From d9c0e14f2a37f378004fd678016755fea3cb331d Mon Sep 17 00:00:00 2001 From: enzo Date: Fri, 8 Aug 2025 09:35:02 +0900 Subject: [PATCH] - Replace legacy deployment script with structured directory approach - Ensure domains and ports in appsettings.json are configured according to deployment type - Update README with clearer installation steps using NetLock-docker-quick-deployment/ - Streamline setup process to make NetLock RMM immediately ready for use after deployment - Fix documentation typos and improve deployment workflow --- .claude/settings.local.json | 8 + .../01_quick-install.sh | 460 +++++++----------- .../02_update-ssl-certificates.sh | 72 +++ .../template_docker-compose.yml | 51 ++ .../template_server-appsettings.json | 70 +++ .../template_web-console-appsettings.json | 75 +++ README.md | 27 +- 7 files changed, 473 insertions(+), 290 deletions(-) create mode 100644 .claude/settings.local.json rename docker-compose-quick-setup.sh => NetLock-docker-quick-deployment/01_quick-install.sh (62%) create mode 100644 NetLock-docker-quick-deployment/02_update-ssl-certificates.sh create mode 100644 NetLock-docker-quick-deployment/template_docker-compose.yml create mode 100644 NetLock-docker-quick-deployment/template_server-appsettings.json create mode 100644 NetLock-docker-quick-deployment/template_web-console-appsettings.json diff --git a/.claude/settings.local.json b/.claude/settings.local.json new file mode 100644 index 00000000..75b4ec79 --- /dev/null +++ b/.claude/settings.local.json @@ -0,0 +1,8 @@ +{ + "permissions": { + "allow": [ + "Bash(mv:*)" + ], + "deny": [] + } +} \ No newline at end of file diff --git a/docker-compose-quick-setup.sh b/NetLock-docker-quick-deployment/01_quick-install.sh similarity index 62% rename from docker-compose-quick-setup.sh rename to NetLock-docker-quick-deployment/01_quick-install.sh index 4cfbffe8..e83a26f9 100644 --- a/docker-compose-quick-setup.sh +++ b/NetLock-docker-quick-deployment/01_quick-install.sh @@ -104,56 +104,63 @@ fi echo "" +# Ask for deployment directory +echo "Where would you like to deploy NetLock RMM?" +read -p "Deployment directory (default: /opt/netlockrmm): " deployment_dir +if [[ -z "$deployment_dir" ]]; then + deployment_dir="/opt/netlockrmm" + echo "Using default deployment directory: $deployment_dir" +else + # Remove trailing slash if present + deployment_dir="${deployment_dir%/}" + echo "Using deployment directory: $deployment_dir" +fi + +# Validate deployment directory +if [[ ! "$deployment_dir" = /* ]]; then + echo "Error: Deployment directory must be an absolute path (starting with /)" + exit 1 +fi + +echo "" + # Set time zone -echo "If your timezone is not listed below, you can set it manually later in the docker-compose.yml file." -PS3="Select a timezone (enter number): " -options=( - "Europe/Berlin" - "America/New_York" - "America/Los_Angeles" - "Europe/London" - "Europe/Paris" - "Europe/Moscow" - "Asia/Tokyo" - "Asia/Shanghai" - "Asia/Singapore" - "Asia/Kolkata" - "Asia/Dubai" - "Australia/Sydney" - "Australia/Perth" - "Africa/Johannesburg" - "America/Sao_Paulo" - "America/Chicago" - "America/Toronto" - "Pacific/Auckland" -) +echo "Current system timezone: $(timedatectl show --property=Timezone --value)" +read -p "Do you want to keep the current timezone? (Y/n): " keep_timezone +keep_timezone=${keep_timezone:-Y} -echo "Please select your timezone:" -select opt in "${options[@]}"; do - if [[ -n "$opt" ]]; then - timezone="$opt" +if [[ "$keep_timezone" =~ ^[Yy]$ ]]; then + timezone=$(timedatectl show --property=Timezone --value) + echo "Using current timezone: $timezone" +else + echo "Enter your timezone (e.g., Europe/Berlin, America/New_York, Asia/Tokyo):" + echo "You can find available timezones with: timedatectl list-timezones" + read -p "Timezone: " timezone + + if [[ -z "$timezone" ]]; then + timezone="Europe/Berlin" + echo "No timezone entered, defaulting to $timezone" + fi + + # Validate timezone + if timedatectl list-timezones | grep -q "^$timezone$"; then echo "Setting timezone to $timezone..." sudo timedatectl set-timezone "$timezone" - break else - echo "Invalid selection. Please try again." + echo "Invalid timezone. Using current system timezone." + timezone=$(timedatectl show --property=Timezone --value) fi -done - -# Fallback if empty for any reason -if [[ -z "$timezone" ]]; then - timezone="Europe/Berlin" - echo "No timezone selected, defaulting to $timezone..." - sudo timedatectl set-timezone "$timezone" fi echo "" # Ask the user for the MySQL root password -read -p "Please enter the MySQL root password (will be used for NetLock RMM): " mysql_password +read -p "Please enter the MySQL root password (leave blank to auto-generate): " mysql_password if [[ -z "$mysql_password" ]]; then - echo "No MySQL password entered. Exiting." - exit 1 + # Generate a random 16-character password using UUID + mysql_password=$(uuidgen | tr -d '-' | head -c 16) + echo "Auto-generated MySQL password: $mysql_password" + echo "Please save this password securely!" fi echo "" @@ -198,13 +205,14 @@ fi # User needs to provide members portal api key, demand again if left empty echo "" -read -p "Please provide your members portal api key now (for OSS & Pro): " apiKeyOverride -apiKeyOverride=$(echo "$apiKeyOverride" | xargs) # removes leading/trailing whitespace - -if [[ -z "$apiKeyOverride" ]]; then - echo "No API key entered. Exiting." - exit 1 -fi +while [[ -z "$apiKeyOverride" ]]; do + read -p "Please provide your members portal api key now (for OSS & Pro): " apiKeyOverride + apiKeyOverride=$(echo "$apiKeyOverride" | xargs) # removes leading/trailing whitespace + + if [[ -z "$apiKeyOverride" ]]; then + echo "API key is required to continue. Please enter a valid API key." + fi +done # Pick one of the following options: # 1. Reverse proxy (nginx, traefik, caddy, etc.) @@ -297,16 +305,21 @@ if [[ "$setup_option" == "1" ]]; then # No Reverse Proxy with Let's Encrypt echo "" - echo "Make sure you have the following ports open on your server:" - echo "80 (HTTP) and 443 (HTTPS) for web console access. Port 80 is used for Let's Encrypt certificate generation. Hold it open until the certificate is generated." + echo "Make sure the following ports are available and not in use by other applications:" + echo "80 (HTTP) and 443 (HTTPS) for web console access. Port 80 is used for Let's Encrypt certificate generation." echo "7443 for the NetLock RMM server (remote access, file transfer, etc.)." + echo "" + echo "Note: Docker Compose will handle port binding automatically. You only need to:" + echo "- Ensure these ports are not used by other services (check with: sudo netstat -tlnp | grep :80)" + echo "- If using cloud hosting (AWS, Azure, etc.), configure your security groups/firewall to allow these ports" + echo "- Local firewalls (ufw, iptables) don't affect Docker port mappings" # Confirm the ports - read -p "Have you opened the ports 80, 443 and 7443 on your server? (Y/n): " ports_open + read -p "Are these ports available and cloud firewall configured (if applicable)? (Y/n): " ports_open ports_open=${ports_open:-Y} if [[ ! "$ports_open" =~ ^[Yy]$ ]]; then - echo "Please open the ports 80, 443 and 7443 on your server and try again." + echo "Please ensure ports are available and configure your cloud