printscan-server/setup.sh

70 lines
2.9 KiB
Bash
Executable File

#!/usr/bin/env bash
run_directory=$(dirname $(readlink -f "$0"))
user=$(whoami)
if [[ $user != 'root' ]]; then
sudo="sudo"
else
sudo=""
fi
distro=$(lsb_release -si)
# TODO if Arch
if [[ $distro == "Debian" ]]; then
echo "Setting CUPS configuration"
$sudo mv /etc/cups/cupsd.conf /etc/cups/cupsd.conf.orig
$sudo cp $run_directory/cupsd.conf /etc/cups/cupsd.conf
else
echo "TODO: Edit cupsd.conf so as to allow remote access (see Arch wiki)."
fi
if [[ $distro == "Debian" ]]; then
echo "Installing scanservjs directly from GitHub..."
curl -s https://raw.githubusercontent.com/sbs20/scanservjs/master/bootstrap.sh | sudo bash -s -- -v latest
fi
if [[ $distro == "Arch" ]]; then
echo "Starting and enabling scanservjs..."
$sudo systemctl enable --now scanservjs.service
fi
echo "Generating TLS certificate"
$sudo openssl req -newkey rsa:4096 -x509 -sha256 -days 999 -nodes -out /etc/ssl/cert.crt -keyout /etc/ssl/cert.key \
-subj "/C=/ST=/L=/O=/OU=/CN="
$sudo chmod o+r /etc/ssl/cert.key
echo "Setting up Apache HTTP Server"
if [[ $distro == "Arch" ]]; then
$sudo cp $run_directory/apache-sites/scanservjs.conf /etc/apache2/sites-available/scanservjs.conf
$sudo a2dissite 000-default
$sudo a2ensite scanservjs
$sudo a2enmod ssl proxy proxy_http proxy_http2
fi
if [[ $distro == "Arch" ]]; then
$sudo cp $run_directory/apache-sites/scanservjs.conf /etc/httpd/conf/scanservjs.conf
$sudo sed -i -e "s/#ServerName www.example.com:80/#ServerName www.example.com:80\nServerName mn2.hr.kto.black/g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule ssl_module modules/mod_ssl.so:LoadModule ssl_module modules/mod_ssl.so:g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so:LoadModule socache_shmcb_module modules/mod_socache_shmcb.so:g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s/Listen 80/Listen 443/g" /etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule proxy_module modules/mod_proxy.so:LoadModule proxy_module modules/mod_proxy.so:g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule proxy_http_module modules/mod_proxy_http.so:LoadModule proxy_http_module modules/mod_proxy_http.so:g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so:LoadModule proxy_balancer_module modules/mod_proxy_balancer.so:g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so:LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so:g" \
/etc/httpd/conf/httpd.conf
$sudo sed -i -e "s:#LoadModule watchdog_module modules/mod_watchdog.so:LoadModule watchdog_module modules/mod_watchdog.so:g" \
/etc/httpd/conf/httpd.conf
$sudo bash -c 'echo "Include conf/scanservjs.conf" >> /etc/httpd/conf/httpd.conf'
$sudo systemctl enable --now httpd.service
fi
# TODO add a firewall rule to prevent access to http:8080 from other than local
exit 0