-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathinstall-database.sh
More file actions
314 lines (253 loc) · 9.68 KB
/
install-database.sh
File metadata and controls
314 lines (253 loc) · 9.68 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
#!/bin/bash
# SteerDock MySQL 8.4 Installation Script
set -e
echo "SteerDock MySQL 8.4 Installation"
echo "================================"
if [ "$EUID" -ne 0 ]; then
echo "Please run as root (use sudo)"
exit 1
fi
# Read environment variables
if [ -f ".env" ]; then
# Read .env file variables
while IFS='=' read -r key value || [ -n "$key" ]; do
# Skip comments and empty lines
[[ "$key" =~ ^#.*$ ]] && continue
[[ -z "$key" ]] && continue
# Remove carriage return from value if present
value=$(echo "$value" | tr -d '\r')
case "$key" in
MYSQL_ROOT_PASSWORD) MYSQL_ROOT_PASSWORD="$value" ;;
MYSQL_PASSWORD) MYSQL_PASSWORD="$value" ;;
MYSQL_DATABASE) MYSQL_DATABASE="$value" ;;
MYSQL_USER) MYSQL_USER="$value" ;;
REDIS_PASSWORD) REDIS_PASSWORD="$value" ;;
esac
done < .env
else
echo ".env file not found"
exit 1
fi
# Set default values
MYSQL_DATABASE=${MYSQL_DATABASE:-steerdock}
MYSQL_USER=${MYSQL_USER:-steerdock}
MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD:-RootPass123!}
MYSQL_PASSWORD=${MYSQL_PASSWORD:-SteerDock123!}
echo "Using: DB=$MYSQL_DATABASE, User=$MYSQL_USER"
# Check and install MySQL
if ! command -v mysql &> /dev/null; then
echo "MySQL not found. Installing MySQL 8.4..."
# Try to install MySQL 8.4 Community Release (compatible with RHEL/CentOS 8/9/Linux)
# First check distribution information
if [ -f /etc/os-release ]; then
. /etc/os-release
OS_ID=$ID
VERSION_ID=$(echo $VERSION_ID | cut -d. -f1)
fi
sudo dnf install -y mysql-server mysql 2>/dev/null || sudo yum install -y mysql-server mysql
# Check again
if ! command -v mysql &> /dev/null; then
echo "Failed to install MySQL. Please install mysql-server manually."
exit 1
fi
echo "MySQL installed successfully."
# Start service
sudo systemctl enable mysqld
sudo systemctl start mysqld
# Wait for log generation as initial password may change due to new installation
sleep 5
fi
# Ensure service is started
if ! sudo systemctl is-active --quiet mysqld; then
sudo systemctl start mysqld
sleep 3
fi
# Get temporary password
echo "Getting temporary MySQL password..."
TEMP_PASSWORD=$(sudo grep 'temporary password' /var/log/mysqld.log 2>/dev/null | tail -1 | awk '{print $NF}')
if [ -z "$TEMP_PASSWORD" ]; then
echo "No temporary password found. Checking if MySQL is running..."
if ! sudo systemctl is-active --quiet mysqld; then
echo "Starting MySQL..."
sudo systemctl start mysqld
sleep 5
TEMP_PASSWORD=$(sudo grep 'temporary password' /var/log/mysqld.log 2>/dev/null | tail -1 | awk '{print $NF}')
fi
fi
if [ -z "$TEMP_PASSWORD" ]; then
echo "ERROR: Cannot find temporary password. Check /var/log/mysqld.log"
echo "You may need to reset MySQL:"
echo "sudo systemctl stop mysqld"
echo "sudo rm -rf /var/lib/mysql/*"
echo "sudo systemctl start mysqld"
exit 1
fi
echo "Temporary password found."
# Step 1: Reset root password
echo "Step 1: Resetting root password..."
