Easy-Guacamole-Installer/upgrade-guac.sh

#!/bin/bash
######################################################################################################################
# Guacamole appliance upgrade script
# For Ubuntu / Debian / Raspbian
# David Harrop
# April 2023
#######################################################################################################################

#######################################################################################################################
# Script pre-flight checks and settings ###############################################################################
#######################################################################################################################

clear

# Prepare text output colours
GREY='\033[0;37m'
DGREY='\033[0;90m'
GREYB='\033[1;37m'
LRED='\033[0;91m'
LGREEN='\033[0;92m'
LYELLOW='\033[0;93m'
NC='\033[0m' #No Colour

# Check if user is root or sudo
if ! [ $(id -u) = 0 ]; then
    echo
    echo -e "${LGREEN}Please run this script as sudo or root${NC}" 1>&2
    exit 1
fi

#Setup download and temp directory paths
USER_HOME_DIR=$(eval echo ~${SUDO_USER})
DOWNLOAD_DIR=$USER_HOME_DIR/guac-setup/upgrade

# Setup directory locations
mkdir -p $DOWNLOAD_DIR

# Check to see if any previous version of build/install files exist, if so stop and check to be safe.
if [ "$(find . -maxdepth 2 \( -name 'guacamole-*' -o -name 'mysql-connector-j-*' \))" != "" ]; then
    echo
    echo -e "${LRED}Possible previous upgrade files detected. Please review and remove old guacamole install files before proceeding.${GREY}" 1>&2
    echo
    exit 1
fi

#######################################################################################################################
# Initial environment setup ###########################################################################################
#######################################################################################################################

# Script branding header
echo
echo -e "${GREYB}Itiligent Virtual Desktop Appliance UPGRADE"
echo -e "                    ${LGREEN}Powered by Guacamole"
echo

# Version of Guacamole to upgrade to
NEW_GUAC_VERSION="1.5.3"

# Get the currently installed Tomcat version.
TOMCAT_VERSION=$(ls /etc/ | grep tomcat)

# Get the currently installed Guacamole version
OLD_GUAC_VERSION=$(grep -oP 'Guacamole.API_VERSION = "\K[0-9\.]+' /var/lib/${TOMCAT_VERSION}/webapps/guacamole/guacamole-common-js/modules/Version.js)

# Set preferred Apache CDN download link
GUAC_SOURCE_LINK="http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/${NEW_GUAC_VERSION}"
# Set preferred Apache CDN download link

# Install log Location
LOG_LOCATION="${DOWNLOAD_DIR}/guacamole_${NEW_GUAC_VERSION}_upgrade.log"

# Auto updated values from main installer
MYSQL_HOST=
MYSQL_PORT=
GUAC_USER=
GUAC_PWD=
GUAC_DB=
MYSQL_ROOT_PWD=

#######################################################################################################################
# Prompt inputs if used as a standalone script (without auto updated variables) #######################################
#######################################################################################################################

echo
# Get MySQL Hostname or IP
if [ -z "${MYSQL_HOST}" ]; then
    read -p "Enter MySQL server hostname or IP [localhost]: " MYSQL_HOST
    echo
fi

# Get MySQL Port
if [ -z "${MYSQL_PORT}" ]; then
    read -p "Enter MySQL server port [3306]: " MYSQL_PORT
    echo
fi

# Get MySQL database name
if [ -z "${GUAC_DB}" ]; then
    read -p "Enter Guacamole database name [guacamole_db]: " GUAC_DB
    echo
fi

# Get MySQL user name
if [ -z "${GUAC_USER}" ]; then
    read -p "Enter Guacamole user name [guacamole_user]: " GUAC_USER
    echo
fi

# Get Guacamole User password, confirm correct password entry and prevent blank passwords
if [ -z "${GUAC_PWD}" ]; then
    read -s -p "Enter MySQL guacamole_user password: " GUAC_PWD
    echo
fi

# Get MySQL root password
if [ -z "${MYSQL_ROOT_PWD}" ]; then
    echo
    read -s -p "Enter MySQL root password: " MYSQL_ROOT_PWD
    echo
fi

