Patch repository creation for RHEL 8 and 9

[Shreya]

RHEL 8 and 9 ClientSide

#!/bin/bash

# Specify the values
ip_address=”192.168.2.50″
protocol=”https”
rhel_version=”8″

# Generate the repository configuration dynamically
repo_filename=”/etc/yum.repos.d/rhel${rhel_version}.repo”
cat <<EOL > “$repo_filename”
[RepoBaseOS]
name = rhel-${rhel_version}-for-x86_64-appstream-rpms
baseurl = ${protocol}://${ip_address}/baseOS
gpgcheck = 0
enabled = 1
priority = 1

[RepoAppStream]
name = rhel-${rhel_version}-for-x86_64-baseos-rpms
baseurl = ${protocol}://${ip_address}/AppStream
gpgcheck = 0
enabled = 1
priority = 1
EOL

echo -e “\033[32mRepository configuration has been created and written to $repo_filename \033[0m”

[Shreya]

RHEL_8 Manual

echo “#################################################################################################################”
echo -e “\033[1;31mChecking the reachability of primary URLs… Please be patient\033[0m”
echo “#################################################################################################################”

echo “Checking if RHEL is registered…”

redhat_release=”/etc/redhat-release”

if [ -e “$redhat_release” ] && grep -qi “Red Hat Enterprise Linux” “$redhat_release”; then
echo “RHEL is registered.”
else
echo “RHEL is not registered. Please register your system before proceeding.”
exit 1
fi

echo “”

echo “Checking the status of subscription-manager repositories…”

# Run subscription-manager repos –list and store the output in a variable
repo_list_output=$(sudo subscription-manager repos –list)

# Function to check if a repository is listed and print its status
check_repo() {
repo_name=$1
if [[ $repo_list_output =~ “$repo_name” ]]; then
echo “Repository $repo_name is listed.”
else
echo “Repository $repo_name is not listed.”
read -p “Do you want to continue? (y/n): ” choice
if [ “$choice” != “y” ]; then
echo “Exiting…”
exit 1
else
echo “Continuing without $repo_name…”
fi
fi
}

# Check repositories and print their status
check_repo “rhel-8-for-x86_64-baseos-rpms”
check_repo “rhel-8-for-x86_64-appstream-rpms”
echo “”
echo “”

echo “Checking reachability of primary URLs…”

URLS=(
“https://access.redhat.com&#8221;
“https://cdn.datatables.net&#8221;
“https://sso.redhat.com&#8221;
“https://access.cdn.redhat.com&#8221;
“https://static.redhat.com&#8221;
“https://www.redhat.com&#8221;
“https://cdn.jsdelivr.net&#8221;
“https://code.jquery.com/&#8221;
“https://dl.fedoraproject.org&#8221;
)

reachable_count=0
attempted_count=${#URLS[@]}
reachable=true

for url in “${URLS[@]}”; do
echo “Checking $url…”

# Check port 80 (HTTP)
curl -sI “$url” > /dev/null
http_status=$?

# Check port 443 (HTTPS)
curl -sI “$url” –insecure > /dev/null
https_status=$?

if [ $http_status -eq 0 ] || [ $https_status -eq 0 ]; then
echo “Reachable: $url”
((reachable_count++))
else
echo “Not Reachable: $url”
reachable=false
fi

echo “”
done

echo “Attempted: $attempted_count”
echo “Reachable: $reachable_count”

if [ “$reachable” = true ]; then

echo “”
echo -e “\033[1;32mPre-requisite Check Completed successfully. Script Execution will continue \033[0m”
echo “”
else
echo -e “\033[1;31mPre-requisite failure: do you still want to Proceed. Press Enter to proceed.\033[0m”
echo “”
read -r
fi

echo “#################################################################################################################”
echo -e “\033[1;31mStarted the RHEL 8 Repo Creation… Please be Patient\033[0m”
echo “#################################################################################################################”

echo “”
echo -e “\x1b[30;44m Downloading the Pre-Requistite tools and Applications \x1b[m”
echo “”
sudo yum check-update
sudo yum install -y wget
sudo yum install -y curl
sudo yum install -y openssh-server
sudo yum install -y net-tools
sudo yum install -y vim
sudo yum install -y cronie
sudo yum install -y tree

# Get OS version
os_version=$(cat /etc/redhat-release | cut -d’.’ -f1 | awk ‘{print $NF}’)

echo “”
# Print OS version with a full green line
echo -e “\e[32mThe OS version running on the device is: $os_version\e[0m”

# Additional logic for RHEL 8
if [ “$os_version” = “8” ]; then
echo -e “\e[32m”
echo “#############################################################################################”
echo ” RED_HAT 8 REPO Creation”
echo “#############################################################################################”
echo -e “\e[0m”
fi

################################################# NGINX ######################################################################################

echo -e “\x1b[30;44m Installing Nginx HTTP server\x1b[m”

echo “”
echo -e “Do you want to have the EPEL (Extra Packages for Enterprise Linux)? Below are the advantages and disadvantages of having it:”
echo “”
echo -e “\e[32mAdvantages:\e[0m”
echo “- Provides additional community-supported packages not included in the default RHEL repositories.”
echo “- Expands software options for users.”

echo “”
echo -e “\e[31mDisadvantages:\e[0m”
echo “- Community-supported packages may not have the same level of testing and support as official RHEL packages.”
echo “- Security and stability depend on the community’s maintenance and updates.”
echo “”
echo “”
read -p “Do you want to download and install the EPEL_release package? (y/n): ” proceed_epel
if [ “$proceed_epel” == “y” ]; then
echo -e “\e[32mDownloading and installing the EPEL_release package…\e[0m\n”
sudo yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
sudo yum install -y epel-release
echo -e “\e[32mEPEL (Extra Packages for Enterprise Linux) in RHEL (Red Hat Enterprise Linux) provides additional community-supported packages not included in the default RHEL repositories, expanding software options for users.\e[0m\n”
fi

echo “”
echo -e “\e[32mInstalling Nginx WebServer\e[0m”
echo “”
# Proceo d with Nginx installation regardless of the EPEL installation status
sudo yum install -y nginx
if [ $? -ne 0 ]; then
echo -e “\033[1;31mInstallation Failed\033[0m\n”
read -p “Do you want to proceed with the installation of Nginx? (y/n): ” proceed_nginx
if [ “$proceed_nginx” != “y” ]; then
echo “Exiting…”
exit 1
fi
fi

echo -e “\e[32mInstallation Completed\e[0m”

####################################################################################################################################

echo “”

echo -e “\x1b[30;44m Starting the Nginx and Enabling the Application \x1b[m”
sudo systemctl start nginx
sudo systemctl enable nginx

if [ $? -ne 0 ]; then
echo -e “\033[1;31mFailed to start Nginx or enable the service\033[0m\n”
read -p “Do you want to proceed? (y/n): ” proceed
if [ “$proceed” != “y” ]; then
echo “Exiting…”
exit 1
fi
fi

echo “”
echo -e “\e[32mEnabling the Nginx Completed\e[0m”
echo “”

echo -e “\x1b[30;44m Checking the Nginx service status \x1b[m”
STATUS=”$(systemctl is-active nginx)”

if [ “${STATUS}” != “active” ]; then
echo “Nginx service is not running.”
read -p “Do you want to proceed? (y/n): ” PROCEED

if [ “${PROCEED}” != “y” ]; then
echo “Exiting…”
exit 1
fi
else

echo -e “\e[32mNginx service is running……..\e[0m”
fi

echo “”

echo -e “\x1b[30;44m Handling the Firewall rules to permit inbound packets on HTTP and HTTPS \x1b[m”

echo “”

echo “Handling the Firewall Settings and performing actions on unmask,starting and enable firewalld”

 

