client_install_programme_ubuntu.sh aktualisiert
This commit is contained in:
parent
b59c30442e
commit
8bf05bd015
|
|
@ -2,6 +2,7 @@
|
|||
|
||||
# ================================
|
||||
# Skript zur Konfiguration von Ubuntu 24.04 (Noble)
|
||||
# Inkl. UCS Join, BricsCAD, SSH/RDP, Bookmarks
|
||||
# ================================
|
||||
|
||||
# Farben
|
||||
|
|
@ -14,31 +15,47 @@ NC='\033[0m' # Keine Farbe
|
|||
# KONFIGURATION & VARIABLEN
|
||||
# ================================
|
||||
|
||||
# ecoDMS Repository für Ubuntu 24.04 (Noble)
|
||||
# UCS / Domain Variablen
|
||||
UCS_USER="sebastian.zell"
|
||||
SENTINEL="/var/log/ucs_domain_join_done"
|
||||
DEFAULT_USER="sebastian.zell"
|
||||
DEFAULT_DC_IPS=("192.168.174.101" "192.168.176.101")
|
||||
|
||||
# ecoDMS Repository
|
||||
ECODMS_REPO="deb http://www.ecodms.de/ecodms_250264/noble /"
|
||||
ECODMS_LIST="/etc/apt/sources.list.d/ecodms.list"
|
||||
|
||||
DOWNLOAD_DIR="$HOME/deb_packages"
|
||||
|
||||
# Erweiterte Paketliste (Alle angeforderten Programme)
|
||||
APT_PACKAGES=(
|
||||
"curl" "wget" "gpg" "unzip" "xdg-utils" "ca-certificates" "file"
|
||||
"software-properties-common"
|
||||
"vlc"
|
||||
"thunderbird"
|
||||
"remmina"
|
||||
"remmina" "remmina-plugin-rdp" "remmina-plugin-vnc" "remmina-plugin-secret"
|
||||
"okular"
|
||||
"libreoffice"
|
||||
"gimp"
|
||||
"nextcloud-desktop"
|
||||
"gnucash"
|
||||
"chromium-browser" # Bei Ubuntu heißt das Paket oft chromium-browser (oder ist ein Snap transition package)
|
||||
"curl"
|
||||
"chromium-browser"
|
||||
"ttf-mscorefonts-installer"
|
||||
"ecodmsclient"
|
||||
"ecodmsprinter"
|
||||
"wine64"
|
||||
"terminator"
|
||||
"gedit"
|
||||
"kate"
|
||||
"git"
|
||||
"filezilla"
|
||||
"network-manager"
|
||||
"software-properties-common" # Für add-apt-repository
|
||||
"gnome-shell-extension-gsconnect"
|
||||
"autofs"
|
||||
"openssh-server"
|
||||
"xrdp"
|
||||
"xorgxrdp"
|
||||
"realmd"
|
||||
)
|
||||
|
||||
SNAP_PACKAGES=(
|
||||
|
|
@ -59,23 +76,12 @@ FLATPAK_PACKAGES=()
|
|||
# 1. Quellenliste aktualisieren & ecoDMS
|
||||
update_sources() {
|
||||
echo -e "${GREEN}System wird aktualisiert...${NC}"
|
||||
|
||||
# Standard-Updates
|
||||
sudo apt update && sudo apt upgrade -y
|
||||
|
||||
echo -e "${GREEN}Füge ecoDMS Repository (Noble) hinzu...${NC}"
|
||||
|
||||
# GPG Key holen
|
||||
wget -qO - http://www.ecodms.de/gpg/ecodms.key | sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/ecodms.gpg
