirmngr gnupg lsb-release ca-certificates
2020-12-30 19:04:14 +00:00
2020-10-17 04:41:47 +00:00
GREEN = '\033[0;32m'
YELLOW = '\033[1;33m'
BLUE = '\033[0;34m'
RED = '\033[0;31m'
NC = '\033[0m'
2022-05-24 22:03:24 +00:00
SCRIPTS_DIR = '/opt/trmm-community-scripts'
2024-02-29 02:09:33 +00:00
PYTHON_VER = '3.11.8'
2022-05-24 22:03:24 +00:00
SETTINGS_FILE = '/rmm/api/tacticalrmm/tacticalrmm/settings.py'
2022-01-24 05:07:08 +00:00
2020-10-17 04:41:47 +00:00
TMP_FILE = $( mktemp -p "" "rmmrestore_XXXXXXXXXX" )
2023-03-21 05:57:24 +00:00
curl -s -L " ${ SCRIPT_URL } " >${ TMP_FILE }
2020-10-17 04:41:47 +00:00
NEW_VER = $( grep "^SCRIPT_VERSION" " $TMP_FILE " | awk -F'[="]' '{print $3}' )
if [ " ${ SCRIPT_VERSION } " -ne " ${ NEW_VER } " ] ; then
2023-03-21 05:57:24 +00:00
printf >& 2 " ${ YELLOW } A newer version of this restore script is available. ${ NC } \n "
printf >& 2 " ${ YELLOW } Please download the latest version from ${ GREEN } ${ SCRIPT_URL } ${ YELLOW } and re-run. ${ NC } \n "
rm -f $TMP_FILE
exit 1
2020-10-17 04:41:47 +00:00
fi
rm -f $TMP_FILE
2024-04-25 22:03:22 +00:00
export DEBIAN_FRONTEND = noninteractive
2024-02-22 21:17:05 +00:00
if [ -d /rmm/api/tacticalrmm ] ; then
echo -ne " ${ RED } ERROR: Existing trmm installation found. The restore script must be run on a clean server, please re-read the docs. ${ NC } \n "
exit 1
fi
2022-11-12 20:58:29 +00:00
arch = $( uname -m)
2023-07-04 08:53:06 +00:00
if [ [ " $arch " != "x86_64" ] ] && [ [ " $arch " != "aarch64" ] ] ; then
echo -ne " ${ RED } ERROR: Only x86_64 and aarch64 is supported, not ${ arch } ${ NC } \n "
2022-11-12 20:58:29 +00:00
exit 1
fi
2022-12-03 08:14:53 +00:00
memTotal = $( grep -i memtotal /proc/meminfo | awk '{print $2}' )
if [ [ $memTotal -lt 3627528 ] ] ; then
2023-03-21 05:57:24 +00:00
echo -ne " ${ RED } ERROR: A minimum of 4GB of RAM is required. ${ NC } \n "
exit 1
2022-12-03 08:14:53 +00:00
fi
2023-03-21 05:57:24 +00:00
osname = $( lsb_release -si)
osname = ${ osname ^ }
osname = $( echo " $osname " | tr '[A-Z]' '[a-z]' )
2021-02-06 00:40:25 +00:00
fullrel = $( lsb_release -sd)
codename = $( lsb_release -sc)
relno = $( lsb_release -sr | cut -d. -f1)
fullrelno = $( lsb_release -sr)
2023-07-04 08:53:06 +00:00
not_supported( ) {
echo -ne " ${ RED } ERROR: Only Debian 11, Debian 12 and Ubuntu 22.04 are supported. ${ NC } \n "
}
2020-10-17 04:41:47 +00:00
2023-07-04 08:53:06 +00:00
if [ [ " $osname " = = "debian" ] ] ; then
if [ [ " $relno " -ne 11 && " $relno " -ne 12 ] ] ; then
not_supported
exit 1
fi
elif [ [ " $osname " = = "ubuntu" ] ] ; then
if [ [ " $fullrelno " != "22.04" ] ] ; then
not_supported
exit 1
fi
2021-02-06 00:40:25 +00:00
else
2023-07-04 08:53:06 +00:00
not_supported
2023-03-21 05:57:24 +00:00
exit 1
2021-02-06 00:40:25 +00:00
fi
2020-10-17 04:41:47 +00:00
if [ $EUID -eq 0 ] ; then
echo -ne "\033[0;31mDo NOT run this script as root. Exiting.\e[0m\n"
exit 1
fi
2020-10-20 01:01:45 +00:00
if [ [ " $LANG " != *".UTF-8" ] ] ; then
printf >& 2 " \n ${ RED } System locale must be ${ GREEN } <some language>.UTF-8 ${ RED } not ${ YELLOW } ${ LANG } ${ NC } \n "
printf >& 2 " ${ RED } Run the following command and change the default locale to your language of choice ${ NC } \n\n "
2020-10-17 04:41:47 +00:00
printf >& 2 " ${ GREEN } sudo dpkg-reconfigure locales ${ NC } \n\n "
