Commit 2b078bcb authored by Peter NORTHUP's avatar Peter NORTHUP

Cleaned up variables, now installs NoMAD but doesn't configure yet

parent c903d43b
File added
#!/bin/sh
# Mount network shares for MacBooks.
# Nina Pollak, Jozef Reisinger, Liviu Radulescu
rm -f $HOME/.mount_staffdata
DESKTOP="$HOME/Desktop"
LOG_FILE='/tmp/mountist.log'
username=`/usr/bin/id -un`
DOMAIN='IST.LOCAL'
IST_SHARES_FOLDER=$HOME/Desktop/IST-Net-Shares
# bash builtin echo does not support -n
ECHO_N='/bin/echo -n'
mount_ist() {
msg="$1"
share_point="$2"
mount_point="$3"
$ECHO_N "$msg"
mount_smbfs $share_point $mount_point > /dev/null 2>&1
[ $? -eq 0 ] && echo "done." || echo "failed."
}
date > $LOG_FILE
# Check osx version and if Snow Leopard or less don't use dfs
use_dfs=0
macversion=`sw_vers -productVersion | cut -d "." -f 2`
if [ $macversion -gt 6 ]; then use_dfs=1; fi
dfs_group="dfsgroup"
dfs_home="dfshome"
dfs_q="dfsq/$username"
# Cleanup
$ECHO_N 'Unmounting existing IST network shares ... ' &&
umount -h istsmb3.ist.local -t smbfs > /dev/null 2>&1 &&
umount -h istsmb3.ista.local -t smbfs > /dev/null 2>&1 &&
umount -h smb3.ista.local -t smbfs > /dev/null 2>&1 &&
umount -h archive3.ista.local -t smbfs > /dev/null 2>&1 &&
echo 'done.' ||
echo 'failed.'
$ECHO_N "Setting up the 'IST-Net-Shares' desktop folder ... "
# Create desktop folder holding links to mount points
if [ -d $IST_SHARES_FOLDER ]; then
# Remove old folders
find $IST_SHARES_FOLDER -iname .DS_Store -print -delete > /dev/null 2>&1
for f in `echo $IST_SHARES_FOLDER/Q/*`; do rmdir $f; unlink $f; done > /dev/null 2>&1
for f in `echo $IST_SHARES_FOLDER/*`; do rmdir $f; unlink $f; done > /dev/null 2>&1
fi
mkdir -p $IST_SHARES_FOLDER
echo 'done.'
open -g $IST_SHARES_FOLDER
#
# Main shares
#
[ ! -d $IST_SHARES_FOLDER/$username ] && mkdir $IST_SHARES_FOLDER/$username
[ ! -d $IST_SHARES_FOLDER/Idrive ] && mkdir $IST_SHARES_FOLDER/Idrive
if [ -f $HOME/.mount_staffdata -a ! -d $IST_SHARES_FOLDER/staffdata ]; then
mkdir -p $IST_SHARES_FOLDER/staffdata
fi
echo "Mounting IST-Net-Shares ... (please be patient)"
if [ -f $HOME/.mount_staffdata ]; then
mount_ist "Mounting staffdata ... " "//w1521030.ist.local/staffdata" "$IST_SHARES_FOLDER/staffdata"
fi
if [ $use_dfs -ne 0 ]; then
mount_ist "Mounting Idrive ... " //istsmb3.ist.local/Idrive $IST_SHARES_FOLDER/Idrive
mount_ist "Mounting $username home ... " "//istsmb3.ist.local/$dfs_home/$username" "$IST_SHARES_FOLDER/$username"
else
mount_ist "Mounting Idrive ... " "//istsmb3.ist.local/Idrive" "$IST_SHARES_FOLDER/Idrive"
mount_ist "Mounting $username home ... " "//istsmb3.ist.local/$username" "$IST_SHARES_FOLDER/$username"
fi
#
# Other shares: groups and archive
#
# Loop all the linux nis group the user belongs to
groups=`ldapsearch -LLL -x -h ldap.ista.local -b "ou=group,dc=ist,dc=ac,dc=at" memberUid=$username cn | grep cn: | cut -d " " -f 2`
for g in $groups
do
[ ! -d $IST_SHARES_FOLDER/$g ] && mkdir $IST_SHARES_FOLDER/$g
# Main group share
if [ $use_dfs -ne 0 ]; then
