Fixed for Debian 12 and Ubuntu 23.04

Debian 12 ready, Ubuntu 23.04 ready code final review normalized to uniform [[ ]] use, and shfmt to 4 space indents Changes redirect variable name fixed db installing server and client for client installs small tidy ups
2025-12-14 02:12:31 +00:00 · 2023-09-10 22:39:54 +10:00 · 2023-09-10 22:39:54 +10:00 · d150332e63
commit d150332e63
parent a7f8ee6439
20 changed files with 1355 additions and 1337 deletions
--- a/1-setup.sh
+++ b/1-setup.sh
@ -40,30 +40,30 @@ NC='\033[0m' #No Colour
 # Make sure the user is NOT running this script as root
 if [[ $EUID -eq 0 ]]; then
-	echo
+    echo
-	echo -e "${LRED}This script must NOT be run as root, exiting..." 1>&2
+    echo -e "${LRED}This script must NOT be run as root, exiting..." 1>&2
-	echo -e ${NC}
+    echo -e ${NC}
-	exit 1
+    exit 1
 fi
 # Make sure the user is a member of the sudo group
-if ! [ $(id -nG "$USER" 2>/dev/null | egrep "sudo" | wc -l) -gt 0 ]; then
+if ! [[ $(id -nG "$USER" 2>/dev/null | egrep "sudo" | wc -l) -gt 0 ]]; then
-	echo
+    echo
-	echo -e "${LRED}The current user (${USER}) must be a member of the 'sudo' group, exiting..." 1>&2
+    echo -e "${LRED}The current user (${USER}) must be a member of the 'sudo' group, exiting..." 1>&2
-	echo -e ${NC}
+    echo -e ${NC}
-	exit 1
+    exit 1
 fi
 # Check to see if any previous version of build/install files exist, if so stop and check to be safe.
-if [ "$(find . -maxdepth 1 \( -name 'guacamole-*' -o -name 'mysql-connector-j-*' \))" != "" ]; then
+if [[ "$(find . -maxdepth 1 \( -name 'guacamole-*' -o -name 'mysql-connector-j-*' \))" != "" ]]; then
-	echo
+    echo
-	echo -e "${LRED}Possible previous install files detected in current build path. Please review and remove old guacamole install files before proceeding.${GREY}" 1>&2
+    echo -e "${LRED}Possible previous install files detected in current build path. Please review and remove old guacamole install files before proceeding.${GREY}" 1>&2
-	echo
+    echo
-	exit 1
+    exit 1
 fi
 #######################################################################################################################
-# Core setup variables and mandatory inputs ###########################################################################
+# Core setup variables and mandatory inputs - EDIT VARIABLE VALUES TO SUIT ############################################
 #######################################################################################################################
 #  Setup download and temp directory paths
@ -87,32 +87,18 @@ GUAC_SOURCE_LINK="http://apache.org/dyn/closer.cgi?action=download&filename=guac
 # See https://mariadb.org/mariadb/all-releases/ for available versions.
 # Provide a specific MySQL version e.g. 11.1.2 or leave blank to use distro default MySQL packages.
 MYSQL_VERSION=""
-if [ -z "${MYSQL_VERSION}" ]; then
+if [[ -z "${MYSQL_VERSION}" ]]; then
-	# Use Linux distro default version.
+    # Use Linux distro default version.
-	MYSQLS="default-mysql-server default-mysql-client mysql-common"
+    MYSQLSRV="default-mysql-server default-mysql-client mysql-common" # Server
-	MYSQLC="default-mysql-client"
+    MYSQLCLIENT="default-mysql-client" # Client
-	DB_CMD="mysql" # mysql command is depricated
+    DB_CMD="mysql" # mysql command is depricated
 else
-	# Use official mariadb.org repo
+    # Use official mariadb.org repo
-	MYSQLS="mariadb-server mariadb-client mariadb-common"
+    MYSQLSRV="mariadb-server mariadb-client mariadb-common" # Server
-	MYSQLC="mariadb-client"
+    MYSQLCLIENT="mariadb-client" # Client
-	DB_CMD="mariadb" # mysql command is depricated on newer versions
+    DB_CMD="mariadb" # mysql command is depricated on newer versions
 fi
 # Check for the latest version of Tomcat currently supported by the distro
 if [[ $(apt-cache show tomcat10 2>/dev/null | egrep "Version: 10" | wc -l) -gt 0 ]]; then
 	TOMCAT_VERSION="tomcat10"
 elif [[ $(apt-cache show tomcat9 2>/dev/null | egrep "Version: 9" | wc -l) -gt 0 ]]; then
 	TOMCAT_VERSION="tomcat9"
 elif [[ $(apt-cache show tomcat8 2>/dev/null | egrep "Version: 8.[5-9]" | wc -l) -gt 0 ]]; then
 	TOMCAT_VERSION="tomcat8"
 else
 	# Default to version
 	TOMCAT_VERSION="tomcat9"
 fi
 # Uncomment to force a specific Tomcat version here.
 # TOMCAT_VERSION="tomcat9"
 # Install log Location
 INSTALL_LOG="${DOWNLOAD_DIR}/guacamole_${GUAC_VERSION}_setup.log"
@ -123,7 +109,8 @@ GUAC_URL=http://localhost:8080/guacamole/
 # Here the variables for OS variant and library dependency names are initialised.
 source /etc/os-release
 OS_FLAVOUR=$ID
-OS_VERSION=$VERSION
+OS_VERSION=$VERSION_ID
 OS_CODENAME=$VERSION_CODENAME
 JPEGTURBO=""
 LIBPNG=""
@ -131,31 +118,31 @@ LIBPNG=""
 # Get the default route interface IP
 DEFAULT_IP=$(ip addr show $(ip route | awk '/default/ { print $5 }') | grep "inet" | head -n 1 | awk '/inet/ {print $2}' | cut -d'/' -f1)
 get_domain_suffix() {
-	echo "$1" | awk '{print $2}'
+    echo "$1" | awk '{print $2}'
 }
 # Search for "search" and "domain" entries in /etc/resolv.conf
 search_line=$(grep -E '^search[[:space:]]+' /etc/resolv.conf)
 domain_line=$(grep -E '^domain[[:space:]]+' /etc/resolv.conf)
 # Check if both "search" and "domain" lines exist
-if [ -n "$search_line" ] && [ -n "$domain_line" ]; then
+if [[ -n "$search_line" ]] && [[ -n "$domain_line" ]]; then
-	# Both "search" and "domain" lines exist, extract the domain suffix from both
+    # Both "search" and "domain" lines exist, extract the domain suffix from both
-	search_suffix=$(get_domain_suffix "$search_line")
+    search_suffix=$(get_domain_suffix "$search_line")
-	domain_suffix=$(get_domain_suffix "$domain_line")
+    domain_suffix=$(get_domain_suffix "$domain_line")
-	# Print the domain suffix that appears first
+    # Print the domain suffix that appears first
-	if [ ${#search_suffix} -lt ${#domain_suffix} ]; then
+    if [[ ${#search_suffix} -lt ${#domain_suffix} ]]; then
-		DOMAIN_SUFFIX=$search_suffix
+        DOMAIN_SUFFIX=$search_suffix
-	else
+    else
-		DOMAIN_SUFFIX=$domain_suffix
+        DOMAIN_SUFFIX=$domain_suffix
-	fi
+    fi
-elif [ -n "$search_line" ]; then
+elif [[ -n "$search_line" ]]; then
-	# If only "search" line exists
+    # If only "search" line exists
-	DOMAIN_SUFFIX=$(get_domain_suffix "$search_line")
+    DOMAIN_SUFFIX=$(get_domain_suffix "$search_line")
-elif [ -n "$domain_line" ]; then
+elif [[ -n "$domain_line" ]]; then
-	# If only "domain" line exists
+    # If only "domain" line exists
-	DOMAIN_SUFFIX=$(get_domain_suffix "$domain_line")
+    DOMAIN_SUFFIX=$(get_domain_suffix "$domain_line")
 else
-	# If no "search" or "domain" lines found
+    # If no "search" or "domain" lines found
-	DOMAIN_SUFFIX="local"
+    DOMAIN_SUFFIX="local"
 fi
 # Setup directory locations
@ -171,7 +158,7 @@ echo
 echo
 #######################################################################################################################
-# Silent setup options - adding true/false or specific values below prevents prompt at install ########################
+# Silent setup options - true/false or specific values below prevents prompt at install. EDIT TO SUIT #################
 #######################################################################################################################
 SERVER_NAME=""                  # Preferred server hostname
 LOCAL_DOMAIN=""                 # Local DNS space in use
@ -190,7 +177,7 @@ INSTALL_LDAP=""                 # Add Active Directory extension (true/false)
 INSTALL_QCONNECT=""             # Add Guacamole console quick connect feature
 INSTALL_HISTREC=""              # Add Guacamole history recording storage feature
 HISTREC_PATH=""                 # Path to save recorded sessions, default is /var/lib/guacamole/recordings
-CHANGE_ROOT=""                  # Set default Guacamole URL to http root (remove extra "/guacamole" from the default URL)
+GUAC_URL_REDIR=""               # Redirect default Guacamole URL to http root (skip typing the extra "/guacamole" in the URL)
 INSTALL_NGINX=""                # Install and configure Guacamole behind Nginx reverse proxy (http port 80 only, true/false)
 PROXY_SITE=""                   # Local DNS name for reverse proxy and/or self signed TLS certificates
 SELF_SIGN=""                    # Add self signed TLS support to Nginx (Let's Encrypt not available with this option, true/false)
@ -210,7 +197,7 @@ RDP_SHARE_LABEL="RDP Share"     # Custom Windows RDP share drive label (e.g. RDP
 RDP_PRINTER_LABEL="RDP Printer" # Custom Windows RDP printer label
 #######################################################################################################################
-# Download GitHub setup scripts. To prevent overwrite, comment out lines of any scripts you have edited. ##############
+# Download GitHub setup scripts. To prevent overwrite, COMMENT OUT LINES OF ANY SCRIPTS YOU HAVE EDITED. ##############
 #######################################################################################################################
 # Download the set of config scripts from GitHub
@ -255,13 +242,41 @@ echo
 sudo chmod -R 770 $TMP_DIR
 sudo chown -R $SUDO_USER:root $TMP_DIR
-# Workaround for current Debian 12 & Tomcat 10 incompatibilities (Experimental in August 2023)
+#######################################################################################################################
-if [[ $OS_FLAVOUR = "debian" ]] && [[ $OS_VERSION = *"bookworm"* ]]; then
+# Determine the correct version of Tomcat use #########################################################################
-	# Add the oldstable repo and downgrade tomcat version install
+#######################################################################################################################
-	echo "deb http://deb.debian.org/debian/ bullseye main" | sudo tee /etc/apt/sources.list.d/bullseye.list >/dev/null
+
-	TOMCAT_VERSION="tomcat9"
+# Check for the latest version of Tomcat currently supported by the distro
 if [[ $(apt-cache show tomcat10 2>/dev/null | egrep "Version: 10" | wc -l) -gt 0 ]]; then
    TOMCAT_VERSION="tomcat10"
 elif [[ $(apt-cache show tomcat9 2>/dev/null | egrep "Version: 9" | wc -l) -gt 0 ]]; then
    TOMCAT_VERSION="tomcat9"
 elif [[ $(apt-cache show tomcat8 2>/dev/null | egrep "Version: 8.[5-9]" | wc -l) -gt 0 ]]; then
    TOMCAT_VERSION="tomcat8"
 else
    # Default to version
    TOMCAT_VERSION="tomcat9"
 fi
 # Workaround for current Debian 12 & Tomcat 10 incompatibilities
 if [[ ${OS_FLAVOUR,,} = "debian" ]] && [[ ${OS_CODENAME,,} = *"bookworm"* ]]; then #(checks for upper and lower case)
    # Add the oldstable repo and downgrade tomcat version install
    echo "deb http://deb.debian.org/debian/ bullseye main" | sudo tee /etc/apt/sources.list.d/bullseye.list >/dev/null
    TOMCAT_VERSION="tomcat9"
 fi
 # Workaround for Ubuntu 23.x & Tomcat 10 incompatibilities
 if [[ ${OS_FLAVOUR,,} = "ubuntu" ]] && [[ ${OS_CODENAME,,} = *"lunar"* ]]; then  #(checks for upper and lower case)
    TOMCAT_VERSION="tomcat9"
 fi
 # Uncomment to force a specific Tomcat version here.
 # TOMCAT_VERSION="tomcat9"
 #######################################################################################################################
 # DO NOT EDIT PAST THIS POINT #########################################################################################
 #######################################################################################################################
 #######################################################################################################################
 # Begin install menu prompts ##########################################################################################
 #######################################################################################################################
@ -272,70 +287,70 @@ fi
 # Ensure SERVER_NAME is consistent with local host entries
 if [[ -z ${SERVER_NAME} ]]; then
-	echo -e "${LYELLOW}Update Linux system HOSTNAME [Enter to keep: ${HOSTNAME}]${LGREEN}"
+    echo -e "${LYELLOW}Update Linux system HOSTNAME [Enter to keep: ${HOSTNAME}]${LGREEN}"
-	read -p "              Enter new HOSTNAME : " SERVER_NAME
+    read -p "              Enter new HOSTNAME : " SERVER_NAME
-	# If hit enter making no SERVER_NAME change, assume the existing hostname as current
+    # If hit enter making no SERVER_NAME change, assume the existing hostname as current
-	if [[ "${SERVER_NAME}" = "" ]]; then
+    if [[ "${SERVER_NAME}" = "" ]]; then
-		SERVER_NAME=$HOSTNAME
+        SERVER_NAME=$HOSTNAME
-	fi
+    fi
-	echo
+    echo
-	# A SERVER_NAME was derived via the prompt
+    # A SERVER_NAME was derived via the prompt
-	# Apply the SERVER_NAME value & remove and update any old 127.0.1.1 local host references
+    # Apply the SERVER_NAME value & remove and update any old 127.0.1.1 local host references
-	sudo hostnamectl set-hostname $SERVER_NAME &>>${INSTALL_LOG}
+    sudo hostnamectl set-hostname $SERVER_NAME &>>${INSTALL_LOG}
-	sudo sed -i '/127.0.1.1/d' /etc/hosts &>>${INSTALL_LOG}
+    sudo sed -i '/127.0.1.1/d' /etc/hosts &>>${INSTALL_LOG}
-	echo '127.0.1.1       '${SERVER_NAME}'' | sudo tee -a /etc/hosts &>>${INSTALL_LOG}
+    echo '127.0.1.1       '${SERVER_NAME}'' | sudo tee -a /etc/hosts &>>${INSTALL_LOG}
-	sudo systemctl restart systemd-hostnamed &>>${INSTALL_LOG}
+    sudo systemctl restart systemd-hostnamed &>>${INSTALL_LOG}
 else
-	echo
+    echo
-	# A SERVER_NAME value was derived from a pre-set silent install option.
+    # A SERVER_NAME value was derived from a pre-set silent install option.
-	# Apply the SERVER_NAME value & remove and update any old 127.0.1.1 local host references
+    # Apply the SERVER_NAME value & remove and update any old 127.0.1.1 local host references
-	sudo hostnamectl set-hostname $SERVER_NAME &>>${INSTALL_LOG}
+    sudo hostnamectl set-hostname $SERVER_NAME &>>${INSTALL_LOG}
-	sudo sed -i '/127.0.1.1/d' /etc/hosts &>>${INSTALL_LOG}
+    sudo sed -i '/127.0.1.1/d' /etc/hosts &>>${INSTALL_LOG}
-	echo '127.0.1.1       '${SERVER_NAME}'' | sudo tee -a /etc/hosts &>>${INSTALL_LOG}
+    echo '127.0.1.1       '${SERVER_NAME}'' | sudo tee -a /etc/hosts &>>${INSTALL_LOG}
-	sudo systemctl restart systemd-hostnamed &>>${INSTALL_LOG}
+    sudo systemctl restart systemd-hostnamed &>>${INSTALL_LOG}
 fi
 # Ensure SERVER_NAME, LOCAL_DOMAIN suffix and host entries are all consistent
 if [[ -z ${LOCAL_DOMAIN} ]]; then
-	echo -e "${LYELLOW}Update Linux LOCAL DNS DOMAIN [Enter to keep: ${DOMAIN_SUFFIX}]${LGREEN}"
+    echo -e "${LYELLOW}Update Linux LOCAL DNS DOMAIN [Enter to keep: ${DOMAIN_SUFFIX}]${LGREEN}"
-	read -p "              Enter FULL LOCAL DOMAIN NAME: " LOCAL_DOMAIN
+    read -p "              Enter FULL LOCAL DOMAIN NAME: " LOCAL_DOMAIN
-	# If hit enter making no LOCAL_DOMAIN name change, assume the existing domain suffix as current
+    # If hit enter making no LOCAL_DOMAIN name change, assume the existing domain suffix as current
-	if [[ "${LOCAL_DOMAIN}" = "" ]]; then
+    if [[ "${LOCAL_DOMAIN}" = "" ]]; then
-		LOCAL_DOMAIN=$DOMAIN_SUFFIX
+        LOCAL_DOMAIN=$DOMAIN_SUFFIX
-	fi
+    fi
-	echo
+    echo
-	# A LOCAL_DOMAIN value was derived via the prompt
+    # A LOCAL_DOMAIN value was derived via the prompt
-	# Remove any old hosts & resolv file values and update these with the new LOCAL_DOMAIN value
+    # Remove any old hosts & resolv file values and update these with the new LOCAL_DOMAIN value
-	sudo sed -i "/${DEFAULT_IP}/d" /etc/hosts
+    sudo sed -i "/${DEFAULT_IP}/d" /etc/hosts
-	sudo sed -i '/domain/d' /etc/resolv.conf
+    sudo sed -i '/domain/d' /etc/resolv.conf
-	sudo sed -i '/search/d' /etc/resolv.conf
+    sudo sed -i '/search/d' /etc/resolv.conf
-	# Refresh the /etc/hosts file with the server name and new local domain value
+    # Refresh the /etc/hosts file with the server name and new local domain value
-	echo ''${DEFAULT_IP}'	'${SERVER_NAME}.${LOCAL_DOMAIN} ${SERVER_NAME}'' | sudo tee -a /etc/hosts &>>${INSTALL_LOG}
+    echo ''${DEFAULT_IP}'	'${SERVER_NAME}.${LOCAL_DOMAIN} ${SERVER_NAME}'' | sudo tee -a /etc/hosts &>>${INSTALL_LOG}
-	# Refresh /etc/resolv.conf with new domain and search suffix values
+    # Refresh /etc/resolv.conf with new domain and search suffix values
-	echo 'domain	'${LOCAL_DOMAIN}'' | sudo tee -a /etc/resolv.conf &>>${INSTALL_LOG}
+    echo 'domain	'${LOCAL_DOMAIN}'' | sudo tee -a /etc/resolv.conf &>>${INSTALL_LOG}
-	echo 'search	'${LOCAL_DOMAIN}'' | sudo tee -a /etc/resolv.conf &>>${INSTALL_LOG}
+    echo 'search	'${LOCAL_DOMAIN}'' | sudo tee -a /etc/resolv.conf &>>${INSTALL_LOG}
-	sudo systemctl restart systemd-hostnamed &>>${INSTALL_LOG}
+    sudo systemctl restart systemd-hostnamed &>>${INSTALL_LOG}
 else
-	echo
+    echo
-	# A LOCAL_DOMIN value was derived from a pre-set silent install option.
+    # A LOCAL_DOMIN value was derived from a pre-set silent install option.
-	# Remove any old hosts & resolv file values and update these with the new LOCAL_DOMAIN value
+    # Remove any old hosts & resolv file values and update these with the new LOCAL_DOMAIN value
-	sudo sed -i "/${DEFAULT_IP}/d" /etc/hosts
+    sudo sed -i "/${DEFAULT_IP}/d" /etc/hosts
-	sudo sed -i '/domain/d' /etc/resolv.conf
+    sudo sed -i '/domain/d' /etc/resolv.conf
-	sudo sed -i '/search/d' /etc/resolv.conf
+    sudo sed -i '/search/d' /etc/resolv.conf
-	# Refresh the /etc/hosts file with the server name and new local domain value
+    # Refresh the /etc/hosts file with the server name and new local domain value
-	echo ''${DEFAULT_IP}'	'${SERVER_NAME}.${LOCAL_DOMAIN} ${SERVER_NAME}'' | sudo tee -a /etc/hosts &>>${INSTALL_LOG}
+    echo ''${DEFAULT_IP}'	'${SERVER_NAME}.${LOCAL_DOMAIN} ${SERVER_NAME}'' | sudo tee -a /etc/hosts &>>${INSTALL_LOG}
-	# Refresh /etc/resolv.conf with new domain and search suffix values
+    # Refresh /etc/resolv.conf with new domain and search suffix values
-	echo 'domain	'${LOCAL_DOMAIN}'' | sudo tee -a /etc/resolv.conf &>>${INSTALL_LOG}
+    echo 'domain	'${LOCAL_DOMAIN}'' | sudo tee -a /etc/resolv.conf &>>${INSTALL_LOG}
-	echo 'search	'${LOCAL_DOMAIN}'' | sudo tee -a /etc/resolv.conf &>>${INSTALL_LOG}
+    echo 'search	'${LOCAL_DOMAIN}'' | sudo tee -a /etc/resolv.conf &>>${INSTALL_LOG}
-	sudo systemctl restart systemd-hostnamed &>>${INSTALL_LOG}
+    sudo systemctl restart systemd-hostnamed &>>${INSTALL_LOG}
 fi
 # Now that $SERVER_NAME and $LOCAL_DOMAIN values are updated and refreshed:
 # Values are merged to build a local FQDN value (used for the default reverse proxy site name.)
 DEFAULT_FQDN=$SERVER_NAME.$LOCAL_DOMAIN
-# The RDP share label default can now assume the updated $SERVER_NAME value if not manually specified in silent setup options.