printf >& 2 " ${ RED } You will need to log out and back in for changes to take effect, then re-run this script. ${ NC } \n\n "
exit 1
fi
2023-07-04 08:53:06 +00:00
if [ " $arch " = "x86_64" ] ; then
pgarch = 'amd64'
else
pgarch = 'arm64'
fi
2023-10-01 15:59:14 +00:00
postgresql_repo = " deb [arch= ${ pgarch } signed-by=/etc/apt/keyrings/postgresql-archive-keyring.gpg] https://apt.postgresql.org/pub/repos/apt/ $codename -pgdg main "
2023-07-04 08:53:06 +00:00
2020-10-17 04:41:47 +00:00
if [ ! -f " ${ 1 } " ] ; then
echo -ne " \n ${ RED } usage: ./restore.sh rmm-backup-xxxx.tar ${ NC } \n "
exit 1
fi
print_green( ) {
printf >& 2 " ${ GREEN } %0.s- ${ NC } " { 1..80}
printf >& 2 "\n"
printf >& 2 " ${ GREEN } ${ 1 } ${ NC } \n "
printf >& 2 " ${ GREEN } %0.s- ${ NC } " { 1..80}
printf >& 2 "\n"
}
print_green 'Unpacking backup'
tmp_dir = $( mktemp -d -t tacticalrmm-XXXXXXXXXXXXXXXXXXXXX)
tar -xf ${ 1 } -C $tmp_dir
strip = "User="
ORIGUSER = $( grep ${ strip } $tmp_dir /systemd/rmm.service | sed -e " s/^ ${ strip } // " )
if [ " $ORIGUSER " != " $USER " ] ; then
printf >& 2 " ${ RED } ERROR: You must run this restore script from the same user account used on your old server: ${ GREEN } ${ ORIGUSER } ${ NC } \n "
rm -rf $tmp_dir
exit 1
fi
# prevents logging issues with some VPS providers like Vultr if this is a freshly provisioned instance that hasn't been rebooted yet
sudo systemctl restart systemd-journald.service
sudo apt update
print_green 'Installing NodeJS'
2023-09-01 21:12:22 +00:00
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | sudo gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg
2023-12-29 05:24:43 +00:00
NODE_MAJOR = 20
2023-09-01 21:12:22 +00:00
echo " deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_ $NODE_MAJOR .x nodistro main " | sudo tee /etc/apt/sources.list.d/nodesource.list
2020-10-17 04:41:47 +00:00
sudo apt update
sudo apt install -y gcc g++ make
sudo apt install -y nodejs
2021-03-16 23:09:38 +00:00
sudo npm install -g npm
2020-10-17 04:41:47 +00:00
print_green 'Restoring Nginx'
2023-10-01 15:59:14 +00:00
wget -qO - https://nginx.org/packages/keys/nginx_signing.key | sudo gpg --dearmor -o /etc/apt/keyrings/nginx-archive-keyring.gpg
2022-07-26 08:09:49 +00:00
2023-03-21 05:57:24 +00:00
nginxrepo = " $(
cat <<EOF
2023-10-01 15:59:14 +00:00
deb [ signed-by= /etc/apt/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/$osname $codename nginx
2022-07-26 08:09:49 +00:00
EOF
) "
2023-03-21 05:57:24 +00:00
echo " ${ nginxrepo } " | sudo tee /etc/apt/sources.list.d/nginx.list >/dev/null
2022-07-26 08:09:49 +00:00
sudo apt update
2020-10-17 04:41:47 +00:00
sudo apt install -y nginx
sudo systemctl stop nginx
2022-07-26 08:09:49 +00:00
2022-12-01 06:33:27 +00:00
nginxdefaultconf = '/etc/nginx/nginx.conf'
2023-03-21 05:57:24 +00:00
nginxconf = " $(
cat <<EOF
2022-12-01 06:33:27 +00:00
worker_rlimit_nofile 1000000;
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 4096;
}
http {
sendfile on;
tcp_nopush on;
types_hash_max_size 2048;
2023-12-11 18:36:08 +00:00
server_names_hash_bucket_size 256;
2022-12-01 06:33:27 +00:00
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
EOF
) "
2023-03-21 05:57:24 +00:00
echo " ${ nginxconf } " | sudo tee $nginxdefaultconf >/dev/null
2022-12-01 06:33:27 +00:00
for i in sites-available sites-enabled; do
sudo mkdir -p /etc/nginx/$i
done
2020-10-17 04:41:47 +00:00
print_green 'Restoring certbot'
