|
| 1 | +#!/bin/bash |
| 2 | + |
| 3 | +_scriptDir="/opt/stenographer" |
| 4 | + |
| 5 | +add_accounts () { |
| 6 | + if ! id stenographer &>/dev/null; then |
| 7 | + Info "Setting up stenographer user" |
| 8 | + sudo adduser --system --no-create-home stenographer |
| 9 | + fi |
| 10 | + if ! getent group stenographer &>/dev/null; then |
| 11 | + Info "Setting up stenographer group" |
| 12 | + sudo addgroup --system stenographer |
| 13 | + fi |
| 14 | +} |
| 15 | +install_certs () { |
| 16 | + sudo /opt/stenographer/stenokeys.sh stenographer stenographer |
| 17 | +} |
| 18 | + |
| 19 | +install_configs () { |
| 20 | + cd $_scriptDir |
| 21 | + |
| 22 | + Info "Setting up stenographer conf directory" |
| 23 | + if [ ! -d /etc/stenographer/certs ]; then |
| 24 | + sudo mkdir -p /etc/stenographer/certs |
| 25 | + sudo chown -R root:root /etc/stenographer/certs |
| 26 | + fi |
| 27 | + if [ ! -f /etc/stenographer/config ]; then |
| 28 | + sudo cp -vf configs/steno.conf /etc/stenographer/config |
| 29 | + sudo chown root:root /etc/stenographer/config |
| 30 | + sudo chmod 644 /etc/stenographer/config |
| 31 | + fi |
| 32 | + sudo chown root:root /etc/stenographer |
| 33 | + |
| 34 | + if grep -q /path/to /etc/stenographer/config; then |
| 35 | + echo "Create output directories and update settings in /etc/stenographer/config" |
| 36 | + fi |
| 37 | +} |
| 38 | + |
| 39 | +do_permissions () { |
| 40 | + export BINDIR="${BINDIR-/usr/bin}" |
| 41 | + sudo chown stenographer:root "$BINDIR/stenographer" |
| 42 | + sudo chmod 700 "$BINDIR/stenographer" |
| 43 | + sudo chown stenographer:root "$BINDIR/stenotype" |
| 44 | + sudo chmod 0500 "$BINDIR/stenotype" |
| 45 | + SetCapabilities "$BINDIR/stenotype" |
| 46 | + sudo chown root:root "$BINDIR/stenoread" |
| 47 | + sudo chmod 0755 "$BINDIR/stenoread" |
| 48 | + sudo chown root:root "$BINDIR/stenocurl" |
| 49 | + sudo chmod 0755 "$BINDIR/stenocurl" |
| 50 | +} |
| 51 | + |
| 52 | +install_service () { |
| 53 | + cd $_scriptDir |
| 54 | + |
| 55 | + if [ ! -f /etc/security/limits.d/stenographer.conf ]; then |
| 56 | + Info "Setting up stenographer limits" |
| 57 | + sudo cp -v configs/limits.conf /etc/security/limits.d/stenographer.conf |
| 58 | + fi |
| 59 | + |
| 60 | + if [ ! -f /etc/systemd/system/stenographer.service ]; then |
| 61 | + Info "Installing stenographer systemd service" |
| 62 | + sudo cp -v configs/systemd.conf /etc/systemd/system/stenographer.service |
| 63 | + sudo chmod 0644 /etc/systemd/system/stenographer.service |
| 64 | + fi |
| 65 | +} |
| 66 | + |
| 67 | +function SetCapabilities { |
| 68 | + sudo setcap 'CAP_NET_RAW+ep CAP_NET_ADMIN+ep CAP_IPC_LOCK+ep' "$1" |
| 69 | +} |
| 70 | + |
| 71 | + |
| 72 | +add_accounts |
| 73 | +install_configs |
| 74 | +install_certs |
| 75 | +do_permissions |
| 76 | +install_service |
| 77 | + |
| 78 | +echo "stenographer is ready." |
0 commit comments