rustdesk/rustdesk-server-pro
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

commit latest changes, still WIP

Browse Source
This commit is contained in:
Daniel Hansson 2023-10-03 11:59:09 +02:00 committed by GitHub
parent 97a4c12fa1
commit aebf0eff5d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 129 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

218
install.sh
View File

@ -1,15 +1,20 @@
#!/bin/bash #!/bin/bash
# shellcheck disable=SC2034
true
# see https://github.com/koalaman/shellcheck/wiki/Directive
# This script will do the following to install RustDesk Server Pro # This script will do the following to install RustDesk Server Pro
# 1. Install some dependencies # 1. Install some dependencies
# 2. Setup UFW firewall if available # 2. Setup UFW firewall if available
# 3. Create 2 folders /var/lib/rustdesk-server and /var/log/rustdesk-server # 3. Create 2 folders /var/lib/rustdesk-server and /var/log/rustdesk-server ("$RUSTDESK_LOG_DIR")
# 4. Download and extract RustDesk Pro Services to the above folder # 4. Download and extract RustDesk Pro Services to the above folder
# 5. Create systemd services for hbbs and hbbr # 5. Create systemd services for hbbs and hbbr
# 6. If you choose Domain, it will install Nginx and Certbot, allowing the API to be available on port 443 (https) and get an SSL certificate over port 80, it is automatically renewed # 6. If you choose Domain, it will install Nginx and Certbot, allowing the API to be available on port 443 (https) and get an SSL certificate over port 80, it is automatically renewed
# Get username # Get username
usern=$(whoami) usern=$(whoami)
# Not used?
admintoken=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c16) admintoken=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c16)
export admintoken export admintoken
@ -64,24 +69,26 @@ else
VER=$(uname -r) VER=$(uname -r)
fi fi
# shellcheck source=lib.sh
source ./lib.sh
# Output debugging info if $DEBUG set # Output debugging info if $DEBUG set
if [ "$DEBUG" = "true" ] if [ "$DEBUG" = "true" ]
then then
echo "OS: $OS" print_text_in_color "$ICyan" "OS: $OS"
echo "VER: $VER" print_text_in_color "$ICyan" "VER: $VER"
echo "UPSTREAM_ID: $UPSTREAM_ID" print_text_in_color "$ICyan" "UPSTREAM_ID: $UPSTREAM_ID"
exit 0 exit 0
fi fi
# Setup prereqs for server # Setup prereqs for server
# Common named prereqs # Common named prereqs
PREREQ=(curl wget unzip tar) PREREQ=(curl wget unzip tar whiptail)
PREREQDEB=(dnsutils ufw) PREREQDEB=(dnsutils ufw)
PREREQRPM=(bind-utils) PREREQRPM=(bind-utils)
PREREQARCH=(bind) PREREQARCH=(bind)
echo "Installing prerequisites" print_text_in_color "$IGreen" "Installing prerequisites"
if [ "${ID}" = "debian" ] || [ "$OS" = "Ubuntu" ] || [ "$OS" = "Debian" ] || [ "${UPSTREAM_ID}" = "ubuntu" ] || [ "${UPSTREAM_ID}" = "debian" ] if [ "${ID}" = "debian" ] || [ "$OS" = "Ubuntu" ] || [ "$OS" = "Debian" ] || [ "${UPSTREAM_ID}" = "ubuntu" ] || [ "${UPSTREAM_ID}" = "debian" ]
then then
sudo apt-get update sudo apt-get update
@ -98,7 +105,7 @@ then
sudo pacman -Syu sudo pacman -Syu
sudo pacman -S "${PREREQ[@]}" "${PREREQARCH[@]}" sudo pacman -S "${PREREQ[@]}" "${PREREQARCH[@]}"
else else
echo "Unsupported OS" print_text_in_color "$IRed" "Unsupported OS"
