rustdesk/rustdesk-server-pro
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #96 from enoch85/patch-1

Browse Source 
Use Snap instead for Certbot + fix Shellcheck, and improve code quailty
This commit is contained in:
RustDesk
2023-10-04 00:54:20 +08:00
committed by GitHub
parent c2fa493407 c7da348133
commit b57eb8854d
2 changed files with 552 additions and 181 deletions
Download Patch File Download Diff File Expand all files Collapse all files

591
install.sh
View File

@@ -1,51 +1,86 @@
#!/bin/bash #!/bin/bash
# shellcheck disable=SC2034
true
# see https://github.com/koalaman/shellcheck/wiki/Directive
# This script will do the following to install RustDesk Server Pro # This script will do the following to install RustDesk Server Pro
# 1. Install some dependencies # 1. Install some dependencies
# 2. Setup UFW firewall if available # 2. Setup UFW firewall if available
# 3. Create 2 folders /var/lib/rustdesk-server and /var/log/rustdesk-server # 3. Create 2 folders /var/lib/rustdesk-server and /var/log/rustdesk-server ("$RUSTDESK_LOG_DIR")
# 4. Download and extract RustDesk Pro Services to the above folder # 4. Download and extract RustDesk Pro Services to the above folder
# 5. Create systemd services for hbbs and hbbr # 5. Create systemd services for hbbs and hbbr
# 6. If you choose Domain, it will install Nginx and Certbot, allowing the API to be available on port 443 (https) and get an SSL certificate over port 80, it is automatically renewed # 6. If you choose Domain, it will install Nginx and Certbot, allowing the API to be available on port 443 (https) and get an SSL certificate over port 80, it is automatically renewed
# Get username # Download the lib file
usern=$(whoami) if ! curl -fSL --retry 3 https://raw.githubusercontent.com/rustdesk/rustdesk-server-pro/main/lib.sh -o /tmp/lib.sh
admintoken=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c16) then
echo "Failed to download the lib.sh file. Please try again"
exit 1
fi
# shellcheck disable=2034,2059,2164
true
# shellcheck source=lib.sh
source /tmp/lib.sh
if [[ "$EUID" -ne 0 ]]
then
msg_box "Sorry, you are not root. You now have two options:
1. Use SUDO directly:
a) :~$ sudo bash install.sh
2. Become ROOT and then type your command:
a) :~$ sudo -i
b) :~# bash install.sh
More information can be found here: https://unix.stackexchange.com/a/3064"
exit 1
fi
ARCH=$(uname -m) ARCH=$(uname -m)
# Identify OS # Identify OS
if [ -f /etc/os-release ]; then if [ -f /etc/os-release ]
then
# freedesktop.org and systemd # freedesktop.org and systemd
. /etc/os-release # shellcheck source=/dev/null
source /etc/os-release
OS=$NAME OS=$NAME
VER=$VERSION_ID VER=$VERSION_ID
UPSTREAM_ID=${ID_LIKE,,} UPSTREAM_ID=${ID_LIKE,,}
# Fallback to ID_LIKE if ID was not 'ubuntu' or 'debian' # Fallback to ID_LIKE if ID was not 'ubuntu' or 'debian'
if [ "${UPSTREAM_ID}" != "debian" ] && [ "${UPSTREAM_ID}" != "ubuntu" ]; then if [ "${UPSTREAM_ID}" != "debian" ] && [ "${UPSTREAM_ID}" != "ubuntu" ]
UPSTREAM_ID="$(echo ${ID_LIKE,,} | sed s/\"//g | cut -d' ' -f1)" then
UPSTREAM_ID="$(echo "${ID_LIKE,,}" | sed s/\"//g | cut -d' ' -f1)"
fi fi
elif type lsb_release >/dev/null 2>&1; then elif type lsb_release >/dev/null 2>&1
then
# linuxbase.org # linuxbase.org
OS=$(lsb_release -si) OS=$(lsb_release -si)
VER=$(lsb_release -sr) VER=$(lsb_release -sr)
elif [ -f /etc/lsb-release ]; then elif [ -f /etc/lsb-release ]
then
# For some versions of Debian/Ubuntu without lsb_release command # For some versions of Debian/Ubuntu without lsb_release command
. /etc/lsb-release # shellcheck source=/dev/null
source /etc/os-release
OS=$DISTRIB_ID OS=$DISTRIB_ID
VER=$DISTRIB_RELEASE VER=$DISTRIB_RELEASE
elif [ -f /etc/debian_version ]; then elif [ -f /etc/debian_version ]