# Function to check if a command was successful
check_command_status() {
if [ $? -eq 0 ]; then
echo “Command successful.”
else
echo “Command failed.”
read -p “Do you want to continue? (y/n): ” choice
if [ “$choice” != “y” ]; then
echo “Exiting.”
exit 1
fi
fi
}

# Unmask firewalld
sudo systemctl unmask firewalld
check_command_status

# Start firewalld
sudo systemctl start firewalld
check_command_status

# Enable firewalld
sudo systemctl enable firewalld
check_command_status

echo “”

echo “All commands executed successfully.”

echo “”

echo “Allow web traffic over HTTP in Firewall”
sudo firewall-cmd –zone=public –permanent –add-service=http
echo “Allow web traffic over HTTPS in Firewall”
sudo firewall-cmd –zone=public –permanent –add-service=https
sudo firewall-cmd –permanent –add-port={80/tcp,443/tcp}
echo “Reloading Firewall Configuration”
sudo firewall-cmd –reload
if [ $? -ne 0 ]; then
echo -e “\033[1;31mFailed to configure the firewall\033[0m\n”
read -p “Do you want to proceed? (y/n): ” proceed
if [ “$proceed” != “y” ]; then
echo “Exiting…”
exit 1
fi
fi
echo “”

echo -e “\e[32mFirewall Configuration done\e[0m”

echo “”

#######################################################################################################################################

#To check if the Nginx is setup fine

ip_address=$(ip addr show $(ip route | awk ‘/default/ { print $5 }’) | grep “inet” | head -n 1 | awk ‘/inet/ {print $2}’ | cut -d’/’ -f1)
# Check if the input is a valid IPv4 address
if [[ $ip_address =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
# If valid, append http:// and print the result
http_ip=”http://$ip_address/&#8221;
echo -e “\033[1;32mPlease access the URL to check if the Nginx is setup fine: $http_ip\033[0m\n”
else
echo “Invalid IP address format!”
fi

echo “Pausing the script until you check the Nginx is up and running.”
# Pause until the user presses Enter
read -p “Press Enter to continue…”
read -p “Press Enter to continue…”

echo “”
echo “”

echo “Checking if there are any outdated folder in the /var/cache/dnf/rhel-8-for-x86_64- folders.”

## Deleting Folder /var/cache/dnf/rhel-8-for-x86_64-appstream-rpms-*

# Specify the directory
directory=”/var/cache/dnf/”
# Get today’s date in the format YYYY-MM-DD
today=$(date “+%Y-%m-%d”)

# Print the current directory structure in green
echo -e “\e[32mCurrent Directory Structure:\e[0m”
tree “$directory”

echo “Renaming folders named ‘rhel-8-for-x86_64’ to ‘Backup_duplicate_rhel-8’ created before $today in $directory”
# Use find to locate and rename folders
found_folders=$(find “$directory” -type d -name “rhel-8-for-x86_64” ! -newermt “$today”)

if [ -n “$found_folders” ]; then
echo -e “\e[32mFound matching folders:\e[0m”
echo “$found_folders”

# Rename the folders
echo “$found_folders” | xargs -I {} mv {} {}/Backup_duplicate_rhel-8

echo -e “\e[32mRenaming complete.\e[0m”
else
echo “No duplicate copies found.”
fi

########################################################### Yum Utils #################################################################################
echo “”

echo -e “\x1b[30;44mInstalling the required packages for creating repo \x1b[m”
echo “”
if sudo yum install -y yum-utils createrepo httpd; then
echo -e “\e[32mUpdates done \e[0m”
else
echo “Failed to install required packages. Do you want to proceed to the next step? (y/n)”
read choice
if [ “$choice” != “y” ]; then
exit 1
fi
fi

echo “”

echo -e “\x1b[30;44mCreating directories /var/www/html/rhel8/baseOS and /var/www/html/rhel8/AppStream \x1b[m”
echo “”

# Default directory paths
baseOS_dir=”/var/www/html/rhel8/baseOS”
AppStream_dir=”/var/www/html/rhel8/AppStream”

read -e -p “1. Do you wish to go with the default folder creation under $baseOS_dir and $AppStream_dir? (y/n): ” use_default
echo “”
if [ “$use_default” == “n” ]; then
read -e -p “2. Please enter the directory path for baseOS (hit Enter for default $baseOS_dir): ” custom_baseOS_dir
echo “”
read -e -p ” Please enter the directory path for AppStream (hit Enter for default $AppStream_dir): ” custom_AppStream_dir

echo “”
# Set directory paths based on user input or use defaults
baseOS_dir=${custom_baseOS_dir:-$baseOS_dir}
AppStream_dir=${custom_AppStream_dir:-$AppStream_dir}
fi

echo “”
# Create directories
if mkdir -p “$baseOS_dir” && \
mkdir -p “$AppStream_dir”; then
echo “$baseOS_dir”
echo “$AppStream_dir”
echo -e “\e[32mDirectories created successfully \e[0m”
else
echo “Failed to create directories. Do you want to proceed to the next step? (y/n)”
read choice
if [ “$choice” != “y” ]; then
exit 1
fi
fi

echo “”

echo -e “\x1b[30;44mEnabling the required Repos \x1b[m”
echo “”

# Enable repositories
sudo subscription-manager repos –enable=rhel-8-for-x86_64-baseos-rpms
sudo subscription-manager repos –enable=rhel-8-for-x86_64-appstream-rpms

echo “”

read -p “If the Repos are Enabled. Press Enter to continue… if not Ctrl + c to exit ”
echo “”
echo -e “\e[32mEnabled the Repos successfully \e[0m”
read -p “Press Enter to continue…”

echo “”

echo -e “\x1b[30;44mConfiguring the reposync to synchronize RHEL8\x1b[m”
echo “”
if reposync -p “$baseOS_dir” –download-metadata –repo=rhel-8-for-x86_64-baseos-rpms && \
reposync -p “$AppStream_dir” –download-metadata –repo=rhel-8-for-x86_64-appstream-rpms; then
echo -e “\033[1;31mSynchronization done \033[0m\n”
else
echo “Failed to synchronize repositories. Do you want to proceed to the next step? (y/n)”
read choice
if [ “$choice” != “y” ]; then
exit 1
fi
fi
echo -e “\e[32mReposync completed successfully \e[0m”

echo “”

echo -e “\x1b[30;44mCreate Repodata for each repo\x1b[m”
if createrepo -v “$baseOS_dir” && \
createrepo -v “$AppStream_dir”; then
echo -e “\e[32mCreated Repodata successfully \e[0m”
else
echo “Failed to create Repodata. Do you want to proceed to the next step? (y/n)”
read choice
if [ “$choice” != “y” ]; then
exit 1
fi
fi

########################################################### Yum Utils #################################################################################
read -p “Press Enter to continue…”
read -p “Press Enter to continue…”

 

echo “”
echo -e “\x1b[30;44mConfiguring the updateinfo.xml file for RHEL repo\x1b[m”
# Add your commands for configuring updateinfo.xml here
#FOR AppStream Repo:

 

# Function to prompt for continuation
prompt_continue() {
read -p “Do you want to continue to the next step? (y/n): ” choice
if [ “$choice” != “y” ]; then
exit 1
fi
}

# Function to print in green color
print_green() {
echo -e “\e[32m$1\e[0m”
}

# Function to print in red color
print_red() {
echo -e “\e[31m$1\e[0m”
}

# For AppStream Repo:

# Directory containing the gzipped files
appstream_directory=”$AppStream_dir/repodata/”
cache_directory_pattern=”/var/cache/dnf/rhel-8-for-x86_64-appstream-rpms-*/repodata/”

echo “”
echo “Deleting files with ‘updateinfo’ in the name in $appstream_directory”

# Use rm to delete files
if rm -f “$appstream_directory”*updateinfo*; then
echo “Deletion complete.”
echo “”
else
echo “Failed to delete files. Please check permissions or try again.”
prompt_continue
fi