sudo apt install -y software-properties-common
2020-10-18 23:45:21 +00:00
sudo apt install -y certbot openssl
2020-11-28 06:05:47 +00:00
print_green 'Restoring certs'
2020-10-18 23:45:21 +00:00
2023-07-30 07:14:44 +00:00
if [ -f " $tmp_dir /certs/etc-letsencrypt.tar.gz " ] ; then
sudo rm -rf /etc/letsencrypt
sudo mkdir /etc/letsencrypt
sudo tar -xzf $tmp_dir /certs/etc-letsencrypt.tar.gz -C /etc/letsencrypt
sudo chown ${ USER } :${ USER } -R /etc/letsencrypt
fi
if [ -d " ${ tmp_dir } /certs/custom " ] ; then
CERT_FILE = $( grep "^CERT_FILE" " $tmp_dir /rmm/local_settings.py " | awk -F'[= "]' '{print $5}' )
KEY_FILE = $( grep "^KEY_FILE" " $tmp_dir /rmm/local_settings.py " | awk -F'[= "]' '{print $5}' )
sudo mkdir -p $( dirname $CERT_FILE ) $( dirname $KEY_FILE )
sudo chown ${ USER } :${ USER } $( dirname $CERT_FILE ) $( dirname $KEY_FILE )
cp -p ${ tmp_dir } /certs/custom/cert $CERT_FILE
cp -p ${ tmp_dir } /certs/custom/key $KEY_FILE
2023-08-29 23:53:19 +00:00
elif [ -d " ${ tmp_dir } /certs/selfsigned " ] ; then
certdir = '/etc/ssl/tactical'
sudo mkdir -p $certdir
sudo chown ${ USER } :${ USER } $certdir
sudo chmod 770 $certdir
cp -p ${ tmp_dir } /certs/selfsigned/key.pem $certdir
cp -p ${ tmp_dir } /certs/selfsigned/cert.pem $certdir
2023-07-30 07:14:44 +00:00
fi
2020-10-17 04:41:47 +00:00
2023-10-20 20:25:43 +00:00
print_green 'Restoring assets'
if [ -f " $tmp_dir /opt/opt-tactical.tar.gz " ] ; then
sudo mkdir -p /opt/tactical
sudo tar -xzf $tmp_dir /opt/opt-tactical.tar.gz -C /opt/tactical
sudo chown ${ USER } :${ USER } -R /opt/tactical
else
sudo mkdir -p /opt/tactical/reporting/assets
sudo mkdir -p /opt/tactical/reporting/schemas
sudo chown -R ${ USER } :${ USER } /opt/tactical
fi
2020-10-17 04:41:47 +00:00
print_green 'Restoring celery configs'
sudo mkdir /etc/conf.d
sudo tar -xzf $tmp_dir /confd/etc-confd.tar.gz -C /etc/conf.d
sudo chown ${ USER } :${ USER } -R /etc/conf.d
print_green 'Restoring systemd services'
sudo cp $tmp_dir /systemd/* /etc/systemd/system/
2023-10-27 02:22:16 +00:00
2023-10-29 21:38:33 +00:00
# migrate daphne to uvicorn for older systems
if ! grep -q uvicorn /etc/systemd/system/daphne.service; then
sudo rm -f /etc/systemd/system/daphne.service
uviservice = " $(
cat <<EOF
[ Unit]
Description = uvicorn daemon v1
After = network.target
[ Service]
User = ${ USER }
Group = www-data
WorkingDirectory = /rmm/api/tacticalrmm
Environment = "PATH=/rmm/api/env/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
ExecStart = /rmm/api/env/bin/uvicorn --uds /rmm/daphne.sock --forwarded-allow-ips= '*' tacticalrmm.asgi:application
ExecStartPre = rm -f /rmm/daphne.sock
ExecStartPre = rm -f /rmm/daphne.sock.lock
Restart = always
RestartSec = 3s
[ Install]
WantedBy = multi-user.target
EOF
) "
echo " ${ uviservice } " | sudo tee /etc/systemd/system/daphne.service >/dev/null
fi
2020-10-17 04:41:47 +00:00
sudo systemctl daemon-reload
2022-08-14 08:14:59 +00:00
print_green " Installing Python ${ PYTHON_VER } "
2020-10-17 04:41:47 +00:00
2021-02-21 07:37:19 +00:00
sudo apt install -y build-essential zlib1g-dev libncurses5-dev libgdbm-dev libnss3-dev libssl-dev libreadline-dev libffi-dev libsqlite3-dev libbz2-dev
numprocs = $( nproc)
cd ~
2022-03-10 00:57:55 +00:00
wget https://www.python.org/ftp/python/${ PYTHON_VER } /Python-${ PYTHON_VER } .tgz
tar -xf Python-${ PYTHON_VER } .tgz
cd Python-${ PYTHON_VER }
2021-02-21 07:37:19 +00:00