then
# Older Debian, Ubuntu, etc. # Older Debian, Ubuntu, etc.
OS=Debian OS=Debian
VER=$(cat /etc/debian_version) VER=$(cat /etc/debian_version)
elif [ -f /etc/SuSE-release ]; then elif [ -f /etc/SuSE-release ]
then
# Older SuSE, etc. # Older SuSE, etc.
OS=SuSE OS=SuSE
VER=$(cat /etc/SuSE-release) VER=$(cat /etc/SuSE-release)
elif [ -f /etc/redhat-release ]; then elif [ -f /etc/redhat-release ]
then
# Older Red Hat, CentOS, etc. # Older Red Hat, CentOS, etc.
OS=RedHat OS=RedHat
VER=$(cat /etc/redhat-release) VER=$(cat /etc/redhat-release)
@@ -55,37 +90,68 @@ else
VER=$(uname -r) VER=$(uname -r)
fi fi
# shellcheck disable=2034,2059,2164
true
# shellcheck source=lib.sh
source /tmp/lib.sh
# Select user for installation
msg_box "Rustdesk needs to be installed as root, but you can still do some parts as an unprivileged user.
Running with an unprivileged user enhances security, and is recommended."
if yesno_box_yes "Do you want to use an unprivileged user where it's possible?"
then
while :
do
RUSTDESK_USER=$(input_box_flow "Please enter the name of your non-root user:")
if ! id "$RUSTDESK_USER"
then
msg_box "We couldn't find $RUSTDESK_USER on the system, are you sure it's correct?
Please try again."
else
break
fi
done
run_as_non_root_user() {
sudo -u "$RUSTDESK_USER" "$@";
}
fi
# Output debugging info if $DEBUG set # Output debugging info if $DEBUG set
if [ "$DEBUG" = "true" ]; then if [ "$DEBUG" = "true" ]
echo "OS: $OS" then
echo "VER: $VER" print_text_in_color "$ICyan" "OS: $OS"
echo "UPSTREAM_ID: $UPSTREAM_ID" print_text_in_color "$ICyan" "VER: $VER"
print_text_in_color "$ICyan" "UPSTREAM_ID: $UPSTREAM_ID"
exit 0 exit 0
fi fi
# Setup prereqs for server # Setup prereqs for server
# Common named prereqs # Common named prereqs
PREREQ="curl wget unzip tar" PREREQ=(curl wget unzip tar whiptail)
PREREQDEB="dnsutils ufw" PREREQDEB=(dnsutils ufw)
PREREQRPM="bind-utils" PREREQRPM=(bind-utils)
PREREQARCH="bind" PREREQARCH=(bind)
echo "Installing prerequisites" print_text_in_color "$IGreen" "Installing prerequisites"
if [ "${ID}" = "debian" ] || [ "$OS" = "Ubuntu" ] || [ "$OS" = "Debian" ] || [ "${UPSTREAM_ID}" = "ubuntu" ] || [ "${UPSTREAM_ID}" = "debian" ]; then if [ "${ID}" = "debian" ] || [ "$OS" = "Ubuntu" ] || [ "$OS" = "Debian" ] || [ "${UPSTREAM_ID}" = "ubuntu" ] || [ "${UPSTREAM_ID}" = "debian" ]
sudo apt-get update then
sudo apt-get install -y ${PREREQ} ${PREREQDEB} # git apt-get update
elif [ "$OS" = "CentOS" ] || [ "$OS" = "RedHat" ] || [ "${UPSTREAM_ID}" = "rhel" ] || [ "${OS}" = "Almalinux" ] || [ "${UPSTREAM_ID}" = "Rocky*" ] ; then apt-get install -y "${PREREQ[@]}" "${PREREQDEB[@]}" # git
elif [ "$OS" = "CentOS" ] || [ "$OS" = "RedHat" ] || [ "${UPSTREAM_ID}" = "rhel" ] || [ "${OS}" = "Almalinux" ] || [ "${UPSTREAM_ID}" = "Rocky*" ]
then
# openSUSE 15.4 fails to run the relay service and hangs waiting for it # openSUSE 15.4 fails to run the relay service and hangs waiting for it
# Needs more work before it can be enabled # Needs more work before it can be enabled
# || [ "${UPSTREAM_ID}" = "suse" ] # || [ "${UPSTREAM_ID}" = "suse" ]
sudo yum update -y yum update -y
sudo yum install -y ${PREREQ} ${PREREQRPM} # git yum install -y "${PREREQ[@]}" "${PREREQRPM[@]}" # git
elif [ "${ID}" = "arch" ] || [ "${UPSTREAM_ID}" = "arch" ]; then elif [ "${ID}" = "arch" ] || [ "${UPSTREAM_ID}" = "arch" ]
sudo pacman -Syu then
sudo pacman -S ${PREREQ} ${PREREQARCH} pacman -Syu
pacman -S "${PREREQ[@]}" "${PREREQARCH[@]}"
else else
echo "Unsupported OS" print_text_in_color "$IRed" "Unsupported OS"