# In MySQL 8.4, after logging in with temporary password, the first statement must be ALTER USER
# And the new password must meet the default policy (contains uppercase, lowercase, numbers, special characters)
# So we first use a policy-compliant intermediate password
TEMP_STRONG_PASSWORD='TempPass@1234!'
echo " [1/3] Setting intermediate password (policy-compliant)..."
if mysql -u root -p"$TEMP_PASSWORD" --connect-expired-password <<SQL
ALTER USER 'root'@'localhost' IDENTIFIED BY '${TEMP_STRONG_PASSWORD}';
FLUSH PRIVILEGES;
SQL
then
echo " Intermediate password set successfully"
echo " [2/3] Lowering password policy..."
mysql -u root -p"${TEMP_STRONG_PASSWORD}" <<SQL
SET GLOBAL validate_password.policy=0;
SET GLOBAL validate_password.mixed_case_count=0;
SET GLOBAL validate_password.number_count=0;
SET GLOBAL validate_password.special_char_count=0;
SET GLOBAL validate_password.length=4;
FLUSH PRIVILEGES;
SQL
echo " [3/3] Setting final password..."
mysql -u root -p"${TEMP_STRONG_PASSWORD}" <<SQL
ALTER USER 'root'@'localhost' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}';
FLUSH PRIVILEGES;
SQL
echo "Root password reset successfully!"
else
echo "Failed to reset root password with temporary password (this is expected if already reset)"
echo "Trying alternative method (Safe Mode)..."
# Try safe mode
sudo systemctl stop mysqld
# Find mysqld binary file
MYSQLD_BIN=$(command -v mysqld)
if [ -z "$MYSQLD_BIN" ]; then
if [ -f "/usr/libexec/mysqld" ]; then
MYSQLD_BIN="/usr/libexec/mysqld"
elif [ -f "/usr/sbin/mysqld" ]; then
MYSQLD_BIN="/usr/sbin/mysqld"
fi
fi
if [ -z "$MYSQLD_BIN" ]; then
echo "ERROR: Could not find mysqld binary to run in safe mode."
exit 1
fi
# Manually start mysqld (bind to 127.0.0.1 via TCP to avoid socket issues)
echo "Starting MySQL daemon ($MYSQLD_BIN) in background (Safe Mode TCP)..."
# Ensure directory permissions
sudo mkdir -p /var/run/mysqld
sudo chown mysql:mysql /var/run/mysqld
sudo mkdir -p /var/lib/mysql
sudo chown mysql:mysql /var/lib/mysql
# No longer use --skip-networking, but bind to localhost
sudo -u mysql "$MYSQLD_BIN" --skip-grant-tables --bind-address=127.0.0.1 --port=3306 --user=mysql &
PID=$!
echo "Waiting for MySQL safe mode to start (PID: $PID)..."
sleep 10
# Use TCP connection
mysql -h 127.0.0.1 -P 3306 -u root <<SQL
FLUSH PRIVILEGES;
-- Try to lower password policy requirements
SET GLOBAL validate_password.policy=0;
SET GLOBAL validate_password.mixed_case_count=0;
SET GLOBAL validate_password.number_count=0;
SET GLOBAL validate_password.special_char_count=0;
SET GLOBAL validate_password.length=0;
ALTER USER 'root'@'localhost' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}';
FLUSH PRIVILEGES;
SQL
# Stop mysqld process
if ps -p $PID > /dev/null; then
echo "Stopping MySQL safe mode..."
sudo kill $PID
wait $PID 2>/dev/null || true
else
# If process not found, try pkill
sudo pkill mysqld || true
fi
echo "Restarting MySQL service..."
sudo systemctl start mysqld
sleep 5
fi
# Step 2: Create database and user
echo "Step 2: Creating database and user..."