|
||||
|
||||
# Repo Datei erstellen
|
||||
echo "$ECODMS_REPO" | sudo tee "$ECODMS_LIST" > /dev/null
|
||||
|
||||
if [[ $? -ne 0 ]]; then
|
||||
echo -e "${RED}Fehler beim Hinzufügen des ecoDMS Repositories.${NC}"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
sudo apt update
|
||||
}
|
||||
|
||||
|
|
@ -83,7 +89,6 @@ update_sources() {
|
|||
install_apt_packages() {
|
||||
echo -e "${GREEN}Installiere APT-Pakete...${NC}"
|
||||
for PACKAGE in "${APT_PACKAGES[@]}"; do
|
||||
# Check ob installiert
|
||||
if dpkg -l | grep -q "^ii $PACKAGE "; then
|
||||
echo -e "${GREEN}$PACKAGE ist bereits installiert.${NC}"
|
||||
else
|
||||
|
|
@ -94,12 +99,9 @@ install_apt_packages() {
|
|||
|
||||
# 3. Snap Pakete installieren
|
||||
install_snap_packages() {
|
||||
# Snap ist bei Ubuntu Standard, aber sicherheitshalber prüfen
|
||||
if ! command -v snap &> /dev/null; then
|
||||
echo -e "${GREEN}Snap wird installiert...${NC}"
|
||||
sudo apt install -y snapd
|
||||
fi
|
||||
|
||||
echo -e "${GREEN}Installiere Snap-Pakete...${NC}"
|
||||
for SNAP in "${SNAP_PACKAGES[@]}"; do
|
||||
sudo snap install "$SNAP" || sudo snap install "$SNAP" --classic
|
||||
|
|
@ -109,13 +111,12 @@ install_snap_packages() {
|
|||
# 4. Flatpak installieren
|
||||
install_flatpak_packages() {
|
||||
if ! command -v flatpak &> /dev/null; then
|
||||
echo -e "${GREEN}Flatpak wird installiert...${NC}"
|
||||
sudo apt install -y flatpak
|
||||
sudo flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
|
||||
fi
|
||||
}
|
||||
|
||||
# 5. DEB Pakete installieren
|
||||
# 5. DEB Pakete installieren (Inkl. BricsCAD & MasterPDF)
|
||||
install_deb_packages() {
|
||||
echo -e "${GREEN}Lade zusätzliche .deb-Pakete herunter...${NC}"
|
||||
mkdir -p "$DOWNLOAD_DIR"
|
||||
|
|
@ -125,9 +126,12 @@ install_deb_packages() {
|
|||
["nomachine.deb"]="https://web9001.nomachine.com/download/9.3/Linux/nomachine_9.3.7_1_amd64.deb"
|
||||
["xpipe.deb"]="https://github.com/xpipe-io/xpipe/releases/latest/download/xpipe-installer-linux-x86_64.deb"
|
||||
["rustdesk.deb"]="https://github.com/rustdesk/rustdesk/releases/download/1.4.4/rustdesk-1.4.4-x86_64.deb"
|
||||
["bricscad.deb"]="https://next.zell-cloud.de/nextcloud/s/AyoAbKWoaciXtP9/download"
|
||||
["master-pdf-editor.deb"]="https://code-industry.net/public/master-pdf-editor-5.9.82.qt5.amd64.deb"
|
||||
)
|
||||
|
||||
for FILE in "${!DEB_URLS[@]}"; do
|
||||
echo -e "Lade herunter: $FILE ..."