# Here you could ask the user for permission to try and install anyway # Here you could ask the user for permission to try and install anyway
# If they say yes, then do the install # If they say yes, then do the install
# If they say no, exit the script # If they say no, exit the script
@ -111,64 +118,79 @@ sudo ufw allow 22/tcp
sudo ufw allow 21116/udp sudo ufw allow 21116/udp
sudo ufw enable sudo ufw enable
# Make folder /var/lib/rustdesk-server/
if [ ! -d "/var/lib/rustdesk-server" ]
then
echo "Creating /var/lib/rustdesk-server"
sudo mkdir -p /var/lib/rustdesk-server/
fi
sudo chown "${usern}" -R /var/lib/rustdesk-server
cd /var/lib/rustdesk-server/ || exit 1
# Download latest version of RustDesk # Download latest version of RustDesk
RDLATEST=$(curl https://api.github.com/repos/rustdesk/rustdesk-server-pro/releases/latest -s | grep "tag_name"| awk '{print substr($2, 2, length($2)-3) }') RDLATEST=$(curl https://api.github.com/repos/rustdesk/rustdesk-server-pro/releases/latest -s | grep "tag_name"| awk '{print substr($2, 2, length($2)-3) }')
echo "Installing RustDesk Server" # Download, extract, and move Rustdesk in place
if [ "${ARCH}" = "x86_64" ] if [ -n "${ARCH}" ]
then then
wget https://github.com/rustdesk/rustdesk-server-pro/releases/download/"${RDLATEST}"/rustdesk-server-linux-amd64.tar.gz # If not /var/lib/rustdesk-server/ ($RUSTDESK_INSTALL_DIR) exists we can assume this is a fresh install. If it exists though, we can't move it and it will produce an error
tar -xf rustdesk-server-linux-amd64.tar.gz if [ ! -d "$RUSTDESK_INSTALL_DIR" ]
mv amd64/static /var/lib/rustdesk-server/ then
sudo mv amd64/hbbr /usr/bin/ print_text_in_color "$IGreen" "Installing RustDesk Server..."
sudo mv amd64/hbbs /usr/bin/ # Create dir
rm -rf amd64/ sudo mkdir -p "$RUSTDESK_INSTALL_DIR"
rm -rf rustdesk-server-linux-amd64.tar.gz if [ -d "$RUSTDESK_INSTALL_DIR" ]
elif [ "${ARCH}" = "armv7l" ] then
then cd "$RUSTDESK_INSTALL_DIR"
wget "https://github.com/rustdesk/rustdesk-server-pro/releases/download/${RDLATEST}/rustdesk-server-linux-armv7.tar.gz" # Set permissions
tar -xf rustdesk-server-linux-armv7.tar.gz sudo chown "${usern}" -R "$RUSTDESK_INSTALL_DIR"
mv armv7/static /var/lib/rustdesk-server/ else
sudo mv armv7/hbbr /usr/bin/ msg_box "It seems like the installation folder wasn't created, we can't continue.
sudo mv armv7/hbbs /usr/bin/ Please report this to: https://github.com/rustdesk/rustdesk-server-pro/issues"
rm -rf armv7/ exit 1
rm -rf rustdesk-server-linux-armv7.tar.gz fi
elif [ "${ARCH}" = "aarch64" ] ; then # Since the name of the actual tar files differs from the output of uname -m we need to rename acutal download file.
wget "https://github.com/rustdesk/rustdesk-server-pro/releases/download/${RDLATEST}/rustdesk-server-linux-arm64v8.tar.gz" # Preferably we would instead rename the download tarballs to the output of uname -m. This would make it possible to run a single $VAR for ARCH.
tar -xf rustdesk-server-linux-arm64v8.tar.gz if [ "${ARCH}" = "x86_64" ]
mv arm64v8/static /var/lib/rustdesk-server/ then
sudo mv arm64v8/hbbr /usr/bin/ ACTUAL_TAR_NAME=amd64
sudo mv arm64v8/hbbs /usr/bin/ elif [ "${ARCH}" = "armv7l" ]
rm -rf arm64v8/ then
rm -rf rustdesk-server-linux-arm64v8.tar.gz ACTUAL_TAR_NAME=armv7
elif [ "${ARCH}" = "aarch64" ]
then
ACTUAL_TAR_NAME=arm64v8
fi
# Download
if ! curl -fSLO --retry 3 https://github.com/rustdesk/rustdesk-server-pro/releases/download/"${RDLATEST}"/rustdesk-server-linux-"${ACTUAL_TAR_NAME}".tar.gz
then
msg_box "Sorry, the installation package failed to download.
