-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathwindows_installer.ps1
142 lines (112 loc) · 8.35 KB
/
windows_installer.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
$INSTALLER_DIR = $pwd.Path
$DATA_DIR = "$env:USERPROFILE\ots" -replace "\\", "\\"
# Check for admin privileges
$currentPrincipal = New-Object Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurrent())
if (-Not ($currentPrincipal.IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator))) {
Write-Host "Please run this script with admin privileges" -ForegroundColor Red -BackgroundColor Black
Exit
}
# Make the OTS data folder
if (-Not (Test-Path -Path $DATA_DIR)) {
New-Item -ItemType Directory -Path $DATA_DIR
New-Item -ItemType Directory -Path $DATA_DIR\mediamtx
New-Item -ItemType Directory -Path $DATA_DIR\mediamtx\recordings
}
Write-Host "Installing Chocolatey..." -ForegroundColor Green -BackgroundColor Black
# https://chocolatey.org/install#individual
Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
Write-Host "Installing prerequisites..." -ForegroundColor Green -BackgroundColor Black
choco install python3 openssl rabbitmq nginx sed -y
# Need this so the openssl pkcs12 -legacy option works
[Environment]::SetEnvironmentVariable("OPENSSL_MODULES", "C:\Program Files\OpenSSL-Win64\bin", "Machine")
Import-Module $env:ChocolateyInstall\helpers\chocolateyProfile.psm1
refreshenv
Set-Location -Path $DATA_DIR
python -m venv .venv
.\.venv\Scripts\activate
pip install https://github.com/brian7704/OpenTAKServer-Installer/raw/master/unishox2_py3-1.0.0-cp312-cp312-win_amd64.whl
pip install opentakserver
Write-Host "Initializing Database..." -ForegroundColor Green -BackgroundColor Black
flask.exe db upgrade
Set-Location -Path $DATA_DIR
Write-Host "Finished initializing database!" -ForegroundColor Green -BackgroundColor Black
Write-Host "Creating Certificate Authority..." -ForegroundColor Green -BackgroundColor Black
Set-Location -Path $DATA_DIR
flask.exe ots create-ca
Write-Host "Finished creating the certificate authority!" -ForegroundColor Green -BackgroundColor Black
Write-Host "Installing MediaMTX.." -ForegroundColor Green -BackgroundColor Black
$url = lastversion --filter '~*windows' --assets bluenviron/mediamtx
$filename = $url.Split("/")[-1]
lastversion --filter '~*windows' -o $DATA_DIR\mediamtx\$filename --assets download bluenviron/mediamtx
Set-Location $DATA_DIR\mediamtx
Expand-Archive -Path mediamtx*.zip -DestinationPath . -Force
Remove-Item $DATA_DIR\mediamtx\mediamtx.yml -Force
Invoke-WebRequest https://raw.githubusercontent.com/brian7704/OpenTAKServer-Installer/master/mediamtx.yml -OutFile $DATA_DIR\mediamtx\mediamtx.yml
Write-Host "Creating a service for MediaMTX..." -ForegroundColor Green -BackgroundColor Black
$password = Read-Host "Please enter your computer account's password"
nssm install MediaMTX $DATA_DIR\mediamtx\mediamtx.exe
nssm set MediaMTX ObjectName $Env:UserDomain\$Env:UserName $password
nssm set MediaMTX AppStdout $DATA_DIR\mediamtx\service_stdout.log
nssm set MediaMTX AppStderr $DATA_DIR\mediamtx\service_stderr.log
sed -i s/OTS_FOLDER/$DATA_DIR/g $DATA_DIR\mediamtx\mediamtx.yml
sed -i s/SERVER_CERT_FILE/$DATA_DIR\\ca\\certs\\opentakserver\\opentakserver.pem/g $DATA_DIR\mediamtx\mediamtx.yml
sed -i s/SERVER_KEY_FILE/$DATA_DIR\\ca\\certs\\opentakserver\\opentakserver.nopass.key/g $DATA_DIR\mediamtx\mediamtx.yml
# Make a new service
Write-Host "Creating a service for OpenTAKServer..." -ForegroundColor Green -BackgroundColor Black
nssm install OpenTAKServer $DATA_DIR\.venv\Scripts\opentakserver.exe
nssm set OpenTAKServer ObjectName $Env:UserDomain\$Env:UserName $password
nssm set OpenTAKServer AppStdout $DATA_DIR\service_stdout.log
nssm set OpenTAKServer AppStderr $DATA_DIR\service_stderr.log
nssm start OpenTAKServer
Write-Host "Starting MediaMTX..." -ForegroundColor Green -BackgroundColor Black
nssm start MediaMTX
Write-Host "Configuring Nginx..." -ForegroundColor Green -BackgroundColor Black
# Get the installed version of nginx
Set-Location -Path C:\tools\nginx*
$version = $pwd.Path.Split("-")[-1]
# Get nginx configs
if (-Not(Test-Path -Path c:\tools\nginx-$version\conf\ots)) {
New-Item -ItemType Directory -Path c:\tools\nginx-$version\conf\ots
