install.sh

#!/bin/bash

sudo systemctl stop caserverapi.service

set -e
UBUNTU=false
DEBIAN=false
if [ "$(uname)" = "Linux" ]
then
	#LINUX=1
	if type apt-get
	then
		OS_ID=$(lsb_release -is)
		if [ "$OS_ID" = "Debian" ]; then
			DEBIAN=true
		else
			UBUNTU=true
		fi
	fi
fi

UBUNTU_PRE_2004=false
if $UBUNTU
then
	LSB_RELEASE=$(lsb_release -rs)
	# Mint 20.04 repsonds with 20 here so 20 instead of 20.04
	UBUNTU_PRE_2004=$(( $LSB_RELEASE<20 ))
	UBUNTU_2100=$(( $LSB_RELEASE>=21 ))
fi

if [ "$(uname)" = "Linux" ]
then
	#LINUX=1
	if [ "$UBUNTU" = "true" ] && [ "$UBUNTU_PRE_2004" = "1" ]
	then
		# Ubuntu
		echo "Installing on Ubuntu pre 20.04 LTS."
		set +e
		sudo apt-get update
		set -e
		sudo apt-get install -y python3.7-venv python3.7-distutils python3.7-dev
	elif [ "$UBUNTU" = "true" ] && [ "$UBUNTU_PRE_2004" = "0" ] && [ "$UBUNTU_2100" = "0" ]
	then
		echo "Installing on Ubuntu 20.04 LTS."
		set +e
		sudo apt-get update
		set -e
		sudo apt-get install -y python3.8-venv python3-distutils python3.8-dev
	elif [ "$UBUNTU" = "true" ] && [ "$UBUNTU_2100" = "1" ]
	then
		echo "Installing on Ubuntu 21.04 or newer."
		set +e
		sudo apt-get update
		set -e
		sudo apt-get install -y python3.9-venv python3-distutils python3.9-dev
	elif [ "$DEBIAN" = "true" ]
	then
		echo "Installing on Debian."
		set +e
		sudo apt-get update
		set -e
		sudo apt-get install -y python3-venv  python3-dev
	else
		echo "os not support"
		exit 0
	fi
else
	echo "os not support"
    exit 0
fi

find_python() {
	set +e
	unset BEST_VERSION
	for V in 39 3.9 38 3.8 37 3.7 3; do
		if which python$V >/dev/null; then
			if [ "$BEST_VERSION" = "" ]; then
				BEST_VERSION=$V
			fi
		fi
	done
	echo $BEST_VERSION
	set -e
}

if [ "$INSTALL_PYTHON_VERSION" = "" ]; then
	INSTALL_PYTHON_VERSION=$(find_python)
fi

INSTALL_PYTHON_PATH=python${INSTALL_PYTHON_VERSION:-3.7}

echo "Python version is $INSTALL_PYTHON_VERSION"

sudo apt-get install -y git wget curl

if ! [ -e /usr/local/share/easy-rsa ]
then
    git clone https://github.com/OpenVPN/easy-rsa
    rm -r /usr/local/share/easy-rsa
    mv easy-rsa/easyrsa3 /usr/local/share/easy-rsa
    ln -s ../share/easy-rsa/easyrsa /usr/local/bin/easyrsa
    rm -r easy-rsa
fi

arch=$(dpkg --print-architecture)

wget https://github.com/mikefarah/yq/releases/download/v4.17.2/yq_linux_${arch}.tar.gz -O - | tar xz && sudo mv yq_linux_${arch} /usr/bin/yq

set +e
sudo mkdir /etc/caserverapi 2> /dev/null
set -e

for filename in requirements.txt main.py conf sign .gitignore
do
	sudo cp -r $filename /etc/caserverapi/
done

for filename in config.yaml
do
    if ! [ -f /etc/caserverapi/config.yaml ]
    then
	    sudo cp -r $filename /etc/caserverapi/
    fi
done

sudo cp caserverapi.sh /usr/local/bin/caserverapi
sudo chmod +x /usr/local/bin/caserverapi


sudo cp caserverapi.service /etc/systemd/system/caserverapi.service

cd /etc/caserverapi

if [ ! -f server.key ] && [ ! -f server.crt ]
then
	sudo openssl req -x509 -new -nodes -days 3650 -newkey 2048 -keyout server.key -out server.crt -subj "/CN=$(hostname)"
fi

$INSTALL_PYTHON_PATH -m venv venv
. ./venv/bin/activate
python -m pip install --upgrade pip
python -m pip install wheel
python -m pip install -r requirements.txt
deactivate

if [ ! -d pki ]
then
    sudo easyrsa init-pki
fi

if [ ! -f pki/ca.crt ]
then
    sudo easyrsa build-ca nopass
fi

if [ ! -f pki/crl.pem ]
then
    sudo easyrsa gen-crl
fi

sudo systemctl daemon-reload

echo ""
echo ""
echo "CA Server API Service install.sh complete."
echo "please request your certificate from ca (or you can just use self signed certificate and put your server certificate and server private key in /etc/caserverapi name to server.crt and server.key ."
echo "Then you can use systemctl start caserverapi.service to start the service"
echo "If you want to auto run on boot please type 'systemctl enable caserverapi.service'"