UniqueSoft/openpanel
2
0
Fork 0
mirror of https://github.com/stefanpejcic/openpanel synced 2025-06-26 18:28:26 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Update INSTALL.sh

Browse Source
This commit is contained in:
Stefan Pejcic
2024-06-13 19:22:16 +02:00
committed by GitHub
parent 6db50bf398
commit 11f5d5fe7b
1 changed files with 7 additions and 423 deletions
Download Patch File Download Diff File Expand all files Collapse all files

430
version/0.2.1/INSTALL.sh
View File

@@ -42,8 +42,6 @@ SKIP_IMAGES=false
REPAIR=false
LOCALES=true
NO_SSH=false
INSTALL_FTP=false
INSTALL_MAIL=false
OVERLAY=false
IPSETS=true
SET_HOSTNAME_NOW=false
@@ -61,12 +59,8 @@ OPENPADMIN_DIR="/usr/local/admin/"
ETC_DIR="/etc/openpanel/"
OPENCLI_DIR="/usr/local/admin/scripts/"
OPENPANEL_ERR_DIR="/var/log/openpanel/"
SERVICES_DIR="/etc/systemd/system/"
TEMP_DIR="/tmp/"
# Domains
SCREENSHOTS_API_URL="http://screenshots-api.openpanel.co/screenshot"
# Redirect output to the log file
exec > >(tee -a "$LOG_FILE") 2>&1
@@ -234,19 +228,8 @@ FUNCTIONS=(
configure_docker
setup_services
configure_nginx
configure_modsecurity
run_mysql_docker_container
setup_opencli
download_and_import_docker_images
setup_ufw
setup_ftp
setup_email
install_all_locales
helper_function_for_nginx_on_aws_and_azure
setup_swap
configure_mysql
start_services
set_premium_features
set_system_cronjob
@@ -426,9 +409,6 @@ while [[ $# -gt 0 ]]; do
--post_install=*)
post_install_path="${1#*=}"
;;
--screenshots=*)
SCREENSHOTS_API_URL="${1#*=}"
;;
--version=*)
CUSTOM_VERSION=true
version="${1#*=}"
@@ -510,32 +490,6 @@ detect_os_and_package_manager() {
}
install_all_locales() {
# OpenPanel translations
#
# https://dev.openpanel.co/localization.html
#
echo "Installing FR, DE, TR locales."
# FR
cd ${OPENPANEL_DIR} && pybabel init -i messages.pot -d translations -l fr
debug_log "wget -O ${OPENPANEL_DIR}translations/fr/LC_MESSAGES/messages.po https://raw.githubusercontent.com/stefanpejcic/openpanel-translations/main/fr-fr/messages.pot"
# DE
cd ${OPENPANEL_DIR} && pybabel init -i messages.pot -d translations -l de
debug_log "wget -O ${OPENPANEL_DIR}translations/de/LC_MESSAGES/messages.po https://raw.githubusercontent.com/stefanpejcic/openpanel-translations/main/de-de/messages.pot"
# TR
cd ${OPENPANEL_DIR} && pybabel init -i messages.pot -d translations -l tr
debug_log "wget -O ${OPENPANEL_DIR}translations/tr/LC_MESSAGES/messages.po https://raw.githubusercontent.com/stefanpejcic/openpanel-translations/main/tr-tr/messages.pot"
pybabel compile -d translations
}
check_lock_file_age() {
# Use flock to create a lock or exit if the lock is already held
exec 200>"$LOCK_FILE"
@@ -555,23 +509,6 @@ clean_apt_cache(){
# TODO: cover https://github.com/debuerreotype/debuerreotype/issues/95
}
setup_ftp() {
if [ "$INSTALL_FTP" = true ]; then
echo "Installing experimental FTP service."
curl -sSL https://raw.githubusercontent.com/stefanpejcic/OpenPanel-FTP/master/setup.sh | bash
fi
}
setup_email() {
if [ "$INSTALL_MAIL" = true ]; then
echo "Installing experimental Email service."
curl -sSL https://raw.githubusercontent.com/stefanpejcic/OpenMail/master/setup.sh | bash --dovecot
fi
}
setup_ufw() {
if [ -z "$SKIP_FIREWALL" ]; then
echo "Setting up the firewall.."
