#!/bin/bash ###################################################### # Snipe-It Install Script # # Script created by Mike Tucker # # mtucker6784@gmail.com # # This script is just to help streamline the # # install process for Debian and CentOS # # based distributions. I assume you will be # # installing as a subdomain on a fresh OS install. # # Right now I'm not going to worry about SMTP setup # # # # Feel free to modify, but please give # # credit where it's due. Thanks! # ###################################################### # ensure running as root if [ "$(id -u)" != "0" ]; then #Debian doesnt have sudo if root has a password. if ! hash sudo 2>/dev/null; then exec su -c "$0" "$@" else exec sudo "$0" "$@" fi fi #First things first, let's set some variables and find our distro. clear name="snipeit" hostname="$(hostname)" fqdn="$(hostname --fqdn)" ans=default hosts=/etc/hosts spin[0]="-" spin[1]="\\" spin[2]="|" spin[3]="/" # Debian/Ubuntu friendly f(x)s progress () { while kill -0 $pid > /dev/null 2>&1 do for i in "${spin[@]}" do echo -ne "\b$i" sleep .1 done done } #Used for Debian and Ubuntu vhenvfile () { find /etc/apache2/mods-enabled -maxdepth 1 -name 'rewrite.load' >/dev/null 2>&1 apachefile=/etc/apache2/sites-available/$name.conf { echo "" echo "ServerAdmin webmaster@localhost" echo "" echo " Require all granted" echo " AllowOverride All" echo " " echo " DocumentRoot $webdir/$name/public" echo " ServerName $fqdn" echo " ErrorLog /var/log/apache2/snipeIT.error.log" echo " CustomLog /var/log/apache2/access.log combined" echo "" } >> $apachefile echo >> $hosts "127.0.0.1 $hostname $fqdn" log "a2ensite $name.conf" } perms () { chmod_dirs=( "$webdir/$name/storage" ) chmod_dirs+=( "$webdir/$name/storage/private_uploads" ) chmod_dirs+=( "$webdir/$name/public/uploads" ) #Change permissions on directories for chmod_dir in "${chmod_dirs[@]}" do chmod -R 755 "$chmod_dir" done } log () { eval "$@" |& tee -a /var/log/snipeit-install.log >/dev/null 2>&1 } setenv () { cp $webdir/$name/.env.example $webdir/$name/.env sed -i '1 i\#Created By Snipe-it Installer' $webdir/$name/.env sed -i 's,^\(APP_TIMEZONE=\).*,\1'$tzone',' $webdir/$name/.env sed -i 's,^\(DB_HOST=\).*,\1'localhost',' $webdir/$name/.env sed -i 's,^\(DB_DATABASE=\).*,\1'snipeit',' $webdir/$name/.env sed -i 's,^\(DB_USERNAME=\).*,\1'snipeit',' $webdir/$name/.env sed -i 's,^\(DB_PASSWORD=\).*,\1'$mysqluserpw',' $webdir/$name/.env sed -i 's,^\(APP_URL=\).*,\1'http://$fqdn',' $webdir/$name/.env } installcomposer () { cd $webdir/$name/ curl -sS https://getcomposer.org/installer | php php composer.phar install --no-dev --prefer-source } #CentOS Friendly f(x)s function isinstalled { if yum list installed "$@" >/dev/null 2>&1; then true else false fi } if [ -f /etc/lsb-release ]; then distro="$(lsb_release -s -i )" version="$(lsb_release -s -r)" codename="$(lsb_release -c -s)" elif [ -f /etc/os-release ]; then distro="$(. /etc/os-release && echo $ID)" version="$(. /etc/os-release && echo $VERSION_ID)" #Order is important here. If /etc/os-release and /etc/centos-release exist, we're on centos 7. #If only /etc/centos-release exist, we're on centos6(or earlier). Centos-release is less parsable, #so lets assume that it's version 6 (Plus, who would be doing a new install of anything on centos5 at this point..) elif [ -f /etc/centos-release ]; then distro="Centos" version="6" else distro="unsupported" fi echo " _____ _ __________ / ___/____ (_)___ ___ / _/_ __/ \__ \/ __ \/ / __ \/ _ \______ / / / / ___/ / / / / / /_/ / __/_____// / / / /____/_/ /_/_/ .