84 lines
3.0 KiB
Bash
84 lines
3.0 KiB
Bash
# Are we running as root?
|
|
if [[ $EUID -ne 0 ]]; then
|
|
echo "This script must be run as root. Please re-run like this:"
|
|
echo
|
|
echo "sudo $0"
|
|
echo
|
|
exit
|
|
fi
|
|
|
|
# Check that we are running on Ubuntu 14.04 LTS (or 14.04.xx).
|
|
if [ "`lsb_release -d | sed 's/.*:\s*//' | sed 's/14\.04\.[0-9]/14.04/' `" != "Ubuntu 14.04 LTS" ]; then
|
|
echo "Mail-in-a-Box only supports being installed on Ubuntu 14.04, sorry. You are running:"
|
|
echo
|
|
lsb_release -d | sed 's/.*:\s*//'
|
|
echo
|
|
echo "We can't write scripts that run on every possible setup, sorry."
|
|
exit
|
|
fi
|
|
|
|
# Check that we have enough memory.
|
|
#
|
|
# /proc/meminfo reports free memory in kibibytes. Our baseline will be 768 MB,
|
|
# which is 750000 kibibytes.
|
|
#
|
|
# Skip the check if we appear to be running inside of Vagrant, because that's really just for testing.
|
|
TOTAL_PHYSICAL_MEM=$(head -n 1 /proc/meminfo | awk '{print $2}')
|
|
if [ $TOTAL_PHYSICAL_MEM -lt 750000 ]; then
|
|
if [ ! -d /vagrant ]; then
|
|
TOTAL_PHYSICAL_MEM=$(expr \( \( $TOTAL_PHYSICAL_MEM \* 1024 \) / 1000 \) / 1000)
|
|
echo "Your Mail-in-a-Box needs more memory (RAM) to function properly."
|
|
echo "Please provision a machine with at least 768 MB, 1 GB recommended."
|
|
echo "This machine has $TOTAL_PHYSICAL_MEM MB memory."
|
|
exit
|
|
fi
|
|
fi
|
|
|
|
# Check that tempfs is mounted with exec
|
|
MOUNTED_TMP_AS_NO_EXEC=$(grep "/tmp.*noexec" /proc/mounts)
|
|
if [ -n "$MOUNTED_TMP_AS_NO_EXEC" ]; then
|
|
echo "Mail-in-a-Box has to have exec rights on /tmp, please mount /tmp with exec"
|
|
exit
|
|
fi
|
|
|
|
# Check that no .wgetrc exists
|
|
if [ -e ~/.wgetrc ]; then
|
|
echo "Mail-in-a-Box expects no overrides to wget defaults, ~/.wgetrc exists"
|
|
exit
|
|
fi
|
|
|
|
# Check that we are running on x86_64, any other architecture is unsupported and
|
|
# will fail later in the setup when we try to install the custom build lucene packages.
|
|
#
|
|
# Set ARM=1 to ignore this check if you have built the packages yourself. If you do this
|
|
# you are on your own!
|
|
ARCHITECTURE=$(uname -m)
|
|
if [ "$ARCHITECTURE" != "x86_64" ]; then
|
|
if [ -z "$ARM" ]; then
|
|
echo "Mail-in-a-Box only supports x86_64 and will not work on any other architecture, like ARM."
|
|
echo "Your architecture is $ARCHITECTURE"
|
|
exit
|
|
fi
|
|
fi
|
|
|
|
# Check that the kernel supports at least ipv4 ip_tables, either by a module or by being
|
|
# compiled directly in the kernel
|
|
#
|
|
# If this isn't supported tell the user to compile the kernel module or disable the firewall
|
|
# and inform of the risk of doing so.
|
|
if
|
|
[ ! -e /proc/net/ip_tables_names ] &&
|
|
[ ! -e /lib/modules/`uname -r`/kernel/net/ipv4/netfilter/ip_tables.ko ] &&
|
|
[ -z "$DISABLE_FIREWALL" ]
|
|
then
|
|
echo "Your system doesn't support at least ipv4 ip_tables. You will either need to compile"
|
|
echo "a kernel that supports it, or compile the kernel module"
|
|
echo
|
|
echo "If you would like to continue without a firewall you can set 'export DISABLE_FIREWALL=1' at the"
|
|
echo "command line. However, doing this prevents Mail-in-a-Box to activate fail2ban. This service"
|
|
echo "protects the system from bruteforce attacks on the exposed network services. Also services "
|
|
echo "that shouldn't be exposed are now exposed if you don't use a different (external) firewall"
|
|
exit
|
|
fi
|
|
|