mount_ist "Mounting $g ... " "//istsmb3.ist.local/$dfs_group/$g" "$IST_SHARES_FOLDER/$g"
else
mount_ist "Mounting $g ... " "//istsmb3.ist.local/$g" "$IST_SHARES_FOLDER/$g"
fi
done
# User archive share
if [ $use_dfs -ne 0 ]; then
mkdir -p $IST_SHARES_FOLDER/Q
[ ! -d $IST_SHARES_FOLDER/Q/archive-$username ] && mkdir $IST_SHARES_FOLDER/Q/archive-$username
mount_ist "Mounting archive-$username ... " "//istsmb3.ist.local/$dfs_q/archive-$username" "$IST_SHARES_FOLDER/Q/archive-$username"
# Archive group share
for g in $groups; do
[ ! -d $IST_SHARES_FOLDER/Q/archive-$g ] && mkdir $IST_SHARES_FOLDER/Q/archive-$g
mount_ist "Mounting archive-$g ... " "//istsmb3.ist.local/${dfs_q}/archive-$g" "$IST_SHARES_FOLDER/Q/archive-$g"
done
fi
# Replace the imount script if it is not the current one
# curl -o $IMOUNT_COMMAND http://script.ista.local/mac/$IMOUNT > $LOG_FILE 2>&1
# chmod +x $IMOUNT_COMMAND
cd $HOME/.mac-scripts && git pull
rm "$DESKTOP/Mount IST Shares"
ln -s $HOME/.mac-scripts/mount-shares.command "$DESKTOP/Mount IST Shares"
sleep 2
......@@ -2,7 +2,22 @@
# Set up a fresh Macbook for IST. Run with sudo!
# run from /Users/Shared/mac-scripts
# note: slow login may be helped by putting IPs of domain controllers: DC1, W1521003, W1521007
echo "Are you running this with sudo? If not, cancel now..."
scriptdir="$HOME/.mac-scripts"
username=$SUDO_USER
echo "userhome is $HOME"
echo "scriptdir is $scriptdir"
echo "user is $SUDO_USER ... cancel if this isn't right..."
if [ $USER != "root" ]
then
echo "Must be run with Sudo!"
exit 1
fi
if [ `pwd` != $scriptdir ]
then
echo "Move this directory to $HOME/.mac-scripts and run from there."
exit 1
fi
function enter_yesno {
while true ; do
......@@ -17,18 +32,12 @@ function enter_yesno {
done
}
# make sure we are in ~/.mac-scripts
if [ ! `pwd` != /Users/$USER/.mac-scripts ]
then
mv `pwd` /Users/$USER/.mac-scripts
cd /Users/$USER/.mac-scripts
fi
# hostname = "USER INPUT"
read -p "Enter hostname (e.g. 'mnadmn001'): " hostname
# admuser = "USER INPUT"
read -p "Enter your adm username: " admuser
# username = "USER INPUT"
# read -p "Enter the username of the eventual user: " username
# change computer name
scutil --set HostName $hostname
......@@ -42,11 +51,15 @@ passwd root
systemsetup -setremotelogin on
echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
# install NoMAD and launch agent
installer -pkg NoMAD.pkg -target /
installer -pkg NoMAD-LaunchAgent.pkg -target /
# set scripts as executable
# chmod 755 mount-shares.command mac_install_printers.sh
# make link to disk mount on desktop
ln -s /Users/$USER/.mac-scripts/mount-shares.command "/Users/$USER/Desktop/Mount IST Shares"
# ln -s /Users/$username/.mac-scripts/mount-shares.command "/Users/$username/Desktop/Mount IST Shares"
# download, install browser certificates / istwlan cert
......@@ -94,9 +107,9 @@ then
fi
# if we copied openvpn files, remove
rm "/Users/$USER/openvpn-$USER.zip"
rm -rf "/Users/$USER/openvpn"
rm "/Users/$username/openvpn-$username.zip"
rm -rf "/Users/$username/openvpn"
