mirror of
https://github.com/community-scripts/ProxmoxVE.git
synced 2026-02-03 20:03:25 +01:00
56c2e6cf1c
- Temp files were deleted before schema upgrade could access them - Fixes update script failing on MySQL schema upgrade step
231 lines
11 KiB
Bash
231 lines
11 KiB
Bash
#!/usr/bin/env bash
|
|
source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/build.func)
|
|
# Copyright (c) 2021-2026 community-scripts ORG
|
|
# Author: Michel Roegl-Brunner (michelroegl-brunner)
|
|
# License: | MIT https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
|
|
# Source: https://guacamole.apache.org/
|
|
|
|
APP="Apache-Guacamole"
|
|
var_tags="${var_tags:-webserver;remote}"
|
|
var_disk="${var_disk:-4}"
|
|
var_cpu="${var_cpu:-1}"
|
|
var_ram="${var_ram:-2048}"
|
|
var_os="${var_os:-debian}"
|
|
var_version="${var_version:-13}"
|
|
var_unprivileged="${var_unprivileged:-1}"
|
|
|
|
header_info "$APP"
|
|
variables
|
|
color
|
|
catch_errors
|
|
|
|
function update_script() {
|
|
header_info
|
|
check_container_storage
|
|
check_container_resources
|
|
if [[ ! -d /opt/apache-guacamole ]]; then
|
|
msg_error "No ${APP} Installation Found!"
|
|
exit
|
|
fi
|
|
|
|
# Fetch latest versions
|
|
LATEST_TOMCAT=$(curl -fsSL https://dlcdn.apache.org/tomcat/tomcat-9/ | grep -oP '(?<=href=")v[^"/]+(?=/")' | sed 's/^v//' | sort -V | tail -n1)
|
|
LATEST_SERVER=$(curl -fsSL https://api.github.com/repos/apache/guacamole-server/tags | jq -r '.[].name' | grep -v -- '-RC' | head -n 1)
|
|
LATEST_CLIENT=$(curl -fsSL https://api.github.com/repos/apache/guacamole-client/tags | jq -r '.[].name' | grep -v -- '-RC' | head -n 1)
|
|
LATEST_MYSQL_CONNECTOR=$(curl -fsSL "https://repo1.maven.org/maven2/com/mysql/mysql-connector-j/maven-metadata.xml" | grep -oP '<latest>\K[^<]+')
|
|
|
|
# Read current versions from ~/.guacamole_*
|
|
CURRENT_TOMCAT=$(cat ~/.guacamole_tomcat 2>/dev/null || echo "unknown")
|
|
CURRENT_SERVER=$(cat ~/.guacamole_server 2>/dev/null || echo "unknown")
|
|
CURRENT_CLIENT=$(cat ~/.guacamole_client 2>/dev/null || echo "unknown")
|
|
CURRENT_MYSQL_CONNECTOR=$(cat ~/.guacamole_mysql_connector 2>/dev/null || echo "unknown")
|
|
|
|
UPDATE_NEEDED=false
|
|
[[ "$CURRENT_TOMCAT" != "$LATEST_TOMCAT" ]] && UPDATE_NEEDED=true
|
|
[[ "$CURRENT_SERVER" != "$LATEST_SERVER" ]] && UPDATE_NEEDED=true
|
|
[[ "$CURRENT_CLIENT" != "$LATEST_CLIENT" ]] && UPDATE_NEEDED=true
|
|
[[ "$CURRENT_MYSQL_CONNECTOR" != "$LATEST_MYSQL_CONNECTOR" ]] && UPDATE_NEEDED=true
|
|
|
|
if [[ "$UPDATE_NEEDED" == "false" ]]; then
|
|
msg_ok "All components are up to date"
|
|
exit
|
|
fi
|
|
|
|
JAVA_VERSION="11" setup_java
|
|
|
|
msg_info "Stopping Services"
|
|
systemctl stop guacd tomcat
|
|
msg_ok "Stopped Services"
|
|
|
|
# Update Tomcat
|
|
if [[ "$CURRENT_TOMCAT" != "$LATEST_TOMCAT" ]]; then
|
|
msg_info "Updating Tomcat (${CURRENT_TOMCAT} → ${LATEST_TOMCAT})"
|
|
cp -a /opt/apache-guacamole/tomcat9/conf /tmp/tomcat-conf-backup
|
|