+# The RDP share label default can now assume the updated $SERVER_NAME value (if not manually specified in silent setup options).
 if [[ -z ${RDP_SHARE_HOST} ]]; then
-	RDP_SHARE_HOST=$SERVER_NAME
+    RDP_SHARE_HOST=$SERVER_NAME
 fi
 clear
@ -350,29 +365,29 @@ echo
 # Prompt the user to install MySQL
 echo -e "${LGREEN}MySQL setup options:${GREY}"
 if [[ -z ${INSTALL_MYSQL} ]]; then
-	echo -e -n "SQL: Install MySQL locally? (to use a remote MySQL Server select 'n') [Y/n] [default y]: ${GREY}"
+    echo -e -n "SQL: Install MySQL locally? (to use a remote MySQL Server select 'n') [Y/n] [default y]: ${GREY}"
-	read PROMPT
+    read PROMPT
-	if [[ ${PROMPT} =~ ^[Nn]$ ]]; then
+    if [[ ${PROMPT} =~ ^[Nn]$ ]]; then
-		INSTALL_MYSQL=false
+        INSTALL_MYSQL=false
-	else
+    else
-		INSTALL_MYSQL=true
+        INSTALL_MYSQL=true
-	fi
+    fi
 fi
 # Prompt the user to apply the Mysql secure installation locally
-if [ -z ${SECURE_MYSQL} ] && [ "${INSTALL_MYSQL}" = true ]; then
+if [[ -z ${SECURE_MYSQL} ]] && [[ "${INSTALL_MYSQL}" = true ]]; then
-	echo -e -n "${GREY}SQL: Apply MySQL secure installation settings to LOCAL db? [Y/n] [default y]: ${GREY}"
+    echo -e -n "${GREY}SQL: Apply MySQL secure installation settings to LOCAL db? [Y/n] [default y]: ${GREY}"
-	read PROMPT
+    read PROMPT
-	if [[ ${PROMPT} =~ ^[Nn]$ ]]; then
+    if [[ ${PROMPT} =~ ^[Nn]$ ]]; then
-		SECURE_MYSQL=false
+        SECURE_MYSQL=false
-	else
+    else
-		SECURE_MYSQL=true
+        SECURE_MYSQL=true
-	fi
+    fi
 fi
 # Prompt the user to apply the Mysql secure installation to remote db
 # This may be problematic on remote databases (for one-script upgrades) as this addition removes remote root login access - a good thing.
-#if [ -z ${SECURE_MYSQL} ] && [ "${INSTALL_MYSQL}" = false ]; then
+#if [[ -z ${SECURE_MYSQL} ]] && [[ "${INSTALL_MYSQL}" = false ]]; then
 #    echo -e -n "${GREY}SQL: Apply MySQL secure installation settings to REMOTE db? [y/N] [default n]: ${GREY}"
 #    read PROMPT
 #    if [[ ${PROMPT} =~ ^[Yy]$ ]]; then
@ -383,243 +398,243 @@ fi
 #fi
 # Get additional MYSQL values
-if [ "${INSTALL_MYSQL}" = false ]; then
+if [[ "${INSTALL_MYSQL}" = false ]]; then
-	[ -z "${MYSQL_HOST}" ] &&
+    [[ -z "${MYSQL_HOST}" ]] &&
-		read -p "SQL: Enter remote MySQL server hostname or IP: " MYSQL_HOST
+        read -p "SQL: Enter remote MySQL server hostname or IP: " MYSQL_HOST
-	[ -z "${MYSQL_PORT}" ] &&
+    [[ -z "${MYSQL_PORT}" ]] &&
-		read -p "SQL: Enter remote MySQL server port [3306]: " MYSQL_PORT
+        read -p "SQL: Enter remote MySQL server port [3306]: " MYSQL_PORT
-	[ -z "${GUAC_DB}" ] &&
+    [[ -z "${GUAC_DB}" ]] &&
-		read -p "SQL: Enter remote Guacamole database name [guacamole_db]: " GUAC_DB
+        read -p "SQL: Enter remote Guacamole database name [guacamole_db]: " GUAC_DB
-	[ -z "${GUAC_USER}" ] &&
+    [[-z "${GUAC_USER}" ]] &&
-		read -p "SQL: Enter remote Guacamole user name [guacamole_user]: " GUAC_USER
+        read -p "SQL: Enter remote Guacamole user name [guacamole_user]: " GUAC_USER
 fi
 # Checking if a mysql host given, if not set a default
-if [ -z "${MYSQL_HOST}" ]; then
+if [[ -z "${MYSQL_HOST}" ]]; then
-	MYSQL_HOST="localhost"
+    MYSQL_HOST="localhost"
 fi
 # Checking if a mysql port given, if not set a default
-if [ -z "${MYSQL_PORT}" ]; then
+if [[ -z "${MYSQL_PORT}" ]]; then
-	MYSQL_PORT="3306"
+    MYSQL_PORT="3306"
 fi
 # Checking if a database name given, if not set a default
-if [ -z "${GUAC_DB}" ]; then
+if [[ -z "${GUAC_DB}" ]]; then
-	GUAC_DB="guacamole_db"
+    GUAC_DB="guacamole_db"
 fi
 # Checking if a mysql user given, if not set a default
-if [ -z "${GUAC_USER}" ]; then
+if [[ -z "${GUAC_USER}" ]]; then
-	GUAC_USER="guacamole_user"
+    GUAC_USER="guacamole_user"
 fi
 echo -e ${LMAGENTA}
 # Get MySQL root password, confirm correct password entry and prevent blank passwords. No root pw needed for remote instances.
-if [ -z "${MYSQL_ROOT_PWD}" ] && [ "${INSTALL_MYSQL}" = true ]; then
+if [[ -z "${MYSQL_ROOT_PWD}" ]] && [[ "${INSTALL_MYSQL}" = true ]]; then
-	while true; do
+    while true; do
-		read -s -p "SQL: Enter ${MYSQL_HOST}'s MySQL ROOT password: " MYSQL_ROOT_PWD
+        read -s -p "SQL: Enter ${MYSQL_HOST}'s MySQL ROOT password: " MYSQL_ROOT_PWD
-		echo
+        echo
-		read -s -p "SQL: Confirm ${MYSQL_HOST}'s MySQL ROOT password: " PROMPT2
+        read -s -p "SQL: Confirm ${MYSQL_HOST}'s MySQL ROOT password: " PROMPT2
-		echo
+        echo
-		[ "${MYSQL_ROOT_PWD}" = "${PROMPT2}" ] && [ "${MYSQL_ROOT_PWD}" != "" ] && [ "${PROMPT2}" != "" ] && break
+        [[ "${MYSQL_ROOT_PWD}" = "${PROMPT2}" ]] && [[ "${MYSQL_ROOT_PWD}" != "" ]] && [[ "${PROMPT2}" != "" ]] && break
-		echo -e "${LRED}Passwords don't match or can't be null. Please try again.${LMAGENTA}" 1>&2
+        echo -e "${LRED}Passwords don't match or can't be null. Please try again.${LMAGENTA}" 1>&2
-	done
+    done
 fi
 echo -e ${LCYAN}
 # Get Guacamole User password, confirm correct password entry and prevent blank passwords
-if [ -z "${GUAC_PWD}" ]; then
+if [[ -z "${GUAC_PWD}" ]]; then
-	while true; do
+    while true; do
-		read -s -p "SQL: Enter ${MYSQL_HOST}'s MySQL ${GUAC_USER} password: " GUAC_PWD
+        read -s -p "SQL: Enter ${MYSQL_HOST}'s MySQL ${GUAC_USER} password: " GUAC_PWD
-		echo
+        echo
-		read -s -p "SQL: Confirm ${MYSQL_HOST}'s MySQL ${GUAC_USER} password: " PROMPT2
+        read -s -p "SQL: Confirm ${MYSQL_HOST}'s MySQL ${GUAC_USER} password: " PROMPT2
-		echo
+        echo
-		[ "${GUAC_PWD}" = "${PROMPT2}" ] && [ "${GUAC_PWD}" != "" ] && [ "${PROMPT2}" != "" ] && break
+        [[ "${GUAC_PWD}" = "${PROMPT2}" ]] && [[ "${GUAC_PWD}" != "" ]] && [[ "${PROMPT2}" != "" ]] && break
-		echo -e "${LRED}Passwords don't match or can't be null. Please try again.${LCYAN}" 1>&2
+        echo -e "${LRED}Passwords don't match or can't be null. Please try again.${LCYAN}" 1>&2
-	done
+    done
 fi
 echo -e ${GREY}
 # Prompt for preferred backup notification email address
-if [ -z ${BACKUP_EMAIL} ]; then
+if [[ -z ${BACKUP_EMAIL} ]]; then
-	while true; do
+    while true; do
-		read -p "SQL: Enter email address for SQL backup messages [Enter to skip]: " BACKUP_EMAIL
+        read -p "SQL: Enter email address for SQL backup messages [Enter to skip]: " BACKUP_EMAIL
-		[ "${BACKUP_EMAIL}" = "" ] || [ "${BACKUP_EMAIL}" != "" ] && break
+        [[ "${BACKUP_EMAIL}" = "" ]] || [[ "${BACKUP_EMAIL}" != "" ]] && break
-		# Rather than allow a blank value, un-comment to alternately force user to enter an explicit value instead
+        # Rather than allow a blank value, un-comment to alternately force user to enter an explicit value instead
-		# [ "${BACKUP_EMAIL}" != "" ] && break
+        # [[ "${BACKUP_EMAIL}" != "" ]] && break
-		# echo -e "${LRED}You must enter an email address. Please try again.${GREY}" 1>&2
+        # echo -e "${LRED}You must enter an email address. Please try again.${GREY}" 1>&2
-	done
+    done
 fi
 # If no backup notification email address is given, provide a default value
-if [ -z ${BACKUP_EMAIL} ]; then
+if [[ -z ${BACKUP_EMAIL} ]]; then
-	BACKUP_EMAIL="backup-email@yourdomain.com"
+    BACKUP_EMAIL="backup-email@yourdomain.com"
 fi
 echo
 # Prompt the user to install TOTP MFA
 echo -e "${LGREEN}Guacamole authentication extension options:${GREY}"
 if [[ -z "${INSTALL_TOTP}" ]] && [[ "${INSTALL_DUO}" != true ]]; then
-	echo -e -n "AUTH: Install TOTP? (choose 'n' if you want Duo) [y/N]? [default n]: "
+    echo -e -n "AUTH: Install TOTP? (choose 'n' if you want Duo) [y/N]? [default n]: "
-	read PROMPT
+    read PROMPT
-	if [[ ${PROMPT} =~ ^[Yy]$ ]]; then
+    if [[ ${PROMPT} =~ ^[Yy]$ ]]; then
-		INSTALL_TOTP=true
+        INSTALL_TOTP=true
-		INSTALL_DUO=false
+        INSTALL_DUO=false
-	else
+    else
-		INSTALL_TOTP=false
+        INSTALL_TOTP=false
-	fi
+    fi
 fi
 # Prompt the user to install Duo MFA
 if [[ -z "${INSTALL_DUO}" ]] && [[ "${INSTALL_TOTP}" != true ]]; then
-	echo -e -n "${GREY}AUTH: Install Duo? [y/N] [default n]: "
+    echo -e -n "${GREY}AUTH: Install Duo? [y/N] [default n]: "
-	read PROMPT
+    read PROMPT
-	if [[ ${PROMPT} =~ ^[Yy]$ ]]; then
+    if [[ ${PROMPT} =~ ^[Yy]$ ]]; then
-		INSTALL_DUO=true
+        INSTALL_DUO=true
-		INSTALL_TOTP=false
+        INSTALL_TOTP=false
-	else
+    else
-		INSTALL_DUO=false
+        INSTALL_DUO=false
-	fi
+    fi
 fi
 # We can't install TOTP and Duo at the same time (option not supported by Guacamole)
 if [[ "${INSTALL_TOTP}" = true ]] && [[ "${INSTALL_DUO}" = true ]]; then
-	echo -e "${LRED}GUAC MFA: TOTP and Duo cannot be installed at the same time.${GREY}" 1>&2
+    echo -e "${LRED}GUAC MFA: TOTP and Duo cannot be installed at the same time.${GREY}" 1>&2
-	exit 1
+    exit 1
 fi
 # Prompt the user to install Duo MFA
 if [[ -z "${INSTALL_LDAP}" ]]; then
-	echo -e -n "${GREY}AUTH: Install LDAP? [y/N] [default n]: "
+    echo -e -n "${GREY}AUTH: Install LDAP? [y/N] [default n]: "
-	read PROMPT
+    read PROMPT
-	if [[ ${PROMPT} =~ ^[Yy]$ ]]; then
+    if [[ ${PROMPT} =~ ^[Yy]$ ]]; then
-		INSTALL_LDAP=true
+        INSTALL_LDAP=true
-	else
+    else
-		INSTALL_LDAP=false
+        INSTALL_LDAP=false
-	fi
+    fi
 fi
 echo
 # Prompt the user to install the Quick Connect feature (some higher security use cases may not want this)
 echo -e "${LGREEN}Guacamole console optional extras:${GREY}"
 if [[ -z "${INSTALL_QCONNECT}" ]]; then
-	echo -e -n "${GREY}EXTRAS: Install Quick Connect feature? [y/N] [default n]: "
+    echo -e -n "${GREY}EXTRAS: Install Quick Connect feature? [y/N] [default n]: "
-	read PROMPT
+    read PROMPT
-	if [[ ${PROMPT} =~ ^[Yy]$ ]]; then
+    if [[ ${PROMPT} =~ ^[Yy]$ ]]; then
-		INSTALL_QCONNECT=true
+        INSTALL_QCONNECT=true
-	else
+    else
-		INSTALL_QCONNECT=false
+        INSTALL_QCONNECT=false
-	fi
+    fi
 fi
 # Prompt the user to install the History Recorded Storage feature
 if [[ -z "${INSTALL_HISTREC}" ]]; then
-	echo -e -n "${GREY}EXTRAS: Install History Recorded Storage (session replay console integration) [y/N] [default n]: "
+    echo -e -n "${GREY}EXTRAS: Install History Recorded Storage (session replay console integration) [y/N] [default n]: "
-	read PROMPT
+    read PROMPT
-	if [[ ${PROMPT} =~ ^[Yy]$ ]]; then
+    if [[ ${PROMPT} =~ ^[Yy]$ ]]; then
-		INSTALL_HISTREC=true
+        INSTALL_HISTREC=true
-	else
+    else
-		INSTALL_HISTREC=false
+        INSTALL_HISTREC=false
-	fi
+    fi
 fi
 HISTREC_PATH_DEFAULT=/var/lib/guacamole/recordings # Apache default
 if [[ -z ${HISTREC_PATH} ]] && [[ "${INSTALL_HISTREC}" = true ]]; then
-	while true; do
+    while true; do
-		read -p "EXTRAS: Enter recorded storage path [Enter for default ${HISTREC_PATH_DEFAULT}]: " HISTREC_PATH
+        read -p "EXTRAS: Enter recorded storage path [Enter for default ${HISTREC_PATH_DEFAULT}]: " HISTREC_PATH
-		[ "${HISTREC_PATH}" = "" ] || [ "${HISTREC_PATH}" != "" ] && break
+        [[ "${HISTREC_PATH}" = "" ]] || [[ "${HISTREC_PATH}" != "" ]] && break
-	done
+    done
 fi
 # If no custom path is given, lets assume the default path on hitting enter
-if [ -z "${HISTREC_PATH}" ]; then
+if [[ -z "${HISTREC_PATH}" ]]; then
-	HISTREC_PATH="${HISTREC_PATH_DEFAULT}"
+    HISTREC_PATH="${HISTREC_PATH_DEFAULT}"
 fi
 echo
 # Prompt for Guacamole front end reverse proxy option
 echo -e "${LGREEN}Reverse Proxy & front end options:${GREY}"
 if [[ -z ${INSTALL_NGINX} ]]; then
-	echo -e -n "FRONT END: Protect Guacamole behind Nginx reverse proxy [y/N]? [default n]: "
+    echo -e -n "FRONT END: Protect Guacamole behind Nginx reverse proxy [y/N]? [default n]: "
-	read PROMPT
+    read PROMPT
-	if [[ ${PROMPT} =~ ^[Yy]$ ]]; then
+    if [[ ${PROMPT} =~ ^[Yy]$ ]]; then
-		INSTALL_NGINX=true
+        INSTALL_NGINX=true
-		CHANGE_ROOT=false
+        GUAC_URL_REDIR=false
-	else
+    else
-		INSTALL_NGINX=false
+        INSTALL_NGINX=false
-	fi
+    fi
 fi
 # Prompt to remove the trailing /guacamole dir from the default front end url
-if [ "${INSTALL_NGINX}" = false ]; then
+if [[ "${INSTALL_NGINX}" = false ]]; then
-	echo -e -n "FRONT END: Shorten Guacamole root url to *:8080 (& redirect to /guacamole ) [Y/n]? [default y]: "
+    echo -e -n "FRONT END: Shorten Guacamole root url to *:8080 (& redirect to /guacamole ) [Y/n]? [default y]: "
-	read PROMPT
+    read PROMPT
-	if [[ ${PROMPT} =~ ^[Nn]$ ]]; then
+    if [[ ${PROMPT} =~ ^[Nn]$ ]]; then
-		CHANGE_ROOT=false
+        GUAC_URL_REDIR=false
-	else
+    else
-		CHANGE_ROOT=true
+        GUAC_URL_REDIR=true
-	fi
+    fi
 fi
 # We must assign a DNS name for the new proxy site
 if [[ -z ${PROXY_SITE} ]] && [[ "${INSTALL_NGINX}" = true ]]; then
-	while true; do
+    while true; do
-		read -p "FRONT END: Enter proxy local DNS name? [Enter to use ${DEFAULT_FQDN}]: " PROXY_SITE
+        read -p "FRONT END: Enter proxy local DNS name? [Enter to use ${DEFAULT_FQDN}]: " PROXY_SITE
-		[ "${PROXY_SITE}" = "" ] || [ "${PROXY_SITE}" != "" ] && break
+        [[ "${PROXY_SITE}" = "" ]] || [[ "${PROXY_SITE}" != "" ]] && break
-		# Rather than allow the default value below, un-comment to alternately force user to enter an explicit name instead
+        # Rather than allow the default value below, un-comment to alternately force user to enter an explicit name instead
-		# [ "${PROXY_SITE}" != "" ] && break
+        # [[ "${PROXY_SITE}" != "" ]] && break
-		# echo -e "${LRED}You must enter a proxy site DNS name. Please try again.${GREY}" 1>&2
+        # echo -e "${LRED}You must enter a proxy site DNS name. Please try again.${GREY}" 1>&2
-	done
+    done
 fi
 # If no proxy site dns name is given, lets assume the default FQDN is the proxy site name
-if [ -z "${PROXY_SITE}" ]; then
+if [[ -z "${PROXY_SITE}" ]]; then
-	PROXY_SITE="${DEFAULT_FQDN}"
+    PROXY_SITE="${DEFAULT_FQDN}"
 fi
 # Prompt for self signed TLS reverse proxy option
 if [[ -z ${SELF_SIGN} ]] && [[ "${INSTALL_NGINX}" = true ]]; then
-	# Prompt the user to see if they would like to install self signed TLS support for Nginx, default of no
+    # Prompt the user to see if they would like to install self signed TLS support for Nginx, default of no
-	echo -e -n "FRONT END: Add self signed TLS support to Nginx? [y/N]? (choose 'n' for Let's Encrypt)[default n]: "
+    echo -e -n "FRONT END: Add self signed TLS support to Nginx? [y/N]? (choose 'n' for Let's Encrypt)[default n]: "
-	read PROMPT
+    read PROMPT
-	if [[ ${PROMPT} =~ ^[Yy]$ ]]; then
+    if [[ ${PROMPT} =~ ^[Yy]$ ]]; then
-		SELF_SIGN=true
+        SELF_SIGN=true
-	else
+    else
-		SELF_SIGN=false
+        SELF_SIGN=false
-	fi
+    fi
 fi
 # Optional prompt to assign the self sign TLS certificate a custom expiry date, un-comment to force a manual entry
-#if [ "${SELF_SIGN}" = true ]; then
+#if [[ "${SELF_SIGN}" = true ]]; then
 #	read - p "PROXY: Enter number of days till TLS certificate expires [default 3650]: " CERT_DAYS
 #fi
 # If no self sign TLS certificate expiry given, lets assume a generous 10 year default certificate expiry
-if [ -z "${CERT_DAYS}" ]; then
+if [[ -z "${CERT_DAYS}" ]]; then
-	CERT_DAYS="3650"
+    CERT_DAYS="3650"
 fi
 # Prompt for Let's Encrypt TLS reverse proxy configuration option
 if [[ -z ${LETS_ENCRYPT} ]] && [[ "${INSTALL_NGINX}" = true ]] && [[ "${SELF_SIGN}" = "false" ]]; then
-	echo -e -n "FRONT END: Add Let's Encrypt TLS support to Nginx reverse proxy [y/N] [default n]: ${GREY}"
+    echo -e -n "FRONT END: Add Let's Encrypt TLS support to Nginx reverse proxy [y/N] [default n]: ${GREY}"
-	read PROMPT
+    read PROMPT
-	if [[ ${PROMPT} =~ ^[Yy]$ ]]; then
+    if [[ ${PROMPT} =~ ^[Yy]$ ]]; then
-		LETS_ENCRYPT=true
+        LETS_ENCRYPT=true
-	else
+    else
-		LETS_ENCRYPT=false
+        LETS_ENCRYPT=false
-	fi
+    fi
 fi
 # Prompt for Let's Encrypt public dns name
 if [[ -z ${LE_DNS_NAME} ]] && [[ "${LETS_ENCRYPT}" = true ]]; then
-	while true; do
+    while true; do
-		read -p "FRONT END: Enter the FQDN for your public proxy site : " LE_DNS_NAME
+        read -p "FRONT END: Enter the FQDN for your public proxy site : " LE_DNS_NAME
-		[ "${LE_DNS_NAME}" != "" ] && break
+        [[ "${LE_DNS_NAME}" != "" ]] && break
-		echo -e "${LRED}You must enter a public DNS name. Please try again.${GREY}" 1>&2
+        echo -e "${LRED}You must enter a public DNS name. Please try again.${GREY}" 1>&2
-	done
+    done
 fi
 # Prompt for Let's Encrypt admin email
 if [[ -z ${LE_EMAIL} ]] && [[ "${LETS_ENCRYPT}" = true ]]; then
-	while true; do
+    while true; do
-		read -p "FRONT END: Enter the email address for Let's Encrypt notifications : " LE_EMAIL
+        read -p "FRONT END: Enter the email address for Let's Encrypt notifications : " LE_EMAIL
-		[ "${LE_EMAIL}" != "" ] && break
+        [[ "${LE_EMAIL}" != "" ]] && break
-		echo -e "${LRED}You must enter an email address. Please try again.${GREY}" 1>&2
+        echo -e "${LRED}You must enter an email address. Please try again.${GREY}" 1>&2
-	done
+    done
 fi
 #######################################################################################################################
@ -640,20 +655,20 @@ echo -e "${LGREEN}Beginning Guacamole setup...${GREY}"
 echo
 echo -e "${GREY}Checking Linux distro specific dependencies..."
