-
Notifications
You must be signed in to change notification settings - Fork 275
/
Copy pathguac-upgrade.sh
executable file
·215 lines (186 loc) · 7.14 KB
/
guac-upgrade.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
#!/bin/bash
# Check if user is root or sudo
if ! [ $(id -u) = 0 ]; then echo "Please run this script as sudo or root"; exit 1 ; fi
# Version number of Guacamole to install
GUACVERSION="1.5.5"
# Colors to use for output
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
RED='\033[0;31m'
GREEN='\033[0;32m'
CYAN='\033[0;36m'
NC='\033[0m' # No Color
# Try to get host and database from /etc/guacamole/guacamole.properties
mysqlHost=$(grep -oP 'mysql-hostname:\K.*' /etc/guacamole/guacamole.properties | awk '{print $1}')
mysqlPort=$(grep -oP 'mysql-port:\K.*' /etc/guacamole/guacamole.properties | awk '{print $1}')
guacDb=$(grep -oP 'mysql-database:\K.*' /etc/guacamole/guacamole.properties | awk '{print $1}')
# Get script arguments for non-interactive mode
while [ "$1" != "" ]; do
case $1 in
-h | --mysqlhost )
shift
mysqlHost="$1"
;;
-p | --mysqlport )
shift
mysqlPort="$1"
;;
-r | --mysqlpwd )
shift
mysqlRootPwd="$1"
;;
esac
shift
done
# Get MySQL host
if [ -z "$mysqlHost" ]; then
read -p "Enter MySQL Host [localhost]: " mysqlHost
echo
if [ -z "$mysqlHost" ]; then
mysqlHost="localhost"
fi
fi
# Get MySQL port
if [ -z "$mysqlPort" ]; then
read -p "Enter MySQL Port [3306]: " mysqlPort
echo
if [ -z "$mysqlPort" ]; then
mysqlPort="3306"
fi
fi
if [ -n "$mysqlRootPwd" ]; then
export MYSQL_PWD=${mysqlRootPwd}
mysql -u root -D ${guacDb} -h ${mysqlHost} -P ${mysqlPort} -e"quit" || exit 1
else
# Get MySQL root password
echo
while true
do
read -s -p "Enter MySQL ROOT Password: " mysqlRootPwd
export MYSQL_PWD=${mysqlRootPwd}
echo
mysql -u root -D ${guacDb} -h ${mysqlHost} -P ${mysqlPort} -e"quit" && break
echo
done
echo
fi
# Get Tomcat Version
TOMCAT=$(ls /etc/ | grep tomcat)
# Get Current Guacamole Version
OLDVERSION=$(grep -oP 'Guacamole.API_VERSION = "\K[0-9\.]+' /var/lib/${TOMCAT}/webapps/guacamole/guacamole-common-js/modules/Version.js)
# Set SERVER to be the preferred download server from the Apache CDN
SERVER="http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/${GUACVERSION}"
# Stop tomcat and guac
service ${TOMCAT} stop
service guacd stop
# Update apt so we can search apt-cache
apt-get -qq update
# Install additional packages if they do not exist yet
apt-get -y install freerdp2-dev freerdp2-x11 libtool-bin libwebsockets-dev libavformat-dev
# Download Guacamole server
wget -q --show-progress -O guacamole-server-${GUACVERSION}.tar.gz ${SERVER}/source/guacamole-server-${GUACVERSION}.tar.gz
if [ $? -ne 0 ]; then
echo "Failed to download guacamole-server-${GUACVERSION}.tar.gz"
echo "${SERVER}/source/guacamole-server-${GUACVERSION}.tar.gz"
exit
else
tar -xzf guacamole-server-${GUACVERSION}.tar.gz
fi
# Download Guacamole client
wget -q --show-progress -O guacamole-${GUACVERSION}.war ${SERVER}/binary/guacamole-${GUACVERSION}.war
if [ $? -ne 0 ]; then
echo "Failed to download guacamole-${GUACVERSION}.war"
echo "${SERVER}/binary/guacamole-${GUACVERSION}.war"
exit
fi
# Download SQL components
wget -q --show-progress -O guacamole-auth-jdbc-${GUACVERSION}.tar.gz ${SERVER}/binary/guacamole-auth-jdbc-${GUACVERSION}.tar.gz
if [ $? -ne 0 ]; then
echo "Failed to download guacamole-auth-jdbc-${GUACVERSION}.tar.gz"
echo "${SERVER}/binary/guacamole-auth-jdbc-${GUACVERSION}.tar.gz"
exit
else
tar -xzf guacamole-auth-jdbc-${GUACVERSION}.tar.gz
rm /etc/guacamole/extensions/guacamole-auth-jdbc-*.jar
cp guacamole-auth-jdbc-${GUACVERSION}/mysql/guacamole-auth-jdbc-mysql-${GUACVERSION}.jar /etc/guacamole/extensions/
fi
# Upgrade Guacamole Server
cd guacamole-server-${GUACVERSION}
./configure --with-systemd-dir=/etc/systemd/system
if [ $? -ne 0 ]; then
echo "Failed to configure guacamole-server"
echo "Trying again with --enable-allow-freerdp-snapshots"
./configure --with-systemd-dir=/etc/systemd/system --enable-allow-freerdp-snapshots
if [ $? -ne 0 ]; then
echo "Failed to configure guacamole-server - again"
exit
fi
fi
make
make install
ldconfig
systemctl enable guacd
cd ..