# Set prompt input defaults if values not given

# Checking if a mysql host given, if not set a default
if [ -z "${MYSQL_HOST}" ]; then
    MYSQL_HOST="localhost"
fi

# Checking if a mysql port given, if not set a default
if [ -z "${MYSQL_PORT}" ]; then
    MYSQL_PORT="3306"
fi

# Checking if a database name given, if not set a default
if [ -z "${GUAC_DB}" ]; then
    GUAC_DB="guacamole_db"
fi

# Checking if a mysql user given, if not set a default
if [ -z "${GUAC_USER}" ]; then
    GUAC_USER="guacamole_user"
fi


#######################################################################################################################
# Start upgrade actions  ##############################################################################################
#######################################################################################################################

sudo apt-get upgrade -qq -y

# Stop tomcat and guacd
systemctl stop ${TOMCAT_VERSION}
systemctl stop guacd

cd $DOWNLOAD_DIR

echo
echo -e "${GREY}Beginning Guacamole ${OLD_GUAC_VERSION} to ${NEW_GUAC_VERSION} upgrade..."
wget -q --show-progress -O guacamole-${NEW_GUAC_VERSION}.war ${GUAC_SOURCE_LINK}/binary/guacamole-${NEW_GUAC_VERSION}.war
if [ $? -ne 0 ]; then
    echo -e "${LRED}Failed to download guacamole-${NEW_GUAC_VERSION}.war" 1>&2
    echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-${NEW_GUAC_VERSION}.war${GREY}"
    exit 1
else
    rm /etc/guacamole/guacamole.war
    mv -f guacamole-${NEW_GUAC_VERSION}.war /etc/guacamole/guacamole.war
fi
echo -e "${LGREEN}Upgraded Guacamole client to version ${NEW_GUAC_VERSION}${GREY}"

# Download and upgrade Guacamole SQL authentication extension
wget -q --show-progress -O guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz
if [ $? -ne 0 ]; then
    echo -e "${LRED}Failed to download guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz" 1>&2
    echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz"
    exit 1
else
    tar -xzf guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz
    rm /etc/guacamole/extensions/guacamole-auth-jdbc-*.jar
    mv -f guacamole-auth-jdbc-${NEW_GUAC_VERSION}/mysql/guacamole-auth-jdbc-mysql-${NEW_GUAC_VERSION}.jar /etc/guacamole/extensions/
fi
echo -e "${LGREEN}Upgraded Guacamole SQL jdbc to version ${NEW_GUAC_VERSION}${GREY}"

# Download Guacamole Server
wget -q --show-progress -O guacamole-server-${NEW_GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/source/guacamole-server-${NEW_GUAC_VERSION}.tar.gz
if [ $? -ne 0 ]; then
    echo -e "${LRED}Failed to download guacamole-server-${NEW_GUAC_VERSION}.tar.gz" 1>&2
    echo -e "${GUAC_SOURCE_LINK}/source/guacamole-server-${NEW_GUAC_VERSION}.tar.gz${GREY}"
    exit 1
else
    tar -xzf guacamole-server-${NEW_GUAC_VERSION}.tar.gz
fi
echo -e "${LGREEN}Downloaded guacamole-server-${NEW_GUAC_VERSION}.tar.gz${GREY}"

# Make and install guacd (Guacamole-Server)
cd guacamole-server-${NEW_GUAC_VERSION}/
echo
echo -e "${GREY}Compiling Guacamole-Server ${NEW_GUAC_VERSION} from source with with GCC $(gcc --version | head -n1 | grep -oP '\)\K.*' | awk '{print $1}'), this might take a few minutes...${GREY}"
# Fix for warnings see #222 https://github.com/MysticRyuujin/guac-install/issues/222
export CFLAGS="-Wno-error"
# Configure Guacamole Server source
./configure --with-systemd-dir=/etc/systemd/system &>>${LOG_LOCATION}
if [ $? -ne 0 ]; then
    echo "Failed to configure guacamole-server"
    echo "Trying again with --enable-allow-freerdp-snapshots"
    ./configure --with-systemd-dir=/etc/systemd/system --enable-allow-freerdp-snapshots
    if [ $? -ne 0 ]; then
        echo "Failed to configure guacamole-server - again"
        exit
    fi
else
    echo -e "${LGREEN}OK${GREY}"
    echo
fi

echo -e "${GREY}Running make and building the upgraded Guacamole-Server application..."
make &>>${LOG_LOCATION}
if [ $? -ne 0 ]; then
    echo -e "${LRED}Failed. See ${LOG_LOCATION}${GREY}" 1>&2
    exit 1
else
    echo -e "${LGREEN}OK${GREY}"
    echo
fi

echo -e "${GREY}Installing the upgraded Guacamole-Server..."
make install &>>${LOG_LOCATION}
if [ $? -ne 0 ]; then
    echo -e "${LRED}Failed. See ${LOG_LOCATION}${GREY}" 1>&2
    exit 1
else
    echo -e "${LGREEN}OK${GREY}"
    echo
fi
ldconfig

cd ..

