Appliance Configuration Scripts

For Cryptshare Appliances a set of scripts exists allowing easier configuration of particular tasks which need to be done on operating system side. The table below lists available scripts and their purpose:

Script Purpose Details

setupApplianceScripts.sh

Main configuration script.

Downloads available scripts, sets execution flags and configures the patch notification script.

setupCronJobs

Setting up of the patch notification CronJob.

Script for scheduling the time when the Cryptshare appliance notifies an administrator about available system patches.

attachHDD.sh

Configuring and attaching a new hard disk.

This is usually necessary when a virtual appliance is used and the available disk space needs to be extended.

determinePatchState.sh

Script checking for available patches.

This script is executed on a daily basis, configured by the setup script 'setupCronJobs'. It checks the system for available patches. If patches are available, the administrator is informed via email and the installation of the patches is scheduled with a certain delay afterwards.

sendnotification.sh

EMail dispatch script.

This script is necessary for sending the patch notification to the administrator.

Main Setup

The appliance configuration scripts can be either set up automatically or manually.

Automatic Setup

When a Cryptshare update is installed on an appliance, the appliance configuration scripts are set up automatically using the administrator system notification email and the default mail server sender email settings configured in the administration interface. The script setup execution is logged in the file `cryptshare_updater.log`. Afterwards, the appliance configuration scripts can be found in the `appliance` folder in the Cryptshare Server installation directory.

After administrator system notification email or default mail server sender email settings have been changed the appliance configuration scripts are set up again during the next server restart.

Manual Setup

When not using the automatic setup, please follow these instructions in order to make sure that all scripts are available and can be executed without errors.

  1. Login to the linux console of your Cryptshare Appliance.

  2. Change to the directory /opt/cryptshare-3/appliance. If the directory does not exist please create it by following command:

mkdir /opt/cryptshare-3/appliance

  1. Download the main configuration script

wget <nowiki>https://update.cryptshare.com/cryptshare/scripts/cs-appliance/setupApplianceScripts.sh</nowiki>

  1. Add execution permissions to the script so it can be executed:

chmod +x setupApplianceScripts.sh

  1. Execute the script:

Reconfiguration

By changing one of the following settings in the administration interface, appliance scripts will also be updated after a restart in order to reflect the changes:

  • System Settings → Mail Server Settings

    • Sender Address

    • SMTP Host

  • System Settings → System Notifications

    • Administrator Email

Changing the mail server / Relay Host

By default, Cryptshare on Appliances is configured to use the underlying Postifx Server as its mail server, whereas Postifx itself is configured to use the relay host which was specified when the Appliance was issued on the Cryptshare VM Build Service. If the mail server changes, Postfix needs to be reconfigured accordingly. There are two possibilities how this can be done:

  • Method 1: From within the Cryptshare Administration Interface (which will require two restarts of Cryptshare):

    • Go to the 'Mail Server Settings' in the Cryptshare Administration Interface.

    • Change the SMTP Host to the correct host address.

    • Restart Cryptshare.

    • Once more go to the Mail Server Settings and change back the SMTP Host setting to 'localhost'.

    • Restart Cryptshare.

  • Method 2: Directly from within a SSH console on the Appliance:

    • Open the SSH console to the Cryptshare Appliance, i.e. by using Putty.

    • Execute the following command:

postconf -e relayhost=<host-address>

Operating System Patches

Automated installation of patches

The script setupCronJobs.sh will set up a CronJob (Scheduled Task) which is executed on a daily basis and is responsible for executing the following tasks:

  • Installation of operating system patches on a daily basis.

  • Notifying Cryptshare Administrators about available patches.

The basic configuration can be done by just executing the script:

/opt/cryptshare-3/appliance/setupCronJobs.sh

This will setup the CronJob to be executed every day at 8am. If the time of execution shall be changed, an alternative execution time can be specified:

Not all patches are installed automatically

Please note, that certain kinds of patches require a reboot of the system. These kinds of patches are not installed automatically and administrators are asked to do this manually. Please follow the steps below in order to install patches manually:

  1. Login to the linux console of your Cryptshare Appliance.

  2. Execute the following command

zypper up -t patch

Notification about available patches

The email notification about available patches is part of the setup for the automated installation of patches. Please follow the instructions of this chapter in order to perform the configuration.

Additional Scripts

Extending available disk space

Especially Virtual Appliances are only equipped with a minimal initial amount of disk space in order to keep the size of the virtual image as small as possible. This however is not the recommended setup for running Cryptshare as it usually requires a higher amount of disk space when used. After another hard disk was added to the appliance, the script attachHDD.sh can perform the configuration of the new disk so that it automatically becomes available for Cryptshare as an upload directory. Execute the following command to configure and attach the new disk:

/opt/cryptshare-3/appliance/attachHDD.sh