|
||||
wget -O "$DOWNLOAD_DIR/$FILE" "${DEB_URLS[$FILE]}" || echo -e "${RED}Fehler bei Download von $FILE.${NC}"
|
||||
done
|
||||
|
||||
|
|
@ -137,107 +141,188 @@ install_deb_packages() {
|
|||
done
|
||||
}
|
||||
|
||||
# 6. Netzwerk konfigurieren (NetworkManager)
|
||||
# 6. Netzwerk konfigurieren
|
||||
configure_network() {
|
||||
echo -e "${YELLOW}=== Netzwerkkonfiguration ===${NC}"
|
||||
|
||||
# Aktives Interface finden
|
||||
INTERFACE=$(ip -o -4 route show to default | awk '{print $5}' | head -n1)
|
||||
if [ -z "$INTERFACE" ]; then echo -e "${RED}Kein Interface gefunden.${NC}"; return; fi
|
||||
|
||||
if [ -z "$INTERFACE" ]; then
|
||||
echo -e "${RED}Kein aktives Netzwerk-Interface gefunden! Überspringe Netzwerkkonfiguration.${NC}"
|
||||
return
|
||||
fi
|
||||
|
||||
echo -e "Aktives Interface erkannt: ${GREEN}$INTERFACE${NC}"
|
||||
|
||||
# Verbindungsprofil ermitteln
|
||||
CON_NAME=$(nmcli -t -f NAME,DEVICE connection show --active | grep ":$INTERFACE" | cut -d: -f1 | head -n1)
|
||||
|
||||
if [ -z "$CON_NAME" ]; then
|
||||
echo -e "${RED}Kein NetworkManager-Profil für $INTERFACE gefunden.${NC}"
|
||||
return
|
||||
fi
|
||||
if [ -z "$CON_NAME" ]; then echo -e "${RED}Kein Profil gefunden.${NC}"; return; fi
|
||||
|
||||
echo -e "Bearbeite Verbindung: ${GREEN}$CON_NAME${NC}"
|
||||
|
||||
# Eingabe der letzten Ziffer
|
||||
while true; do
|
||||
read -p "Bitte die letzte Zahl der IP-Adresse eingeben (192.168.176.XXX): " IP_SUFFIX
|
||||
if [[ "$IP_SUFFIX" =~ ^[0-9]+$ ]] && [ "$IP_SUFFIX" -ge 1 ] && [ "$IP_SUFFIX" -le 254 ]; then
|
||||
break
|
||||
else
|
||||
echo -e "${RED}Ungültige Eingabe. Bitte eine Zahl zwischen 1 und 254 eingeben.${NC}"
|
||||
fi
|
||||
if [[ "$IP_SUFFIX" =~ ^[0-9]+$ ]] && [ "$IP_SUFFIX" -ge 1 ] && [ "$IP_SUFFIX" -le 254 ]; then break; fi
|
||||
done
|
||||
|
||||
NEW_IP="192.168.176.$IP_SUFFIX"
|
||||
GATEWAY="192.168.176.1"
|
||||
DNS="192.168.176.101 192.168.174.101 1.1.1.1"
|
||||
sudo nmcli con mod "$CON_NAME" ipv4.addresses "$NEW_IP/24" ipv4.gateway "192.168.176.1" ipv4.dns "192.168.176.101 192.168.174.101 1.1.1.1" ipv4.method manual
|
||||
echo -e "${GREEN}Netzwerk konfiguriert. Neustart der Verbindung erforderlich.${NC}"
|
||||
|
||||
echo -e "${GREEN}Setze IP auf $NEW_IP...${NC}"
|
||||
|
||||
# Konfiguration anwenden
|
||||
sudo nmcli con mod "$CON_NAME" \
|
||||
ipv4.addresses "$NEW_IP/24" \
|
||||
ipv4.gateway "$GATEWAY" \
|
||||
ipv4.dns "$DNS" \
|
||||
ipv4.method manual
|
||||
|
||||
echo -e "${GREEN}Netzwerkeinstellungen gespeichert.${NC}"
|
||||
echo -e "${YELLOW}ACHTUNG: Die neuen Einstellungen werden erst nach einem Neustart der Verbindung aktiv.${NC}"
|
||||
|
||||
