beenull/OpenPanel
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
OpenPanel/INSTALL.sh
Stefan Pejcic 33c5ef4c3c
Update INSTALL.sh
2024-05-25 22:05:26 +02:00

1190 lines
37 KiB
Bash
Raw Permalink Blame History

#!/bin/bash
################################################################################
# Script Name: INSTALL.sh
# Description: Install the latest version of OpenPanel
# Usage: cd /home && (curl -sSL https://get.openpanel.co || wget -O - https://get.openpanel.co) | bash
# Author: Stefan Pejcic
# Created: 11.07.2023
# Last Modified: 25.05.2024
# Company: openpanel.co
# Copyright (c) OPENPANEL
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
################################################################################
# Colors for output
GREEN='\033[0;32m'
RED='\033[0;31m'
RESET='\033[0m'
# Defaults
CUSTOM_VERSION=false
INSTALL_TIMEOUT=1800 # 30 min
DEBUG=false
SKIP_APT_UPDATE=false
SKIP_IMAGES=false
REPAIR=false
LOCALES=true
NO_SSH=false
INSTALL_FTP=false
INSTALL_MAIL=false
OVERLAY=false
IPSETS=false
# Paths
LOG_FILE="openpanel_install.log"
LOCK_FILE="/root/openpanel.lock"
OPENPANEL_DIR="/usr/local/panel/"
OPENPADMIN_DIR="/usr/local/admin/"
OPENCLI_DIR="/usr/local/admin/scripts/"
OPENPANEL_ERR_DIR="/var/log/openpanel/"
SERVICES_DIR="/etc/systemd/system/"
TEMP_DIR="/tmp/"
# Redirect output to the log file
exec > >(tee -a "$LOG_FILE") 2>&1
#####################################################################
# #
# START helper functions #
# #
#####################################################################
# logo
print_header() {
printf '%*s\n' "${COLUMNS:-$(tput cols)}" '' | tr ' ' -
echo -e " ____ _____ _ "
echo -e " / __ \ | __ \ | | "
echo -e " | | | | _ __ ___ _ __ | |__) | __ _ _ __ ___ | | "
echo -e " | | | || '_ \ / _ \| '_ \ | ___/ / _\" || '_ \ / _ \| | "
echo -e " | |__| || |_) || __/| | | | | | | (_| || | | || __/| | "
echo -e " \____/ | .__/ \___||_| |_| |_| \__,_||_| |_| \___||_| "
echo -e " | | "
echo -e " |_| "
printf '%*s\n' "${COLUMNS:-$(tput cols)}" '' | tr ' ' -
}
install_started_message(){
echo -e ""
echo -e "\nStarting the installation of OpenPanel. This process will take approximately 5-10 minutes."
echo -e "During this time, we will:"
echo -e "- Install necessary services and tools."
echo -e "- Create an admin account for you."
echo -e "- Set up the firewall for enhanced security."
echo -e "- Install needed Docker images."
echo -e "- Set up basic hosting plans so you can start right away."
echo -e "\nThank you for your patience. We're setting everything up for your seamless OpenPanel experience!\n"
printf '%*s\n' "${COLUMNS:-$(tput cols)}" '' | tr ' ' -
echo -e ""
}
# Display error and exit
radovan() {
echo -e "${RED}Error: $2${RESET}" >&2
exit $1
}
# print the command and its output if debug, else run and echo to /dev/null
debug_log() {
if [ "$DEBUG" = true ]; then
echo "Running: $@"
"$@"
else
"$@" > /dev/null 2>&1
fi
}
# Check if a package is already installed
is_package_installed() {
if [ "$DEBUG" = false ]; then
$PACKAGE_MANAGER -qq list "$1" 2>/dev/null | grep -qE "^ii"
else
$PACKAGE_MANAGER -qq list "$1" | grep -qE "^ii"
echo "Updating package manager.."