./configure --enable-optimizations
make -j $numprocs
sudo make altinstall
cd ~
2022-03-10 00:57:55 +00:00
sudo rm -rf Python-${ PYTHON_VER } Python-${ PYTHON_VER } .tgz
2021-02-21 07:37:19 +00:00
2023-10-28 01:41:50 +00:00
print_green 'Installing redis and git'
sudo apt install -y redis git
2020-10-17 04:41:47 +00:00
print_green 'Installing postgresql'
2021-02-06 00:40:25 +00:00
echo " $postgresql_repo " | sudo tee /etc/apt/sources.list.d/pgdg.list
2023-10-01 15:59:14 +00:00
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo gpg --dearmor -o /etc/apt/keyrings/postgresql-archive-keyring.gpg
2020-10-17 04:41:47 +00:00
sudo apt update
2023-07-04 08:53:06 +00:00
sudo apt install -y postgresql-15
2020-10-17 04:41:47 +00:00
sleep 2
2022-09-11 20:23:18 +00:00
sudo systemctl enable --now postgresql
2023-03-21 05:57:24 +00:00
until pg_isready >/dev/null; do
2022-09-11 20:23:18 +00:00
echo -ne " ${ GREEN } Waiting for PostgreSQL to be ready ${ NC } \n "
sleep 3
2023-03-21 05:57:24 +00:00
done
2020-10-17 04:41:47 +00:00
sudo mkdir /rmm
sudo chown ${ USER } :${ USER } /rmm
sudo mkdir -p /var/log/celery
sudo chown ${ USER } :${ USER } /var/log/celery
2022-03-18 18:09:58 +00:00
git clone https://github.com/amidaware/tacticalrmm.git /rmm/
2020-11-01 09:18:22 +00:00
cd /rmm
2020-11-28 06:05:47 +00:00
git config user.email "admin@example.com"
git config user.name "Bob"
2020-11-01 09:18:22 +00:00
git checkout master
2020-10-17 04:41:47 +00:00
2022-01-24 05:07:08 +00:00
sudo mkdir -p ${ SCRIPTS_DIR }
sudo chown ${ USER } :${ USER } ${ SCRIPTS_DIR }
git clone https://github.com/amidaware/community-scripts.git ${ SCRIPTS_DIR } /
cd ${ SCRIPTS_DIR }
2022-01-21 23:11:27 +00:00
git config user.email "admin@example.com"
git config user.name "Bob"
2022-01-22 04:27:14 +00:00
git checkout main
2022-01-21 23:11:27 +00:00
2021-08-29 08:13:04 +00:00
print_green 'Restoring NATS'
2023-07-04 08:53:06 +00:00
if [ " $arch " = "x86_64" ] ; then
natsarch = 'amd64'
else
natsarch = 'arm64'
fi
2022-05-24 22:03:24 +00:00
NATS_SERVER_VER = $( grep "^NATS_SERVER_VER" " $SETTINGS_FILE " | awk -F'[= "]' '{print $5}' )
2021-08-29 08:13:04 +00:00
nats_tmp = $( mktemp -d -t nats-XXXXXXXXXX)
2023-07-04 08:53:06 +00:00
wget https://github.com/nats-io/nats-server/releases/download/v${ NATS_SERVER_VER } /nats-server-v${ NATS_SERVER_VER } -linux-${ natsarch } .tar.gz -P ${ nats_tmp }
tar -xzf ${ nats_tmp } /nats-server-v${ NATS_SERVER_VER } -linux-${ natsarch } .tar.gz -C ${ nats_tmp }
sudo mv ${ nats_tmp } /nats-server-v${ NATS_SERVER_VER } -linux-${ natsarch } /nats-server /usr/local/bin/
2021-08-29 08:13:04 +00:00
sudo chmod +x /usr/local/bin/nats-server
sudo chown ${ USER } :${ USER } /usr/local/bin/nats-server
rm -rf ${ nats_tmp }
2020-12-02 10:40:20 +00:00
print_green 'Restoring MeshCentral'
2023-07-04 08:53:06 +00:00
sudo apt install -y jq
2022-05-24 22:03:24 +00:00
MESH_VER = $( grep "^MESH_VER" " $SETTINGS_FILE " | awk -F'[= "]' '{print $5}' )
2020-12-02 10:40:20 +00:00
sudo tar -xzf $tmp_dir /meshcentral/mesh.tar.gz -C /
sudo chown ${ USER } :${ USER } -R /meshcentral
2023-07-04 08:53:06 +00:00
rm -f /meshcentral/package.json /meshcentral/package-lock.json
2023-01-24 22:38:39 +00:00
2023-07-04 08:53:06 +00:00
FROM_MONGO = false
2023-01-24 22:38:39 +00:00
if grep -q postgres "/meshcentral/meshcentral-data/config.json" ; then
2023-03-21 05:57:24 +00:00