# Get list of SQL Upgrade Files
echo -e "${GREY}Upgrading MySQL Schema..."
UPGRADEFILES=($(ls -1 guacamole-auth-jdbc-${NEW_GUAC_VERSION}/mysql/schema/upgrade/ | sort -V))

# Compare SQL Upgrage Files against old version, apply upgrades as needed
for FILE in ${UPGRADEFILES[@]}; do
    FILEVERSION=$(echo ${FILE} | grep -oP 'upgrade-pre-\K[0-9\.]+(?=\.)')
    if [[ $(echo -e "${FILEVERSION}\n${OLD_GUAC_VERSION}" | sort -V | head -n1) == ${OLD_GUAC_VERSION} && ${FILEVERSION} != ${OLD_GUAC_VERSION} ]]; then
        echo "Patching ${GUAC_DB} with ${FILE}"
        mysql -u root -D ${GUAC_DB} -h ${MYSQL_HOST} -P ${MYSQL_PORT} <guacamole-auth-jdbc-${NEW_GUAC_VERSION}/mysql/schema/upgrade/${FILE} &>>${LOG_LOCATION}
    fi
done
if [ $? -ne 0 ]; then
    echo -e "${LRED}SQL upgrade failed. See ${LOG_LOCATION}${GREY}" 1>&2
    exit 1
else
    echo -e "${LGREEN}OK${GREY}"
    echo
fi

# Check for DUO extension and upgrade if found
for file in /etc/guacamole/extensions/guacamole-auth-duo*.jar; do
    if [[ -f $file ]]; then
        echo -e "${LGREEN}DUO authentication extension was found, upgrading...${GREY}"
        rm /etc/guacamole/extensions/guacamole-auth-duo*.jar &>>${LOG_LOCATION}
        wget -q --show-progress -O guacamole-auth-duo-${NEW_GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-duo-${NEW_GUAC_VERSION}.tar.gz
        if [ $? -ne 0 ]; then
            echo -e "${LRED}Failed to download guacamole-auth-duo-${NEW_GUAC_VERSION}.tar.gz" 1>&2
            echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-duo-${NEW_GUAC_VERSION}.tar.gz"
            exit 1
        fi
        tar -xzf guacamole-auth-duo-${NEW_GUAC_VERSION}.tar.gz &>>${LOG_LOCATION}
        mv -f guacamole-auth-duo-${NEW_GUAC_VERSION}/guacamole-auth-duo-${NEW_GUAC_VERSION}.jar /etc/guacamole/extensions/ &>>${LOG_LOCATION}
        echo -e "${LGREEN}Upgraded DUO extension to version ${NEW_GUAC_VERSION}${GREY}"
        echo
        break
    fi
done

# Check for LDAP extension and upgrade if found
for file in /etc/guacamole/extensions/guacamole-auth-ldap*.jar; do
    if [[ -f $file ]]; then
        echo -e "${LGREEN}LDAP authentication extension was found, upgrading...${GREY}"
        rm /etc/guacamole/extensions/guacamole-auth-ldap*.jar &>>${LOG_LOCATION}
        wget -q --show-progress -O guacamole-auth-ldap-${NEW_GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-ldap-${NEW_GUAC_VERSION}.tar.gz
        if [ $? -ne 0 ]; then
            echo -e "${LRED}Failed to download guacamole-auth-ldap-${NEW_GUAC_VERSION}.tar.gz" 1>&2
            echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-ldap-${NEW_GUAC_VERSION}.tar.gz"
            exit 1
        fi
        tar -xzf guacamole-auth-ldap-${NEW_GUAC_VERSION}.tar.gz &>>${LOG_LOCATION}
        mv -f guacamole-auth-ldap-${NEW_GUAC_VERSION}/guacamole-auth-ldap-${NEW_GUAC_VERSION}.jar /etc/guacamole/extensions/ &>>${LOG_LOCATION}
        echo -e "${LGREEN}Upgraded LDAP extension to version ${NEW_GUAC_VERSION}${GREY}"
        echo
        break
    fi
done

# Check for TOTP extension and upgrade if found
for file in /etc/guacamole/extensions/guacamole-auth-totp*.jar; do
    if [[ -f $file ]]; then
        echo -e "${LGREEN}TOTP authentication extension was found, upgrading...${GREY}"
        rm /etc/guacamole/extensions/guacamole-auth-totp*.jar &>>${LOG_LOCATION}
        wget -q --show-progress -O guacamole-auth-totp-${NEW_GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-totp-${NEW_GUAC_VERSION}.tar.gz
        if [ $? -ne 0 ]; then
            echo -e "${LRED}Failed to download guacamole-auth-totp-${NEW_GUAC_VERSION}.tar.gz" 1>&2
            echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-totp-${NEW_GUAC_VERSION}.tar.gz"
            exit 1
        fi
        tar -xzf guacamole-auth-totp-${NEW_GUAC_VERSION}.tar.gz &>>${LOG_LOCATION}
        mv -f guacamole-auth-totp-${NEW_GUAC_VERSION}/guacamole-auth-totp-${NEW_GUAC_VERSION}.jar /etc/guacamole/extensions/ &>>${LOG_LOCATION}
        echo -e "${LGREEN}Upgraded TOTP extension to version ${NEW_GUAC_VERSION}${GREY}"
        echo
        break
    fi
done