fi
}
# Get server ipv4 from ip.openpanel.co
current_ip=$(curl -s https://ip.openpanel.co || wget -qO- https://ip.openpanel.co)
# If site is not available, get the ipv4 from the hostname -I
if [ -z "$current_ip" ]; then
current_ip=$(hostname -I | awk '{print $1}')
fi
if [ "$CUSTOM_VERSION" = false ]; then
# Fetch the latest version
version=$(curl -s https://update.openpanel.co/)
if [[ $version =~ [0-9]+\.[0-9]+\.[0-9]+ ]]; then
version=$version
else
version="0.1.8"
fi
fi
# print fullwidth line
print_space_and_line() {
echo " "
printf '%*s\n' "${COLUMNS:-$(tput cols)}" '' | tr ' ' -
echo " "
}
# Progress bar script
PROGRESS_BAR_URL="https://raw.githubusercontent.com/pollev/bash_progress_bar/master/progress_bar.sh"
PROGRESS_BAR_FILE="progress_bar.sh"
wget "$PROGRESS_BAR_URL" -O "$PROGRESS_BAR_FILE" > /dev/null 2>&1
if [ ! -f "$PROGRESS_BAR_FILE" ]; then
echo "Failed to download progress_bar.sh"
exit 1
fi
# Source the progress bar script
source "$PROGRESS_BAR_FILE"
# Dsiplay progress bar
FUNCTIONS=(
detect_os_and_package_manager
update_package_manager
install_packages
setup_openpanel
setup_openadmin
configure_docker
configure_nginx
configure_modsecurity
run_mysql_docker_container
setup_ufw
setup_ftp
setup_email
setup_opencli
install_all_locales
helper_function_for_nginx_on_aws_and_azure
download_and_import_docker_images
configure_mysql
start_services
set_system_cronjob
cleanup
generate_and_set_ssl_for_panels
clean_apt_cache
verify_license
)
TOTAL_STEPS=${#FUNCTIONS[@]}
CURRENT_STEP=0
update_progress() {
CURRENT_STEP=$((CURRENT_STEP + 1))
PERCENTAGE=$(($CURRENT_STEP * 100 / $TOTAL_STEPS))
draw_progress_bar $PERCENTAGE
}
main() {
# Make sure that the progress bar is cleaned up when user presses ctrl+c
enable_trapping
# Create progress bar
setup_scroll_area
for func in "${FUNCTIONS[@]}"
do
# Execute each function
$func
update_progress
done
destroy_scroll_area
}
# END helper functions
#####################################################################
# #
# START main functions #
# #
#####################################################################
check_requirements() {
if [ -z "$SKIP_REQUIREMENTS" ]; then
# https://github.com/stefanpejcic/openpanel/issues/63
architecture=$(lscpu | grep Architecture | awk '{print $2}')
if [ "$architecture" == "aarch64" ]; then
echo -e "${RED}Error: ARM CPU is not supported!${RESET}" >&2
exit 1
fi
# check if the current user is not root
if [ "$(id -u)" != "0" ]; then
echo -e "${RED}Error: you must be root to execute this script.${RESET}" >&2
exit 1
# check if OS is MacOS
elif [ "$(uname)" = "Darwin" ]; then
echo -e "${RED}Error: MacOS is not currently supported.${RESET}" >&2
exit 1
# check if running inside a container
elif [[ -f /.dockerenv || $(grep -sq 'docker\|lxc' /proc/1/cgroup) ]]; then
echo -e "${RED}Error: running openpanel inside a container is not supported.${RESET}" >&2
exit 1
fi
# check if python version is supported
current_python_version=$(python3 --version 2>&1 | cut -d " " -f 2 | cut -d "." -f 1,2 | tr -d '.')
allowed_versions=("39" "310" "311" "312" "38")
if [[ ! " ${allowed_versions[@]} " =~ " ${current_python_version} " ]]; then
echo -e "${RED}Error: Unsupported Python version $current_python_version. No corresponding branch available.${RESET}" >&2
exit 1
fi
fi
}
parse_args() {
for arg in "$@"; do
case $arg in
--skip-requirements)
SKIP_REQUIREMENTS=true
;;
--skip-panel-check)
SKIP_PANEL_CHECK=true
;;
--skip-apt-update)
SKIP_APT_UPDATE=true
;;
--repair)
REPAIR=true
SKIP_PANEL_CHECK=true
SKIP_REQUIREMENTS=true
;;
--overlay2)
OVERLAY=true
;;
--skip-firewall)
SKIP_FIREWALL=true
;;
--skip-images)
SKIP_IMAGES=true
;;
--skip-ssl)
SKIP_SSL=true
;;
--with_modsec)
MODSEC=true
;;
--debug)
DEBUG=true
;;
--ips)
SUPPORT_IPS=true
;;
--no-ssh)
NO_SSH=true
;;
--enable-ftp)
INSTALL_FTP=true
;;
--enable-mail)
INSTALL_MAIL=true
;;
--post_install=*)
# Extract path after "--post_install="
post_install_path="${1#*=}"
;;
--version=*)
# Extract path after "--version="
CUSTOM_VERSION=true
version="${1#*=}"
;;
*)
echo "Unknown option: $arg"
exit 1
;;
esac
done
}
detect_installed_panels() {
if [ -z "$SKIP_PANEL_CHECK" ]; then
# Define an associative array with key as the directory path and value as the error message
declare -A paths=(
["/usr/local/panel"]="You already have OpenPanel installed. ${RESET}\nInstead, did you want to update? Run ${GREEN}'opencli update --force' to update OpenPanel."
