Updated install.sh for Debian
Updated api\tacticalrmm\accounts\views.py valid_window=10
This commit is contained in:
Matthew McKinnon
parent
0a9c647e19
commit
8d43488cb8
|
|
@ -60,7 +60,7 @@ class LoginView(KnoxLoginView):
|
|||
|
||||
if settings.DEBUG and token == "sekret":
|
||||
valid = True
|
||||
elif totp.verify(token, valid_window=1):
|
||||
elif totp.verify(token, valid_window=10):
|
||||
valid = True
|
||||
|
||||
if valid:
|
||||
|
|
@ -197,4 +197,4 @@ class UserUI(APIView):
|
|||
user.show_community_scripts = request.data["show_community_scripts"]
|
||||
user.save(update_fields=["show_community_scripts"])
|
||||
|
||||
return Response("ok")
|
||||
return Response("ok")
|
||||
|
|
|
|||
62
install.sh
62
install.sh
|
|
@ -23,10 +23,28 @@ fi
|
|||
|
||||
rm -f $TMP_FILE
|
||||
|
||||
UBU20=$(grep 20.04 "/etc/"*"release")
|
||||
if ! [[ $UBU20 ]]; then
|
||||
echo -ne "\033[0;31mThis script will only work on Ubuntu 20.04\e[0m\n"
|
||||
exit 1
|
||||
osname=$(lsb_release -si); osname=${osname^}
|
||||
osname=$(echo "$osname" | tr '[A-Z]' '[a-z]')
|
||||
fullrel=$(lsb_release -sd)
|
||||
codename=$(lsb_release -sc)
|
||||
relno=$(lsb_release -sr | cut -d. -f1)
|
||||
fullrelno=$(lsb_release -sr)
|
||||
|
||||
# Fallback if lsb_release -si returns anything else than Ubuntu, Debian or Raspbian
|
||||
if [ ! "$osname" = "ubuntu" ] && [ ! "$osname" = "debian" ]; then
|
||||
osname=$(grep -oP '(?<=^ID=).+' /etc/os-release | tr -d '"')
|
||||
osname=${osname^}
|
||||
fi
|
||||
|
||||
|
||||
# determine system
|
||||
if ([ "$osname" = "ubuntu" ] && [ $relno -ge 20 ]) || ([ "$osname" = "debian" ] && [ $relno -ge 10 ]); then
|
||||
echo $fullrel
|
||||
else
|
||||
echo $fullrel
|
||||
echo "Only Ubuntu release 20.04 and later and Debian 10 and later, are supported"
|
||||
echo "Your system does not appear to be supported"
|
||||
exit
|
||||
fi
|
||||
|
||||
if [ $EUID -eq 0 ]; then
|
||||
|
|
@ -42,6 +60,16 @@ if [[ "$LANG" != *".UTF-8" ]]; then
|
|||
exit 1
|
||||
fi
|
||||
|
||||
if ([ "$osname" = "ubuntu" ]); then
|
||||
mongodb_repo="deb [arch=amd64] https://repo.mongodb.org/apt/$osname $codename/mongodb-org/4.4 multiverse"
|
||||
else
|
||||
mongodb_repo="deb [arch=amd64] https://repo.mongodb.org/apt/$osname $codename/mongodb-org/4.4 main"
|
||||
|
||||
fi
|
||||
|
||||
postgresql_repo="deb [arch=amd64] https://apt.postgresql.org/pub/repos/apt/ $codename-pgdg main"
|
||||
|
||||
|
||||
# prevents logging issues with some VPS providers like Vultr if this is a freshly provisioned instance that hasn't been rebooted yet
|
||||
sudo systemctl restart systemd-journald.service
|
||||
|
||||
|
|
@ -93,7 +121,7 @@ echo -ne "${YELLOW}Enter a valid email address for django and meshcentral${NC}:
|
|||
read letsemail
|
||||
done
|
||||
|
||||
# if server is behind NAT we need to add the 3 subdomains to the host file
|
||||
# if server is behind NAT we need to add the 3 subdomains to the host file
|
||||
# so that nginx can properly route between the frontend, backend and meshcentral
|
||||
# EDIT 8-29-2020
|
||||
# running this even if server is __not__ behind NAT just to make DNS resolving faster
|
||||
|
|
@ -114,7 +142,7 @@ if ! [[ $CHECK_HOSTS ]]; then
|
|||
else
|
||||
echo "127.0.1.1 ${rmmdomain} $frontenddomain $meshdomain" | sudo tee --append /etc/hosts > /dev/null
|
||||
fi
|
||||
else
|
||||
else
|
||||
if [[ $HAS_11 ]]; then
|
||||
echo -ne "${GREEN}Please manually edit your /etc/hosts file to match the line below and re-run this script.${NC}\n"
|
||||
sed "/127.0.1.1/s/$/ ${rmmdomain} $frontenddomain $meshdomain/" /etc/hosts | grep 127.0.1.1
|
||||
|
|
@ -130,7 +158,7 @@ fi
|
|||
BEHIND_NAT=false
|
||||
IPV4=$(ip -4 addr | sed -ne 's|^.* inet \([^/]*\)/.* scope global.*$|\1|p' | head -1)
|
||||
if echo "$IPV4" | grep -qE '^(10\.|172\.1[6789]\.|172\.2[0-9]\.|172\.3[01]\.|192\.168)'; then
|
||||
BEHIND_NAT=true
|
||||
BEHIND_NAT=true
|
||||
fi
|
||||
|
||||
echo -ne "${YELLOW}Create a username for meshcentral${NC}: "
|
||||
|
|