 if [[ $OS_FLAVOUR == "ubuntu" ]] || [[ $OS_FLAVOUR == *"ubuntu"* ]]; then # potentially expand out distro choices here
-	JPEGTURBO="libjpeg-turbo8-dev"
+    JPEGTURBO="libjpeg-turbo8-dev"
-	LIBPNG="libpng-dev"
+    LIBPNG="libpng-dev"
-	# Just in case this repo is not added by default in the distro
+    # Just in case this repo is not added by default in the distro
-	sudo add-apt-repository -y universe &>>${INSTALL_LOG}
+    sudo add-apt-repository -y universe &>>${INSTALL_LOG}
 elif [[ $OS_FLAVOUR == "debian" ]] || [[ $OS_FLAVOUR == "raspbian" ]]; then # expand distro choices here if required
-	JPEGTURBO="libjpeg62-turbo-dev"
+    JPEGTURBO="libjpeg62-turbo-dev"
-	LIBPNG="libpng-dev"
+    LIBPNG="libpng-dev"
 fi
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Sync the various manual config scripts with the relevant variables selected at install
@ -697,8 +712,8 @@ export GUAC_VERSION=$GUAC_VERSION
 export GUAC_SOURCE_LINK=$GUAC_SOURCE_LINK
 export MYSQLJCON=$MYSQLJCON
 export MYSQL_VERSION=$MYSQL_VERSION
-export MYSQLS=$MYSQLS
+export MYSQLSRV=$MYSQLSRV
-export MYSQLC=$MYSQLC
+export MYSQLCLIENT=$MYSQLCLIENT
 export DB_CMD=$DB_CMD
 export TOMCAT_VERSION=$TOMCAT_VERSION
 export INSTALL_LOG=$INSTALL_LOG
@ -720,7 +735,7 @@ export INSTALL_LDAP=$INSTALL_LDAP
 export INSTALL_QCONNECT=$INSTALL_QCONNECT
 export INSTALL_HISTREC=$INSTALL_HISTREC
 export HISTREC_PATH="${HISTREC_PATH}"
-export CHANGE_ROOT=$CHANGE_ROOT
+export GUAC_URL_REDIR=$GUAC_URL_REDIR
 export INSTALL_NGINX=$INSTALL_NGINX
 export PROXY_SITE=$PROXY_SITE
 export CERT_COUNTRY=$CERT_COUNTRY
@ -737,13 +752,13 @@ export RDP_PRINTER_LABEL="${RDP_PRINTER_LABEL}"
 # Run the Guacamole install script
 sudo -E ./2-install-guacamole.sh
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}2-install-guacamole.sh FAILED. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}2-install-guacamole.sh FAILED. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
-elif [ "${CHANGE_ROOT}" = true ]; then
+elif [[ "${GUAC_URL_REDIR}" = true ]]; then
-	echo -e "${LGREEN}Guacamole install complete\nhttp://${PROXY_SITE}:8080 - login user/pass: guacadmin/guacadmin\n${LYELLOW}***Be sure to change the password***${GREY}"
+    echo -e "${LGREEN}Guacamole install complete\nhttp://${PROXY_SITE}:8080 - login user/pass: guacadmin/guacadmin\n${LYELLOW}***Be sure to change the password***${GREY}"
 else
-	echo -e "${LGREEN}Guacamole install complete\nhttp://${PROXY_SITE}:8080/guacamole - login user/pass: guacadmin/guacadmin\n${LYELLOW}***Be sure to change the password***${GREY}"
+    echo -e "${LGREEN}Guacamole install complete\nhttp://${PROXY_SITE}:8080/guacamole - login user/pass: guacadmin/guacadmin\n${LYELLOW}***Be sure to change the password***${GREY}"
 fi
 # Add a Guacamole database backup (mon-fri 12:00am) into cron
@ -762,44 +777,45 @@ rm cron_1
 #######################################################################################################################
 # Install Nginx reverse proxy front end to Guacamole if option is selected
-if [ "${INSTALL_NGINX}" = true ]; then
+if [[ "${INSTALL_NGINX}" = true ]]; then
-	sudo -E ./3-install-nginx.sh
+    sudo -E ./3-install-nginx.sh
-	echo -e "${LGREEN}Nginx install complete\nhttp://${PROXY_SITE} - admin login: guacadmin pass: guacadmin\n${LYELLOW}***Be sure to change the password***${GREY}"
+    echo -e "${LGREEN}Nginx install complete\nhttp://${PROXY_SITE} - admin login: guacadmin pass: guacadmin\n${LYELLOW}***Be sure to change the password***${GREY}"
 fi
 # Apply self signed TLS certificates to Nginx reverse proxy if option is selected
 if [[ "${INSTALL_NGINX}" = true ]] && [[ "${SELF_SIGN}" = true ]]; then
-	sudo -E ./4a-install-tls-self-signed-nginx.sh ${PROXY_SITE} ${CERT_DAYS} | tee -a ${INSTALL_LOG}
+    sudo -E ./4a-install-tls-self-signed-nginx.sh ${PROXY_SITE} ${CERT_DAYS} | tee -a ${INSTALL_LOG}
-	echo -e "${LGREEN}Self signed certificate configured for Nginx \n${LYELLOW}https:${LGREEN}//${PROXY_SITE} - admin login: guacadmin pass: guacadmin\n${LYELLOW}***Be sure to change the password***${GREY}"
+    echo -e "${LGREEN}Self signed certificate configured for Nginx \n${LYELLOW}https:${LGREEN}//${PROXY_SITE} - admin login: guacadmin pass: guacadmin\n${LYELLOW}***Be sure to change the password***${GREY}"
 fi
 # Apply Let's Encrypt TLS certificates to Nginx reverse proxy if option is selected
 if [[ "${INSTALL_NGINX}" = true ]] && [[ "${LETS_ENCRYPT}" = true ]]; then
-	sudo -E ./4b-install-tls-letsencrypt-nginx.sh
+    sudo -E ./4b-install-tls-letsencrypt-nginx.sh
-	echo -e "${LGREEN}Let's Encrypt TLS configured for Nginx \n${LYELLOW}https:${LGREEN}//${LE_DNS_NAME} - admin login: guacadmin pass: guacadmin\n${LYELLOW}***Be sure to change the password***${GREY}"
+    echo -e "${LGREEN}Let's Encrypt TLS configured for Nginx \n${LYELLOW}https:${LGREEN}//${LE_DNS_NAME} - admin login: guacadmin pass: guacadmin\n${LYELLOW}***Be sure to change the password***${GREY}"
 fi
 # Duo Settings reminder - If Duo is selected you can't login to Guacamole until this extension is fully configured
-if [ $INSTALL_DUO == "true" ]; then
+if [[ $INSTALL_DUO == "true" ]]; then
-	echo
+    echo
-	echo -e "${LYELLOW}Reminder: Duo requires extra account specific info configured in the\n/etc/guacamole/guacamole.properties file before you can log in to Guacamole."
+    echo -e "${LYELLOW}Reminder: Duo requires extra account specific info configured in the\n/etc/guacamole/guacamole.properties file before you can log in to Guacamole."
-	echo -e "See https://guacamole.apache.org/doc/gug/duo-auth.html"
+    echo -e "See https://guacamole.apache.org/doc/gug/duo-auth.html"
 fi
 # LDAP Settings reminder, LDAP auth is not functional until the config is complete
-if [ $INSTALL_LDAP == "true" ]; then
+if [[ $INSTALL_LDAP == "true" ]]; then
-	echo
+    echo
-	echo -e "${LYELLOW}Reminder: LDAP requires that your LDAP directory configuration match the exact format\nadded to the /etc/guacamole/guacamole.properties file before LDAP auth will be active."
+    echo -e "${LYELLOW}Reminder: LDAP requires that your LDAP directory configuration match the exact format\nadded to the /etc/guacamole/guacamole.properties file before LDAP auth will be active."
-	echo -e "See https://guacamole.apache.org/doc/gug/ldap-auth.html"
+    echo -e "See https://guacamole.apache.org/doc/gug/ldap-auth.html"
 fi
 # Tidy up. (Installer and Nginx scripts can't be run again or standalone without modification, so removing.)
-rm -f $USER_HOME_DIR/1-setup.sh
+rm -rf $USER_HOME_DIR/1-setup.sh
 rm -f 2-install-guacamole.sh
 rm -f 3-install-nginx.sh
 rm -f 4a-install-tls-self-signed-nginx.sh
 rm -f 4b-install-tls-letsencrypt-nginx.sh
-sudo rm -R $TMP_DIR
+sudo rm -rf $TMP_DIR
 apt-get -y autoremove &>>${INSTALL_LOG}
 # Done
 echo
--- a/2-install-guacamole.sh
+++ b/2-install-guacamole.sh
@ -15,21 +15,19 @@ LGREEN='\033[0;92m'
 LYELLOW='\033[0;93m'
 NC='\033[0m' #No Colour
-# Choose a specific MySQL version e.g. 11.1.2 See https://mariadb.org/mariadb/all-releases/ for available versions.
+# Apply MySQL client or server packages, and don't clobber any pre-existing database installation accidentally
-if [ -z "${MYSQL_VERSION}" ]; then
+if [[ "${INSTALL_MYSQL}" = true ]]; then
-	# Use Linux distro default version.
+    MYSQLPKG="${MYSQLSRV}"
-	MYSQLPKG="default-mysql-server default-mysql-client mysql-common"
+elif [ -x "$(command -v mysql)" ]; then
-	DB_CMD="mysql" # mysql command is depricated
+     MYSQLPKG=""
 else
-	# Use official mariadb.org repo
+    MYSQLPKG="${MYSQLCLIENT}"
 	MYSQLPKG="mariadb-server mariadb-client mariadb-common"
 	DB_CMD="mariadb" # mysql command is depricated on newer versions
 fi
 # Pre-seed MySQL root password values for Linux Distro default packages only
-if [ "${INSTALL_MYSQL}" = true ] && [ -z "${MYSQL_VERSION}" ]; then
+if [[ "${INSTALL_MYSQL}" = true ]] && [[ -z "${MYSQL_VERSION}" ]]; then
-	debconf-set-selections <<<"mysql-server mysql-server/root_password password ${MYSQL_ROOT_PWD}"
+    debconf-set-selections <<<"mysql-server mysql-server/root_password password ${MYSQL_ROOT_PWD}"
-	debconf-set-selections <<<"mysql-server mysql-server/root_password_again password ${MYSQL_ROOT_PWD}"
+    debconf-set-selections <<<"mysql-server mysql-server/root_password_again password ${MYSQL_ROOT_PWD}"
 fi
 # Update everything but don't do the annoying prompts during apt installs
@ -37,168 +35,168 @@ echo -e "${GREY}Updating base Linux OS..."
 export DEBIAN_FRONTEND=noninteractive
 apt-get update -qq &>>${INSTALL_LOG}
 apt-get upgrade -qq -y &>>${INSTALL_LOG}
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Install Guacamole build dependencies.
-if [ -n "${MYSQL_VERSION}" ]; then
+if [[ -n "${MYSQL_VERSION}" ]]; then
-	echo -e "${GREY}Adding the official MariaDB repository and installing version ${MYSQL_VERSION}..."
+    echo -e "${GREY}Adding the official MariaDB repository and installing version ${MYSQL_VERSION}..."
-	# Add the Official MariaDB repo.
+    # Add the Official MariaDB repo.
-	apt-get -qq -y install curl gnupg2 &>>${INSTALL_LOG}
+    apt-get -qq -y install curl gnupg2 &>>${INSTALL_LOG}
-	curl -LsS -O https://downloads.mariadb.com/MariaDB/mariadb_repo_setup &>>${INSTALL_LOG}
+    curl -LsS -O https://downloads.mariadb.com/MariaDB/mariadb_repo_setup &>>${INSTALL_LOG}
-	bash mariadb_repo_setup --mariadb-server-version=$MYSQL_VERSION &>>${INSTALL_LOG}
+    bash mariadb_repo_setup --mariadb-server-version=$MYSQL_VERSION &>>${INSTALL_LOG}
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+        echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-		exit 1
+        exit 1
-	else
+    else
-		echo -e "${LGREEN}OK${GREY}"
+        echo -e "${LGREEN}OK${GREY}"
-		echo
+        echo
-	fi
+    fi
 fi
 echo -e "${GREY}Installing dependencies required for building Guacamole, this might take a few minutes..."
 apt-get -qq -y install ${MYSQLPKG} ${TOMCAT_VERSION} ${JPEGTURBO} ${LIBPNG} ufw pwgen wget expect \
-	build-essential libcairo2-dev libtool-bin uuid-dev libavcodec-dev libavformat-dev libavutil-dev \
+    build-essential libcairo2-dev libtool-bin uuid-dev libavcodec-dev libavformat-dev libavutil-dev \
-	libswscale-dev freerdp2-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libwebsockets-dev \
+    libswscale-dev freerdp2-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libwebsockets-dev \
-	libpulse-dev libssl-dev libvorbis-dev libwebp-dev ghostscript &>>${INSTALL_LOG}
+    libpulse-dev libssl-dev libvorbis-dev libwebp-dev ghostscript &>>${INSTALL_LOG}
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Install Postfix with default settings for smtp email relay
 echo -e "${GREY}Installing Postfix MTA for backup email notifications and alerts, see separate SMTP relay configuration script..."
 DEBIAN_FRONTEND="noninteractive" apt-get install postfix mailutils -qq -y &>>${INSTALL_LOG}
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	systemctl restart postfix
+    systemctl restart postfix
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Download Guacamole Server
 echo -e "${GREY}Downloading Guacamole source files..."
 wget -q --show-progress -O guacamole-server-${GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/source/guacamole-server-${GUAC_VERSION}.tar.gz
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed to download guacamole-server-${GUAC_VERSION}.tar.gz" 1>&2
+    echo -e "${LRED}Failed to download guacamole-server-${GUAC_VERSION}.tar.gz" 1>&2
-	echo -e "${GUAC_SOURCE_LINK}/source/guacamole-server-${GUAC_VERSION}.tar.gz${GREY}"
+    echo -e "${GUAC_SOURCE_LINK}/source/guacamole-server-${GUAC_VERSION}.tar.gz${GREY}"
-	exit 1
+    exit 1
 else
-	tar -xzf guacamole-server-${GUAC_VERSION}.tar.gz
+    tar -xzf guacamole-server-${GUAC_VERSION}.tar.gz
-	echo -e "${LGREEN}Downloaded guacamole-server-${GUAC_VERSION}.tar.gz${GREY}"
+    echo -e "${LGREEN}Downloaded guacamole-server-${GUAC_VERSION}.tar.gz${GREY}"
 fi
 # Download Guacamole Client
 wget -q --show-progress -O guacamole-${GUAC_VERSION}.war ${GUAC_SOURCE_LINK}/binary/guacamole-${GUAC_VERSION}.war
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed to download guacamole-${GUAC_VERSION}.war" 1>&2
+    echo -e "${LRED}Failed to download guacamole-${GUAC_VERSION}.war" 1>&2
-	echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-${GUAC_VERSION}.war${GREY}"
+    echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-${GUAC_VERSION}.war${GREY}"
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}Downloaded guacamole-${GUAC_VERSION}.war (Guacamole client)${GREY}"
+    echo -e "${LGREEN}Downloaded guacamole-${GUAC_VERSION}.war (Guacamole client)${GREY}"
 fi
 # Download MySQL connector/j
 wget -q --show-progress -O mysql-connector-j-${MYSQLJCON}.tar.gz https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-j-${MYSQLJCON}.tar.gz
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed to download mysql-connector-j-${MYSQLJCON}.tar.gz" 1>&2
+    echo -e "${LRED}Failed to download mysql-connector-j-${MYSQLJCON}.tar.gz" 1>&2
-	echo -e "https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-j-${MYSQLJCON}}.tar.gz${GREY}"
+    echo -e "https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-j-${MYSQLJCON}}.tar.gz${GREY}"
-	exit 1
+    exit 1
 else
-	tar -xzf mysql-connector-j-${MYSQLJCON}.tar.gz
+    tar -xzf mysql-connector-j-${MYSQLJCON}.tar.gz
-	echo -e "${LGREEN}Downloaded mysql-connector-j-${MYSQLJCON}.tar.gz${GREY}"
+    echo -e "${LGREEN}Downloaded mysql-connector-j-${MYSQLJCON}.tar.gz${GREY}"
 fi
 # Download Guacamole authentication extensions
 wget -q --show-progress -O guacamole-auth-jdbc-${GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-jdbc-${GUAC_VERSION}.tar.gz
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed to download guacamole-auth-jdbc-${GUAC_VERSION}.tar.gz" 1>&2
+    echo -e "${LRED}Failed to download guacamole-auth-jdbc-${GUAC_VERSION}.tar.gz" 1>&2
-	echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-jdbc-${GUAC_VERSION}.tar.gz"
+    echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-jdbc-${GUAC_VERSION}.tar.gz"
-	exit 1
+    exit 1
 else
-	tar -xzf guacamole-auth-jdbc-${GUAC_VERSION}.tar.gz
+    tar -xzf guacamole-auth-jdbc-${GUAC_VERSION}.tar.gz
-	echo -e "${LGREEN}Downloaded guacamole-auth-jdbc-${GUAC_VERSION}.tar.gz${GREY}"
+    echo -e "${LGREEN}Downloaded guacamole-auth-jdbc-${GUAC_VERSION}.tar.gz${GREY}"
 fi
 # Download TOTP extension
-if [ "${INSTALL_TOTP}" = true ]; then
+if [[ "${INSTALL_TOTP}" = true ]]; then
-	wget -q --show-progress -O guacamole-auth-totp-${GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-totp-${GUAC_VERSION}.tar.gz
+    wget -q --show-progress -O guacamole-auth-totp-${GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-totp-${GUAC_VERSION}.tar.gz
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo -e "${LRED}Failed to download guacamole-auth-totp-${GUAC_VERSION}.tar.gz" 1>&2
+        echo -e "${LRED}Failed to download guacamole-auth-totp-${GUAC_VERSION}.tar.gz" 1>&2
-		echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-totp-${GUAC_VERSION}.tar.gz"
+        echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-totp-${GUAC_VERSION}.tar.gz"
-		exit 1
+        exit 1
-	else
+    else
-		tar -xzf guacamole-auth-totp-${GUAC_VERSION}.tar.gz
+        tar -xzf guacamole-auth-totp-${GUAC_VERSION}.tar.gz
-		rm -f add-auth-totp.sh
+        rm -f add-auth-totp.sh
-		echo -e "${LGREEN}Downloaded guacamole-auth-totp-${GUAC_VERSION}.tar.gz${GREY}"
+        echo -e "${LGREEN}Downloaded guacamole-auth-totp-${GUAC_VERSION}.tar.gz${GREY}"
-	fi
+    fi
 fi
 # Download DUO extension
-if [ "${INSTALL_DUO}" = true ]; then
+if [[ "${INSTALL_DUO}" = true ]]; then
-	wget -q --show-progress -O guacamole-auth-duo-${GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-duo-${GUAC_VERSION}.tar.gz
+    wget -q --show-progress -O guacamole-auth-duo-${GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-duo-${GUAC_VERSION}.tar.gz
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo -e "${LRED}Failed to download guacamole-auth-duo-${GUAC_VERSION}.tar.gz" 1>&2
+        echo -e "${LRED}Failed to download guacamole-auth-duo-${GUAC_VERSION}.tar.gz" 1>&2
-		echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-duo-${GUAC_VERSION}.tar.gz"
+        echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-duo-${GUAC_VERSION}.tar.gz"
-		exit 1
+        exit 1
-	else
+    else
-		tar -xzf guacamole-auth-duo-${GUAC_VERSION}.tar.gz
+        tar -xzf guacamole-auth-duo-${GUAC_VERSION}.tar.gz
-		rm -f add-auth-duo.sh
+        rm -f add-auth-duo.sh
-		echo -e "${LGREEN}Downloaded guacamole-auth-duo-${GUAC_VERSION}.tar.gz${GREY}"
+        echo -e "${LGREEN}Downloaded guacamole-auth-duo-${GUAC_VERSION}.tar.gz${GREY}"
-	fi
+    fi
 fi
 # Download LDAP extension
-if [ "${INSTALL_LDAP}" = true ]; then
+if [[ "${INSTALL_LDAP}" = true ]]; then
-	wget -q --show-progress -O guacamole-auth-ldap-${GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-ldap-${GUAC_VERSION}.tar.gz
+    wget -q --show-progress -O guacamole-auth-ldap-${GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-ldap-${GUAC_VERSION}.tar.gz
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo -e "${LRED}Failed to download guacamole-auth-ldap-${GUAC_VERSION}.tar.gz" 1>&2
+        echo -e "${LRED}Failed to download guacamole-auth-ldap-${GUAC_VERSION}.tar.gz" 1>&2
-		echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-ldap-${GUAC_VERSION}.tar.gz"
+        echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-ldap-${GUAC_VERSION}.tar.gz"
-		exit 1
+        exit 1
-	else
+    else
-		tar -xzf guacamole-auth-ldap-${GUAC_VERSION}.tar.gz
+        tar -xzf guacamole-auth-ldap-${GUAC_VERSION}.tar.gz
-		rm -f add-auth-ldap.sh
+        rm -f add-auth-ldap.sh
-		echo -e "${LGREEN}Downloaded guacamole-auth-ldap-${GUAC_VERSION}.tar.gz${GREY}"
+        echo -e "${LGREEN}Downloaded guacamole-auth-ldap-${GUAC_VERSION}.tar.gz${GREY}"
-	fi
+    fi
 fi
 # Download Guacamole quick-connect extension
-if [ "${INSTALL_QCONNECT}" = true ]; then
+if [[ "${INSTALL_QCONNECT}" = true ]]; then
-	wget -q --show-progress -O guacamole-auth-quickconnect-${GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-quickconnect-${GUAC_VERSION}.tar.gz
+    wget -q --show-progress -O guacamole-auth-quickconnect-${GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-quickconnect-${GUAC_VERSION}.tar.gz
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo -e "${LRED}Failed to download guacamole-auth-quickconnect-${GUAC_VERSION}.tar.gz" 1>&2
+        echo -e "${LRED}Failed to download guacamole-auth-quickconnect-${GUAC_VERSION}.tar.gz" 1>&2
-		echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-quickconnect-${GUAC_VERSION}.tar.gz"
+        echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-quickconnect-${GUAC_VERSION}.tar.gz"
-		exit 1
+        exit 1
-	else
+    else
-		tar -xzf guacamole-auth-quickconnect-${GUAC_VERSION}.tar.gz
+        tar -xzf guacamole-auth-quickconnect-${GUAC_VERSION}.tar.gz
-		rm -f add-xtra-quickconnect.sh
+        rm -f add-xtra-quickconnect.sh
-		echo -e "${LGREEN}Downloaded guacamole-auth-quickconnect-${GUAC_VERSION}.tar.gz${GREY}"
+        echo -e "${LGREEN}Downloaded guacamole-auth-quickconnect-${GUAC_VERSION}.tar.gz${GREY}"
-	fi
+    fi
 fi
 # Download Guacamole history recording storage extension
-if [ "${INSTALL_HISTREC}" = true ]; then
+if [[ "${INSTALL_HISTREC}" = true ]]; then
-	wget -q --show-progress -O guacamole-history-recording-storage-${GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-history-recording-storage-${GUAC_VERSION}.tar.gz
+    wget -q --show-progress -O guacamole-history-recording-storage-${GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-history-recording-storage-${GUAC_VERSION}.tar.gz
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo -e "${LRED}Failed to download guacamole-history-recording-storage-${GUAC_VERSION}.tar.gz" 1>&2
+        echo -e "${LRED}Failed to download guacamole-history-recording-storage-${GUAC_VERSION}.tar.gz" 1>&2
-		echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-history-recording-storage-${GUAC_VERSION}.tar.gz"
+        echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-history-recording-storage-${GUAC_VERSION}.tar.gz"
-		exit 1
+        exit 1
-	else
+    else
-		tar -xzf guacamole-history-recording-storage-${GUAC_VERSION}.tar.gz
+        tar -xzf guacamole-history-recording-storage-${GUAC_VERSION}.tar.gz
-		rm -f add-xtra-histrecstor.sh
+        rm -f add-xtra-histrecstor.sh
-		echo -e "${LGREEN}Downloaded guacamole-history-recording-storage-${GUAC_VERSION}.tar.gz${GREY}"
+        echo -e "${LGREEN}Downloaded guacamole-history-recording-storage-${GUAC_VERSION}.tar.gz${GREY}"
-	fi
+    fi
 fi
 echo -e "Source download complete.${GREY}"
@ -234,37 +232,37 @@ export CFLAGS="-Wno-error"
 # Configure Guacamole Server source
 ./configure --with-systemd-dir=/etc/systemd/system &>>${INSTALL_LOG}
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo "Failed to configure guacamole-server"
+    echo "Failed to configure guacamole-server"
-	echo "Trying again with --enable-allow-freerdp-snapshots"
+    echo "Trying again with --enable-allow-freerdp-snapshots"
-	./configure --with-systemd-dir=/etc/systemd/system --enable-allow-freerdp-snapshots
+    ./configure --with-systemd-dir=/etc/systemd/system --enable-allow-freerdp-snapshots
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo "Failed to configure guacamole-server - again"
+        echo "Failed to configure guacamole-server - again"
-		exit
+        exit
-	fi
+    fi
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 echo -e "${GREY}Running make and building the Guacamole-Server application..."
