mirror of
https://github.com/joglomedia/LEMPer.git
synced 2026-04-04 19:58:18 +00:00
313 lines
13 KiB
Bash
Executable File
313 lines
13 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
# MariaDB Installer
|
|
# Min. Requirement : GNU/Linux Ubuntu 18.04
|
|
# Last Build : 13/02/2022
|
|
# Author : MasEDI.Net (me@masedi.net)
|
|
# Since Version : 1.0.0
|
|
|
|
# Include helper functions.
|
|
if [[ "$(type -t run)" != "function" ]]; then
|
|
BASE_DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )
|
|
# shellcheck disable=SC1091
|
|
. "${BASE_DIR}/helper.sh"
|
|
|
|
# Make sure only root can run this installer script.
|
|
requires_root "$@"
|
|
|
|
# Make sure only supported distribution can run this installer script.
|
|
preflight_system_check
|
|
fi
|
|
|
|
##
|
|
# Add MariaDB Repository.
|
|
##
|
|
function add_mariadb_repo() {
|
|
echo "Adding MariaDB repository..."
|
|
|
|
MYSQL_SERVER=${MYSQL_SERVER:-"mariadb"}
|
|
MYSQL_VERSION=${MYSQL_VERSION:-"10.6"}
|
|
|
|
# Fallback to oldest version if version is not supported.
|
|
[ "${RELEASE_NAME}" == "jessie" ] && MYSQL_VERSION="10.5"
|
|
|
|
# Add MariaDB official repo.
|
|
# Ref: https://mariadb.com/kb/en/library/mariadb-package-repository-setup-and-usage/
|
|
MARIADB_REPO_SETUP_URL="https://downloads.mariadb.com/MariaDB/mariadb_repo_setup"
|
|
|
|
if curl -sLI "${MARIADB_REPO_SETUP_URL}" | grep -q "HTTP/[.12]* [2].."; then
|
|
run curl -sSL -o "${BUILD_DIR}/mariadb_repo_setup" "${MARIADB_REPO_SETUP_URL}" && \
|
|
run bash "${BUILD_DIR}/mariadb_repo_setup" --mariadb-server-version="mariadb-${MYSQL_VERSION}" \
|
|
--os-type="${DISTRIB_NAME}" --os-version="${RELEASE_NAME}" && \
|
|
run apt-get update -qq -y
|
|
else
|
|
error "MariaDB repo installer not found."
|
|
fi
|
|
}
|
|
|
|
##
|
|
# Install MariaDB (MySQL drop-in).
|
|
##
|
|
function init_mariadb_install() {
|
|
if [[ "${AUTO_INSTALL}" == true ]]; then
|
|
if [[ "${INSTALL_MYSQL}" == true ]]; then
|
|
DO_INSTALL_MYSQL="y"
|
|
else
|
|
DO_INSTALL_MYSQL="n"
|
|
fi
|
|
else
|
|
while [[ "${DO_INSTALL_MYSQL}" != y* && "${DO_INSTALL_MYSQL}" != n* ]]; do
|
|
read -rp "Do you want to install MariaDB server? [y/n]: " -i y -e DO_INSTALL_MYSQL
|
|
done
|
|
fi
|
|
|
|
# Do MariaDB server installation here...
|
|
if [[ ${DO_INSTALL_MYSQL} == y* || ${DO_INSTALL_MYSQL} == Y* ]]; then
|
|
# Add repository.
|
|
add_mariadb_repo
|
|
|
|
echo "Installing MariaDB (MySQL drop-in replacement) server..."
|
|
|
|
# Install MariaDB
|
|
run apt-get install -qq -y libmariadb3 libmariadbclient18 "mariadb-client-${MYSQL_VERSION}" \
|
|
"mariadb-client-core-${MYSQL_VERSION}" mariadb-common mariadb-server "mariadb-server-${MYSQL_VERSION}" \
|
|
"mariadb-server-core-${MYSQL_VERSION}" mariadb-backup
|
|
|
|
# Configure MySQL installation.
|
|
if [[ "${DRYRUN}" == true ]]; then
|
|
info "MariaDB server installed in dry run mode."
|
|
else
|
|
if [[ -n $(command -v mysql) ]]; then
|
|
[ ! -d /etc/mysql/conf.d ] && run mkdir -p /etc/mysql/conf.d
|
|
[ ! -f /etc/mysql/my.cnf ] && run cp -f etc/mysql/my.cnf /etc/mysql/
|
|
[ ! -f /etc/mysql/mariadb.cnf ] && run cp -f etc/mysql/mariadb.cnf /etc/mysql/
|
|
[ ! -f /etc/mysql/debian.cnf ] && run cp -f etc/mysql/debian.cnf /etc/mysql/
|
|
|
|
if [ ! -f /etc/mysql/debian-start ]; then
|
|
run cp -f etc/mysql/debian-start /etc/mysql/
|
|
run chmod +x /etc/mysql/debian-start
|
|
fi
|
|
|
|
# init script.
|
|
if [ ! -f /etc/init.d/mysql ]; then
|
|
run cp etc/init.d/mysql /etc/init.d/
|
|
run chmod ugo+x /etc/init.d/mysql
|
|
fi
|
|
|
|
# systemd script.
|
|
[ ! -f /lib/systemd/system/mariadb.service ] && \
|
|
run cp etc/systemd/mariadb.service /lib/systemd/system/
|
|
|
|
[[ ! -f /etc/systemd/system/multi-user.target.wants/mariadb.service && -f /lib/systemd/system/mariadb.service ]] && \
|
|
run ln -s /lib/systemd/system/mariadb.service /etc/systemd/system/multi-user.target.wants/mariadb.service
|
|
|
|
[[ ! -f /etc/systemd/system/mysqld.service && -f /lib/systemd/system/mariadb.service ]] && \
|
|
run ln -s /lib/systemd/system/mariadb.service /etc/systemd/system/mysqld.service
|
|
|
|
[[ ! -f /etc/systemd/system/mysql.service && -f /lib/systemd/system/mariadb.service ]] && \
|
|
run ln -s /lib/systemd/system/mariadb.service /etc/systemd/system/mysql.service
|
|
|
|
# Trying to reload daemon.
|
|
run systemctl daemon-reload
|
|
|
|
# Unmask systemd service (?)
|
|
run systemctl unmask mariadb.service
|
|
|
|
# Enable MariaDB on startup.
|
|
run systemctl enable mariadb.service
|
|
|
|
# Restart MariaDB service daemon.
|
|
run systemctl start mariadb
|
|
#run service mysql start
|
|
|
|
##
|
|
# MariaDB secure installation
|
|
# Ref: https://mariadb.com/kb/en/library/security-of-mariadb-root-account/
|
|
#
|
|
if [[ "${AUTO_INSTALL}" == true ]]; then
|
|
if [[ "${MYSQL_SECURE_INSTALL}" == true ]]; then
|
|
echo "Securing MariaDB Installation..."
|
|
|
|
# Ref: https://bertvv.github.io/notes-to-self/2015/11/16/automating-mysql_secure_installation/
|
|
MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD:-$(openssl rand -base64 64 | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1)}
|
|
local SQL_QUERY=""
|
|
|
|
# Setting the database root password.
|
|
SQL_QUERY="ALTER USER 'root'@'localhost' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}';"
|
|
|
|
# Delete anonymous users.
|
|
SQL_QUERY="${SQL_QUERY}
|
|
DELETE FROM mysql.user WHERE User='';"
|
|
|
|
# Ensure the root user can not log in remotely.
|
|
SQL_QUERY="${SQL_QUERY}
|
|
DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');"
|
|
|
|
# Remove the test database.
|
|
SQL_QUERY="${SQL_QUERY}
|
|
DROP DATABASE IF EXISTS test;
|
|
DELETE FROM mysql.db WHERE Db='test' OR Db='test\_%';"
|
|
|
|
# Flush the privileges tables.
|
|
SQL_QUERY="${SQL_QUERY}
|
|
FLUSH PRIVILEGES;"
|
|
|
|
# Root password is blank for newly installed MariaDB (MySQL).
|
|
if mysql --user=root --password="${MYSQL_ROOT_PASSWORD}" -e "${SQL_QUERY}"; then
|
|
success "Securing MariaDB server installation has been done."