@ -142,10 +170,10 @@ sudo apt install -y certbot openssl
|
|||
|
||||
print_green 'Getting wildcard cert'
|
||||
|
||||
sudo certbot certonly --manual -d *.${rootdomain} --agree-tos --no-bootstrap --manual-public-ip-logging-ok --preferred-challenges dns -m ${letsemail} --no-eff-email
|
||||
sudo certbot certonly --manual -d *.${rootdomain} --agree-tos --no-bootstrap --manual-public-ip-logging-ok --preferred-challenges dns -m ${letsemail} --no-eff-email --test-cert
|
||||
while [[ $? -ne 0 ]]
|
||||
do
|
||||
sudo certbot certonly --manual -d *.${rootdomain} --agree-tos --no-bootstrap --manual-public-ip-logging-ok --preferred-challenges dns -m ${letsemail} --no-eff-email
|
||||
sudo certbot certonly --manual -d *.${rootdomain} --agree-tos --no-bootstrap --manual-public-ip-logging-ok --preferred-challenges dns -m ${letsemail} --no-eff-email --test-cert
|
||||
done
|
||||
|
||||
CERT_PRIV_KEY=/etc/letsencrypt/live/${rootdomain}/privkey.pem
|
||||
|
|
@ -198,8 +226,8 @@ sudo apt install -y nodejs
|
|||
|
||||
print_green 'Installing MongoDB'
|
||||
|
||||
wget -qO - https://www.mongodb.org/static/pgp/server-4.2.asc | sudo apt-key add -
|
||||
echo "deb [ arch=amd64 ] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.2 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.2.list
|
||||
wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | sudo apt-key add -
|
||||
echo "$mongodb_repo" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.4.list
|
||||
sudo apt update
|
||||
sudo apt install -y mongodb-org
|
||||
sudo systemctl enable mongod
|
||||
|
|
@ -210,11 +238,12 @@ sudo systemctl restart mongod
|
|||
print_green 'Installing python, redis and git'
|
||||
|
||||
sudo apt update
|
||||
sudo apt install -y python3.8-venv python3.8-dev python3-pip python3-cherrypy3 python3-setuptools python3-wheel ca-certificates redis git
|
||||
sudo apt install -y python3-venv python3-dev python3-pip python3-cherrypy3 python3-setuptools python3-wheel ca-certificates redis git
|
||||
|
||||
print_green 'Installing postgresql'
|
||||
|
||||
sudo sh -c 'echo "deb https://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
|
||||
echo "$postgresql_repo" | sudo tee /etc/apt/sources.list.d/pgdg.list
|
||||
|
||||
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
|
||||
sudo apt update
|
||||
sudo apt install -y postgresql-13
|
||||
|
|
@ -543,9 +572,8 @@ sudo ln -s /etc/nginx/sites-available/rmm.conf /etc/nginx/sites-enabled/rmm.conf
|
|||
sudo ln -s /etc/nginx/sites-available/meshcentral.conf /etc/nginx/sites-enabled/meshcentral.conf
|
||||
|
||||
print_green 'Installing Salt Master'
|
||||
|
||||
wget -O - https://repo.saltstack.com/py3/ubuntu/20.04/amd64/latest/SALTSTACK-GPG-KEY.pub | sudo apt-key add -
|
||||
echo 'deb http://repo.saltstack.com/py3/ubuntu/20.04/amd64/latest focal main' | sudo tee /etc/apt/sources.list.d/saltstack.list
|
||||
wget -O - 'https://repo.saltstack.com/py3/'$osname'/'$fullrelno'/amd64/latest/SALTSTACK-GPG-KEY.pub' | sudo apt-key add -
|
||||
echo 'deb http://repo.saltstack.com/py3/'$osname'/'$fullrelno'/amd64/latest '$codename' main' | sudo tee /etc/apt/sources.list.d/saltstack.list
|
||||
|
||||
sudo apt update
|
||||
sudo apt install -y salt-master
|
||||
|
|
@ -873,7 +901,7 @@ printf >&2 "${YELLOW}Django admin url: ${GREEN}https://${rmmdomain}/${ADMINURL}$
|
|||
printf >&2 "${YELLOW}MeshCentral password: ${GREEN}${MESHPASSWD}${NC}\n\n"
|
||||
|
||||
if [ "$BEHIND_NAT" = true ]; then
|
||||
echo -ne "${YELLOW}Read below if your router does NOT support Hairpin NAT${NC}\n\n"
|
||||
echo -ne "${YELLOW}Read below if your router does NOT support Hairpin NAT${NC}\n\n"
|
||||
echo -ne "${GREEN}If you will be accessing the web interface of the RMM from the same LAN as this server,${NC}\n"
|
||||
echo -ne "${GREEN}you'll need to make sure your 3 subdomains resolve to ${IPV4}${NC}\n"
|
||||
echo -ne "${GREEN}This also applies to any agents that will be on the same local network as the rmm.${NC}\n"
|
||||
|
|
|
|||
Loading…
Reference in New Issue