 make &>>${INSTALL_LOG}
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 echo -e "${GREY}Installing Guacamole-Server..."
 make install &>>${INSTALL_LOG}
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Update the shared library cache
@ -277,35 +275,35 @@ mv -f guacamole-${GUAC_VERSION}.war /etc/guacamole/guacamole.war
 chmod 664 /etc/guacamole/guacamole.war
 # Create a symbolic link for Tomcat
 ln -sf /etc/guacamole/guacamole.war /var/lib/${TOMCAT_VERSION}/webapps/ &>>${INSTALL_LOG}
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 echo -e "${GREY}Moving guacamole-auth-jdbc-mysql-${GUAC_VERSION}.jar (/etc/guacamole/extensions/)..."
 mv -f guacamole-auth-jdbc-${GUAC_VERSION}/mysql/guacamole-auth-jdbc-mysql-${GUAC_VERSION}.jar /etc/guacamole/extensions/
 chmod 664 /etc/guacamole/extensions/guacamole-auth-jdbc-mysql-${GUAC_VERSION}.jar
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Move MySQL connector/j files
 echo -e "${GREY}Moving mysql-connector-j-${MYSQLJCON}.jar (/etc/guacamole/lib/mysql-connector-java.jar)..."
 mv -f mysql-connector-j-${MYSQLJCON}/mysql-connector-j-${MYSQLJCON}.jar /etc/guacamole/lib/mysql-connector-java.jar
 chmod 664 /etc/guacamole/lib/mysql-connector-java.jar
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Configure guacamole.properties file
@ -318,229 +316,228 @@ echo "mysql-username: ${GUAC_USER}" >>/etc/guacamole/guacamole.properties
 echo "mysql-password: ${GUAC_PWD}" >>/etc/guacamole/guacamole.properties
 # Move TOTP files
-if [ "${INSTALL_TOTP}" = true ]; then
+if [[ "${INSTALL_TOTP}" = true ]]; then
-	echo -e "${GREY}Moving guacamole-auth-totp-${GUAC_VERSION}.jar (/etc/guacamole/extensions/)..."
+    echo -e "${GREY}Moving guacamole-auth-totp-${GUAC_VERSION}.jar (/etc/guacamole/extensions/)..."
-	mv -f guacamole-auth-totp-${GUAC_VERSION}/guacamole-auth-totp-${GUAC_VERSION}.jar /etc/guacamole/extensions/
+    mv -f guacamole-auth-totp-${GUAC_VERSION}/guacamole-auth-totp-${GUAC_VERSION}.jar /etc/guacamole/extensions/
-	chmod 664 /etc/guacamole/extensions/guacamole-auth-totp-${GUAC_VERSION}.jar
+    chmod 664 /etc/guacamole/extensions/guacamole-auth-totp-${GUAC_VERSION}.jar
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+        echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-		exit 1
+        exit 1
-	else
+    else
-		echo -e "${LGREEN}OK${GREY}"
+        echo -e "${LGREEN}OK${GREY}"
-		echo
+        echo
-	fi
+    fi
 fi
 # Move Duo files
-if [ "${INSTALL_DUO}" = true ]; then
+if [[ "${INSTALL_DUO}" = true ]]; then
-	echo -e "${GREY}Moving guacamole-auth-duo-${GUAC_VERSION}.jar (/etc/guacamole/extensions/)..."
+    echo -e "${GREY}Moving guacamole-auth-duo-${GUAC_VERSION}.jar (/etc/guacamole/extensions/)..."
-	mv -f guacamole-auth-duo-${GUAC_VERSION}/guacamole-auth-duo-${GUAC_VERSION}.jar /etc/guacamole/extensions/
+    mv -f guacamole-auth-duo-${GUAC_VERSION}/guacamole-auth-duo-${GUAC_VERSION}.jar /etc/guacamole/extensions/
-	chmod 664 /etc/guacamole/extensions/guacamole-auth-duo-${GUAC_VERSION}.jar
+    chmod 664 /etc/guacamole/extensions/guacamole-auth-duo-${GUAC_VERSION}.jar
-	echo "#duo-api-hostname: " >>/etc/guacamole/guacamole.properties
+    echo "#duo-api-hostname: " >>/etc/guacamole/guacamole.properties
-	echo "#duo-integration-key: " >>/etc/guacamole/guacamole.properties
+    echo "#duo-integration-key: " >>/etc/guacamole/guacamole.properties
-	echo "#duo-secret-key: " >>/etc/guacamole/guacamole.properties
+    echo "#duo-secret-key: " >>/etc/guacamole/guacamole.properties
-	echo "#duo-application-key: " >>/etc/guacamole/guacamole.properties
+    echo "#duo-application-key: " >>/etc/guacamole/guacamole.properties
-	echo -e "Duo auth is installed, it will need to be configured via guacamole.properties"
+    echo -e "Duo auth is installed, it will need to be configured via guacamole.properties"
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+        echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-		exit 1
+        exit 1
-	else
+    else
-		echo -e "${LGREEN}OK${GREY}"
+        echo -e "${LGREEN}OK${GREY}"
-		echo
+        echo
-	fi
+    fi
 fi
 # Move LDAP files
-if [ "${INSTALL_LDAP}" = true ]; then
+if [[ "${INSTALL_LDAP}" = true ]]; then
-	echo -e "${GREY}Moving guacamole-auth-ldap-${GUAC_VERSION}.jar (/etc/guacamole/extensions/)..."
+    echo -e "${GREY}Moving guacamole-auth-ldap-${GUAC_VERSION}.jar (/etc/guacamole/extensions/)..."
-	mv -f guacamole-auth-ldap-${GUAC_VERSION}/guacamole-auth-ldap-${GUAC_VERSION}.jar /etc/guacamole/extensions/
+    mv -f guacamole-auth-ldap-${GUAC_VERSION}/guacamole-auth-ldap-${GUAC_VERSION}.jar /etc/guacamole/extensions/
-	chmod 664 /etc/guacamole/extensions/guacamole-auth-ldap-${GUAC_VERSION}.jar
+    chmod 664 /etc/guacamole/extensions/guacamole-auth-ldap-${GUAC_VERSION}.jar
-	echo "#If you have issues with LDAP, check the formatting is exactly as below or you will despair!" >>/etc/guacamole/guacamole.properties
+    echo "#If you have issues with LDAP, check the formatting is exactly as below or you will despair!" >>/etc/guacamole/guacamole.properties
-	echo "#Be extra careful with spaces at line ends or with windows line feeds." >>/etc/guacamole/guacamole.properties
+    echo "#Be extra careful with spaces at line ends or with windows line feeds." >>/etc/guacamole/guacamole.properties
-	echo "#ldap-hostname: dc1.yourdomain.com dc2.yourdomain.com" >>/etc/guacamole/guacamole.properties
+    echo "#ldap-hostname: dc1.yourdomain.com dc2.yourdomain.com" >>/etc/guacamole/guacamole.properties
-	echo "#ldap-port: 389" >>/etc/guacamole/guacamole.properties
+    echo "#ldap-port: 389" >>/etc/guacamole/guacamole.properties
-	echo "#ldap-username-attribute: sAMAccountName" >>/etc/guacamole/guacamole.properties
+    echo "#ldap-username-attribute: sAMAccountName" >>/etc/guacamole/guacamole.properties
-	echo "#ldap-encryption-method: none" >>/etc/guacamole/guacamole.properties
+    echo "#ldap-encryption-method: none" >>/etc/guacamole/guacamole.properties
-	echo "#ldap-search-bind-dn: ad-account@yourdomain.com" >>/etc/guacamole/guacamole.properties
+    echo "#ldap-search-bind-dn: ad-account@yourdomain.com" >>/etc/guacamole/guacamole.properties
-	echo "#ldap-search-bind-password: ad-account-password" >>/etc/guacamole/guacamole.properties
+    echo "#ldap-search-bind-password: ad-account-password" >>/etc/guacamole/guacamole.properties
-	echo "#ldap-config-base-dn: dc=domain,dc=com" >>/etc/guacamole/guacamole.properties
+    echo "#ldap-config-base-dn: dc=domain,dc=com" >>/etc/guacamole/guacamole.properties
-	echo "#ldap-user-base-dn: OU=SomeOU,DC=domain,DC=com" >>/etc/guacamole/guacamole.properties
+    echo "#ldap-user-base-dn: OU=SomeOU,DC=domain,DC=com" >>/etc/guacamole/guacamole.properties
-	echo "#ldap-user-search-filter:(objectClass=user)(!(objectCategory=computer))" >>/etc/guacamole/guacamole.properties
+    echo "#ldap-user-search-filter:(objectClass=user)(!(objectCategory=computer))" >>/etc/guacamole/guacamole.properties
-	echo "#ldap-max-search-results:200" >>/etc/guacamole/guacamole.properties
+    echo "#ldap-max-search-results:200" >>/etc/guacamole/guacamole.properties
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+        echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-		exit 1
+        exit 1
-	else
+    else
-		echo -e "${LGREEN}OK${GREY}"
+        echo -e "${LGREEN}OK${GREY}"
-		echo
+        echo
-	fi
+    fi
 fi
 # Move quick-connect extension files
-if [ "${INSTALL_QCONNECT}" = true ]; then
+if [[ "${INSTALL_QCONNECT}" = true ]]; then
-	echo -e "${GREY}Moving guacamole-auth-quickconnect-${GUAC_VERSION}.jar (/etc/guacamole/extensions/)..."
+    echo -e "${GREY}Moving guacamole-auth-quickconnect-${GUAC_VERSION}.jar (/etc/guacamole/extensions/)..."
-	mv -f guacamole-auth-quickconnect-${GUAC_VERSION}/guacamole-auth-quickconnect-${GUAC_VERSION}.jar /etc/guacamole/extensions/
+    mv -f guacamole-auth-quickconnect-${GUAC_VERSION}/guacamole-auth-quickconnect-${GUAC_VERSION}.jar /etc/guacamole/extensions/
-	chmod 664 /etc/guacamole/extensions/guacamole-auth-quickconnect-${GUAC_VERSION}.jar
+    chmod 664 /etc/guacamole/extensions/guacamole-auth-quickconnect-${GUAC_VERSION}.jar
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+        echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-		exit 1
+        exit 1
-	else
+    else
-		echo -e "${LGREEN}OK${GREY}"
+        echo -e "${LGREEN}OK${GREY}"
-		echo
+        echo
-	fi
+    fi
 fi
 # Move history recording storage extension files
-if [ "${INSTALL_HISTREC}" = true ]; then
+if [[ "${INSTALL_HISTREC}" = true ]]; then
-	echo -e "${GREY}Moving guacamole-history-recording-storage-${GUAC_VERSION}.jar (/etc/guacamole/extensions/)..."
+    echo -e "${GREY}Moving guacamole-history-recording-storage-${GUAC_VERSION}.jar (/etc/guacamole/extensions/)..."
-	mv -f guacamole-history-recording-storage-${GUAC_VERSION}/guacamole-history-recording-storage-${GUAC_VERSION}.jar /etc/guacamole/extensions/
+    mv -f guacamole-history-recording-storage-${GUAC_VERSION}/guacamole-history-recording-storage-${GUAC_VERSION}.jar /etc/guacamole/extensions/
-	chmod 664 /etc/guacamole/extensions/guacamole-history-recording-storage-${GUAC_VERSION}.jar
+    chmod 664 /etc/guacamole/extensions/guacamole-history-recording-storage-${GUAC_VERSION}.jar
-	#Setup the default recording path
+    #Setup the default recording path
-	mkdir -p ${HISTREC_PATH}
+    mkdir -p ${HISTREC_PATH}
-	chown daemon:tomcat ${HISTREC_PATH}
+    chown daemon:tomcat ${HISTREC_PATH}
-	chmod 2750 ${HISTREC_PATH}
+    chmod 2750 ${HISTREC_PATH}
-	echo "recording-search-path: ${HISTREC_PATH}" >>/etc/guacamole/guacamole.properties
+    echo "recording-search-path: ${HISTREC_PATH}" >>/etc/guacamole/guacamole.properties
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+        echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-		exit 1
+        exit 1
-	else
+    else
-		echo -e "${LGREEN}OK${GREY}"
+        echo -e "${LGREEN}OK${GREY}"
-		echo
+        echo
-	fi
+    fi
 fi
 # Apply a branded interface and dark theme. You may delete this file and restart guacd & tomcat for the default console
 echo -e "${GREY}Setting the Guacamole console to a (customisable) dark mode themed template..."
 mv branding.jar /etc/guacamole/extensions
 chmod 664 /etc/guacamole/extensions/branding.jar
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Restart Tomcat
 echo -e "${GREY}Restarting Tomcat service & enable at boot..."
 systemctl restart ${TOMCAT_VERSION}
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Set Tomcat to start at boot
 systemctl enable ${TOMCAT_VERSION}
 echo
-if [ "${INSTALL_MYSQL}" = true ]; then
+if [[ "${INSTALL_MYSQL}" = true ]]; then
-	# Set MySQL password
+    # Set MySQL password
-	export MYSQL_PWD=${MYSQL_ROOT_PWD}
+    export MYSQL_PWD=${MYSQL_ROOT_PWD}
-	# Set the root password without a reliance on debconf.
+    # Set the root password without a reliance on debconf.
-	echo -e "${GREY}Setting MySQL root password..."
+    echo -e "${GREY}Setting MySQL root password..."
-	SQLCODE="
+    SQLCODE="
 FLUSH PRIVILEGES;
 ALTER USER 'root'@'localhost' IDENTIFIED BY '$MYSQL_ROOT_PWD';"
-	echo ${SQLCODE} | $DB_CMD -u root
+    echo ${SQLCODE} | $DB_CMD -u root
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+        echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-		exit 1
+        exit 1
-	else
+    else
-		echo -e "${LGREEN}OK${GREY}"
+        echo -e "${LGREEN}OK${GREY}"
-		echo
+        echo
-	fi
+    fi
-	# Find the location of the MySQL or MariaDB config files. (Add to this list for more potential candidates.)
+    # Find the location of the MySQL or MariaDB config files. (Add to this list for more potential candidates.)
-	for x in /etc/mysql/mariadb.conf.d/50-server.cnf \
+    for x in /etc/mysql/mariadb.conf.d/50-server.cnf \
-		/etc/mysql/mysql.conf.d/mysqld.cnf \
+        /etc/mysql/mysql.conf.d/mysqld.cnf \
-		/etc/mysql/my.cnf; do
+        /etc/mysql/my.cnf; do
-		# Check inside each candidate to see if a [mysqld] or [mariadbd] section exists, assign $x the correct filename.
+        # Check inside each candidate to see if a [mysqld] or [mariadbd] section exists, assign $x the correct filename.
-		if [ -e "${x}" ]; then
+        if [[ -e "${x}" ]]; then
-			if grep -qE '^\[(mysqld|mariadbd)\]$' "${x}"; then
+            if grep -qE '^\[(mysqld|mariadbd)\]$' "${x}"; then
-				mysqlconfig="${x}"
+                mysqlconfig="${x}"
-				# Reduce any duplicated section names, then sanitise the [ ] special characters for sed below)
+                # Reduce any duplicated section names, then sanitise the [ ] special characters for sed below)
-				config_section=$(grep -m 1 -E '^\[(mysqld|mariadbd)\]$' "${x}" | sed 's/\[\(.*\)\]/\1/')
+                config_section=$(grep -m 1 -E '^\[(mysqld|mariadbd)\]$' "${x}" | sed 's/\[\(.*\)\]/\1/')
-				break
+                break
-			fi
+            fi
-		fi
+        fi
-	done
+    done
-	# Set the MySQL Timezone
+    # Set the MySQL Timezone
-	if [ -z "${mysqlconfig}" ]; then
+    if [[ -z "${mysqlconfig}" ]]; then
-		echo -e "${GREY}Couldn't detect MySQL config file - you will need to manually configure database timezone settings"
+        echo -e "${GREY}Couldn't detect MySQL config file - you will need to manually configure database timezone settings"
-	else
+    else
-		# Is there already a timzeone value configured?
+        # Is there already a timzeone value configured?
-		if grep -q "^default_time_zone[[:space:]]=" "${mysqlconfig}"; then
+        if grep -q "^default_time_zone[[:space:]]=" "${mysqlconfig}"; then
-			echo -e "MySQL database timezone defined in ${mysqlconfig}"
+            echo -e "MySQL database timezone defined in ${mysqlconfig}"
-		else
+        else
-			timezone=${DB_TZ}
+            timezone=${DB_TZ}
-			if [ -z "${DB_TZ}" ]; then
+            if [[ -z "${DB_TZ}" ]]; then
-				echo -e "Couldn't find system timezone, using UTC$"
+                echo -e "Couldn't find system timezone, using UTC$"
-				timezone="UTC"
+                timezone="UTC"
-			fi
+            fi
-			echo -e "Setting MySQL database timezone as ${timezone}${GREY}"
+            echo -e "Setting MySQL database timezone as ${timezone}${GREY}"
-			mysql_tzinfo_to_sql /usr/share/zoneinfo 2>/dev/null | ${DB_CMD} -u root -D mysql -p${MYSQL_ROOT_PWD}
+            mysql_tzinfo_to_sql /usr/share/zoneinfo 2>/dev/null | ${DB_CMD} -u root -D mysql -p${MYSQL_ROOT_PWD}
-			# Add the timzone value to the sanitsed server file section name.
+            # Add the timzone value to the sanitsed server file section name.
-			sed -i -e "/^\[${config_section}\]/a default_time_zone = ${timezone}" "${mysqlconfig}"
+            sed -i -e "/^\[${config_section}\]/a default_time_zone = ${timezone}" "${mysqlconfig}"
-		fi
+        fi
-	fi
+    fi
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo -e "${LRED}Failed${GREY}" 1>&2
+        echo -e "${LRED}Failed${GREY}" 1>&2
-		exit 1
+        exit 1
-	else
+    else
-		echo -e "${LGREEN}OK${GREY}"
+        echo -e "${LGREEN}OK${GREY}"
-		echo
+        echo
-	fi
+    fi
-	# This should stay as localhost in most local MySQL install situations. This setting determine from WHERE the new ${GUAC_USER}
+    # This should stay as localhost in most local MySQL install situations. This setting determine from WHERE the new ${GUAC_USER}
-	# will be able to login to the database (either specific remote IPs or localhost only.)
+    # will be able to login to the database (either specific remote IPs or localhost only.)
-	#  However this setting can be quick and hacky way to build a backend guacamole database server for use behind another guac application server
+    #  However this setting can be quick and hacky way to build a backend guacamole database server for use behind another guac application server
-	# (albeit with the full application suite installed). To do this, set GUAC_USERHost="%" for login access from all IPs, or e.g. 192.168.1.% for an IP range.
+    # (albeit with the full application suite installed). To do this, set GUAC_USERHost="%" for login access from all IPs, or e.g. 192.168.1.% for an IP range.
-	# You will also need to set the MySQL binding away from the default 127.0.0.1 to 0.0.0.0 or a specific external facing network interface to allow remote login.
+    # You will also need to set the MySQL binding away from the default 127.0.0.1 to 0.0.0.0 or a specific external facing network interface to allow remote login.
-	if [ "${MYSQL_HOST}" != "localhost" ]; then
+    if [[ "${MYSQL_HOST}" != "localhost" ]]; then
-		GUAC_USERHost="%"
+        GUAC_USERHost="%"
-		echo -e "${LYELLOW}${GUAC_USER} is set to accept db logins from any host, you may wish to limit this to specific IPs.${GREY}"
+        echo -e "${LYELLOW}${GUAC_USER} is set to accept db logins from any host, you may wish to limit this to specific IPs.${GREY}"
-	else
+    else
-		GUAC_USERHost="localhost"
+        GUAC_USERHost="localhost"
-	fi
+    fi
-	# Execute SQL code to create the Guacamole database
+    # Execute SQL code to create the Guacamole database
-	echo -e "${GREY}Creating the Guacamole database..."
+    echo -e "${GREY}Creating the Guacamole database..."
-	SQLCODE="
+    SQLCODE="
 DROP DATABASE IF EXISTS ${GUAC_DB};
 CREATE DATABASE IF NOT EXISTS ${GUAC_DB};
 CREATE USER IF NOT EXISTS '${GUAC_USER}'@'${GUAC_USERHost}' IDENTIFIED BY \"${GUAC_PWD}\";
 GRANT SELECT,INSERT,UPDATE,DELETE ON ${GUAC_DB}.* TO '${GUAC_USER}'@'${GUAC_USERHost}';
 FLUSH PRIVILEGES;"
-	echo ${SQLCODE} | mysql -u root -D mysql -h ${MYSQL_HOST} -P ${MYSQL_PORT}
+    echo ${SQLCODE} | mysql -u root -D mysql -h ${MYSQL_HOST} -P ${MYSQL_PORT}
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo -e "${LRED}Failed${GREY}" 1>&2
+        echo -e "${LRED}Failed${GREY}" 1>&2
-		exit 1
+        exit 1
-	else
+    else
-		echo -e "${LGREEN}OK${GREY}"
+        echo -e "${LGREEN}OK${GREY}"
-		echo
+        echo
-	fi
+    fi
-	# Add Guacamole schema to newly created database
+    # Add Guacamole schema to newly created database
-	echo -e "${GREY}Adding database tables..."