@@ -644,7 +581,7 @@ install_packages() {
debug_log sed -i 's/#$nrconf{restart} = '"'"'i'"'"';/$nrconf{restart} = '"'"'a'"'"';/g' /etc/needrestart/needrestart.conf
packages=("python3-flask" "python3-pip" "docker.io" "default-mysql-client" "nginx" "zip" "unzip" "bind9" "gunicorn" "ufw" "jc" "certbot" "python3-certbot-nginx" "sqlite3" "geoip-bin")
packages=("docker.io" "default-mysql-client" "nginx" "zip" "unzip" "bind9" "jc" "certbot" "python3-certbot-nginx")
if [ "$PACKAGE_MANAGER" == "apt-get" ]; then
#only once..
@@ -688,7 +625,7 @@ install_packages() {
done
elif [ "$PACKAGE_MANAGER" == "dnf" ]; then
# MORA DRUGI ZA ALMU..
packages=("python3-flask" "python3-pip" "docker-ce" "docker-ce-cli" "mysql-client-core-8.0" "containerd.io" "nginx" "zip" "unzip" "ufw" "certbot" "python3-certbot-nginx" "sqlite3" "geoip-bin")
packages=("docker-ce" "docker-ce-cli" "containerd.io" "nginx" "zip" "unzip" "certbot" "python3-certbot-nginx")
#utils must be added first, then install from that repo
dnf install yum-utils -y
@@ -697,9 +634,6 @@ install_packages() {
# needed for ufw and gunicorn
dnf install epel-release
# ovo za gunicorn
dnf install python3-pip python3-devel gcc -y
# bind radi ovako
dnf install bind bind-utils -y
@@ -723,104 +657,6 @@ download_skeleton_directory_from_github(){
}
configure_nginx() {
# Nginx
echo "Setting Nginx configuration.."
# https://dev.openpanel.co/services/nginx
debug_log cp -fr ${ETC_DIR}nginx/nginx.conf /etc/nginx/nginx.conf
# dir for domlogs
debug_log mkdir -p /var/log/nginx/domlogs
# 444 status for domains pointed to the IP but not added to nginx
debug_log cp -fr ${ETC_DIR}nginx/vhosts/default.conf /etc/nginx/sites-enabled/default
# Replace IP_HERE with the value of $current_ip
debug_log sed -i "s/IP_HERE/$current_ip/" /etc/nginx/sites-enabled/default
# Setting pretty error pages for nginx, but need to add them inside containers also!
debug_log mkdir -p /srv/http/default
debug_log git clone https://github.com/denysvitali/nginx-error-pages /srv/http/default > /dev/null 2>&1
debug_log mkdir /etc/nginx/snippets/ > /dev/null 2>&1
debug_log ln -s /srv/http/default/snippets/error_pages.conf /etc/nginx/snippets/error_pages.conf
debug_log ln -s /srv/http/default/snippets/error_pages_content.conf /etc/nginx/snippets/error_pages_content.conf
}
run_mysql_docker_container() {
# MySQL
# FIX for Ubuntu24: docker: failed to register layer: devicemapper: Error running deviceSuspend dm_task_run failed.
#docker pull --platform linux/amd64 mysql
# set random password
MYSQL_ROOT_PASSWORD=$(openssl rand -base64 -hex 9)
if [ "$REPAIR" = true ]; then
echo "RAPAIR: Removing existing mysql database."
docker stop openpanel_mysql
docker rm openpanel_mysql
docker volume rm openpanel_mysql_data
fi
# run the container
docker run -d -p 3306:3306 --name openpanel_mysql \
-e MYSQL_ROOT_PASSWORD="$MYSQL_ROOT_PASSWORD" \
-e MYSQL_DATABASE=panel \
-e MYSQL_USER=panel \
-e MYSQL_PASSWORD="$MYSQL_ROOT_PASSWORD" \
-v openpanel_mysql_data:/var/lib/mysql \
--memory="1g" --cpus="1" \
--restart=always \
--oom-kill-disable \
mysql/mysql-server > /dev/null 2>&1
if docker ps -a --format '{{.Names}}' | grep -q "openpanel_mysql"; then
echo "Generated MySQL password: $MYSQL_ROOT_PASSWORD"
if [ "$REPAIR" = true ]; then
rm /etc/my.cnf
fi
ln -s ${ETC_DIR}mysql/db.cnf /etc/my.cnf
sed -i 's/password = .*/password = '"${MYSQL_ROOT_PASSWORD}"'/g' ${ETC_DIR}mysql/db.cnf
else
radovan 1 "Installation failed! Unable to start docker container for MySQL."
