-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsetup
executable file
·274 lines (227 loc) · 7.38 KB
/
setup
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
#!/bin/bash
setupLoadBalancer() {
CURDIR=$(pwd)
dnf -y remove mariadb*
cat <<EOT > /etc/yum.repos.d/mariadb.repo
# MariaDB 10.5 CentOS repository list - created 2021-06-04 18:19 UTC
# http://downloads.mariadb.org/mariadb/repositories/
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.5/centos8-amd64
module_hotfixes=1
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
EOT
dnf -y install MariaDB-server mariadb epel-release go git
dnf -y upgrade
systemctl enable --now mariadb
cd lb || exit
go mod init libstatsapi/lb
go mod tidy
go build
mv lb /usr/bin/lsapi-lb
mkdir /srv/
git clone https://github.com/noVNC/noVNC /srv/noVNC
git clone https://github.com/novnc/websockify /srv/noVNC/utils/websockify
read -p "MySQL User (cannot be 'root'): " mySqlUser
read -r -s -p "MySQL Password: " mySqlPass
echo "Creating database 'lsapi'"
mysql -e "CREATE DATABASE lsapi /*\!40100 DEFAULT CHARACTER SET utf8 */;"
echo "Creating user $mySqlUser"
mysql -e "CREATE USER ${mySqlUser} IDENTIFIED BY '${mySqlPass}';"
echo "Granting all privileges to $mySqlUser on DB 'lsapi'"
mysql -e "GRANT ALL PRIVILEGES ON lsapi.* TO ${mySqlUser}@'%' IDENTIFIED BY '${mySqlPass}';"
echo "Flushing privileges..."
mysql -e "FLUSH PRIVILEGES;"
echo "Done creating MySQL DB!"
sed -i 's/#bind-address=0.0.0.0/bind-address=0.0.0.0/' /etc/my.cnf.d/server.cnf
sed -i 's/#bind-address=127.0.0.1/bind-address=0.0.0.0/' /etc/my.cnf.d/server.cnf
sed -i 's/bind-address=127.0.0.1/bind-address=0.0.0.0/' /etc/my.cnf.d/server.cnf
systemctl restart mariadb
mkdir -p /etc/gammabyte/lsapi
mkdir -p /etc/gammabyte/lsapi/vnc
cat <<EOT > /etc/systemd/system/lsapi-lb.service
[Unit]
Description=LibStatsAPI Load Balancer daemon
Documentation=https://github.com/gammabyte-xyz/LibStatsAPI
Wants=NetworkManager.service
After=NetworkManager.service
[Service]
ExecStart=/usr/bin/lsapi-lb
[Install]
WantedBy=multi-user.target
EOT
systemctl daemon-reload
systemctl enable lsapi-lb
cat <<EOT > /etc/gammabyte/lsapi/config-lb.yml
##############################################
# EDIT THIS BEFORE STARTING THE LOADBALANCER #
##############################################
listen_port: "8082"
listen_address: "0.0.0.0"
###### CHANGE THESE ######
sql_password: "$mySqlPass"
sql_user: "$mySqlUser"
##########################
sql_address: "localhost"
syslog_server: "yoursyslog.server.tld:514"
auth_server: "localhost:8083"
# Setting this to true will prevent this host from proxying requests to internal nodes.
lock_node: false
EOT
"${EDITOR:-nano}" /etc/gammabyte/lsapi/config-lb.yml || "${EDITOR:-vi}" /etc/gammabyte/lsapi/config-lb.yml
cat <<EOT > /etc/gammabyte/lsapi/hosts.conf
# Add a host here with the FQDN (Must be resolvable)
[fqdn.of.yourhost.tld]
addr 1.2.3.4
hostname fqdn.of.yourhost.tld
EOT
"${EDITOR:-nano}" /etc/gammabyte/lsapi/hosts.conf || "${EDITOR:-vi}" /etc/gammabyte/lsapi/hosts.conf
systemctl start lsapi-lb
echo ""
echo "Done. A Systemd service (lsapi-lb) has been enabled on boot and started."
