Skip to content

Instantly share code, notes, and snippets.

@steelbrain

steelbrain/mariadb_repo_setup

Last active February 25, 2022 22:18
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save steelbrain/fbed5f07d1caeb5b4de356a027116dbf to your computer and use it in GitHub Desktop.
Save steelbrain/fbed5f07d1caeb5b4de356a027116dbf to your computer and use it in GitHub Desktop.
Download ZIP
Package installation scripts
Raw
mariadb_repo_setup
#!/usr/bin/env bash
# shellcheck disable=2016 disable=1091 disable=2059
version="2022-02-08"
# Notes:
# 2022-02-08 - Adjust repo pinning for Ubuntu/Debian, update MariaDB to 10.7
# 2022-01-31 - Verify that server version is valid
# 2022-01-18 - Add aarch64 RHEL/SLES repositories
# 2021-12-10 - Update keyring URL
# 2021-11-18 - Update default URL of script
# 2021-11-08 - Add support for 10.7
# 2021-08-02 - Add Debian 11 Bullseye & aarch64/arm64 MaxScale repositories
# 2021-07-30 - Remove Ubuntu 16.04 Xenial
# 2021-07-06 - Update MariaDB to 10.6
# 2021-06-28 - Fix warnings with debug repositories on Ubuntu 18.04 Bionic
# 2021-06-24 - MDEV-25991, adjust apt-transport-https dependency
# 2021-06-21 - Download repo keys to pki folder on RHEL, SLES
# 2021-06-09 - Limit deb repos to amd64,arm64 architectures
# 2021-06-07 - MDEV-25805 fix detection for Rocky and Alma Linux 8
# 2021-06-01 - Clean Package Cache after yum/dnf/zyp repository configuration
# 2021-05-26 - Fix URL handling, remove unneeded warning
# 2021-05-21 - Set 10.6 repos to pull from the correct place
# 2021-05-03 - Fix MaxScale repository paths, add --skip-check-installed flag
# 2021-03-04 - Add chmod step to ensure apt can read the keyring
# 2021-02-12 - Include dbgsym ddeb packages for Ubuntu
# 2021-01-26 - Validate manually supplied --os-type and --os-version
# 2021-01-22 - Remove ambiguous $releasever and $basearch from rhel repo
# 2021-01-22 - Remove ambiguous $basearch from sles repo
# 2021-01-14 - Add --version flag
# 2020-12-16 - Fix issue with detecting CentOS 8.3+
# 2020-12-16 - remove CentOS 6, deprecated as of Nov 2020
# 2020-12-07 - remove Debian 8 Jessie, deprecated as of Jun 2020
# 2020-10-15 - Add check_installed function to ensure script can run
# 2020-10-15 - Update MariaDB MaxScale to use CDN
# 2020-10-15 - Change default MaxScale to 'latest'
# 2020-09-11 - Update default MaxScale version to 2.5
# 2020-06-25 - Update MariaDB to 10.5, also deprecate Ubuntu 14.04 'trusty'
# 2020-05-12 - update curl command to correctly handle CDN redirects
# 2020-03-27 - add Ubuntu 20.04 "focal"
# 2020-01-22 - add "module_hotfixes = 1" to RHEL/CentOS 8 config (MDEV-20673)
# 2020-01-22 - update msg strings for better output and consistency
# 2020-01-08 - add autorefresh=1 to sles repo configs
# 2019-12-04 - add RHEL 8, and CentOS 8
# 2019-09-25 - add Debian 10 "buster"
# 2019-09-25 - MDEV-20654 - change gpg key importing
# 2019-09-24 - Update to MaxScale Version 2.4
# 2019-06-18 - Update to MariaDB 10.4
# 2018-12-24 - Update to MaxScale Version 2.3
# This script will identify the OS distribution and version, make sure it's
# supported, and set up the appropriate MariaDB software repositories.
supported="# The MariaDB Repository only supports these distributions:
# * RHEL/CentOS 7 & 8 (rhel)
# * Ubuntu 18.04 LTS (bionic), & 20.04 LTS (focal)
# * Debian 9 (stretch), 10 (buster), & 11 (bullseye)
# * SLES 12 & 15 (sles)"
version_info="
# The most recent MariaDB Server versions are listed on:
# https://mariadb.com/kb/en/release-notes/"
otherplatforms="# See https://mariadb.com/kb/en/mariadb/mariadb-package-repository-setup-and-usage/#platform-support"
mariadb_server_version=mariadb-10.7
mariadb_server_version_real=mariadb-10.7
mariadb_maxscale_version=latest
write_to_stdout=0
skip_key_import=0
skip_maxscale=0
skip_server=0
skip_tools=0
skip_check_installed=0
extra_options=""
usage="Usage: curl -LsS https://r.mariadb.com/downloads/mariadb_repo_setup | bash -s -- [OPTIONS]
https://mariadb.com/kb/en/mariadb/mariadb-package-repository-setup-and-usage/
$supported
Options:
--help Display this help and exit.