# Find directories matching the pattern and iterate through them
for cache_directory in $cache_directory_pattern; do
# Check if files exist before proceeding
updateinfo_files=(“$cache_directory”*-updateinfo.xml.gz)
if [ ${#updateinfo_files[@]} -eq 0 ]; then
print_red “No files matching ‘*-updateinfo.xml.gz’ found in $cache_directory.”
continue
fi

echo “”
# List files and prompt to proceed
print_green “The following files were found in $cache_directory:”
ls “$cache_directory”*-updateinfo.xml.gz

prompt_continue

# Use a loop to copy files one by one
for file in “${updateinfo_files[@]}”; do
echo “Copying file: $file”
if cp “$file” “$appstream_directory”; then
echo “Copy successful.”
else
echo “Failed to copy file. Please check permissions or try again.”
prompt_continue
fi
done
done

echo “$PWD”

# Decompress and modify repository metadata
echo “Decompressing files with ‘-updateinfo.xml.gz’ in the name in $appstream_directory”

# Use gzip to decompress files
if gzip -d “$appstream_directory”*-updateinfo.xml.gz; then
echo “Decompression successful.”
else
echo “Failed to decompress files. Please check permissions or try again.”
prompt_continue
fi

echo “Renaming decompressed files to ‘updateinfo.xml'”

# Use mv to rename files
if mv “$appstream_directory”*-updateinfo.xml “$appstream_directory”updateinfo.xml; then
echo “Rename successful.”
else
echo “Failed to rename files. Please check permissions or try again.”
prompt_continue
fi

echo “Modifying repository metadata”

# Use modifyrepo to modify repository metadata
if modifyrepo “$appstream_directory”updateinfo.xml “$appstream_directory”; then
echo “Modification successful.”
else
echo “Failed to modify repository metadata. Please check permissions or try again.”
prompt_continue
fi

echo -e “\e[32mAll steps for AppStream Repo completed successfully. \e[0m”

echo “”

# For BaseOS Repo:

# Directory containing the gzipped files
baseos_directory=”$baseOS_dir/repodata/”
cache_directory_pattern=”/var/cache/dnf/rhel-8-for-x86_64-baseos-rpms-*/repodata/”

echo “Deleting files with ‘-updateinfo’ in the name in $baseos_directory”

# Use rm to delete files
if rm -f “$baseos_directory”*updateinfo*; then
echo “”
echo “Deletion successful.”
else
echo “Failed to delete files. Please check permissions or try again.”
exit 1
fi

# Find directories matching the pattern and iterate through them
for cache_directory in $cache_directory_pattern; do
# Check if files exist before proceeding
updateinfo_files=(“$cache_directory”*-updateinfo.xml.gz)
if [ ${#updateinfo_files[@]} -eq 0 ]; then
print_red “No files matching ‘*-updateinfo.xml.gz’ found in $cache_directory.”
continue
fi
echo “”
# List files and prompt to proceed
print_green “The following files were found in $cache_directory:”
ls “$cache_directory”*-updateinfo.xml.gz

prompt_continue

# Use a loop to copy files one by one
for file in “${updateinfo_files[@]}”; do
echo “Copying file: $file”
if cp “$file” “$baseos_directory”; then
echo “Copy successful.”
else
echo “Failed to copy files. Please check permissions or try again.”
exit 1
fi
done
done

echo “$PWD”

# Decompress and modify repository metadata
echo “Decompressing files with ‘-updateinfo.xml.gz’ in the name in $baseos_directory”

# Use gzip to decompress files
if gzip -d “$baseos_directory”*-updateinfo.xml.gz; then
echo “Decompression successful.”
else
echo “Failed to decompress files. Please check permissions or try again.”
exit 1
fi

echo “Renaming decompressed files to ‘updateinfo.xml'”

# Use mv to rename files
if mv “$baseos_directory”*-updateinfo.xml “$baseos_directory”updateinfo.xml; then
echo “Rename successful.”
else
echo “Failed to rename files. Please check permissions or try again.”
exit 1
fi

echo “Modifying repository metadata”

# Use modifyrepo to modify repository metadata
if modifyrepo “$baseos_directory”updateinfo.xml “$baseos_directory”; then
echo “Modification successful.”
else
echo “Failed to modify repository metadata. Please check permissions or try again.”
exit 1
fi

echo -e “\e[32mAll steps for BaseOS Repo completed successfully. \e[0m”

echo “”

#############################################################################
#mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak2023
#echo -e “\033[1;31m################################ Creating Certificates Folder /etc/nginx/ssl #############################################\033[0m\n”

echo -e “\e[32m################################ Creating Certificates Folder /etc/nginx/ssl ############################################# \e[0m”

################################ Creating Certificates Folder /etc/nginx/ssl #############################################
echo “”
echo -e “\x1b[30;44mCreating directories /etc/nginx/ssl \x1b[m”
ssl_dir=”/etc/nginx/ssl”

if mkdir -p “$ssl_dir”; then
echo “$ssl_dir”
echo -e “\e[32mDirectory created successfully \e[0m”

else
echo “Failed to create the directory. Do you want to proceed to the next step? (y/n)”
read choice
if [ “$choice” != “y” ]; then
exit 1
fi
fi

echo “”
#echo -e “\033[1;31m################################ Creating SSL Certificates using openssl #############################################\033[0m\n”
echo -e “\e[32m################################ Creating SSL Certificates using openssl ############################################# \e[0m”
################################ Creating SSL Certificates using openssl #############################################

# Function to extract the primary IPv4 address
get_primary_ipv4() {
ip route | awk ‘/default/ { print $5 }’ | xargs -I {} ip addr show {} | awk ‘/inet/ {print $2}’ | cut -d’/’ -f1 | head -n 1
}

# Function to check if the input is a valid IPv4 address
is_valid_ipv4() {
local ip=”$1″
if [[ $ip =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo “true”
else
echo “false”
fi
}

# Main script
ip_address=$(get_primary_ipv4)

# Check if the input is a valid IPv4 address
if [[ $(is_valid_ipv4 “$ip_address”) == “true” ]]; then
# If valid, append http:// and print the result
http_ip=”$ip_address”
echo “Using IP address: $http_ip”

# Set default values for certificate information
country=”IN”
state=”State”
locality=”City”
organization=”Organization”
organizational_unit=”Organization”
common_name=”$http_ip”
email=”Organization”

# Generate a self-signed certificate using OpenSSL with default values
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-keyout /etc/nginx/ssl/repo.key -out /etc/nginx/ssl/repo.crt \
-subj “/C=$country/ST=$state/L=$locality/O=$organization/OU=$organizational_unit/CN=$common_name/emailAddress=$email”

echo “SSL certificate generated successfully.”
else
echo “Error: Invalid IPv4 address.”
fi

######################################################################

 

echo -e “\e[32mConfiguration done successfully \e[0m”

echo “”

echo -e “\e[32m################################ Handling the WebServer Configuration and the Defualt WebServer path ############################################ \e[0m”

echo “”
# Default web server path
default_web_server_path=”/var/www/html/rhel8″

# Prompt the user to choose between default and custom paths
read -e -p “Choose an option:

1. Use the default web server path ($default_web_server_path)
2. Specify a custom path for package downloads

Enter ‘1’ to use the default path or ‘2’ to specify a custom path: ” user_choice

echo “”
# Set the root path based on the user’s choice
root_path=””
if [ “$user_choice” == “2” ]; then
read -e -p “Enter the custom root path: ” custom_root_path
root_path=${custom_root_path:-$default_web_server_path}
else
root_path=$default_web_server_path
fi

# Get the IP address
ip_address=$(ip addr show $(ip route | awk ‘/default/ { print $5 }’) | grep “inet” | head -n 1 | awk ‘/inet/ {print $2}’ | cut -d’/’ -f1)