This might be temporary, so please try to run the installation script again."
exit 1
fi
# Extract, move in place, and make it executable
tar -xf rustdesk-server-linux-"${ACTUAL_TAR_NAME}".tar.gz
mv "${ACTUAL_TAR_NAME}"/static "$RUSTDESK_INSTALL_DIR"
sudo mv "${ACTUAL_TAR_NAME}"/hbbr /usr/bin/
sudo mv "${ACTUAL_TAR_NAME}"/hbbs /usr/bin/
rm -rf "$RUSTDESK_INSTALL_DIR"/"${ACTUAL_TAR_NAME}"/
rm -rf rustdesk-server-linux-"${ACTUAL_TAR_NAME}".tar.gz
sudo chmod +x /usr/bin/hbbs
sudo chmod +x /usr/bin/hbbr
else
print_text_in_color "$IGreen" "Rustdesk server already installed."
fi
else
msg_box "Sorry, we can't figure out your distro, this script will now exit.
Please report this to: https://github.com/rustdesk/rustdesk-server-pro/issues"
exit 1
fi fi
sudo chmod +x /usr/bin/hbbs
sudo chmod +x /usr/bin/hbbr
# Make folder /var/log/rustdesk-server/ # Make folder /var/log/rustdesk-server/
if [ ! -d "/var/log/rustdesk-server" ] if [ ! -d "$RUSTDESK_LOG_DIR" ]
then then
echo "Creating /var/log/rustdesk-server" print_text_in_color "$IGreen" "Creating $RUSTDESK_LOG_DIR"
sudo mkdir -p /var/log/rustdesk-server/ sudo mkdir -p "$RUSTDESK_LOG_DIR"
fi fi
sudo chown "${usern}" -R /var/log/rustdesk-server/ sudo chown "${usern}" -R "$RUSTDESK_LOG_DIR"
# Setup systemd to launch hbbs # Setup systemd to launch hbbs
if [ ! -f "/etc/systemd/system/rustdesk-hbbs.service" ] if [ ! -f "/etc/systemd/system/rustdesk-hbbs.service" ]
then then
rm -f "/etc/systemd/system/rustdesk-hbbs.service" rm -f "/etc/systemd/system/rustdesk-hbbs.service"
rm -f "/etc/systemd/system/rustdesk-hbbs.service" rm -f "/etc/systemd/system/rustdesk-hbbs.service"
touch "/etc/systemd/system/rustdesk-hbbs.service"
cat << HBBS_RUSTDESK_SERVICE > "/etc/systemd/system/rustdesk-hbbs.service" cat << HBBS_RUSTDESK_SERVICE > "/etc/systemd/system/rustdesk-hbbs.service"
[Unit] [Unit]
Description=RustDesk Signal Server Description=RustDesk Signal Server
@ -176,12 +198,12 @@ Description=RustDesk Signal Server
Type=simple Type=simple
LimitNOFILE=1000000 LimitNOFILE=1000000
ExecStart=/usr/bin/hbbs ExecStart=/usr/bin/hbbs
WorkingDirectory=/var/lib/rustdesk-server/ WorkingDirectory="$RUSTDESK_INSTALL_DIR"
User=${usern} User="${usern}"
Group=${usern} Group="${usern}"
Restart=always Restart=always
StandardOutput=append:/var/log/rustdesk-server/hbbs.log StandardOutput=append:"$RUSTDESK_LOG_DIR"/hbbs.log
StandardError=append:/var/log/rustdesk-server/hbbs.error StandardError=append:"$RUSTDESK_LOG_DIR"/hbbs.error
# Restart service after 10 seconds if node service crashes # Restart service after 10 seconds if node service crashes
RestartSec=10 RestartSec=10
[Install] [Install]
@ -197,6 +219,7 @@ if [ ! -f "/etc/systemd/system/rustdesk-hbbr.service" ]
then then
rm -f "/etc/systemd/system/rustdesk-hbbr.service" rm -f "/etc/systemd/system/rustdesk-hbbr.service"
rm -f "/etc/systemd/system/rustdesk-hbbr.service" rm -f "/etc/systemd/system/rustdesk-hbbr.service"
touch "/etc/systemd/system/rustdesk-hbbr.service"
