-
Notifications
You must be signed in to change notification settings - Fork 90
/
upgrade1.x-2.1.sh
455 lines (413 loc) · 19.8 KB
/
upgrade1.x-2.1.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
#!/usr/bin/env bash
export PATH=$PATH:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin
# Check if user is root
if [ $(id -u) != "0" ]; then
echo "Error: You must be root to run this script"
exit 1
fi
cur_dir=$(pwd)
isSSL=$1
. lnmp.conf
. include/main.sh
. include/init.sh
Get_Dist_Name
Check_Stack
Check_DB
Upgrade_Dependent()
{
if [ "$PM" = "yum" ]; then
Echo_Blue "[+] Yum installing dependent packages..."
Get_Dist_Version
for packages in patch wget crontabs unzip tar ca-certificates net-tools libc-client-devel psmisc libXpm-devel git-core c-ares-devel libicu-devel libxslt libxslt-devel xz expat-devel bzip2 bzip2-devel libaio-devel rpcgen libtirpc-devel perl cyrus-sasl-devel sqlite-devel oniguruma-devel re2c pkg-config libarchive hostname ncurses-libs numactl-devel libxcrypt libwebp-devel gnutls-devel initscripts iproute libxcrypt-compat;
do yum -y install $packages; done
yum -y update nss
if echo "${CentOS_Version}" | grep -Eqi "^8" || echo "${RHEL_Version}" | grep -Eqi "^8" || echo "${Rocky_Version}" | grep -Eqi "^8" || echo "${Alma_Version}" | grep -Eqi "^8" || echo "${Anolis_Version}" | grep -Eqi "^8" || echo "${OpenCloudOS_Version}" | grep -Eqi "^8"; then
Check_PowerTools
if [ "${repo_id}" != "" ]; then
echo "Installing packages in PowerTools repository..."
for c8packages in rpcgen re2c oniguruma-devel;
do dnf --enablerepo=${repo_id} install ${c8packages} -y; done
fi
dnf install libarchive -y
dnf install gcc-toolset-10 -y
fi
if [ "${DISTRO}" = "Oracle" ] && echo "${Oracle_Version}" | grep -Eqi "^8"; then
Check_Codeready
for o8packages in rpcgen re2c oniguruma-devel;
do dnf --enablerepo=${repo_id} install ${o8packages} -y; done
dnf install libarchive -y
fi
if echo "${CentOS_Version}" | grep -Eqi "^9"; then
crb_source_check=$(yum repolist all | grep -E '^crb' | awk '{print $1}')
if [[ ! -n "$crb_source_check" ]]; then
echo "Add crb source..."
cat > /etc/yum.repos.d/centos-crb.repo << EOF
[CRB]
name=CentOS-\$releasever - CRB - mirrors.ustc.edu.cn
#failovermethod=priority
baseurl=https://mirrors.ustc.edu.cn/centos-stream/\$stream/CRB/\$basearch/os/
gpgcheck=1
gpgkey=https://mirrors.ustc.edu.cn/centos-stream/RPM-GPG-KEY-CentOS-Official
EOF
fi
fi
if echo "${CentOS_Version}" | grep -Eqi "^9" || echo "${Alma_Version}" | grep -Eqi "^9" || echo "${Rocky_Version}" | grep -Eqi "^9"; then
for cs9packages in oniguruma-devel libzip-devel libtirpc-devel libxcrypt-compat;
do dnf --enablerepo=crb install ${cs9packages} -y; done
fi
if echo "${CentOS_Version}" | grep -Eqi "^7" || echo "${RHEL_Version}" | grep -Eqi "^7" || echo "${Aliyun_Version}" | grep -Eqi "^2" || echo "${Alibaba_Version}" | grep -Eqi "^2" || echo "${Oracle_Version}" | grep -Eqi "^7" || echo "${Anolis_Version}" | grep -Eqi "^7"; then
if [ "${DISTRO}" = "Oracle" ]; then
yum -y install oracle-epel-release
else
yum -y install epel-release
Get_Country
if [ "${country}" = "CN" ]; then
sed -e 's!^metalink=!#metalink=!g' \
-e 's!^#baseurl=!baseurl=!g' \
-e 's!//download\.fedoraproject\.org/pub!//mirrors.ustc.edu.cn!g' \
-e 's!//download\.example/pub!//mirrors.ustc.edu.cn!g' \
-i /etc/yum.repos.d/epel*.repo
fi
fi
yum -y install oniguruma oniguruma-devel
if [ "${CheckMirror}" = "n" ]; then
rpm -ivh ${cur_dir}/src/oniguruma-6.8.2-1.el7.x86_64.rpm ${cur_dir}/src/oniguruma-devel-6.8.2-1.el7.x86_64.rpm
fi
fi
if [ "${DISTRO}" = "UOS" ]; then
Check_PowerTools
if [ "${repo_id}" != "" ]; then
echo "Installing packages in PowerTools repository..."
