Compare commits

...

2 Commits

Author SHA1 Message Date
4f7bb5a53f Add printers.conf.pi2last 2024-10-06 19:16:53 +02:00
0f7077008c Update due to change to Arch 2024-09-24 20:24:28 +02:00
4 changed files with 74 additions and 10 deletions

View File

@ -13,6 +13,8 @@ Version 3.1 implementation works roughly as follows
* CUPS is configured to provide a remote printer to network * CUPS is configured to provide a remote printer to network
* SANE is configured to provide local scan * SANE is configured to provide local scan
* [scanservjs](https://github.com/sbs20/scanservjs) runs on the SBC, providing a web interface for scan * [scanservjs](https://github.com/sbs20/scanservjs) runs on the SBC, providing a web interface for scan
* if you need adjustments (as in https://github.com/sbs20/scanservjs/blob/master/docs/10-configuration.md), first do:
* `sudo ln -s /usr/share/webapps/scanservjs /usr/lib/scanservjs`
### Files ### Files
Files in this repository cover only the server setup. SBC setup is now handled by `armbian-setup` Files in this repository cover only the server setup. SBC setup is now handled by `armbian-setup`
@ -20,6 +22,7 @@ Files in this repository cover only the server setup. SBC setup is now handled b
* `setup.sh` is a script automating the installation and configuration of required software * `setup.sh` is a script automating the installation and configuration of required software
* `cupsd.conf` is the config file for CUPS, set by setup script * `cupsd.conf` is the config file for CUPS, set by setup script
* `scanservjs.conf` is an Apache HTTP vhost file for scanservjs * `scanservjs.conf` is an Apache HTTP vhost file for scanservjs
* `printers.conf.pi2last` is the last known working CUPS printers configuration which allowed to share HP printer
### TODO ### TODO
* Add a firewall rule to block access to port 8080 * Add a firewall rule to block access to port 8080

View File

@ -1,5 +1,5 @@
<VirtualHost *:443> <VirtualHost *:443>
ServerName printscan.hp3.kto.black ServerName printscan
SSLEngine on SSLEngine on
SSLCertificateFile "/etc/ssl/cert.crt" SSLCertificateFile "/etc/ssl/cert.crt"

24
printers.conf.pi2last Normal file
View File

@ -0,0 +1,24 @@
# Printer configuration file for CUPS v2.4.1
# Written by cupsd
# DO NOT EDIT THIS FILE WHEN CUPSD IS RUNNING
NextPrinterId 2
<Printer Deskjet>
PrinterId 1
UUID urn:uuid:e05e1e4c-fd3d-38e2-5d3b-596903a56af4
Info HP Deskjet 2050 J510 series
Location
MakeModel HP Deskjet 2050 j510 Series, hpcups 3.21.12
DeviceURI hp:/usb/Deskjet_2050_J510_series?serial=CN22T184ZP05QV
State Idle
StateTime 1723482301
ConfigTime 1720358534
Type 36876
Accepting Yes
Shared Yes
JobSheets none none
QuotaPeriod 0
PageLimit 0
KLimit 0
OpPolicy default
ErrorPolicy retry-job
</Printer>

View File

@ -9,12 +9,25 @@ else
sudo="" sudo=""
fi fi
echo "Setting CUPS configuration" distro=$(lsb_release -si)
$sudo mv /etc/cups/cupsd.conf /etc/cups/cupsd.conf.orig
$sudo cp $run_directory/cupsd.conf /etc/cups/cupsd.conf
echo "Installing scanservjs directly from GitHub..." # TODO if Arch
curl -s https://raw.githubusercontent.com/sbs20/scanservjs/master/bootstrap.sh | sudo bash -s -- -v latest if [[ $distro == "Debian" ]]; then
echo "Setting CUPS configuration"
$sudo mv /etc/cups/cupsd.conf /etc/cups/cupsd.conf.orig
$sudo cp $run_directory/cupsd.conf /etc/cups/cupsd.conf
else
echo "TODO: Edit cupsd.conf so as to allow remote access (see Arch wiki)."
fi
if [[ $distro == "Debian" ]]; then
echo "Installing scanservjs directly from GitHub..."
curl -s https://raw.githubusercontent.com/sbs20/scanservjs/master/bootstrap.sh | sudo bash -s -- -v latest
fi
if [[ $distro == "Arch" ]]; then
echo "Starting and enabling scanservjs..."
$sudo systemctl enable --now scanservjs.service
fi
echo "Generating TLS certificate" echo "Generating TLS certificate"
$sudo openssl req -newkey rsa:4096 -x509 -sha256 -days 999 -nodes -out /etc/ssl/cert.crt -keyout /etc/ssl/cert.key \ $sudo openssl req -newkey rsa:4096 -x509 -sha256 -days 999 -nodes -out /etc/ssl/cert.crt -keyout /etc/ssl/cert.key \
@ -22,10 +35,34 @@ $sudo openssl req -newkey rsa:4096 -x509 -sha256 -days 999 -nodes -out /etc/ssl/
$sudo chmod o+r /etc/ssl/cert.key $sudo chmod o+r /etc/ssl/cert.key
echo "Setting up Apache HTTP Server" echo "Setting up Apache HTTP Server"
$sudo cp $run_directory/apache-sites/scanservjs.conf /etc/apache2/sites-available/ if [[ $distro == "Arch" ]]; then
$sudo a2dissite 000-default $sudo cp $run_directory/apache-sites/scanservjs.conf /etc/apache2/sites-available/scanservjs.conf
$sudo a2ensite scanservjs $sudo a2dissite 000-default
$sudo a2enmod ssl proxy proxy_http proxy_http2 $sudo a2ensite scanservjs
$sudo a2enmod ssl proxy proxy_http proxy_http2
fi
if [[ $distro == "Arch" ]]; then
$sudo cp $run_directory/apache-sites/scanservjs.conf /etc/httpd/conf/scanservjs.conf
$sudo sed -i -e "s/#ServerName www.example.com:80/#ServerName www.example.com:80\nServerName mn2.hr.kto.black/g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule ssl_module modules/mod_ssl.so:LoadModule ssl_module modules/mod_ssl.so:g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so:LoadModule socache_shmcb_module modules/mod_socache_shmcb.so:g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s/Listen 80/Listen 443/g" /etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule proxy_module modules/mod_proxy.so:LoadModule proxy_module modules/mod_proxy.so:g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule proxy_http_module modules/mod_proxy_http.so:LoadModule proxy_http_module modules/mod_proxy_http.so:g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so:LoadModule proxy_balancer_module modules/mod_proxy_balancer.so:g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so:LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so:g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule watchdog_module modules/mod_watchdog.so:LoadModule watchdog_module modules/mod_watchdog.so:g" \
/etc/httpd/conf/httpd.conf
$sudo bash -c 'echo "Include conf/scanservjs.conf" >> /etc/httpd/conf/httpd.conf'
$sudo systemctl enable --now httpd.service
fi
# TODO add a firewall rule to prevent access to http:8080 from other than local # TODO add a firewall rule to prevent access to http:8080 from other than local