#!/bin/bash ########################################################################## # First Created: 05012022 Author: Allan Desc: Installs MariaDB on Ubuntu # ########################################################################## # # Are we root # if [[ $(id -u) -ne 0 ]]; then echo "" && echo "Must be root or use sudo" && echo "" ; exit ; fi # # Are we in the right directory # scriptdir="mariadb-install" && whereami=$(pwd |awk -F'/' '{print $NF}') if [ "$whereami" != "$scriptdir" ]; then printf "\nWrong directory! Script must be run from %s\n\n" "$scriptdir"; exit 1; fi # # Define variables # line () { printf -- '-%.0s' {1..50}; printf '\n'; } mariaconfig="/etc/mysql/mariadb.conf.d/50-server.cnf" # # Function to check if a service is already running or not # serviceyes () { printf "\n%s" $service ; printf " is allready running cannot continue...\n\n"; } servicealive () { status=$(systemctl is-active $service); if [[ "$status" == "active" ]]; then serviceyes ; exit; fi; } # # Function title # title () { printf "\nMariaDB install script V1.4\n\n"; } # # Function usage # usage () { clear ; printf -- "\n" printf -- "mariadbinstall \n\n" printf -- "Usage: \n" printf -- "./mariadbinstall [-p] \n" printf -- " [-help] \n\n" printf -- "Examples: \n" printf -- "./mariadbinstall -p mysecretpasswd \n\n"; } # # Function check if empty password was entered # passwordcheck () { if [[ -z "$masterpwd" ]] ; then usage ; printf "ERROR PASSWORD IS EMPTY...\n\n" ; exit; fi; } # # If MariaDB is allready running then die # service="mariadb" ; servicealive # # Configure command line options # # Removed due to SC2199 and not really needed start # if [[ ! $@ =~ ^\-.+ ]]; then usage; fi # Removed due to SC2199 and not really needed stop while getopts "p:h:" option; do case $option in p) # masterpwd masterpwd=$OPTARG;; h) # display help usage ; exit;; \?) # invalid option # printf "Type $0 -help for help\n\n" ; exit;; printf "\nType sudo " ; printf "%s" "$0" ; printf " -help for help\n\n" ; exit;; esac done # # Password validation # passwordcheck # # Display title # clear ; title # # Custom configuration # customconf=" # Custom settings skip-name-resolve = 1 # Custom settings " # # Create .my.cnf file # myconf=" [client] user=root password=$masterpwd " # # MySql hardening # postinstall=" DELETE FROM mysql.global_priv WHERE User=''; DELETE FROM mysql.global_priv WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1'); DROP DATABASE IF EXISTS test; DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'; FLUSH PRIVILEGES; ALTER USER 'root'@'localhost' IDENTIFIED BY '$masterpwd'; " printf '%s\n' "${postinstall[@]}" |sed '1d; $d' > postinstall.sql # # Install and configure MariaDB # apt install -y mariadb-server mariadb-client sed -i 's/127.0.0.1/0.0.0.0/' $mariaconfig printf '%s\n' "${customconf[@]}" |sed '$d' > customconf sed -i "/0.0.0.0/r customconf" $mariaconfig printf '%s\n' "${myconf[@]}" |sed '1d; $d' > /root/.my.cnf && chmod 400 /root/.my.cnf # # Setting up error log comment this out if you don't need error log # sed -i '/#log_error = \/var\/log\/mysql\/error.log/ s/^.//' $mariaconfig # # MySql apply hardening # mysql < postinstall.sql systemctl restart mariadb # # Clean up and display output # rm customconf postinstall.sql clear ; printf "\n" ; line ; printf "All Done...\n" ; line ; printf "\n" # # End of script #