curl -fsSL "https://dlcdn.apache.org/tomcat/tomcat-9/v${LATEST_TOMCAT}/bin/apache-tomcat-${LATEST_TOMCAT}.tar.gz" | tar -xz -C /opt/apache-guacamole/tomcat9 --strip-components=1 --exclude='conf/*'
|
|
cp -a /tmp/tomcat-conf-backup/* /opt/apache-guacamole/tomcat9/conf/
|
|
rm -rf /tmp/tomcat-conf-backup
|
|
chown -R tomcat: /opt/apache-guacamole/tomcat9
|
|
echo "${LATEST_TOMCAT}" >~/.guacamole_tomcat
|
|
msg_ok "Updated Tomcat"
|
|
else
|
|
msg_ok "Tomcat already up to date (${CURRENT_TOMCAT})"
|
|
fi
|
|
|
|
# Update Guacamole Server
|
|
if [[ "$CURRENT_SERVER" != "$LATEST_SERVER" ]]; then
|
|
msg_info "Updating Guacamole Server (${CURRENT_SERVER} → ${LATEST_SERVER})"
|
|
rm -rf /opt/apache-guacamole/server/*
|
|
curl -fsSL "https://api.github.com/repos/apache/guacamole-server/tarball/refs/tags/${LATEST_SERVER}" | tar -xz --strip-components=1 -C /opt/apache-guacamole/server
|
|
cd /opt/apache-guacamole/server
|
|
export CPPFLAGS="-Wno-error=deprecated-declarations"
|
|
$STD autoreconf -fi
|
|
$STD ./configure --with-init-dir=/etc/init.d --enable-allow-freerdp-snapshots
|
|
$STD make
|
|
$STD make install
|
|
$STD ldconfig
|
|
echo "${LATEST_SERVER}" >~/.guacamole_server
|
|
msg_ok "Updated Guacamole Server"
|
|
|
|
# Auth JDBC follows server version
|
|
msg_info "Updating Guacamole Auth JDBC"
|
|
rm -f /etc/guacamole/extensions/guacamole-auth-jdbc-mysql-*.jar
|
|
curl -fsSL "https://downloads.apache.org/guacamole/${LATEST_SERVER}/binary/guacamole-auth-jdbc-${LATEST_SERVER}.tar.gz" -o "/tmp/guacamole-auth-jdbc.tar.gz"
|
|
$STD tar -xf /tmp/guacamole-auth-jdbc.tar.gz -C /tmp
|
|
mv /tmp/guacamole-auth-jdbc-"${LATEST_SERVER}"/mysql/guacamole-auth-jdbc-mysql-"${LATEST_SERVER}".jar /etc/guacamole/extensions/
|
|
echo "${LATEST_SERVER}" >~/.guacamole_auth_jdbc
|
|
msg_ok "Updated Guacamole Auth JDBC"
|
|
else
|
|
msg_ok "Guacamole Server already up to date (${CURRENT_SERVER})"
|
|
fi
|
|
|
|
# Update Guacamole Client
|
|
if [[ "$CURRENT_CLIENT" != "$LATEST_CLIENT" ]]; then
|
|
msg_info "Updating Guacamole Client (${CURRENT_CLIENT} → ${LATEST_CLIENT})"
|
|
curl -fsSL "https://downloads.apache.org/guacamole/${LATEST_CLIENT}/binary/guacamole-${LATEST_CLIENT}.war" -o "/opt/apache-guacamole/tomcat9/webapps/guacamole.war"
|
|
echo "${LATEST_CLIENT}" >~/.guacamole_client
|
|
msg_ok "Updated Guacamole Client"
|
|
else
|
|
msg_ok "Guacamole Client already up to date (${CURRENT_CLIENT})"
|
|
fi
|
|
|
|
# Update MySQL Connector
|
|
if [[ "$CURRENT_MYSQL_CONNECTOR" != "$LATEST_MYSQL_CONNECTOR" ]]; then
|
|
msg_info "Updating MySQL Connector (${CURRENT_MYSQL_CONNECTOR} → ${LATEST_MYSQL_CONNECTOR})"
|
|
curl -fsSL "https://repo1.maven.org/maven2/com/mysql/mysql-connector-j/${LATEST_MYSQL_CONNECTOR}/mysql-connector-j-${LATEST_MYSQL_CONNECTOR}.jar" -o "/etc/guacamole/lib/mysql-connector-j.jar"
|
|
echo "${LATEST_MYSQL_CONNECTOR}" >~/.guacamole_mysql_connector
|
|
msg_ok "Updated MySQL Connector"
|
|
else
|
|
msg_ok "MySQL Connector already up to date (${CURRENT_MYSQL_CONNECTOR})"