+    echo -e "${GREY}Adding database tables..."
-	cat guacamole-auth-jdbc-${GUAC_VERSION}/mysql/schema/*.sql | $DB_CMD -u root -D ${GUAC_DB} -p${MYSQL_ROOT_PWD}
+    cat guacamole-auth-jdbc-${GUAC_VERSION}/mysql/schema/*.sql | $DB_CMD -u root -D ${GUAC_DB} -p${MYSQL_ROOT_PWD}
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo -e "${LRED}Failed${GREY}" 1>&2
+        echo -e "${LRED}Failed${GREY}" 1>&2
-		exit 1
+        exit 1
-	else
+    else
-		echo -e "${LGREEN}OK${GREY}"
+        echo -e "${LGREEN}OK${GREY}"
-		echo
+        echo
-	fi
+    fi
 fi
 # Apply Secure MySQL installation settings
-if [ "${SECURE_MYSQL}" = true ] && [ "${INSTALL_MYSQL}" = true ]; then
+if [[ "${SECURE_MYSQL}" = true ]] && [[ "${INSTALL_MYSQL}" = true ]]; then
-	echo -e "${GREY}Applying mysql_secure_installation settings...${DGREY}"
+    echo -e "${GREY}Applying mysql_secure_installation settings...${DGREY}"
-	SECURE_MYSQL=$(expect -c "
+    SECURE_MYSQL=$(expect -c "
 set timeout 10
 spawn mysql_secure_installation
 expect \"Enter current password for root (enter for none):\"
@ -559,44 +556,44 @@ expect \"Reload privilege tables now?\"
 send \"y\r\"
 expect eof
 ")
-	echo "$SECURE_MYSQL"
+    echo "$SECURE_MYSQL"
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+        echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-		exit 1
+        exit 1
-	else
+    else
-		echo -e "${LGREEN}OK${GREY}"
+        echo -e "${LGREEN}OK${GREY}"
-		echo
+        echo
-	fi
+    fi
 fi
 # Restart MySQL service
-if [ "${INSTALL_MYSQL}" = true ]; then
+if [[ "${INSTALL_MYSQL}" = true ]]; then
-	echo -e "${GREY}Restarting MySQL service & enable at boot..."
+    echo -e "${GREY}Restarting MySQL service & enable at boot..."
-	# Set MySQl to start at boot
+    # Set MySQl to start at boot
-	systemctl enable mysql
+    systemctl enable mysql
-	systemctl restart mysql
+    systemctl restart mysql
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo -e "${LRED}Failed${GREY}" 1>&2
+        echo -e "${LRED}Failed${GREY}" 1>&2
-		exit 1
+        exit 1
-	else
+    else
-		echo -e "${LGREEN}OK${GREY}"
+        echo -e "${LGREEN}OK${GREY}"
-		echo
+        echo
-	fi
+    fi
 fi
 # Create guacd.conf and locahost IP binding.
 echo -e "${GREY}Binding guacd to 127.0.0.1 port 4822..."
 cat >/etc/guacamole/guacd.conf <<-"EOF"
-	[server]
+[server]
-	bind_host = 127.0.0.1
+bind_host = 127.0.0.1
-	bind_port = 4822
+bind_port = 4822
 EOF
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Ensure guacd is started
@ -604,28 +601,28 @@ echo -e "${GREY}Starting guacd service & enable at boot..."
 systemctl enable guacd
 systemctl stop guacd 2>/dev/null
 systemctl start guacd
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
-if [ "${CHANGE_ROOT}" = true ]; then
+if [[ "${GUAC_URL_REDIR}" = true ]]; then
-	echo -e "${GREY}Shortening the Guacamole root url and setting up redirect...${DGREY}"
+    echo -e "${GREY}Shortening the Guacamole root url and setting up redirect...${DGREY}"
-	systemctl stop ${TOMCAT_VERSION}
+    systemctl stop ${TOMCAT_VERSION}
-	mv /var/lib/${TOMCAT_VERSION}/webapps/ROOT/index.html /var/lib/${TOMCAT_VERSION}/webapps/ROOT/index.html.old
+    mv /var/lib/${TOMCAT_VERSION}/webapps/ROOT/index.html /var/lib/${TOMCAT_VERSION}/webapps/ROOT/index.html.old
-	touch /var/lib/${TOMCAT_VERSION}/webapps/ROOT/index.jsp
+    touch /var/lib/${TOMCAT_VERSION}/webapps/ROOT/index.jsp
-	echo "<% response.sendRedirect(\"/guacamole\");%>" >>/var/lib/${TOMCAT_VERSION}/webapps/ROOT/index.jsp
+    echo "<% response.sendRedirect(\"/guacamole\");%>" >>/var/lib/${TOMCAT_VERSION}/webapps/ROOT/index.jsp
-	systemctl start ${TOMCAT_VERSION}
+    systemctl start ${TOMCAT_VERSION}
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+        echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-		exit 1
+        exit 1
-	else
+    else
-		echo -e "${LGREEN}OK${GREY}"
+        echo -e "${LGREEN}OK${GREY}"
-		echo
+        echo
-	fi
+    fi
 fi
 echo -e "${GREY}Updating firewall rules to allow only SSH and tcp 8080..."
@ -636,12 +633,12 @@ sudo ufw allow 8080/tcp >/dev/null 2>&1
 echo "y" | sudo ufw enable >/dev/null 2>&1
 # Reduce firewall logging noise
 sudo ufw logging off >/dev/null 2>&1
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Cleanup
@ -649,20 +646,19 @@ echo -e "${GREY}Cleanup install files...${GREY}"
 rm -rf guacamole-*
 rm -rf mysql-connector-j-*
 rm -rf mariadb_repo_setup
-if [ "${INSTALL_NGINX}" = false ]; then
+if [[ "${INSTALL_NGINX}" = false ]]; then
-	rm -rf 3-install-nginx.sh
+    rm -f 3-install-nginx.sh
-	rm -f 4a-install-tls-self-signed-nginx.sh
+    rm -f 4a-install-tls-self-signed-nginx.sh
-	rm -rf 4b-install-tls-letsencrypt-nginx.sh
+    rm -f 4b-install-tls-letsencrypt-nginx.sh
-	rm -f refresh-tls-self-signed.sh
+    rm -f refresh-tls-self-signed.sh
 fi
 unset MYSQL_PWD
 apt-get -y remove expect &>>${INSTALL_LOG}
-apt-get -y autoremove &>>${INSTALL_LOG}
+if [[ $? -ne 0 ]]; then
-if [ $? -ne 0 ]; then
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    exit 1
 	exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
 fi
 # Done
--- a/3-install-nginx.sh
+++ b/3-install-nginx.sh
@ -43,12 +43,12 @@ server {
    }
 }
 EOF
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Force nginx to require tls1.2 and above
@ -64,24 +64,24 @@ unlink /etc/nginx/sites-enabled/default
 # Do mandatory Nginx tweaks for logging actual client IPs through a proxy IP of 127.0.0.1 - DO NOT CHANGE COMMAND FORMATING!
 echo -e "${GREY}Configuring Apache Tomcat valve for pass through of client IPs to Guacamole logs...${GREY}"
 sudo sed -i '/pattern="%h %l %u %t &quot;%r&quot; %s %b"/a        \        <!-- Allow host IP to pass through to guacamole.-->\n        <Valve className="org.apache.catalina.valves.RemoteIpValve"\n               internalProxies="127\.0\.0\.1|0:0:0:0:0:0:0:1"\n               remoteIpHeader="x-forwarded-for"\n               remoteIpProxiesHeader="x-forwarded-by"\n               protocolHeader="x-forwarded-proto" />' /etc/$TOMCAT_VERSION/server.xml
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Allow large file transfers through Nginx
 sudo sed -i '/client_max_body_size/d' /etc/nginx/nginx.conf                                     # remove this line if it already exists to prevent duplicates
 sudo sed -i "/Basic Settings/a \        client_max_body_size 100000000M;" /etc/nginx/nginx.conf # Add the larger file transfer size
 echo -e "${GREY}Boosting Nginx's 'maximum body size' parameter to allow large file transfers...${GREY}"
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Update general ufw rules so force traffic via reverse proxy. Only Nginx and SSH will be available over the network.
@ -92,12 +92,12 @@ sudo ufw allow OpenSSH >/dev/null 2>&1
 sudo ufw allow 80/tcp >/dev/null 2>&1
 sudo ufw delete allow 8080/tcp >/dev/null 2>&1
 echo "y" | sudo ufw enable >/dev/null 2>&1
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Reload everything
@ -105,11 +105,11 @@ echo -e "${GREY}Restaring Guacamole & Ngnix..."
 sudo systemctl restart $TOMCAT_VERSION
 sudo systemctl restart guacd
 sudo systemctl restart nginx
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
 fi
 # Done
--- a/4a-install-tls-self-signed-nginx.sh
+++ b/4a-install-tls-self-signed-nginx.sh
@ -31,11 +31,11 @@ DIR_SSL_KEY="/etc/nginx/ssl/private"
 # Make directories to place TLS Certificate if they don't exist
 if [[ ! -d $DIR_SSL_KEY ]]; then
-	sudo mkdir -p $DIR_SSL_KEY
+    sudo mkdir -p $DIR_SSL_KEY
 fi
 if [[ ! -d $DIR_SSL_CERT ]]; then
-	sudo mkdir -p $DIR_SSL_CERT
+    sudo mkdir -p $DIR_SSL_CERT
 fi
 # Discover IPv4 interface
@ -71,12 +71,12 @@ EOF
 echo
 echo "{$GREY}Creating a new Nginx TLS Certificate..."
 openssl req -x509 -nodes -newkey rsa:2048 -keyout $TLSNAME.key -out $TLSNAME.crt -days $TLSDAYS -config $TMP_DIR/cert_attributes.txt
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Place TLS Certificate into the defined application path
@ -86,12 +86,12 @@ sudo cp $TLSNAME.crt $DIR_SSL_CERT/$TLSNAME.crt
 # Create a PFX formatted key for easier import to Windows hosts and change permissions to enable copying elsewhere
 echo -e "${GREY}Converting client certificates for Windows & Linux...${GREY}"
 sudo openssl pkcs12 -export -out $TLSNAME.pfx -inkey $TLSNAME.key -in $TLSNAME.crt -password pass:1234
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Change of permissions so certs can be copied via WinSCP.
@ -102,12 +102,12 @@ sudo chown $SUDO_USER:root $TLSNAME.key
 # Backup the current Nginx config before update
 echo -e "${GREY}Backing up previous Nginx proxy to $DOWNLOAD_DIR/$TLSNAME-nginx.bak"
 cp /etc/nginx/sites-enabled/${TLSNAME} $DOWNLOAD_DIR/${TLSNAME}-nginx.bak
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Update Nginx config to accept the new certificates
@ -150,12 +150,12 @@ server {
    }
 }
 EOF
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Update general ufw rules so force traffic via reverse proxy. Only Nginx and SSH will be available over the network.
@ -166,12 +166,12 @@ sudo ufw allow OpenSSH >/dev/null 2>&1
 sudo ufw allow 80/tcp >/dev/null 2>&1
 sudo ufw allow 443/tcp >/dev/null 2>&1
 echo "y" | sudo ufw enable >/dev/null 2>&1
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Reload everything
@ -179,12 +179,12 @@ echo -e "${GREY}Restaring Guacamole & Ngnix..."
 sudo systemctl restart $TOMCAT_VERSION
 sudo systemctl restart guacd
 sudo systemctl restart nginx
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Hack to assist with displaying "$" symbols and " ' quotes in a (cut/paste-able) bash screen output format
--- a/4b-install-tls-letsencrypt-nginx.sh
+++ b/4b-install-tls-letsencrypt-nginx.sh
@ -29,12 +29,12 @@ apt-get install nginx certbot python3-certbot-nginx -qq -y &>>${INSTALL_LOG}
 echo
 echo -e "${GREY}Backing up previous Nginx proxy to $DOWNLOAD_DIR/$PROXY_SITE-nginx.bak"
 cp /etc/nginx/sites-enabled/${PROXY_SITE} $DOWNLOAD_DIR/${PROXY_SITE}-nginx.bak
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Configure Nginx to accept the new certificates
@ -57,12 +57,12 @@ server {
    }
 }
 EOL
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Update general ufw rules so force traffic via reverse proxy. Only Nginx and SSH will be available over the network.
@ -73,12 +73,12 @@ sudo ufw allow OpenSSH >/dev/null 2>&1
 sudo ufw allow 80/tcp >/dev/null 2>&1
 sudo ufw allow 443/tcp >/dev/null 2>&1
 echo "y" | sudo ufw enable >/dev/null 2>&1
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Bounce Nginx to reload the new Nginx config so certbot config can continue
@ -88,12 +88,12 @@ systemctl restart nginx
 certbot --nginx -n -d $LE_DNS_NAME --email $LE_EMAIL --agree-tos --redirect --hsts
 echo -e
 echo -e "${GREY}Let's Encrypt successfully installed, but check for any errors above (DNS & firewall are the usual culprits).${GREY}"
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Select a random daily time to schedule a daily check for Let's Encrypt certificates due to expire in next 30 days.
@ -110,12 +110,12 @@ echo "${MINUTE} ${HOUR} * * * /usr/bin/certbot renew --quiet --pre-hook 'systemc
 # Overwrite old cron settings and cleanup
 crontab cron_1
 rm cron_1
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Reload everything once again
@ -123,11 +123,11 @@ echo -e "${GREY}Restaring Guacamole & Ngnix..."
 sudo systemctl restart $TOMCAT_VERSION
 sudo systemctl restart guacd
 sudo systemctl restart nginx
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
 fi
 # Done
--- a/README.md
+++ b/README.md
@ -1,6 +1,6 @@
 # Guacamole 1.5.3 VDI/Jump Server Appliance Build Script
-<img src="https://github.githubassets.com/images/icons/emoji/sparkles.png" width="35"> This repo makes setting up a Guacamole a breeze. Its got installer support for TLS reverse proxy, Active Directory integration, multi-factor authentication, Quick Connect & History Recording Storage UI enhancements, dark mode and custom UI templates, auto database backup, O365 email alerts and even fail2ban and internal daemon security hardening options. There's also code in here to get you up and running with Guacamole in an enterprise or high availability deployment too!
+<img src="https://github.githubassets.com/images/icons/emoji/sparkles.png" width="35"> This repo makes setting up a Guacamole a breeze. Its got installer support for TLS reverse proxy, Active Directory integration, multi-factor authentication, Quick Connect & History Recording Storage UI enhancements, dark mode and custom UI templates, auto database backup, O365 email alerts and even fail2ban and internal daemon security hardening options. There's also code in here to get you up and running with an enterprise high availability deployment too!
 ## Automatic Installation
@ -10,15 +10,21 @@
 wget https://raw.githubusercontent.com/itiligent/Guacamole-Install/main/1-setup.sh && chmod +x 1-setup.sh && ./1-setup.sh
 ```
-## Prerequisites (Debian 12 now working!)
+## Prerequisites (Yes! Debian 12 is now supported!)
 <img src="https://github.githubassets.com/images/icons/emoji/lock.png" width="35"> **Before diving in, make sure you have:**
- A compatible OS: Ubuntu 18.04 - 22.x, Debian 10, 11 or 12, or Raspbian Buster/Bullseye (If using vendor cloud images stick to stable releases).
+- **A compatible OS:**
    - **Debian 12, 11 or 10**
    - **Ubuntu 23.04, 22.04, 20.04 & 18.04**
    - **Raspbian Buster & Bullseye**
    - **Official vendor cloud images equivalent to the above.**
 - Minimum 8GB RAM and 40GB HDD.
 - DNS entries matching your default appliance network interface IP (essential for TLS).
 - Open TCP ports: 22, 80, and 443.
 23.04, 22.04, 20.04 & 18.04
 ## Installation Menu
 <img src="https://github.githubassets.com/images/icons/emoji/wrench.png" width="35"> **The main script guides you through the installation process in the following steps:**
@ -50,7 +56,7 @@ wget https://raw.githubusercontent.com/itiligent/Guacamole-Install/main/1-setup.
 1. Paste and run the wget autorun link in your home directory.
 2. Exit `1-setup.sh` at the first prompt. (At this point the scripts are downloaded only.)
-3. Customise the huge number of installation variables available in `1-setup.sh` as required. (Certain combinations of edits will produce a fully unattended install.)
+3. Customise the huge number of installation variables available in `1-setup.sh` as required. All options for customisation are found in the top sections of this script only. (Certain combinations of edits will even produce a fully unattended install!)
 4. **Caution: If editing `1-setup.sh`, be aware that running the autorun link again re-downloads and overwrites all changes. You must run setup locally after editing.** (Also be sure to comment out the download links in the setup script for any other edited scripts. There should be little need to edit outside of the setup script's options.)
 5. The **upgrade-guac.sh, add-tls-guac-daemon.sh, refresh-tls-self-signed.sh & backup-guac.sh** scripts are automatically adjusted at installation to match your chosen installation settings. These can be run after install without any modification.
 6. If the self-signed TLS proxy option is selected, browser client TLS certificates will be automatically created and saved to `$HOME/guac-setup`.
--- a/guac-custom-theme-builder/README.MD
+++ b/guac-custom-theme-builder/README.MD
@ -1,7 +1,7 @@
 ## Custom branding & theme instructions ##
-1. Install Java JDK: `sudo apt update && sudo apt -y install default-jdk`
+1. Install the Java JDK: `sudo apt update && sudo apt -y install default-jdk`
 3. Modify `custom-theme.css` ,`guac-manifest.json`, `en.json` & `META-INF` as desired & add your logo .png files to the images directory.
 4. To commit your changes, run the below commands from within the custom-theme-builder directory, then refresh your browser to re-login to Guacamole:
 ```
--- a/guac-enterprise-build/install-mysql-backend-only.sh
+++ b/guac-enterprise-build/install-mysql-backend-only.sh
@ -27,18 +27,18 @@ LYELLOW='\033[0;93m'
 NC='\033[0m' #No Colour
 # Check if user is root or sudo
-if ! [ $(id -u) = 0 ]; then
+if ! [[ $(id -u) = 0 ]]; then
-	echo
+    echo
-	echo -e "${LRED}Please run this script as sudo or root${NC}" 1>&2
+    echo -e "${LRED}Please run this script as sudo or root${NC}" 1>&2
-	exit 1
+    exit 1
 fi
 # Check to see if any previous version of build/install files exist, if so stop and check to be safe.
-if [ "$(find . -maxdepth 1 \( -name 'guacamole-*' -o -name 'mysql-connector-j-*' \))" != "" ]; then
+if [[ "$(find . -maxdepth 1 \( -name 'guacamole-*' -o -name 'mysql-connector-j-*' \))" != "" ]]; then
-	echo
+    echo
-	echo -e "${LRED}Possible previous install files detected. Please review and remove old guacamole install files before proceeding.${GREY}" 1>&2
+    echo -e "${LRED}Possible previous install files detected. Please review and remove old guacamole install files before proceeding.${GREY}" 1>&2
-	echo
+    echo
-	exit 1
+    exit 1
 fi
 #######################################################################################################################
@ -100,14 +100,14 @@ DB_TZ=$(cat /etc/timezone) # Typically system default (cat /etc/timezone) or cha
 # Choose a specific MySQL version e.g. 11.1.2 See https://mariadb.org/mariadb/all-releases/ for available versions.
 MYSQL_VERSION="" # Blank "" forces distro default MySQL packages.
-if [ -z "${MYSQL_VERSION}" ]; then
+if [[ -z "${MYSQL_VERSION}" ]]; then
-	# Use Linux distro default version.
+    # Use Linux distro default version.
-	MYSQLPKG="default-mysql-server default-mysql-client mysql-common"
+    MYSQLPKG="default-mysql-server default-mysql-client mysql-common"
-	DB_CMD="mysql" # mysql command is depricated
+    DB_CMD="mysql" # mysql command is depricated
 else
-	# Use official mariadb.org repo
+    # Use official mariadb.org repo
-	MYSQLPKG="mariadb-server mariadb-client mariadb-common"
+    MYSQLPKG="mariadb-server mariadb-client mariadb-common"
-	DB_CMD="mariadb" # mysql command is depricated on newer versions
+    DB_CMD="mariadb" # mysql command is depricated on newer versions
 fi
 # Update everything but don't do the annoying prompts during apt installs
@ -115,44 +115,44 @@ echo -e "${GREY}Updating base Linux OS..."
 export DEBIAN_FRONTEND=noninteractive
 apt-get update -qq &>>${INSTALL_LOG}
 apt-get upgrade -qq -y &>>${INSTALL_LOG}
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 cd $DOWNLOAD_DIR
 # Add the official MariaDB repo
-if [ -n "${MYSQL_VERSION}" ]; then
+if [[ -n "${MYSQL_VERSION}" ]]; then
-	apt-get -qq -y install curl gnupg2 &>>${INSTALL_LOG}
+    apt-get -qq -y install curl gnupg2 &>>${INSTALL_LOG}
-	curl -LsS -O https://downloads.mariadb.com/MariaDB/mariadb_repo_setup &>>${INSTALL_LOG}
+    curl -LsS -O https://downloads.mariadb.com/MariaDB/mariadb_repo_setup &>>${INSTALL_LOG}
-	bash mariadb_repo_setup --mariadb-server-version=$MYSQL_VERSION &>>${INSTALL_LOG}
+    bash mariadb_repo_setup --mariadb-server-version=$MYSQL_VERSION &>>${INSTALL_LOG}
 fi
 # Download and extract the Guacamole SQL authentication extension containing the database schema
 echo -e "${GREY}Downloading Guacamole database source files..."
 wget -q --show-progress -O guacamole-auth-jdbc-${GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-jdbc-${GUAC_VERSION}.tar.gz
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed to download guacamole-auth-jdbc-${GUAC_VERSION}.tar.gz" 1>&2
+    echo -e "${LRED}Failed to download guacamole-auth-jdbc-${GUAC_VERSION}.tar.gz" 1>&2
-	echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-jdbc-${GUAC_VERSION}.tar.gz"
+    echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-jdbc-${GUAC_VERSION}.tar.gz"
-	exit 1
+    exit 1
 else
-	tar -xzf guacamole-auth-jdbc-${GUAC_VERSION}.tar.gz
+    tar -xzf guacamole-auth-jdbc-${GUAC_VERSION}.tar.gz
 fi
 echo -e "${LGREEN}Downloaded guacamole-auth-jdbc-${GUAC_VERSION}.tar.gz${GREY}"
 echo
 echo -e "${GREY}Installing MySQL packages..."
 apt-get -qq -y install ${MYSQLPKG} &>>${INSTALL_LOG}
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Set the root password without a reliance on debconf.