--version Output the script version and exit.
--mariadb-server-version=<version>
Override the default MariaDB Server version.
By default, the script will use '$mariadb_server_version'.
--mariadb-maxscale-version=<version>
Override the default MariaDB MaxScale version.
By default, the script will use '$mariadb_maxscale_version'.
--os-type=<type> Override detection of OS type. Acceptable values
include 'debian', 'ubuntu', 'rhel', & sles'.
--os-version=<version> Override detection of OS version. Acceptable values
depend on the OS type you specify.
--arch=<architecture> Override detection of CPU architecture. Acceptable
values are 'x86_64', 'aarch64', 'amd64', & 'arm64'.
--skip-key-import Skip importing GPG signing keys.
--skip-maxscale Skip the 'MaxScale' repository.
--skip-server Skip the 'MariaDB Server' repository.
--skip-tools Skip the 'Tools' repository.
--skip-check-installed Skip tests for required prerequisites for this script.
--write-to-stdout Write output to stdout instead of to the OS's
repository configuration. This will also skip
importing GPG keys and updating the package
cache on platforms where that behavior exists.
"
# os_type = ubuntu, debian, rhel, sles
os_type=
# os_version as demanded by the OS (codename, major release, etc.)
os_version=
# These GPG key IDs are used to fetch keys from a keyserver on Ubuntu & Debian
key_ids=( 0x8167EE24 0xE3C94F49 0xcbcb082a1bb943db 0xf1656f24c74cd1d8 0x135659e928c12247 )
# These GPG URLs are used to fetch GPG keys on RHEL and SLES
key_urls=(
https://supplychain.mariadb.com/MariaDB-Server-GPG-KEY
https://supplychain.mariadb.com/MariaDB-MaxScale-GPG-KEY
https://supplychain.mariadb.com/MariaDB-Enterprise-GPG-KEY
)
msg(){
type=$1 #${1^^}
shift
printf "# [$type] %s\n" "$@" >&2
}
error(){
msg error "$@"
exit 1
}
verify_mariadb_server_version() {
rx='^(mariadb-){0,1}(10+\.[2-8]|10+\.[2-8]+\.[1-9]{0,1}[0-9]{1})$'
if [[ $@ =~ $rx ]] ; then
case $os_type in
ubuntu|debian)
verify_url="${url_mariadb_repo}/${mariadb_server_version_real}/repo/${os_type}/dists/${os_version}/Release"
;;
rhel|centos)
verify_url="${url_mariadb_repo}/${mariadb_server_version_real}/yum/rhel/${os_version}/${arch}/repodata/repomd.xml"
;;
sles)
verify_url="${url_mariadb_repo}/${mariadb_server_version_real}/yum/sles/${os_version}/x86_64/repodata/repomd.xml"
;;
esac
error_log=$(mktemp)
http_status_code=$(curl -LsS --stderr ${error_log} -o /dev/null -I -w "%{http_code}" ${verify_url})
return_code="$?"
error_output=$(cat ${error_log})
rm -f ${error_log}
case ${http_status_code} in
200)
msg info "MariaDB Server version ${mariadb_server_version_real} is valid"
;;
403|404)
error "MariaDB Server version ${mariadb_server_version_real} is not working.