|
|
fi
|
|
|
|
# Apply SQL Schema Upgrades (CRITICAL!)
|
|
if [[ "$CURRENT_SERVER" != "$LATEST_SERVER" ]]; then
|
|
msg_info "Applying MySQL Schema Upgrades"
|
|
cd /tmp/guacamole-auth-jdbc-"${LATEST_SERVER}"/mysql/schema/upgrade/
|
|
UPGRADE_FILES=($(ls -1 upgrade-pre-*.sql 2>/dev/null | sort -V))
|
|
|
|
if [[ ${#UPGRADE_FILES[@]} -gt 0 ]]; then
|
|
for SQL_FILE in "${UPGRADE_FILES[@]}"; do
|
|
FILE_VERSION=$(echo ${SQL_FILE} | grep -oP 'upgrade-pre-\K[0-9\.]+(?=\.)')
|
|
# Apply upgrade if file version is newer than current but older/equal to target
|
|
if [[ $(echo -e "${FILE_VERSION}\n${CURRENT_SERVER}" | sort -V | head -n1) == "${CURRENT_SERVER}" && "${FILE_VERSION}" != "${CURRENT_SERVER}" ]]; then
|
|
msg_info "Applying schema patch: ${SQL_FILE}"
|
|
mysql -u root guacamole_db <"${SQL_FILE}" 2>/dev/null
|
|
if [[ $? -eq 0 ]]; then
|
|
msg_ok "Applied ${SQL_FILE}"
|
|
else
|
|
msg_warn "Failed to apply ${SQL_FILE} (may already be applied)"
|
|
fi
|
|
fi
|
|
done
|
|
fi
|
|
rm -rf /tmp/guacamole-auth-jdbc*
|
|
msg_ok "MySQL Schema updated"
|
|
fi
|
|
|
|
# Check and upgrade optional extensions
|
|
# TOTP Extension
|
|
if [[ -f /etc/guacamole/extensions/guacamole-auth-totp-*.jar ]]; then
|
|
msg_info "Updating TOTP Extension"
|
|
rm -f /etc/guacamole/extensions/guacamole-auth-totp-*.jar
|
|
curl -fsSL "https://downloads.apache.org/guacamole/${LATEST_SERVER}/binary/guacamole-auth-totp-${LATEST_SERVER}.tar.gz" -o "/tmp/guacamole-auth-totp.tar.gz"
|
|
$STD tar -xf /tmp/guacamole-auth-totp.tar.gz -C /tmp
|
|
mv /tmp/guacamole-auth-totp-"${LATEST_SERVER}"/guacamole-auth-totp-"${LATEST_SERVER}".jar /etc/guacamole/extensions/
|
|
chmod 664 /etc/guacamole/extensions/guacamole-auth-totp-"${LATEST_SERVER}".jar
|
|
rm -rf /tmp/guacamole-auth-totp*
|
|
msg_ok "Updated TOTP Extension"
|
|
fi
|
|
|
|
# DUO Extension
|
|
if [[ -f /etc/guacamole/extensions/guacamole-auth-duo-*.jar ]]; then
|
|
msg_info "Updating DUO Extension"
|
|
rm -f /etc/guacamole/extensions/guacamole-auth-duo-*.jar
|
|
curl -fsSL "https://downloads.apache.org/guacamole/${LATEST_SERVER}/binary/guacamole-auth-duo-${LATEST_SERVER}.tar.gz" -o "/tmp/guacamole-auth-duo.tar.gz"
|
|
$STD tar -xf /tmp/guacamole-auth-duo.tar.gz -C /tmp
|
|
mv /tmp/guacamole-auth-duo-"${LATEST_SERVER}"/guacamole-auth-duo-"${LATEST_SERVER}".jar /etc/guacamole/extensions/
|
|
chmod 664 /etc/guacamole/extensions/guacamole-auth-duo-"${LATEST_SERVER}".jar
|
|
rm -rf /tmp/guacamole-auth-duo*
|
|
msg_ok "Updated DUO Extension"
|
|
fi
|
|
|
|
# LDAP Extension
|
|
if [[ -f /etc/guacamole/extensions/guacamole-auth-ldap-*.jar ]]; then
|
|
msg_info "Updating LDAP Extension"
|
|
rm -f /etc/guacamole/extensions/guacamole-auth-ldap-*.jar
|
|
curl -fsSL "https://downloads.apache.org/guacamole/${LATEST_SERVER}/binary/guacamole-auth-ldap-${LATEST_SERVER}.tar.gz" -o "/tmp/guacamole-auth-ldap.tar.gz"
|
|
$STD tar -xf /tmp/guacamole-auth-ldap.tar.gz -C /tmp
|
|
mv /tmp/guacamole-auth-ldap-"${LATEST_SERVER}"/guacamole-auth-ldap-"${LATEST_SERVER}".jar /etc/guacamole/extensions/
|
|
chmod 664 /etc/guacamole/extensions/guacamole-auth-ldap-"${LATEST_SERVER}".jar
|
|
rm -rf /tmp/guacamole-auth-ldap*
|
|
msg_ok "Updated LDAP Extension"
|
|
fi
|
|
|
|
# Quick Connect Extension
|
|
if [[ -f /etc/guacamole/extensions/guacamole-auth-quickconnect-*.jar ]]; then
|
|
msg_info "Updating Quick Connect Extension"
|
|
rm -f /etc/guacamole/extensions/guacamole-auth-quickconnect-*.jar
|
|
curl -fsSL "https://downloads.apache.org/guacamole/${LATEST_SERVER}/binary/guacamole-auth-quickconnect-${LATEST_SERVER}.tar.gz" -o "/tmp/guacamole-auth-quickconnect.tar.gz"
|
|
$STD tar -xf /tmp/guacamole-auth-quickconnect.tar.gz -C /tmp
|
|
mv /tmp/guacamole-auth-quickconnect-"${LATEST_SERVER}"/guacamole-auth-quickconnect-"${LATEST_SERVER}".jar /etc/guacamole/extensions/
|
|
chmod 664 /etc/guacamole/extensions/guacamole-auth-quickconnect-"${LATEST_SERVER}".jar
|
|
rm -rf /tmp/guacamole-auth-quickconnect*
|
|
msg_ok "Updated Quick Connect Extension"
|
|
fi
|
|
|
|
# History Recording Storage Extension
|
|
if [[ -f /etc/guacamole/extensions/guacamole-history-recording-storage-*.jar ]]; then
|
|
msg_info "Updating History Recording Storage Extension"
|
|
rm -f /etc/guacamole/extensions/guacamole-history-recording-storage-*.jar
|
|
curl -fsSL "https://downloads.apache.org/guacamole/${LATEST_SERVER}/binary/guacamole-history-recording-storage-${LATEST_SERVER}.tar.gz" -o "/tmp/guacamole-history-recording-storage.tar.gz"
|
|
$STD tar -xf /tmp/guacamole-history-recording-storage.tar.gz -C /tmp
|
|
mv /tmp/guacamole-history-recording-storage-"${LATEST_SERVER}"/guacamole-history-recording-storage-"${LATEST_SERVER}".jar /etc/guacamole/extensions/
|
|
chmod 664 /etc/guacamole/extensions/guacamole-history-recording-storage-"${LATEST_SERVER}".jar
|
|
rm -rf /tmp/guacamole-history-recording-storage*
|
|
msg_ok "Updated History Recording Storage Extension"
|
|
fi
|
|
|
|
# Reset permissions and prepare for service start
|
|
msg_info "Resetting permissions"
|
|
mkdir -p /var/guacamole
|
|
chown daemon:daemon /var/guacamole
|
|
mkdir -p /home/daemon/.config/freerdp
|
|
chown daemon:daemon /home/daemon/.config/freerdp
|
|
msg_ok "Permissions reset"
|
|
|
|
msg_info "Starting Services"
|
|
systemctl daemon-reload
|
|
systemctl start tomcat guacd
|
|
msg_ok "Started Services"
|
|
msg_ok "Updated successfully!"
|
|
exit
|
|
}
|
|
|
|
start
|
|
build_container
|
|
description
|
|
|
|
msg_ok "Completed successfully!\n"
|
|
echo -e "${CREATING}${GN}${APP} setup has been successfully initialized!${CL}"
|
|
echo -e "${INFO}${YW} Access it using the following URL:${CL}"
|
|
echo -e "${TAB}${GATEWAY}${BGN}http://${IP}:8080/guacamole${CL}"
|