Compare commits

..

No commits in common. "master" and "version3.1" have entirely different histories.

4 changed files with 10 additions and 74 deletions

View File

@ -13,8 +13,6 @@ Version 3.1 implementation works roughly as follows
* CUPS is configured to provide a remote printer to network * CUPS is configured to provide a remote printer to network
* SANE is configured to provide local scan * SANE is configured to provide local scan
* [scanservjs](https://github.com/sbs20/scanservjs) runs on the SBC, providing a web interface for scan * [scanservjs](https://github.com/sbs20/scanservjs) runs on the SBC, providing a web interface for scan
* if you need adjustments (as in https://github.com/sbs20/scanservjs/blob/master/docs/10-configuration.md), first do:
* `sudo ln -s /usr/share/webapps/scanservjs /usr/lib/scanservjs`
### Files ### Files
Files in this repository cover only the server setup. SBC setup is now handled by `armbian-setup` Files in this repository cover only the server setup. SBC setup is now handled by `armbian-setup`
@ -22,7 +20,6 @@ Files in this repository cover only the server setup. SBC setup is now handled b
* `setup.sh` is a script automating the installation and configuration of required software * `setup.sh` is a script automating the installation and configuration of required software
* `cupsd.conf` is the config file for CUPS, set by setup script * `cupsd.conf` is the config file for CUPS, set by setup script
* `scanservjs.conf` is an Apache HTTP vhost file for scanservjs * `scanservjs.conf` is an Apache HTTP vhost file for scanservjs
* `printers.conf.pi2last` is the last known working CUPS printers configuration which allowed to share HP printer
### TODO ### TODO
* Add a firewall rule to block access to port 8080 * Add a firewall rule to block access to port 8080

View File

@ -1,5 +1,5 @@
<VirtualHost *:443> <VirtualHost *:443>
ServerName printscan ServerName printscan.hp3.kto.black
SSLEngine on SSLEngine on
SSLCertificateFile "/etc/ssl/cert.crt" SSLCertificateFile "/etc/ssl/cert.crt"

View File

@ -1,24 +0,0 @@
# Printer configuration file for CUPS v2.4.1
# Written by cupsd
# DO NOT EDIT THIS FILE WHEN CUPSD IS RUNNING
NextPrinterId 2
<Printer Deskjet>
PrinterId 1
UUID urn:uuid:e05e1e4c-fd3d-38e2-5d3b-596903a56af4
Info HP Deskjet 2050 J510 series
Location
MakeModel HP Deskjet 2050 j510 Series, hpcups 3.21.12
DeviceURI hp:/usb/Deskjet_2050_J510_series?serial=CN22T184ZP05QV
State Idle
StateTime 1723482301
ConfigTime 1720358534
Type 36876
Accepting Yes
Shared Yes
JobSheets none none
QuotaPeriod 0
PageLimit 0
KLimit 0
OpPolicy default
ErrorPolicy retry-job
</Printer>

View File

@ -9,25 +9,12 @@ else
sudo="" sudo=""
fi fi
distro=$(lsb_release -si) echo "Setting CUPS configuration"
$sudo mv /etc/cups/cupsd.conf /etc/cups/cupsd.conf.orig
$sudo cp $run_directory/cupsd.conf /etc/cups/cupsd.conf
# TODO if Arch echo "Installing scanservjs directly from GitHub..."
if [[ $distro == "Debian" ]]; then curl -s https://raw.githubusercontent.com/sbs20/scanservjs/master/bootstrap.sh | sudo bash -s -- -v latest
echo "Setting CUPS configuration"
$sudo mv /etc/cups/cupsd.conf /etc/cups/cupsd.conf.orig
$sudo cp $run_directory/cupsd.conf /etc/cups/cupsd.conf
else
echo "TODO: Edit cupsd.conf so as to allow remote access (see Arch wiki)."
fi
if [[ $distro == "Debian" ]]; then
echo "Installing scanservjs directly from GitHub..."
curl -s https://raw.githubusercontent.com/sbs20/scanservjs/master/bootstrap.sh | sudo bash -s -- -v latest
fi
if [[ $distro == "Arch" ]]; then
echo "Starting and enabling scanservjs..."
$sudo systemctl enable --now scanservjs.service
fi
echo "Generating TLS certificate" echo "Generating TLS certificate"
$sudo openssl req -newkey rsa:4096 -x509 -sha256 -days 999 -nodes -out /etc/ssl/cert.crt -keyout /etc/ssl/cert.key \ $sudo openssl req -newkey rsa:4096 -x509 -sha256 -days 999 -nodes -out /etc/ssl/cert.crt -keyout /etc/ssl/cert.key \
@ -35,34 +22,10 @@ $sudo openssl req -newkey rsa:4096 -x509 -sha256 -days 999 -nodes -out /etc/ssl/
$sudo chmod o+r /etc/ssl/cert.key $sudo chmod o+r /etc/ssl/cert.key
echo "Setting up Apache HTTP Server" echo "Setting up Apache HTTP Server"
if [[ $distro == "Arch" ]]; then $sudo cp $run_directory/apache-sites/scanservjs.conf /etc/apache2/sites-available/
$sudo cp $run_directory/apache-sites/scanservjs.conf /etc/apache2/sites-available/scanservjs.conf $sudo a2dissite 000-default
$sudo a2dissite 000-default $sudo a2ensite scanservjs
$sudo a2ensite scanservjs $sudo a2enmod ssl proxy proxy_http proxy_http2
$sudo a2enmod ssl proxy proxy_http proxy_http2
fi
if [[ $distro == "Arch" ]]; then
$sudo cp $run_directory/apache-sites/scanservjs.conf /etc/httpd/conf/scanservjs.conf
$sudo sed -i -e "s/#ServerName www.example.com:80/#ServerName www.example.com:80\nServerName mn2.hr.kto.black/g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule ssl_module modules/mod_ssl.so:LoadModule ssl_module modules/mod_ssl.so:g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so:LoadModule socache_shmcb_module modules/mod_socache_shmcb.so:g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s/Listen 80/Listen 443/g" /etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule proxy_module modules/mod_proxy.so:LoadModule proxy_module modules/mod_proxy.so:g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule proxy_http_module modules/mod_proxy_http.so:LoadModule proxy_http_module modules/mod_proxy_http.so:g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so:LoadModule proxy_balancer_module modules/mod_proxy_balancer.so:g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so:LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so:g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule watchdog_module modules/mod_watchdog.so:LoadModule watchdog_module modules/mod_watchdog.so:g" \
/etc/httpd/conf/httpd.conf
$sudo bash -c 'echo "Include conf/scanservjs.conf" >> /etc/httpd/conf/httpd.conf'
$sudo systemctl enable --now httpd.service
fi
# TODO add a firewall rule to prevent access to http:8080 from other than local # TODO add a firewall rule to prevent access to http:8080 from other than local