MESH_POSTGRES_USER = $( jq '.settings.postgres.user' /meshcentral/meshcentral-data/config.json -r)
MESH_POSTGRES_PW = $( jq '.settings.postgres.password' /meshcentral/meshcentral-data/config.json -r)
2023-07-04 08:53:06 +00:00
else
FROM_MONGO = true
MESH_POSTGRES_USER = $( cat /dev/urandom | tr -dc 'a-z' | fold -w 8 | head -n 1)
MESH_POSTGRES_PW = $( cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 20 | head -n 1)
fi
print_green 'Creating MeshCentral DB'
2023-12-22 17:38:04 +00:00
sudo -iu postgres psql -c "CREATE DATABASE meshcentral"
sudo -iu postgres psql -c " CREATE USER ${ MESH_POSTGRES_USER } WITH PASSWORD ' ${ MESH_POSTGRES_PW } ' "
sudo -iu postgres psql -c " ALTER ROLE ${ MESH_POSTGRES_USER } SET client_encoding TO 'utf8' "
sudo -iu postgres psql -c " ALTER ROLE ${ MESH_POSTGRES_USER } SET default_transaction_isolation TO 'read committed' "
sudo -iu postgres psql -c " ALTER ROLE ${ MESH_POSTGRES_USER } SET timezone TO 'UTC' "
sudo -iu postgres psql -c " GRANT ALL PRIVILEGES ON DATABASE meshcentral TO ${ MESH_POSTGRES_USER } "
sudo -iu postgres psql -c " ALTER DATABASE meshcentral OWNER TO ${ MESH_POSTGRES_USER } "
sudo -iu postgres psql -c " GRANT USAGE, CREATE ON SCHEMA PUBLIC TO ${ MESH_POSTGRES_USER } "
2023-07-04 08:53:06 +00:00
if [ " $FROM_MONGO " = true ] ; then
print_green 'Converting mesh mongo to postgres'
# https://github.com/amidaware/trmm-awesome/blob/main/scripts/migrate-mesh-to-postgres.sh
mesh_data = '/meshcentral/meshcentral-data'
if [ [ ! -f " ${ mesh_data } /meshcentral.db.json " ] ] ; then
echo -ne " ${ RED } ERROR: meshcentral.db.json was not found ${ NC } \n "
echo -ne " ${ RED } Unable to convert mongo to postgres ${ NC } \n "
echo -ne " ${ RED } You probably didn't download the lastest backup.sh file before doing a backup and were using an outdated version ${ NC } \n "
echo -ne " ${ RED } You will need to download the latest backup script, run a fresh backup on your old server, wipe this server and attempt a fresh restore. ${ NC } \n "
exit 1
fi
MESH_PG_PORT = '5432'
MESH_PG_HOST = 'localhost'
cp ${ mesh_data } /config.json ${ mesh_data } /config-mongodb-$( date "+%Y%m%dT%H%M%S" ) .bak
cat ${ mesh_data } /config.json |
jq '.settings |= with_entries(select((.key | ascii_downcase) as $key | $key != "mongodb" and $key != "mongodbname"))' |
jq " .settings.postgres.user |= \" ${ MESH_POSTGRES_USER } \" " |
jq " .settings.postgres.password |= \" ${ MESH_POSTGRES_PW } \" " |
jq " .settings.postgres.port |= \" ${ MESH_PG_PORT } \" " |
jq " .settings.postgres.host |= \" ${ MESH_PG_HOST } \" " >${ mesh_data } /config-postgres.json
mv ${ mesh_data } /config-postgres.json ${ mesh_data } /config.json
else
2023-03-21 05:57:24 +00:00
gzip -d $tmp_dir /postgres/mesh-db*.psql.gz
PGPASSWORD = ${ MESH_POSTGRES_PW } psql -h localhost -U ${ MESH_POSTGRES_USER } -d meshcentral -f $tmp_dir /postgres/mesh-db*.psql
2023-07-04 08:53:06 +00:00
fi
cd /meshcentral
2023-08-18 04:28:58 +00:00
mesh_pkg = " $(
cat <<EOF
{
"dependencies" : {
"archiver" : "5.3.1" ,
"meshcentral" : " ${ MESH_VER } " ,
"otplib" : "10.2.3" ,
"pg" : "8.7.1" ,
"pgtools" : "0.3.2"
}
}
EOF
) "
echo " ${ mesh_pkg } " >/meshcentral/package.json
npm install
2023-07-04 08:53:06 +00:00
if [ " $FROM_MONGO " = true ] ; then
node node_modules/meshcentral --dbimport >/dev/null
2023-01-24 22:38:39 +00:00
fi
2020-12-02 10:40:20 +00:00