# Check if the input is a valid IPv4 address
if [[ $ip_address =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
# If valid, append http:// and print the result
http_ip=”$ip_address”

nginx_config=”server {
listen 80;
server_name $http_ip;
root $root_path;

location / {
index index.php index.html index.htm;
autoindex on; #enable listing of directory index

return 301 https://\$server_name\$request_uri;
}
}

server {
listen 443 ssl;
server_name $http_ip; #change test.lab to your real domain or IP address
root $root_path;
ssl_certificate /etc/nginx/ssl/repo.crt;
ssl_certificate_key /etc/nginx/ssl/repo.key;
location / {
index index.php index.html index.htm;
autoindex on; #enable listing of directory index
}
}”

# Write the configuration to the file
echo “$nginx_config” | sudo tee -a /etc/nginx/conf.d/repos.conf > /dev/null

# Check if the file was successfully written
if [[ -s “/etc/nginx/conf.d/repos.conf” ]]; then
echo -e “Configuration written successfully. Configuration file: /etc/nginx/conf.d/repos.conf ”
else
echo -e “\e[31mError: Failed to write the configuration. \e[0m”
fi
else
echo “Invalid IP address format!”
fi

echo “”

echo “”

echo -e “\e[32m################################ Checking the Nginx Conf Settings ############################################# \e[0m”

echo “”
# Continue validation until nginx -t is successful
while true; do
if nginx -t; then
echo “”
echo -e “\e[32mNginx configuration test successful. \e[0m”
break
else
echo -e “\e[31mError: Nginx configuration test failed. \e[0m”
echo “Verify the configuration located at /etc/nginx/conf.d/repos.conf.”
read -p “If you corrected the script, press Enter to recheck. Otherwise, press Ctrl+C to exit.”
fi
done

echo “”

read -p “Press Enter to continue…”

read -p “Press Enter to continue…”

echo “”

#echo -e “\e[32m##################### Since we are using the default file-system location for web content, we are restoring the default SELinux security contexts with restorecon ####################### \e[0m”

echo -e “\e[32m##################### Restoring the default SELinux security contexts with restorecon ####################### \e[0m”

echo “”
# Default web server path
default_web_server_path=”/var/www/html/”

# Prompt the user to choose between default and custom paths
read -e -p “Choose an option:

1. Use the default path ($default_web_server_path)
2. Specify a custom path for SELinux security contexts restoration

Enter ‘1’ to use the default path or ‘2’ to specify a custom path: ” user_choice

echo “”
# Set the path based on the user’s choice
path_for_restorecon=””
if [ “$user_choice” == “2” ]; then
read -e -p “Enter the custom path for restorecon (hit Enter for default $default_web_server_path): ” custom_restorecon_path
path_for_restorecon=${custom_restorecon_path:-$default_web_server_path}
else
path_for_restorecon=$default_web_server_path
fi

# Attempt to restore SELinux security contexts
sudo restorecon -R “$path_for_restorecon”

# Check the exit status of the restorecon command
if [ $? -eq 0 ]; then
echo “”
echo -e “SELinux security contexts restored successfully.”

# Add the chcon command here
echo -e “\n\e[32m##################### Setting additional SELinux security contexts with chcon ####################### \e[0m”
chcon -Rt httpd_sys_content_t “$path_for_restorecon”
echo -e “Additional SELinux security contexts set successfully.”

else
echo -e “\e[31mError: Failed to restore SELinux security contexts. \e[0m”
fi

echo “”

echo -e “\e[32m############################################################################################################### \e[0m”

read -p “Press Enter to continue…”
echo -e “\e[32m############################################################################################################### \e[0m”

echo “”
echo -e “\x1b[30;44mRestarting the Nginx\x1b[m”
echo “”
systemctl restart nginx
STATUS=”$(systemctl is-active nginx)”
if [ “${STATUS}” = “active” ]; then
echo -e “\e[32mNginx service is running…… \e[0m”
else
echo ” Nginx service is not running…. so exiting ”
exit 1
fi
echo “”
echo -e “\e[32m############################################################################################################### \e[0m”

ip_address=$(ip addr show $(ip route | awk ‘/default/ { print $5 }’) | grep “inet” | head -n 1 | awk ‘/inet/ {print $2}’ | cut -d’/’ -f1)
# Check if the input is a valid IPv4 address
if [[ $ip_address =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
# If valid, append http:// and print the result
http_ip=”http://$ip_address/&#8221;
echo “”
echo -e “\033[1;33mPlease access the URL to check if the Nginx is set up fine and files are visible: $http_ip/baseOS\033[0m\n”

else
echo “Invalid IP address format!”
fi

echo “”

echo -e “\033[32m################################ Creating the Daily Sync Cron Job ############################################# \033[0m”

echo “”

log_file=”/var/log/update-repository.log”

echo “echo Update script started at \$(date) >> /var/log/update-repository.log
reposync -p $baseOS_dir –download-metadata –repo=rhel-8-for-x86_64-baseos-rpms
createrepo -v $baseOS_dir
reposync -p $AppStream_dir –download-metadata –repo=rhel-8-for-x86_64-appstream-rpms
createrepo -v $AppStream_dir

rm -rf $AppStream_dir/repodata/*updateinfo* >> /var/log/update-repository.log 2>&1
cp /var/cache/dnf/rhel-8-for-x86_64-appstream-rpms-*/repodata/*-updateinfo.xml.gz $AppStream_dir/repodata/ >> /var/log/update-repository.log 2>&1
gzip -d $AppStream_dir/repodata/*-updateinfo.xml.gz >> /var/log/update-repository.log 2>&1
mv $AppStream_dir/repodata/*-updateinfo.xml $AppStream_dir/repodata/updateinfo.xml >> /var/log/update-repository.log 2>&1
modifyrepo $AppStream_dir/repodata/updateinfo.xml $AppStream_dir/repodata/ >> /var/log/update-repository.log 2>&1

rm -rf $baseOS_dir/repodata/*updateinfo* >> /var/log/update-repository.log 2>&1
cp /var/cache/dnf/rhel-8-for-x86_64-baseos-rpms-*/repodata/*-updateinfo.xml.gz $baseOS_dir/repodata/ >> /var/log/update-repository.log 2>&1
gzip -d $baseOS_dir/repodata/*-updateinfo.xml.gz >> /var/log/update-repository.log 2>&1
mv $baseOS_dir/repodata/*-updateinfo.xml $baseOS_dir/repodata/updateinfo.xml >> /var/log/update-repository.log 2>&1
modifyrepo $baseOS_dir/repodata/updateinfo.xml $baseOS_dir/repodata/ >> /var/log/update-repository.log 2>&1
echo Update script ended at \$(date) >> /var/log/update-repository.log 2>&1” >> “/usr/local/bin/rhel8_updaterepository.sh”

if [ -e “/usr/local/bin/rhel8_updaterepository.sh” ]; then
echo -e “\033[32mScript successfully created. Listing contents:\033[0m”
echo “”
ls -ltra “/usr/local/bin/rhel8_updaterepository.sh”

echo “”
cat “/usr/local/bin/rhel8_updaterepository.sh”
chmod +x “/usr/local/bin/rhel8_updaterepository.sh”
echo “”
echo -e “\033[32mExecution permission set.\033[0m”

echo “”
read -p “Press Enter if you find the script is updated correctly…”
read -p “Press Enter to continue…”
# Create cron job to run at night (replace “0 0” with your desired time)
echo “0 23 * * * /usr/local/bin/rhel8_updaterepository.sh >> /var/log/update-repository.log” | crontab –

echo -e “\033[32mCron jobs created successfully.\033[0m”
else
echo -e “\033[31mError: Script creation failed.\033[0m”
fi
echo “”

echo -e “\e[32m############################################################################################################### \e[0m”
echo “”
echo -e “\e[1;32m +-+-+-+-+ +-+ +-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+
|R|H|E|L| |8| |R|e|p|o| |S|u|c|c|e|s|s|f|u|l|l|y| |C|r|e|a|t|e|d|
+-+-+-+-+ +-+ +-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+ 😊\e[0m”

echo “”
echo -e “\e[32m############################################################################################################### \e[0m”
echo “”

