From d6307ed19bd01df286526b67d40c4d00a5dc16e5 Mon Sep 17 00:00:00 2001 From: cclohmar Date: Mon, 4 May 2026 17:55:10 +0100 Subject: [PATCH] chore: sync: ClausL-MacBook-Pro.local 2026-05-04 17:55 --- install-authelia-api.sh | 178 ++++++++++++++++++++-------------------- 1 file changed, 89 insertions(+), 89 deletions(-) diff --git a/install-authelia-api.sh b/install-authelia-api.sh index be2aa39..4768fd3 100644 --- a/install-authelia-api.sh +++ b/install-authelia-api.sh @@ -12,7 +12,7 @@ set -e # # Usage: # curl -fsSL https://github.com/yourusername/authelia-api/install.sh | sudo bash -# +# # For development/testing: # cd /home/authelia/dev # sudo ./install-authelia-api.sh @@ -30,7 +30,7 @@ NC='\033[0m' # No Color # Configuration # Update REPO_URL to your actual GitHub repository before distribution -REPO_URL="https://github.com/yourusername/authelia-api" +REPO_URL="https://git.lohmar.co.uk/cclohmar/autehlia-api" DOWNLOAD_URL="${AUTHELIA_API_DOWNLOAD_URL:-${REPO_URL}/releases/latest/download/authelia-api}" INSTALL_DIR="${AUTHELIA_API_INSTALL_DIR:-/opt/authelia/api}" SERVICE_NAME="authelia-api" @@ -87,11 +87,11 @@ print_step() { run_command() { local cmd="$1" local desc="$2" - + if [ "$NEED_SUDO" = true ] && [ "$IS_ROOT" = false ]; then cmd="sudo $cmd" fi - + print_info "$desc" eval "$cmd" } @@ -99,16 +99,16 @@ run_command() { ask_confirm() { local prompt="$1" local default="${2:-y}" - + if [ "$default" = "y" ]; then prompt="$prompt [Y/n]: " else prompt="$prompt [y/N]: " fi - + read -r -p "$prompt" response response=${response:-$default} - + if [[ $response =~ ^[Yy]$ ]]; then return 0 else @@ -122,7 +122,7 @@ ask_confirm() { detect_system() { print_step "Detecting system..." - + # Check if running as root if [ "$EUID" -eq 0 ]; then IS_ROOT=true @@ -139,7 +139,7 @@ detect_system() { exit 1 fi fi - + # Detect distribution if [ -f /etc/os-release ]; then . /etc/os-release @@ -158,7 +158,7 @@ detect_system() { print_warning "Could not detect distribution, assuming generic Linux" DISTRO="linux" fi - + # Detect architecture ARCH=$(uname -m) case "$ARCH" in @@ -181,14 +181,14 @@ detect_system() { check_dependencies() { print_step "Checking dependencies..." - + local missing_deps=() - + # Check for curl (needed for binary download) if ! command -v curl &> /dev/null; then missing_deps+=("curl") fi - + # Check for authelia binary if ! command -v authelia &> /dev/null && [ ! -f /opt/authelia/authelia ]; then print_warning "Authelia binary not found in PATH or /opt/authelia/authelia" @@ -197,10 +197,10 @@ check_dependencies() { exit 1 fi fi - + if [ ${#missing_deps[@]} -ne 0 ]; then print_error "Missing dependencies: ${missing_deps[*]}" - + if [ "$DISTRO" = "debian" ] || [ "$DISTRO" = "ubuntu" ]; then run_command "apt-get update" "Updating package list" run_command "apt-get install -y ${missing_deps[*]}" "Installing missing dependencies" @@ -213,7 +213,7 @@ check_dependencies() { exit 1 fi fi - + print_success "All dependencies satisfied" } @@ -223,7 +223,7 @@ check_dependencies() { create_user() { print_step "Checking service user..." - + # Detect Authelia service user local authelia_service_file="/etc/systemd/system/authelia.service" if [ -f "$authelia_service_file" ]; then @@ -235,48 +235,48 @@ create_user() { return 0 fi fi - + # Default to authelia user print_info "Authelia service user not found, using default: $USER" - + # Check if user exists if id "$USER" &>/dev/null; then print_success "User '$USER' already exists" else print_info "Creating user '$USER'" - + if [ "$DISTRO" = "alpine" ]; then run_command "adduser -D -s /bin/false $USER" "Creating system user" else run_command "useradd -r -s /bin/false -M $USER" "Creating system user" fi - + print_success "User '$USER' created" fi } prepare_installation_directory() { print_step "Preparing installation directory..." - + # Create installation directory if [ ! -d "$INSTALL_DIR" ]; then run_command "mkdir -p $INSTALL_DIR" "Creating installation directory" else print_info "Installation directory already exists: $INSTALL_DIR" fi - + # Set permissions run_command "chown -R $USER:$USER $INSTALL_DIR" "Setting ownership" run_command "chmod 755 $INSTALL_DIR" "Setting directory permissions" - + print_success "Installation directory ready: $INSTALL_DIR" } download_binary() { print_step "Downloading Authelia API binary..." - + local binary_dest="$INSTALL_DIR/authelia-api" - + if [ "$DEVELOPMENT_MODE" = true ]; then if [ -f "$LOCAL_BINARY_PATH" ]; then print_info "Development mode: Using local binary" @@ -293,11 +293,11 @@ download_binary() { DEVELOPMENT_MODE=false fi fi - + if [ "$DEVELOPMENT_MODE" = false ]; then # Construct download URL with architecture local download_url="${DOWNLOAD_URL}_linux_${ARCH}" - + print_info "Downloading from: $download_url" if command -v curl &> /dev/null; then run_command "curl -fsSL -o '$binary_dest' '$download_url'" "Downloading binary" @@ -306,15 +306,15 @@ download_binary() { exit 1 fi fi - + # Make binary executable run_command "chmod +x '$binary_dest'" "Making binary executable" run_command "chown $USER:$USER '$binary_dest'" "Setting binary ownership" - + # Verify binary if [ -f "$binary_dest" ] && [ -x "$binary_dest" ]; then print_success "Binary downloaded and ready: $binary_dest" - + # Test binary version if "$binary_dest" --version &>/dev/null; then local version=$("$binary_dest" --version 2>/dev/null || echo "unknown") @@ -328,18 +328,18 @@ download_binary() { download_source_files() { print_step "Downloading source files and documentation..." - + local source_dir="$INSTALL_DIR/src" - + # Create source directory if [ ! -d "$source_dir" ]; then run_command "mkdir -p $source_dir" "Creating source directory" fi - + # For development, copy existing source files if [ "$DEVELOPMENT_MODE" = true ]; then print_info "Development mode: Using existing source files" - + # If source directory already exists in install location, skip copying if [ -d "$INSTALL_DIR/src" ] && [ "$INSTALL_DIR/src" != "$source_dir" ]; then print_info "Source directory already exists at installation location" @@ -347,7 +347,7 @@ download_source_files() { print_info "Copying source files from development location" cp -r "$LOCAL_SOURCE_PATH"/* "$source_dir/" 2>/dev/null || true fi - + # Also copy root README if it exists (from dev directory) if [ -f "/home/authelia/dev/README.md" ] && [ "/home/authelia/dev/README.md" != "$source_dir/ROOT_README.md" ]; then cp "/home/authelia/dev/README.md" "$source_dir/ROOT_README.md" @@ -356,7 +356,7 @@ download_source_files() { # In production, download source archive local source_url="${REPO_URL}/archive/refs/heads/main.tar.gz" local temp_file="/tmp/authelia-api-src.tar.gz" - + print_info "Downloading source files from GitHub" if command -v curl &> /dev/null; then run_command "curl -fsSL -o '$temp_file' '$source_url'" "Downloading source archive" @@ -366,19 +366,19 @@ download_source_files() { print_warning "curl not available, skipping source download" fi fi - + # Set permissions on source directory run_command "chown -R $USER:$USER '$source_dir'" "Setting source directory ownership" run_command "chmod -R 644 '$source_dir'" "Setting source file permissions" - + print_success "Source files downloaded to: $source_dir" } create_configuration() { print_step "Creating configuration..." - + local config_file="$INSTALL_DIR/config.yml" - + # Check if configuration already exists if [ -f "$config_file" ]; then print_info "Configuration already exists: $config_file" @@ -390,7 +390,7 @@ create_configuration() { return 0 fi fi - + # Create basic configuration cat > /tmp/authelia-api-config.yml << EOF # Authelia API Configuration @@ -412,23 +412,23 @@ log_level: "info" # AUTHELIA_API_LISTEN_ADDR: "127.0.0.1:8080" # AUTHELIA_API_LOG_LEVEL: "info" EOF - + run_command "mv /tmp/authelia-api-config.yml '$config_file'" "Creating configuration file" run_command "chown $USER:$USER '$config_file'" "Setting configuration ownership" run_command "chmod 600 '$config_file'" "Securing configuration" - + print_success "Configuration created: $config_file" } create_systemd_service() { print_step "Creating systemd service..." - + # Skip service creation for non-standard install directories if [ "$INSTALL_DIR" != "/opt/authelia/api" ]; then print_info "Skipping systemd service creation (non-standard install directory)" return 0 fi - + # Check if service already exists if [ -f "$SERVICE_FILE" ]; then print_info "Service file already exists: $SERVICE_FILE" @@ -441,7 +441,7 @@ create_systemd_service() { return 0 fi fi - + # Create service file local service_content="[Unit] Description=Authelia API @@ -484,24 +484,24 @@ ReadWritePaths=$INSTALL_DIR /opt/authelia" [Install] WantedBy=multi-user.target" - + # Write service file echo "$service_content" > /tmp/authelia-api.service - + run_command "mv /tmp/authelia-api.service '$SERVICE_FILE'" "Creating service file" run_command "chmod 644 '$SERVICE_FILE'" "Setting service file permissions" - + # Reload systemd run_command "systemctl daemon-reload" "Reloading systemd" - + print_success "Systemd service created: $SERVICE_FILE" } setup_database() { print_step "Setting up database..." - + local db_file="$INSTALL_DIR/authelia-api.db" - + # Check if database already exists if [ -f "$db_file" ]; then print_info "Database already exists: $db_file" @@ -514,34 +514,34 @@ setup_database() { return 0 fi fi - + # Create empty database file run_command "touch '$db_file'" "Creating database file" run_command "chown $USER:$USER '$db_file'" "Setting database ownership" run_command "chmod 600 '$db_file'" "Securing database" - + print_success "Database file created: $db_file" } run_bootstrap() { print_step "Running bootstrap..." - + local binary_path="$INSTALL_DIR/authelia-api" - + if [ ! -f "$binary_path" ]; then print_error "Binary not found: $binary_path" return 1 fi - + print_info "Running bootstrap process (first-time setup)" - + # Run bootstrap with proper user if [ "$IS_ROOT" = true ]; then run_command "sudo -u $USER $binary_path --bootstrap" "Running bootstrap" else run_command "$binary_path --bootstrap" "Running bootstrap" fi - + if [ $? -eq 0 ]; then print_success "Bootstrap completed successfully" else @@ -551,24 +551,24 @@ run_bootstrap() { enable_and_start_service() { print_step "Enabling and starting service..." - + # Skip service operations for non-standard install directories if [ "$INSTALL_DIR" != "/opt/authelia/api" ]; then print_info "Skipping service operations (non-standard install directory)" return 0 fi - + # Enable service run_command "systemctl enable $SERVICE_NAME" "Enabling service" - + # Start service run_command "systemctl start $SERVICE_NAME" "Starting service" - + # Check service status sleep 2 if systemctl is-active --quiet "$SERVICE_NAME"; then print_success "Service is running" - + # Show status run_command "systemctl status $SERVICE_NAME --no-pager" "Service status" else @@ -580,20 +580,20 @@ enable_and_start_service() { setup_firewall() { print_step "Configuring firewall (if applicable)..." - + # Skip firewall configuration for non-standard install directories if [ "$INSTALL_DIR" != "/opt/authelia/api" ]; then print_info "Skipping firewall configuration (non-standard install directory)" return 