___/\___/ /___/ /_/ /_/ " echo "" echo " Welcome to Snipe-IT Inventory Installer for Centos, Debian and Ubuntu!" echo "" shopt -s nocasematch case $distro in *Ubuntu*) echo " The installer has detected Ubuntu version $version as the OS." distro=ubuntu ;; *Debian*) echo " The installer has detected Debian version $version as the OS." distro=debian ;; *centos*|*redhat*|*ol*|*rhel*) echo " The installer has detected $distro version $version as the OS." distro=centos ;; *) echo " The installer was unable to determine your OS. Exiting for safety." exit ;; esac shopt -u nocasematch echo -n " Q. What is the FQDN of your server? ($fqdn): " read fqdn if [ -z "$fqdn" ]; then fqdn="$(hostname --fqdn)" fi echo " Setting to $fqdn" echo "" until [[ $ans == "yes" ]] || [[ $ans == "no" ]]; do echo -n " Q. Do you want to automatically create the database user password? (y/n) " read setpw case $setpw in [yY] | [yY][Ee][Ss] ) mysqluserpw="$(echo `< /dev/urandom tr -dc _A-Za-z-0-9 | head -c16`)" echo "" ans="yes" ;; [nN] | [n|N][O|o] ) echo -n " Q. What do you want your snipeit user password to be?" read -s mysqluserpw echo "" ans="no" ;; *) echo " Invalid answer. Please type y or n" ;; esac done #TODO: Lets not install snipeit application under root #TODO: Make progress tracker go on the same line of the step being run #TODO: Progress tracker on each step case $distro in debian) if [[ "$version" =~ ^9 ]]; then ##################################### Install for Debian 9 ############################################## webdir=/var/www echo "* Updating with apt-get update." log "apt-get update" & pid=$! progress echo "* Upgrading packages with apt-get upgrade." log "apt-get -y upgrade" & pid=$! progress echo "* Installing httpd, PHP, MariaDB and other requirements." log "DEBIAN_FRONTEND=noninteractive apt-get install -y mariadb-server mariadb-client apache2 libapache2-mod-php php php-mcrypt php-curl php-mysql php-gd php-ldap php-zip php-mbstring php-xml php-bcmath curl git unzip" & pid=$! progress log "a2enmod rewrite" echo "* Cloning Snipe-IT from github to the web directory." log "git clone https://github.com/snipe/snipe-it $webdir/$name" & pid=$! progress echo "* Configuring .env file." tzone=$(cat /etc/timezone) setenv echo "* Creating the new virtual host in Apache." vhenvfile echo >> $hosts "127.0.0.1 $hostname $fqdn" a2ensite $name.conf echo "* Securing MariaDB server."; /usr/bin/mysql_secure_installation echo "* Creating MariaDB Database/User." echo "* Please Input your MariaDB root password:" mysql -u root -p --execute="CREATE DATABASE snipeit;GRANT ALL PRIVILEGES ON snipeit.* TO snipeit@localhost IDENTIFIED BY '$mysqluserpw';" echo "* Installing and running composer." installcomposer echo "* Setting permissions." perms chown -R www-data:www-data "/var/www/$name" service apache2 restart echo "* Generating the application key." php artisan key:generate --force echo "* Artisan Migrate." php artisan migrate --force else echo "Unable to Handle Debian Version #. Version Found: " $version return 1 fi ;; ubuntu) if [[ "$version" =~ 1[6-7] ]]; then ##################################### Install for Ubuntu 16-17 ############################################## webdir=/var/www echo "* Adding MariaDB repository." log "apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8" log "add-apt-repository 'deb [arch=amd64,i386] http://nyc2.mirrors.digitalocean.com/mariadb/repo/10.1/ubuntu $codename main'" echo "* Updating with apt-get update." log "apt-get update" & pid=$! [ -f /var/lib/dpkg/lock ] && rm -f /var/lib/dpkg/lock progress echo "* Upgrading packages with apt-get upgrade." log "apt-get -y upgrade" & pid=$! progress echo "* Installing httpd, PHP, MariaDB and other requirements." log "DEBIAN_FRONTEND=noninteractive apt-get install -y mariadb-server mariadb-client