["/usr/local/cpanel/whostmgr"]="cPanel WHM is installed. OpenPanel only supports servers without any hosting control panel installed."
["/opt/psa/version"]="Plesk is installed. OpenPanel only supports servers without any hosting control panel installed."
["/usr/local/psa/version"]="Plesk is installed. OpenPanel only supports servers without any hosting control panel installed."
["/usr/local/CyberPanel"]="CyberPanel is installed. OpenPanel only supports servers without any hosting control panel installed."
["/usr/local/directadmin"]="DirectAdmin is installed. OpenPanel only supports servers without any hosting control panel installed."
["/usr/local/cwpsrv"]="CentOS Web Panel (CWP) is installed. OpenPanel only supports servers without any hosting control panel installed."
["/usr/local/httpd"]="Apache WebServer is already installed. OpenPanel only supports servers without any webservers installed."
["/usr/local/apache2"]="Apache WebServer is already installed. OpenPanel only supports servers without any webservers installed."
["/usr/sbin/httpd"]="Apache WebServer is already installed. OpenPanel only supports servers without any webservers installed."
["/usr/lib/nginx"]="Nginx WebServer is already installed. OpenPanel only supports servers without any webservers installed."
)
for path in "${!paths[@]}"; do
if [ -d "$path" ] || [ -e "$path" ]; then
radovan 1 "${paths[$path]}"
fi
done
echo -e "${GREEN}No currently installed hosting control panels or webservers found. Proceeding with the installation process.${RESET}"
fi
}
detect_os_and_package_manager() {
if [ -f "/etc/os-release" ]; then
. /etc/os-release
case "$ID" in
"debian"|"ubuntu")
PACKAGE_MANAGER="apt-get"
;;
"centos"|"cloudlinux"|"rhel"|"fedora"|"almalinux")
PACKAGE_MANAGER="yum"
if [ "$(command -v dnf)" ]; then
PACKAGE_MANAGER="dnf"
fi
;;
*)
echo -e "${RED}Unsupported distribution: $ID. Exiting.${RESET}"
echo -e "${RED}INSTALL FAILED${RESET}"
exit 1
;;
esac
else
echo -e "${RED}Could not detect Linux distribution. Exiting..${RESET}"
echo -e "${RED}INSTALL FAILED${RESET}"
exit 1
fi
}
install_all_locales() {
# OpenPanel translations
#
# https://dev.openpanel.co/localization.html
#
echo "Installing FR, DE, TR locales."
# FR
cd ${OPENPANEL_DIR} && pybabel init -i messages.pot -d translations -l fr
debug_log "wget -O ${OPENPANEL_DIR}translations/fr/LC_MESSAGES/messages.po https://raw.githubusercontent.com/stefanpejcic/openpanel-translations/main/fr-fr/messages.pot"
# DE
cd ${OPENPANEL_DIR} && pybabel init -i messages.pot -d translations -l de
debug_log "wget -O ${OPENPANEL_DIR}translations/de/LC_MESSAGES/messages.po https://raw.githubusercontent.com/stefanpejcic/openpanel-translations/main/de-de/messages.pot"
# TR
cd ${OPENPANEL_DIR} && pybabel init -i messages.pot -d translations -l tr
debug_log "wget -O ${OPENPANEL_DIR}translations/tr/LC_MESSAGES/messages.po https://raw.githubusercontent.com/stefanpejcic/openpanel-translations/main/tr-tr/messages.pot"
pybabel compile -d translations
}
check_lock_file_age() {
if [ "$REPAIR" = true ]; then
rm "$LOCK_FILE"
# and if lock file exists
if [ -e "$LOCK_FILE" ]; then
local current_time=$(date +%s)
local file_time=$(stat -c %Y "$LOCK_FILE")
local age=$((current_time - file_time))
if [ "$age" -ge "$INSTALL_TIMEOUT" ]; then
echo -e "${GREEN}Identified a prior interrupted OpenPanel installation; initiating a fresh installation attempt.${RESET}"
rm "$LOCK_FILE" # Remove the old lock file
else
echo -e "${RED}Detected another OpenPanel installation already running. Exiting.${RESET}"
exit 1
fi
else
# Create the lock file
touch "$LOCK_FILE"
echo "OpenPanel installation started at: $(date)"
fi
fi
}
clean_apt_cache(){
# clear /var/cache/apt/archives/
apt-get clean
# TODO: cover https://github.com/debuerreotype/debuerreotype/issues/95
}
setup_ftp() {
if [ "$INSTALL_FTP" = true ]; then
echo "Installing experimental FTP service."
