#!/bin/bash -e
# Install Tomcat 9 on CentOS 8
# Save file as tomcat9-centos8.sh
# Usage: ./tomcat9-centos8.sh
# Main Function
function install_tomcat(){
if [ $(grep -cm 1 tomcat /etc/passwd) -eq 0 ]; then
useradd -m tomcat
fi
cd /home/tomcat
# Install latest stable Tomcat 9
if [ ! -d apache-tomcat-${TOMCAT_VER} ]; then
if [ ! -f apache-tomcat-${TOMCAT_VER}.tar.gz ]; then
wget http://www.us.apache.org/dist/tomcat/tomcat-9/v${TOMCAT_VER}/bin/apache-tomcat-${TOMCAT_VER}.tar.gz
fi
tar xzf apache-tomcat-${TOMCAT_VER}.tar.gz
chown -R tomcat:tomcat apache-tomcat-${TOMCAT_VER}
rm -rf apache-tomcat-${TOMCAT_VER}.tar.gz
fi
# Add CATALINA_HOME to environment
if [ $(grep -m 1 -c CATALINA_HOME /etc/environment) -eq 0 ]; then
cat >>/etc/environment <<EOF
export CATALINA_HOME=/home/tomcat/apache-tomcat-${TOMCAT_VER}
export CATALINA_BASE=/home/tomcat/apache-tomcat-${TOMCAT_VER}
EOF
fi
cat >>/home/tomcat/apache-tomcat-${TOMCAT_VER}/bin/setenv.sh <<CMD_EOF
CATALINA_PID="/home/tomcat/apache-tomcat-${TOMCAT_VER}/temp/tomcat.pid"
CMD_EOF
# Create passwords for manager-admin and manager-gui and update tomcat-users.xml file
TOMCAT_MANAGER_PASS=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c32);
TOMCAT_ADMIN_PASS=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c32);
if [ $(grep -m 1 -c 'tomcat manager pass' /root/auth.txt) -eq 0 ]; then
echo "tomcat manager pass: ${TOMCAT_MANAGER_PASS}" >> /root/auth.txt
else
sed -i.save "s/tomcat manager pass: .*/tomcat manager pass: ${TOMCAT_MANAGER_PASS}/" /root/auth.txt
fi
if [ $(grep -m 1 -c 'tomcat admin pass' /root/auth.txt) -eq 0 ]; then
echo "tomcat admin pass: ${TOMCAT_ADMIN_PASS}" >> /root/auth.txt
else
sed -i.save "s/tomcat admin pass: .*/tomcat admin pass: ${TOMCAT_ADMIN_PASS}/" /root/auth.txt
fi
cat >/home/tomcat/apache-tomcat-${TOMCAT_VER}/conf/tomcat-users.xml <<EOF
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
<role rolename="manager-gui" />
<user username="manager" password="${TOMCAT_MANAGER_PASS}" roles="manager-gui" />
<role rolename="admin-gui" />
<user username="admin" password="${TOMCAT_ADMIN_PASS}" roles="manager-gui,admin-gui" />
</tomcat-users>
EOF
mkdir -p /home/tomcat/apache-tomcat-${TOMCAT_VER}/conf/Catalina/localhost/
cat >/home/tomcat/apache-tomcat-${TOMCAT_VER}/conf/Catalina/localhost/manager.xml <<EOF
<Context privileged="true" antiResourceLocking="false" docBase="\${catalina.home}/webapps/manager">
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="^.*\$" />
</Context>
EOF
chown -R tomcat:tomcat /home/tomcat
# Create the Tomcat Service
cat >/etc/systemd/system/tomcat.service <<CMD_EOF
[Unit]
Description=Tomcat
[Service]
Type=forking
User=tomcat
PIDFile=/home/tomcat/apache-tomcat-${TOMCAT_VER}/temp/tomcat.pid
ExecStart=/home/tomcat/apache-tomcat-${TOMCAT_VER}/bin/startup.sh
ExecStop=/home/tomcat/apache-tomcat-${TOMCAT_VER}/bin/shutdown.sh
[Install]
WantedBy=default.target
CMD_EOF
chmod +x /etc/systemd/system/tomcat.service
systemctl daemon-reload
systemctl enable tomcat.service
systemctl restart tomcat.service
}
# Install OpenJDK 8
function install_openjdk(){
yum install -y java-1.8.0-openjdk-headless
}
# Create the auth.txt file to write passwords to
touch /root/auth.txt
# Preqs for clean install
yum -y install wget unzip tar
# Disable Selinux if enabled
setenforce 0
#Specific CentOS fixes
sed -i.save 's/enabled=0/enabled=1/' /etc/yum.repos.d/CentOS-PowerTools.repo
# Get latest Tomcat 9 version number
TOMCAT_VER=$(wget -qO- --no-check-certificate https://tomcat.apache.org/download-90.cgi | grep '<a href="#9.' | cut -f2 -d'>' | cut -f1 -d'<' | head -n 1)
if [ -z "${TOMCAT_VER}" ]; then
echo "Error: Failed to get tomcat version"; exit 1;
fi
# Execute install_openjdk and install_tomcat
install_openjdk;
install_tomcat;
# Save passwords to auth.txt and also display to user
echo "Passwords saved in /root/auth.txt"
cat /root/auth.txt