@ -161,89 +161,89 @@ SQLCODE="
 FLUSH PRIVILEGES;
 ALTER USER 'root'@'localhost' IDENTIFIED BY '$MYSQL_ROOT_PWD';"
 echo ${SQLCODE} | $DB_CMD -u root
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Find the location of the MySQL or MariaDB config files. (Add to this list for more potential candidates.)
 for x in /etc/mysql/mariadb.conf.d/50-server.cnf \
-	/etc/mysql/mysql.conf.d/mysqld.cnf \
+    /etc/mysql/mysql.conf.d/mysqld.cnf \
-	/etc/mysql/my.cnf; do
+    /etc/mysql/my.cnf; do
-	# Check inside each candidate to see if a [mysqld] or [mariadbd] section exists, assign $x the correct filename.
+    # Check inside each candidate to see if a [mysqld] or [mariadbd] section exists, assign $x the correct filename.
-	if [ -e "${x}" ]; then
+    if [[ -e "${x}" ]]; then
-		if grep -qE '^\[(mysqld|mariadbd)\]$' "${x}"; then
+        if grep -qE '^\[(mysqld|mariadbd)\]$' "${x}"; then
-			mysqlconfig="${x}"
+            mysqlconfig="${x}"
-			# Reduce any duplicated section names, then sanitise the [ ] special characters for sed below)
+            # Reduce any duplicated section names, then sanitise the [ ] special characters for sed below)
-			config_section=$(grep -m 1 -E '^\[(mysqld|mariadbd)\]$' "${x}" | sed 's/\[\(.*\)\]/\1/')
+            config_section=$(grep -m 1 -E '^\[(mysqld|mariadbd)\]$' "${x}" | sed 's/\[\(.*\)\]/\1/')
-			break
+            break
-		fi
+        fi
-	fi
+    fi
 done
 # Set the MySQL Timezone
-if [ -z "${mysqlconfig}" ]; then
+if [[ -z "${mysqlconfig}" ]]; then
-	echo -e "${GREY}Couldn't detect MySQL config file - you will need to manually configure database timezone settings"
+    echo -e "${GREY}Couldn't detect MySQL config file - you will need to manually configure database timezone settings"
 else
-	# Is there already a timzeone value configured?
+    # Is there already a timzeone value configured?
-	if grep -q "^default_time_zone[[:space:]]=" "${mysqlconfig}"; then
+    if grep -q "^default_time_zone[[:space:]]=" "${mysqlconfig}"; then
-		echo -e "MySQL database timezone defined in ${mysqlconfig}"
+        echo -e "MySQL database timezone defined in ${mysqlconfig}"
-	else
+    else
-		timezone=${DB_TZ}
+        timezone=${DB_TZ}
-		if [ -z "${DB_TZ}" ]; then
+        if [[ -z "${DB_TZ}" ]]; then
-			echo -e "Couldn't find system timezone, using UTC$"
+            echo -e "Couldn't find system timezone, using UTC$"
-			timezone="UTC"
+            timezone="UTC"
-		fi
+        fi
-		echo -e "Setting MySQL database timezone as ${timezone}${GREY}"
+        echo -e "Setting MySQL database timezone as ${timezone}${GREY}"
-		mysql_tzinfo_to_sql /usr/share/zoneinfo 2>/dev/null | ${DB_CMD} -u root -D mysql -p${MYSQL_ROOT_PWD}
+        mysql_tzinfo_to_sql /usr/share/zoneinfo 2>/dev/null | ${DB_CMD} -u root -D mysql -p${MYSQL_ROOT_PWD}
-		# Add the timzone value to the sanitsed server file section name.
+        # Add the timzone value to the sanitsed server file section name.
-		sed -i -e "/^\[${config_section}\]/a default_time_zone = ${timezone}" "${mysqlconfig}"
+        sed -i -e "/^\[${config_section}\]/a default_time_zone = ${timezone}" "${mysqlconfig}"
-	fi
+    fi
 fi
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed${GREY}" 1>&2
+    echo -e "${LRED}Failed${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Set the MySQL binding IP address to whatever the setup variable is set to.
 echo -e "${GREY}Setting MySQL IP address binding to ${MYSQL_BIND_ADDR}..."
 sed -i "s/^bind-address[[:space:]]*=[[:space:]]*.*/bind-address = ${MYSQL_BIND_ADDR}/g" ${mysqlconfig}
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed${GREY}" 1>&2
+    echo -e "${LRED}Failed${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Establish the appropriate form of Guacamole user account access (remote or localhost login permissions)
 echo -e "${GREY}Setting up database access parameters for the Guacamole user ..."
-if [ "${BACKEND_MYSQL}" = true ] && [ -z "${FRONTEND_NET}" ]; then
+if [[ "${BACKEND_MYSQL}" = true ]] && [[ -z "${FRONTEND_NET}" ]]; then
-	echo -e "${LYELLOW}${GUAC_USER} is set to accept db logins from any host, you may wish to limit this to specific IPs.${GREY}"
+    echo -e "${LYELLOW}${GUAC_USER} is set to accept db logins from any host, you may wish to limit this to specific IPs.${GREY}"
-	# e.g. RENAME USER '${GUAC_USER}'@'%' TO '${GUAC_USER}'@'xx.xx.xx.%';"
+    # e.g. RENAME USER '${GUAC_USER}'@'%' TO '${GUAC_USER}'@'xx.xx.xx.%';"
-	GUAC_USERHost="%" # Allow all IPs
+    GUAC_USERHost="%" # Allow all IPs
-elif [ "${BACKEND_MYSQL}" = true ] && [ -n "${FRONTEND_NET}" ]; then
+elif [[ "${BACKEND_MYSQL}" = true ]] && [[ -n "${FRONTEND_NET}" ]]; then
-	echo -e "${LYELLOW}${GUAC_USER} is set to accept db logins from ${FRONTEND_NET}.${GREY}"
+    echo -e "${LYELLOW}${GUAC_USER} is set to accept db logins from ${FRONTEND_NET}.${GREY}"
-	GUAC_USERHost="${FRONTEND_NET}" # Apply the given range
+    GUAC_USERHost="${FRONTEND_NET}" # Apply the given range
-elif [ "${BACKEND_MYSQL}" = false ] || [ -z "${BACKEND_MYSQL}" ]; then
+elif [[ "${BACKEND_MYSQL}" = false ]] || [[ -z "${BACKEND_MYSQL}" ]]; then
-	echo -e "${LYELLOW}${GUAC_USER} is set to accept db logins from localhost only.${GREY}"
+    echo -e "${LYELLOW}${GUAC_USER} is set to accept db logins from localhost only.${GREY}"
-	GUAC_USERHost=localhost # Assume a localhost only install
+    GUAC_USERHost=localhost # Assume a localhost only install
 else
-	echo -e "${LYELLOW}${GUAC_USER} is set to accept db logins from localhost only.${GREY}"
+    echo -e "${LYELLOW}${GUAC_USER} is set to accept db logins from localhost only.${GREY}"
-	GUAC_USERHost=localhost # Assume a localhost only install
+    GUAC_USERHost=localhost # Assume a localhost only install
 fi
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed${GREY}" 1>&2
+    echo -e "${LRED}Failed${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Create the new Guacamole database
@ -256,30 +256,30 @@ GRANT SELECT,INSERT,UPDATE,DELETE ON ${GUAC_DB}.* TO '${GUAC_USER}'@'${GUAC_USER
 FLUSH PRIVILEGES;"
 # Execute SQL code
 echo ${SQLCODE} | $DB_CMD -u root -D mysql -p${MYSQL_ROOT_PWD}
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed${GREY}" 1>&2
+    echo -e "${LRED}Failed${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Add Guacamole's schema code to newly created database
 echo -e "${GREY}Adding the Guacamole database schema..."
 cat guacamole-auth-jdbc-${GUAC_VERSION}/mysql/schema/*.sql | $DB_CMD -u root -D ${GUAC_DB} -p${MYSQL_ROOT_PWD}
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed${GREY}" 1>&2
+    echo -e "${LRED}Failed${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Apply Secure MySQL installation settings
-if [ "${SECURE_MYSQL}" = true ]; then
+if [[ "${SECURE_MYSQL}" = true ]]; then
-	apt-get -qq -y install expect &>>${INSTALL_LOG}
+    apt-get -qq -y install expect &>>${INSTALL_LOG}
-	echo -e "${GREY}Applying mysql_secure_installation settings...${DGREY}"
+    echo -e "${GREY}Applying mysql_secure_installation settings...${DGREY}"
-	SECURE_MYSQL=$(expect -c "
+    SECURE_MYSQL=$(expect -c "
 set timeout 10
 spawn mysql_secure_installation
 expect \"Enter current password for root (enter for none):\"
@ -298,26 +298,26 @@ expect \"Reload privilege tables now?\"
 send \"y\r\"
 expect eof
 ")
-	echo "$SECURE_MYSQL"
+    echo "$SECURE_MYSQL"
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+        echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-		exit 1
+        exit 1
-	else
+    else
-		echo -e "${LGREEN}OK${GREY}"
+        echo -e "${LGREEN}OK${GREY}"
-		echo
+        echo
-	fi
+    fi
 fi
 # Restart & enable MySQL service at boot
 echo -e "${GREY}Restarting MySQL service & enable at boot..."
 systemctl enable mysql
 systemctl restart mysql
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed${GREY}" 1>&2
+    echo -e "${LRED}Failed${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Cleanup
@ -325,12 +325,12 @@ echo -e "${GREY}Cleaning up install files...${GREY}"
 apt-get -y remove expect &>>${INSTALL_LOG}
 apt-get -y autoremove &>>${INSTALL_LOG}
 rm -rf guacamole-*
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${LOG_LOCATION}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${LOG_LOCATION}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Done
--- a/guac-enterprise-build/upgrade-mysql-backend-only.sh
+++ b/guac-enterprise-build/upgrade-mysql-backend-only.sh
@ -25,18 +25,18 @@ LYELLOW='\033[0;93m'
 NC='\033[0m' #No Colour
 # Check if user is root or sudo
-if ! [ $(id -u) = 0 ]; then
+if ! [[ $(id -u) = 0 ]]; then
-	echo
+    echo
-	echo -e "${LRED}Please run this script as sudo or root${NC}" 1>&2
+    echo -e "${LRED}Please run this script as sudo or root${NC}" 1>&2
-	exit 1
+    exit 1
 fi
 # Check to see if any previous version of build/install files exist, if so stop and check to be safe.
-if [ "$(find . -maxdepth 1 \( -name 'guacamole-*' -o -name 'mysql-connector-j-*' \))" != "" ]; then
+if [[ "$(find . -maxdepth 1 \( -name 'guacamole-*' -o -name 'mysql-connector-j-*' \))" != "" ]]; then
-	echo
+    echo
-	echo -e "${LRED}Possible previous install files detected. Please review and remove old guacamole install files before proceeding.${GREY}" 1>&2
+    echo -e "${LRED}Possible previous install files detected. Please review and remove old guacamole install files before proceeding.${GREY}" 1>&2
-	echo
+    echo
-	exit 1
+    exit 1
 fi
 #######################################################################################################################
@ -82,12 +82,12 @@ echo
 # Download and extract the Guacamole SQL authentication extension containing the database schema
 wget -q --show-progress -O guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed to download guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz" 1>&2
+    echo -e "${LRED}Failed to download guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz" 1>&2
-	echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz"
+    echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz"
-	exit 1
+    exit 1
 else
-	tar -xzf guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz
+    tar -xzf guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz
 fi
 echo
@ -97,40 +97,40 @@ UPGRADEFILES=($(ls -1 guacamole-auth-jdbc-${NEW_GUAC_VERSION}/mysql/schema/upgra
 # Compare SQL Upgrage Files against old version, apply upgrades as needed
 for FILE in ${UPGRADEFILES[@]}; do
-	FILEVERSION=$(echo ${FILE} | grep -oP 'upgrade-pre-\K[0-9\.]+(?=\.)')
+    FILEVERSION=$(echo ${FILE} | grep -oP 'upgrade-pre-\K[0-9\.]+(?=\.)')
-	if [[ $(echo -e "${FILEVERSION}\n${OLD_GUAC_VERSION}" | sort -V | head -n1) == ${OLD_GUAC_VERSION} && ${FILEVERSION} != ${OLD_GUAC_VERSION} ]]; then
+    if [[ $(echo -e "${FILEVERSION}\n${OLD_GUAC_VERSION}" | sort -V | head -n1) == ${OLD_GUAC_VERSION} && ${FILEVERSION} != ${OLD_GUAC_VERSION} ]]; then
-		echo "Patching ${GUAC_DB} with ${FILE}"
+        echo "Patching ${GUAC_DB} with ${FILE}"
-		mariadb -u root -D ${GUAC_DB} -p${MYSQL_ROOT_PWD} <guacamole-auth-jdbc-${NEW_GUAC_VERSION}/mysql/schema/upgrade/${FILE} &>>${INSTALL_LOG}
+        mariadb -u root -D ${GUAC_DB} -p${MYSQL_ROOT_PWD} <guacamole-auth-jdbc-${NEW_GUAC_VERSION}/mysql/schema/upgrade/${FILE} &>>${INSTALL_LOG}
-	fi
+    fi
 done
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}SQL upgrade failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}SQL upgrade failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Restart MySQL service
 echo -e "${GREY}Restarting MySQL service..."
 systemctl restart mysql
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed${GREY}" 1>&2
+    echo -e "${LRED}Failed${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Cleanup
 echo -e "${GREY}Clean up install files...${GREY}"
 rm -rf guacamole-*
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Done
--- a/guac-management/backup-guac.sh
+++ b/guac-management/backup-guac.sh
@ -39,28 +39,28 @@ echo -e "${LGREEN}Backup started for database - ${GUAC_DB}"
 echo
 mysqldump -h ${MYSQL_HOST} \
-	-P ${MYSQL_PORT} \
+    -P ${MYSQL_PORT} \
-	-u ${GUAC_USER} \
+    -u ${GUAC_USER} \
-	-p"${GUAC_PWD}" \
+    -p"${GUAC_PWD}" \
-	${GUAC_DB} \
+    ${GUAC_DB} \
-	--single-transaction --quick --lock-tables=false >${DB_BACKUP_DIR}${GUAC_DB}-${TODAY}.sql
+    --single-transaction --quick --lock-tables=false >${DB_BACKUP_DIR}${GUAC_DB}-${TODAY}.sql
 SQLFILE=${DB_BACKUP_DIR}${GUAC_DB}-${TODAY}.sql
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Backup failed.${GREY}" 1>&2
+    echo -e "${LRED}Backup failed.${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}Backup completed ok.${GREY}"
+    echo -e "${LGREEN}Backup completed ok.${GREY}"
-	echo
+    echo
 fi
 gzip -f ${SQLFILE}
 # Error check and email alerts
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Backup failed.${GREY}" 1>&2
+    echo -e "${LRED}Backup failed.${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}${GUAC_DB} backup was successfully copied to ${DB_BACKUP_DIR}"
+    echo -e "${LGREEN}${GUAC_DB} backup was successfully copied to ${DB_BACKUP_DIR}"
-	#mailx -s "Guacamomle Database Backup Success" ${BACKUP_EMAIL}
+    #mailx -s "Guacamomle Database Backup Success" ${BACKUP_EMAIL}
-	echo "${GUAC_DB} backup was successfully copied to $DB_BACKUP_DIR" | mailx -s "Guacamole backup " ${BACKUP_EMAIL}
+    echo "${GUAC_DB} backup was successfully copied to $DB_BACKUP_DIR" | mailx -s "Guacamole backup " ${BACKUP_EMAIL}
 fi
 echo -e ${NC}
--- a/guac-management/refresh-tls-self-signed.sh
+++ b/guac-management/refresh-tls-self-signed.sh
@ -23,11 +23,11 @@ LYELLOW='\033[0;93m'
 NC='\033[0m' #No Colour
 # Check if user is root or sudo
-if ! [ $(id -u) = 0 ]; then
+if ! [[ $(id -u) = 0 ]]; then
-	echo
+    echo
-	echo -e "${LRED}Please run this script as sudo or root${NC}" 1>&2
+    echo -e "${LRED}Please run this script as sudo or root${NC}" 1>&2
-	echo
+    echo
-	exit 1
+    exit 1
 fi
 echo
@ -61,19 +61,19 @@ CERT_DAYS=
 DEFAULT_IP=
 # Assume the values used by the guacamole installer if the script is run without any command line options
-if [ -z "$1" ] | [ -z "$2" ] | [ -z "$3" ]; then
+if [[ -z "$1" ]] | [[ -z "$2" ]] | [[ -z "$3" ]]; then
-	TLSNAME=$PROXY_SITE
+    TLSNAME=$PROXY_SITE
-	TLSDAYS=$CERT_DAYS
+    TLSDAYS=$CERT_DAYS
-	TLSIP=$DEFAULT_IP
+    TLSIP=$DEFAULT_IP
 fi
 # Make directories to place TLS Certificate if they don't exist
 if [[ ! -d $DIR_SSL_KEY ]]; then
-	sudo mkdir -p $DIR_SSL_KEY
+    sudo mkdir -p $DIR_SSL_KEY
 fi
 if [[ ! -d $DIR_SSL_CERT ]]; then
-	sudo mkdir -p $DIR_SSL_CERT
+    sudo mkdir -p $DIR_SSL_CERT
 fi
 echo -e "${GREY}New self signed TLS certificate attributes are shown below...${DGREY}"
@ -107,12 +107,12 @@ echo
 # Create the new certificates
 echo "{$GREY}Creating a new TLS Certificate..."
 openssl req -x509 -nodes -newkey rsa:2048 -keyout $TLSNAME.key -out $TLSNAME.crt -days $TLSDAYS -config cert_attributes.txt
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed.${GREY}" 1>&2
+    echo -e "${LRED}Failed.${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Place TLS Certificate into the defined application path
@ -122,12 +122,12 @@ cp $TLSNAME.crt $DIR_SSL_CERT/$TLSNAME.crt
 # Create a PFX formatted key for easier import to Windows hosts and change permissions to enable copying elsewhere
 echo -e "${GREY}Converting client certificates for Windows & Linux...${GREY}"
 openssl pkcs12 -export -out $TLSNAME.pfx -inkey $TLSNAME.key -in $TLSNAME.crt -password pass:1234
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed.${GREY}" 1>&2
+    echo -e "${LRED}Failed.${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Change of permissions so certs can be copied via WinSCP.
@ -139,12 +139,12 @@ TOMCAT=$(ls /etc/ | grep tomcat)
 systemctl restart $TOMCAT
 systemctl restart guacd
 systemctl restart nginx
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed.${GREY}" 1>&2
+    echo -e "${LRED}Failed.${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Hack to assist with displaying "$" symbols and " ' quotes in a (cut/paste-able) bash screen output format
--- a/guac-management/upgrade-guac.sh
+++ b/guac-management/upgrade-guac.sh
@ -22,18 +22,18 @@ LYELLOW='\033[0;93m'
 NC='\033[0m' #No Colour
 # Check if user is root or sudo
-if ! [ $(id -u) = 0 ]; then
+if ! [[ $(id -u) = 0 ]]; then
-	echo
+    echo
-	echo -e "${LRED}Please run this script as sudo or root${NC}" 1>&2
+    echo -e "${LRED}Please run this script as sudo or root${NC}" 1>&2
-	exit 1
+    exit 1
 fi
 # Check to see if any previous version of build/install files exist, if so stop and check to be safe.
-if [ "$(find . -maxdepth 1 \( -name 'guacamole-*' -o -name 'mysql-connector-j-*' \))" != "" ]; then
+if [[ "$(find . -maxdepth 1 \( -name 'guacamole-*' -o -name 'mysql-connector-j-*' \))" != "" ]]; then
-	echo
+    echo
-	echo -e "${LRED}Possible previous install files detected. Please review and remove old guacamole install files before proceeding.${GREY}" 1>&2
+    echo -e "${LRED}Possible previous install files detected. Please review and remove old guacamole install files before proceeding.${GREY}" 1>&2
-	echo
+    echo
-	exit 1
+    exit 1
 fi
 #######################################################################################################################
@ -96,52 +96,52 @@ cd $DOWNLOAD_DIR
 echo
 echo -e "${GREY}Downloading updated Guacamole source files and beginning Guacamole ${OLD_GUAC_VERSION} to ${NEW_GUAC_VERSION} upgrade..."
 wget -q --show-progress -O guacamole-${NEW_GUAC_VERSION}.war ${GUAC_SOURCE_LINK}/binary/guacamole-${NEW_GUAC_VERSION}.war
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed to download guacamole-${NEW_GUAC_VERSION}.war" 1>&2
+    echo -e "${LRED}Failed to download guacamole-${NEW_GUAC_VERSION}.war" 1>&2
-	echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-${NEW_GUAC_VERSION}.war${GREY}"
+    echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-${NEW_GUAC_VERSION}.war${GREY}"
-	exit 1
+    exit 1
 else
-	rm /etc/guacamole/guacamole.war
+    rm /etc/guacamole/guacamole.war
-	mv -f guacamole-${NEW_GUAC_VERSION}.war /etc/guacamole/guacamole.war
+    mv -f guacamole-${NEW_GUAC_VERSION}.war /etc/guacamole/guacamole.war
-	chmod 664 /etc/guacamole/guacamole.war
+    chmod 664 /etc/guacamole/guacamole.war
 fi
 echo -e "${LGREEN}Upgraded Guacamole client to version ${NEW_GUAC_VERSION}${GREY}"
 # Download and upgrade Guacamole SQL authentication extension
 wget -q --show-progress -O guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed to download guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz" 1>&2
+    echo -e "${LRED}Failed to download guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz" 1>&2
-	echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz"
+    echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz"
-	exit 1
+    exit 1
 else
-	tar -xzf guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz
+    tar -xzf guacamole-auth-jdbc-${NEW_GUAC_VERSION}.tar.gz
-	rm /etc/guacamole/extensions/guacamole-auth-jdbc-*.jar
+    rm /etc/guacamole/extensions/guacamole-auth-jdbc-*.jar
-	mv -f guacamole-auth-jdbc-${NEW_GUAC_VERSION}/mysql/guacamole-auth-jdbc-mysql-${NEW_GUAC_VERSION}.jar /etc/guacamole/extensions/
+    mv -f guacamole-auth-jdbc-${NEW_GUAC_VERSION}/mysql/guacamole-auth-jdbc-mysql-${NEW_GUAC_VERSION}.jar /etc/guacamole/extensions/
-	chmod 664 /etc/guacamole/extensions/guacamole-auth-jdbc-mysql-${NEW_GUAC_VERSION}.jar
+    chmod 664 /etc/guacamole/extensions/guacamole-auth-jdbc-mysql-${NEW_GUAC_VERSION}.jar
 fi
 echo -e "${LGREEN}Upgraded Guacamole SQL jdbc to version ${NEW_GUAC_VERSION}${GREY}"
 # Download MySQL connector/j
 wget -q --show-progress -O mysql-connector-j-${NEW_MYSQLJCON}.tar.gz https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-j-${NEW_MYSQLJCON}.tar.gz
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed to download mysql-connector-j-${NEW_MYSQLJCON}.tar.gz" 1>&2
+    echo -e "${LRED}Failed to download mysql-connector-j-${NEW_MYSQLJCON}.tar.gz" 1>&2
-	echo -e "https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-j-${NEW_MYSQLJCON}}.tar.gz${GREY}"
+    echo -e "https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-j-${NEW_MYSQLJCON}}.tar.gz${GREY}"
-	exit 1
+    exit 1
 else
-	tar -xzf mysql-connector-j-${NEW_MYSQLJCON}.tar.gz
+    tar -xzf mysql-connector-j-${NEW_MYSQLJCON}.tar.gz
-	rm /etc/guacamole/lib/mysql-connector-java.jar
+    rm /etc/guacamole/lib/mysql-connector-java.jar
-	mv -f mysql-connector-j-${NEW_MYSQLJCON}/mysql-connector-j-${NEW_MYSQLJCON}.jar /etc/guacamole/lib/mysql-connector-java.jar
+    mv -f mysql-connector-j-${NEW_MYSQLJCON}/mysql-connector-j-${NEW_MYSQLJCON}.jar /etc/guacamole/lib/mysql-connector-java.jar
 fi
 echo -e "${LGREEN}Upgraded MySQL connector/j to ${NEW_MYSQLJCON}${GREY}"
 # Download Guacamole Server
 wget -q --show-progress -O guacamole-server-${NEW_GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/source/guacamole-server-${NEW_GUAC_VERSION}.tar.gz
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed to download guacamole-server-${NEW_GUAC_VERSION}.tar.gz" 1>&2
+    echo -e "${LRED}Failed to download guacamole-server-${NEW_GUAC_VERSION}.tar.gz" 1>&2
-	echo -e "${GUAC_SOURCE_LINK}/source/guacamole-server-${NEW_GUAC_VERSION}.tar.gz${GREY}"
+    echo -e "${GUAC_SOURCE_LINK}/source/guacamole-server-${NEW_GUAC_VERSION}.tar.gz${GREY}"
-	exit 1
+    exit 1
 else
-	tar -xzf guacamole-server-${NEW_GUAC_VERSION}.tar.gz
+    tar -xzf guacamole-server-${NEW_GUAC_VERSION}.tar.gz
 fi
 echo -e "${LGREEN}Downloaded guacamole-server-${NEW_GUAC_VERSION}.tar.gz${GREY}"
@ -153,163 +153,163 @@ echo -e "${GREY}Compiling Guacamole-Server ${NEW_GUAC_VERSION} from source with
 export CFLAGS="-Wno-error"
 # Configure Guacamole Server source
 ./configure --with-systemd-dir=/etc/systemd/system &>>${INSTALL_LOG}
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo "Failed to configure guacamole-server"
+    echo "Failed to configure guacamole-server"
-	echo "Trying again with --enable-allow-freerdp-snapshots"
+    echo "Trying again with --enable-allow-freerdp-snapshots"
-	./configure --with-systemd-dir=/etc/systemd/system --enable-allow-freerdp-snapshots
+    ./configure --with-systemd-dir=/etc/systemd/system --enable-allow-freerdp-snapshots
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo "Failed to configure guacamole-server - again"
+        echo "Failed to configure guacamole-server - again"
-		exit
+        exit
-	fi
+    fi
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 echo -e "${GREY}Running make and building the upgraded Guacamole-Server application..."
 make &>>${INSTALL_LOG}
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 echo -e "${GREY}Installing the upgraded Guacamole-Server..."
 make install &>>${INSTALL_LOG}
 ldconfig
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 cd ..