sleep 2
mysql -u root -p"${MYSQL_ROOT_PASSWORD}" <<SQL 2>/dev/null || { echo "Cannot connect with new password"; exit 1; }
-- Ensure password policy is lowered
SET GLOBAL validate_password.policy=0;
SET GLOBAL validate_password.length=4;
CREATE DATABASE IF NOT EXISTS \`${MYSQL_DATABASE}\` CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER IF NOT EXISTS '${MYSQL_USER}'@'localhost' IDENTIFIED BY '${MYSQL_PASSWORD}';
CREATE USER IF NOT EXISTS '${MYSQL_USER}'@'%' IDENTIFIED BY '${MYSQL_PASSWORD}';
-- Allow root remote connection (for development environment, be careful in production)
CREATE USER IF NOT EXISTS 'root'@'%' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}';
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;
GRANT ALL PRIVILEGES ON \`${MYSQL_DATABASE}\`.* TO '${MYSQL_USER}'@'localhost';
GRANT ALL PRIVILEGES ON \`${MYSQL_DATABASE}\`.* TO '${MYSQL_USER}'@'%';
FLUSH PRIVILEGES;
SELECT 'Database created successfully' AS message;
SELECT user, host FROM mysql.user WHERE user LIKE '%${MYSQL_USER}%' OR user = 'root';
SHOW DATABASES LIKE '${MYSQL_DATABASE}';
SQL
# Configure remote access
echo "Configuring MySQL for remote access..."
sudo tee /etc/my.cnf.d/steerdock.cnf <<CONFIG
[mysqld]
bind-address = 0.0.0.0
character-set-server=utf8mb4
collation-server=utf8mb4_unicode_ci
[client]
default-character-set=utf8mb4
CONFIG
sudo systemctl restart mysqld
sleep 2
# Test connections
echo ""
echo "Testing connections..."
if mysql -u root -p"${MYSQL_ROOT_PASSWORD}" -e "SELECT 1;" 2>/dev/null; then
echo "✅ MySQL root connection: OK"
else
echo "❌ MySQL root connection: FAILED"
fi
if mysql -u "${MYSQL_USER}" -p"${MYSQL_PASSWORD}" -e "SELECT 1;" 2>/dev/null; then
echo "✅ MySQL app user connection: OK"
else
echo "❌ MySQL app user connection: FAILED"
fi
# Install Redis
echo ""
echo "Installing Redis..."
sudo dnf install -y epel-release redis 2>/dev/null || yum install -y epel-release redis
# Configure Redis
REDIS_PASSWORD=${REDIS_PASSWORD:-RedisPass123!}
echo "Configuring Redis with password..."
# Backup original configuration
sudo cp /etc/redis.conf /etc/redis.conf.backup 2>/dev/null || true
# Update configuration
sudo sed -i "s/# requirepass .*/requirepass ${REDIS_PASSWORD}/g" /etc/redis.conf 2>/dev/null
sudo sed -i "s/^requirepass.*/requirepass ${REDIS_PASSWORD}/g" /etc/redis.conf 2>/dev/null
sudo sed -i "s/^bind 127.0.0.1/bind 0.0.0.0/g" /etc/redis.conf 2>/dev/null
# If requirepass is not in the file, add it
if ! sudo grep -q "^requirepass" /etc/redis.conf 2>/dev/null; then
echo "requirepass ${REDIS_PASSWORD}" | sudo tee -a /etc/redis.conf
fi
sudo systemctl start redis
sudo systemctl enable redis
echo ""
echo "========================================="
echo "🎉 Installation Complete!"
echo "========================================="
echo ""
echo "MySQL Configuration:"
echo " Host: localhost:3306"
echo " Root Password: ${MYSQL_ROOT_PASSWORD}"
echo " Database: ${MYSQL_DATABASE}"
echo " App User: ${MYSQL_USER}"
echo " App Password: ${MYSQL_PASSWORD}"
echo ""
echo "Redis Configuration:"
echo " Host: localhost:6379"
echo " Password: ${REDIS_PASSWORD}"
echo ""
echo "Test Commands:"
echo " mysql -u root -p'${MYSQL_ROOT_PASSWORD}'"
echo " mysql -u ${MYSQL_USER} -p'${MYSQL_PASSWORD}' -D ${MYSQL_DATABASE}"
echo " redis-cli -a '${REDIS_PASSWORD}' ping"
echo ""