# Check for Quick Connection extension and upgrade if found
for file in /etc/guacamole/extensions/guacamole-auth-quickconnect*.jar; do
    if [[ -f $file ]]; then
        echo -e "${LGREEN}Quick Connect extension was found, upgrading...${GREY}"
        rm /etc/guacamole/extensions/guacamole-auth-quickconnect*.jar &>>${LOG_LOCATION}
        wget -q --show-progress -O guacamole-auth-quickconnect-${NEW_GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-quickconnect-${NEW_GUAC_VERSION}.tar.gz
        if [ $? -ne 0 ]; then
            echo -e "${LRED}Failed to download guacamole-auth-quickconnect-${NEW_GUAC_VERSION}.tar.gz" 1>&2
            echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-quickconnect-${NEW_GUAC_VERSION}.tar.gz"
            exit 1
        fi
        tar -xzf guacamole-auth-quickconnect-${NEW_GUAC_VERSION}.tar.gz &>>${LOG_LOCATION}
        mv -f guacamole-auth-quickconnect-${NEW_GUAC_VERSION}/guacamole-auth-quickconnect-${NEW_GUAC_VERSION}.jar /etc/guacamole/extensions/ &>>${LOG_LOCATION}
        echo -e "${LGREEN}Upgraded Quick Connect extension to version ${NEW_GUAC_VERSION}${GREY}"
        echo
        break
    fi
done

# Check for History Recording Storage extension and upgrade if found
for file in /etc/guacamole/extensions/guacamole-history-recording-storage*.jar; do
    if [[ -f $file ]]; then
        echo -e "${LGREEN}History Recording Storage extension was found, upgrading...${GREY}"
        rm /etc/guacamole/extensions/guacamole-history-recording-storage*.jar &>>${LOG_LOCATION}
        wget -q --show-progress -O guacamole-history-recording-storage-${NEW_GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-history-recording-storage-${NEW_GUAC_VERSION}.tar.gz
        if [ $? -ne 0 ]; then
            echo -e "${LRED}Failed to download guacamole-history-recording-storage-${NEW_GUAC_VERSION}.tar.gz" 1>&2
            echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-history-recording-storage-${NEW_GUAC_VERSION}.tar.gz"
            exit 1
        fi
        tar -xzf guacamole-history-recording-storage-${NEW_GUAC_VERSION}.tar.gz &>>${LOG_LOCATION}
        mv -f guacamole-history-recording-storage-${NEW_GUAC_VERSION}/guacamole-history-recording-storage-${NEW_GUAC_VERSION}.jar /etc/guacamole/extensions/ &>>${LOG_LOCATION}
        echo -e "${LGREEN}Upgraded History Recording Storage extension to version ${NEW_GUAC_VERSION}${GREY}"
        echo
        break
    fi
done

# Fix for #196 see https://github.com/MysticRyuujin/guac-install/issues/196
mkdir -p /usr/sbin/.config/freerdp
chown daemon:daemon /usr/sbin/.config/freerdp

# Fix for #197 see https://github.com/MysticRyuujin/guac-install/issues/197
mkdir -p /var/guacamole
chown daemon:daemon /var/guacamole


# Bring guacd and Tomcat back up
echo -e "${GREY}Starting guacd and Tomcat services..."
systemctl enable guacd
systemctl start guacd
systemctl start ${TOMCAT_VERSION}
if [ $? -ne 0 ]; then
    echo -e "${LRED}Failed. See ${LOG_LOCATION}${GREY}" 1>&2
    exit 1
else
    echo -e "${LGREEN}OK${GREY}"
    echo
fi

# Cleanup
echo -e "${GREY}Clean up install files...${GREY}"
rm -rf guacamole-*
unset MYSQL_PWD
if [ $? -ne 0 ]; then
    echo -e "${LRED}Failed. See ${LOG_LOCATION}${GREY}" 1>&2
    exit 1
else
    echo -e "${LGREEN}OK${GREY}"
    echo
fi

# Done
printf "${LGREEN}Guacamole ${NEW_GUAC_VERSION} upgrade complete! \n${NC}"
echo -e ${NC}