# Here you could ask the user for permission to try and install anyway # Here you could ask the user for permission to try and install anyway
# If they say yes, then do the install # If they say yes, then do the install
# If they say no, exit the script # If they say no, exit the script
@@ -93,207 +159,370 @@ else
fi fi
# Setting up firewall # Setting up firewall
sudo ufw allow 21115:21119/tcp ufw allow 21115:21119/tcp
sudo ufw allow 22/tcp ufw allow 22/tcp
sudo ufw allow 21116/udp ufw allow 21116/udp
sudo ufw enable ufw enable
# Make folder /var/lib/rustdesk-server/
if [ ! -d "/var/lib/rustdesk-server" ]; then
echo "Creating /var/lib/rustdesk-server"
sudo mkdir -p /var/lib/rustdesk-server/
fi
sudo chown "${usern}" -R /var/lib/rustdesk-server
cd /var/lib/rustdesk-server/ || exit 1
# Download latest version of RustDesk # Download latest version of RustDesk
RDLATEST=$(curl https://api.github.com/repos/rustdesk/rustdesk-server-pro/releases/latest -s | grep "tag_name"| awk '{print substr($2, 2, length($2)-3) }') RDLATEST=$(curl https://api.github.com/repos/rustdesk/rustdesk-server-pro/releases/latest -s | grep "tag_name"| awk '{print substr($2, 2, length($2)-3) }')
echo "Installing RustDesk Server" # Download, extract, and move Rustdesk in place
if [ "${ARCH}" = "x86_64" ] ; then if [ -n "${ARCH}" ]
wget https://github.com/rustdesk/rustdesk-server-pro/releases/download/${RDLATEST}/rustdesk-server-linux-amd64.tar.gz then
tar -xf rustdesk-server-linux-amd64.tar.gz # If not /var/lib/rustdesk-server/ ($RUSTDESK_INSTALL_DIR) exists we can assume this is a fresh install. If it exists though, we can't move it and it will produce an error
mv amd64/static /var/lib/rustdesk-server/ if [ ! -d "$RUSTDESK_INSTALL_DIR" ]
sudo mv amd64/hbbr /usr/bin/ then
sudo mv amd64/hbbs /usr/bin/ print_text_in_color "$IGreen" "Installing RustDesk Server..."
rm -rf amd64/ # Create dir
rm -rf rustdesk-server-linux-amd64.tar.gz mkdir -p "$RUSTDESK_INSTALL_DIR"
elif [ "${ARCH}" = "armv7l" ] ; then if [ -d "$RUSTDESK_INSTALL_DIR" ]
wget "https://github.com/rustdesk/rustdesk-server-pro/releases/download/${RDLATEST}/rustdesk-server-linux-armv7.tar.gz" then
tar -xf rustdesk-server-linux-armv7.tar.gz cd "$RUSTDESK_INSTALL_DIR"
mv armv7/static /var/lib/rustdesk-server/ else
sudo mv armv7/hbbr /usr/bin/ msg_box "It seems like the installation folder wasn't created, we can't continue.
sudo mv armv7/hbbs /usr/bin/ Please report this to: https://github.com/rustdesk/rustdesk-server-pro/issues"
rm -rf armv7/ exit 1
rm -rf rustdesk-server-linux-armv7.tar.gz fi
elif [ "${ARCH}" = "aarch64" ] ; then # Since the name of the actual tar files differs from the output of uname -m we need to rename acutal download file.
wget "https://github.com/rustdesk/rustdesk-server-pro/releases/download/${RDLATEST}/rustdesk-server-linux-arm64v8.tar.gz" # Preferably we would instead rename the download tarballs to the output of uname -m. This would make it possible to run a single $VAR for ARCH.
tar -xf rustdesk-server-linux-arm64v8.tar.gz if [ "${ARCH}" = "x86_64" ]
mv arm64v8/static /var/lib/rustdesk-server/ then
sudo mv arm64v8/hbbr /usr/bin/ ACTUAL_TAR_NAME=amd64
sudo mv arm64v8/hbbs /usr/bin/ elif [ "${ARCH}" = "armv7l" ]
rm -rf arm64v8/ then
rm -rf rustdesk-server-linux-arm64v8.tar.gz ACTUAL_TAR_NAME=armv7
elif [ "${ARCH}" = "aarch64" ]
then
ACTUAL_TAR_NAME=arm64v8
fi
# Download
if ! curl -fSLO --retry 3 https://github.com/rustdesk/rustdesk-server-pro/releases/download/"${RDLATEST}"/rustdesk-server-linux-"${ACTUAL_TAR_NAME}".tar.gz
then
msg_box "Sorry, the installation package failed to download.
