mariadb-install/mariadbinstall

131 lines
3.5 KiB
Bash
Executable File

#!/bin/bash
##########################################################################
# First Created: 05012022 Author: Allan Desc: Installs MariaDB on Ubuntu #
##########################################################################
#
# Are we root
#
if [[ $(id -u) -ne 0 ]]; then echo "" && echo "Must be root or use sudo" && echo "" ; exit ; fi
#
# Are we in the right directory
#
scriptdir="mariadb-install" && whereami=$(pwd |awk -F'/' '{print $NF}')
if [ "$whereami" != "$scriptdir" ]; then printf "\nWrong directory! Script must be run from %s\n\n" "$scriptdir"; exit 1; fi
#
# Define variables
#
line () { printf -- '-%.0s' {1..50}; printf '\n'; }
mariaconfig="/etc/mysql/mariadb.conf.d/50-server.cnf"
#
# Function to check if a service is already running or not
#
serviceyes () { printf "\n%s" $service ; printf " is allready running cannot continue...\n\n"; }
servicealive () { status=$(systemctl is-active $service); if [[ "$status" == "active" ]]; then serviceyes ; exit; fi; }
#
# Function title
#
title () { printf "\nMariaDB install script V1.4\n\n"; }
#
# Function usage
#
usage () { clear ; printf -- "\n"
printf -- "mariadbinstall \n\n"
printf -- "Usage: \n"
printf -- "./mariadbinstall [-p] <master password>\n"
printf -- " [-help] <this screen> \n\n"
printf -- "Examples: \n"
printf -- "./mariadbinstall -p mysecretpasswd \n\n"; }
#
# Function check if empty password was entered
#
passwordcheck () { if [[ -z "$masterpwd" ]] ; then usage ; printf "ERROR PASSWORD IS EMPTY...\n\n" ; exit; fi; }
#
# If MariaDB is allready running then die
#
service="mariadb" ; servicealive
#
# Configure command line options
#
# Removed due to SC2199 and not really needed start
# if [[ ! $@ =~ ^\-.+ ]]; then usage; fi
# Removed due to SC2199 and not really needed stop
while getopts "p:h:" option; do
case $option in
p) # masterpwd
masterpwd=$OPTARG;;
h) # display help
usage ; exit;;
\?) # invalid option
# printf "Type $0 -help for help\n\n" ; exit;;
printf "\nType sudo " ; printf "%s" "$0" ; printf " -help for help\n\n" ; exit;;
esac
done
#
# Password validation
#
passwordcheck
#
# Display title
#
clear ; title
#
# Custom configuration
#
customconf="
# Custom settings
skip-name-resolve = 1
# Custom settings
"
#
# Create .my.cnf file
#
myconf="
[client]
user=root
password=$masterpwd
"
#
# MySql hardening
#
postinstall="
DELETE FROM mysql.global_priv WHERE User='';
DELETE FROM mysql.global_priv WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
DROP DATABASE IF EXISTS test;
DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';
FLUSH PRIVILEGES;
ALTER USER 'root'@'localhost' IDENTIFIED BY '$masterpwd';
"
printf '%s\n' "${postinstall[@]}" |sed '1d; $d' > postinstall.sql
#
# Install and configure MariaDB
#
apt install -y mariadb-server mariadb-client
sed -i 's/127.0.0.1/0.0.0.0/' $mariaconfig
printf '%s\n' "${customconf[@]}" |sed '$d' > customconf
sed -i "/0.0.0.0/r customconf" $mariaconfig
printf '%s\n' "${myconf[@]}" |sed '1d; $d' > /root/.my.cnf && chmod 400 /root/.my.cnf
#
# Setting up error log comment this out if you don't need error log
#
sed -i '/#log_error = \/var\/log\/mysql\/error.log/ s/^.//' $mariaconfig
#
# MySql apply hardening
#
mysql < postinstall.sql
systemctl restart mariadb
#
# Clean up and display output
#
rm customconf postinstall.sql
clear ; printf "\n" ; line ; printf "All Done...\n" ; line ; printf "\n"
#
# End of script
#