[Shreya]

RHEL_9 Manual

echo “#################################################################################################################”
echo -e “\033[1;31mChecking the reachability of primary URLs… Please be patient\033[0m”
echo “#################################################################################################################”

echo “Checking if RHEL is registered…”

redhat_release=”/etc/redhat-release”

if [ -e “$redhat_release” ] && grep -qi “Red Hat Enterprise Linux” “$redhat_release”; then
echo “RHEL is registered.”
else
echo “RHEL is not registered. Please register your system before proceeding.”
exit 1
fi

echo “”

echo “Checking the status of subscription-manager repositories…”

# Run subscription-manager repos –list and store the output in a variable
repo_list_output=$(sudo subscription-manager repos –list)

# Function to check if a repository is listed and print its status
check_repo() {
repo_name=$1
if [[ $repo_list_output =~ “$repo_name” ]]; then
echo “Repository $repo_name is listed.”
else
echo “Repository $repo_name is not listed.”
read -p “Do you want to continue? (y/n): ” choice
if [ “$choice” != “y” ]; then
echo “Exiting…”
exit 1
else
echo “Continuing without $repo_name…”
fi
fi
}

# Check repositories and print their status
check_repo “rhel-9-for-x86_64-baseos-rpms”
check_repo “rhel-9-for-x86_64-appstream-rpms”
echo “”
echo “”

echo “Checking reachability of primary URLs…”

URLS=(
“https://access.redhat.com&#8221;
“https://cdn.datatables.net&#8221;
“https://sso.redhat.com&#8221;
“https://access.cdn.redhat.com&#8221;
“https://static.redhat.com&#8221;
“https://www.redhat.com&#8221;
“https://cdn.jsdelivr.net&#8221;
“https://code.jquery.com/&#8221;
“https://dl.fedoraproject.org&#8221;
)

reachable_count=0
attempted_count=${#URLS[@]}
reachable=true

for url in “${URLS[@]}”; do
echo “Checking $url…”

# Check port 80 (HTTP)
curl -sI “$url” > /dev/null
http_status=$?

# Check port 443 (HTTPS)
curl -sI “$url” –insecure > /dev/null
https_status=$?

if [ $http_status -eq 0 ] || [ $https_status -eq 0 ]; then
echo “Reachable: $url”
((reachable_count++))
else
echo “Not Reachable: $url”
reachable=false
fi

echo “”
done

echo “Attempted: $attempted_count”
echo “Reachable: $reachable_count”

if [ “$reachable” = true ]; then

echo “”
echo -e “\033[1;32mPre-requisite Check Completed successfully. Script Execution will continue \033[0m”
echo “”
else
echo -e “\033[1;31mPre-requisite failure: do you still want to Proceed. Press Enter to proceed.\033[0m”
echo “”
read -r
fi

echo “#################################################################################################################”
echo -e “\033[1;31mStarted the RHEL 9 Repo Creation… Please be Patient\033[0m”
echo “#################################################################################################################”

echo “”
echo -e “\x1b[30;44m Downloading the Pre-Requistite tools and Applications \x1b[m”
echo “”
sudo yum check-update
sudo yum install -y wget
sudo yum install -y curl
sudo yum install -y openssh-server
sudo yum install -y net-tools
sudo yum install -y vim
sudo yum install -y cronie
sudo yum install -y tree

# Get OS version
os_version=$(cat /etc/redhat-release | cut -d’.’ -f1 | awk ‘{print $NF}’)

echo “”
# Print OS version with a full green line
echo -e “\e[32mThe OS version running on the device is: $os_version\e[0m”

# Additional logic for RHEL 9
if [ “$os_version” = “9” ]; then
echo -e “\e[32m”
echo “#############################################################################################”
echo ” RED_HAT 9 REPO Creation”
echo “#############################################################################################”
echo -e “\e[0m”
fi

################################################# NGINX ######################################################################################

echo -e “\x1b[30;44m Installing Nginx HTTP server\x1b[m”

echo “”
echo -e “Do you want to have the EPEL (Extra Packages for Enterprise Linux)? Below are the advantages and disadvantages of having it:”
echo “”
echo -e “\e[32mAdvantages:\e[0m”
echo “- Provides additional community-supported packages not included in the default RHEL repositories.”
echo “- Expands software options for users.”

echo “”
echo -e “\e[31mDisadvantages:\e[0m”
echo “- Community-supported packages may not have the same level of testing and support as official RHEL packages.”
echo “- Security and stability depend on the community’s maintenance and updates.”
echo “”
echo “”
read -p “Do you want to download and install the EPEL_release package? (y/n): ” proceed_epel
if [ “$proceed_epel” == “y” ]; then
echo -e “\e[32mDownloading and installing the EPEL_release package…\e[0m\n”
sudo yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
sudo yum install -y epel-release
echo -e “\e[32mEPEL (Extra Packages for Enterprise Linux) in RHEL (Red Hat Enterprise Linux) provides additional community-supported packages not included in the default RHEL repositories, expanding software options for users.\e[0m\n”
fi

echo “”
echo -e “\e[32mInstalling Nginx WebServer\e[0m”
echo “”
# Proceo d with Nginx installation regardless of the EPEL installation status
sudo yum install -y nginx
if [ $? -ne 0 ]; then
echo -e “\033[1;31mInstallation Failed\033[0m\n”
read -p “Do you want to proceed with the installation of Nginx? (y/n): ” proceed_nginx
if [ “$proceed_nginx” != “y” ]; then
echo “Exiting…”
exit 1
fi
fi

echo -e “\e[32mInstallation Completed\e[0m”

####################################################################################################################################

echo “”

echo -e “\x1b[30;44m Starting the Nginx and Enabling the Application \x1b[m”
sudo systemctl start nginx
sudo systemctl enable nginx

if [ $? -ne 0 ]; then
echo -e “\033[1;31mFailed to start Nginx or enable the service\033[0m\n”
read -p “Do you want to proceed? (y/n): ” proceed
if [ “$proceed” != “y” ]; then
echo “Exiting…”
exit 1
fi
fi

echo “”
echo -e “\e[32mEnabling the Nginx Completed\e[0m”
echo “”

echo -e “\x1b[30;44m Checking the Nginx service status \x1b[m”
STATUS=”$(systemctl is-active nginx)”

if [ “${STATUS}” != “active” ]; then
echo “Nginx service is not running.”
read -p “Do you want to proceed? (y/n): ” PROCEED

if [ “${PROCEED}” != “y” ]; then
echo “Exiting…”
exit 1
fi
else

echo -e “\e[32mNginx service is running……..\e[0m”
fi

echo “”

echo -e “\x1b[30;44m Handling the Firewall rules to permit inbound packets on HTTP and HTTPS \x1b[m”

echo “”

echo “Handling the Firewall Settings and performing actions on unmask,starting and enable firewalld”

 

# Function to check if a command was successful
check_command_status() {
if [ $? -eq 0 ]; then
echo “Command successful.”
else
echo “Command failed.”
read -p “Do you want to continue? (y/n): ” choice
if [ “$choice” != “y” ]; then
echo “Exiting.”
exit 1
fi
fi
}

# Unmask firewalld
sudo systemctl unmask firewalld
check_command_status

# Start firewalld
sudo systemctl start firewalld
check_command_status

# Enable firewalld
sudo systemctl enable firewalld
check_command_status

echo “”

echo “All commands executed successfully.”