This might be temporary, so please try to run the installation script again."
exit 1
fi
# Extract, move in place, and make it executable
tar -xf rustdesk-server-linux-"${ACTUAL_TAR_NAME}".tar.gz
# Set permissions
if [ -n "$RUSTDESK_USER" ]
then
chown "$RUSTDESK_USER":"$RUSTDESK_USER" -R "$RUSTDESK_INSTALL_DIR"
fi
# Move as root if RUSTDESK_USER is not set.
if [ -n "$RUSTDESK_USER" ]
then
run_as_non_root_user mv "${ACTUAL_TAR_NAME}"/static "$RUSTDESK_INSTALL_DIR"
else
mv "${ACTUAL_TAR_NAME}"/static "$RUSTDESK_INSTALL_DIR"
fi
mv "${ACTUAL_TAR_NAME}"/hbbr /usr/bin/
mv "${ACTUAL_TAR_NAME}"/hbbs /usr/bin/
rm -rf "$RUSTDESK_INSTALL_DIR"/"${ACTUAL_TAR_NAME:?}"
rm -rf rustdesk-server-linux-"${ACTUAL_TAR_NAME}".tar.gz
chmod +x /usr/bin/hbbs
chmod +x /usr/bin/hbbr
if [ -n "$RUSTDESK_USER" ]
then
chown "$RUSTDESK_USER":"$RUSTDESK_USER" -R /usr/bin/hbbr
chown "$RUSTDESK_USER":"$RUSTDESK_USER" -R /usr/bin/hbbr
fi
else
print_text_in_color "$IGreen" "Rustdesk server already installed."
fi
else
msg_box "Sorry, we can't figure out your distro, this script will now exit.
Please report this to: https://github.com/rustdesk/rustdesk-server-pro/issues"
exit 1
fi fi
sudo chmod +x /usr/bin/hbbs
sudo chmod +x /usr/bin/hbbr
# Make folder /var/log/rustdesk-server/ # Make folder /var/log/rustdesk-server/
if [ ! -d "/var/log/rustdesk-server" ]; then if [ ! -d "$RUSTDESK_LOG_DIR" ]
echo "Creating /var/log/rustdesk-server" then
sudo mkdir -p /var/log/rustdesk-server/ print_text_in_color "$IGreen" "Creating $RUSTDESK_LOG_DIR"
install -d -m 700 "$RUSTDESK_LOG_DIR"
# Set permissions
if [ -n "$RUSTDESK_USER" ]
then
chown -R "$RUSTDESK_USER":"$RUSTDESK_USER" "$RUSTDESK_LOG_DIR"
fi
fi fi
sudo chown "${usern}" -R /var/log/rustdesk-server/
# Setup systemd to launch hbbs # Setup systemd to launch hbbs
rustdeskhbbs="$(cat << EOF if [ -f "/etc/systemd/system/rustdesk-hbbs.service" ]
then
systemctl stop rustdesk-hbbs.service
rm -f "/etc/systemd/system/rustdesk-hbbs.service"
systemctl daemon-reload
touch "/etc/systemd/system/rustdesk-hbbs.service"
if [ -n "$RUSTDESK_USER" ]
then
cat << HBBS_RUSTDESK_SERVICE > "/etc/systemd/system/rustdesk-hbbs.service"
[Unit] [Unit]
Description=RustDesk Signal Server Description=RustDesk Signal Server
[Service] [Service]
Type=simple Type=simple
LimitNOFILE=1000000 LimitNOFILE=1000000
ExecStart=/usr/bin/hbbs ExecStart=/usr/bin/hbbs
WorkingDirectory=/var/lib/rustdesk-server/ WorkingDirectory=$RUSTDESK_INSTALL_DIR
User=${usern} User=${RUSTDESK_USER}
Group=${usern} Group=${RUSTDESK_USER}
Restart=always Restart=always
StandardOutput=append:/var/log/rustdesk-server/hbbs.log StandardOutput=append:$RUSTDESK_LOG_DIR/hbbs.log
StandardError=append:/var/log/rustdesk-server/hbbs.error StandardError=append:$RUSTDESK_LOG_DIR/hbbs.error
# Restart service after 10 seconds if node service crashes # Restart service after 10 seconds if node service crashes
RestartSec=10 RestartSec=10
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target
EOF HBBS_RUSTDESK_SERVICE
)" else
echo "${rustdeskhbbs}" | sudo tee /etc/systemd/system/rustdesk-hbbs.service > /dev/null cat << HBBS_RUSTDESK_SERVICE > "/etc/systemd/system/rustdesk-hbbs.service"
sudo systemctl daemon-reload [Unit]
sudo systemctl enable rustdesk-hbbs.service Description=RustDesk Signal Server