Please verify that it is correct. ${version_info}"
;;
*)
error_message="Problem encountered while trying to verify the MariaDB Server version:"
if [[ "${return_code}" -gt "0" ]]; then
error "${error_message}
$error_output ${version_info}"
else
error "${error_message}
Unexpected HTTP response code '${http_status_code}' ${version_info}"
fi
;;
esac
else
error "MariaDB Server version ${mariadb_server_version_real} is not valid. ${version_info}"
fi
}
version(){
printf "mariadb_repo_setup %s\n" "$version"
}
while :; do
case $1 in
--version)
version
exit 0
;;
--mariadb-server-version)
if [[ -n $2 ]] && [[ $2 != --* ]]; then
mariadb_server_version=$2
shift
else
error "The $1 option requires an argument"
fi
;;
--mariadb-server-version=?*)
mariadb_server_version=${1#*=}
;;
--mariadb-server-version=)
error "The $1 option requires an argument"
;;
--mariadb-maxscale-version)
if [[ -n $2 ]] && [[ $2 != --* ]]; then
mariadb_maxscale_version=$2
shift
else
error "The $1 option requires an argument"
fi
;;
--mariadb-maxscale-version=?*)
mariadb_maxscale_version=${1#*=}
;;
--mariadb-maxscale-version=)
error "The $1 option requires an argument"
;;
--write-to-stdout)
write_to_stdout=1
;;
--skip-key-import)
skip_key_import=1
;;
--skip-maxscale)
skip_maxscale=1
;;
--skip-server)
skip_server=1
;;
--skip-tools)
skip_tools=1
;;
--skip-check-installed)
skip_check_installed=1
;;
--os-type)
if [[ -n $2 ]] && [[ $2 != --* ]]; then
os_type=$2
shift
else
error "The $1 option requires an argument"
fi
;;
--os-type=?*)
os_type=${1#*=}
;;
--os-type=)
error "The $1 option requires an argument"
;;
--arch)
if [[ -n $2 ]] && [[ $2 != --* ]]; then
os_type=$2
shift
else
error "The $1 option requires an argument"
fi
;;
--arch=?*)
arch=${1#*=}
# normalize arch names
case $arch in
amd64|x86_64)
arch='x86_64'
;;
aarch64|arm64)
arch='aarch64'
;;
*)
error "You set arch=$arch but valid architectures are: x86_64 (amd64) and aarch64 (arm64)"
;;
esac
;;
--arch=)
error "The $1 option requires an argument"
;;
--os-version)
if [[ -n $2 ]] && [[ $2 != --* ]]; then
os_version=$2
shift
else
error "The $1 option requires an argument"
fi
;;
--os-version=?*)
os_version=${1#*=}
;;
--os-version=)
error "The $1 option requires an argument"
;;
--help)
version
printf "%s" "$usage"
exit
;;
-?*)
msg warning "Unknown option (ignored): $1\n"
;;
*)
break
esac
shift
done
open_outfile(){
unset outfile
if (( write_to_stdout ))
then
exec 4>&1
else
case $1 in
ubuntu|debian) outfile=/etc/apt/sources.list.d/mariadb.list ;;
rhel) outfile=/etc/yum.repos.d/mariadb.repo ;;
sles) outfile=/etc/zypp/repos.d/mariadb.repo ;;
*) error "Sorry, your OS is not supported." "$supported"
esac
if [[ -e $outfile ]]
then
local suffix=0
while [[ -e $outfile.old_$((++suffix)) ]]; do :; done
msg warning "Found existing file at $outfile. Moving to $outfile.old_$suffix"
if ! mv "$outfile" "$outfile.old_$suffix"
then
error "Could not move existing '$outfile'. Aborting"\
"Use the --write-to-stdout option to see its effect without becoming root"
fi
fi
if ! exec 4>"$outfile"
then
error "Could not open file $outfile for writing. Aborting"\
"Use the --write-to-stdout option to see its effect without becoming root"
fi
fi
}
identify_os(){
arch=$(uname -m)
# Check for macOS
if [[ $(uname -s) == Darwin ]]
then
printf '%s\n' \
'To install MariaDB Server from a repository on macOS, please use Homebrew:'\
' https://mariadb.com/kb/en/mariadb/installing-mariadb-on-macos-using-homebrew/'\
'Or use the native PKG installer:'\
' https://mariadb.com/kb/en/mariadb/installing-mariadb-server-pkg-packages-on-macos/'
exit
# Check for RHEL/CentOS, Fedora, etc.
elif command -v rpm >/dev/null && [[ -e /etc/redhat-release ]]
then
os_type=rhel
el_version=$(rpm -qa '(oraclelinux|sl|redhat|centos|fedora|rocky|alma)*release(|-server)' --queryformat '%{VERSION}')
case $el_version in
5*) os_version=5 ; error "RHEL/CentOS 5 is no longer supported" "$supported" ;;
6*) os_version=6 ; error "RHEL/CentOS 6 is no longer supported" "$supported" ;;
7*) os_version=7 ;;
8*) os_version=8 ; extra_options="module_hotfixes = 1" ;;
*) error "Detected RHEL or compatible but version ($el_version) is not supported." "$supported" "$otherplatforms" ;;
esac
elif [[ -e /etc/os-release ]]