print_green 'Restoring the backend'
2020-10-17 04:41:47 +00:00
cp $tmp_dir /rmm/local_settings.py /rmm/api/tacticalrmm/tacticalrmm/
2023-07-04 08:53:06 +00:00
if [ " $arch " = "x86_64" ] ; then
natsapi = 'nats-api'
else
natsapi = 'nats-api-arm64'
fi
sudo cp /rmm/natsapi/bin/${ natsapi } /usr/local/bin/nats-api
2021-01-17 01:16:28 +00:00
sudo chown ${ USER } :${ USER } /usr/local/bin/nats-api
sudo chmod +x /usr/local/bin/nats-api
2023-07-04 08:53:06 +00:00
print_green 'Restoring the trmm database'
2021-02-24 20:39:02 +00:00
pgusername = $( grep -w USER /rmm/api/tacticalrmm/tacticalrmm/local_settings.py | sed 's/^.*: //' | sed 's/.//' | sed -r 's/.{2}$//' )
pgpw = $( grep -w PASSWORD /rmm/api/tacticalrmm/tacticalrmm/local_settings.py | sed 's/^.*: //' | sed 's/.//' | sed -r 's/.{2}$//' )
2023-12-22 17:38:04 +00:00
sudo -iu postgres psql -c "CREATE DATABASE tacticalrmm"
sudo -iu postgres psql -c " CREATE USER ${ pgusername } WITH PASSWORD ' ${ pgpw } ' "
sudo -iu postgres psql -c " ALTER ROLE ${ pgusername } SET client_encoding TO 'utf8' "
sudo -iu postgres psql -c " ALTER ROLE ${ pgusername } SET default_transaction_isolation TO 'read committed' "
sudo -iu postgres psql -c " ALTER ROLE ${ pgusername } SET timezone TO 'UTC' "
sudo -iu postgres psql -c " GRANT ALL PRIVILEGES ON DATABASE tacticalrmm TO ${ pgusername } "
sudo -iu postgres psql -c " ALTER DATABASE tacticalrmm OWNER TO ${ pgusername } "
sudo -iu postgres psql -c " GRANT USAGE, CREATE ON SCHEMA PUBLIC TO ${ pgusername } "
2021-02-24 20:39:02 +00:00
2023-01-24 22:38:39 +00:00
gzip -d $tmp_dir /postgres/db*.psql.gz
2021-02-24 20:39:02 +00:00
PGPASSWORD = ${ pgpw } psql -h localhost -U ${ pgusername } -d tacticalrmm -f $tmp_dir /postgres/db*.psql
2023-10-28 01:41:50 +00:00
# for weasyprint
if [ [ " $osname " = = "debian" ] ] ; then
count = $( dpkg -l | grep -E "libpango-1.0-0|libpangoft2-1.0-0" | wc -l)
if ! [ " $count " -eq 2 ] ; then
sudo apt install -y libpango-1.0-0 libpangoft2-1.0-0
fi
elif [ [ " $osname " = = "ubuntu" ] ] ; then
count = $( dpkg -l | grep -E "libpango-1.0-0|libharfbuzz0b|libpangoft2-1.0-0" | wc -l)
if ! [ " $count " -eq 3 ] ; then
sudo apt install -y libpango-1.0-0 libharfbuzz0b libpangoft2-1.0-0
fi
fi
2022-05-24 22:03:24 +00:00
SETUPTOOLS_VER = $( grep "^SETUPTOOLS_VER" " $SETTINGS_FILE " | awk -F'[= "]' '{print $5}' )
WHEEL_VER = $( grep "^WHEEL_VER" " $SETTINGS_FILE " | awk -F'[= "]' '{print $5}' )
2021-05-05 01:41:39 +00:00
2020-10-17 04:41:47 +00:00
cd /rmm/api
2023-03-20 01:58:54 +00:00
python3.11 -m venv env
2020-10-17 04:41:47 +00:00
source /rmm/api/env/bin/activate
cd /rmm/api/tacticalrmm
pip install --no-cache-dir --upgrade pip
2021-05-05 01:41:39 +00:00
pip install --no-cache-dir setuptools = = ${ SETUPTOOLS_VER } wheel = = ${ WHEEL_VER }
2020-10-17 04:41:47 +00:00
pip install --no-cache-dir -r /rmm/api/tacticalrmm/requirements.txt
2021-04-08 05:57:16 +00:00
python manage.py migrate
2023-10-26 01:08:52 +00:00
python manage.py generate_json_schemas
2020-10-17 04:41:47 +00:00
python manage.py collectstatic --no-input
2021-11-13 21:30:01 +00:00
python manage.py create_natsapi_conf
2023-10-28 20:07:50 +00:00
python manage.py create_uwsgi_conf
2020-11-28 06:05:47 +00:00
python manage.py reload_nats
2022-03-19 01:24:17 +00:00
python manage.py post_update_tasks
2023-10-31 18:32:01 +00:00
echo "Running management commands...please wait..."
