#!/bin/bash cmd() { local info="${2:-$1}" echo -e "\n\033[1;34m💡 $info\033[0m" eval "$1" } cp -r /home/admmdw/ssh/* /etc/ssh sed -i 's/^PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes/g' /etc/ssh/sshd_config rm -f /var/run/nologin /etc/nologin sed -i 's/account required pam_nologin.so/# account required pam_nologin.so/g' /etc/pam.d/sshd killall sshd /usr/sbin/sshd export PATH=$PATH:/opt/mqm/bin cfg="/home/admmdw/config.yaml" # sudo yum -y install openssh-server && sudo ssh-keygen -A && echo "+:ALL:ALL" | sudo tee /etc/security/access.conf && sudo rm -rf /run/nologin && sudo /usr/sbin/sshd if [ "$(yq '.init' ~/config.yaml)" = "true" ]; then QInit() { mkdir -m 775 -p "/MQHA/$(echo "$1" | tr -d '.')/data" >/dev/null 2>&1 mkdir -m 775 -p "/MQHA/$(echo "$1" | tr -d '.')/log" >/dev/null 2>&1 crtmqm -md "/MQHA/$(echo "$1" | tr -d '.')/data" -ld "/MQHA/$(echo "$1" | tr -d '.')/log" "$1" >/dev/null 2>&1 strmqm "$1" >/dev/null 2>&1 echo "DEFINE LISTENER($1.QM) TRPTYPE(TCP) PORT ($2) CONTROL(STARTONLY)" | runmqsc "$1" >/dev/null 2>&1 echo "DEFINE CHANNEL(SYSTEM.ADMIN.SVRCONN) CHLTYPE(SVRCONN)" | runmqsc "$1" >/dev/null 2>&1 echo "ALTER QMGR CHLAUTH(DISABLED)" | runmqsc "$1" >/dev/null 2>&1 echo "START CHANNEL(SYSTEM.ADMIN.SVRCONN)" | runmqsc "$1" >/dev/null 2>&1 echo "START LISTENER($1.QM)" | runmqsc "$1" >/dev/null 2>&1 echo "ALTER QMGR CONNAUTH(' ')" | runmqsc "$1" >/dev/null 2>&1 echo "REFRESH SECURITY TYPE(CONNAUTH)" | runmqsc "$1" >/dev/null 2>&1 echo "SET CHLAUTH(SYSTEM.ADMIN.SVRCONN) TYPE(ADDRESSMAP) ADDRESS(*) ACTION(REMOVE)" | runmqsc "$1" >/dev/null 2>&1 echo "SET CHLAUTH(SYSTEM.*) TYPE(ADDRESSMAP) ADDRESS(*) ACTION(REMOVE)" | runmqsc "$1" >/dev/null 2>&1 echo "SET CHLAUTH(*) TYPE(BLOCKUSER) USERLIST(*MQADMIN) ACTION(REMOVE)" | runmqsc "$1" >/dev/null 2>&1 echo "ALTER CHANNEL(SYSTEM.ADMIN.SVRCONN) CHLTYPE(SVRCONN) MCAUSER('admmdw')" | runmqsc "$1" >/dev/null 2>&1 echo "Queue Manager $1 has been created." } QScript() { local QMDIR=${1%.QM} runmqsc "$1" <"/home/admmdw/QueueManager/$QMDIR/queue.mqsc" >/dev/null 2>&1 } for qm in $(yq '.queue_manager[].name' "$cfg" | tr -d '"'); do port=$(yq ".queue_manager[] | select(.name == \"$qm\") | .port" "$cfg") createqm=$(yq ".queue_manager[] | select(.name == \"$qm\") | .deploy" "$cfg") if [[ $createqm ]]; then QInit "$qm" "$port" QScript "$qm" fi done for broker in $(yq '.server_ace[].name' "$cfg" | tr -d '"'); do port=$(yq ".server_ace[] | select(.name == \"$broker\") | .port" "$cfg") executiongroups=$(yq ".server_ace[] | select(.name == \"$broker\") | .executiongroup[]" "$cfg") IFS=$'\n' cmd "mkdir -m 775 -p /MQHA/$broker" cmd "mqsicreatebroker $broker -q ${broker}.QM -e /MQHA/$broker" cmd "mqsichangeproperties $broker -b webadmin -o HTTPConnector -n port -v $port" cmd "mqsistart $broker" for executiongroup in $executiongroups; do for eg in $executiongroup; do iserver="$(echo "$eg" | tr -d '"')" cmd "mqsicreateexecutiongroup $broker -e $iserver" cmd "mqsichangeflowstats $broker -e $iserver -s -c inactive" cmd "mqsichangeresourcestats $broker -e $iserver -c inactive" cmd "mqsichangeproperties $broker -e $iserver -o ComIbmJVMManager -n jvmMaxHeapSize -v 1073741824" cmd "mqsichangeproperties $broker -e $iserver -o ComIbmJVMManager -n jvmJavaOSStackSize -v 1048576" cmd "mqsichangeproperties $broker -e $iserver -o ComIbmJVMManager -n jvmSystemProperty -v \"-Dlogback.configurationFile=/opt/IBM/ace-12.0.9.0/server/jplugin/logback.xml\"" cmd "mqsireload -i $broker -e $iserver" # stop for file in /MQHA/bar/"$broker"/"$iserver"/*.bar; do cmd "mqsideploy $broker -e $iserver -a $file" done done done if [[ $broker == "BDSBROKER" ]]; then cmd "mqsisetdbparms BDSBROKER -n odbc::MDW -u db2inst1 -p mdw4dm1n" cmd "mqsisetdbparms BDSBROKER -n odbc::MWCONFIG -u db2inst1 -p mdw4dm1n" cmd "mqsichangeproperties BDSBROKER -e BDS_MT -o HTTPConnector -n ListenerPort -v 7081" cmd "mqsichangeproperties BDSBROKER -e BDS_CD -o HTTPConnector -n ListenerPort -v 7082" cmd "mqsichangeproperties BDSBROKER -e BDS_CF -o HTTPConnector -n ListenerPort -v 7083" cmd "mqsichangeproperties BDSBROKER -e BDS_DD -o HTTPConnector -n ListenerPort -v 7084" cmd "mqsichangeproperties BDSBROKER -e BDS_GL -o HTTPConnector -n ListenerPort -v 7085" cmd "mqsichangeproperties BDSBROKER -e BDS_LN -o HTTPConnector -n ListenerPort -v 7086" cmd "mqsichangeproperties BDSBROKER -e BDS_OT -o HTTPConnector -n ListenerPort -v 7087" cmd "mqsichangeproperties BDSBROKER -e BDS_RM -o HTTPConnector -n ListenerPort -v 7088" cmd "mqsichangeproperties BDSBROKER -e BDS_BP -o HTTPConnector -n ListenerPort -v 7092" cmd "mqsichangeproperties BDSBROKER -e BDS_VP -o HTTPConnector -n ListenerPort -v 7093" cmd "mqsichangeproperties BDSBROKER -e BDS_BILLPAYMENT -o HTTPConnector -n ListenerPort -v 7095" cmd "mqsistop BDSBROKER" cmd "mqsichangeproperties BDSBROKER -f -e BDS_MT -o ExecutionGroup -n httpNodesUseEmbeddedListener -v true" cmd "mqsichangeproperties BDSBROKER -f -e BDS_CD -o ExecutionGroup -n httpNodesUseEmbeddedListener -v true" cmd "mqsichangeproperties BDSBROKER -f -e BDS_CF -o ExecutionGroup -n httpNodesUseEmbeddedListener -v true" cmd "mqsichangeproperties BDSBROKER -f -e BDS_GL -o ExecutionGroup -n httpNodesUseEmbeddedListener -v true" cmd "mqsichangeproperties BDSBROKER -f -e BDS_DD -o ExecutionGroup -n httpNodesUseEmbeddedListener -v true" cmd "mqsichangeproperties BDSBROKER -f -e BDS_LN -o ExecutionGroup -n httpNodesUseEmbeddedListener -v true" cmd "mqsichangeproperties BDSBROKER -f -e BDS_OT -o ExecutionGroup -n httpNodesUseEmbeddedListener -v true" cmd "mqsichangeproperties BDSBROKER -f -e BDS_RM -o ExecutionGroup -n httpNodesUseEmbeddedListener -v true" cmd "mqsichangeproperties BDSBROKER -f -e BDS_BP -o ExecutionGroup -n httpNodesUseEmbeddedListener -v true" cmd "mqsichangeproperties BDSBROKER -f -e BDS_VP -o ExecutionGroup -n httpNodesUseEmbeddedListener -v true" cmd "mqsichangeproperties BDSBROKER -f -e BDS_BILLPAYMENT -o ExecutionGroup -n httpNodesUseEmbeddedListener -v true" cmd "mqsistart BDSBROKER" fi done # echo "$(sed 's/\(init:\) true/\1 false/' "$cfg")" > "$cfg" fi