sudo systemctl start rustdesk-hbbs.service [Service]
Type=simple
LimitNOFILE=1000000
ExecStart=/usr/bin/hbbs
WorkingDirectory=$RUSTDESK_INSTALL_DIR
User=root
Group=root
Restart=always
StandardOutput=append:$RUSTDESK_LOG_DIR/hbbs.log
StandardError=append:$RUSTDESK_LOG_DIR/hbbs.error
# Restart service after 10 seconds if node service crashes
RestartSec=10
[Install]
WantedBy=multi-user.target
HBBS_RUSTDESK_SERVICE
fi
fi
systemctl daemon-reload
systemctl enable rustdesk-hbbs.service
systemctl start rustdesk-hbbs.service
# Setup systemd to launch hbbr # Setup systemd to launch hbbr
rustdeskhbbr="$(cat << EOF if [ -f "/etc/systemd/system/rustdesk-hbbr.service" ]
then
systemctl stop rustdesk-hbbs.service
rm -f "/etc/systemd/system/rustdesk-hbbr.service"
systemctl daemon-reload
touch "/etc/systemd/system/rustdesk-hbbr.service"
if [ -n "$RUSTDESK_USER" ]
then
cat << HBBR_RUSTDESK_SERVICE > "/etc/systemd/system/rustdesk-hbbr.service"
[Unit] [Unit]
Description=RustDesk Relay Server Description=RustDesk Relay Server
[Service] [Service]
Type=simple Type=simple
LimitNOFILE=1000000 LimitNOFILE=1000000
ExecStart=/usr/bin/hbbr ExecStart=/usr/bin/hbbr
WorkingDirectory=/var/lib/rustdesk-server/ WorkingDirectory=$RUSTDESK_INSTALL_DIR
User=${usern} User=${RUSTDESK_USER}
Group=${usern} Group=${RUSTDESK_USER}
Restart=always Restart=always
StandardOutput=append:/var/log/rustdesk-server/hbbr.log StandardOutput=append:$RUSTDESK_LOG_DIR/hbbr.log
StandardError=append:/var/log/rustdesk-server/hbbr.error StandardError=append:$RUSTDESK_LOG_DIR/hbbr.error
# Restart service after 10 seconds if node service crashes # Restart service after 10 seconds if node service crashes
RestartSec=10 RestartSec=10
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target
EOF HBBR_RUSTDESK_SERVICE
)" else
echo "${rustdeskhbbr}" | sudo tee /etc/systemd/system/rustdesk-hbbr.service > /dev/null cat << HBBR_RUSTDESK_SERVICE > "/etc/systemd/system/rustdesk-hbbr.service"
sudo systemctl daemon-reload [Unit]
sudo systemctl enable rustdesk-hbbr.service Description=RustDesk Relay Server
sudo systemctl start rustdesk-hbbr.service [Service]
Type=simple
LimitNOFILE=1000000
ExecStart=/usr/bin/hbbr
WorkingDirectory=$RUSTDESK_INSTALL_DIR
User=root
Group=root
Restart=always
StandardOutput=append:$RUSTDESK_LOG_DIR/hbbr.log
StandardError=append:$RUSTDESK_LOG_DIR/hbbr.error
# Restart service after 10 seconds if node service crashes
RestartSec=10
[Install]
WantedBy=multi-user.target
HBBR_RUSTDESK_SERVICE
fi
fi
systemctl daemon-reload
systemctl enable rustdesk-hbbr.service
systemctl start rustdesk-hbbr.service
while ! [[ $CHECK_RUSTDESK_READY ]]; do while :
CHECK_RUSTDESK_READY=$(sudo systemctl status rustdesk-hbbr.service | grep "Active: active (running)") do
echo -ne "RustDesk Relay not ready yet...${NC}\n" if ! systemctl status rustdesk-hbbr.service | grep "Active: active (running)"
sleep 3 then
sleep 2
print_text_in_color "$ICyan" "Waiting for RustDesk Relay service to become active..."
else
break
fi
done done
pubname=$(find /var/lib/rustdesk-server/ -name "*.pub") while :
key=$(cat "${pubname}") do
PUBKEYNAME=$(find "$RUSTDESK_INSTALL_DIR" -name "*.pub")
if [ -z "$PUBKEYNAME" ]
then
print_text_in_color "$ICyan" "Checking if public key is generated..."