curl -sSL https://raw.githubusercontent.com/stefanpejcic/OpenPanel-FTP/master/setup.sh | bash
fi
}
setup_email() {
if [ "$INSTALL_MAIL" = true ]; then
echo "Installing experimental Email service."
curl -sSL https://raw.githubusercontent.com/stefanpejcic/OpenMail/master/setup.sh | bash --dovecot
fi
}
setup_ufw() {
if [ -z "$SKIP_FIREWALL" ]; then
echo "Setting up the firewall.."
debug_log wget -qO /usr/local/bin/ufw-docker https://github.com/chaifeng/ufw-docker/raw/master/ufw-docker > /dev/null 2>&1 &&
debug_log chmod +x /usr/local/bin/ufw-docker
# block all docker ports so we can manually open only what is needed
debug_log ufw-docker install
debug_log ufw allow 80/tcp #http
debug_log ufw allow 53 #dns
debug_log ufw allow 443/tcp # https
debug_log ufw allow 2083/tcp #openpanel
debug_log ufw allow 2087/tcp #openadmin
if [ "$NO_SSH" = false ]; then
# whitelist user running the script
ip_of_user_running_the_script=$(w -h | grep -m1 -oP '\d+\.\d+\.\d+\.\d+')
debug_log ufw allow from $ip_of_user_running_the_script
# close port 22
debug_log ufw allow 22 #ssh
fi
# set https://github.com/stefanpejcic/ipset-blacklist
if [ "$IPSETS" = true ]; then
if [ "$DEBUG" = true ]; then
bash <(curl -sSL https://raw.githubusercontent.com/stefanpejcic/ipset-blacklist/master/setup.sh)
else
bash <(curl -sSL https://raw.githubusercontent.com/stefanpejcic/ipset-blacklist/master/setup.sh) > /dev/null 2>&1
fi
fi
if [ "$SUPPORT_IPS" = true ]; then
# Whitelisting our VPN ip addresses from https://ip.openpanel.co/ips/
ip_list=$(curl -s https://ip.openpanel.co/ips/)
ip_list=$(echo "$ip_list" | sed 's/<br \/>/\n/g')
debug_log "Whitelisting IPs from https://ip.openpanel.co/ips/"
while IFS= read -r ip; do
ip=$(echo "$ip" | tr -d '[:space:]')
debug_log ufw allow from $ip
done <<< "$ip_list"
fi
debug_log ufw --force enable
debug_log ufw reload
fi
}
update_package_manager() {
if [ "$SKIP_APT_UPDATE" = false ]; then
echo "Updating package manager.."
debug_log $PACKAGE_MANAGER update -y
fi
}
install_packages() {
echo "Installing required services.."
# https://www.faqforge.com/linux/fixed-ubuntu-apt-get-upgrade-auto-restart-services/
debug_log sed -i 's/#$nrconf{restart} = '"'"'i'"'"';/$nrconf{restart} = '"'"'a'"'"';/g' /etc/needrestart/needrestart.conf
packages=("python3-flask" "python3-pip" "docker.io" "mysql-client-core-8.0" "docker-compose" "nginx" "zip" "unzip" "bind9" "gunicorn" "ufw" "jc" "certbot" "python3-certbot-nginx" "sqlite3" "geoip-bin")
if [ "$PACKAGE_MANAGER" == "apt-get" ]; then
#only once..
debug_log $PACKAGE_MANAGER -qq install apt-transport-https ca-certificates -y
echo "Updating certificates.."
if [ "$DEBUG" = false ]; then
update-ca-certificates > /dev/null 2>&1
else
update-ca-certificates
fi
echo -e "Installing services.."
for package in "${packages[@]}"; do
echo -e "Installing ${GREEN}$package${RESET}"
debug_log $PACKAGE_MANAGER -qq install "$package" -y
done
for package in "${packages[@]}"; do
if is_package_installed "$package"; then
echo -e "${GREEN}$package is already installed. Skipping.${RESET}"
else
debug_log $PACKAGE_MANAGER -qq install "$package"
if [ $? -ne 0 ]; then
echo "Error: Installation of $package failed."
exit 1
fi
fi
done
elif [ "$PACKAGE_MANAGER" == "yum" ]; then
for package in "${packages[@]}"; do
echo -e "Installing ${GREEN}$package${RESET}"
$PACKAGE_MANAGER install "$package" -y
done
elif [ "$PACKAGE_MANAGER" == "dnf" ]; then
# MORA DRUGI ZA ALMU..
packages=("python3-flask" "python3-pip" "docker-ce" "docker-compose" "docker-ce-cli" "mysql-client-core-8.0" "containerd.io" "docker-compose-plugin" "nginx" "zip" "unzip" "ufw" "certbot" "python3-certbot-nginx" "sqlite3" "geoip-bin")
#utils must be added first, then install from that repo
dnf install yum-utils -y
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
# needed for ufw and gunicorn
dnf install epel-release
# ovo za gunicorn
dnf install python3-pip python3-devel gcc -y
# bind radi ovako
dnf install bind bind-utils -y
for package in "${packages[@]}"; do
echo -e "Installing ${GREEN}$package${RESET}"
$PACKAGE_MANAGER install "$package" -y
done
#gunicorn mora preko pip na almi..