echo “”

echo “Allow web traffic over HTTP in Firewall”
sudo firewall-cmd –zone=public –permanent –add-service=http
echo “Allow web traffic over HTTPS in Firewall”
sudo firewall-cmd –zone=public –permanent –add-service=https
sudo firewall-cmd –permanent –add-port={80/tcp,443/tcp}
echo “Reloading Firewall Configuration”
sudo firewall-cmd –reload
if [ $? -ne 0 ]; then
echo -e “\033[1;31mFailed to configure the firewall\033[0m\n”
read -p “Do you want to proceed? (y/n): ” proceed
if [ “$proceed” != “y” ]; then
echo “Exiting…”
exit 1
fi
fi
echo “”

echo -e “\e[32mFirewall Configuration done\e[0m”

echo “”

#######################################################################################################################################

#To check if the Nginx is setup fine

ip_address=$(ip addr show $(ip route | awk ‘/default/ { print $5 }’) | grep “inet” | head -n 1 | awk ‘/inet/ {print $2}’ | cut -d’/’ -f1)
# Check if the input is a valid IPv4 address
if [[ $ip_address =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
# If valid, append http:// and print the result
http_ip=”http://$ip_address/&#8221;
echo -e “\033[1;32mPlease access the URL to check if the Nginx is setup fine: $http_ip\033[0m\n”
else
echo “Invalid IP address format!”
fi

echo “Pausing the script until you check the Nginx is up and running.”
# Pause until the user presses Enter
read -p “Press Enter to continue…”
read -p “Press Enter to continue…”

echo “”
echo “”

echo “Checking if there are any outdated folder in the /var/cache/dnf/rhel-9-for-x86_64- folders.”

## Deleting Folder /var/cache/dnf/rhel-9-for-x86_64-appstream-rpms-*

# Specify the directory
directory=”/var/cache/dnf/”
# Get today’s date in the format YYYY-MM-DD
today=$(date “+%Y-%m-%d”)

# Print the current directory structure in green
echo -e “\e[32mCurrent Directory Structure:\e[0m”
tree “$directory”

echo “Renaming folders named ‘rhel-9-for-x86_64’ to ‘Backup_duplicate_rhel-9’ created before $today in $directory”
# Use find to locate and rename folders
found_folders=$(find “$directory” -type d -name “rhel-9-for-x86_64” ! -newermt “$today”)

if [ -n “$found_folders” ]; then
echo -e “\e[32mFound matching folders:\e[0m”
echo “$found_folders”

# Rename the folders
echo “$found_folders” | xargs -I {} mv {} {}/Backup_duplicate_rhel-9

echo -e “\e[32mRenaming complete.\e[0m”
else
echo “No duplicate copies found.”
fi

########################################################### Yum Utils #################################################################################
echo “”

echo -e “\x1b[30;44mInstalling the required packages for creating repo \x1b[m”
echo “”
if sudo yum install -y yum-utils createrepo httpd; then
echo -e “\e[32mUpdates done \e[0m”
else
echo “Failed to install required packages. Do you want to proceed to the next step? (y/n)”
read choice
if [ “$choice” != “y” ]; then
exit 1
fi
fi

echo “”

echo -e “\x1b[30;44mCreating directories /var/www/html/rhel9/baseOS and /var/www/html/rhel9/AppStream \x1b[m”
echo “”

# Default directory paths
baseOS_dir=”/var/www/html/rhel9/baseOS”
AppStream_dir=”/var/www/html/rhel9/AppStream”

read -e -p “1. Do you wish to go with the default folder creation under $baseOS_dir and $AppStream_dir? (y/n): ” use_default
echo “”

if [ “$use_default” == “n” ]; then
read -e -p “2. Please enter the directory path for baseOS (hit Enter for default $baseOS_dir): ” custom_baseOS_dir
echo “”
read -e -p ” Please enter the directory path for AppStream (hit Enter for default $AppStream_dir): ” custom_AppStream_dir
echo “”
# Set directory paths based on user input or use defaults
baseOS_dir=${custom_baseOS_dir:-$baseOS_dir}
AppStream_dir=${custom_AppStream_dir:-$AppStream_dir}
fi

echo “”
# Create directories
if mkdir -p “$baseOS_dir” && \
mkdir -p “$AppStream_dir”; then
echo “$baseOS_dir”
echo “$AppStream_dir”
echo -e “\e[32mDirectories created successfully \e[0m”
else
echo “Failed to create directories. Do you want to proceed to the next step? (y/n)”
read choice
if [ “$choice” != “y” ]; then
exit 1
fi
fi

echo “”

echo -e “\x1b[30;44mEnabling the required Repos \x1b[m”
echo “”

# Enable repositories
sudo subscription-manager repos –enable=rhel-9-for-x86_64-baseos-rpms
sudo subscription-manager repos –enable=rhel-9-for-x86_64-appstream-rpms

echo “”

read -p “If the Repos are Enabled. Press Enter to continue… if not Ctrl + c to exit ”
echo “”
echo -e “\e[32mEnabled the Repos successfully \e[0m”
read -p “Press Enter to continue…”

echo “”

echo -e “\x1b[30;44mConfiguring the reposync to synchronize RHEL9\x1b[m”
echo “”
if reposync -p “$baseOS_dir” –download-metadata –repo=rhel-9-for-x86_64-baseos-rpms && \
reposync -p “$AppStream_dir” –download-metadata –repo=rhel-9-for-x86_64-appstream-rpms; then
echo -e “\033[1;31mSynchronization done \033[0m\n”
else
echo “Failed to synchronize repositories. Do you want to proceed to the next step? (y/n)”
read choice
if [ “$choice” != “y” ]; then
exit 1
fi
fi
echo -e “\e[32mReposync completed successfully \e[0m”

echo “”

echo -e “\x1b[30;44mCreate Repodata for each repo\x1b[m”
if createrepo -v “$baseOS_dir” && \
createrepo -v “$AppStream_dir”; then
echo -e “\e[32mCreated Repodata successfully \e[0m”
else
echo “Failed to create Repodata. Do you want to proceed to the next step? (y/n)”
read choice
if [ “$choice” != “y” ]; then
exit 1
fi
fi

########################################################### Yum Utils #################################################################################
read -p “Press Enter to continue…”
read -p “Press Enter to continue…”

 

echo “”
echo -e “\x1b[30;44mConfiguring the updateinfo.xml file for RHEL repo\x1b[m”
# Add your commands for configuring updateinfo.xml here
#FOR AppStream Repo:

 

# Function to prompt for continuation
prompt_continue() {
read -p “Do you want to continue to the next step? (y/n): ” choice
if [ “$choice” != “y” ]; then
exit 1
fi
}

# Function to print in green color
print_green() {
echo -e “\e[32m$1\e[0m”
}

# Function to print in red color
print_red() {
echo -e “\e[31m$1\e[0m”
}

# For AppStream Repo:

# Directory containing the gzipped files
appstream_directory=”$AppStream_dir/repodata/”
cache_directory_pattern=”/var/cache/dnf/rhel-9-for-x86_64-appstream-rpms-*/repodata/”

echo “”
echo “Deleting files with ‘updateinfo’ in the name in $appstream_directory”

# Use rm to delete files
if rm -f “$appstream_directory”*updateinfo*; then
echo “Deletion complete.”
echo “”
else
echo “Failed to delete files. Please check permissions or try again.”
prompt_continue
fi