sleep 5
else
print_text_in_color "$IGreen" "Pubilc key path: $PUBKEYNAME"
PUBLICKEY=$(cat "$PUBKEYNAME")
break
fi
done
echo "Tidying up install" echo "Tidying up install"
if [ "${ARCH}" = "x86_64" ] ; then rm -f rustdesk-server-linux-"${ACTUAL_TAR_NAME}".zip
rm rustdesk-server-linux-amd64.zip rm -rf "${ACTUAL_TAR_NAME}"
rm -rf amd64
elif [ "${ARCH}" = "armv7l" ] ; then
rm rustdesk-server-linux-armv7.zip
rm -rf armv7
elif [ "${ARCH}" = "aarch64" ] ; then
rm rustdesk-server-linux-arm64v8.zip
rm -rf arm64v8
fi
# Choice for DNS or IP
PS3='Choose your preferred option, IP or DNS/Domain:'
WAN=("IP" "DNS/Domain")
select WANOPT in "${WAN[@]}"; do
case $WANOPT in
"IP")
wanip=$(dig @resolver4.opendns.com myip.opendns.com +short)
sudo ufw allow 21114/tcp
sudo ufw enable && ufw reload
break
;;
"DNS/Domain") choice=$(whiptail --title "Rustdesk installation script" --menu \
echo -ne "Enter your preferred domain/DNS address ${NC}: " "Choose your preferred option, IP or DNS/Domain:
read wanip
# Check wanip is valid domain
if ! [[ $wanip =~ ^[a-zA-Z0-9]+([a-zA-Z0-9.-]*[a-zA-Z0-9]+)?$ ]]; then
echo -e "${RED}Invalid domain/DNS address${NC}"
exit 1
fi
echo "Installing nginx" DNS = Setup Rustdesk with TLS and your own domain
if [ "${ID}" = "debian" ] || [ "$OS" = "Ubuntu" ] || [ "$OS" = "Debian" ] || [ "${UPSTREAM_ID}" = "ubuntu" ] || [ "${UPSTREAM_ID}" = "debian" ]; then IP = You don't have a domain, only plain IP
sudo apt -y install nginx $MENU_GUIDE\n\n$RUN_LATER_GUIDE" "$WT_HEIGHT" "$WT_WIDTH" 4 \
sudo apt -y install python3-certbot-nginx "DNS" "(e.g. rustdesk.example.com)" \
elif [ "$OS" = "CentOS" ] || [ "$OS" = "RedHat" ] || [ "${UPSTREAM_ID}" = "rhel" ] || [ "${OS}" = "Almalinux" ] || [ "${UPSTREAM_ID}" = "Rocky*" ] ; then "IP" "($WANIP4)" 3>&1 1>&2 2>&3)
# openSUSE 15.4 fails to run the relay service and hangs waiting for it
# Needs more work before it can be enabled
# || [ "${UPSTREAM_ID}" = "suse" ]
sudo yum -y install nginx
sudo yum -y install python3-certbot-nginx
elif [ "${ID}" = "arch" ] || [ "${UPSTREAM_ID}" = "arch" ]; then
sudo pacman -S install nginx
sudo pacman -S install python3-certbot-nginx
else
echo "Unsupported OS"
# Here you could ask the user for permission to try and install anyway
# If they say yes, then do the install
# If they say no, exit the script
exit 1
fi
rustdesknginx="$( case "$choice" in
cat <<EOF "DNS")
# Enter domain
while :
do
RUSTDESK_DOMAIN=$(input_box_flow "Please enter your domain, e.g. rustdesk.example.com")
DIG=$(dig +short "${RUSTDESK_DOMAIN}" @resolver1.opendns.com)
if ! [[ "$RUSTDESK_DOMAIN" =~ ^[a-zA-Z0-9]+([a-zA-Z0-9.-]*[a-zA-Z0-9]+)?$ ]]
then
msg_box "$RUSTDESK_DOMAIN is an invalid domain/DNS address! Please try again."
else
break
fi
done
# Check if DNS are forwarded correctly
if dig +short "$RUSTDESK_DOMAIN" @resolver1.opendns.com | grep -q "$WANIP4"
then
print_text_in_color "$IGreen" "DNS seems correct when checking with dig!"
else
msg_box "DNS lookup failed with dig. The external IP ($WANIP4) \
address of this server is not the same as the A-record ($DIG).
Please check your DNS settings! Maybe the domain hasn't propagated?
