CSSCurrent en:Appliance Configuration Scripts
General
For Cryptshare Appliances a set of scripts exists allowing easier configuration of particular tasks which need to be done on operating system side. The table below lists available scripts and their purpose:
| Script | Purpose | Details |
|---|---|---|
| setupApplianceScripts.sh | Main configuration script. | Downloads available scripts, sets execution flags and configures the patch notification script. |
| setupCronJobs | Setting up of the patch notification CronJob. | Script for scheduling the time when the Cryptshare appliance notifies an administrator about available system patches. |
| attachHDD.sh | Configuring and attaching a new hard disk. | This is usually necessary when a virtual appliance is used and the available disk space needs to be extended. |
| determinePatchState.sh | Script checking for available patches. | This script is executed on a daily basis, configured by the setup script 'setupCronJobs'. It checks the system for available patches.
If patches are available, the administrator is informed via email and the installation of the patches is scheduled with a certain delay afterwards. |
| sendnotification.sh | EMail dispatch script. | This script is necessary for sending the patch notification to the administrator. |
Main Setup
The appliance configuration scripts can be either set up automatically or manually.
Automatic Setup
When a Cryptshare update is installed on an appliance, the appliance configuration scripts are set up automatically using the administrator system notification email and the default mail server sender email settings configured in the administration interface. The script setup execution is logged in the file `cryptshare_updater.log`. Afterwards, the appliance configuration scripts can be found in the `appliance` folder in the Cryptshare Server installation directory.
After administrator system notification email or default mail server sender email settings have been changed the appliance configuration scripts are set up again during the next server restart.
Manual Setup
When not using the automatic setup, please follow these instructions in order to make sure that all scripts are available and can be executed without errors.
- Login to the linux console of your Cryptshare Appliance.
- Change to the directory /opt/cryptshare-3/appliance. If the directory does not exist please create it by following command:
mkdir /opt/cryptshare-3/appliance
- Download the main configuration script
wget https://update.cryptshare.com/cryptshare/scripts/cs-appliance/setupApplianceScripts.sh
- Add execution permissions to the script so it can be executed:
chmod +x setupApplianceScripts.sh
- Execute the script:
<sender>: The email address which shall be used for sending patch notifications.
<recipient>: The email address of the administrator(s) who need to receive the patch notifications.
Reconfiguration
By changing one of the following settings in the administration interface, appliance scripts will also be updated after a restart in order to reflect the changes:
- System Settings -> Mail Server Settings
- Sender Address
- SMTP Host
- System Settings -> System Notifications
- Administrator Email
Changing the mail server / Relay Host
By default, Cryptshare on Appliances is configured to use the underlying Postifx Server as its mail server, whereas Postifx itself is configured to use the relay host which was specified when the Appliance was issued on the Cryptshare VM Build Service. If the mail server changes, Postfix needs to be reconfigured accordingly. There are two possibilities how this can be done:
- Method 1: From within the Cryptshare Administration Interface (which will require two restarts of Cryptshare):
- Go to the 'Mail Server Settings' in the Cryptshare Administration Interface.
- Change the SMTP Host to the correct host address.
- Restart Cryptshare.
- Once more go to the Mail Server Settings and change back the SMTP Host setting to 'localhost'.
- Restart Cryptshare.
- Method 2: Directly from within a SSH console on the Appliance:
- Open the SSH console to the Cryptshare Appliance, i.e. by using Putty.
- Execute the following command:
postconf -e relayhost=<host-address>
Operating System Patches
Automated installation of patches
The script setupCronJobs.sh will setup a CronJob (Scheduled Task) which is executed on a daily basis and is responsible for executing the following tasks:
- Installation of operating system patches on a daily basis.
- Notifying Cryptshare Aministrators about available patches.
The basic configuration can be done by just executing the script:
/opt/cryptshare-3/appliance/setupCronJobs.sh
This will setup the CronJob to be executed every day at 8am. If the time of execution shall be changed, an alternative execution time can be specified:
<hour> : The hour when the CronJob is started. <minute> : The minute when the CronJob is started.
<delay>: Delay specifying how many hours after the notification, the patches will be installed.- Login to the linux console of your Cryptshare Appliance.
- Execute the following command
Notification about available patches
The email notification about available patches is part of the setup for the automated installation of patches. Please follow the instructions of this chapter in order to perform the configuration.
Additional Scripts
Extending available disk space
Especially Virtual Appliances are only equipped with a minimal initial amount of disk space in order to keep the size of the virtual image as small as possible. This however is not the recommended setup for running Cryptshare as it usually requires a higher amount of disk space when used. After another hard disk was added to the appliance, the script attachHDD.sh can perform the configuration of the new disk so that it automatically becomes available for Cryptshare as an upload directory. Execute the following command to configure and attach the new disk:
/opt/cryptshare-3/appliance/attachHDD.sh