pip3 install gunicorn flask
else
echo -e "${RED}Unsupported package manager: $PACKAGE_MANAGER${RESET}"
return 1
fi
}
configure_nginx() {
# Nginx
echo "Setting Nginx configuration.."
# https://dev.openpanel.co/services/nginx
debug_log cp -fr ${OPENPANEL_DIR}conf/nginx.conf /etc/nginx/nginx.conf
# dir for domlogs
debug_log mkdir -p /var/log/nginx/domlogs
# 444 status for domains pointed to the IP but not added to nginx
debug_log cp -fr ${OPENPANEL_DIR}conf/default.nginx.conf /etc/nginx/sites-enabled/default
# Replace IP_HERE with the value of $current_ip
debug_log sed -i "s/IP_HERE/$current_ip/" /etc/nginx/sites-enabled/default
# Setting pretty error pages for nginx, but need to add them inside containers also!
debug_log mkdir -p /srv/http/default
debug_log git clone https://github.com/denysvitali/nginx-error-pages /srv/http/default > /dev/null 2>&1
debug_log mkdir /etc/nginx/snippets/ > /dev/null 2>&1
debug_log ln -s /srv/http/default/snippets/error_pages.conf /etc/nginx/snippets/error_pages.conf
debug_log ln -s /srv/http/default/snippets/error_pages_content.conf /etc/nginx/snippets/error_pages_content.conf
}
run_mysql_docker_container() {
# MySQL
# FIX for Ubuntu24: docker: failed to register layer: devicemapper: Error running deviceSuspend dm_task_run failed.
#docker pull --platform linux/amd64 mysql
# set random password
MYSQL_ROOT_PASSWORD=$(openssl rand -base64 -hex 9)
if [ "$REPAIR" = true ]; then
echo "RAPAIR: Removing existing mysql database."
docker stop openpanel_mysql
docker rm openpanel_mysql
docker volume rm openpanel_mysql_data
fi
# run the container
docker run -d -p 3306:3306 --name openpanel_mysql \
-e MYSQL_ROOT_PASSWORD="$MYSQL_ROOT_PASSWORD" \
-e MYSQL_DATABASE=panel \
-e MYSQL_USER=panel \
-e MYSQL_PASSWORD="$MYSQL_ROOT_PASSWORD" \
-v openpanel_mysql_data:/var/lib/mysql \
--memory="1g" --cpus="1" \
--restart=always \
--oom-kill-disable \
mysql/mysql-server
if docker ps -a --format '{{.Names}}' | grep -q "openpanel_mysql"; then
# show password
echo "Generated MySQL password: $MYSQL_ROOT_PASSWORD"
if [ "$REPAIR" = true ]; then
rm /etc/my.cnf
fi
ln -s /usr/local/admin/db.cnf /etc/my.cnf
# Update configuration files with new password
sed -i "s/\"mysql_password\": \".*\"/\"mysql_password\": \"${MYSQL_ROOT_PASSWORD}\"/g" /usr/local/admin/config.json
sed -i "s/\"mysql_user\": \".*\"/\"mysql_user\": \"panel\"/g" /usr/local/admin/config.json
sed -i "s/password = \".*\"/password = \"${MYSQL_ROOT_PASSWORD}\"/g" /usr/local/admin/db.cnf
sed -i "s/user = \".*\"/user = \"panel\"/g" /usr/local/admin/db.cnf
else
radovan 1 "Installation failed! Unable to start docker container for MySQL."
fi
}
configure_mysql() {
# Check if the Docker container exists
if docker ps -a --format '{{.Names}}' | grep -q "openpanel_mysql"; then
# Fix for: ERROR 2013 (HY000): Lost connection to MySQL server at 'reading initial communication packet', system error: 2
# Function to check if MySQL is running
mysql_is_running() {
if mysqladmin --defaults-extra-file="/usr/local/admin/db.cnf" ping &> /dev/null; then
return 0 # MySQL is running
else
return 1 # MySQL is not running
fi
}
# Wait for MySQL to start
wait_for_mysql() {
retries=5
while [ $retries -gt 0 ]; do
if mysql_is_running; then
return 0 # MySQL is running
else
echo "Waiting for MySQL to start..."