cat << HBBR_RUSTDESK_SERVICE > "/etc/systemd/system/rustdesk-hbbr.service" cat << HBBR_RUSTDESK_SERVICE > "/etc/systemd/system/rustdesk-hbbr.service"
[Unit] [Unit]
Description=RustDesk Relay Server Description=RustDesk Relay Server
@ -204,12 +227,12 @@ Description=RustDesk Relay Server
Type=simple Type=simple
LimitNOFILE=1000000 LimitNOFILE=1000000
ExecStart=/usr/bin/hbbr ExecStart=/usr/bin/hbbr
WorkingDirectory=/var/lib/rustdesk-server/ WorkingDirectory="$RUSTDESK_INSTALL_DIR"
User=${usern} User="${usern}"
Group=${usern} Group="${usern}"
Restart=always Restart=always
StandardOutput=append:/var/log/rustdesk-server/hbbr.log StandardOutput=append:"$RUSTDESK_LOG_DIR"/hbbr.log
StandardError=append:/var/log/rustdesk-server/hbbr.error StandardError=append:"$RUSTDESK_LOG_DIR"/hbbr.error
# Restart service after 10 seconds if node service crashes # Restart service after 10 seconds if node service crashes
RestartSec=10 RestartSec=10
[Install] [Install]
@ -220,29 +243,19 @@ sudo systemctl daemon-reload
sudo systemctl enable rustdesk-hbbr.service sudo systemctl enable rustdesk-hbbr.service
sudo systemctl start rustdesk-hbbr.service sudo systemctl start rustdesk-hbbr.service
while ! [[ $CHECK_RUSTDESK_READY ]]; do while ! [[ $CHECK_RUSTDESK_READY ]]
CHECK_RUSTDESK_READY=$(sudo systemctl status rustdesk-hbbr.service | grep "Active: active (running)") do
echo -ne "RustDesk Relay not ready yet...${NC}\n" CHECK_RUSTDESK_READY=$(sudo systemctl status rustdesk-hbbr.service | grep "Active: active (running)")
sleep 3 echo -ne "Waiting for RustDesk Relay service${NC}\n"
sleep 2
done done
pubname=$(find /var/lib/rustdesk-server/ -name "*.pub") pubname=$(find "$RUSTDESK_INSTALL_DIR" -name "*.pub")
key=$(cat "${pubname}") key=$(cat "${pubname}")
echo "Tidying up install" echo "Tidying up install"
if [ "${ARCH}" = "x86_64" ] rm -f rustdesk-server-linux-"${ACTUAL_TAR_NAME}".zip
then rm -rf "${ACTUAL_TAR_NAME}"
rm rustdesk-server-linux-amd64.zip
rm -rf amd64
elif [ "${ARCH}" = "armv7l" ]
then
rm rustdesk-server-linux-armv7.zip
rm -rf armv7
elif [ "${ARCH}" = "aarch64" ]
then
rm rustdesk-server-linux-arm64v8.zip
rm -rf arm64v8
fi
# Choice for DNS or IP # Choice for DNS or IP
PS3='Choose your preferred option, IP or DNS/Domain:' PS3='Choose your preferred option, IP or DNS/Domain:'
@ -267,12 +280,21 @@ then
exit 1 exit 1
fi fi
echo "Installing nginx" print_text_in_color "$IGreen" "Installing Nginx"
if [ "${ID}" = "debian" ] || [ "$OS" = "Ubuntu" ] || [ "$OS" = "Debian" ] || [ "${UPSTREAM_ID}" = "ubuntu" ] || [ "${UPSTREAM_ID}" = "debian" ] if [ "${ID}" = "debian" ] || [ "$OS" = "Ubuntu" ] || [ "$OS" = "Debian" ] || [ "${UPSTREAM_ID}" = "ubuntu" ] || [ "${UPSTREAM_ID}" = "debian" ]
then then
sudo apt -y install nginx if yesno_box_yes "We use Certbot to generate the free TLS certificate from Let's Encrypt.
apt -y install snapd The default behaviour of installing Certbot is to use the snap package which auto updates, and provides the latest version of Certbot. If you don't like snap packages, you can opt out now and we'll use regular (old) deb packages instead.