2022-05-24 22:03:24 +00:00
API = $( python manage.py get_config api)
WEB_VERSION = $( python manage.py get_config webversion)
2023-10-26 01:08:52 +00:00
FRONTEND = $( python manage.py get_config webdomain)
2022-12-04 06:14:37 +00:00
webdomain = $( python manage.py get_config webdomain)
meshdomain = $( python manage.py get_config meshdomain)
2023-10-24 05:18:47 +00:00
WEBTAR_URL = $( python manage.py get_webtar_url)
2023-10-26 01:08:52 +00:00
CERT_PUB_KEY = $( python manage.py get_config certfile)
CERT_PRIV_KEY = $( python manage.py get_config keyfile)
2020-10-17 04:41:47 +00:00
deactivate
2022-12-04 06:14:37 +00:00
print_green 'Restoring hosts file'
2023-08-11 05:14:43 +00:00
if grep -q manage_etc_hosts /etc/hosts; then
2023-08-11 22:07:59 +00:00
sudo sed -i '/manage_etc_hosts: true/d' /etc/cloud/cloud.cfg >/dev/null
echo -e "\nmanage_etc_hosts: false" | sudo tee --append /etc/cloud/cloud.cfg >/dev/null
2023-08-11 05:14:43 +00:00
sudo systemctl restart cloud-init >/dev/null
fi
2023-10-26 01:08:52 +00:00
print_green 'Restoring nginx configs'
for i in frontend meshcentral; do
sudo cp ${ tmp_dir } /nginx/${ i } .conf /etc/nginx/sites-available/
sudo ln -s /etc/nginx/sites-available/${ i } .conf /etc/nginx/sites-enabled/${ i } .conf
done
2023-10-28 20:07:50 +00:00
if ! grep -q "location /assets/" $tmp_dir /nginx/rmm.conf; then
2023-10-26 01:08:52 +00:00
if [ -d " ${ tmp_dir } /certs/selfsigned " ] ; then
CERT_PUB_KEY = " ${ certdir } /cert.pem "
CERT_PRIV_KEY = " ${ certdir } /key.pem "
fi
nginxrmm = " $(
cat <<EOF
server_tokens off;
2023-10-28 20:07:50 +00:00
upstream tacticalrmm {
server unix:////rmm/api/tacticalrmm/tacticalrmm.sock;
2023-10-26 01:08:52 +00:00
}
map \$ http_user_agent \$ ignore_ua {
"~python-requests.*" 0;
"~go-resty.*" 0;
default 1;
}
server {
listen 80;
listen [ ::] :80;
server_name ${ API } ;
return 301 https://\$ server_name\$ request_uri;
}
server {
listen 443 ssl reuseport;
listen [ ::] :443 ssl;
server_name ${ API } ;
client_max_body_size 300M;
access_log /rmm/api/tacticalrmm/tacticalrmm/private/log/access.log combined if = \$ ignore_ua;
error_log /rmm/api/tacticalrmm/tacticalrmm/private/log/error.log;
ssl_certificate ${ CERT_PUB_KEY } ;
ssl_certificate_key ${ CERT_PRIV_KEY } ;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers EECDH+AESGCM:EDH+AESGCM;
ssl_ecdh_curve secp384r1;
ssl_stapling on;
ssl_stapling_verify on;
add_header X-Content-Type-Options nosniff;
location /static/ {
root /rmm/api/tacticalrmm;
add_header "Access-Control-Allow-Origin" " https:// ${ FRONTEND } " ;
}
location /private/ {
internal;
add_header "Access-Control-Allow-Origin" " https:// ${ FRONTEND } " ;
alias /rmm/api/tacticalrmm/tacticalrmm/private/;
}
location /assets/ {
internal;
add_header "Access-Control-Allow-Origin" " https:// ${ FRONTEND } " ;
alias /opt/tactical/reporting/assets/;
}
location ~ ^/ws/ {
proxy_pass http://unix:/rmm/daphne.sock;
proxy_http_version 1.1;
proxy_set_header Upgrade \$ http_upgrade;
proxy_set_header Connection "upgrade" ;
proxy_redirect off;
proxy_set_header Host \$ host;
proxy_set_header X-Real-IP \$ remote_addr;
proxy_set_header X-Forwarded-For \$ proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host \$ server_name;