sleep 5
retries=$((retries - 1))
fi
done
return 1 # MySQL did not start after retries
}
# Wait for MySQL to start
wait_for_mysql
# Create database
mysql --defaults-extra-file="/usr/local/admin/db.cnf" -e "CREATE DATABASE IF NOT EXISTS panel;"
#mysql --defaults-extra-file="/usr/local/admin/db.cnf" -e "GRANT PROCESS ON *.* TO 'panel'@'%';"
mysql --defaults-extra-file="/usr/local/admin/db.cnf" -D "panel" < ${OPENPANEL_DIR}DATABASE.sql
# Check if SQL file was imported successfully
if mysql --defaults-extra-file="/usr/local/admin/db.cnf" -D "panel" -e "SELECT 1 FROM plans LIMIT 1;" &> /dev/null; then
echo -e "${GREEN}Database is ready.${RESET}"
else
echo "SQL file import failed or database is not ready."
radovan 1 "Installation failed!"
fi
else
echo "Docker container 'openpanel_mysql' does not exist. Please make sure the container is running."
radovan 1 "Installation failed! "
fi
}
configure_docker() {
docker_daemon_json_path="/etc/docker/daemon.json"
debug_log mkdir -p $(dirname "$docker_daemon_json_path")
# Docker
if [ "$OVERLAY" = true ]; then
debug_log "Setting default storage driver for Docker from to 'overlay2'.."
### to be removed in 0.1.8
daemon_json_content='{
"storage-driver": "overlay2",
"log-driver": "local",
"log-opts": {
"max-size": "5m"
}
}'
echo "$daemon_json_content" > "$docker_daemon_json_path"
###
else
debug_log "Changing default storage driver for Docker from 'overlay2' to 'devicemapper'.."
### to be removed in 0.1.8
daemon_json_content='{
"storage-driver": "devicemapper",
"log-driver": "local",
"log-opts": {
"max-size": "5m"
}
}'
echo "$daemon_json_content" > "$docker_daemon_json_path"
###
fi
# to be used in 0.1.8+
#cp /usr/local/panel/conf/docker.daemon.json $docker_daemon_json_path
echo -e "${GREEN}Docker is configured.${RESET}"
debug_log systemctl daemon-reload
systemctl restart docker
}
configure_modsecurity() {
# ModSecurity
#
# https://openpanel.co/docs/admin/settings/waf/#install-modsecurity
#
if [ "$MODSEC" ]; then
echo "Installing ModSecurity and setting OWASP core ruleset.."
debug_log opencli nginx-install_modsec
fi
}
setup_openpanel() {
if [ "$REPAIR" = true ]; then
rm -rf $OPENPANEL_DIR
fi
# OpenPanel
#
# https://openpanel.co/docs/panel/intro/
#
echo "Setting up User panel.."
# check python version again, in case if --skip-requirements or --repair flags are used
current_python_version=$(python3 --version 2>&1 | cut -d " " -f 2 | cut -d "." -f 1,2 | tr -d '.')
mkdir -p $OPENPANEL_DIR
mkdir -p ${OPENPANEL_DIR}users
# Clone the git branch for that python version
wget -O ${TEMP_DIR}openpanel.tar.gz "https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/openpanel/$current_python_version/compressed.tar.gz" > /dev/null 2>&1 || radovan 1 "wget failed for https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/openpanel/$current_python_version/compressed.tar.gz"
cd ${TEMP_DIR} && tar -xzf openpanel.tar.gz -C $OPENPANEL_DIR
rm ${TEMP_DIR}openpanel.tar.gz
export PYTHONPATH=$OPENPANEL_DIR:$PYTHONPATH
cd $OPENPANEL_DIR
cp -fr services/panel.service ${SERVICES_DIR}panel.service
echo "Installing PIP requirements for User panel.."
# FIX FOR: https://peps.python.org/pep-0668/
if [[ ($current_python_version == "311" || $current_python_version == "312") ]]; then
debug_log "Installing PIP requirements for OpenPanel with break-system-packages..."
debug_log pip install -r requirements.txt --break-system-packages
else
debug_log "Installing PIP requirements for OpenPanel without break-system-packages..."
debug_log pip install -r requirements.txt
fi
echo "Setting the API service for website screenshots.."
debug_log playwright install
debug_log playwright install-deps
mv ${OPENPANEL_DIR}icons/ ${OPENPANEL_DIR}static/images/icons
}
setup_openadmin() {
# OpenAdmin
#
# https://openpanel.co/docs/admin/intro/
#
echo "Setting up Admin panel.."