then
. /etc/os-release
# Is it Debian?
case $ID in
debian)
os_type=debian
debian_version=$(< /etc/debian_version)
case $debian_version in
9*) os_version=stretch ;;
10*) os_version=buster ;;
11*) os_version=bullseye ;;
*) error "Detected Debian but version ($debian_version) is not supported." "$supported" "$otherplatforms" ;;
esac
;;
ubuntu)
os_type=ubuntu
. /etc/lsb-release
os_version=$DISTRIB_CODENAME
case $os_version in
precise ) error 'Ubuntu version 12.04 LTS has reached End of Life and is no longer supported.' ;;
trusty ) error 'Ubuntu version 14.04 LTS has reached End of Life and is no longer supported.' ;;
xenial ) error 'Ubuntu version 16.04 LTS has reached End of Life and is no longer supported.' ;;
bionic ) extra_options=" lang=none target-=CNF" ;;
focal ) ;;
*) error "Detected Ubuntu but version ($os_version) is not supported." "Only Ubuntu LTS releases are supported." "$otherplatforms" ;;
esac
if [[ $arch == aarch64 ]]
then
case $os_version in
xenial ) ;;
bionic ) extra_options=" lang=none target-=CNF" ;;
focal ) ;;
*) error "Only Ubuntu 16/xenial, 18/bionic, and 20/focal are supported for ARM64. Detected version: '$os_version'" ;;
esac
fi
;;
sles)
os_type=sles
os_version=${VERSION_ID%%.*}
case $os_version in
# 11) ;; # not currently supported
12|15) ;;
*) error "Detected SLES but version ($os_version) is not supported." "$otherplatforms" ;;
esac
;;
esac
fi
if ! [[ $os_type ]] || ! [[ $os_version ]]
then
error "Could not identify OS type or version." "$supported"
fi
}
check_installed() {
local not_installed
local number_not_installed
local install_message
local need_to_install
not_installed=""
need_to_install=false
for package in "$@" ; do
case ${os_type} in
debian|ubuntu)
if { dpkg -l "${package}" | grep ii; } &>/dev/null ; then
need_to_install=false
else
need_to_install=true
fi
;;
rhel|centos)
if { yum list installed "${package}" ; } &>/dev/null ; then
need_to_install=false
else
need_to_install=true
fi
;;
sles)
if { rpm -q "${package}" ; } &>/dev/null ; then
need_to_install=false
else
need_to_install=true
fi
;;
esac
if ${need_to_install} ; then
if [ "${not_installed}" = "" ] ; then
# number of not installed packages is 1
not_installed="${package}"
number_not_installed=1
else
# number of not installed packages is >1
not_installed="${not_installed} ${package}"
number_not_installed=2
fi
fi
done
if [ "${not_installed}" != "" ] ; then
# One or more packages are not installed
case ${number_not_installed} in
1) install_message="The following package is needed by the script, but not installed:" ;;
2) install_message="The following packages are needed by the script, but not installed:" ;;
esac
error "${install_message}
${not_installed}
Please install and rerun the script.
To disable this check add the \`--skip-check-installed\` flag"
fi
}
remove_mdbe_repo(){
case $os_type in
debian|ubuntu)
# First, remove the MariaDB Enterprise Repository config package, if it's installed
if dpkg -l mariadb-enterprise-repository &>/dev/null
then
msg info 'Removing mariadb-enterprise-repository package...'
dpkg -P mariadb-enterprise-repository
fi
;;
rhel|sles)
# First, remove the MariaDB Enterprise Repository config package, if it's installed
if rpm -qs mariadb-enterprise-repository &>/dev/null
then
msg info 'Removing mariadb-enterprise-repository package...'
rpm -e mariadb-enterprise-repository
fi
;;
esac
}
clean_package_cache(){
msg info 'Cleaning package cache...'
case $1 in
yum)
yum clean all
;;
dnf)
dnf clean all
;;
zypper)
zypper clean --all
;;
esac
}
# The directory structure of the MariaDB Server repo is such that the directories for each
# version have "mariadb-" prepended to the version number (i.e. mariadb-10.1 instead of 10.1)
# for 10.6 this has changed to just the version number
if [[ $mariadb_server_version = mariadb-* ]]