# Find directories matching the pattern and iterate through them
for cache_directory in $cache_directory_pattern; do
# Check if files exist before proceeding
updateinfo_files=(“$cache_directory”*-updateinfo.xml.gz)
if [ ${#updateinfo_files[@]} -eq 0 ]; then
print_red “No files matching ‘*-updateinfo.xml.gz’ found in $cache_directory.”
continue
fi

echo “”
# List files and prompt to proceed
print_green “The following files were found in $cache_directory:”
ls “$cache_directory”*-updateinfo.xml.gz

prompt_continue

# Use a loop to copy files one by one
for file in “${updateinfo_files[@]}”; do
echo “Copying file: $file”
if cp “$file” “$appstream_directory”; then
echo “Copy successful.”
else
echo “Failed to copy file. Please check permissions or try again.”
prompt_continue
fi
done
done

echo “$PWD”

# Decompress and modify repository metadata
echo “Decompressing files with ‘-updateinfo.xml.gz’ in the name in $appstream_directory”

# Use gzip to decompress files
if gzip -d “$appstream_directory”*-updateinfo.xml.gz; then
echo “Decompression successful.”
else
echo “Failed to decompress files. Please check permissions or try again.”
prompt_continue
fi

echo “Renaming decompressed files to ‘updateinfo.xml'”

# Use mv to rename files
if mv “$appstream_directory”*-updateinfo.xml “$appstream_directory”updateinfo.xml; then
echo “Rename successful.”
else
echo “Failed to rename files. Please check permissions or try again.”
prompt_continue
fi

echo “Modifying repository metadata”

# Use modifyrepo to modify repository metadata
if modifyrepo “$appstream_directory”updateinfo.xml “$appstream_directory”; then
echo “Modification successful.”
else
echo “Failed to modify repository metadata. Please check permissions or try again.”
prompt_continue
fi

echo -e “\e[32mAll steps for AppStream Repo completed successfully. \e[0m”

echo “”

# For BaseOS Repo:

# Directory containing the gzipped files
baseos_directory=”$baseOS_dir/repodata/”
cache_directory_pattern=”/var/cache/dnf/rhel-9-for-x86_64-baseos-rpms-*/repodata/”

echo “Deleting files with ‘-updateinfo’ in the name in $baseos_directory”

# Use rm to delete files
if rm -f “$baseos_directory”*updateinfo*; then
echo “”
echo “Deletion successful.”
else
echo “Failed to delete files. Please check permissions or try again.”
exit 1
fi

# Find directories matching the pattern and iterate through them
for cache_directory in $cache_directory_pattern; do
# Check if files exist before proceeding
updateinfo_files=(“$cache_directory”*-updateinfo.xml.gz)
if [ ${#updateinfo_files[@]} -eq 0 ]; then
print_red “No files matching ‘*-updateinfo.xml.gz’ found in $cache_directory.”
continue
fi
echo “”
# List files and prompt to proceed
print_green “The following files were found in $cache_directory:”
ls “$cache_directory”*-updateinfo.xml.gz

prompt_continue

# Use a loop to copy files one by one
for file in “${updateinfo_files[@]}”; do
echo “Copying file: $file”
if cp “$file” “$baseos_directory”; then
echo “Copy successful.”
else
echo “Failed to copy files. Please check permissions or try again.”
exit 1
fi
done
done

echo “$PWD”

# Decompress and modify repository metadata
echo “Decompressing files with ‘-updateinfo.xml.gz’ in the name in $baseos_directory”

# Use gzip to decompress files
if gzip -d “$baseos_directory”*-updateinfo.xml.gz; then
echo “Decompression successful.”
else
echo “Failed to decompress files. Please check permissions or try again.”
exit 1
fi

echo “Renaming decompressed files to ‘updateinfo.xml'”

# Use mv to rename files
if mv “$baseos_directory”*-updateinfo.xml “$baseos_directory”updateinfo.xml; then
echo “Rename successful.”
else
echo “Failed to rename files. Please check permissions or try again.”
exit 1
fi

echo “Modifying repository metadata”

# Use modifyrepo to modify repository metadata
if modifyrepo “$baseos_directory”updateinfo.xml “$baseos_directory”; then
echo “Modification successful.”
else
echo “Failed to modify repository metadata. Please check permissions or try again.”
exit 1
fi

echo -e “\e[32mAll steps for BaseOS Repo completed successfully. \e[0m”

echo “”

#############################################################################
#mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak2023
#echo -e “\033[1;31m################################ Creating Certificates Folder /etc/nginx/ssl #############################################\033[0m\n”

echo -e “\e[32m################################ Creating Certificates Folder /etc/nginx/ssl ############################################# \e[0m”

################################ Creating Certificates Folder /etc/nginx/ssl #############################################
echo “”
echo -e “\x1b[30;44mCreating directories /etc/nginx/ssl \x1b[m”
ssl_dir=”/etc/nginx/ssl”

if mkdir -p “$ssl_dir”; then
echo “$ssl_dir”
echo -e “\e[32mDirectory created successfully \e[0m”

else
echo “Failed to create the directory. Do you want to proceed to the next step? (y/n)”
read choice
if [ “$choice” != “y” ]; then
exit 1
fi
fi

echo “”
#echo -e “\033[1;31m################################ Creating SSL Certificates using openssl #############################################\033[0m\n”
echo -e “\e[32m################################ Creating SSL Certificates using openssl ############################################# \e[0m”
################################ Creating SSL Certificates using openssl #############################################

# Function to extract the primary IPv4 address
get_primary_ipv4() {
ip route | awk ‘/default/ { print $5 }’ | xargs -I {} ip addr show {} | awk ‘/inet/ {print $2}’ | cut -d’/’ -f1 | head -n 1
}

# Function to check if the input is a valid IPv4 address
is_valid_ipv4() {
local ip=”$1″
if [[ $ip =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo “true”
else
echo “false”
fi
}

# Main script
ip_address=$(get_primary_ipv4)

# Check if the input is a valid IPv4 address
if [[ $(is_valid_ipv4 “$ip_address”) == “true” ]]; then
# If valid, append http:// and print the result
http_ip=”$ip_address”
echo “Using IP address: $http_ip”

# Set default values for certificate information
country=”IN”
state=”State”
locality=”City”
organization=”Organization”
organizational_unit=”Organization”
common_name=”$http_ip”
email=”Organization”

# Generate a self-signed certificate using OpenSSL with default values
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-keyout /etc/nginx/ssl/repo.key -out /etc/nginx/ssl/repo.crt \
-subj “/C=$country/ST=$state/L=$locality/O=$organization/OU=$organizational_unit/CN=$common_name/emailAddress=$email”

echo “SSL certificate generated successfully.”
else
echo “Error: Invalid IPv4 address.”
fi

######################################################################

 

echo -e “\e[32mConfiguration done successfully \e[0m”

echo “”

echo -e “\e[32m################################ Handling the WebServer Configuration and the Defualt WebServer path ############################################ \e[0m”

echo “”
# Default web server path
default_web_server_path=”/var/www/html/rhel9″

# Prompt the user to choose between default and custom paths
read -e -p “Choose an option:
1. Use the default web server path ($default_web_server_path)
2. Specify a custom path for package downloads
Enter ‘1’ to use the default path or ‘2’ to specify a custom path: ” user_choice

echo “”
# Set the root path based on the user’s choice
root_path=””
if [ “$user_choice” == “2” ]; then
read -e -p “Enter the custom root path: ” custom_root_path
root_path=${custom_root_path:-$default_web_server_path}
else
root_path=$default_web_server_path
fi

# Get the IP address
ip_address=$(ip addr show $(ip route | awk ‘/default/ { print $5 }’) | grep “inet” | head -n 1 | awk ‘/inet/ {print $2}’ | cut -d’/’ -f1)

# Check if the input is a valid IPv4 address
if [[ $ip_address =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
# If valid, append http:// and print the result
http_ip=”$ip_address”

nginx_config=”server {
listen 80;
server_name $http_ip;
root $root_path;

location / {
index index.php index.html index.htm;
autoindex on; #enable listing of directory index

return 301 https://\$server_name\$request_uri;
}
}

server {
listen 443 ssl;
server_name $http_ip; #change test.lab to your real domain or IP address
root $root_path;
ssl_certificate /etc/nginx/ssl/repo.crt;
ssl_certificate_key /etc/nginx/ssl/repo.key;
location / {
index index.php index.html index.htm;
autoindex on; #enable listing of directory index
}
}”