for uospackages in rpcgen re2c oniguruma-devel;
do dnf --enablerepo=${repo_id} install ${uospackages} -y; done
fi
fi
if [ "${DISTRO}" = "Fedora" ] || echo "${CentOS_Version}" | grep -Eqi "^9" || echo "${Alma_Version}" | grep -Eqi "^9" || echo "${Rocky_Version}" | grep -Eqi "^9"; then
dnf install chkconfig -y
fi
if [ -s /usr/lib64/libtinfo.so.6 ]; then
ln -sf /usr/lib64/libtinfo.so.6 /usr/lib64/libtinfo.so.5
elif [ -s /usr/lib/libtinfo.so.6 ]; then
ln -sf /usr/lib/libtinfo.so.6 /usr/lib/libtinfo.so.5
fi
if [ -s /usr/lib64/libncurses.so.6 ]; then
ln -sf /usr/lib64/libncurses.so.6 /usr/lib64/libncurses.so.5
elif [ -s /usr/lib/libncurses.so.6 ]; then
ln -sf /usr/lib/libncurses.so.6 /usr/lib/libncurses.so.5
fi
elif [ "$PM" = "apt" ]; then
Echo_Blue "[+] apt-get installing dependent packages..."
export DEBIAN_FRONTEND=noninteractive
apt-get update -y
[[ $? -ne 0 ]] && apt-get update --allow-releaseinfo-change -y
for packages in debian-keyring debian-archive-keyring build-essential bison libkrb5-dev libcurl3-gnutls libcurl4-gnutls-dev libcurl4-openssl-dev libcap-dev ca-certificates libc-client2007e-dev psmisc patch git libc-ares-dev libicu-dev e2fsprogs libxslt1.1 libxslt1-dev libc-client-dev xz-utils libexpat1-dev bzip2 libbz2-dev libaio-dev libtirpc-dev libsqlite3-dev libonig-dev pkg-config libtinfo-dev libnuma-dev libwebp-dev gnutls-dev;
do apt-get --no-install-recommends install -y $packages; done
fi
}
if [ "${isSSL}" == "ssl" ]; then
echo "+--------------------------------------------------+"
echo "| A tool to upgrade lnmp 1.4 certbot to acme.sh |"
echo "+--------------------------------------------------+"
echo "|For more information please visit https://lnmp.org|"
echo "+--------------------------------------------------+"
if [[ "${Get_Stack}" =~ "lnmp" ]]; then
domain=""
while :;do
Echo_Yellow "Please enter domain(example: www.lnmp.org): "
read domain
if [ "${domain}" != "" ]; then
if [ ! -f "/usr/local/nginx/conf/vhost/${domain}.conf" ]; then
Echo_Red "${domain} is not exist,please check!"
exit 1
else
echo " Your domain: ${domain}"
if ! grep -q "/etc/letsencrypt/live/${domain}/fullchain.pem" "/usr/local/nginx/conf/vhost/${domain}.conf"; then
Echo_Red "SSL configuration NOT found in the ${domain} config file!"
exit 1
fi
break
fi
else
Echo_Red "Domain name can't be empty!"
fi
done
Echo_Yellow "Enter more domain name(example: lnmp.org *.lnmp.org): "
read moredomain
if [ "${moredomain}" != "" ]; then
echo " domain list: ${moredomain}"
fi
vhostdir="/home/wwwroot/${domain}"
echo "Please enter the directory for the domain: $domain"
Echo_Yellow "Default directory: /home/wwwroot/${domain}: "
read vhostdir
if [ "${vhostdir}" == "" ]; then
vhostdir="/home/wwwroot/${domain}"
fi
echo "Virtual Host Directory: ${vhostdir}"
if [ ! -d "${vhostdir}" ]; then
Echo_Red "${vhostdir} does not exist or is not a directory!"