 # Don't run the SQL upgrade commands if original setup option was set to remote MySQL instance. - Use separate DB update script.
-if [ "${INSTALL_MYSQL}" = true ]; then
+if [[ "${INSTALL_MYSQL}" = true ]]; then
-	# Get list of SQL Upgrade Files
+    # Get list of SQL Upgrade Files
-	echo -e "${GREY}Upgrading MySQL Schema..."
+    echo -e "${GREY}Upgrading MySQL Schema..."
-	UPGRADEFILES=($(ls -1 guacamole-auth-jdbc-${NEW_GUAC_VERSION}/mysql/schema/upgrade/ | sort -V))
+    UPGRADEFILES=($(ls -1 guacamole-auth-jdbc-${NEW_GUAC_VERSION}/mysql/schema/upgrade/ | sort -V))
-	# Compare SQL Upgrage Files against old version, apply upgrades as needed
+    # Compare SQL Upgrage Files against old version, apply upgrades as needed
-	for FILE in ${UPGRADEFILES[@]}; do
+    for FILE in ${UPGRADEFILES[@]}; do
-		FILEVERSION=$(echo ${FILE} | grep -oP 'upgrade-pre-\K[0-9\.]+(?=\.)')
+        FILEVERSION=$(echo ${FILE} | grep -oP 'upgrade-pre-\K[0-9\.]+(?=\.)')
-		if [[ $(echo -e "${FILEVERSION}\n${OLD_GUAC_VERSION}" | sort -V | head -n1) == ${OLD_GUAC_VERSION} && ${FILEVERSION} != ${OLD_GUAC_VERSION} ]]; then
+        if [[ $(echo -e "${FILEVERSION}\n${OLD_GUAC_VERSION}" | sort -V | head -n1) == ${OLD_GUAC_VERSION} && ${FILEVERSION} != ${OLD_GUAC_VERSION} ]]; then
-			echo "Patching ${GUAC_DB} with ${FILE}"
+            echo "Patching ${GUAC_DB} with ${FILE}"
-			mysql -u root -D ${GUAC_DB} -h ${MYSQL_HOST} -P ${MYSQL_PORT} <guacamole-auth-jdbc-${NEW_GUAC_VERSION}/mysql/schema/upgrade/${FILE} &>>${INSTALL_LOG}
+            mysql -u root -D ${GUAC_DB} -h ${MYSQL_HOST} -P ${MYSQL_PORT} <guacamole-auth-jdbc-${NEW_GUAC_VERSION}/mysql/schema/upgrade/${FILE} &>>${INSTALL_LOG}
-		fi
+        fi
-	done
+    done
-	if [ $? -ne 0 ]; then
+    if [[ $? -ne 0 ]]; then
-		echo -e "${LRED}SQL upgrade failed. See ${INSTALL_LOG}${GREY}" 1>&2
+        echo -e "${LRED}SQL upgrade failed. See ${INSTALL_LOG}${GREY}" 1>&2
-		exit 1
+        exit 1
-	else
+    else
-		echo -e "${LGREEN}OK${GREY}"
+        echo -e "${LGREEN}OK${GREY}"
-		echo
+        echo
-	fi
+    fi
 fi
 # Check for TOTP extension and upgrade if found
 for file in /etc/guacamole/extensions/guacamole-auth-totp*.jar; do
-	if [[ -f $file ]]; then
+    if [[ -f $file ]]; then
-		echo -e "${LGREEN}TOTP authentication extension was found, upgrading...${GREY}"
+        echo -e "${LGREEN}TOTP authentication extension was found, upgrading...${GREY}"
-		rm /etc/guacamole/extensions/guacamole-auth-totp*.jar &>>${INSTALL_LOG}
+        rm /etc/guacamole/extensions/guacamole-auth-totp*.jar &>>${INSTALL_LOG}
-		wget -q --show-progress -O guacamole-auth-totp-${NEW_GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-totp-${NEW_GUAC_VERSION}.tar.gz
+        wget -q --show-progress -O guacamole-auth-totp-${NEW_GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-totp-${NEW_GUAC_VERSION}.tar.gz
-		if [ $? -ne 0 ]; then
+        if [[ $? -ne 0 ]]; then
-			echo -e "${LRED}Failed to download guacamole-auth-totp-${NEW_GUAC_VERSION}.tar.gz" 1>&2
+            echo -e "${LRED}Failed to download guacamole-auth-totp-${NEW_GUAC_VERSION}.tar.gz" 1>&2
-			echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-totp-${NEW_GUAC_VERSION}.tar.gz"
+            echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-totp-${NEW_GUAC_VERSION}.tar.gz"
-			exit 1
+            exit 1
-		fi
+        fi
-		tar -xzf guacamole-auth-totp-${NEW_GUAC_VERSION}.tar.gz &>>${INSTALL_LOG}
+        tar -xzf guacamole-auth-totp-${NEW_GUAC_VERSION}.tar.gz &>>${INSTALL_LOG}
-		mv -f guacamole-auth-totp-${NEW_GUAC_VERSION}/guacamole-auth-totp-${NEW_GUAC_VERSION}.jar /etc/guacamole/extensions/ &>>${INSTALL_LOG}
+        mv -f guacamole-auth-totp-${NEW_GUAC_VERSION}/guacamole-auth-totp-${NEW_GUAC_VERSION}.jar /etc/guacamole/extensions/ &>>${INSTALL_LOG}
-		chmod 664 /etc/guacamole/extensions/guacamole-auth-totp-${NEW_GUAC_VERSION}.jar
+        chmod 664 /etc/guacamole/extensions/guacamole-auth-totp-${NEW_GUAC_VERSION}.jar
-		echo -e "${LGREEN}Upgraded TOTP extension to version ${NEW_GUAC_VERSION}${GREY}"
+        echo -e "${LGREEN}Upgraded TOTP extension to version ${NEW_GUAC_VERSION}${GREY}"
-		echo
+        echo
-		break
+        break
-	fi
+    fi
 done
 # Check for DUO extension and upgrade if found
 for file in /etc/guacamole/extensions/guacamole-auth-duo*.jar; do
-	if [[ -f $file ]]; then
+    if [[ -f $file ]]; then
-		echo -e "${LGREEN}DUO authentication extension was found, upgrading...${GREY}"
+        echo -e "${LGREEN}DUO authentication extension was found, upgrading...${GREY}"
-		rm /etc/guacamole/extensions/guacamole-auth-duo*.jar &>>${INSTALL_LOG}
+        rm /etc/guacamole/extensions/guacamole-auth-duo*.jar &>>${INSTALL_LOG}
-		wget -q --show-progress -O guacamole-auth-duo-${NEW_GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-duo-${NEW_GUAC_VERSION}.tar.gz
+        wget -q --show-progress -O guacamole-auth-duo-${NEW_GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-duo-${NEW_GUAC_VERSION}.tar.gz
-		if [ $? -ne 0 ]; then
+        if [[ $? -ne 0 ]]; then
-			echo -e "${LRED}Failed to download guacamole-auth-duo-${NEW_GUAC_VERSION}.tar.gz" 1>&2
+            echo -e "${LRED}Failed to download guacamole-auth-duo-${NEW_GUAC_VERSION}.tar.gz" 1>&2
-			echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-duo-${NEW_GUAC_VERSION}.tar.gz"
+            echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-duo-${NEW_GUAC_VERSION}.tar.gz"
-			exit 1
+            exit 1
-		fi
+        fi
-		tar -xzf guacamole-auth-duo-${NEW_GUAC_VERSION}.tar.gz &>>${INSTALL_LOG}
+        tar -xzf guacamole-auth-duo-${NEW_GUAC_VERSION}.tar.gz &>>${INSTALL_LOG}
-		mv -f guacamole-auth-duo-${NEW_GUAC_VERSION}/guacamole-auth-duo-${NEW_GUAC_VERSION}.jar /etc/guacamole/extensions/ &>>${INSTALL_LOG}
+        mv -f guacamole-auth-duo-${NEW_GUAC_VERSION}/guacamole-auth-duo-${NEW_GUAC_VERSION}.jar /etc/guacamole/extensions/ &>>${INSTALL_LOG}
-		chmod 664 /etc/guacamole/extensions/guacamole-auth-duo-${NEW_GUAC_VERSION}.jar
+        chmod 664 /etc/guacamole/extensions/guacamole-auth-duo-${NEW_GUAC_VERSION}.jar
-		echo -e "${LGREEN}Upgraded DUO extension to version ${NEW_GUAC_VERSION}${GREY}"
+        echo -e "${LGREEN}Upgraded DUO extension to version ${NEW_GUAC_VERSION}${GREY}"
-		echo
+        echo
-		break
+        break
-	fi
+    fi
 done
 # Check for LDAP extension and upgrade if found
 for file in /etc/guacamole/extensions/guacamole-auth-ldap*.jar; do
-	if [[ -f $file ]]; then
+    if [[ -f $file ]]; then
-		echo -e "${LGREEN}LDAP authentication extension was found, upgrading...${GREY}"
+        echo -e "${LGREEN}LDAP authentication extension was found, upgrading...${GREY}"
-		rm /etc/guacamole/extensions/guacamole-auth-ldap*.jar &>>${INSTALL_LOG}
+        rm /etc/guacamole/extensions/guacamole-auth-ldap*.jar &>>${INSTALL_LOG}
-		wget -q --show-progress -O guacamole-auth-ldap-${NEW_GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-ldap-${NEW_GUAC_VERSION}.tar.gz
+        wget -q --show-progress -O guacamole-auth-ldap-${NEW_GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-ldap-${NEW_GUAC_VERSION}.tar.gz
-		if [ $? -ne 0 ]; then
+        if [[ $? -ne 0 ]]; then
-			echo -e "${LRED}Failed to download guacamole-auth-ldap-${NEW_GUAC_VERSION}.tar.gz" 1>&2
+            echo -e "${LRED}Failed to download guacamole-auth-ldap-${NEW_GUAC_VERSION}.tar.gz" 1>&2
-			echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-ldap-${NEW_GUAC_VERSION}.tar.gz"
+            echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-ldap-${NEW_GUAC_VERSION}.tar.gz"
-			exit 1
+            exit 1
-		fi
+        fi
-		tar -xzf guacamole-auth-ldap-${NEW_GUAC_VERSION}.tar.gz &>>${INSTALL_LOG}
+        tar -xzf guacamole-auth-ldap-${NEW_GUAC_VERSION}.tar.gz &>>${INSTALL_LOG}
-		mv -f guacamole-auth-ldap-${NEW_GUAC_VERSION}/guacamole-auth-ldap-${NEW_GUAC_VERSION}.jar /etc/guacamole/extensions/ &>>${INSTALL_LOG}
+        mv -f guacamole-auth-ldap-${NEW_GUAC_VERSION}/guacamole-auth-ldap-${NEW_GUAC_VERSION}.jar /etc/guacamole/extensions/ &>>${INSTALL_LOG}
-		chmod 664 /etc/guacamole/extensions/guacamole-auth-ldap-${NEW_GUAC_VERSION}.jar
+        chmod 664 /etc/guacamole/extensions/guacamole-auth-ldap-${NEW_GUAC_VERSION}.jar
-		echo -e "${LGREEN}Upgraded LDAP extension to version ${NEW_GUAC_VERSION}${GREY}"
+        echo -e "${LGREEN}Upgraded LDAP extension to version ${NEW_GUAC_VERSION}${GREY}"
-		echo
+        echo
-		break
+        break
-	fi
+    fi
 done
 # Check for Quick Connection extension and upgrade if found
 for file in /etc/guacamole/extensions/guacamole-auth-quickconnect*.jar; do
-	if [[ -f $file ]]; then
+    if [[ -f $file ]]; then
-		echo -e "${LGREEN}Quick Connect extension was found, upgrading...${GREY}"
+        echo -e "${LGREEN}Quick Connect extension was found, upgrading...${GREY}"
-		rm /etc/guacamole/extensions/guacamole-auth-quickconnect*.jar &>>${INSTALL_LOG}
+        rm /etc/guacamole/extensions/guacamole-auth-quickconnect*.jar &>>${INSTALL_LOG}
-		wget -q --show-progress -O guacamole-auth-quickconnect-${NEW_GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-quickconnect-${NEW_GUAC_VERSION}.tar.gz
+        wget -q --show-progress -O guacamole-auth-quickconnect-${NEW_GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-quickconnect-${NEW_GUAC_VERSION}.tar.gz
-		if [ $? -ne 0 ]; then
+        if [[ $? -ne 0 ]]; then
-			echo -e "${LRED}Failed to download guacamole-auth-quickconnect-${NEW_GUAC_VERSION}.tar.gz" 1>&2
+            echo -e "${LRED}Failed to download guacamole-auth-quickconnect-${NEW_GUAC_VERSION}.tar.gz" 1>&2
-			echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-quickconnect-${NEW_GUAC_VERSION}.tar.gz"
+            echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-auth-quickconnect-${NEW_GUAC_VERSION}.tar.gz"
-			exit 1
+            exit 1
-		fi
+        fi
-		tar -xzf guacamole-auth-quickconnect-${NEW_GUAC_VERSION}.tar.gz &>>${INSTALL_LOG}
+        tar -xzf guacamole-auth-quickconnect-${NEW_GUAC_VERSION}.tar.gz &>>${INSTALL_LOG}
-		mv -f guacamole-auth-quickconnect-${NEW_GUAC_VERSION}/guacamole-auth-quickconnect-${NEW_GUAC_VERSION}.jar /etc/guacamole/extensions/ &>>${INSTALL_LOG}
+        mv -f guacamole-auth-quickconnect-${NEW_GUAC_VERSION}/guacamole-auth-quickconnect-${NEW_GUAC_VERSION}.jar /etc/guacamole/extensions/ &>>${INSTALL_LOG}
-		chmod 664 /etc/guacamole/extensions/guacamole-auth-quickconnect-${NEW_GUAC_VERSION}.jar
+        chmod 664 /etc/guacamole/extensions/guacamole-auth-quickconnect-${NEW_GUAC_VERSION}.jar
-		echo -e "${LGREEN}Upgraded Quick Connect extension to version ${NEW_GUAC_VERSION}${GREY}"
+        echo -e "${LGREEN}Upgraded Quick Connect extension to version ${NEW_GUAC_VERSION}${GREY}"
-		echo
+        echo
-		break
+        break
-	fi
+    fi
 done
 # Check for History Recording Storage extension and upgrade if found
 for file in /etc/guacamole/extensions/guacamole-history-recording-storage*.jar; do
-	if [[ -f $file ]]; then
+    if [[ -f $file ]]; then
-		echo -e "${LGREEN}History Recording Storage extension was found, upgrading...${GREY}"
+        echo -e "${LGREEN}History Recording Storage extension was found, upgrading...${GREY}"
-		rm /etc/guacamole/extensions/guacamole-history-recording-storage*.jar &>>${INSTALL_LOG}
+        rm /etc/guacamole/extensions/guacamole-history-recording-storage*.jar &>>${INSTALL_LOG}
-		wget -q --show-progress -O guacamole-history-recording-storage-${NEW_GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-history-recording-storage-${NEW_GUAC_VERSION}.tar.gz
+        wget -q --show-progress -O guacamole-history-recording-storage-${NEW_GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-history-recording-storage-${NEW_GUAC_VERSION}.tar.gz
-		if [ $? -ne 0 ]; then
+        if [[ $? -ne 0 ]]; then
-			echo -e "${LRED}Failed to download guacamole-history-recording-storage-${NEW_GUAC_VERSION}.tar.gz" 1>&2
+            echo -e "${LRED}Failed to download guacamole-history-recording-storage-${NEW_GUAC_VERSION}.tar.gz" 1>&2
-			echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-history-recording-storage-${NEW_GUAC_VERSION}.tar.gz"
+            echo -e "${GUAC_SOURCE_LINK}/binary/guacamole-history-recording-storage-${NEW_GUAC_VERSION}.tar.gz"
-			exit 1
+            exit 1
-		fi
+        fi
-		tar -xzf guacamole-history-recording-storage-${NEW_GUAC_VERSION}.tar.gz &>>${INSTALL_LOG}
+        tar -xzf guacamole-history-recording-storage-${NEW_GUAC_VERSION}.tar.gz &>>${INSTALL_LOG}
-		mv -f guacamole-history-recording-storage-${NEW_GUAC_VERSION}/guacamole-history-recording-storage-${NEW_GUAC_VERSION}.jar /etc/guacamole/extensions/ &>>${INSTALL_LOG}
+        mv -f guacamole-history-recording-storage-${NEW_GUAC_VERSION}/guacamole-history-recording-storage-${NEW_GUAC_VERSION}.jar /etc/guacamole/extensions/ &>>${INSTALL_LOG}
-		chmod 664 /etc/guacamole/extensions/guacamole-history-recording-storage-${NEW_GUAC_VERSION}.jar
+        chmod 664 /etc/guacamole/extensions/guacamole-history-recording-storage-${NEW_GUAC_VERSION}.jar
-		echo -e "${LGREEN}Upgraded History Recording Storage extension to version ${NEW_GUAC_VERSION}${GREY}"
+        echo -e "${LGREEN}Upgraded History Recording Storage extension to version ${NEW_GUAC_VERSION}${GREY}"
-		echo
+        echo
-		break
+        break
-	fi
+    fi
 done
 # Fix for #196 see https://github.com/MysticRyuujin/guac-install/issues/196
@ -325,24 +325,24 @@ echo -e "${GREY}Starting guacd and Tomcat services..."
 systemctl enable guacd
 systemctl start guacd
 systemctl start ${TOMCAT_VERSION}
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Cleanup
 echo -e "${GREY}Clean up install files...${GREY}"
 rm -rf guacamole-*
 rm -rf mysql-connector-j-*
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
+    echo -e "${LRED}Failed. See ${INSTALL_LOG}${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Done
--- a/guac-optional-features/add-auth-duo.sh
+++ b/guac-optional-features/add-auth-duo.sh
@ -17,10 +17,10 @@ NC='\033[0m' #No Colour
 clear
-if ! [ $(id -u) = 0 ]; then
+if ! [[ $(id -u) = 0 ]]; then
-	echo
+    echo
-	echo -e "${LGREEN}Please run this script as sudo or root${NC}" 1>&2
+    echo -e "${LGREEN}Please run this script as sudo or root${NC}" 1>&2
-	exit 1
+    exit 1
 fi
 TOMCAT_VERSION=$(ls /etc/ | grep tomcat)
 GUAC_VERSION=$(grep -oP 'Guacamole.API_VERSION = "\K[0-9\.]+' /var/lib/${TOMCAT_VERSION}/webapps/guacamole/guacamole-common-js/modules/Version.js)
--- a/guac-optional-features/add-auth-ldap.sh
+++ b/guac-optional-features/add-auth-ldap.sh
@ -18,10 +18,10 @@ NC='\033[0m' #No Colour
 clear
 # Check if user is root or sudo
-if ! [ $(id -u) = 0 ]; then
+if ! [[ $(id -u) = 0 ]]; then
-	echo
+    echo
-	echo -e "${LGREEN}Please run this script as sudo or root${NC}" 1>&2
+    echo -e "${LGREEN}Please run this script as sudo or root${NC}" 1>&2
-	exit 1
+    exit 1
 fi
 TOMCAT_VERSION=$(ls /etc/ | grep tomcat)
@ -36,13 +36,13 @@ echo
 case $yn in
 y) echo Beginning LDAP auth config... ;;
 n)
-	echo exiting...
+    echo exiting...