fi
}
configure_mysql() {
# Check if the Docker container exists
if docker ps -a --format '{{.Names}}' | grep -q "openpanel_mysql"; then
# Create database
mysql -e "CREATE DATABASE IF NOT EXISTS panel;"
mysql -D "panel" < DATABASE.sql
# Check if SQL file was imported successfully
if mysql --defaults-extra-file="${ETC_DIR}mysql/db.cnf" -D "panel" -e "SELECT 1 FROM plans LIMIT 1;" &> /dev/null; then
echo -e "${GREEN}Database is ready.${RESET}"
else
echo "SQL file import failed or database is not ready."
radovan 1 "Installation failed!"
fi
else
echo "Docker container 'openpanel_mysql' does not exist. Please make sure the container is running."
radovan 1 "Installation failed! "
fi
}
configure_docker() {
docker_daemon_json_path="/etc/docker/daemon.json"
@@ -840,187 +676,12 @@ configure_docker() {
}
configure_modsecurity() {
# ModSecurity
#
# https://openpanel.co/docs/admin/settings/waf/#install-modsecurity
#
if [ "$MODSEC" ]; then
echo "Installing ModSecurity and setting OWASP core ruleset.."
debug_log opencli nginx-install_modsec
fi
}
setup_openpanel() {
if [ "$REPAIR" = true ]; then
rm -rf $OPENPANEL_DIR
fi
# OpenPanel
#
# https://openpanel.co/docs/panel/intro/
#
echo "Setting up User panel.."
# check python version again, in case if --skip-requirements or --repair flags are used
current_python_version=$(python3 --version 2>&1 | cut -d " " -f 2 | cut -d "." -f 1,2 | tr -d '.')
mkdir -p $OPENPANEL_DIR
mkdir -p ${OPENPANEL_DIR}users
# added in 0.1.9
cp ${ETC_DIR}ssh/admin_welcome.sh /etc/profile.d/welcome.sh
chmod +x /etc/profile.d/welcome.sh
if [ -f /etc/debian_version ]; then
debug_log "Detected Debian 12."
wget -O ${TEMP_DIR}openpanel.tar.gz "https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/debian/openpanel/$current_python_version/compressed.tar.gz" > /dev/null 2>&1 || radovan 1 "wget failed for https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/debian/openpanel/$current_python_version/compressed.tar.gz"
# Check if OS is Ubuntu 22
elif [ -f /etc/os-release ] && grep -q "Ubuntu 22" /etc/os-release; then
debug_log "Detected Ubuntu 22."
wget -O ${TEMP_DIR}openpanel.tar.gz "https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/openpanel/$current_python_version/compressed.tar.gz" > /dev/null 2>&1 || radovan 1 "wget failed for https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/openpanel/$current_python_version/compressed.tar.gz"
# Check if OS is Ubuntu 24
elif [ -f /etc/os-release ] && grep -q "Ubuntu 24" /etc/os-release; then
debug_log "Detected Ubuntu 24."
wget -O ${TEMP_DIR}openpanel.tar.gz "https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/openpanel/$current_python_version/compressed.tar.gz" > /dev/null 2>&1 || radovan 1 "wget failed for https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/openpanel/$current_python_version/compressed.tar.gz"
# For all other OS
else
echo "Unsuported OS. Currently only Ubuntu22-24 and Debian11-12 are supported."
echo 0
fi
# Clone the git branch for that python version
#wget -O ${TEMP_DIR}openpanel.tar.gz "https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/openpanel/$current_python_version/compressed.tar.gz" > /dev/null 2>&1 || radovan 1 "wget failed for https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/openpanel/$current_python_version/compressed.tar.gz"
cd ${TEMP_DIR} && tar -xzf openpanel.tar.gz -C $OPENPANEL_DIR
rm ${TEMP_DIR}openpanel.tar.gz
export PYTHONPATH=$OPENPANEL_DIR:$PYTHONPATH
cd $OPENPANEL_DIR
echo "Installing PIP requirements for User panel.."