if [ "$REPAIR" = true ]; then
rm -rf $OPENPADMIN_DIR
fi
mkdir -p $OPENPADMIN_DIR
# Clone the branch for that python version
wget -O ${TEMP_DIR}openadmin.tar.gz "https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/openadmin/$current_python_version/compressed.tar.gz" > /dev/null 2>&1 || radovan 1 "wget failed for https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/openadmin/$current_python_version/compressed.tar.gz"
debug_log cd ${TEMP_DIR}
debug_log tar -xzf openadmin.tar.gz -C $OPENPADMIN_DIR
debug_log unzip ${OPENPADMIN_DIR}static/dist.zip -d ${OPENPADMIN_DIR}static/dist/
debug_log rm ${TEMP_DIR}openadmin.tar.gz ${OPENPADMIN_DIR}static/dist.zip
debug_log cd $OPENPADMIN_DIR
cp -fr service/admin.service ${SERVICES_DIR}admin.service
# Fix for: ModuleNotFoundError: No module named 'pyarmor_runtime_000000'
wget -O ${OPENPADMIN_DIR}service/service.config.py https://gist.githubusercontent.com/stefanpejcic/37805c6781dc3beb1730fec82ee5ae34/raw/d7e8a6c1608c265aed89e97dcecea518b222ac86/service.config.py > /dev/null 2>&1
echo "Installing PIP requirements for Admin panel.."
# FIX FOR: https://peps.python.org/pep-0668/
if [[ ($current_python_version == "311" || $current_python_version == "312") ]]; then
debug_log "Installing PIP requirements for OpenAdmin with break-system-packages..."
debug_log pip install -r requirements.txt --break-system-packages
else
debug_log "Installing PIP requirements for OpenAdmin without break-system-packages..."
debug_log pip install -r requirements.txt
fi
echo "Creating Admin user.."
touch ${OPENPADMIN_DIR}users.db
export PYTHONPATH=$OPENPADMIN_DIR:$PYTHONPATH
admin_password=$(openssl rand -base64 12 | tr -d '=+/')
password_hash=$(python3 ${OPENPADMIN_DIR}core/users/hash $admin_password)
debug_log sqlite3 ${OPENPADMIN_DIR}users.db "CREATE TABLE IF NOT EXISTS user (id INTEGER PRIMARY KEY, username TEXT UNIQUE NOT NULL, password_hash TEXT NOT NULL, role TEXT NOT NULL DEFAULT 'user', is_active BOOLEAN DEFAULT 1 NOT NULL);" "INSERT INTO user (username, password_hash, role) VALUES ('admin', \"$password_hash\", 'admin');"
}
set_system_cronjob(){
echo "Setting cronjobs.."
mv /usr/local/panel/conf/cron /etc/cron.d/openpanel
chown root:root /etc/cron.d/openpanel
chmod 0600 /etc/cron.d/openpanel
}
setup_opencli() {
# OpenCLI
#
# https://dev.openpanel.co/cli/
#
echo "Setting OpenPanel CLI scripts.."
if [ "$REPAIR" = true ]; then
rm -rf $OPENCLI_DIR
fi
debug_log mkdir -p $OPENCLI_DIR
wget -O ${TEMP_DIR}opencli.tar.gz "https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/opencli/compressed.tar.gz" > /dev/null 2>&1 || radovan 1 "wget failed for https://storage.googleapis.com/openpanel/$version/get.openpanel.co/downloads/$version/opencli/compressed.tar.gz"
debug_log cd ${TEMP_DIR} && tar -xzf opencli.tar.gz -C $OPENCLI_DIR
debug_log rm ${TEMP_DIR}opencli.tar.gz
debug_log bash ${OPENCLI_DIR}install.sh
debug_log source ~/.bashrc
echo -e "${GREEN}opencli commands are now available.${RESET}"
debug_log chmod +x -R ${OPENCLI_DIR}
echo "Creating directories for logs.."
debug_log mkdir -p ${OPENPANEL_ERR_DIR}admin ${OPENPANEL_ERR_DIR}user
debug_log -e "${GREEN}OpenCLI has been successfully installed.${RESET}"
}
cleanup() {
echo "Cleaning up.."