exit 1
fi
if [ ! -s /usr/local/acme.sh/account.conf ] || ! cat /usr/local/acme.sh/account.conf | grep -Eq "^ACCOUNT_EMAIL="; then
while :;do
Echo_Yellow "Please enter your email address: "
read email_address
if [[ "${email_address}" =~ ^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$ ]]; then
echo "Email address ${email_address} is valid."
break
else
echo "Email address ${email_address} is invalid! Please re-enter."
fi
done
fi
letsdomain=""
if [ "${moredomain}" != "" ]; then
letsdomain="-d ${domain}"
for i in ${moredomain};do
letsdomain=${letsdomain}" -d ${i}"
done
else
letsdomain="-d ${domain}"
fi
if [ -s /usr/local/acme.sh/acme.sh ]; then
echo "/usr/local/acme.sh/acme.sh [found]"
else
cd /tmp
[[ -f latest.tar.gz ]] && rm -f latest.tar.gz
wget https://soft.vpser.net/lib/acme.sh/latest.tar.gz --prefer-family=IPv4 --no-check-certificate
tar zxf latest.tar.gz
cd acme.sh-*
./acme.sh --install --log --home /usr/local/acme.sh --certhome /usr/local/nginx/conf/ssl -m ${email_address}
cd ..
rm -f latest.tar.gz
rm -rf acme.sh-*
sed -i 's/cat "\$CERT_PATH"$/#cat "\$CERT_PATH"/g' /usr/local/acme.sh/acme.sh
if command -v yum >/dev/null 2>&1; then
yum -y update nss
service crond restart
chkconfig crond on
elif command -v apt-get >/dev/null 2>&1; then
/etc/init.d/cron restart
update-rc.d cron defaults
fi
fi
. "/usr/local/acme.sh/acme.sh.env"
if [ -s /usr/local/nginx/conf/ssl/${domain}/fullchain.cer ]; then
echo "Removing exist domain certificate..."
rm -rf /usr/local/nginx/conf/ssl/${domain}
fi
echo "Starting create SSL Certificate use Let's Encrypt..."
/usr/local/acme.sh/acme.sh --server letsencrypt --issue ${letsdomain} -w ${vhostdir} -k 2048 --reloadcmd "/etc/init.d/nginx reload"
lets_status=$?
if [ "${lets_status}" = 0 ]; then
Echo_Green "Let's Encrypt SSL Certificate create successfully."
echo "Modify ${domain} configure..."
sed -i "s@/etc/letsencrypt/live/${domain}/fullchain.pem@/usr/local/nginx/conf/ssl/${domain}/fullchain.cer@g" "/usr/local/nginx/conf/vhost/${domain}.conf"
sed -i "s@/etc/letsencrypt/live/${domain}/privkey.pem@/usr/local/nginx/conf/ssl/${domain}/${domain}.key@g" "/usr/local/nginx/conf/vhost/${domain}.conf"
echo "done."
if crontab -l|grep -q "/bin/certbot renew"; then
(crontab -l | grep -v "/bin/certbot renew") | crontab -
fi
/etc/init.d/nginx reload
sleep 1
Echo_Green "upgrade ${domain} successfully."
else
Echo_Red "Let's Encrypt SSL Certificate create failed!"
Echo_Red "upgrade ${domain} fialed."
fi
elif [ "${Get_Stack}" == "lamp" ]; then
domain=""
while :;do
Echo_Yellow "Please enter domain(example: www.lnmp.org): "
read domain
if [ "${domain}" != "" ]; then
if [ ! -f "/usr/local/apache/conf/vhost/${domain}.conf" ]; then
Echo_Red "${domain} is not exist,please check!"
exit 1
else
echo " Your domain: ${domain}"
if ! grep -q "/etc/letsencrypt/live/${domain}/privkey.pem" "/usr/local/apache/conf/vhost/${domain}.conf"; then
Echo_Red "SSL configuration NOT found in the ${domain} config file!"
exit 1
fi
break
fi
else
Echo_Red "Domain name can't be empty!"
fi
done
Echo_Yellow "Enter more domain name(example: lnmp.org *.lnmp.org): "
read moredomain
if [ "${moredomain}" != "" ]; then
echo " domain list: ${moredomain}"
fi
vhostdir="/home/wwwroot/${domain}"
echo "Please enter the directory for the domain: $domain"
Echo_Yellow "Default directory: /home/wwwroot/${domain}: "
read vhostdir
if [ "${vhostdir}" == "" ]; then
vhostdir="/home/wwwroot/${domain}"
fi
echo "Virtual Host Directory: ${vhostdir}"
if [ ! -d "${vhostdir}" ]; then
Echo_Red "${vhostdir} does not exist or is not a directory!"