firewall before continuing." exit 1 fi @@ -316,7 +329,10 @@ if [[ "$setup_option" == "1" ]]; then # No Reverse Proxy with Let's Encrypt web_console_port_https=443 web_console_https_enabled=true - web_console_server_port=7080 + web_console_server_port=7443 + web_console_server_ssl=true + web_console_cert_path="/app/letsencrypt/certs/certificate.pfx" + web_console_server_host="$server_domain" server_http_enabled=true server_port_http=7080 @@ -325,6 +341,13 @@ if [[ "$setup_option" == "1" ]]; then # No Reverse Proxy with Let's Encrypt server_port_https=7443 server_https_forced=false # No forced HTTPS because of the internal server communication + # Docker port bindings for direct access (no reverse proxy) + web_console_docker_ports=" + - \"80:80\" + - \"443:443\"" + server_docker_ports=" + - \"7443:7443\"" + # Set the public override URL publicOverrideUrl="https://$server_domain:$server_port_https" @@ -337,10 +360,10 @@ elif [[ "$setup_option" == "2" ]]; then # Reverse Proxy read -p "Is this the server where your reverse proxy is running? (Y/n): " reverse_proxy_server reverse_proxy_server=${reverse_proxy_server:-Y} echo "" - read -p "Please enter the IP of the server where your reverse proxy is running: " reverse_proxy_ip + read -p "Please enter the IP of the server where your reverse proxy is running (default: 127.0.0.1): " reverse_proxy_ip if [[ -z "$reverse_proxy_ip" ]]; then - echo "No IP entered. Exiting." - exit 1 + reverse_proxy_ip="127.0.0.1" + echo "Using default reverse proxy IP: $reverse_proxy_ip" fi # JSON-safe output for KnownProxies @@ -361,10 +384,10 @@ elif [[ "$setup_option" == "2" ]]; then # Reverse Proxy if [[ ! "$server_ip_confirmation" =~ ^[Yy]$ ]]; then # If the user says no, ask for the correct IP - read -p "Please enter the correct internal IP of this server: " server_ip + read -p "Please enter the correct internal IP of this server (default: 127.0.0.1): " server_ip if [[ -z "$server_ip" ]]; then - echo "No IP entered. Exiting." - exit 1 + server_ip="127.0.0.1" + echo "Using default server IP: $server_ip" fi fi @@ -376,10 +399,10 @@ elif [[ "$setup_option" == "2" ]]; then # Reverse Proxy fi echo "For the web console domain forward like this:" - echo "$web_console_domain: http -> $server_ip -> 443" + echo "$web_console_domain: https -> $server_ip:8880" echo "" echo "For the server domain forward like this:" - echo "$server_domain: http -> $server_ip -> 7443" + echo "$server_domain: https -> $server_ip:7080" echo "" @@ -392,21 +415,30 @@ elif [[ "$setup_option" == "2" ]]; then # Reverse Proxy exit 1 fi - # Set the web console and server ports - web_console_port_http=443 + # Set the web console and server ports for reverse proxy + web_console_port_http=80 web_console_http_enabled=true web_console_port_https=443 web_console_https_enabled=false - web_console_server_port=7443 + web_console_server_port=7080 + web_console_server_ssl=false + web_console_cert_path="/path/to/certificates/certificate.pfx" + web_console_server_host="netlock-rmm-server" server_http_enabled=true - server_port_http=7443 + server_port_http=7080 server_https_enabled=false server_port_https=7443 server_https_forced=false # No forced HTTPS because of the internal server communication + # Docker port bindings for reverse proxy + web_console_docker_ports=" + - \"127.0.0.1:8880:80\"" + server_docker_ports=" + - \"127.0.0.1:7080:7080\"" + # Set the public override URL publicOverrideUrl="https://$server_domain:443" @@ -429,13 +461,26 @@ elif [[ "$setup_option" == "3" ]]; then # Local Test Environment web_console_https_enabled=false web_console_server_port=7080 + web_console_server_ssl=false + web_console_cert_path="/path/to/certificates/certificate.pfx" + web_console_server_host="netlock-rmm-server" server_http_enabled=true server_port_http=7080 server_https_enabled=false server_port_https=7443 + server_https_forced=false + + # Docker port bindings for local test environment (direct access, no SSL) + web_console_docker_ports=" + - \"80:80\"" + server_docker_ports=" + - \"7080:7080\"" + # No reverse proxy settings for local test + known_proxies_json="[]" + publicOverrideUrl="http://localhost:$server_port_http" le_enabled=false # No Let's Encrypt, no SSL termination for testing @@ -449,236 +494,42 @@ echo "Starting the setup process..." echo "Create directories..." # Directories -sudo mkdir -p /home/netlock/{mysql/data,letsencrypt,web_console/internal,web_console/logs,server/logs,server/files,server/internal} +sudo mkdir -p "$deployment_dir"/{mysql/data,letsencrypt,web_console/internal,web_console/logs,server/logs,server/files,server/internal} # Create empty appsettings files -sudo touch /home/netlock/web_console/appsettings.json -sudo touch /home/netlock/server/appsettings.json +sudo touch "$deployment_dir"/web_console/appsettings.json +sudo touch "$deployment_dir"/server/appsettings.json echo "Creating web console appsettings.json..." -# Write appsettings.json for Web Console (correct path!) -sudo tee /home/netlock/web_console/appsettings.json > /dev/null < /dev/null echo "appsettings.json for web console was created." echo "Creating server appsettings.json..." -sudo tee /home/netlock/server/appsettings.json > /dev/null < /dev/null echo "appsettings.json for server created." # Create docker compose yml -sudo touch /home/netlock/docker-compose.yml - -sudo tee /home/netlock/docker-compose.yml > /dev/null < /dev/null + +echo "docker-compose.yml created in $deployment_dir" echo "" @@ -687,10 +538,61 @@ start_now=${start_now:-Y} if [[ "$start_now" =~ ^[Yy]$ ]]; then echo "Starting NetLock containers..." - sudo docker compose -f /home/netlock/docker-compose.yml up -d + sudo docker compose -f "$deployment_dir"/docker-compose.yml up -d + + # For Let's Encrypt setup, check containers and run certificate update script + if [[ "$le_enabled" == "true" ]]; then + echo "" + echo "Checking if containers started successfully..." + sleep 5 + + # Check if containers are running + WEB_CONSOLE_RUNNING=$(sudo docker ps --filter "name=netlock-web-console" --filter "status=running" -q) + SERVER_RUNNING=$(sudo docker ps --filter "name=netlock-rmm-server" --filter "status=running" -q) + MYSQL_RUNNING=$(sudo docker ps --filter "name=mysql8-container" --filter "status=running" -q) + + if [[ -z "$WEB_CONSOLE_RUNNING" ]] || [[ -z "$SERVER_RUNNING" ]] || [[ -z "$MYSQL_RUNNING" ]]; then + echo "" + echo "⚠️ WARNING: Some containers failed to start properly!" + echo "" + echo "Check container status with:" + echo " sudo docker ps -a" + echo "" + echo "Check container logs with:" + echo " sudo docker logs netlock-web-console" + echo " sudo docker logs netlock-rmm-server" + echo " sudo docker logs mysql8-container" + echo "" + echo "After fixing any issues, you can manually run the certificate update script:" + + # Copy the script anyway for manual use + sudo cp "$SCRIPT_DIR/02_update-ssl-certificates.sh" "$deployment_dir/" + sudo chmod +x "$deployment_dir/02_update-ssl-certificates.sh" + echo " sudo $deployment_dir/02_update-ssl-certificates.sh $deployment_dir" + echo "" + else + echo "✅ All containers are running successfully!" + echo "" + echo "Copying certificate update script..." + sudo cp "$SCRIPT_DIR/02_update-ssl-certificates.sh" "$deployment_dir/" + sudo chmod +x "$deployment_dir/02_update-ssl-certificates.sh" + + echo "Running certificate update script..." + sudo "$deployment_dir/02_update-ssl-certificates.sh" "$deployment_dir" + fi + fi else echo "You can start it later with:" - echo " sudo docker compose -f /home/netlock/docker-compose.yml up -d" + echo " sudo docker compose -f \"$deployment_dir\"/docker-compose.yml up -d" + + # Copy the certificate update script for later use + if [[ "$le_enabled" == "true" ]]; then + echo "" + echo "Copying certificate update script for when you start the containers..." + sudo cp "$SCRIPT_DIR/02_update-ssl-certificates.sh" "$deployment_dir/" + sudo chmod +x "$deployment_dir/02_update-ssl-certificates.sh" + echo "After starting containers, run: sudo $deployment_dir/02_update-ssl-certificates.sh $deployment_dir" + fi fi echo "" diff --git a/NetLock-docker-quick-deployment/02_update-ssl-certificates.sh b/NetLock-docker-quick-deployment/02_update-ssl-certificates.sh new file mode 100644 index 00000000..d3cc0486 --- /dev/null +++ b/NetLock-docker-quick-deployment/02_update-ssl-certificates.sh @@ -0,0 +1,72 @@ +#!/bin/bash + +# Configuration +DEPLOYMENT_DIR="${1:-/opt/netlockrmm}" +WEB_CONSOLE_APPSETTINGS="$DEPLOYMENT_DIR/web_console/appsettings.json" +SERVER_APPSETTINGS="$DEPLOYMENT_DIR/server/appsettings.json" +CERT_DIR="$DEPLOYMENT_DIR/letsencrypt/certs" + +echo "Waiting 30 seconds for containers to start and Let's Encrypt to generate certificate..." +sleep 30 + +echo "Looking for Let's Encrypt certificate in $CERT_DIR..." + +# Wait up to 5 minutes for certificate to appear +TIMEOUT=300 # 5 minutes +ELAPSED=0 +INTERVAL=15 + +while [ $ELAPSED -lt $TIMEOUT ]; do + # Find the first .pfx file + CERT_FILE=$(find "$CERT_DIR" -name "*.pfx" -type f | head -1) + + if [ -n "$CERT_FILE" ]; then + echo "Certificate found: $(basename "$CERT_FILE")" + + # Update both appsettings.json files with the actual certificate path + CERT_FILENAME=$(basename "$CERT_FILE") + NEW_CERT_PATH="/app/letsencrypt/certs/$CERT_FILENAME" + + echo "Updating certificate path in both appsettings files..." + + # Create backups + cp "$WEB_CONSOLE_APPSETTINGS" "$WEB_CONSOLE_APPSETTINGS.backup" + cp "$SERVER_APPSETTINGS" "$SERVER_APPSETTINGS.backup" + + # Replace the certificate path in web console appsettings + echo "Updating web console appsettings.json..." + sed -i "s|\"Path\": \"/app/letsencrypt/certs/certificate.pfx\"|\"Path\": \"$NEW_CERT_PATH\"|g" "$WEB_CONSOLE_APPSETTINGS" + WEB_CONSOLE_UPDATE=$? + + # Replace the certificate path in server appsettings + echo "Updating server appsettings.json..." + sed -i "s|\"Path\": \"/path/to/certificates/certificate.pfx\"|\"Path\": \"$NEW_CERT_PATH\"|g" "$SERVER_APPSETTINGS" + SERVER_UPDATE=$? + + if [ $WEB_CONSOLE_UPDATE -eq 0 ] && [ $SERVER_UPDATE -eq 0 ]; then + echo "Certificate path updated successfully in both files to: $NEW_CERT_PATH" + + # Restart both containers to pick up the new certificate path + echo "Restarting containers..." + docker compose -f "$DEPLOYMENT_DIR/docker-compose.yml" restart netlock-web-console netlock-rmm-server + + echo "Certificate configuration completed!" + exit 0 + else + echo "Error: Failed to update one or both appsettings.json files" + echo "Web console update result: $WEB_CONSOLE_UPDATE" + echo "Server update result: $SERVER_UPDATE" + exit 1 + fi + fi + + echo "Certificate not found yet, waiting $INTERVAL more seconds... ($(((TIMEOUT-ELAPSED)/60)) minutes remaining)" + sleep $INTERVAL + ELAPSED=$((ELAPSED + INTERVAL)) +done + +echo "Timeout: Certificate was not generated within $((TIMEOUT/60)) minutes" +echo "Please check the containers logs:" +echo " docker logs netlock-web-console" +echo " docker logs netlock-rmm-server" +exit 1 \ No newline at end of file diff --git a/NetLock-docker-quick-deployment/template_docker-compose.yml b/NetLock-docker-quick-deployment/template_docker-compose.yml new file mode 100644 index 00000000..5442912f --- /dev/null +++ b/NetLock-docker-quick-deployment/template_docker-compose.yml @@ -0,0 +1,51 @@ +services: + mysql: + image: mysql:8.0 + container_name: mysql8-container + environment: + MYSQL_ROOT_PASSWORD: ${mysql_password} + MYSQL_DATABASE: netlock + volumes: + - ./mysql/data:/var/lib/mysql + - /etc/localtime:/etc/localtime:ro + networks: + - netlock-network + restart: always + command: --skip-log-bin + + netlock-web-console: + image: nicomak101/netlock-rmm-web-console:latest + container_name: netlock-web-console + environment: + - TZ=${timezone} + volumes: + - "./web_console/appsettings.json:/app/appsettings.json" + - "./web_console/internal:/app/internal" + - "./web_console/logs:/var/0x101 Cyber Security/NetLock RMM/Web Console/" + - "./letsencrypt:/app/letsencrypt" + - /etc/localtime:/etc/localtime:ro + ports:${web_console_docker_ports} + networks: + - netlock-network + restart: always + + netlock-rmm-server: + image: nicomak101/netlock-rmm-server:latest + container_name: netlock-rmm-server + environment: + - TZ=${timezone} + volumes: + - "./server/appsettings.json:/app/appsettings.json" + - "./server/internal:/app/internal" + - "./server/files:/app/www/private/files" + - "./server/logs:/var/0x101 Cyber Security/NetLock RMM/Server/" + - "./letsencrypt:/app/letsencrypt" + - /etc/localtime:/etc/localtime:ro + ports:${server_docker_ports} + networks: + - netlock-network + restart: always + +networks: + netlock-network: + driver: bridge \ No newline at end of file diff --git a/NetLock-docker-quick-deployment/template_server-appsettings.json b/NetLock-docker-quick-deployment/template_server-appsettings.json new file mode 100644 index 00000000..60a22c01 --- /dev/null +++ b/NetLock-docker-quick-deployment/template_server-appsettings.json @@ -0,0 +1,70 @@ +{ + "Logging": { + "LogLevel": { + "Default": "Warning", + "Microsoft": "Error", + "Microsoft.Hosting.Lifetime": "Warning", + "Microsoft.AspNetCore.SignalR": "Error", + "Microsoft.AspNetCore.Http.Connections": "Error" + }, + "Custom": { + "Enabled": false + } + }, + "AllowedHosts": "*", + "Kestrel": { + "Endpoint": { + "Http": { + "Enabled": ${server_http_enabled}, + "Port": ${server_port_http} + }, + "Https": { + "Enabled": ${server_https_enabled}, + "Port": ${server_port_https}, + "Force": ${server_https_forced}, + "Hsts": { + "Enabled": true + }, + "Certificate": { + "Path": "/path/to/certificates/certificate.pfx", + "Password": "${le_pfx_password}" + } + } + }, + "Roles": { + "Comm": true, + "Update": true, + "Trust": true, + "Remote": true, + "Notification": true, + "File": true, + "LLM": true + } + }, + "MySQL": { + "Server": "mysql8-container", + "Port": 3306, + "Database": "netlock", + "User": "root", + "Password": "${mysql_password}", + "SslMode": "None", + "AdditionalConnectionParameters": "AllowPublicKeyRetrieval=True;" + }, + "LettuceEncrypt": { + "Enabled": ${le_enabled}, + "AcceptTermsOfService": true, + "DomainNames": [ + "${server_domain}" + ], + "EmailAddress": "${le_email}", + "AllowedChallengeTypes": "Http01", + "CertificateStoredPfxPassword": "${le_pfx_password}" + }, + "Members_Portal_Api": { + "Enabled": true, + "ApiKeyOverride": "${apiKeyOverride}" + }, + "Environment": { + "Docker": true + } +} \ No newline at end of file diff --git a/NetLock-docker-quick-deployment/template_web-console-appsettings.json b/NetLock-docker-quick-deployment/template_web-console-appsettings.json