# Upgrade Guacamole Client
mv guacamole-${GUACVERSION}.war /etc/guacamole/guacamole.war
# Get list of SQL Upgrade Files
UPGRADEFILES=($(ls -1 guacamole-auth-jdbc-${GUACVERSION}/mysql/schema/upgrade/ | sort -V))
# Compare SQL Upgrage Files against old version, apply upgrades as needed
for FILE in ${UPGRADEFILES[@]}
do
FILEVERSION=$(echo ${FILE} | grep -oP 'upgrade-pre-\K[0-9\.]+(?=\.)')
if [[ $(echo -e "${FILEVERSION}\n${OLDVERSION}" | sort -V | head -n1) == ${OLDVERSION} && ${FILEVERSION} != ${OLDVERSION} ]]; then
echo "Patching ${guacDb} with ${FILE}"
mysql -u root -D ${guacDb} -h ${mysqlHost} -P ${mysqlPort} < guacamole-auth-jdbc-${GUACVERSION}/mysql/schema/upgrade/${FILE}
fi
done
# Check for either TOTP or Duo extensions and ugprade if found
for file in /etc/guacamole/extensions/guacamole-auth-totp*.jar; do
if [[ -f $file ]]; then
# Upgrade TOTP
echo -e "${BLUE}TOTP extension was found, upgrading...${NC}"
rm /etc/guacamole/extensions/guacamole-auth-totp*.jar
wget -q --show-progress -O guacamole-auth-totp-${GUACVERSION}.tar.gz ${SERVER}/binary/guacamole-auth-totp-${GUACVERSION}.tar.gz
if [ $? -ne 0 ]; then
echo -e "${RED}Failed to download guacamole-auth-totp-${GUACVERSION}.tar.gz"
echo -e "${SERVER}/binary/guacamole-auth-totp-${GUACVERSION}.tar.gz"
exit 1
fi
echo -e "${GREEN}Downloaded guacamole-auth-totp-${GUACVERSION}.tar.gz${NC}"
tar -xzf guacamole-auth-totp-${GUACVERSION}.tar.gz
cp guacamole-auth-totp-${GUACVERSION}/guacamole-auth-totp-${GUACVERSION}.jar /etc/guacamole/extensions/
echo -e "${GREEN}TOTP copied to extensions.${NC}"
break
fi
done
for file in /etc/guacamole/extensions/guacamole-auth-duo*.jar; do
if [[ -f $file ]]; then
# Upgrade Duo
echo -e "${BLUE}Duo extension was found, upgrading...${NC}"
rm /etc/guacamole/extensions/guacamole-auth-duo*.jar
wget -q --show-progress -O guacamole-auth-duo-${GUACVERSION}.tar.gz ${SERVER}/binary/guacamole-auth-duo-${GUACVERSION}.tar.gz
if [ $? -ne 0 ]; then
echo -e "${RED}Failed to download guacamole-auth-duo-${GUACVERSION}.tar.gz"
echo -e "${SERVER}/binary/guacamole-auth-duo-${GUACVERSION}.tar.gz"
exit 1
fi
echo -e "${GREEN}Downloaded guacamole-auth-duo-${GUACVERSION}.tar.gz${NC}"
tar -xzf guacamole-auth-duo-${GUACVERSION}.tar.gz
cp guacamole-auth-duo-${GUACVERSION}/guacamole-auth-duo-${GUACVERSION}.jar /etc/guacamole/extensions/
echo -e "${GREEN}Duo copied to extensions.${NC}"
break
fi
done
# Fix for #196
mkdir -p /usr/sbin/.config/freerdp
chown daemon:daemon /usr/sbin/.config/freerdp
# Fix for #197
mkdir -p /var/guacamole
chown daemon:daemon /var/guacamole
# Start tomcat and Guacamole
echo -e "${BLUE}Starting tomcat and guacamole...${NC}"
service ${TOMCAT} start
service guacd start
# Cleanup
rm -rf guacamole*
unset MYSQL_PWD