apache2 libapache2-mod-php php php-mcrypt php-curl php-mysql php-gd php-ldap php-zip php-mbstring php-xml php-bcmath curl git unzip" & pid=$! progress log "phpenmod mcrypt" log "phpenmod mbstring" log "a2enmod rewrite" echo "* Cloning Snipe-IT from github to the web directory." log "git clone https://github.com/snipe/snipe-it $webdir/$name" & pid=$! progress echo "* Configuring .env file." tzone=$(cat /etc/timezone) setenv echo "* Creating the new virtual host in Apache." vhenvfile echo "* Starting the MariaDB server."; service mysql status >/dev/null || service mysql start echo "* Securing MariaDB server."; /usr/bin/mysql_secure_installation echo "* Creating MariaDB Database/User." echo "* Please Input your MariaDB root password:" mysql -u root -p --execute="CREATE DATABASE snipeit;GRANT ALL PRIVILEGES ON snipeit.* TO snipeit@localhost IDENTIFIED BY '$mysqluserpw';" echo "* Installing and running composer." installcomposer echo "* Setting permissions." perms chown -R www-data:www-data "/var/www/$name" service apache2 restart echo "* Generating the application key." php artisan key:generate --force echo "* Artisan Migrate." php artisan migrate --force elif [[ "$version" =~ 14 ]]; then ##################################### Install for Ubuntu 14 ############################################## webdir=/var/www echo "* Adding MariaDB and ppa:ondrej/php repositories." log "apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xcbcb082a1bb943db" log "add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://nyc2.mirrors.digitalocean.com/mariadb/repo/10.1/ubuntu $codename main'" #PHP7 repository log "add-apt-repository ppa:ondrej/php -y" echo "* Updating with apt-get update." log "apt-get update" & pid=$! [ -f /var/lib/dpkg/lock ] && rm -f /var/lib/dpkg/lock progress echo "* Upgrading packages with apt-get upgrade." log "apt-get -y upgrade" & pid=$! progress echo "* Installing httpd, PHP, MariaDB and other requirements." log "DEBIAN_FRONTEND=noninteractive apt-get install -y mariadb-server mariadb-client php7.1 php7.1-mcrypt php7.1-curl php7.1-mysql php7.1-gd php7.1-ldap php7.1-zip php7.1-mbstring php7.1-xml php7.1-bcmath curl git unzip" & pid=$! progress log "phpenmod mcrypt" log "phpenmod mbstring" log "a2enmod rewrite" echo "* Cloning Snipe-IT from github to the web directory." log "git clone https://github.com/snipe/snipe-it $webdir/$name" & pid=$! progress echo "* Configuring .env file." tzone=$(cat /etc/timezone) setenv echo "* Creating the new virtual host in Apache." vhenvfile echo "* Starting the MariaDB server."; service mysql status >/dev/null || service mysql start echo "* Securing MariaDB server."; /usr/bin/mysql_secure_installation echo "* Creating MariaDB Database/User." echo "* Please Input your MariaDB root password:" mysql -u root -p --execute="CREATE DATABASE snipeit;GRANT ALL PRIVILEGES ON snipeit.* TO snipeit@localhost IDENTIFIED BY '$mysqluserpw';" echo "* Installing and running composer." installcomposer echo "* Setting permissions." perms chown -R www-data:www-data "/var/www/$name" service apache2 restart echo "* Generating the application key." php artisan key:generate --force echo "* Artisan Migrate." php artisan migrate --force else echo "Unable to Handle Ubuntu Version #. Version Found: " $version return 1 fi ;; centos) if [[ "$version" =~ ^6 ]]; then ##################################### Install for Centos/Redhat 6 ############################################## webdir=/var/www/html echo "* Adding IUS, epel-release and MariaDB repositories."; mariadbRepo=/etc/yum.repos.d/MariaDB.repo touch "$mariadbRepo" { echo "[mariadb]" echo "name = MariaDB" echo "baseurl = http://yum.mariadb.org/10.0/centos6-amd64" echo "gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB" echo "gpgcheck=1" echo "enable=1" } >> "$mariadbRepo" log "yum -y install wget epel-release" log "yum -y install https://centos6.iuscommunity.org/ius-release.rpm" log "rpm --import /etc/pki/rpm-gpg/IUS-COMMUNITY-GPG-KEY" echo "* Installing httpd, PHP, MariaDB and other requirements."; PACKAGES="httpd mariadb-server git unzip php71u php71u-mysqlnd php71u-bcmath php71u-cli php71u-common php71u-embedded php71u-gd php71u-mbstring php71u-mcrypt php71u-ldap php71u-json php71u-simplexml" for p in $PACKAGES;do if isinstalled "$p"; then echo " * $p already installed" else echo " * Installing $p ... " log "yum -y install $p" fi done; echo "* Cloning Snipe-IT from github to the web directory."; log "git clone https://github.com/snipe/snipe-it $webdir/$name" # Make mariaDB start on boot and restart the daemon echo "* Starting the MariaDB server."; chkconfig mysql on /sbin/service mysql start echo "* Securing MariaDB server."; /usr/bin/mysql_secure_installation echo "* Creating MariaDB Database/User." echo "* Please Input your MariaDB root password: " mysql -u root -p --execute="CREATE DATABASE snipeit;GRANT ALL PRIVILEGES ON snipeit.* TO snipeit@localhost IDENTIFIED BY '$mysqluserpw';" #Create the new virtual host in Apache and enable rewrite echo "* Creating the new virtual host in Apache." apachefile=/etc/httpd/conf.d/$name.conf { echo "" echo "" echo "" echo "" echo "ServerAdmin webmaster@localhost" echo " " echo " Allow From All" echo " AllowOverride All" echo " Options +Indexes" echo " " echo " DocumentRoot $webdir/$name/public" echo " ServerName $fqdn" echo " ErrorLog /var/log/httpd/snipeIT.error.log" echo " CustomLog /var/log/access.log combined" echo "" } >> "$apachefile" echo "* Setting up hosts file."; echo >> $hosts "127.0.0.1 $hostname $fqdn" # Make apache start on boot and restart the daemon echo "* Starting the apache server."; chkconfig httpd on /sbin/service httpd start echo "* Configuring .env file." tzone=$(grep ZONE /etc/sysconfig/clock | tr -d '"' | sed 's/ZONE=//g'); setenv echo "* Installing and running composer." installcomposer echo "* Setting permissions." perms chown -R apache:apache $webdir/$name /sbin/service iptables status >/dev/null 2>&1 if [ $? = 0 ]; then echo "* Configuring iptables." iptables -I INPUT 1 -p tcp -m tcp --dport 80 -j ACCEPT iptables -I INPUT 1 -p tcp -m tcp --dport 443 -j ACCEPT service iptables save fi service httpd restart echo "* Generating the application key." php artisan key:generate --force echo "* Artisan Migrate." php artisan migrate --force elif [[ "$version" =~ ^7 ]]; then ##################################### Install for Centos/Redhat 7 ############################################## webdir=/var/www/html echo "* Adding IUS, epel-release and MariaDB repositories."; log "yum -y install wget epel-release" log "yum -y install https://centos7.iuscommunity.org/ius-release.rpm" log "rpm --import /etc/pki/rpm-gpg/IUS-COMMUNITY-GPG-KEY" echo "* Installing httpd, PHP, MariaDB and other requirements."; PACKAGES="httpd mariadb-server git unzip php71u php71u-mysqlnd php71u-bcmath php71u-cli php71u-common php71u-embedded php71u-gd php71u-mbstring php71u-mcrypt php71u-ldap php71u-json php71u-simplexml" for p in $PACKAGES;do if isinstalled "$p"; then echo " * $p already installed" else echo " * Installing $p ... " log "yum -y install $p" fi done; echo "* Cloning Snipe-IT from github to the web directory."; log "git clone https://github.com/snipe/snipe-it $webdir/$name" #Make mariaDB start on boot and restart the daemon echo "* Starting the MariaDB server."; systemctl enable mariadb.service systemctl start mariadb.service echo "* Securing MariaDB server."; /usr/bin/mysql_secure_installation echo "* Creating MariaDB Database/User." echo "* Please Input your MariaDB root password " mysql -u root -p --execute="CREATE DATABASE snipeit;GRANT ALL PRIVILEGES ON snipeit.