# cleanup
history -c
rm /Users/$USER/.bash_history
rm /Users/$username/.bash_history
#!/bin/sh
# Set up a fresh Macbook for IST. Run with sudo!
# run from /Users/Shared/mac-scripts
# note: slow login may be helped by putting IPs of domain controllers: DC1, W1521003, W1521007
scriptdir="$HOME/.mac-scripts"
username=$SUDO_USER
echo "userhome is $HOME"
echo "scriptdir is $scriptdir"
echo "user is $SUDO_USER ... cancel if this isn't right..."
if [ $USER != "root" ]
then
echo "Must be run with Sudo!"
exit 1
fi
if [ `pwd` != $scriptdir ]
then
echo "Move this directory to $HOME/.mac-scripts and run from there."
exit 1
fi
function enter_yesno {
while true ; do
echo -n "${1} (Y/N)? " 1>&2
read -n 1 reply
echo
case "$reply" in
Y*|y*) return 0 ;;
N*|n*) return 1 ;;
esac
echo "Invalid input, try again ..." 1>&2
done
}
# hostname = "USER INPUT"
read -p "Enter hostname (e.g. 'mnadmn001'): " hostname
# admuser = "USER INPUT"
read -p "Enter your adm username: " admuser
# username = "USER INPUT"
# read -p "Enter the username of the eventual user: " username
# change computer name
scutil --set HostName $hostname
scutil --set LocalHostName $hostname
scutil --set ComputerName $hostname
# set root password to proper one
passwd root
# enable SSH
systemsetup -setremotelogin on
echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
# install NoMAD and launch agent
installer -pkg NoMAD.pkg -target /
installer -pkg NoMAD-LaunchAgent.pkg -target /
# set scripts as executable
# chmod 755 mount-shares.command mac_install_printers.sh
# make link to disk mount on desktop
# ln -s /Users/$username/.mac-scripts/mount-shares.command "/Users/$username/Desktop/Mount IST Shares"
# download, install browser certificates / istwlan cert
curl -O https://git.ist.ac.at/support/software/raw/master/IST.CA.CRT.pem
curl -O https://git.ist.ac.at/support/software/raw/master/IST-Austria-Root-CA01.crt
security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain IST-Austria-Root-CA01.crt
security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain IST.CA.CRT.pem
rm IST.CA.CRT.pem
rm IST-Austria-Root-CA01.crt
# download, install OCS
# waiting on Thomas to update this
# download, install Tunnelblick - install config files?
curl -O https://git.ist.ac.at/support/software/raw/master/Tunnelblick.app.zip
unzip Tunnelblick.app.zip > /dev/null
mv Tunnelblick.app /Applications
chown -R :wheel /Applications/Tunnelblick.app
rm Tunnelblick.app.zip
rm -rf __MACOSX
# download, install SeaFile
curl -O https://git.ist.ac.at/support/software/raw/master/Seafile.app.zip
unzip Seafile.app.zip > /dev/null
mv Seafile\ Client.app /Applications
chown -R :wheel /Applications/Seafile\ Client.app
rm Seafile.app.zip
# download, install MacPass
curl -O https://git.ist.ac.at/support/software/raw/master/MacPass.zip
unzip MacPass.zip > /dev/null
mv MacPass.app /Applications
chown -R :wheel /Applications/MacPass.app
rm MacPass.zip
# download printers, install
# when domain-joined adding printers is easy
if enter_yesno "Install printers?"
then
. ./mac_install_printers.sh
fi
if enter_yesno "Install common programs?"
then
. ./install-common-programs.sh
fi
# if we copied openvpn files, remove
rm "/Users/$username/openvpn-$username.zip"
rm -rf "/Users/$username/openvpn"
# cleanup
history -c
rm /Users/$username/.bash_history
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment