-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathsetup.sh
executable file
·282 lines (262 loc) · 7.6 KB
/
setup.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
#!/bin/bash
NC='\033[0m' # No color
GREEN='\033[0;32m'
RED='\033[0;31m'
function determine_os {
if [ ! -f /etc/os-release ]; then
echo -e "${RED}Error Could not determine Linux variant, exiting...${NC}"
exit 1
fi
source /etc/os-release
echo -e "${GREEN}Detected OS: ${NAME}${NC}"
case $ID in
"centos")
echo -e "${GREEN}OS appears to be centos${NC}"
return 1
;;
*)
echo -e "${RED}Did not detect a supported OS, exiting...${NC}"
exit 1
;;
esac
}
function dnf_or_yum {
PKGMGR=`which dnf`
if [ $? -gt 0 ]; then
PKGMGR=`which yum`
fi
}
function determine_init_sys {
if [ -d /run/systemd/system ]; then
return 1
fi
echo -e "${RED}It doesn't appear that this OS uses systemd and is therefore not supported by this script, exiting...${NC}"
exit 1
}
function centos_setup_and_install_docker {
dnf_or_yum
echo -e "${GREEN}Setting up Docker repo...${NC}"
case $PKGMGR in
*"dnf"*)
$PKGMGR config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
if [ $? -gt 0 ]; then
echo -e "${RED}dnf returned error trying to setup docker repo, exiting...${NC}"
exit 1
else
echo -e "${GREEN}docker repo setup successfully${NC}"
fi
;;
*"yum"*)
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
if [ $? -gt 0 ]; then
echo -e "${RED}yum returned error trying to setup docker repo, exiting...${NC}"
exit 1
else
echo -e "${GREEN}docker repo setup successfully${NC}"
fi
;;
*)
echo -e "${RED}Undetermined package manager, exiting...${NC}"
exit 1
;;
esac
echo -e "${GREEN}Installing Docker...${NC}"
$PKGMGR install docker-ce docker-ce-cli containerd.io iptables-services -y
if [ $? -gt 0 ]; then
echo -e "${RED}Issue installing docker, exiting...${NC}"
exit 1
else
echo -e "${GREEN}docker installed successfully${NC}"
fi
}
function install_docker_compose {
which docker-compose
if [ $? -eq 0 ]; then
echo -e "${GREEN}docker-compose already installed${NC}"
return 0
fi
echo -e "${GREEN}Downloading docker compose...${NC}"
curl -L "https://github.com/docker/compose/releases/download/1.25.5/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
if [ $? -gt 0 ]; then
echo -e "${RED}There was an issue downloading docker compose, exiting...${NC}"
exit 1
fi
chmod +x /usr/local/bin/docker-compose
echo -e "${GREEN}docker-compose successfully installed${NC}"
}
function systemd_setup_services {
echo -e "${GREEN}Disabling NFS on host OS${NC}"
systemctl stop rpcbind.service
systemctl disable rpcbind.service
systemctl stop rpcbind.socket
systemctl disable rpcbind.socket
echo -e "${GREEN}Starting and enabling docker${NC}"
systemctl start docker.service
systemctl enable docker.service
systemctl enable iptables.service
}
function find_management_interface {
which ip
if [ $? -gt 0 ]; then
echo -e "${RED}This system doesn't have the ip command, cannot auto-determine interfaces. Exiting...${NC}"
exit 1
fi
AUTO_MGMT=`ip r get 8.8.8.8 | sed -En 's/^.*dev\s([a-zA-Z0-9_]+)\s.*$/\1/p'`
}
function get_interfaces {
IIFS=( `ls /sys/class/net` )
# Remove loopback
IIFS=( ${IIFS[@]/lo} )
# Remove docker0
IIFS=( ${IIFS[@]/docker0} )
}
function setup_centos_blasting_interface {
ifdown $BLASTING_IF
cat > "/etc/sysconfig/network-scripts/ifcfg-$BLASTING_IF" << EOF
BOOTPROTO=none
DEVICE=$BLASTING_IF
IPADDR=192.168.128.128
PREFIX=24
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
ZONE=trusted
NM_CONTROLLED=no
EOF
ifup $BLASTING_IF
}
function setup_iptables_rules {
iptables -A FORWARD -i $BLASTING_IF -j ACCEPT
iptables -A FORWARD -o $BLASTING_IF -j ACCEPT
iptables -t nat -A POSTROUTING -o $MGMT_IF -j MASQUERADE
service iptables save
}
function is_firewalld {
systemctl status firewalld
return $?
}
function setup_firewalld_rules {
firewall-cmd --permanent --zone=trusted --add-interface=$BLASTING_IF
firewall-cmd --permanent --zone=external --add-interface=$MGMT_IF
firewall-cmd --permanent --zone=external --add-service=http
firewall-cmd --reload
}
################### Main logic #############
determine_os
OS=$?
determine_init_sys
INIT_SYS=$?
case $OS in
1)
centos_setup_and_install_docker
install_docker_compose
;;
*)
echo -e "${RED}This script doesn't know how to handle this OS, exiting...${NC}"
exit 1
esac
case $INIT_SYS in
1)
systemd_setup_services
;;
esac
find_management_interface
while true; do
echo -e "${GREEN}It appears that the managemnt interface on this server is $AUTO_MGMT${NC}"
read -p "Is this correct? (entering \"list\" will show your interfaces) [yes/no/list] " INPUT
case $INPUT in
[Yy]*)
MGMT_IF=$AUTO_MGMT
break
;;
[Nn]*)
while true; do
read -p "Please enter the management interface (entering \"list\" will show your interfaces)" INPUT2
case $INPUT2 in
"list") ip a ;;
*)
if [ -e "/sys/class/net/$INPUT2" ]; then
MGMT_IF=$INPUT2
break
else
echo -e "${RED}You did not enter a valid interface name${NC}"
fi
;;
esac
done
break
;;
"list") ip a ;;
*) echo -e "${RED}Please answer yes, no, or list${NC}" ;;
esac
done
get_interfaces
IIFS=( ${IIFS[@]/$MGMT_IF} )
case ${#IIFS[@]} in
0)
echo -e "${RED}Could not find an additional interface for blasting. The blasting server requires two interfaces, exiting...${NC}"
exit 1
;;
1)
while true; do
echo -e "${GREEN}It appears that the blasting interface should be ${IIFS[0]}${NC}"
read -p "Is this correct? (entering \"list\" will show your interfaces) [yes/no/list] " INPUT
case $INPUT in
[Yy]*)
BLASTING_IF=${IIFS[0]}
break
;;
[Nn]*)
echo -e "${RED}The script was unable to find a valid blasting interface, please configure network setup manually, exiting...${NC}"
exit 1
;;
"list") ip a ;;
*) echo -e "${RED}Please answer yes, no, or list${NC}" ;;
esac
done
;;
*)
while true; do
echo -e "${GREEN}It looks like these interfaces are available for the blasting network: ${IIFS[@]}${NC}"
read -p "Please select an interface from this list (entering list will show your interface details)" INPUT
case $INPUT in
"list") ip a ;;
*)
if [[ " ${IIFS[@]} " =~ " ${INPUT} " ]]; then
BLASTING_IF=$INPUT
break
else
echo -e "${RED}$INPUT was not detected as a valid interface. Please select a valid interface or configure networking manually${NC}"
fi
;;
esac
done
;;
esac
echo -e "${GREEN}Using Management interface: $MGMT_IF and blasting interface: $BLASTING_IF${NC}"
echo BLASTING_INTERFACE=$BLASTING_IF > .env
case $OS in
1)
setup_centos_blasting_interface
setup_iptables_rules
is_firewalld
case $? in
0)
setup_firewalld_rules
;;
[1-3])
systemctl is-enabled firewalld
if [ $? -eq 0 ]; then
echo -e "${RED}Detected this system has firewalld and it is enabled but not running. Either start firewalld or disable firewalld and re-run. Exiting...${NC}"
exit 1
fi
;;
esac
;;
*)
echo -e "${RED}This script doesn't know how to handle this OS, exiting...${NC}"
exit 1
esac
echo -e "${GREEN}Network setup complete, building and starting the containers${NC}"
docker-compose up -d
echo -e "${GREEN}Blaster setup complete!${NC}"