exit 1
fi
if [ ! -s /usr/local/acme.sh/account.conf ] || ! cat /usr/local/acme.sh/account.conf | grep -Eq "^ACCOUNT_EMAIL="; then
while :;do
Echo_Yellow "Please enter your email address: "
read email_address
if [[ "${email_address}" =~ ^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$ ]]; then
echo "Email address ${email_address} is valid."
break
else
echo "Email address ${email_address} is invalid! Please re-enter."
fi
done
fi
letsdomain=""
if [ "${moredomain}" != "" ]; then
letsdomain="-d ${domain}"
for i in ${moredomain};do
letsdomain=${letsdomain}" -d ${i}"
done
else
letsdomain="-d ${domain}"
fi
if [ -s /usr/local/acme.sh/acme.sh ]; then
echo "/usr/local/acme.sh/acme.sh [found]"
else
cd /tmp
[[ -s latest.tar.gz ]] && rm -f latest.tar.gz
wget https://soft.vpser.net/lib/acme.sh/latest.tar.gz --prefer-family=IPv4 --no-check-certificate
tar zxf latest.tar.gz
cd acme.sh-*
./acme.sh --install --log --home /usr/local/acme.sh --certhome /usr/local/apache/conf/ssl -m ${email_address}
cd ..
rm -f latest.tar.gz
rm -rf acme.sh-*
sed -i 's/cat "\$CERT_PATH"$/#cat "\$CERT_PATH"/g' /usr/local/acme.sh/acme.sh
if command -v yum >/dev/null 2>&1; then
yum -y update nss
yum -y install ca-certificates
service crond restart
chkconfig crond on
elif command -v apt-get >/dev/null 2>&1; then
/etc/init.d/cron restart
update-rc.d cron defaults
fi
fi
. "/usr/local/acme.sh/acme.sh.env"
if [ -s /usr/local/apache/conf/ssl/${domain}/fullchain.cer ]; then
echo "Removing exist domain certificate..."
rm -rf /usr/local/apache/conf/ssl/${domain}
fi
echo "Starting create SSL Certificate use Let's Encrypt..."
/usr/local/acme.sh/acme.sh --server letsencrypt --issue ${letsdomain} -w ${vhostdir} -k 2048 --reloadcmd "/etc/init.d/httpd graceful"
lets_status=$?
if [ "${lets_status}" = 0 ]; then
Echo_Green "Let's Encrypt SSL Certificate create successfully."
echo "Modify ${domain} configure..."
sed -i "s@/etc/letsencrypt/live/${domain}/fullchain.pem@/usr/local/apache/conf/ssl/${domain}/${domain}.cer@g" "/usr/local/apache/conf/vhost/${domain}.conf"
sed -i "s@/etc/letsencrypt/live/${domain}/privkey.pem@/usr/local/apache/conf/ssl/${domain}/${domain}.key@g" "/usr/local/apache/conf/vhost/${domain}.conf"
sed -i "/\/usr\/local\/apache\/conf\/ssl\/${domain}\/${domain}.key/a\SSLCertificateChainFile \/usr\/local\/apache\/conf\/ssl\/${domain}\/ca.cer" "/usr/local/apache/conf/vhost/${domain}.conf"
echo "done."
if crontab -l|grep -q "/bin/certbot renew"; then
(crontab -l | grep -v "/bin/certbot renew") | crontab -
fi
/etc/init.d/httpd graceful
sleep 1
Echo_Green "upgrade ${domain} successfully."
else
Echo_Red "Let's Encrypt SSL Certificate create failed!"
Echo_Red "upgrade ${domain} fialed."
fi
else
Echo_Red "Can't get stack info and will not be able to upgrade."
fi
else
echo "+--------------------------------------------------+"
echo "| A tool to upgrade lnmp manager from 1.x to 2.0 |"
echo "+--------------------------------------------------+"
echo "|For more information please visit https://lnmp.org|"
echo "+--------------------------------------------------+"
Press_Start
if [ "${Get_Stack}" == "unknow" ]; then
Echo_Red "Can't get stack info."
exit
elif [ "${Get_Stack}" == "lnmp" ]; then
Upgrade_Dependent
echo "Copy lnmp manager..."