}
if (-Not (Test-Path -Path c:\tools\nginx-$version\conf\ots\streams)) {
New-Item -ItemType Directory -Path c:\tools\nginx-$version\conf\ots\streams
}
Invoke-WebRequest https://raw.githubusercontent.com/brian7704/OpenTAKServer-Installer/master/windows_nginx_configs/nginx.conf -OutFile c:\tools\nginx-$version\conf\nginx.conf
Invoke-WebRequest https://raw.githubusercontent.com/brian7704/OpenTAKServer-Installer/master/windows_nginx_configs/proxy_params -OutFile c:\tools\nginx-$version\conf\proxy_params
Invoke-WebRequest https://raw.githubusercontent.com/brian7704/OpenTAKServer-Installer/master/windows_nginx_configs/ots_http.conf -OutFile c:\tools\nginx-$version\conf\ots\ots_http.conf
Invoke-WebRequest https://raw.githubusercontent.com/brian7704/OpenTAKServer-Installer/master/windows_nginx_configs/ots_https.conf -OutFile c:\tools\nginx-$version\conf\ots\ots_https.conf
Invoke-WebRequest https://raw.githubusercontent.com/brian7704/OpenTAKServer-Installer/master/windows_nginx_configs/ots_certificate_enrollment.conf -OutFile c:\tools\nginx-$version\conf\ots\ots_certificate_enrollment.conf
Invoke-WebRequest https://raw.githubusercontent.com/brian7704/OpenTAKServer-Installer/master/windows_nginx_configs/ots_certificate_enrollment.conf -OutFile c:\tools\nginx-$version\conf\ots\ots_certificate_enrollment.conf
Invoke-WebRequest https://raw.githubusercontent.com/brian7704/OpenTAKServer-Installer/refs/heads/master/windows_nginx_configs/mediamtx.conf -OutFile c:\tools\nginx-$version\conf\ots\mediamtx.conf
Write-Host "Configuring RabbitMQ..." -ForegroundColor Green -BackgroundColor Black
Invoke-WebRequest https://raw.githubusercontent.com/brian7704/OpenTAKServer-Installer/master/nginx_configs/rabbitmq -OutFile c:\tools\nginx-$version\conf\ots\streams\rabbitmq.conf
Set-Location -Path "C:\Program Files\RabbitMQ*\rabbitmq_server*\sbin"
.\rabbitmq-plugins.bat enable rabbitmq_mqtt
.\rabbitmq-plugins.bat enable rabbitmq_auth_backend_http
nssm restart rabbitmq
# Configure nginx
sed -i s/NGINX_VERSION/$version/g c:\tools\nginx-$version\conf\nginx.conf
sed -i s/NGINX_VERSION/$version/g c:\tools\nginx-$version\conf\ots\ots_http.conf
sed -i s/NGINX_VERSION/$version/g c:\tools\nginx-$version\conf\ots\ots_https.conf
sed -i s/NGINX_VERSION/$version/g c:\tools\nginx-$version\conf\ots\ots_certificate_enrollment.conf
sed -i s/SERVER_CERT_FILE/$DATA_DIR\\ca\\certs\\opentakserver\\opentakserver.pem/g c:\tools\nginx-$version\conf\ots\ots_certificate_enrollment.conf
sed -i s/SERVER_KEY_FILE/$DATA_DIR\\ca\\certs\\opentakserver\\opentakserver.nopass.key/g c:\tools\nginx-$version\conf\ots\ots_certificate_enrollment.conf
sed -i s/CA_CERT_FILE/$DATA_DIR\\ca\\ca.pem/g c:\tools\nginx-$version\conf\ots\ots_certificate_enrollment.conf
sed -i s/SERVER_CERT_FILE/$DATA_DIR\\ca\\certs\\opentakserver\\opentakserver.pem/g c:\tools\nginx-$version\conf\ots\ots_https.conf
sed -i s/SERVER_KEY_FILE/$DATA_DIR\\ca\\certs\\opentakserver\\opentakserver.nopass.key/g c:\tools\nginx-$version\conf\ots\ots_https.conf
sed -i s/CA_CERT_FILE/$DATA_DIR\\ca\\ca.pem/g c:\tools\nginx-$version\conf\ots\ots_https.conf
sed -i s/SERVER_CERT_FILE/$DATA_DIR\\ca\\certs\\opentakserver\\opentakserver.pem/g c:\tools\nginx-$version\conf\ots\streams\rabbitmq.conf
sed -i s/SERVER_KEY_FILE/$DATA_DIR\\ca\\certs\\opentakserver\\opentakserver.nopass.key/g c:\tools\nginx-$version\conf\ots\streams\rabbitmq.conf
sed -i s/SERVER_CERT_FILE/$DATA_DIR\\ca\\certs\\opentakserver\\opentakserver.pem/g c:\tools\nginx-$version\conf\ots\streams\mediamtx.conf
sed -i s/SERVER_KEY_FILE/$DATA_DIR\\ca\\certs\\opentakserver\\opentakserver.nopass.key/g c:\tools\nginx-$version\conf\ots\streams\mediamtx.conf
Set-Location -Path $INSTALLER_DIR
nssm restart nginx
Write-Host "Installing OpenTAKServer-UI..." -ForegroundColor Green -BackgroundColor Black
if (-Not (Test-Path -Path c:\tools\nginx-$version\html\opentakserver)) {
New-Item -ItemType Directory -Path c:\tools\nginx-$version\html\opentakserver
}
Set-Location -Path c:\tools\nginx-$version\html\opentakserver
lastversion --assets extract brian7704/OpenTAKServer-UI
# Get out of the python venv
deactivate
Write-Host "Installation Complete!" -ForegroundColor Green -BackgroundColor Black