* TO snipeit@localhost IDENTIFIED BY '$mysqluserpw';" #TODO make sure the apachefile doesnt exist isnt already in there #Create the new virtual host in Apache and enable rewrite echo "* Creating the new virtual host in Apache." apachefile="/etc/httpd/conf.d/$name.conf" { echo "" echo "" echo "LoadModule rewrite_module modules/mod_rewrite.so" echo "" echo "" echo "ServerAdmin webmaster@localhost" echo " " echo " Allow From All" echo " AllowOverride All" echo " Options +Indexes" echo " " echo " DocumentRoot $webdir/$name/public" echo " ServerName $fqdn" echo " ErrorLog /var/log/httpd/snipeIT.error.log" echo " CustomLog /var/log/access.log combined" echo "" } >> "$apachefile" #TODO make sure this isnt already in there echo "* Setting up hosts file."; echo >> $hosts "127.0.0.1 $hostname $fqdn" echo "* Starting the apache server."; systemctl enable httpd.service systemctl restart httpd.service echo "* Configuring .env file." tzone=$(timedatectl | gawk -F'[: ]' ' $9 ~ /zone/ {print $11}'); setenv echo "* Installing and running composer." installcomposer echo "* Setting permissions." perms chown -R apache:apache $webdir/$name #Check if SELinux is enforcing if [ "$(getenforce)" == "Enforcing" ]; then echo "* Configuring SELinux." #Required for ldap integration setsebool -P httpd_can_connect_ldap on #Sets SELinux context type so that scripts running in the web server process are allowed read/write access chcon -R -h -t httpd_sys_script_rw_t $webdir/$name/ fi log "systemctl restart httpd.service" echo "* Generating the application key." php artisan key:generate --force echo "* Artisan Migrate." php artisan migrate --force echo "* Creating scheduler cron." (crontab -l ; echo "* * * * * /usr/bin/php $webdir/$name/artisan schedule:run >> /dev/null 2>&1") | crontab - else echo "Unable to Handle Centos Version #. Version Found: " $version return 1 fi esac setupmail=default until [[ $setupmail == "yes" ]] || [[ $setupmail == "no" ]]; do echo -n " Q. Do you want to configure mail server settings? (y/n) " read setupmail case $setupmail in [yY] | [yY][Ee][Ss] ) echo -n " Outgoing mailserver address:" read mailhost sed -i 's,^\(MAIL_HOST=\).*,\1'$mailhost',' $webdir/$name/.env echo -n " Server port number:" read mailport sed -i 's,^\(MAIL_PORT=\).*,\1'$mailport',' $webdir/$name/.env echo -n " Username:" read mailusername sed -i 's,^\(MAIL_USERNAME=\).*,\1'$mailusername',' $webdir/$name/.env echo -n " Password:" read mailpassword sed -i 's,^\(MAIL_PASSWORD=\).*,\1'$mailpassword',' $webdir/$name/.env echo -n " Encryption(null/TLS/SSL):" read mailencryption sed -i 's,^\(MAIL_ENCRYPTION=\).*,\1'$mailencryption',' $webdir/$name/.env echo -n " From address:" read mailfromaddr sed -i 's,^\(MAIL_FROM_ADDR=\).*,\1'$mailfromaddr',' $webdir/$name/.env echo -n " From name:" read mailfromname sed -i 's,^\(MAIL_FROM_NAME=\).*,\1'$mailfromname',' $webdir/$name/.env echo -n " Reply to address:" read mailreplytoaddr sed -i 's,^\(MAIL_REPLYTO_ADDR=\).*,\1'$mailreplytoaddr',' $webdir/$name/.env echo -n " Reply to name:" read mailreplytoname sed -i 's,^\(MAIL_REPLYTO_NAME=\).*,\1'$mailreplytoname',' $webdir/$name/.env setupmail="yes" ;; [nN] | [n|N][O|o] ) setupmail="no" ;; *) echo " Invalid answer. Please type y or n" ;; esac done echo "" echo " ***Open http://$fqdn to login to Snipe-IT.***" echo "" echo "" echo "* Cleaning up..." rm -f snipeit.sh rm -f install.sh echo "* Finished!" sleep 1