}
location ~ ^/natsws {
proxy_pass http://127.0.0.1:9235;
proxy_http_version 1.1;
proxy_set_header Host \$ host;
proxy_set_header Upgrade \$ http_upgrade;
proxy_set_header Connection "upgrade" ;
proxy_set_header X-Forwarded-Host \$ host:\$ server_port;
proxy_set_header X-Forwarded-For \$ proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$ scheme;
}
location / {
2023-10-28 20:07:50 +00:00
uwsgi_pass tacticalrmm;
include /etc/nginx/uwsgi_params;
uwsgi_read_timeout 300s;
uwsgi_ignore_client_abort on;
2023-10-26 01:08:52 +00:00
}
}
EOF
) "
echo " ${ nginxrmm } " | sudo tee /etc/nginx/sites-available/rmm.conf >/dev/null
else
sudo cp ${ tmp_dir } /nginx/rmm.conf /etc/nginx/sites-available/
fi
sudo ln -s /etc/nginx/sites-available/rmm.conf /etc/nginx/sites-enabled/rmm.conf
2022-12-04 06:14:37 +00:00
HAS_11 = $( grep 127.0.1.1 /etc/hosts)
if [ [ $HAS_11 ] ] ; then
sudo sed -i " /127.0.1.1/s/ $/ ${ API } ${ webdomain } ${ meshdomain } / " /etc/hosts
else
2023-03-21 05:57:24 +00:00
echo " 127.0.1.1 ${ API } ${ webdomain } ${ meshdomain } " | sudo tee --append /etc/hosts >/dev/null
2022-12-04 06:14:37 +00:00
fi
2020-11-28 06:05:47 +00:00
sudo systemctl enable nats.service
sudo systemctl start nats.service
2020-10-17 04:41:47 +00:00
print_green 'Restoring the frontend'
2022-05-24 22:03:24 +00:00
webtar = " trmm-web-v ${ WEB_VERSION } .tar.gz "
2023-10-24 05:18:47 +00:00
wget -q ${ WEBTAR_URL } -O /tmp/${ webtar }
2020-10-17 04:41:47 +00:00
sudo mkdir -p /var/www/rmm
2022-05-24 22:03:24 +00:00
sudo tar -xzf /tmp/${ webtar } -C /var/www/rmm
2023-03-21 05:57:24 +00:00
echo " window._env_ = {PROD_URL: \"https:// ${ API } \"} " | sudo tee /var/www/rmm/dist/env-config.js >/dev/null
2020-10-17 04:41:47 +00:00
sudo chown www-data:www-data -R /var/www/rmm/dist
2022-05-24 22:03:24 +00:00
rm -f /tmp/${ webtar }
2020-10-17 04:41:47 +00:00
# reset perms
sudo chown ${ USER } :${ USER } -R /rmm
sudo chown ${ USER } :${ USER } /var/log/celery
sudo chown ${ USER } :${ USER } -R /etc/conf.d/
sudo chown -R $USER :$GROUP /home/${ USER } /.npm
sudo chown -R $USER :$GROUP /home/${ USER } /.config
sudo chown -R $USER :$GROUP /home/${ USER } /.cache
2023-07-04 08:53:06 +00:00
print_green 'Enabling and starting services'
HAS_OLD_MONGO_DEP = $( grep mongod /etc/systemd/system/meshcentral.service)
if [ [ $HAS_OLD_MONGO_DEP ] ] ; then
sudo sed -i 's/mongod.service/postgresql.service/g' /etc/systemd/system/meshcentral.service
fi
2020-10-17 04:41:47 +00:00
sudo systemctl daemon-reload
2023-03-21 05:57:24 +00:00
for i in celery.service celerybeat.service rmm.service daphne.service nats-api.service nginx; do
2020-10-17 04:41:47 +00:00
sudo systemctl enable ${ i }
2021-01-17 01:16:28 +00:00
sudo systemctl stop ${ i }
sudo systemctl start ${ i }
2020-10-17 04:41:47 +00:00
done
sleep 5
print_green 'Starting meshcentral'
sudo systemctl enable meshcentral
sudo systemctl start meshcentral
printf >& 2 " ${ YELLOW } %0.s* ${ NC } " { 1..80}
printf >& 2 "\n\n"
printf >& 2 " ${ YELLOW } Restore complete! ${ NC } \n\n "
printf >& 2 " ${ YELLOW } %0.s* ${ NC } " { 1..80}
2023-01-24 22:38:39 +00:00
printf >& 2 "\n"