# Write the configuration to the file
echo “$nginx_config” | sudo tee -a /etc/nginx/conf.d/repos.conf > /dev/null

# Check if the file was successfully written
if [[ -s “/etc/nginx/conf.d/repos.conf” ]]; then
echo -e “Configuration written successfully. Configuration file: /etc/nginx/conf.d/repos.conf ”
else
echo -e “\e[31mError: Failed to write the configuration. \e[0m”
fi
else
echo “Invalid IP address format!”
fi

echo “”

echo “”

echo -e “\e[32m################################ Checking the Nginx Conf Settings ############################################# \e[0m”

echo “”
# Continue validation until nginx -t is successful
while true; do
if nginx -t; then
echo “”
echo -e “\e[32mNginx configuration test successful. \e[0m”
break
else
echo -e “\e[31mError: Nginx configuration test failed. \e[0m”
echo “Verify the configuration located at /etc/nginx/conf.d/repos.conf.”
read -p “If you corrected the script, press Enter to recheck. Otherwise, press Ctrl+C to exit.”
fi
done

echo “”

read -p “Press Enter to continue…”

read -p “Press Enter to continue…”

echo “”

#echo -e “\e[32m##################### Since we are using the default file-system location for web content, we are restoring the default SELinux security contexts with restorecon ####################### \e[0m”

 

echo -e “\e[32m##################### Restoring the default SELinux security contexts with restorecon ####################### \e[0m”

echo “”
# Default web server path
default_web_server_path=”/var/www/html/”

# Prompt the user to choose between default and custom paths
read -e -p “Choose an option:

1. Use the default path ($default_web_server_path)
2. Specify a custom path for SELinux security contexts restoration

Enter ‘1’ to use the default path or ‘2’ to specify a custom path: ” user_choice

echo “”
# Set the path based on the user’s choice
path_for_restorecon=””
if [ “$user_choice” == “2” ]; then
read -e -p “Enter the custom path for restorecon (hit Enter for default $default_web_server_path): ” custom_restorecon_path
path_for_restorecon=${custom_restorecon_path:-$default_web_server_path}
else
path_for_restorecon=$default_web_server_path
fi

# Attempt to restore SELinux security contexts
sudo restorecon -R “$path_for_restorecon”

# Check the exit status of the restorecon command
if [ $? -eq 0 ]; then
echo “”
echo -e “SELinux security contexts restored successfully.”

# Add the chcon command here
echo -e “\n\e[32m##################### Setting additional SELinux security contexts with chcon ####################### \e[0m”
chcon -Rt httpd_sys_content_t “$path_for_restorecon”
echo -e “Additional SELinux security contexts set successfully.”

else
echo -e “\e[31mError: Failed to restore SELinux security contexts. \e[0m”
fi

 

echo “”

echo -e “\e[32m############################################################################################################### \e[0m”

read -p “Press Enter to continue…”
echo -e “\e[32m############################################################################################################### \e[0m”

echo “”
echo -e “\x1b[30;44mRestarting the Nginx\x1b[m”
echo “”
systemctl restart nginx
STATUS=”$(systemctl is-active nginx)”
if [ “${STATUS}” = “active” ]; then
echo -e “\e[32mNginx service is running…… \e[0m”
else
echo ” Nginx service is not running…. so exiting ”
exit 1
fi
echo “”
echo -e “\e[32m############################################################################################################### \e[0m”

ip_address=$(ip addr show $(ip route | awk ‘/default/ { print $5 }’) | grep “inet” | head -n 1 | awk ‘/inet/ {print $2}’ | cut -d’/’ -f1)
# Check if the input is a valid IPv4 address
if [[ $ip_address =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
# If valid, append http:// and print the result
http_ip=”http://$ip_address/&#8221;
echo “”
echo -e “\033[1;33mPlease access the URL to check if the Nginx is set up fine and files are visible: $http_ip/baseOS\033[0m\n”

else
echo “Invalid IP address format!”
fi

echo “”

 

echo -e “\033[32m################################ Creating the Daily Sync Cron Job ############################################# \033[0m”

echo “”

log_file=”/var/log/update-repository.log”

echo “echo Update script started at \$(date) >> /var/log/update-repository.log
reposync -p $baseOS_dir –download-metadata –repo=rhel-9-for-x86_64-baseos-rpms
createrepo -v $baseOS_dir
reposync -p $AppStream_dir –download-metadata –repo=rhel-9-for-x86_64-appstream-rpms
createrepo -v $AppStream_dir

rm -rf $AppStream_dir/repodata/*updateinfo* >> /var/log/update-repository.log 2>&1
cp /var/cache/dnf/rhel-9-for-x86_64-appstream-rpms-*/repodata/*-updateinfo.xml.gz $AppStream_dir/repodata/ >> /var/log/update-repository.log 2>&1
gzip -d $AppStream_dir/repodata/*-updateinfo.xml.gz >> /var/log/update-repository.log 2>&1
mv $AppStream_dir/repodata/*-updateinfo.xml $AppStream_dir/repodata/updateinfo.xml >> /var/log/update-repository.log 2>&1
modifyrepo $AppStream_dir/repodata/updateinfo.xml $AppStream_dir/repodata/ >> /var/log/update-repository.log 2>&1

rm -rf $baseOS_dir/repodata/*updateinfo* >> /var/log/update-repository.log 2>&1
cp /var/cache/dnf/rhel-9-for-x86_64-baseos-rpms-*/repodata/*-updateinfo.xml.gz $baseOS_dir/repodata/ >> /var/log/update-repository.log 2>&1
gzip -d $baseOS_dir/repodata/*-updateinfo.xml.gz >> /var/log/update-repository.log 2>&1
mv $baseOS_dir/repodata/*-updateinfo.xml $baseOS_dir/repodata/updateinfo.xml >> /var/log/update-repository.log 2>&1
modifyrepo $baseOS_dir/repodata/updateinfo.xml $baseOS_dir/repodata/ >> /var/log/update-repository.log 2>&1
echo Update script ended at \$(date) >> /var/log/update-repository.log 2>&1” >> “/usr/local/bin/rhel9_updaterepository.sh”

if [ -e “/usr/local/bin/rhel9_updaterepository.sh” ]; then
echo -e “\033[32mScript successfully created. Listing contents:\033[0m”
echo “”
ls -ltra “/usr/local/bin/rhel9_updaterepository.sh”

echo “”
cat “/usr/local/bin/rhel9_updaterepository.sh”
chmod +x “/usr/local/bin/rhel9_updaterepository.sh”
echo “”
echo -e “\033[32mExecution permission set.\033[0m”

echo “”
read -p “Press Enter if you find the script is updated correctly…”
read -p “Press Enter to continue…”
# Create cron job to run at night (replace “0 0” with your desired time)
echo “0 23 * * * /usr/local/bin/rhel9_updaterepository.sh >> /var/log/update-repository.log” | crontab –

echo -e “\033[32mCron jobs created successfully.\033[0m”
else
echo -e “\033[31mError: Script creation failed.\033[0m”
fi

echo “”
echo -e “\e[32m############################################################################################################### \e[0m”
echo “”
echo -e “\e[1;32m +-+-+-+-+ +-+ +-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+
|R|H|E|L| |9| |R|e|p|o| |S|u|c|c|e|s|s|f|u|l|l|y| |C|r|e|a|t|e|d|
+-+-+-+-+ +-+ +-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+ 😊\e[0m”

echo “”
echo -e “\e[32m############################################################################################################### \e[0m”
echo “”

[Author]

Posts