read -p "Soll die Verbindung jetzt neu gestartet werden? (j/n): " RESTART_NET
|
||||
if [[ "$RESTART_NET" =~ ^[jJ]$ ]]; then
|
||||
sudo nmcli con up "$CON_NAME"
|
||||
fi
|
||||
read -p "Verbindung jetzt neu starten? (j/n): " RESTART_NET
|
||||
if [[ "$RESTART_NET" =~ ^[jJ]$ ]]; then sudo nmcli con up "$CON_NAME"; fi
|
||||
}
|
||||
|
||||
# 7. Univention Domain Join installieren (Ubuntu PPA Methode)
|
||||
install_univention_join() {
|
||||
echo -e "${YELLOW}=== Univention Domain Join Installation ===${NC}"
|
||||
# 7. UCS Domain Join (Automatisch)
|
||||
perform_ucs_join() {
|
||||
echo -e "${YELLOW}=== UCS Domain Join ===${NC}"
|
||||
|
||||
echo -e "${GREEN}Füge Univention PPA hinzu...${NC}"
|
||||
# -y flag akzeptiert automatisch die Bestätigung
|
||||
sudo add-apt-repository -y ppa:univention-dev/ppa
|
||||
|
||||
echo -e "${GREEN}Aktualisiere Paketquellen...${NC}"
|
||||
sudo apt-get update
|
||||
|
||||
echo -e "${GREEN}Installiere univention-domain-join...${NC}"
|
||||
sudo DEBIAN_FRONTEND=noninteractive apt-get install -y univention-domain-join
|
||||
|
||||
if [ $? -eq 0 ]; then
|
||||
echo -e "${GREEN}Univention Domain Join erfolgreich installiert.${NC}"
|
||||
if [[ -f "$SENTINEL" ]]; then
|
||||
echo -e "${YELLOW}Domänenbeitritt bereits erledigt (${SENTINEL}) – überspringe Join.${NC}"
|
||||
else
|
||||
echo -e "${RED}Fehler bei der Installation von Univention Domain Join.${NC}"
|
||||
echo -e "${GREEN}Installiere Join Tools...${NC}"
|
||||
sudo add-apt-repository -y ppa:univention-dev/ppa || true
|
||||
sudo apt-get update
|
||||
sudo apt-get install -y univention-domain-join-cli realmd || true
|
||||
|
||||
echo
|
||||
read -r -p "FQDN deiner UCS/AD-Domäne (z.B. company.local): " DOMAIN
|
||||
while [[ -z "${DOMAIN:-}" ]]; do read -r -p "Bitte Domänen-FQDN angeben: " DOMAIN; done
|
||||
|
||||
read -r -p "Domänen-Benutzer [${DEFAULT_USER}]: " JOINUSER
|
||||
JOINUSER="${JOINUSER:-$DEFAULT_USER}"
|
||||
|
||||
echo; echo "DC-IP optional (oder leer): ${DEFAULT_DC_IPS[*]}"
|
||||
read -r -p "DC-IP (optional): " DCIP
|
||||
|
||||
echo -e "${GREEN}Domänenbeitritt läuft...${NC}"
|
||||
set +e
|
||||
|
||||
try_join(){
|
||||
local ip="${1:-}"
|
||||
if [[ -n "$ip" ]]; then
|
||||
sudo univention-domain-join-cli --domain "$DOMAIN" --dc-ip "$ip" --username "$JOINUSER"
|
||||
else
|
||||
sudo univention-domain-join-cli --domain "$DOMAIN" --username "$JOINUSER"
|
||||
fi
|
||||
}
|
||||
|
||||
if [[ -n "${DCIP:-}" ]]; then
|
||||
try_join "$DCIP"
|
||||
rc=$?
|
||||
else
|
||||
try_join ""
|
||||
rc=$?
|
||||
if [[ $rc -ne 0 ]]; then
|
||||
for ip in "${DEFAULT_DC_IPS[@]}"; do
|
||||
echo "Versuche Fallback DC: $ip"
|
||||
try_join "$ip"
|
||||
rc=$?
|
||||
[[ $rc -eq 0 ]] && break
|
||||
done
|
||||
fi
|
||||
fi
|
||||
|
||||
set -e
|
||||
|
||||
if [[ $rc -ne 0 ]]; then
|
||||
echo -e "${RED}Domänenbeitritt fehlgeschlagen.${NC}"
|
||||
return 1
|
||||
fi
|
||||
|
||||
echo -e "${GREEN}Domänenbeitritt erfolgreich.${NC}"
|
||||
sudo touch "$SENTINEL"
|
||||
|
||||
# Realm Permissions
|
||||
if command -v realm >/dev/null 2>&1; then
|
||||
sudo realm permit -g "Domain Admins" || true
|
||||
fi
|
||||
|
||||
# Sudoers für Domain Admins
|
||||
echo -e "${GREEN}Füge Domain Admins zu den Sudoers hinzu...${NC}"
|
||||
echo "%Domain\\ Admins ALL=(ALL:ALL) ALL" | sudo tee /etc/sudoers.d/domain-admins > /dev/null
|
||||
sudo chmod 440 /etc/sudoers.d/domain-admins
|
||||
|
||||
if sudo visudo -cf /etc/sudoers.d/domain-admins; then
|
||||
echo -e "${GREEN}Sudoers Datei ist gültig.${NC}"
|
||||
else
|
||||
echo -e "${RED}WARNUNG: Sudoers Datei ist ungültig! Lösche sie zur Sicherheit.${NC}"
|
||||
sudo rm /etc/sudoers.d/domain-admins
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
# 8. Autofs & Shared Dir
|
||||
# 8. SSH/RDP & Realm Config
|
||||
configure_ssh_rdp() {
|
||||
echo -e "${YELLOW}=== Konfiguration SSH/RDP & Realm ===${NC}"
|
||||
|
||||
SSHD="/etc/ssh/sshd_config"
|
||||
if [ -f "$SSHD" ]; then
|
||||
sudo cp -a "$SSHD" "${SSHD}.bak.$(date +%F_%H%M)" || true
|
||||
|
||||
if grep -q '^UsePAM' "$SSHD"; then
|
||||
sudo sed -i 's/^UsePAM.*/UsePAM yes/' "$SSHD"
|
||||
else
|
||||
echo 'UsePAM yes' | sudo tee -a "$SSHD"
|
||||
fi
|
||||
|
||||
if grep -q '^PasswordAuthentication' "$SSHD"; then
|
||||
sudo sed -i 's/^PasswordAuthentication.*/PasswordAuthentication yes/' "$SSHD"
|
||||
else
|
||||
echo 'PasswordAuthentication yes' | sudo tee -a "$SSHD"
|
||||
fi
|
||||
|
||||
sudo systemctl enable --now ssh
|
||||
sudo systemctl restart ssh || true
|
||||
fi
|
||||
|
||||
if command -v ufw >/dev/null 2>&1 && sudo ufw status | grep -q "Status: active"; then
|
||||
sudo ufw allow 22/tcp || true
|
||||
sudo ufw allow 3389/tcp || true
|
||||
fi
|
||||
|
||||
if command -v realm >/dev/null 2>&1; then
|
||||
sudo realm permit -g "Domain Users" -g "Domain Admins" || true
|
||||
fi
|
||||
}
|
||||
|
||||
# 9. GTK Bookmarks einrichten
|
||||
setup_bookmarks() {
|
||||
echo -e "${GREEN}Richte GTK Bookmarks ein...${NC}"
|
||||
BOOKMARKS_FILE="$HOME/.config/gtk-3.0/bookmarks"
|
||||
|
||||
# Verzeichnis erstellen falls nicht vorhanden
|
||||
mkdir -p "$(dirname "$BOOKMARKS_FILE")"
|
||||
|
||||
declare -a BOOKMARKS=(
|
||||
"file:///net/192.168.176.13/srv/fileserver/aufmasse Aufmasse"
|
||||
"file:///net/192.168.176.13/srv/fileserver/dokumente Dokumente"
|
||||
"file:///net/192.168.176.13/srv/fileserver/hausverwaltung Hausverwaltung"
|
||||
"file:///net/192.168.176.13/srv/fileserver/buchhaltung Buchhaltung"