new file mode 100644 index 00000000..47a7d265 --- /dev/null +++ b/NetLock-docker-quick-deployment/template_web-console-appsettings.json @@ -0,0 +1,75 @@ +{ + "Logging": { + "LogLevel": { + "Default": "Warning", + "Microsoft": "Error", + "Microsoft.Hosting.Lifetime": "Warning" + }, + "Custom": { + "Enabled": true + } + }, + "AllowedHosts": "*", + "Kestrel": { + "Endpoint": { + "Http": { + "Enabled": ${web_console_http_enabled}, + "Port": ${web_console_port_http} + }, + "Https": { + "Enabled": ${web_console_https_enabled}, + "Port": ${web_console_port_https}, + "Force": true, + "Hsts": { + "Enabled": true + }, + "Certificate": { + "Path": "${web_console_cert_path}", + "Password": "${le_pfx_password}" + } + } + }, + "IpWhitelist": ${ip_whitelist_json}, + "KnownProxies": ${known_proxies_json} + }, + "NetLock_Remote_Server": { + "Server": "${web_console_server_host}", + "Port": ${web_console_server_port}, + "UseSSL": ${web_console_server_ssl} + }, + "NetLock_File_Server": { + "Server": "${web_console_server_host}", + "Port": ${web_console_server_port}, + "UseSSL": ${web_console_server_ssl} + }, + "MySQL": { + "Server": "mysql8-container", + "Port": 3306, + "Database": "netlock", + "User": "root", + "Password": "${mysql_password}", + "SslMode": "None", + "AdditionalConnectionParameters": "AllowPublicKeyRetrieval=True;" + }, + "LettuceEncrypt": { + "Enabled": ${le_enabled}, + "AcceptTermsOfService": true, + "DomainNames": [ + "${web_console_domain}", "${server_domain}" + ], + "EmailAddress": "${le_email}", + "AllowedChallengeTypes": "Http01", + "CertificateStoredPfxPassword": "${le_pfx_password}" + }, + "Webinterface": { + "Title": "${web_console_title}", + "Language": "en-US", + "Membership_Reminder": true, + "PublicOverrideUrl": "${publicOverrideUrl}" + }, + "Members_Portal_Api": { + "Enabled": true, + "Cloud": false, + "ApiKeyOverride": "${apiKeyOverride}" + } +} \ No newline at end of file diff --git a/README.md b/README.md index 228486ac..fe06d1d0 100644 --- a/README.md +++ b/README.md @@ -82,24 +82,29 @@ Do you wish to get started as fast as possible? Our docker compose script ensure - Reverse Proxy (supports any reverse proxy) - Local Testing (only for local test environments, not for production) -The script expects docker compose to be installed, on a linux disctribution. Best to use would be Ubuntu 24.04. The script deploys the NetLock RMM componments as well as a MySQL 8.0 server and connects everything with each other. +The script expects docker compose to be installed, on a linux distribution. Best to use would be Ubuntu 24.04. The script deploys the NetLock RMM components as well as a MySQL 8.0 server and connects everything with each other. -1. Download the script with wget. -```plaintext -sudo wget -P /home https://raw.githubusercontent.com/0x101-Cyber-Security/NetLock-RMM/main/docker-compose-quick-setup.sh +1. Clone the repository (latest commit only): +```bash +git clone --depth 1 https://github.com/0x101-Cyber-Security/NetLock-RMM.git ``` -2. Make it executable: -```plaintext -sudo chmod +x /home/docker-compose-quick-setup.sh +2. Navigate to the Docker deployment directory: +```bash +cd NetLock-RMM/NetLock-docker-quick-deployment ``` -3. Execute it: -```plaintext -sudo ./home/docker-compose-quick-setup.sh +3. Make the scripts executable (if necessary): +```bash +chmod +x 01_quick-install.sh 02_update-ssl-certificates.sh ``` -4. Follow the instructions. +4. Execute the setup script: +```bash +sudo ./01_quick-install.sh +``` + +5. Follow the instructions in the script. ## Video Tutorial [Watch the video on YouTube](https://youtu.be/-VMoL6wnSKs)