sleep 1
\cp ${cur_dir}/conf/lnmp /bin/lnmp
chmod +x /bin/lnmp
echo "Copy configure files..."
sleep 1
if [ ! -s /usr/local/nginx/conf/enable-php.conf ]; then
\cp ${cur_dir}/conf/enable-php.conf /usr/local/nginx/conf/enable-php.conf
fi
if [ ! -s /usr/local/nginx/conf/pathinfo.conf ]; then
\cp ${cur_dir}/conf/pathinfo.conf /usr/local/nginx/conf/pathinfo.conf
fi
if [ ! -s /usr/local/nginx/conf/enable-php-pathinfo.conf ]; then
\cp ${cur_dir}/conf/enable-php-pathinfo.conf /usr/local/nginx/conf/enable-php-pathinfo.conf
fi
if [ ! -d /usr/local/nginx/conf/rewrite ]; then
\cp -ra ${cur_dir}/conf/rewrite /usr/local/nginx/conf/
fi
if [ ! -d /usr/local/nginx/conf/vhost ]; then
mkdir /usr/local/nginx/conf/vhost
fi
elif [ "${Get_Stack}" == "lnmpa" ]; then
Upgrade_Dependent
echo "Copy lnmp manager..."
sleep 1
\cp ${cur_dir}/conf/lnmpa /bin/lnmp
chmod +x /bin/lnmp
echo "Copy configure files..."
sleep 1
\cp ${cur_dir}/conf/proxy.conf /usr/local/nginx/conf/proxy.conf
if [ ! -s /usr/local/nginx/conf/proxy-pass-php.conf ]; then
\cp ${cur_dir}/conf/proxy-pass-php.conf /usr/local/nginx/conf/proxy-pass-php.conf
fi
if ! grep -q "SetEnvIf X-Forwarded-Proto https HTTPS=on" /usr/local/apache/conf/httpd.conf; then
if /usr/local/apache/bin/httpd -v|grep -Eqi "Apache/2.2."; then
sed -i "/Include conf\/vhost\/\*.conf/i\SetEnvIf X-Forwarded-Proto https HTTPS=on\n" /usr/local/apache/conf/httpd.conf
elif /usr/local/apache/bin/httpd -v|grep -Eqi "Apache/2.4."; then
sed -i "/IncludeOptional conf\/vhost\/\*.conf/i\SetEnvIf X-Forwarded-Proto https HTTPS=on\n" /usr/local/apache/conf/httpd.conf
fi
fi
if [ ! -d /usr/local/nginx/conf/vhost ]; then
mkdir /usr/local/nginx/conf/vhost
fi
elif [ "${Get_Stack}" == "lamp" ]; then
Upgrade_Dependent
echo "Copy configure files..."
sleep 1
\cp ${cur_dir}/conf/lamp /bin/lnmp
chmod +x /bin/lnmp
echo "Copy configure files..."
sleep 1
if /usr/local/apache/bin/httpd -v|grep -Eqi "Apache/2.2."; then
\cp ${cur_dir}/conf/httpd22-ssl.conf /usr/local/apache/conf/extra/httpd-ssl.conf
elif /usr/local/apache/bin/httpd -v|grep -Eqi "Apache/2.4."; then
\cp ${cur_dir}/conf/httpd24-ssl.conf /usr/local/apache/conf/extra/httpd-ssl.conf
sed -i 's/^#LoadModule socache_shmcb_module/LoadModule socache_shmcb_module/g' /usr/local/apache/conf/httpd.conf
sed -i 's/^LoadModule lbmethod_heartbeat_module/#LoadModule lbmethod_heartbeat_module/g' /usr/local/apache/conf/httpd.conf
fi
if [ ! -d /usr/local/apache/conf/vhost ]; then
mkdir /usr/local/apache/conf/vhost
fi
fi
if [ "${DB_Name}" = "mariadb" ]; then
sed -i 's#/etc/init.d/mysql#/etc/init.d/mariadb#' /bin/lnmp
elif [ "${DB_Name}" = "None" ]; then
sed -i 's#/etc/init.d/mysql.*##' /bin/lnmp
fi
if [ -s /usr/local/acme.sh/acme.sh ]; then
. "/usr/local/acme.sh/acme.sh.env"
/usr/local/acme.sh/acme.sh --upgrade
sed -i 's/cat "\$CERT_PATH"$/#cat "\$CERT_PATH"/g' /usr/local/acme.sh/acme.sh
fi
Echo_Green "upgrade lnmp manager complete."
fi