# Check if lsb_release command is available
if command -v lsb_release &> /dev/null; then
# Get the release information
release=$(lsb_release -rs)
# Check if it's Ubuntu 22
if [[ $release == "22."* ]]; then
debug_log "Installing PIP requirements for OpenPanel without break-system-packages..."
debug_log pip install -r requirements.txt
# Check if it's Ubuntu 24
elif [[ $release == "24."* ]]; then
debug_log "Installing PIP requirements for OpenPanel with break-system-packages..."
debug_log pip install -r requirements.txt --break-system-packages
elif [[ ($current_python_version == "311" || $current_python_version == "312") ]]; then
# FIX FOR: https://peps.python.org/pep-0668/
debug_log "Installing PIP requirements for OpenPanel with break-system-packages..."
debug_log pip install -r requirements.txt --break-system-packages
else
echo "Unknown Ubuntu version: $release and unsuported python version: $current_python_version"
debug_log "Installing PIP requirements for OpenPanel without break-system-packages..."
debug_log pip install -r requirements.txt
fi
else
echo "lsb_release command not found. Unable to determine Ubuntu version."
debug_log "Installing PIP requirements for OpenPanel without break-system-packages..."
debug_log pip install -r requirements.txt
fi
if [ "$SCREENSHOTS_API_URL" == "local" ]; then
echo "Setting the local API service for website screenshots.. (additional 1GB of disk space will be used for the self-hosted Playwright service)"
debug_log playwright install
debug_log playwright install-deps
else
echo "Setting the remote API service '$SCREENSHOTS_API_URL' for website screenshots.."
sed -i 's#screenshots=.*#screenshots='"$SCREENSHOTS_API_URL"'#' "${ETC_DIR}openpanel/conf/openpanel.config" # must use '#' as delimiter
fi
}
setup_openadmin() {
# OpenAdmin
#
# https://openpanel.co/docs/admin/intro/
#
echo "Setting up Admin panel.."
if [ "$REPAIR" = true ]; then
rm -rf $OPENPADMIN_DIR
fi
mkdir -p $OPENPADMIN_DIR
# Debian12
if [ -f /etc/debian_version ]; then
debug_log "Detected Debian 12."
wget -O ${TEMP_DIR}openadmin.tar.gz "https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/debian/openadmin/$current_python_version/compressed.tar.gz" > /dev/null 2>&1 || radovan 1 "wget failed for https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/debian/openadmin/$current_python_version/compressed.tar.gz"
# Ubuntu 22
elif [ -f /etc/os-release ] && grep -q "Ubuntu 22" /etc/os-release; then
debug_log "Detected Ubuntu 22."
wget -O ${TEMP_DIR}openadmin.tar.gz "https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/openadmin/$current_python_version/compressed.tar.gz" > /dev/null 2>&1 || radovan 1 "wget failed for https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/openadmin/$current_python_version/compressed.tar.gz"
# Ubuntu 24
elif [ -f /etc/os-release ] && grep -q "Ubuntu 24" /etc/os-release; then
debug_log "Detected Ubuntu 24."
wget -O ${TEMP_DIR}openadmin.tar.gz "https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/openadmin/$current_python_version/compressed.tar.gz" > /dev/null 2>&1 || radovan 1 "wget failed for https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/openadmin/$current_python_version/compressed.tar.gz"
# other
else
echo "Unsuported OS. Currently only Ubuntu22-24 and Debian11-12 are supported."
echo 0
fi
# Clone the branch for that python version
#wget -O ${TEMP_DIR}openadmin.tar.gz "https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/openadmin/$current_python_version/compressed.tar.gz" > /dev/null 2>&1 || radovan 1 "wget failed for https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/openadmin/$current_python_version/compressed.tar.gz"
debug_log cd ${TEMP_DIR}
debug_log tar -xzf openadmin.tar.gz -C $OPENPADMIN_DIR
debug_log unzip ${OPENPADMIN_DIR}static/dist.zip -d ${OPENPADMIN_DIR}static/dist/
debug_log rm ${TEMP_DIR}openadmin.tar.gz ${OPENPADMIN_DIR}static/dist.zip
debug_log cd $OPENPADMIN_DIR
# Fix for: ModuleNotFoundError: No module named 'pyarmor_runtime_000000'
wget -O ${OPENPADMIN_DIR}service/service.config.py https://gist.githubusercontent.com/stefanpejcic/37805c6781dc3beb1730fec82ee5ae34/raw/d7e8a6c1608c265aed89e97dcecea518b222ac86/service.config.py > /dev/null 2>&1
echo "Installing PIP requirements for Admin panel.."