|
||||
"file:///net/192.168.176.13/srv/fileserver/feldrechner Feldrechner"
|
||||
"file:///net/192.168.176.13/srv/fileserver/scripte Scripte"
|
||||
"file:///net/192.168.176.13/srv/fileserver/scandaten Scandaten"
|
||||
"file:///net/192.168.176.12/srv/fileserver/aufmasse-archiv Aufmasse Archiv"
|
||||
"file:///home/shared Shared"
|
||||
)
|
||||
|
||||
for BM in "${BOOKMARKS[@]}"; do
|
||||
# Nur hinzufügen, wenn noch nicht vorhanden (vermeidet Duplikate)
|
||||
if ! grep -qF "$BM" "$BOOKMARKS_FILE" 2>/dev/null; then
|
||||
echo "$BM" >> "$BOOKMARKS_FILE"
|
||||
echo "Bookmark hinzugefügt: $BM"
|
||||
else
|
||||
echo "Bookmark existiert bereits: $BM"
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
# 10. Autofs & Shared Dir
|
||||
setup_system_extras() {
|
||||
echo -e "${GREEN}Richte autofs ein...${NC}"
|
||||
sudo apt install -y autofs
|
||||
if ! grep -q "/net /etc/auto.net" /etc/auto.master; then
|
||||
echo "/net /etc/auto.net --timeout=600" | sudo tee -a /etc/auto.master
|
||||
fi
|
||||
systemctl restart autofs
|
||||
systemctl enable autofs
|
||||
sudo systemctl restart autofs
|
||||
sudo systemctl enable autofs
|
||||
|
||||
SHARED_DIR="/home/shared"
|
||||
if [ ! -d "$SHARED_DIR" ]; then
|
||||
sudo mkdir -p "$SHARED_DIR"
|
||||
sudo chmod 1777 "$SHARED_DIR"
|
||||
fi
|
||||
echo "file:///net/192.168.176.13/srv/fileserver/aufmasse Aufmasse" >> ~/.config/gtk-3.0/bookmarks
|
||||
echo "file:///net/192.168.176.13/srv/fileserver/dokumente Dokumente" >> ~/.config/gtk-3.0/bookmarks
|
||||
echo "file:///net/192.168.176.13/srv/fileserver/hausverwaltung Hausverwaltung" >> ~/.config/gtk-3.0/bookmarks
|
||||
echo "file:///net/192.168.176.13/srv/fileserver/buchhaltung Buchhaltung" >> ~/.config/gtk-3.0/bookmarks
|
||||
echo "file:///net/192.168.176.13/srv/fileserver/feldrechner Feldrechner" >> ~/.config/gtk-3.0/bookmarks
|
||||
echo "file:///net/192.168.176.13/srv/fileserver/scripte Scripte" >> ~/.config/gtk-3.0/bookmarks
|
||||
echo "file:///net/192.168.176.13/srv/fileserver/scandaten Scandaten" >> ~/.config/gtk-3.0/bookmarks
|
||||
echo "file:///net/192.168.176.12/srv/fileserver/aufmasse-archiv Aufmasse Archiv" >> ~/.config/gtk-3.0/bookmarks
|
||||
echo "file:///home/shared Shared" >> ~/.config/gtk-3.0/bookmarks
|
||||
}
|
||||
|
||||
# ================================
|
||||
|
|
@ -249,9 +334,11 @@ install_snap_packages
|
|||
install_flatpak_packages
|
||||
install_deb_packages
|
||||
setup_system_extras
|
||||
setup_bookmarks
|
||||
|
||||
# Interaktive Teile am Ende
|
||||
# Konfigurationen
|
||||
configure_network
|
||||
install_univention_join
|
||||
perform_ucs_join
|
||||
configure_ssh_rdp
|
||||
|
||||
echo -e "${GREEN}Skript vollständig abgeschlossen.${NC}"
|
||||
Loading…
Reference in New Issue