-	exit
+    exit
-	;;
+    ;;
 *)
-	echo invalid response
+    echo invalid response
-	exit 1
+    exit 1
-	;;
+    ;;
 esac
 echo
--- a/guac-optional-features/add-auth-totp.sh
+++ b/guac-optional-features/add-auth-totp.sh
@ -18,10 +18,10 @@ NC='\033[0m' #No Colour
 clear
 # Check if user is root or sudo
-if ! [ $(id -u) = 0 ]; then
+if ! [[ $(id -u) = 0 ]]; then
-	echo
+    echo
-	echo -e "${LGREEN}Please run this script as sudo or root${NC}" 1>&2
+    echo -e "${LGREEN}Please run this script as sudo or root${NC}" 1>&2
-	exit 1
+    exit 1
 fi
 TOMCAT_VERSION=$(ls /etc/ | grep tomcat)
--- a/guac-optional-features/add-fail2ban.sh
+++ b/guac-optional-features/add-fail2ban.sh
@ -18,10 +18,10 @@ NC='\033[0m' #No Colour
 clear
 # Check if user is root or sudo
-if ! [ $(id -u) = 0 ]; then
+if ! [[ $(id -u) = 0 ]]; then
-	echo
+    echo
-	echo -e "${LGREEN}Please run this script as sudo or root${NC}" 1>&2
+    echo -e "${LGREEN}Please run this script as sudo or root${NC}" 1>&2
-	exit 1
+    exit 1
 fi
 # Initialise variables
@ -43,25 +43,25 @@ rm -f /tmp/fail2ban.update
 # Prompt to install fail2ban base package with no policy as yet, default of yes
 if [[ -z ${FAIL2BAN_BASE} ]]; then
-	echo
+    echo
-	echo -e -n "${LGREEN}Install Fail2ban? (base package with no policy as yet) [default y]: ${GREY}"
+    echo -e -n "${LGREEN}Install Fail2ban? (base package with no policy as yet) [default y]: ${GREY}"
-	read PROMPT
+    read PROMPT
-	if [[ ${PROMPT} =~ ^[Nn]$ ]]; then
+    if [[ ${PROMPT} =~ ^[Nn]$ ]]; then
-		FAIL2BAN_BASE=false
+        FAIL2BAN_BASE=false
-	else
+    else
-		FAIL2BAN_BASE=true
+        FAIL2BAN_BASE=true
-	fi
+    fi
 fi
 # Prompt to install Guacamole fail2ban config defaults, default of no
 if [[ -z ${FAIL2BAN_GUAC} ]] && [[ "${FAIL2BAN_BASE}" = true ]]; then
-	echo -e -n "${GREY}POLICY: Apply Guacamole fail2ban security policy? (Y/n) [default y]:${GREY}"
+    echo -e -n "${GREY}POLICY: Apply Guacamole fail2ban security policy? (Y/n) [default y]:${GREY}"
-	read PROMPT
+    read PROMPT
-	if [[ ${PROMPT} =~ ^[Nn]$ ]]; then
+    if [[ ${PROMPT} =~ ^[Nn]$ ]]; then
-		FAIL2BAN_GUAC=false
+        FAIL2BAN_GUAC=false
-	else
+    else
-		FAIL2BAN_GUAC=true
+        FAIL2BAN_GUAC=true
-	fi
+    fi
 fi
 # Prompt to install Nginx fail2ban config defaults , default of no - NOT IMPLEMENTED YET
@ -91,14 +91,14 @@ fi
 #######################################################################################################################
 # Install base fail2ban base application, and whitelist the local subnet as the starting baseline (no policy defined yet)
-if [ "${FAIL2BAN_BASE}" = true ]; then
+if [[ "${FAIL2BAN_BASE}" = true ]]; then
-	#Update and install fail2ban (and john for management of config file updates, and not overwrite any existing settings)
+    #Update and install fail2ban (and john for management of config file updates, and not overwrite any existing settings)
-	sudo apt-get update -qq >/dev/null 2>&1
+    sudo apt-get update -qq >/dev/null 2>&1
-	sudo apt-get install fail2ban john -qq -y >/dev/null 2>&1
+    sudo apt-get install fail2ban john -qq -y >/dev/null 2>&1
-	# Create the basic jail.local template and local subnet whitelist
+    # Create the basic jail.local template and local subnet whitelist
-	cat >/tmp/fail2ban.conf <<EOF
+    cat >/tmp/fail2ban.conf <<EOF
 [DEFAULT]
 destemail = yourname@example.com
 sender = yourname@example.com
@ -106,101 +106,101 @@ action = %(action_mwl)s
 ignoreip =
 EOF
-	# We need to discover all interfaces to ascertain what network ranges to add to fail2ban "ignoreip" policy override defaults
+    # We need to discover all interfaces to ascertain what network ranges to add to fail2ban "ignoreip" policy override defaults
-	ip -o addr show up primary scope global | while read -r num dev fam addr rest; do echo ${addr%*}; done | cat >/tmp/ip_list.txt
+    ip -o addr show up primary scope global | while read -r num dev fam addr rest; do echo ${addr%*}; done | cat >/tmp/ip_list.txt
-	# Loop the list of discovered ips and extract the subnet ID addresses for each interface
+    # Loop the list of discovered ips and extract the subnet ID addresses for each interface
-	FILE=/tmp/ip_list.txt
+    FILE=/tmp/ip_list.txt
-	LINES=$(cat $FILE)
+    LINES=$(cat $FILE)
-	for LINE in $LINES; do
+    for LINE in $LINES; do
-		tonum() {
+        tonum() {
-			if [[ $LINE =~ ([[:digit:]]+)\.([[:digit:]]+)\.([[:digit:]]+)\.([[:digit:]]+) ]]; then
+            if [[ $LINE =~ ([[:digit:]]+)\.([[:digit:]]+)\.([[:digit:]]+)\.([[:digit:]]+) ]]; then
-				addr=$(((${BASH_REMATCH[1]} << 24) + (${BASH_REMATCH[2]} << 16) + (${BASH_REMATCH[3]} << 8) + ${BASH_REMATCH[4]}))
+                addr=$(((${BASH_REMATCH[1]} << 24) + (${BASH_REMATCH[2]} << 16) + (${BASH_REMATCH[3]} << 8) + ${BASH_REMATCH[4]}))
-				eval "$2=\$addr"
+                eval "$2=\$addr"
-			fi
+            fi
-		}
+        }
-		toaddr() {
+        toaddr() {
-			b1=$((($1 & 0xFF000000) >> 24))
+            b1=$((($1 & 0xFF000000) >> 24))
-			b2=$((($1 & 0xFF0000) >> 16))
+            b2=$((($1 & 0xFF0000) >> 16))
-			b3=$((($1 & 0xFF00) >> 8))
+            b3=$((($1 & 0xFF00) >> 8))
-			b4=$(($1 & 0xFF))
+            b4=$(($1 & 0xFF))
-			eval "$2=\$b1.\$b2.\$b3.\$b4"
+            eval "$2=\$b1.\$b2.\$b3.\$b4"
-		}
+        }
-		if [[ $LINE =~ ^([0-9\.]+)/([0-9]+)$ ]]; then
+        if [[ $LINE =~ ^([0-9\.]+)/([0-9]+)$ ]]; then
-			# CIDR notation
+            # CIDR notation
-			IPADDR=${BASH_REMATCH[1]}
+            IPADDR=${BASH_REMATCH[1]}
-			NETMASKLEN=${BASH_REMATCH[2]}
+            NETMASKLEN=${BASH_REMATCH[2]}
-			PREFIX=$NETMASKLEN
+            PREFIX=$NETMASKLEN
-			zeros=$((32 - NETMASKLEN))
+            zeros=$((32 - NETMASKLEN))
-			NETMASKNUM=0
+            NETMASKNUM=0
-			for ((i = 0; i < $zeros; i++)); do
+            for ((i = 0; i < $zeros; i++)); do
-				NETMASKNUM=$(((NETMASKNUM << 1) ^ 1))
+                NETMASKNUM=$(((NETMASKNUM << 1) ^ 1))
-			done
+            done
-			NETMASKNUM=$((NETMASKNUM ^ 0xFFFFFFFF))
+            NETMASKNUM=$((NETMASKNUM ^ 0xFFFFFFFF))
-			toaddr $NETMASKNUM NETMASK
+            toaddr $NETMASKNUM NETMASK
-		else
+        else
-			IPADDR=${1:-192.168.1.1}
+            IPADDR=${1:-192.168.1.1}
-			NETMASK=${2:-255.255.255.0}
+            NETMASK=${2:-255.255.255.0}
-		fi
+        fi
-		tonum $IPADDR IPADDRNUM
+        tonum $IPADDR IPADDRNUM
-		tonum $NETMASK NETMASKNUM
+        tonum $NETMASK NETMASKNUM
-		# The logic to calculate network and broadcast
+        # The logic to calculate network and broadcast
-		INVNETMASKNUM=$((0xFFFFFFFF ^ NETMASKNUM))
+        INVNETMASKNUM=$((0xFFFFFFFF ^ NETMASKNUM))
-		NETWORKNUM=$((IPADDRNUM & NETMASKNUM))
+        NETWORKNUM=$((IPADDRNUM & NETMASKNUM))
-		BROADCASTNUM=$((INVNETMASKNUM | NETWORKNUM))
+        BROADCASTNUM=$((INVNETMASKNUM | NETWORKNUM))
-		toaddr $NETWORKNUM NETWORK
+        toaddr $NETWORKNUM NETWORK
-		toaddr $BROADCASTNUM BROADCAST
+        toaddr $BROADCASTNUM BROADCAST
-		# Reverse engineer the subnet ID from the calcualted IP address and subnet prefix
+        # Reverse engineer the subnet ID from the calcualted IP address and subnet prefix
-		IFS=. read -r i1 i2 i3 i4 <<<"$IPADDR"
+        IFS=. read -r i1 i2 i3 i4 <<<"$IPADDR"
-		IFS=. read -r m1 m2 m3 m4 <<<"$NETMASK"
+        IFS=. read -r m1 m2 m3 m4 <<<"$NETMASK"
-		# Lay out the subnet ID address as a variable
+        # Lay out the subnet ID address as a variable
-		printf -v NETADDR "%d.%d.%d.%d" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))"
+        printf -v NETADDR "%d.%d.%d.%d" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))"
-		#Dump out the calcualted subnet IDs to a file
+        #Dump out the calcualted subnet IDs to a file
-		echo $NETADDR"/"$NETMASKLEN | tr '\n' ' ' | cat >>/tmp/netaddr.txt
+        echo $NETADDR"/"$NETMASKLEN | tr '\n' ' ' | cat >>/tmp/netaddr.txt
-	done
+    done
 fi
-if [ "${FAIL2BAN_BASE}" = true ]; then
+if [[ "${FAIL2BAN_BASE}" = true ]]; then
-	# Now the above loop is done, append the single loopback address to all the discovered the subnet IDs in a single line
+    # Now the above loop is done, append the single loopback address to all the discovered the subnet IDs in a single line
-	sed -i 's/^/127.0.0.1\/24 /' /tmp/netaddr.txt
+    sed -i 's/^/127.0.0.1\/24 /' /tmp/netaddr.txt
-	# Finally assemble the entire syntax of the ignoreip whitelist for insertion into the base fail2ban config
+    # Finally assemble the entire syntax of the ignoreip whitelist for insertion into the base fail2ban config
-	SED_IGNORE=$(echo "ignoreip = ")
+    SED_IGNORE=$(echo "ignoreip = ")
-	SED_NETADDR=$(cat /tmp/netaddr.txt)
+    SED_NETADDR=$(cat /tmp/netaddr.txt)
-	sed -i "s|ignoreip \=|${SED_IGNORE}${SED_NETADDR}|g" /tmp/fail2ban.conf
+    sed -i "s|ignoreip \=|${SED_IGNORE}${SED_NETADDR}|g" /tmp/fail2ban.conf
-	# Move the new base fail2ban config to the jail.local file
+    # Move the new base fail2ban config to the jail.local file
-	touch /etc/fail2ban/jail.local
+    touch /etc/fail2ban/jail.local
-	# Apply the base config, keeping any pre-existing settings
+    # Apply the base config, keeping any pre-existing settings
-	sudo bash -c 'cat /tmp/fail2ban.conf /etc/fail2ban/jail.local | unique /tmp/fail2ban.update ; cat /tmp/fail2ban.update > /etc/fail2ban/jail.local'
+    sudo bash -c 'cat /tmp/fail2ban.conf /etc/fail2ban/jail.local | unique /tmp/fail2ban.update ; cat /tmp/fail2ban.update > /etc/fail2ban/jail.local'
-	# Clean up
+    # Clean up
-	rm -f /tmp/fail2ban.conf
+    rm -f /tmp/fail2ban.conf
-	rm -f /tmp/ip_list.txt
+    rm -f /tmp/ip_list.txt
-	rm -f /tmp/netaddr.txt
+    rm -f /tmp/netaddr.txt
-	rm -f /tmp/fail2ban.update
+    rm -f /tmp/fail2ban.update
-	# bounce the service to reload the new config
+    # bounce the service to reload the new config
-	sudo systemctl restart fail2ban
+    sudo systemctl restart fail2ban
-	# Done
+    # Done
-	echo
+    echo
-	echo -e "${LGREEN}Fail2ban installed...${GREY}"
+    echo -e "${LGREEN}Fail2ban installed...${GREY}"
-	echo
+    echo
 else
-	echo -e "${LGREEN}Fail2ban setup cancelled.${GREY}"
+    echo -e "${LGREEN}Fail2ban setup cancelled.${GREY}"
 fi
@ -208,10 +208,10 @@ fi
 # Fail2ban optional policy setup items ################################################################################
 #######################################################################################################################
-if [ "${FAIL2BAN_GUAC}" = true ]; then
+if [[ "${FAIL2BAN_GUAC}" = true ]]; then
-	# Create the Guacamole jail.local policy template
+    # Create the Guacamole jail.local policy template
-	cat >/tmp/fail2ban.conf <<EOF
+    cat >/tmp/fail2ban.conf <<EOF
 [guacamole]
 enabled = true
 port = http,https
@ -221,26 +221,26 @@ findtime  = 60m
 maxretry = 5
 EOF
-	# Apply the new Guacamole jail config keeping any pre-existing settings
+    # Apply the new Guacamole jail config keeping any pre-existing settings
-	sudo bash -c 'cat /tmp/fail2ban.conf /etc/fail2ban/jail.local | unique /tmp/fail2ban.update ; cat /tmp/fail2ban.update > /etc/fail2ban/jail.local'
+    sudo bash -c 'cat /tmp/fail2ban.conf /etc/fail2ban/jail.local | unique /tmp/fail2ban.update ; cat /tmp/fail2ban.update > /etc/fail2ban/jail.local'
-	# Backup the default Fail2ban Guacamole filter
+    # Backup the default Fail2ban Guacamole filter
-	cp /etc/fail2ban/filter.d/guacamole.conf /etc/fail2ban/filter.d/guacamole.conf.bak
+    cp /etc/fail2ban/filter.d/guacamole.conf /etc/fail2ban/filter.d/guacamole.conf.bak
-	# Remove the default log search regex
+    # Remove the default log search regex
-	sudo bash -c 'sed -e "/Authentication attempt from/ s/^#*/#/" -i /etc/fail2ban/filter.d/guacamole.conf'
+    sudo bash -c 'sed -e "/Authentication attempt from/ s/^#*/#/" -i /etc/fail2ban/filter.d/guacamole.conf'
-	# Create a new log search regex specific for tomcat logs (as a variable due to complexity of characters for sed syntax)
+    # Create a new log search regex specific for tomcat logs (as a variable due to complexity of characters for sed syntax)
-	REGEX='failregex = ^.*WARN  o\.a\.g\.r\.auth\.AuthenticationService - Authentication attempt from <HOST> for user "[^"]*" failed\.$'
+    REGEX='failregex = ^.*WARN  o\.a\.g\.r\.auth\.AuthenticationService - Authentication attempt from <HOST> for user "[^"]*" failed\.$'
-	#Insert the new regex
+    #Insert the new regex
-	sed -i -e "/Authentication attempt from/a ${REGEX}" /etc/fail2ban/filter.d/guacamole.conf
+    sed -i -e "/Authentication attempt from/a ${REGEX}" /etc/fail2ban/filter.d/guacamole.conf
-	# Done
+    # Done
-	echo -e "${LGREEN}Guacamole security policy applied${GREY}\n- ${SED_NETADDR}are whitelisted from all IP bans.\n- To alter this whitelist, edit /etc/fail2ban/jail.local & sudo systemctl restart fail2ban \n \n This script may take a while to complete on first run..."
+    echo -e "${LGREEN}Guacamole security policy applied${GREY}\n- ${SED_NETADDR}are whitelisted from all IP bans.\n- To alter this whitelist, edit /etc/fail2ban/jail.local & sudo systemctl restart fail2ban \n \n This script may take a while to complete on first run..."
-	# Bounce the service to reload the new config
+    # Bounce the service to reload the new config
-	sudo systemctl restart fail2ban
+    sudo systemctl restart fail2ban
-	echo
+    echo
 fi
 # Clean up
@ -250,13 +250,13 @@ rm -f /tmp/netaddr.txt
 rm -f /tmp/fail2ban.update
 ############## Start Fail2ban NGINX security policy option ###############
-#if [ "${FAIL2BAN_NGINX}" = true ]; then
+#if [[ "${FAIL2BAN_NGINX}" = true ]]; then
 #    echo -e "${LGREEN}Nginx Fail2ban policy not implemented yet.${GREY}"
 #    echo
 #fi
 ############### Start Fail2ban SSH security policy option ################
-#if [ "${FAIL2BAN_SSH}" = true ]; then
+#if [[ "${FAIL2BAN_SSH}" = true ]]; then
 #    echo -e "${LGREEN}SSH Fail2ban policy not implemented yet..${GREY}"
 #    echo
 #fi
--- a/guac-optional-features/add-smtp-relay-o365.sh
+++ b/guac-optional-features/add-smtp-relay-o365.sh
@ -27,10 +27,10 @@ SERVER=$(uname -n)
 DOMAIN_SEARCH_SUFFIX=$(grep search /etc/resolv.conf | grep -v "#" | sed 's/'search[[:space:]]'//')
 # Check if user is root or sudo
-if ! [ $(id -u) = 0 ]; then
+if ! [[ $(id -u) = 0 ]]; then
-	echo
+    echo
-	echo -e "${LGREEN}Please run this script as sudo or root${NC}" 1>&2
+    echo -e "${LGREEN}Please run this script as sudo or root${NC}" 1>&2
-	exit 1
+    exit 1
 fi
 echo
@ -41,11 +41,11 @@ echo
 echo -e "${GREY}Installing Postfix with non-interactive defaults..."
 sudo apt update -qq >/dev/null 2>&1
 DEBIAN_FRONTEND="noninteractive" apt-get install postfix mailutils -qq -y >/dev/null 2>&1
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Postfix install failed. ${GREY}" 1>&2
+    echo -e "${LRED}Postfix install failed. ${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
 fi
 # Get the Office365 smtp authentication credentials
@ -79,12 +79,12 @@ smtp_tls_security_level = encrypt
 smtp_generic_maps = hash:/etc/postfix/generic
 smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
 EOF
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Postfix restart failed. ${GREY}" 1>&2
+    echo -e "${LRED}Postfix restart failed. ${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
-	echo
+    echo
 fi
 # Setup the password file and postmap
@ -110,11 +110,11 @@ sudo postmap /etc/postfix/generic
 # Restart and test
 echo -e "${GREY}Restarting Postfix..."
 sudo systemctl restart postfix
-if [ $? -ne 0 ]; then
+if [[ $? -ne 0 ]]; then
-	echo -e "${LRED}Postfix restart failed. ${GREY}" 1>&2
+    echo -e "${LRED}Postfix restart failed. ${GREY}" 1>&2
-	exit 1
+    exit 1
 else
-	echo -e "${LGREEN}OK${GREY}"
+    echo -e "${LGREEN}OK${GREY}"
 fi
 echo
--- a/guac-optional-features/add-tls-guac-daemon.sh
+++ b/guac-optional-features/add-tls-guac-daemon.sh
@ -19,10 +19,10 @@ LYELLOW='\033[0;93m'
 NC='\033[0m' #No Colour
 # Check if user is root or sudo
-if ! [ $(id -u) = 0 ]; then
+if ! [[ $(id -u) = 0 ]]; then
-	echo
+    echo
-	echo -e "${LGREEN}Please run this script as sudo or root${NC}" 1>&2
+    echo -e "${LGREEN}Please run this script as sudo or root${NC}" 1>&2
-	exit 1
+    exit 1
 fi
 TOMCAT_VERSION=$(ls /etc/ | grep tomcat)
--- a/guac-optional-features/add-xtra-histrecstor.sh
+++ b/guac-optional-features/add-xtra-histrecstor.sh
@ -18,10 +18,10 @@ NC='\033[0m' #No Colour
 clear
 # Check if user is root or sudo
-if ! [ $(id -u) = 0 ]; then
+if ! [[ $(id -u) = 0 ]]; then
-	echo
+    echo
-	echo -e "${LGREEN}Please run this script as sudo or root${NC}" 1>&2
+    echo -e "${LGREEN}Please run this script as sudo or root${NC}" 1>&2
-	exit 1
+    exit 1
 fi
 TOMCAT_VERSION=$(ls /etc/ | grep tomcat)
@ -30,13 +30,13 @@ GUAC_SOURCE_LINK="http://apache.org/dyn/closer.cgi?action=download&filename=guac
 HISTREC_PATH_DEFAULT=/var/lib/guacamole/recordings # Apache default
 while true; do
-	echo
+    echo
-	read -p "Enter recorded storage path [Enter for default ${HISTREC_PATH_DEFAULT}]: " HISTREC_PATH
+    read -p "Enter recorded storage path [Enter for default ${HISTREC_PATH_DEFAULT}]: " HISTREC_PATH
-	[ "${HISTREC_PATH}" = "" ] || [ "${HISTREC_PATH}" != "" ] && break
+    [[ "${HISTREC_PATH}" = "" ]] || [[ "${HISTREC_PATH}" != "" ]] && break
 done
 # If no custom path is given, lets assume the default path on hitting enter
-if [ -z "${HISTREC_PATH}" ]; then
+if [[ -z "${HISTREC_PATH}" ]]; then
-	HISTREC_PATH="${HISTREC_PATH_DEFAULT}"
+    HISTREC_PATH="${HISTREC_PATH_DEFAULT}"
 fi
 echo
--- a/guac-optional-features/add-xtra-quickconnect.sh
+++ b/guac-optional-features/add-xtra-quickconnect.sh
@ -18,10 +18,10 @@ NC='\033[0m' #No Colour
 clear
 # Check if user is root or sudo
-if ! [ $(id -u) = 0 ]; then
+if ! [[ $(id -u) = 0 ]]; then
-	echo
+    echo
-	echo -e "${LGREEN}Please run this script as sudo or root${NC}" 1>&2
+    echo -e "${LGREEN}Please run this script as sudo or root${NC}" 1>&2
-	exit 1
+    exit 1
 fi
 TOMCAT_VERSION=$(ls /etc/ | grep tomcat)