then
mariadb_server_version_num=${mariadb_server_version#*-}
else
mariadb_server_version_num=$mariadb_server_version
mariadb_server_version=mariadb-$mariadb_server_version
fi
# If we're writing the repository info to stdout, let's not try to import the signing keys.
((write_to_stdout)) && skip_key_import=1
if [[ ! $arch ]]
then
arch=$(uname -m)
fi
case $arch in
x86_64) ;;
aarch64) skip_tools=1;;
*) error "The MariaDB Repository only supports x86_64 and aarch64 (detected $arch)." "$supported" "$otherplatforms" ;;
esac
if [[ $os_type ]] && [[ $os_version ]]
then
# Both were given on the command line, so we'll just try using those.
msg info "Skipping OS detection and using OS type '$os_type' and version '$os_version' as given on the command line"
# We're skipping OS detection, so set extra_options to the correct value
# for RHEL/CentOS 8
case $os_version in
7*|8*)
if [ $os_type = 'rhel' ] ; then
case $os_version in
7*) os_version=7 ;;
8*) os_version=8 ; extra_options="module_hotfixes = 1" ;;
esac
else
error "--os-version='$os_version' is only valid if --os-type='rhel', you gave '$os_type'" "$supported"
fi
;;
9|10)
if [ $os_type = 'debian' ] ; then
case $os_version in
9) os_version='stretch' ;;
10) os_version='buster' ;;
11) os_version='bullseye' ;;
esac
else
error "--os-version='$os_version' is only valid if --os-type='debian', you gave '$os_type'" "$supported"
fi
;;
12*|15*)
if [ $os_type = 'sles' ] ; then
case $os_version in
12*) os_version=12 ;;
15*) os_version=15 ;;
esac
else
error "--os-version='$os_version' is only valid if --os-type='sles', you gave '$os_type'" "$supported"
fi
;;
xenial|bionic|focal)
if [ $os_type != 'ubuntu' ] ; then
error "--os-version='$os_version' is only valid if --os-type='ubuntu', you gave '$os_type'" "$supported"
fi
;;
stretch|buster|bullseye)
if [ $os_type != 'debian' ] ; then
error "--os-version='$os_version' is only valid if --os-type='debian', you gave '$os_type'" "$supported"
fi
;;
*) error "--os-type='$os_type' with --os-version='$os_version' is an invalid combination" "$supported" ;;
esac
elif [[ $os_type ]] || [[ $os_version ]]
then
error 'If you give either --os-type or --os-version, you must give both.'
else
identify_os
fi
# Handle various aarch64 repositories
if [[ "$arch" = 'aarch64' ]] ; then
case $os_version in
7)
((skip_maxscale)) || msg info "Skipping MariaDB MaxScale as RHEL 7 does not have aarch64 packages available."
((skip_maxscale)) || skip_maxscale=1
;;
12)
error "There are no aarch64 packages available for MariaDB Server or MariaDB MaxScale for SLES 12."
;;
15)
((skip_server)) || msg warning "Skipping MariaDB Server as there are no aarch64 packages available."
((skip_server)) || skip_server=1
;;
esac
fi
if (($skip_check_installed))
then
msg info "Skipping check for script prerequisites."
else
msg info "Checking for script prerequisites."
case $os_version in
stretch) check_installed curl ca-certificates apt-transport-https ;;
*) check_installed curl ca-certificates ;;
esac
fi
case ${mariadb_server_version} in
*10.6*|*10.7*|*10.8*)
url_base="dlm.mariadb.com"
url_mariadb_repo="https://${url_base}/repo/mariadb-server"
mariadb_server_version_real=$mariadb_server_version_num
;;
*)
url_base="downloads.mariadb.com"
url_mariadb_repo="https://${url_base}/MariaDB"
mariadb_server_version_real=$mariadb_server_version
;;
esac
rhel_repo_server="
[mariadb-main]
name = MariaDB Server
baseurl = ${url_mariadb_repo}/%s/yum/rhel/%s/%s
gpgkey = file:///etc/pki/rpm-gpg/MariaDB-Server-GPG-KEY
gpgcheck = 1
enabled = 1
%s"
rhel_repo_maxscale='
[mariadb-maxscale]
# To use the latest stable release of MaxScale, use "latest" as the version
# To use the latest beta (or stable if no current beta) release of MaxScale, use "beta" as the version
name = MariaDB MaxScale
baseurl = https://dlm.mariadb.com/repo/maxscale/%s/yum/rhel/%s/%s
gpgkey = file:///etc/pki/rpm-gpg/MariaDB-MaxScale-GPG-KEY
gpgcheck = 1
enabled = 1'
rhel_repo_tools='
[mariadb-tools]
name = MariaDB Tools
baseurl = https://downloads.mariadb.com/Tools/rhel/%s/x86_64
gpgkey = file:///etc/pki/rpm-gpg/MariaDB-Enterprise-GPG-KEY
gpgcheck = 1
enabled = 1'
deb_repo_server="
