Installs Rundeck 2.6.11 and configures it with empty project and with auth token to access everything remotely

instrundeck.sh

#!/bin/sh

#
### WARNING!!! REMOVES PREVIOUS INSTANCE AND RUNDECK DB OFF THE SERVER!!! WARNING !!! ###
#
# Installs Rundeck and configures it with empty project and with auth token to access everything remotely.
# * Moves rundeck to /rundeck prefix so it can coexist with other projects.
# * Full cleanup from previous installation.
# * Removes POST limit in jetty (important for API calls)
# * Makes it ready for remote API calls
#
# Default user/password is admin:admin
#
# Listens to environment variables:
# RUNDECK_HOST=hostname - hostname to use instead of `hostname`
# RUNDECK_DB=default - database to configure (default - h2 or mysql - you will be prompted for mysql root password)
# RUNDECK_TOKEN=.... - API token to use, instead of using autogenerated one
# RUNDECK_PROJECT=local - project to create
#
# Tested on Ubuntu 14.04

# project name
pname=${RUNDECK_PROJECT:-local}
# token, either generate it or use static
token=`dd if=/dev/urandom bs=1024 count=1 2>/dev/null| md5sum | cut -d" " -f1`
token=${RUNDECK_TOKEN:-$token}

# Make hostname instead of localhost so accessible from anywhere
hostname=`hostname`
rhost=${RUNDECK_HOST:-$hostname}
rport=${RUNDECK_PORT:-4440}
dbtype=${RUNDECK_DB:-default}
ver=${RUNDECK_VERSION:-2.6.11}

echo Installing Rundeck $ver URL $rhost:$rport project $pname token $token db $dbtype

# ensure no rundeck is running and all is clean
sudo service rundeckd stop
sudo rm -Rf /tmp/rundeck
sudo rm -Rf /var/rundeck
sudo rm -Rf /var/lib/rundeck
sudo rm -Rf /var/log/rundeck
sudo rm -Rf /etc/rundeck
sudo apt-get -y remove rundeck
sudo apt-get -y purge rundeck

# download rundeck deb
if [ ! -f /tmp/rundeck-$ver.deb ]; then
  curl -L -o /tmp/rundeck-$ver.deb http://dl.bintray.com/rundeck/rundeck-deb/rundeck-$ver-1-GA.deb
fi

sudo dpkg -i /tmp/rundeck-$ver.deb
sudo mkdir -p /tmp/rundeck
# fix rights to folder sometimes it is wrong set
sudo chmod a+rw -R /tmp/rundeck

# init one project
sudo mkdir -p /var/rundeck/projects/$pname/etc/
pxml=/var/rundeck/projects/$pname/etc/resources.xml
pfile=/var/rundeck/projects/$pname/etc/project.properties
echo project.name=$pname | sudo tee $pfile
echo resources.source.1.config.requireFileExists=false | sudo tee -a $pfile
echo project.ssh-authentication=privateKey | sudo tee -a $pfile
echo service.NodeExecutor.default.provider=jsch-ssh | sudo tee -a $pfile
echo resources.source.1.config.includeServerNode=true | sudo tee -a $pfile
echo resources.source.1.config.generateFileAutomatically=true | sudo tee -a $pfile
echo resources.source.1.config.format=resourcexml | sudo tee -a $pfile
echo resources.source.1.config.file=/var/rundeck/projects/$pname/etc/resources.xml | sudo tee -a $pfile
echo project.ssh-keypath=/var/lib/rundeck/.ssh/id_rsa | sudo tee -a $pfile
echo service.FileCopier.default.provider=jsch-scp | sudo tee -a $pfile
echo resources.source.1.type=file | sudo tee -a $pfile

# Change admin password
if [ "$ADMINPW" != "" ]; then 
  sudo echo "admin:$ADMINPW,user,admin,architect,deploy,build" | sudo tee /etc/rundeck/realm.properties 
fi

sudo sed -i -re "s/localhost:4440/$rhost:$rport/g" /etc/rundeck/rundeck-config.properties
sudo sed -i -re "s/localhost:4440/$rhost:$rport/g" /etc/rundeck/framework.properties

# Init empty resources.xml with one (local) node
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" | sudo tee $pxml
echo "<project>" | sudo tee -a $pxml
echo "<node name=\"$hostname\" description=\"Rundeck server node\" tags=\"\" hostname=\"localhost\" osArch=\"amd64\" osFamily=\"unix\" osName=\"Linux\" username=\"rundeck\"/>" | sudo tee -a $pxml
echo "</project>" | sudo tee -a $pxml

sudo chown rundeck.rundeck -R /var/rundeck/ 

sql=/tmp/rundeck.sql

if [ "$dbtype" = "default" ]; then
echo "Default H2 db update"
dburl="jdbc:h2:file:/var/lib/rundeck/data/rundeckdb;MVCC=true"
jar=/var/lib/rundeck/exp/webapp/WEB-INF/lib/h2-1.3.164.jar
# this creates auth token
echo "set autocommit on;" >$sql
echo "create table if not exists auth_token (id bigint generated by default as identity, version bigint not null, auth_roles longvarchar not null, token varchar(255) not null unique, user_id bigint not null, primary key (id));" >>$sql
echo "insert into auth_token (VERSION, AUTH_ROLES, TOKEN, USER_ID) values (0, 'api_token_group', '$token', 1);" >>$sql
echo "SHUTDOWN COMPACT;" >>$sql
sudo java -classpath $jar org.h2.tools.RunScript -url "$dburl" -script $sql -showResults -continueOnError
sudo rm /var/lib/rundeck/data/rundeckdb.lock.db
sudo rm /var/lib/rundeck/data/rundeckdb.trace.db
sudo chown rundeck.rundeck /var/lib/rundeck/data/rundeckdb.h2.db
fi

if [ "$dbtype" = "mysql" ]; then
DBPW=`dd if=/dev/urandom bs=1 count=32 2>/dev/null | md5sum | cut -d" " -f1`
DBUSER=rundeck
echo "Creating MySQL user $DBUSER, enter ROOT password"
echo "GRANT ALL PRIVILEGES ON rundeck.* To '$DBUSER'@'localhost' IDENTIFIED BY '$DBPW';" |  mysql 
# this creates auth token
echo "drop database if exists rundeck;" >$sql
echo "create database rundeck;" >>$sql
echo "use rundeck;" >>$sql
echo "CREATE TABLE IF NOT EXISTS rduser(id bigint(20) NOT NULL AUTO_INCREMENT, version bigint(20) NOT NULL, dashboard_pref varchar(255) DEFAULT NULL, date_created datetime NOT NULL, email varchar(255) DEFAULT NULL, filter_pref varchar(255) DEFAULT NULL, first_name varchar(255) DEFAULT NULL, last_name varchar(255) DEFAULT NULL, last_updated datetime NOT NULL, login varchar(255) NOT NULL, password varchar(255) DEFAULT NULL, PRIMARY KEY (id)) ENGINE=InnoDB DEFAULT CHARSET=latin1;" >>$sql
echo "CREATE TABLE IF NOT EXISTS auth_token(id bigint(20) NOT NULL AUTO_INCREMENT, version bigint(20) NOT NULL, auth_roles longtext NOT NULL, token varchar(255) NOT NULL, user_id bigint(20) NOT NULL, PRIMARY KEY (id), UNIQUE KEY token (token)) ENGINE=InnoDB;" >>$sql
echo "insert into auth_token (VERSION, AUTH_ROLES, TOKEN, USER_ID) values (0, 'api_token_group', '$token', 1);" >>$sql
echo "insert into rduser (id, version, dashboard_pref, date_created, email, filter_pref, first_name, last_name, last_updated, login, password) select 1, 0, NULL, NOW(), 'admin@admin.com', NULL, NULL, NULL, NOW(), 'admin', NULL;" >>$sql

cat $sql | mysql -u$DBUSER -p$DBPW 
sudo sed -i -re "s/dataSource.url/disabled.dataSourceUrl/g" /etc/rundeck/rundeck-config.properties
echo "dataSource.url = jdbc:mysql://localhost/rundeck?autoReconnect=true" | sudo tee -a /etc/rundeck/rundeck-config.properties
echo "dataSource.username = $DBUSER" | sudo tee -a /etc/rundeck/rundeck-config.properties
echo "dataSource.password = $DBPW" | sudo tee -a /etc/rundeck/rundeck-config.properties
fi

# move rundeck to /rundeck prefix in URL
# this is correct, no $ expansion 
echo 'RDECK_JVM="$RDECK_JVM -Dserver.web.context=/rundeck"' | sudo tee -a /etc/rundeck/profile
sudo sed -i -re "s/$rhost:$rport.*/$rhost:$rport\/rundeck/g" /etc/rundeck/rundeck-config.properties

# Listen only on hostname
echo "RDECK_JVM=\"\$RDECK_JVM -Dserver.http.host=$rhost\"" | sudo tee -a /etc/rundeck/profile

# remove limit on post size
# this is correct, no $ expansion 
echo 'RDECK_JVM="$RDECK_JVM -Dorg.eclipse.jetty.server.Request.maxFormContentSize=-1"' | sudo tee -a /etc/rundeck/profile

# start it now
sudo service rundeckd start
sudo update-rc.d rundeckd enable

For no-prompt installation make sure mysql can connect without password (add user and password to ~/.my.cnf). Define env variables to alter behaviour. Make sudo without password (if running under underprivileged user).