Please check https://www.whatsmydns.net/#A/${RUSTDESK_DOMAIN} if the IP seems correct."
exit 1
fi
print_text_in_color "$IGreen" "Installing Nginx"
if [ "${ID}" = "debian" ] || [ "$OS" = "Ubuntu" ] || [ "$OS" = "Debian" ] || [ "${UPSTREAM_ID}" = "ubuntu" ] || [ "${UPSTREAM_ID}" = "debian" ]
then
if yesno_box_yes "We use Certbot to generate the free TLS certificate from Let's Encrypt.
The default behavior of installing Certbot is to use the snap package which auto updates, and provides the latest version of Certbot. If you don't like snap packages, you can opt out now and we'll use regular (old) deb packages instead.
Do you want to install Certbot with snap? (recommended)"
then
apt-get install nginx -y
apt-get install snapd -y
snap install certbot --classic
else
apt-get install nginx -y
apt-get install python3-certbot-nginx -y
fi
elif [ "$OS" = "CentOS" ] || [ "$OS" = "RedHat" ] || [ "${UPSTREAM_ID}" = "rhel" ] || [ "${OS}" = "Almalinux" ] || [ "${UPSTREAM_ID}" = "Rocky*" ]
then
# openSUSE 15.4 fails to run the relay service and hangs waiting for it
# Needs more work before it can be enabled
# || [ "${UPSTREAM_ID}" = "suse" ]
yum -y install nginx
yum -y install python3-certbot-nginx
elif [ "${ID}" = "arch" ] || [ "${UPSTREAM_ID}" = "arch" ]
then
pacman -S install nginx
pacman -S install python3-certbot-nginx
else
msg_box "Sorry, your OS is unsupported"
if ! yesno_box_no "It might work anyway though... Do you want to continue anyway?"
then
exit 1
fi
fi
if [ ! -f "/etc/nginx/sites-available/rustdesk.conf" ]
then
rm -f "/etc/nginx/sites-available/rustdesk.conf"
rm -f "/etc/nginx/sites-enabled/rustdesk.conf"
touch "/etc/nginx/sites-available/rustdesk.conf"
cat << NGINX_RUSTDESK_CONF > "/etc/nginx/sites-available/rustdesk.conf"
server { server {
server_name ${wanip}; server_name ${RUSTDESK_DOMAIN};
location / { location / {
proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:21114/; proxy_pass http://127.0.0.1:21114/;
}
} }
} NGINX_RUSTDESK_CONF
EOF fi
)"
echo "${rustdesknginx}" | sudo tee /etc/nginx/sites-available/rustdesk.conf >/dev/null
sudo rm /etc/nginx/sites-available/default # Remove the default Nginx configs
sudo rm /etc/nginx/sites-enabled/default rm -f /etc/nginx/sites-available/default
rm -f /etc/nginx/sites-enabled/default
sudo ln -s /etc/nginx/sites-available/rustdesk.conf /etc/nginx/sites-enabled/rustdesk.conf # Enable the Nginx config file
if [ ! -f /etc/nginx/sites-enabled/rustdesk.conf ]
then
ln -s /etc/nginx/sites-available/rustdesk.conf /etc/nginx/sites-enabled/rustdesk.conf
fi
sudo ufw allow 80/tcp # Enable firewall rules for the domain
sudo ufw allow 443/tcp ufw allow 80/tcp
ufw allow 443/tcp
ufw enable
ufw reload
sudo ufw enable && ufw reload # Generate the certifictae
if ! certbot --nginx --cert-name "${RUSTDESK_DOMAIN}" --key-type ecdsa --renew-by-default --no-eff-email --agree-tos --server https://acme-v02.api.letsencrypt.org/directory -d "${RUSTDESK_DOMAIN}"
then
msg_box "Sorry, the TLS certificate for $RUSTDESK_DOMAIN failed to generate!
Please check that port 80/443 are correctly port forwarded, and that the DNS record points to this servers IP.
sudo certbot --nginx -d ${wanip} Please try again."
exit
break fi
;; ;;
*) echo "Invalid option $REPLY";; "IP")
ufw allow 21114/tcp
ufw enable
ufw reload
;;
*)
;;
esac esac
done
echo -e "Your IP/DNS Address is ${wanip}" # Display final info!