# FIX FOR: https://peps.python.org/pep-0668/
if [[ ($current_python_version == "311" || $current_python_version == "312") ]]; then
debug_log "Installing PIP requirements for OpenAdmin with break-system-packages..."
debug_log pip install -r requirements.txt --break-system-packages
else
debug_log "Installing PIP requirements for OpenAdmin without break-system-packages..."
debug_log pip install -r requirements.txt
fi
echo "Creating Admin user.."
touch ${ETC_DIR}openadmin/users.db
export PYTHONPATH=$OPENPADMIN_DIR:$PYTHONPATH
admin_password=$(openssl rand -base64 12 | tr -d '=+/')
password_hash=$(python3 ${OPENPADMIN_DIR}core/users/hash $admin_password)
debug_log sqlite3 ${ETC_DIR}openadmin/users.db "CREATE TABLE IF NOT EXISTS user (id INTEGER PRIMARY KEY, username TEXT UNIQUE NOT NULL, password_hash TEXT NOT NULL, role TEXT NOT NULL DEFAULT 'user', is_active BOOLEAN DEFAULT 1 NOT NULL);" "INSERT INTO user (username, password_hash, role) VALUES ('admin', \"$password_hash\", 'admin');"
# added in 0.1.9
cp ${ETC_DIR}ssh/admin_welcome.sh /etc/profile.d/welcome.sh
chmod +x /etc/profile.d/welcome.sh
}
set_system_cronjob(){
echo "Setting cronjobs.."
@@ -1029,34 +690,6 @@ set_system_cronjob(){
chmod 0600 /etc/cron.d/openpanel
}
setup_opencli() {
# OpenCLI
#
# https://dev.openpanel.co/cli/
#
echo "Setting OpenPanel CLI scripts.."
if [ "$REPAIR" = true ]; then
rm -rf $OPENCLI_DIR
fi
debug_log mkdir -p $OPENCLI_DIR
wget -O ${TEMP_DIR}opencli.tar.gz "https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/debian/opencli/compressed.tar.gz" > /dev/null 2>&1 || radovan 1 "wget failed for https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/debian/opencli/compressed.tar.gz"
debug_log cd ${TEMP_DIR} && tar -xzf opencli.tar.gz -C $OPENCLI_DIR
debug_log rm ${TEMP_DIR}opencli.tar.gz
debug_log bash ${OPENCLI_DIR}install.sh
debug_log source ~/.bashrc
echo -e "${GREEN}opencli commands are now available.${RESET}"
debug_log chmod +x -R ${OPENCLI_DIR}
echo "Creating directories for logs.."
debug_log mkdir -p ${OPENPANEL_ERR_DIR}admin ${OPENPANEL_ERR_DIR}user
debug_log -e "${GREEN}OpenCLI has been successfully installed.${RESET}"
}
cleanup() {
echo "Cleaning up.."
@@ -1066,58 +699,9 @@ cleanup() {
start_services() {
echo "Setting OpenPanel and OpenAdmin services.."
cp -fr ${ETC_DIR}openadmin/service/admin.service ${SERVICES_DIR}admin.service
cp -fr ${ETC_DIR}openpanel/service/panel.service ${SERVICES_DIR}panel.service
systemctl daemon-reload
echo "Starting services.."
systemctl restart panel admin nginx ufw
systemctl enable panel admin nginx ufw
}
helper_function_for_nginx_on_aws_and_azure(){
#
# FIX FOR:
#
# https://stackoverflow.com/questions/3191509/nginx-error-99-cannot-assign-requested-address/13141104#13141104
#
# Check the status of nginx service and capture the output
nginx_status=$(systemctl status nginx 2>&1)
# Search for "Cannot assign requested address" in the output
if echo "$nginx_status" | grep -q "Cannot assign requested address"; then
# If found, append the required line to /etc/sysctl.conf
echo "net.ipv4.ip_nonlocal_bind = 1" >> /etc/sysctl.conf
# Reload the sysctl configuration
sysctl -p /etc/sysctl.conf
# Change the bind ip in default nginx config
sed -i "s/IP_HERE/*/" /etc/nginx/sites-enabled/default
debug_log "echo Configuration updated and applied."
else
debug_log "echo Nginx started normally."
fi
}
download_and_import_docker_images() {
echo "Downloading docker images in the background.."
if [ "$SKIP_IMAGES" = false ]; then
# See https://github.com/moby/moby/issues/16106#issuecomment-310781836 for pulling images in parallel
# Nohup (no hang up) with trailing ampersand allows running the command in the background
# The </dev/null bits redirects the outputs to files rather than strout/err
nohup sh -c "echo openpanel/nginx:latest openpanel/apache:latest | xargs -P4 -n1 docker pull" </dev/null >nohup.out 2>nohup.err &
# stopped working on 0.1.8 :(
# opencli docker-update_images &
# pid1=$!
# disown $pid1
fi
systemctl restart csf
systemctl enable csf
}