snap install certbot --classic
Do you want to install Certbot with snap? (recommended)"
then
sudo apt-get install nginx -y
sudo apt-get install snapd -y
sudo snap install certbot --classic
else
sudo apt-get install nginx -y
sudo apt-get install python3-certbot-nginx -y
fi
elif [ "$OS" = "CentOS" ] || [ "$OS" = "RedHat" ] || [ "${UPSTREAM_ID}" = "rhel" ] || [ "${OS}" = "Almalinux" ] || [ "${UPSTREAM_ID}" = "Rocky*" ] elif [ "$OS" = "CentOS" ] || [ "$OS" = "RedHat" ] || [ "${UPSTREAM_ID}" = "rhel" ] || [ "${OS}" = "Almalinux" ] || [ "${UPSTREAM_ID}" = "Rocky*" ]
then then
# openSUSE 15.4 fails to run the relay service and hangs waiting for it # openSUSE 15.4 fails to run the relay service and hangs waiting for it
@ -285,7 +307,7 @@ then
sudo pacman -S install nginx sudo pacman -S install nginx
sudo pacman -S install python3-certbot-nginx sudo pacman -S install python3-certbot-nginx
else else
echo "Unsupported OS" print_text_in_color "$IRed" "Unsupported OS"
# Here you could ask the user for permission to try and install anyway # Here you could ask the user for permission to try and install anyway
# If they say yes, then do the install # If they say yes, then do the install
# If they say no, exit the script # If they say no, exit the script
@ -296,6 +318,7 @@ if [ ! -f "/etc/nginx/sites-available/rustdesk.conf" ]
then then
rm -f "/etc/nginx/sites-available/rustdesk.conf" rm -f "/etc/nginx/sites-available/rustdesk.conf"
rm -f "/etc/nginx/sites-enabled/rustdesk.conf" rm -f "/etc/nginx/sites-enabled/rustdesk.conf"
touch "/etc/nginx/sites-available/rustdesk.conf"
cat << NGINX_RUSTDESK_CONF > "/etc/nginx/sites-available/rustdesk.conf" cat << NGINX_RUSTDESK_CONF > "/etc/nginx/sites-available/rustdesk.conf"
server { server {
server_name ${wanip}; server_name ${wanip};
@ -308,22 +331,39 @@ server {
NGINX_RUSTDESK_CONF NGINX_RUSTDESK_CONF
fi fi
# Remove the default Nginx configs
sudo rm -f /etc/nginx/sites-available/default sudo rm -f /etc/nginx/sites-available/default
sudo rm -f /etc/nginx/sites-enabled/default sudo rm -f /etc/nginx/sites-enabled/default
sudo ln -s /etc/nginx/sites-available/rustdesk.conf /etc/nginx/sites-enabled/rustdesk.conf # Enable the Nginx config file
if [ ! -f /etc/nginx/sites-enabled/rustdesk.conf ]
then
sudo ln -s /etc/nginx/sites-available/rustdesk.conf /etc/nginx/sites-enabled/rustdesk.conf
fi
# Enable firewall rules for the domain
sudo ufw allow 80/tcp sudo ufw allow 80/tcp
sudo ufw allow 443/tcp sudo ufw allow 443/tcp
sudo ufw enable && ufw reload sudo ufw enable
sudo ufw reload
sudo certbot --nginx --cert-name "${wanip}" --key-type ecdsa --renew-by-default --no-eff-email --agree-tos --server https://acme-v02.api.letsencrypt.org/directory -d "${wanip}" # Generate the certifictae
if ! sudo certbot --nginx --cert-name "${wanip}" --key-type ecdsa --renew-by-default --no-eff-email --agree-tos --server https://acme-v02.api.letsencrypt.org/directory -d "${wanip}"
then
msg_box "Sorry, the TLS certificate for $wanip failed to generate!
Please check that port 80/443 are correctly port forwarded, and that the DNS record points to this servers IP.
Please try again."
exit
fi
break break
;; ;;
*) echo "Invalid option $REPLY";; *) print_text_in_color "$IRed" "Invalid option $REPLY";;
esac esac
done done
echo -e "Your IP/DNS Address is ${wanip}" print_text_in_color "$IGreen" "Your IP/DNS Address is:"
echo -e "Your public key is ${key}" print_text_in_color "$ICyan" "$wanip"
print_text_in_color "$IGreen" "Your public key is:"
print_text_in_color "$ICyan" "$key"