echo -e "Your public key is ${key}" if [ -n "$RUSTDESK_DOMAIN" ]
then
msg_box "
Your Public Key is:
$PUBLICKEY
Your DNS Address is:
$RUSTDESK_DOMAIN
Please login at https://$RUSTDESK_DOMAIN"
else
msg_box "
Your Public Key is:
$PUBLICKEY
Your IP Address is:
$WANIP4
Please login at http://$WANIP4"
fi

142
lib.sh Normal file
View File

@@ -0,0 +1,142 @@
#!/bin/bash
# shellcheck disable=SC2034
true
# see https://github.com/koalaman/shellcheck/wiki/Directive
############ Variables
RUSTDESK_INSTALL_DIR=/var/lib/rustdesk-server
RUSTDESK_LOG_DIR=/var/log/rustdesk-server
WANIP4=$(curl -s -k -m 5 -4 https://api64.ipify.org)
############ Functions
print_text_in_color() {
printf "%b%s%b\n" "$1" "$2" "$Color_Off"
}
msg_box() {
[ -n "$2" ] && local SUBTITLE=" - $2"
whiptail --title "$TITLE$SUBTITLE" --msgbox "$1" "$WT_HEIGHT" "$WT_WIDTH" 3>&1 1>&2 2>&3
}
yesno_box_yes() {
[ -n "$2" ] && local SUBTITLE=" - $2"
if (whiptail --title "$TITLE$SUBTITLE" --yesno "$1" "$WT_HEIGHT" "$WT_WIDTH" 3>&1 1>&2 2>&3)
then
return 0
else
return 1
fi
}
yesno_box_no() {
[ -n "$2" ] && local SUBTITLE=" - $2"
if (whiptail --title "$TITLE$SUBTITLE" --defaultno --yesno "$1" "$WT_HEIGHT" "$WT_WIDTH" 3>&1 1>&2 2>&3)
then
return 0
else
return 1
fi
}
input_box() {
[ -n "$2" ] && local SUBTITLE=" - $2"
local RESULT && RESULT=$(whiptail --title "$TITLE$SUBTITLE" --nocancel --inputbox "$1" "$WT_HEIGHT" "$WT_WIDTH" 3>&1 1>&2 2>&3)
echo "$RESULT"
}
input_box_flow() {
local RESULT
while :
do
RESULT=$(input_box "$1" "$2")
if [ -z "$RESULT" ]
then
msg_box "Input is empty, please try again." "$2"
elif ! yesno_box_yes "Is this correct? $RESULT" "$2"
then
msg_box "OK, please try again." "$2"
else
break
fi
done
echo "$RESULT"
}
## bash colors
# Reset
Color_Off='\e[0m' # Text Reset
# Regular Colors
Black='\e[0;30m' # Black
Red='\e[0;31m' # Red
Green='\e[0;32m' # Green
Yellow='\e[0;33m' # Yellow
Blue='\e[0;34m' # Blue
Purple='\e[0;35m' # Purple
Cyan='\e[0;36m' # Cyan
White='\e[0;37m' # White
# Bold
BBlack='\e[1;30m' # Black
BRed='\e[1;31m' # Red
BGreen='\e[1;32m' # Green
BYellow='\e[1;33m' # Yellow
BBlue='\e[1;34m' # Blue
BPurple='\e[1;35m' # Purple
BCyan='\e[1;36m' # Cyan
BWhite='\e[1;37m' # White
# Underline
UBlack='\e[4;30m' # Black
URed='\e[4;31m' # Red
UGreen='\e[4;32m' # Green
UYellow='\e[4;33m' # Yellow
UBlue='\e[4;34m' # Blue
UPurple='\e[4;35m' # Purple
UCyan='\e[4;36m' # Cyan
UWhite='\e[4;37m' # White
# Background
On_Black='\e[40m' # Black
On_Red='\e[41m' # Red
On_Green='\e[42m' # Green
On_Yellow='\e[43m' # Yellow
On_Blue='\e[44m' # Blue
On_Purple='\e[45m' # Purple
On_Cyan='\e[46m' # Cyan
On_White='\e[47m' # White
# High Intensity
IBlack='\e[0;90m' # Black
IRed='\e[0;91m' # Red
IGreen='\e[0;92m' # Green
IYellow='\e[0;93m' # Yellow
IBlue='\e[0;94m' # Blue
IPurple='\e[0;95m' # Purple
ICyan='\e[0;96m' # Cyan
IWhite='\e[0;97m' # White
# Bold High Intensity
BIBlack='\e[1;90m' # Black
BIRed='\e[1;91m' # Red
BIGreen='\e[1;92m' # Green
BIYellow='\e[1;93m' # Yellow
BIBlue='\e[1;94m' # Blue
BIPurple='\e[1;95m' # Purple
BICyan='\e[1;96m' # Cyan
BIWhite='\e[1;97m' # White
# High Intensity backgrounds
On_IBlack='\e[0;100m' # Black
On_IRed='\e[0;101m' # Red
On_IGreen='\e[0;102m' # Green
On_IYellow='\e[0;103m' # Yellow
On_IBlue='\e[0;104m' # Blue
On_IPurple='\e[0;105m' # Purple
On_ICyan='\e[0;106m' # Cyan
On_IWhite='\e[0;107m' # White