# MariaDB Server
# To use a different major version of the server, or to pin to a specific minor version, change URI below.
deb [arch=amd64,arm64] ${url_mariadb_repo}/%s/repo/%s %s main"
deb_repo_server_debug="deb [arch=amd64,arm64${extra_options}] ${url_mariadb_repo}/%s/repo/%s %s main/debug"
deb_repo_maxscale='
# MariaDB MaxScale
# To use the latest stable release of MaxScale, use "latest" as the version
# To use the latest beta (or stable if no current beta) release of MaxScale, use "beta" as the version
deb [arch=amd64,arm64] https://dlm.mariadb.com/repo/maxscale/%s/%s %s main'
deb_repo_tools='
# MariaDB Tools
deb [arch=amd64] http://downloads.mariadb.com/Tools/%s %s main'
sles_repo_server="
[mariadb-server]
name = MariaDB Server
baseurl = ${url_mariadb_repo}/%s/yum/sles/%s/x86_64
gpgkey = file:///etc/pki/trust/MariaDB-Server-GPG-KEY
gpgcheck = 1
type=rpm-md
enabled = 1
autorefresh=1
priority=10"
sles_repo_maxscale='
[mariadb-maxscale]
# To use the latest stable release of MaxScale, use "latest" as the version
# To use the latest beta (or stable if no current beta) release of MaxScale, use "beta" as the version
name = MariaDB MaxScale
baseurl = https://dlm.mariadb.com/repo/maxscale/%s/yum/sles/%s/%s
gpgkey = file:///etc/pki/trust/MariaDB-MaxScale-GPG-KEY
enabled = 1
autorefresh=1
gpgcheck = 1
type=rpm-md
priority=10'
sles_repo_tools='
[mariadb-tools]
name = MariaDB Tools
baseurl = https://downloads.mariadb.com/Tools/sles/%s/x86_64
gpgkey = file:///etc/pki/trust/MariaDB-Enterprise-GPG-KEY
enabled = 1
autorefresh=1
gpgcheck = 1
type=rpm-md
priority=10'
open_outfile "$os_type"
# If we're not writing to stdout, try to remove the mariadb-enterprise-repository package
((write_to_stdout)) || remove_mdbe_repo
case $os_type in
ubuntu|debian)
((skip_server)) || verify_mariadb_server_version $mariadb_server_version_real
# If we are not writing to stdout, create an apt preferences file to give our
# packages the highest possible priority
if ((write_to_stdout))
then
msg info 'If run without --write-to-stdout, this script will create /etc/apt/preferences.d/mariadb-enterprise.pref to give packages from MariaDB repositories highest priority, in order to avoid conflicts with packages from OS and other repositories.'
else
printf '%s\n' \
'Package: *'\
"Pin: origin ${url_base}"\
'Pin-Priority: 1000'\
> /etc/apt/preferences.d/mariadb-enterprise.pref
fi
{
((skip_server)) || printf "$deb_repo_server\n\n" "$mariadb_server_version_real" "$os_type" "$os_version"
case $os_type in
ubuntu)
((skip_server)) || printf "$deb_repo_server_debug\n\n" "$mariadb_server_version_real" "$os_type" "$os_version"
;;
esac
((skip_maxscale)) || printf "$deb_repo_maxscale\n\n" "$mariadb_maxscale_version" "apt" "$os_version"
((skip_tools)) || printf "$deb_repo_tools\n" "$os_type" "$os_version"
} >&4
((write_to_stdout)) || msg info "Repository file successfully written to $outfile"
if ! ((skip_key_import))
then
msg info 'Adding trusted package signing keys...'
if curl -LsSO https://supplychain.mariadb.com/mariadb-keyring-2019.gpg
then
if curl -LsS https://supplychain.mariadb.com/mariadb-keyring-2019.gpg.sha256 | sha256sum -c --quiet
then
msg info 'Running apt-get update...'
if mv mariadb-keyring-2019.gpg /etc/apt/trusted.gpg.d/ &&
chmod 644 /etc/apt/trusted.gpg.d/mariadb-keyring-2019.gpg &&
apt-get -qq update
then
msg info 'Done adding trusted package signing keys'
else
msg error 'Failed to add trusted package signing keys'
fi
else
msg error 'Failed to verify trusted package signing keys keyring file'
fi
else
msg error 'Failed to download trusted package signing keys keyring file'
fi
elif ((write_to_stdout))
then
msg info 'If run without --skip-key-import/--write-to-stdout, this script will import package signing keys used by MariaDB'
fi
;;
rhel)
((skip_server)) || verify_mariadb_server_version $mariadb_server_version_real
{
((skip_server)) || printf "$rhel_repo_server\n\n" "$mariadb_server_version_real" "$os_version" "$arch" "$extra_options"
((skip_maxscale)) || printf "$rhel_repo_maxscale\n\n" "$mariadb_maxscale_version" "$os_version" "$arch"
((skip_tools)) || printf "$rhel_repo_tools\n" "$os_version"
} >&4
((write_to_stdout)) || msg info "Repository file successfully written to $outfile"
if ! ((skip_key_import))
then
msg info 'Adding trusted package signing keys...'
