70 lines
2.9 KiB
Bash
Executable File
70 lines
2.9 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
run_directory=$(dirname $(readlink -f "$0"))
|
|
user=$(whoami)
|
|
|
|
if [[ $user != 'root' ]]; then
|
|
sudo="sudo"
|
|
else
|
|
sudo=""
|
|
fi
|
|
|
|
distro=$(lsb_release -si)
|
|
|
|
# TODO if Arch
|
|
if [[ $distro == "Debian" ]]; then
|
|
echo "Setting CUPS configuration"
|
|
$sudo mv /etc/cups/cupsd.conf /etc/cups/cupsd.conf.orig
|
|
$sudo cp $run_directory/cupsd.conf /etc/cups/cupsd.conf
|
|
else
|
|
echo "TODO: Edit cupsd.conf so as to allow remote access (see Arch wiki)."
|
|
fi
|
|
|
|
if [[ $distro == "Debian" ]]; then
|
|
echo "Installing scanservjs directly from GitHub..."
|
|
curl -s https://raw.githubusercontent.com/sbs20/scanservjs/master/bootstrap.sh | sudo bash -s -- -v latest
|
|
fi
|
|
if [[ $distro == "Arch" ]]; then
|
|
echo "Starting and enabling scanservjs..."
|
|
$sudo systemctl enable --now scanservjs.service
|
|
fi
|
|
|
|
echo "Generating TLS certificate"
|
|
$sudo openssl req -newkey rsa:4096 -x509 -sha256 -days 999 -nodes -out /etc/ssl/cert.crt -keyout /etc/ssl/cert.key \
|
|
-subj "/C=/ST=/L=/O=/OU=/CN="
|
|
$sudo chmod o+r /etc/ssl/cert.key
|
|
|
|
echo "Setting up Apache HTTP Server"
|
|
if [[ $distro == "Arch" ]]; then
|
|
$sudo cp $run_directory/apache-sites/scanservjs.conf /etc/apache2/sites-available/scanservjs.conf
|
|
$sudo a2dissite 000-default
|
|
$sudo a2ensite scanservjs
|
|
$sudo a2enmod ssl proxy proxy_http proxy_http2
|
|
fi
|
|
if [[ $distro == "Arch" ]]; then
|
|
$sudo cp $run_directory/apache-sites/scanservjs.conf /etc/httpd/conf/scanservjs.conf
|
|
$sudo sed -i -e "s/#ServerName www.example.com:80/#ServerName www.example.com:80\nServerName mn2.hr.kto.black/g" \
|
|
/etc/httpd/conf/httpd.conf
|
|
$sudo sed -i -e "s:#LoadModule ssl_module modules/mod_ssl.so:LoadModule ssl_module modules/mod_ssl.so:g" \
|
|
/etc/httpd/conf/httpd.conf
|
|
$sudo sed -i -e "s:#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so:LoadModule socache_shmcb_module modules/mod_socache_shmcb.so:g" \
|
|
/etc/httpd/conf/httpd.conf
|
|
$sudo sed -i -e "s/Listen 80/Listen 443/g" /etc/httpd/conf/httpd.conf
|
|
$sudo sed -i -e "s:#LoadModule proxy_module modules/mod_proxy.so:LoadModule proxy_module modules/mod_proxy.so:g" \
|
|
/etc/httpd/conf/httpd.conf
|
|
$sudo sed -i -e "s:#LoadModule proxy_http_module modules/mod_proxy_http.so:LoadModule proxy_http_module modules/mod_proxy_http.so:g" \
|
|
/etc/httpd/conf/httpd.conf
|
|
$sudo sed -i -e "s:#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so:LoadModule proxy_balancer_module modules/mod_proxy_balancer.so:g" \
|
|
/etc/httpd/conf/httpd.conf
|
|
$sudo sed -i -e "s:#LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so:LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so:g" \
|
|
/etc/httpd/conf/httpd.conf
|
|
$sudo sed -i -e "s:#LoadModule watchdog_module modules/mod_watchdog.so:LoadModule watchdog_module modules/mod_watchdog.so:g" \
|
|
/etc/httpd/conf/httpd.conf
|
|
$sudo bash -c 'echo "Include conf/scanservjs.conf" >> /etc/httpd/conf/httpd.conf'
|
|
$sudo systemctl enable --now httpd.service
|
|
fi
|
|
|
|
# TODO add a firewall rule to prevent access to http:8080 from other than local
|
|
|
|
exit 0
|