|
|
else
|
|
error "Unable to secure MariaDB server installation."
|
|
fi
|
|
fi
|
|
else
|
|
if [[ "${MYSQL_SECURE_INSTALL}" == true ]]; then
|
|
while [[ "${DO_MYSQL_SECURE_INSTALL}" != "y" && "${DO_MYSQL_SECURE_INSTALL}" != "n" ]]; do
|
|
read -rp "Do you want to secure MySQL installation? [y/n]: " -e DO_MYSQL_SECURE_INSTALL
|
|
done
|
|
|
|
if [[ "${DO_MYSQL_SECURE_INSTALL}" == y* || "${DO_MYSQL_SECURE_INSTALL}" == Y* ]]; then
|
|
run mysql_secure_installation
|
|
fi
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
if [[ $(pgrep -c mysql) -gt 0 || -n $(command -v mysql) ]]; then
|
|
success "MariaDB server installed successfully."
|
|
|
|
# Allow remote client access
|
|
allow_remote_client_access
|
|
|
|
# Enable Mariabackup
|
|
enable_mariabackup
|
|
|
|
# Restart MariaDB (MySQL)
|
|
run systemctl restart mariadb
|
|
|
|
if [[ $(pgrep -c mysql) -gt 0 ]]; then
|
|
success "MariaDB server configured successfully."
|
|
elif [[ -n $(command -v mysql) ]]; then
|
|
# Server died? try to start it.
|
|
run systemctl start mariadb
|
|
|
|
if [[ $(pgrep -c mysql) -gt 0 ]]; then
|
|
success "MariaDB server configured successfully."
|
|
else
|
|
info "Something went wrong with MariaDB server installation."
|
|
fi
|
|
fi
|
|
else
|
|
info "Something went wrong with MariaDB server installation."
|
|
fi
|
|
fi
|
|
else
|
|
info "MariaDB installation skipped."
|
|
fi
|
|
}
|
|
|
|
##
|
|
# Enable MariaDB Backup tool.
|
|
##
|
|
function enable_mariabackup() {
|
|
echo ""
|
|
echo "Mariabackup will be installed and enabled by default."
|
|
echo "It is useful to backup and restore MySQL database."
|
|
echo ""
|
|
sleep 1
|
|
|
|
export MARIABACKUP_USER=${MARIABACKUP_USER:-"lemperdb"}
|
|
MARIABACKUP_PASS=${MARIABACKUP_PASS:-$(openssl rand -base64 64 | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1)}
|
|
export MARIABACKUP_PASS
|
|
|
|
#echo "Please enter your current MySQL root password to process!"
|
|
until [[ "${MYSQL_ROOT_PASSWORD}" != "" ]]; do
|
|
echo -n "MySQL root password: "; stty -echo; read -r MYSQL_ROOT_PASSWORD; stty echo; echo
|
|
done
|
|
export MYSQL_ROOT_PASSWORD
|
|
|
|
# Create default LEMPer database user if not exists.
|
|
if ! mysql -u root -p"${MYSQL_ROOT_PASSWORD}" -e "SELECT User FROM mysql.user;" | grep -q "${MARIABACKUP_USER}"; then
|
|
# Create mariabackup user.
|
|
SQL_QUERY="CREATE USER '${MARIABACKUP_USER}'@'localhost' IDENTIFIED BY '${MARIABACKUP_PASS}';
|
|
GRANT RELOAD, PROCESS, LOCK TABLES, REPLICATION CLIENT ON *.* TO '${MARIABACKUP_USER}'@'localhost';"
|
|
|
|
mysql -u "root" -p"${MYSQL_ROOT_PASSWORD}" -e "${SQL_QUERY}"
|
|
|
|
# Update my.cnf
|
|
MARIABACKUP_CNF="###################################
|
|
# Custom optimization for LEMPer
|
|
# Mariabackup credential
|
|
#
|
|
[mariabackup]
|
|
user=${MARIABACKUP_USER}
|
|
password=${MARIABACKUP_PASS}
|
|
open_files_limit=65535
|
|
"
|
|
|
|
if [[ -d /etc/mysql/mariadb.conf.d ]]; then
|
|
run touch /etc/mysql/mariadb.conf.d/50-mariabackup.cnf
|
|
run bash -c "echo '${MARIABACKUP_CNF}' > /etc/mysql/mariadb.conf.d/50-mariabackup.cnf"
|
|
else
|
|
run bash -c "echo -e '\n${MARIABACKUP_CNF}' >> /etc/mysql/my.cnf"