0 fi - + local port="8080" - + # Check if firewall-cmd is available (firewalld) if command -v firewall-cmd &> /dev/null; then if firewall-cmd --state &>/dev/null; then print_info "Configuring firewalld" - + # Add the service/port if ! firewall-cmd --query-port="${port}/tcp" &>/dev/null; then run_command "firewall-cmd --permanent --add-port=${port}/tcp" "Adding firewall rule" @@ -607,7 +607,7 @@ setup_firewall() { elif command -v ufw &> /dev/null; then if ufw status | grep -q "Status: active"; then print_info "Configuring UFW" - + if ! ufw status | grep -q "${port}/tcp"; then run_command "ufw allow ${port}/tcp comment 'Authelia API'" "Adding firewall rule" print_success "Firewall rule added for port $port" @@ -627,9 +627,9 @@ setup_firewall() { create_backup_script() { print_step "Creating backup script..." - + local backup_script="$INSTALL_DIR/backup.sh" - + cat > "$backup_script" << 'EOF' #!/usr/bin/env bash set -e @@ -662,7 +662,7 @@ systemctl start authelia-api echo "Backup created: $BACKUP_FILE" echo "Size: $(du -h "$BACKUP_FILE" | cut -f1)" EOF - + # Copy backup script from source if it exists if [ -f "$LOCAL_SOURCE_PATH/backup.sh" ]; then cp "$LOCAL_SOURCE_PATH/backup.sh" "$backup_script" @@ -682,11 +682,11 @@ EOF main_installation() { print_header - + echo -e "${BOLD}Authelia API Installation${NC}" echo -e "This will install the Authelia API to: ${CYAN}$INSTALL_DIR${NC}" echo "" - + # Show what will be installed echo -e "${BOLD}Components to install:${NC}" echo " • Authelia API binary" @@ -695,17 +695,17 @@ main_installation() { echo " • Systemd service" echo " • Backup script" echo "" - + if [ "$IS_ROOT" = false ] && [ "$NEED_SUDO" = true ]; then echo -e "${YELLOW}Note:${NC} Some operations will require sudo privileges" echo "" fi - + if ! ask_confirm "Proceed with installation?" "y"; then print_info "Installation cancelled" exit 0 fi - + # Run installation steps detect_system check_dependencies @@ -720,9 +720,9 @@ main_installation() { enable_and_start_service setup_firewall create_backup_script - + print_step "Installation Complete!" - + echo -e "${GREEN}${BOLD}✓ Authelia API has been successfully installed${NC}" echo "" echo -e "${BOLD}Service Information:${NC}" @@ -749,7 +749,7 @@ main_installation() { echo "" echo -e "${BOLD}Documentation:${NC} $REPO_URL" echo "" - + # Test API health endpoint print_info "Testing API health endpoint..." sleep 3 @@ -769,7 +769,7 @@ main_installation() { uninstall() { print_header - + echo -e "${RED}${BOLD}⚠ Uninstall Authelia API${NC}" echo "" echo -e "This will:" @@ -780,14 +780,14 @@ uninstall() { echo "" echo -e "${YELLOW}Warning:${NC} This will delete all authelia-api data including the database!" echo "" - + if ! ask_confirm "Are you sure you want to uninstall?" "n"; then print_info "Uninstall cancelled" exit 0 fi - + print_step "Starting uninstallation..." - + # Stop and disable service if [ -f "$SERVICE_FILE" ]; then run_command "systemctl stop $SERVICE_NAME 2>/dev/null || true" "Stopping service" @@ -795,17 +795,17 @@ uninstall() { run_command "rm -f '$SERVICE_FILE'" "Removing service file" run_command "systemctl daemon-reload" "Reloading systemd" fi - + # Remove installation directory if [ -d "$INSTALL_DIR" ]; then run_command "rm -rf '$INSTALL_DIR'" "Removing installation directory" fi - + # Remove backup script if [ -f "/usr/local/bin/authelia-api-backup" ]; then run_command "rm -f /usr/local/bin/authelia-api-backup" "Removing backup script" fi - + print_success "Uninstallation complete!" echo "" echo -e "${BOLD}Note:${NC} Authelia configuration and user database were not modified" @@ -855,4 +855,4 @@ case "${1:-}" in echo "Use --help for usage information" exit 1 ;; -esac \ No newline at end of file +esac