cd $CURDIR || exit
}
setupAuthHost() {
CURDIR=$(pwd)
cd auth || exit
dnf -y install git go epel-release
dnf -y upgrade
dnf -y install mariadb-client || dnf -y install MariaDB-client
go mod init libstatsapi/auth
go mod tidy
go build
mv auth /usr/bin/lsapi-auth
cat <<EOT > /etc/gammabyte/lsapi/config-auth.yml
##############################################
# EDIT THIS BEFORE STARTING THE LOADBALANCER #
##############################################
auth_listen_port: "8083"
listen_address: "0.0.0.0"
###### CHANGE THESE ######
sql_password: "yourSqlPassword"
sql_user: "yourSqlUser"
sql_address: "localhost"
##########################
syslog_server: "yoursyslog.server.tld:514"
auth_server: "localhost:8083"
EOT
"${EDITOR:-nano}" /etc/gammabyte/lsapi/config-auth.yml || "${EDITOR:-vi}" /etc/gammabyte/lsapi/config-auth.yml
cat <<EOT > /etc/systemd/system/lsapi-auth.service
[Unit]
Description=LibStatsAPI Authentication API daemon
Documentation=https://github.com/gammabyte-xyz/LibStatsAPI
Wants=NetworkManager.service
After=NetworkManager.service
[Service]
ExecStart=/usr/bin/lsapi-auth
[Install]
WantedBy=multi-user.target
EOT
systemctl daemon-reload
systemctl enable lsapi-auth --now
cd $CURDIR || exit
echo "Done. A Systemd service (lsapi-auth) has been enabled on boot and started."
}
setupKvmHost() {
CURDIR=$(pwd)
dnf -y install libvirt virt-install libvirt-devel qemu-kvm libvirt-daemon-driver-qemu curl wget ninja-build git
cd kvm || exit
go mod init libstatsapi
go mod tidy
go build
mv libstatsapi /usr/bin/libstatsapi
cd ..
cd host || exit
go mod init libstatsapi/host
go mod tidy
go build
mv host /usr/bin/lsapi-host
cat <<EOT > /etc/systemd/system/lsapi-kvm.service
[Unit]
Description=LibStatsAPI Virtualization API daemon
Documentation=https://github.com/gammabyte-xyz/LibStatsAPI
Wants=NetworkManager.service
After=NetworkManager.service
[Service]
ExecStart=/usr/bin/libstatsapi
[Install]
WantedBy=multi-user.target
EOT
cat <<EOT > /etc/systemd/system/lsapi-host.service
[Unit]
Description=LibStatsAPI Host Stats API daemon
Documentation=https://github.com/gammabyte-xyz/LibStatsAPI
Wants=NetworkManager.service
After=NetworkManager.service
[Service]
ExecStart=/usr/bin/lsapi-host
[Install]
WantedBy=multi-user.target
EOT
cat <<EOT > /etc/gammabyte/lsapi/config-kvm.yml
volume_path: "/var/lib/libvirt/images"
listen_port: "8082"
listen_address: "0.0.0.0"
#### CHANGE THESE ####
sql_password: "yourSqlPassword"
sql_user: "yourSqlUser"
vm_manufacturer: "yourPreferredManufacturer"
sql_address: "fqdn.yoursqlserver.tld"
master_ip: "fqdn.your-loadbalancer.tld"
######################
domain_bandwidth: 1000
virtual_network_subnet: "192.168.2"
syslog_server: "fqdn.syslog.tld:514"
auth_server: "fqdn.auth-host.tld:8083"
EOT
"${EDITOR:-nano}" /etc/gammabyte/lsapi/config-kvm.yml || "${EDITOR:-vi}" /etc/gammabyte/lsapi/config-kvm.yml
systemctl daemon-reload
systemctl enable --now lsapi-kvm lsapi-host
if [[ "$(getenforce)" == "Enforcing" ]]; then
/sbin/restorecon -v /usr/bin/libstatsapi
/sbin/restorecon -v /usr/bin/lsapi-host
setsebool -P nis_enabled 1
ausearch -c 'lsapi-host' --raw | audit2allow -M my-lsapihost
semodule -X 300 -i my-lsapihost.pp
ausearch -c 'libstatsapi' --raw | audit2allow -M my-libstatsapi
semodule -X 300 -i my-libstatsapi.pp
ausearch -c '(statsapi)' --raw | audit2allow -M my-statsapi
semodule -X 300 -i my-statsapi.pp
rm -f my-libstatsapi.*
rm -f my-statsapi.*
rm -f my-lsapihost.*
systemctl restart lsapi-kvm
fi
cd $CURDIR || exit
echo "Done. A Systemd service (lsapi-kvm) has been enabled on boot and started."
}
PS3='Select host type: '
options=("Load Balancer (Master)" "Authentication Host" "KVM (Virtual Machine) Host" "Quit")
select opt in "${options[@]}"
do
case $opt in
"Load Balancer (Master)")
hostType="loadBalancerHost"
echo "Setting up load balancer..."
setupLoadBalancer
break
;;
"Authentication Host")
hostType="authHost"
echo "Setting up authentication host..."
setupAuthHost
break
;;
"KVM (Virtual Machine) Host")
hostType="kvmHost"
echo "Setting up KVM host..."
setupKvmHost
break
;;
"Quit")
break
;;
*) echo "invalid option $REPLY";;
esac
done