|
|
fi
|
|
|
|
# Save config.
|
|
save_config -e "MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}\nMARIABACKUP_USERNAME=${MARIABACKUP_USER}\nMARIABACKUP_PASSWORD=${MARIABACKUP_PASS}"
|
|
|
|
# Save log.
|
|
save_log -e "MariaDB server credentials.\nMySQL Root Password: ${MYSQL_ROOT_PASSWORD}, MariaBackup DB Username: ${MARIABACKUP_USER}, MariaBackup DB Password: ${MARIABACKUP_PASS}\nSave this credential and use it to authenticate your MySQL database connection."
|
|
else
|
|
info "It seems that user '${MARIABACKUP_USER}' already exists. You can add mariabackup user manually!"
|
|
fi
|
|
}
|
|
|
|
##
|
|
# Allow remote client access
|
|
# You need to add the following query to the client account
|
|
#CREATE USER 'username'@'ip_address' IDENTIFIED BY 'secret';
|
|
#GRANT ALL PRIVILEGES ON *.* TO 'username'@'ip_address' WITH GRANT OPTION;
|
|
#CREATE USER 'username'@'%' IDENTIFIED BY 'secret';
|
|
#GRANT ALL PRIVILEGES ON *.* TO 'usernemae'@'%' WITH GRANT OPTION;
|
|
#FLUSH PRIVILEGES;
|
|
##
|
|
function allow_remote_client_access() {
|
|
if [[ "${AUTO_INSTALL}" == true ]]; then
|
|
if "${MYSQL_ALLOW_REMOTE}"; then
|
|
ENABLE_REMOTE_ACCESS="y"
|
|
else
|
|
ENABLE_REMOTE_ACCESS="n"
|
|
fi
|
|
else
|
|
while [[ "${ENABLE_REMOTE_ACCESS}" != "y" && "${ENABLE_REMOTE_ACCESS}" != "n" ]]; do
|
|
read -rp "Do you want to allow MySQL remote client access? [y/n]: " -e ENABLE_REMOTE_ACCESS
|
|
done
|
|
fi
|
|
|
|
if [[ ${ENABLE_REMOTE_ACCESS} == y* ]]; then
|
|
REMOTE_CLIENT_CNF="###################################
|
|
# Custom optimization for LEMPer
|
|
# Allow remote client access
|
|
#
|
|
[mysqld]
|
|
skip-networking=0
|
|
skip-bind-address"
|
|
|
|
if [[ -d /etc/mysql/mariadb.conf.d ]]; then
|
|
run touch /etc/mysql/mariadb.conf.d/20-allow-remote-client-access.cnf
|
|
run bash -c "echo '${REMOTE_CLIENT_CNF}' > /etc/mysql/mariadb.conf.d/20-allow-remote-client-access.cnf"
|
|
else
|
|
run bash -c "echo -e '\n${REMOTE_CLIENT_CNF}' >> /etc/mysql/my.cnf"
|
|
fi
|
|
fi
|
|
}
|
|
|
|
echo "[MariaDB (MySQL drop-in replacement) Installation]"
|
|
|
|
# Start running things from a call at the end so if this script is executed
|
|
# after a partial download it doesn't do anything.
|
|
if [[ -n $(command -v mysql) && -n $(command -v mysqld) && "${FORCE_INSTALL}" != true ]]; then
|
|
info "MariaDB server already exists, installation skipped."
|
|
else
|
|
init_mariadb_install "$@"
|
|
fi
|