# https://www.faqforge.com/linux/fixed-ubuntu-apt-get-upgrade-auto-restart-services/
sed -i 's/$nrconf{restart} = '"'"'a'"'"';/#$nrconf{restart} = '"'"'i'"'"';/g' /etc/needrestart/needrestart.conf
rm -rf ${OPENPANEL_DIR}INSTALL.sh ${OPENPANEL_DIR}DATABASE.sql ${OPENPANEL_DIR}requirements.txt ${OPENPANEL_DIR}conf/nginx.conf ${OPENPANEL_DIR}conf/mysqld.cnf ${OPENPANEL_DIR}conf/named.conf.options ${OPENPANEL_DIR}conf/default.nginx.conf ${OPENPANEL_DIR}conf/.gitkeep ${OPENPANEL_DIR}templates/dist.zip ${OPENPANEL_DIR}install
rm -rf ${OPENPANEL_DIR}services
}
start_services() {
echo "Starting services.."
systemctl restart panel admin nginx ufw
systemctl enable panel admin nginx ufw
}
helper_function_for_nginx_on_aws_and_azure(){
#
# FIX FOR:
#
# https://stackoverflow.com/questions/3191509/nginx-error-99-cannot-assign-requested-address/13141104#13141104
#
# Check the status of nginx service and capture the output
nginx_status=$(systemctl status nginx 2>&1)
# Search for "Cannot assign requested address" in the output
if echo "$nginx_status" | grep -q "Cannot assign requested address"; then
# If found, append the required line to /etc/sysctl.conf
echo "net.ipv4.ip_nonlocal_bind = 1" >> /etc/sysctl.conf
# Reload the sysctl configuration
sysctl -p /etc/sysctl.conf
# Change the bind ip in default nginx config
sed -i "s/IP_HERE/*/" /etc/nginx/sites-enabled/default
debug_log "echo Configuration updated and applied."
else
debug_log "echo Nginx started normally."
fi
}
download_and_import_docker_images() {
echo "Downloading docker images in the background.."
if [ "$SKIP_IMAGES" = false ]; then
opencli docker-update_images &
pid1=$!
disown $pid1
fi
}
generate_and_set_ssl_for_panels() {
if [ -z "$SKIP_SSL" ]; then
echo "Checking if SSL can be generated for the server hostname.."
debug_log opencli ssl-hostname
fi
}
run_custom_postinstall_script() {
if [ -n "$post_install_path" ]; then
# run the custom script
echo " "
echo "Running post install script.."
debug_log "https://dev.openpanel.co/customize.html#After-installation"
debug_log bash $post_install_path
fi
}
verify_license() {
debug_log "echo Current time: $(date +%T)"
server_hostname=$(hostname)
license_data='{"hostname": "'"$server_hostname"'", "public_ip": "'"$current_ip"'"}'
response=$(curl -s -X POST -H "Content-Type: application/json" -d "$license_data" https://api.openpanel.co/license-check)
debug_log "echo Checking OpenPanel license for IP address: $current_ip"
debug_log "echo Response: $response"
}
send_install_log(){
# Restore normal output to the terminal, so we dont save generated admin password in log file!
exec > /dev/tty
exec 2>&1
opencli report --public >> "$LOG_FILE"
curl -F "file=@/root/$LOG_FILE" http://support.openpanel.co/install_logs.php
# Redirect again stdout and stderr to the log file
exec > >(tee -a "$LOG_FILE")
exec 2>&1
}
rm_helpers(){
rm -rf $PROGRESS_BAR_FILE
}
support_message() {
echo ""
echo "🎉 Welcome aboard and thank you for choosing OpenPanel! 🎉"
echo ""
echo "Your journey with OpenPanel has just begun, and we're here to help every step of the way."
echo ""
echo "To get started, check out our Getting Started guide:"
echo "👉 https://openpanel.co/docs/admin/intro/#post-install-steps"
echo ""
echo "Need assistance or looking to learn more? We've got you covered:"
echo ""
echo "📚 Admin Docs: Dive into our comprehensive documentation for all things OpenPanel:"
echo "👉 https://openpanel.co/docs/admin/intro/"
echo ""
echo "💬 Forums: Join our community forum to ask questions, share tips, and connect with fellow admins:"
echo "👉 https://community.openpanel.co/"
echo ""
echo "🎮 Discord: For real-time chat and support, hop into our Discord server:"
echo "👉 https://discord.openpanel.co/"
echo ""
echo "We're thrilled to have you with us. Let's make something amazing together! 🚀"
echo ""
}
success_message() {
echo -e "${GREEN}OpenPanel installation complete.${RESET}"
echo ""
# Restore normal output to the terminal, so we dont save generated admin password in log file!
exec > /dev/tty
exec 2>&1
opencli admin
echo "Username: admin"
echo "Password: $admin_password"
echo " "
print_space_and_line
# Redirect again stdout and stderr to the log file
exec > >(tee -a "$LOG_FILE")
exec 2>&1
}
# END main functions
#####################################################################
# #
# START main script execution #
# #
#####################################################################
print_header
parse_args "$@"
check_requirements
detect_installed_panels
check_lock_file_age
install_started_message
main
send_install_log
rm_helpers
print_space_and_line
support_message
print_space_and_line
success_message
run_custom_postinstall_script
# END main script execution
Reference in a new issue View git blame Copy permalink