if rpm --import "${key_urls[@]}"
then
pushd /etc/pki/rpm-gpg/
for key in ${key_urls[@]} ; do curl -LsSO ${key};done
popd
msg info 'Successfully added trusted package signing keys'
else
msg error 'Failed to add trusted package signing keys'
fi
fi
((write_to_stdout)) || clean_package_cache yum
;;
sles)
((skip_server)) || verify_mariadb_server_version $mariadb_server_version_real
{
((skip_server)) || printf "$sles_repo_server\n\n" "$mariadb_server_version_real" "$os_version"
((skip_maxscale)) || printf "$sles_repo_maxscale\n\n" "$mariadb_maxscale_version" "$os_version" "$arch"
((skip_tools)) || printf "$sles_repo_tools\n" "$os_version"
} >&4
((write_to_stdout)) || msg info "Repository file successfully written to $outfile"
if ! ((skip_key_import))
then
if [[ $os_version = 11 ]]
then
# RPM in SLES 11 doesn't support HTTPS, so munge the URLs to use standard HTTP
rpm --import "${key_urls[@]/#https/http}"
else
msg info 'Adding trusted package signing keys...'
if rpm --import "${key_urls[@]}"
then
pushd /etc/pki/trust/
for key in ${key_urls[@]} ; do curl -LsSO ${key};done
popd
msg info 'Successfully added trusted package signing keys'
else
msg error 'Failed to add trusted package signing keys'
fi
fi
fi
((write_to_stdout)) || clean_package_cache zypper
;;
*)
error "Sorry, your OS is not supported." "$supported"
;;
esac
Raw
varnish_install
#!/bin/bash
unknown_os ()
{
echo "Unfortunately, your operating system distribution and version are not supported by this script."
echo
echo "You can override the OS detection by setting os= and dist= prior to running this script."
echo "You can find a list of supported OSes and distributions on our website: https://packagecloud.io/docs#os_distro_version"
echo
echo "For example, to force Ubuntu Trusty: os=ubuntu dist=trusty ./script.sh"
echo
echo "Please email support@packagecloud.io and let us know if you run into any issues."
exit 1
}
gpg_check ()
{
echo "Checking for gpg..."
if command -v gpg > /dev/null; then
echo "Detected gpg..."
else
echo "Installing gnupg for GPG verification..."
apt-get install -y gnupg
if [ "$?" -ne "0" ]; then
echo "Unable to install GPG! Your base system has a problem; please check your default OS's package repositories because GPG should work."
echo "Repository installation aborted."
exit 1
fi
fi
}
curl_check ()
{
echo "Checking for curl..."
if command -v curl > /dev/null; then
echo "Detected curl..."
else
echo "Installing curl..."
apt-get install -q -y curl
if [ "$?" -ne "0" ]; then
echo "Unable to install curl! Your base system has a problem; please check your default OS's package repositories because curl should work."
echo "Repository installation aborted."
exit 1
fi
fi
}
install_debian_keyring ()
{
if [ "${os,,}" = "debian" ]; then
echo "Installing debian-archive-keyring which is needed for installing "
echo "apt-transport-https on many Debian systems."
apt-get install -y debian-archive-keyring &> /dev/null
fi
}
detect_os ()
{
if [[ ( -z "${os}" ) && ( -z "${dist}" ) ]]; then
# some systems dont have lsb-release yet have the lsb_release binary and
# vice-versa
if [ -e /etc/lsb-release ]; then
. /etc/lsb-release
if [ "${ID}" = "raspbian" ]; then
os=${ID}
dist=`cut --delimiter='.' -f1 /etc/debian_version`
else
os=${DISTRIB_ID}
dist=${DISTRIB_CODENAME}
if [ -z "$dist" ]; then
dist=${DISTRIB_RELEASE}
fi
fi
elif [ `which lsb_release 2>/dev/null` ]; then
dist=`lsb_release -c | cut -f2`
os=`lsb_release -i | cut -f2 | awk '{ print tolower($1) }'`
elif [ -e /etc/debian_version ]; then
# some Debians have jessie/sid in their /etc/debian_version
# while others have '6.0.7'
os=`cat /etc/issue | head -1 | awk '{ print tolower($1) }'`
if grep -q '/' /etc/debian_version; then
dist=`cut --delimiter='/' -f1 /etc/debian_version`
else
dist=`cut --delimiter='.' -f1 /etc/debian_version`
fi
else
unknown_os
fi
fi
if [ -z "$dist" ]; then
unknown_os
fi
# remove whitespace from OS and dist name
os="${os// /}"
dist="${dist// /}"
echo "Detected operating system as $os/$dist."
