131 lines
3.5 KiB
Bash
Executable File
131 lines
3.5 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
##########################################################################
|
|
# First Created: 05012022 Author: Allan Desc: Installs MariaDB on Ubuntu #
|
|
##########################################################################
|
|
|
|
#
|
|
# Are we root
|
|
#
|
|
if [[ $(id -u) -ne 0 ]]; then echo "" && echo "Must be root or use sudo" && echo "" ; exit ; fi
|
|
#
|
|
# Are we in the right directory
|
|
#
|
|
scriptdir="mariadb-install" && whereami=$(pwd |awk -F'/' '{print $NF}')
|
|
if [ "$whereami" != "$scriptdir" ]; then printf "\nWrong directory! Script must be run from %s\n\n" "$scriptdir"; exit 1; fi
|
|
#
|
|
# Define variables
|
|
#
|
|
line () { printf -- '-%.0s' {1..50}; printf '\n'; }
|
|
mariaconfig="/etc/mysql/mariadb.conf.d/50-server.cnf"
|
|
#
|
|
# Function to check if a service is already running or not
|
|
#
|
|
serviceyes () { printf "\n%s" $service ; printf " is allready running cannot continue...\n\n"; }
|
|
servicealive () { status=$(systemctl is-active $service); if [[ "$status" == "active" ]]; then serviceyes ; exit; fi; }
|
|
#
|
|
# Function title
|
|
#
|
|
title () { printf "\nMariaDB install script V1.4\n\n"; }
|
|
#
|
|
# Function usage
|
|
#
|
|
usage () { clear ; printf -- "\n"
|
|
printf -- "mariadbinstall \n\n"
|
|
printf -- "Usage: \n"
|
|
printf -- "./mariadbinstall [-p] <master password>\n"
|
|
printf -- " [-help] <this screen> \n\n"
|
|
printf -- "Examples: \n"
|
|
printf -- "./mariadbinstall -p mysecretpasswd \n\n"; }
|
|
#
|
|
# Function check if empty password was entered
|
|
#
|
|
passwordcheck () { if [[ -z "$masterpwd" ]] ; then usage ; printf "ERROR PASSWORD IS EMPTY...\n\n" ; exit; fi; }
|
|
#
|
|
# If MariaDB is allready running then die
|
|
#
|
|
service="mariadb" ; servicealive
|
|
#
|
|
# Configure command line options
|
|
#
|
|
|
|
# Removed due to SC2199 and not really needed start
|
|
# if [[ ! $@ =~ ^\-.+ ]]; then usage; fi
|
|
# Removed due to SC2199 and not really needed stop
|
|
|
|
while getopts "p:h:" option; do
|
|
case $option in
|
|
|
|
p) # masterpwd
|
|
masterpwd=$OPTARG;;
|
|
|
|
h) # display help
|
|
usage ; exit;;
|
|
|
|
\?) # invalid option
|
|
# printf "Type $0 -help for help\n\n" ; exit;;
|
|
printf "\nType sudo " ; printf "%s" "$0" ; printf " -help for help\n\n" ; exit;;
|
|
esac
|
|
done
|
|
#
|
|
# Password validation
|
|
#
|
|
passwordcheck
|
|
#
|
|
# Display title
|
|
#
|
|
clear ; title
|
|
#
|
|
# Custom configuration
|
|
#
|
|
customconf="
|
|
# Custom settings
|
|
skip-name-resolve = 1
|
|
# Custom settings
|
|
"
|
|
#
|
|
# Create .my.cnf file
|
|
#
|
|
myconf="
|
|
[client]
|
|
user=root
|
|
password=$masterpwd
|
|
"
|
|
#
|
|
# MySql hardening
|
|
#
|
|
postinstall="
|
|
DELETE FROM mysql.global_priv WHERE User='';
|
|
DELETE FROM mysql.global_priv WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
|
|
DROP DATABASE IF EXISTS test;
|
|
DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';
|
|
FLUSH PRIVILEGES;
|
|
ALTER USER 'root'@'localhost' IDENTIFIED BY '$masterpwd';
|
|
"
|
|
printf '%s\n' "${postinstall[@]}" |sed '1d; $d' > postinstall.sql
|
|
#
|
|
# Install and configure MariaDB
|
|
#
|
|
apt install -y mariadb-server mariadb-client
|
|
sed -i 's/127.0.0.1/0.0.0.0/' $mariaconfig
|
|
printf '%s\n' "${customconf[@]}" |sed '$d' > customconf
|
|
sed -i "/0.0.0.0/r customconf" $mariaconfig
|
|
printf '%s\n' "${myconf[@]}" |sed '1d; $d' > /root/.my.cnf && chmod 400 /root/.my.cnf
|
|
#
|
|
# Setting up error log comment this out if you don't need error log
|
|
#
|
|
sed -i '/#log_error = \/var\/log\/mysql\/error.log/ s/^.//' $mariaconfig
|
|
#
|
|
# MySql apply hardening
|
|
#
|
|
mysql < postinstall.sql
|
|
systemctl restart mariadb
|
|
#
|
|
# Clean up and display output
|
|
#
|
|
rm customconf postinstall.sql
|
|
clear ; printf "\n" ; line ; printf "All Done...\n" ; line ; printf "\n"
|
|
#
|
|
# End of script
|
|
#
|