#!/usr/bin/env sh # SPDX-FileCopyrightText: Daniel Pätzold # SPDX-License-Identifier: AGPL-3.0-or-later # # Central sofwareinstallation script. Should be called from logon-script via sudo and prereserved env #Check for root if [ "$EUID" -ne 0 ]; then echo "Error: Script requires root privileges. It should be executed via logon-script and not standalone." echo "Press any key to continue" && read -n 1 -s -r && exit 1 fi #Check Token if [ "${DAVTOKEN_USER}." == "." ]; then echo "Error: Script cannot be executed standalone, must be run with a matching sudo rule and needs a prereserved environement from logon-script." echo "A matching sudo rule could look like this: "'^'${SYSCONFIGPATH////'\/'}'\/system_setup\/sync_client_software\.sh.*$' echo "Hint: the rule must contain the !authenticate and setenv option to work." echo "Press any key to continue" && read -n 1 -s -r && exit 1 fi #Install or update Nextcloud com.nextcloud.desktopclient.nextcloud echo "Update or install Nextcloud client" /usr/bin/flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo /usr/bin/flatpak install -y --or-update --noninteractive flathub com.nextcloud.desktopclient.nextcloud && echo "Done Update/Install of Nextcloud." echo "" #Sync remote Files chown root:${CLIENTADMINGROUP} -R ${SYSCONFIGPATH} chmod ug+rwX,o=rX -R ${SYSCONFIGPATH} #Do an upgrade of the Base package if its configured and if there are changes if [[ ! -z "${UPGRADEURL}" ]]; then echo "Checking for Upgrades on ${UPGRADEURL} and Branch ${UPGRADEBRANCH}" REMOTEURL=$( git config --get remote.origin.url ) echo "Remote git URL is ${REMOTEURL}" if [[ "${REMOTEURL}" != "${UPGRADEURL}" ]]; then echo "This Repo is not on the matching URL, so no update is possible. If you want to change this, check out the docs on how to setup from scratch." else GITBRANCH=$( git rev-parse --abbrev-ref HEAD ) echo "Current branch is ${GITBRANCH}" if [[ "${GITBRANCH}" != "${UPGRADEBRANCH}" ]]; then echo "This Repo is not on the right branch, so no update is possible." else # Doing upgrade, discarding all local changes frist (is more save than forced pull) echo "Checks have passed, we are now upgrading via git." git fetch origin git reset --hard origin/${UPGRADEBRANCH} #Remove all history git rebase HEAD^ fi fi echo "" fi # At first, sync central configs if they are configured to be synced if [[ ! -z "${DISTCONFIGPATH_SRC}" ]]; then echo "Synced config path was found, doing remote sync." SYNCCMD="sudo -i /usr/bin/flatpak run --branch=stable --arch=x86_64 --command=nextcloudcmd com.nextcloud.desktopclient.nextcloud -h -u ${DAVTOKEN_USER} -p ${DAVTOKEN_PASS} --path ${DISTCONFIGPATH_SRC} ${DISTCONFIGPATH} https://${SERVERFQDN_NC}" SYNCCMD_HIDDENPW=$( echo "${SYNCCMD/${DAVTOKEN_PASS}/***HIDDEN***}" ) echo "Exec: ${SYNCCMD_HIDDENPW}" echo "Sync Configuration" ${SYNCCMD} >${TEMPDIR}/synccmd_last.log 2>&1 if [[ $? -ne 0 ]]; then echo "Error in sync:" echo "" cat ${TEMPDIR}/synccmd_last.log echo "" echo "Please check if your Token is setup right and for the above Output" read -n 1 -s -r -p "Press any key to continue" echo "" exit 1 fi echo "Sucessfully synced." echo "" # Check, if we are in configure-mode and if so, remove the file and reread the now new synced configuration if [ -f $(dirname "$0")/../config.d/configure.conf ]; then #Check if configuration was obtained by sync if [ -f $(dirname "$0")/../config/setup_system.conf ]; then echo "Existing configuration found in Repository, removing configure-mode and reread the configuration." rm -f $(dirname "$0")/../config.d/configure.conf.bak >/dev/null mv $(dirname "$0")/../config.d/configure.conf $(dirname "$0")/../config.d/configure.conf.bak source $(dirname "$0")/../config/setup_system.conf else echo "System is in configure-mode and configuration repository was found and synced, but still not configuration was found" echo "checking file $(dirname "$0")/../config/setup_system.conf" echo "" echo "Please make a inital copy of config/setup_system.conf.dist to config/setup_system.conf and check all settings there." echo "Then rerun the logon script to sync the file to your repository." echo "Press any key to continue" && read -n 1 -s -r && exit 1 fi fi fi #Check if Repository is defined if [ "${CLIENT_SOFTWARE_DST}." == "." ]; then echo "No central softwarerepository defined (CLIENT_SOFTWARE_DST). Skipping sync." else # Then, sync all client_software-files if [[ ! -z "${CLIENT_SOFTWARE_SRC}" ]]; then echo "Syncing central softwarerepository ${CLIENT_SOFTWARE_DST}" # Create Directory if not existent mkdir -p ${CLIENT_SOFTWARE_DST} SYNCCMD="sudo -i /usr/bin/flatpak run --branch=stable --arch=x86_64 --command=nextcloudcmd com.nextcloud.desktopclient.nextcloud -h -u ${DAVTOKEN_USER} -p ${DAVTOKEN_PASS} --path ${CLIENT_SOFTWARE_SRC} ${CLIENT_SOFTWARE_DST} https://${SERVERFQDN_NC}" SYNCCMD_HIDDENPW=$( echo "${SYNCCMD/${DAVTOKEN_PASS}/***HIDDEN***}" ) echo "Exec: ${SYNCCMD_HIDDENPW}" echo "Sync Client Software" ${SYNCCMD} >${TEMPDIR}/synccmd_last.log 2>&1 if [[ $? -ne 0 ]]; then echo "Error in sync:" echo "" cat ${TEMPDIR}/synccmd_last.log echo "" echo "Please check if your Token is setup right and for the above Output" read -n 1 -s -r -p "Press any key to continue" echo "" exit 1 fi echo "Sucessfully synced." fi echo "" # After sync again, restore the rights to all filles. They must be owned by root, changeable by admingroup and readable by otherusers (we are root, so we can change!) chown root:${CLIENTADMINGROUP} -R ${SYSCONFIGPATH} chmod ug+rwX,o=rX -R ${SYSCONFIGPATH} #Make all install.sh executable find ${CLIENT_SOFTWARE_DST} -type f -name install.sh -exec chmod ugo+x {} \; #Run Software setup echo "Running Setup of Software" if [ $1 == "install" ]; then ${CLIENT_SOFTWARE_DST}/install.sh $2 if [ $? -ne 0 ]; then exit 1 fi fi fi echo "" exit 0