}
detect_version_id () {
# detect version_id and round down float to integer
if [ -f /etc/os-release ]; then
. /etc/os-release
version_id=${VERSION_ID%%.*}
elif [ -f /usr/lib/os-release ]; then
. /usr/lib/os-release
version_id=${VERSION_ID%%.*}
else
version_id="1"
fi
}
main ()
{
detect_os
curl_check
gpg_check
detect_version_id
# Need to first run apt-get update so that apt-transport-https can be
# installed
echo -n "Running apt-get update... "
apt-get update &> /dev/null
echo "done."
# Install the debian-archive-keyring package on debian systems so that
# apt-transport-https can be installed next
install_debian_keyring
echo -n "Installing apt-transport-https... "
apt-get install -y apt-transport-https &> /dev/null
echo "done."
gpg_key_url="https://packagecloud.io/varnishcache/varnish70/gpgkey"
apt_config_url="https://packagecloud.io/install/repositories/varnishcache/varnish70/config_file.list?os=${os}&dist=${dist}&source=script"
apt_source_path="/etc/apt/sources.list.d/varnishcache_varnish70.list"
gpg_keyring_path="/usr/share/keyrings/varnishcache_varnish70-archive-keyring.gpg"
echo -n "Installing $apt_source_path..."
# create an apt config file for this repository
curl -sSf "${apt_config_url}" > $apt_source_path
curl_exit_code=$?
if [ "$curl_exit_code" = "22" ]; then
echo
echo
echo -n "Unable to download repo config from: "
echo "${apt_config_url}"
echo
echo "This usually happens if your operating system is not supported by "
echo "packagecloud.io, or this script's OS detection failed."
echo
echo "You can override the OS detection by setting os= and dist= prior to running this script."
echo "You can find a list of supported OSes and distributions on our website: https://packagecloud.io/docs#os_distro_version"
echo
echo "For example, to force Ubuntu Trusty: os=ubuntu dist=trusty ./script.sh"
echo
echo "If you are running a supported OS, please email support@packagecloud.io and report this."
[ -e $apt_source_path ] && rm $apt_source_path
exit 1
elif [ "$curl_exit_code" = "35" -o "$curl_exit_code" = "60" ]; then
echo "curl is unable to connect to packagecloud.io over TLS when running: "
echo " curl ${apt_config_url}"
echo "This is usually due to one of two things:"
echo
echo " 1.) Missing CA root certificates (make sure the ca-certificates package is installed)"
echo " 2.) An old version of libssl. Try upgrading libssl on your system to a more recent version"
echo
echo "Contact support@packagecloud.io with information about your system for help."
[ -e $apt_source_path ] && rm $apt_source_path
exit 1
elif [ "$curl_exit_code" -gt "0" ]; then
echo
echo "Unable to run: "
echo " curl ${apt_config_url}"
echo
echo "Double check your curl installation and try again."
[ -e $apt_source_path ] && rm $apt_source_path
exit 1
else
echo "done."
fi
echo -n "Importing packagecloud gpg key... "
# import the gpg key
curl -fsSL "${gpg_key_url}" | gpg --dearmor > ${gpg_keyring_path}
# check for os/dist based on pre debian stretch
if
{ [ "${os,,}" = "debian" ] && [ "${version_id}" -lt 9 ]; } ||
{ [ "${os,,}" = "ubuntu" ] && [ "${version_id}" -lt 16 ]; } ||
{ [ "${os,,}" = "linuxmint" ] && [ "${version_id}" -lt 19 ]; } ||
{ [ "${os,,}" = "raspbian" ] && [ "${version_id}" -lt 9 ]; } ||
{ { [ "${os,,}" = "elementaryos" ] || [ "${os,,}" = "elementary" ]; } && [ "${version_id}" -lt 5 ]; }
then
# move to trusted.gpg.d
mv ${gpg_keyring_path} /etc/apt/trusted.gpg.d/varnishcache_varnish70.gpg
fi
echo "done."
echo -n "Running apt-get update... "
# update apt on this system
apt-get update &> /dev/null
echo "done."
echo
echo "The repository is setup! You can now install packages."
}
main
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment