techadmin
76c3a991df
Komplettes Rewrite des alten Bash-Tools `pdf-tool` in Python. - ocrmypdf als Library, watchdog für Hotfolder, ThreadPool für Parallelität - Upload-Targets: folder, Nextcloud (WebDAV), SFTP - E-Mail-Notify, optional veraPDF - Interaktiver Installer mit Service-User-Support (lokal + AD via SSSD) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
158 lines
5.0 KiB
Bash
Executable File
158 lines
5.0 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
#
|
|
# PDF OCR Hotfolder — Installer für Debian 12/13
|
|
#
|
|
# Fragt interaktiv nach dem Service-User. Unterstützt:
|
|
# - Lokal anlegen (neuer System-User)
|
|
# - Bereits existierender lokaler User
|
|
# - AD-User mit lokaler UID (z.B. via SSSD/Winbind)
|
|
#
|
|
|
|
set -euo pipefail
|
|
|
|
RED='\033[0;31m'; GREEN='\033[0;32m'; YELLOW='\033[1;33m'; BLUE='\033[0;34m'; NC='\033[0m'
|
|
log_info() { echo -e "${GREEN}[INFO]${NC} $*"; }
|
|
log_warn() { echo -e "${YELLOW}[WARN]${NC} $*"; }
|
|
log_error() { echo -e "${RED}[ERROR]${NC} $*"; }
|
|
log_step() { echo -e "${BLUE}==>${NC} $*"; }
|
|
|
|
if [ "${EUID}" -ne 0 ]; then
|
|
log_error "Bitte als root ausführen: sudo ./install.sh"
|
|
exit 1
|
|
fi
|
|
|
|
INSTALL_DIR="/opt/pdf-ocr-hotfolder"
|
|
CONFIG_DIR="/etc/pdf-ocr-hotfolder"
|
|
DATA_DIR="/var/lib/pdf-ocr-hotfolder"
|
|
LOG_DIR="/var/log/pdf-ocr-hotfolder"
|
|
SERVICE_NAME="pdf-ocr-hotfolder"
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
REPO_DIR="$SCRIPT_DIR"
|
|
|
|
if [ ! -f "$REPO_DIR/pdf_ocr_hotfolder/__init__.py" ]; then
|
|
log_error "Repo-Layout nicht erkannt. install.sh aus dem Repo ausführen."
|
|
exit 1
|
|
fi
|
|
|
|
echo
|
|
echo "=========================================="
|
|
echo " PDF OCR Hotfolder — Installation"
|
|
echo "=========================================="
|
|
echo
|
|
|
|
# ============ 1. System-Dependencies ============
|
|
log_step "Installiere System-Pakete"
|
|
|
|
apt-get update -qq
|
|
apt-get install -y --no-install-recommends \
|
|
python3 python3-venv python3-pip \
|
|
tesseract-ocr tesseract-ocr-deu tesseract-ocr-eng \
|
|
ghostscript qpdf unpaper pngquant \
|
|
icc-profiles-free \
|
|
ca-certificates curl
|
|
|
|
log_info "System-Pakete installiert ✓"
|
|
|
|
# ============ 2. Service-User ============
|
|
log_step "Service-User konfigurieren"
|
|
|
|
read -r -p "Service-User-Name [pdfocr]: " SERVICE_USER
|
|
SERVICE_USER="${SERVICE_USER:-pdfocr}"
|
|
|
|
if id "$SERVICE_USER" &>/dev/null; then
|
|
log_info "User '$SERVICE_USER' existiert bereits (lokal oder via AD)."
|
|
SERVICE_GROUP="$(id -gn "$SERVICE_USER")"
|
|
log_info "Verwende bestehende primäre Gruppe: $SERVICE_GROUP"
|
|
else
|
|
log_warn "User '$SERVICE_USER' existiert nicht."
|
|
read -r -p "Lokal als System-User anlegen? [J/n]: " CREATE_USER
|
|
CREATE_USER="${CREATE_USER:-J}"
|
|
if [[ "$CREATE_USER" =~ ^[JjYy]$ ]]; then
|
|
adduser --system --group --home "$DATA_DIR" --shell /usr/sbin/nologin "$SERVICE_USER"
|
|
SERVICE_GROUP="$SERVICE_USER"
|
|
log_info "Lokaler System-User '$SERVICE_USER' angelegt ✓"
|
|
else
|
|
log_error "User '$SERVICE_USER' muss vor der Installation existieren (z.B. via AD/SSSD)."
|
|
log_error "Lege ihn an oder wähle einen existierenden Namen."
|
|
exit 1
|
|
fi
|
|
fi
|
|
|
|
# ============ 3. Verzeichnisse ============
|
|
log_step "Verzeichnisse erstellen"
|
|
|
|
mkdir -p "$INSTALL_DIR" "$CONFIG_DIR" "$LOG_DIR"
|
|
mkdir -p "$DATA_DIR"/{incoming,outgoing,working,error}
|
|
|
|
cp -r "$REPO_DIR/pdf_ocr_hotfolder" "$INSTALL_DIR/"
|
|
cp "$REPO_DIR/requirements.txt" "$INSTALL_DIR/"
|
|
cp "$REPO_DIR/VERSION" "$INSTALL_DIR/"
|
|
echo "$REPO_DIR" > "$INSTALL_DIR/.repo_path"
|
|
|
|
if [ ! -f "$CONFIG_DIR/config.toml" ]; then
|
|
cp "$REPO_DIR/config.example.toml" "$CONFIG_DIR/config.toml"
|
|
log_info "Beispiel-Konfig nach $CONFIG_DIR/config.toml kopiert"
|
|
else
|
|
log_info "Bestehende Konfig $CONFIG_DIR/config.toml bleibt unverändert"
|
|
fi
|
|
|
|
log_info "Verzeichnisse erstellt ✓"
|
|
|
|
# ============ 4. Python venv ============
|
|
log_step "Python venv anlegen"
|
|
|
|
if [ ! -d "$INSTALL_DIR/venv" ]; then
|
|
python3 -m venv "$INSTALL_DIR/venv"
|
|
fi
|
|
"$INSTALL_DIR/venv/bin/pip" install --upgrade pip -q
|
|
"$INSTALL_DIR/venv/bin/pip" install -r "$INSTALL_DIR/requirements.txt" -q
|
|
|
|
log_info "venv bereit ✓"
|
|
|
|
# ============ 5. Berechtigungen ============
|
|
log_step "Berechtigungen setzen"
|
|
|
|
chown -R "$SERVICE_USER:$SERVICE_GROUP" "$INSTALL_DIR" "$DATA_DIR" "$LOG_DIR"
|
|
chown root:"$SERVICE_GROUP" "$CONFIG_DIR"
|
|
chmod 750 "$CONFIG_DIR"
|
|
if [ -f "$CONFIG_DIR/config.toml" ]; then
|
|
chown root:"$SERVICE_GROUP" "$CONFIG_DIR/config.toml"
|
|
chmod 640 "$CONFIG_DIR/config.toml"
|
|
fi
|
|
|
|
log_info "Berechtigungen gesetzt ✓"
|
|
|
|
# ============ 6. systemd-Unit ============
|
|
log_step "systemd-Unit installieren"
|
|
|
|
sed -e "s|__SERVICE_USER__|$SERVICE_USER|g" \
|
|
-e "s|__SERVICE_GROUP__|$SERVICE_GROUP|g" \
|
|
"$REPO_DIR/systemd/pdf-ocr-hotfolder.service" \
|
|
> "/etc/systemd/system/${SERVICE_NAME}.service"
|
|
|
|
systemctl daemon-reload
|
|
systemctl enable "${SERVICE_NAME}.service"
|
|
|
|
log_info "systemd-Unit installiert & enabled ✓"
|
|
|
|
# ============ 7. Start ============
|
|
log_step "Service starten"
|
|
systemctl restart "${SERVICE_NAME}.service"
|
|
sleep 2
|
|
systemctl --no-pager --lines=10 status "${SERVICE_NAME}.service" || true
|
|
|
|
echo
|
|
echo "=========================================="
|
|
echo " Installation abgeschlossen"
|
|
echo "=========================================="
|
|
echo
|
|
echo " Konfiguration: $CONFIG_DIR/config.toml"
|
|
echo " Eingang: $DATA_DIR/incoming"
|
|
echo " Ausgang: $DATA_DIR/outgoing"
|
|
echo " Service-User: $SERVICE_USER ($SERVICE_GROUP)"
|
|
echo
|
|
echo " Logs: journalctl -u $SERVICE_NAME -f"
|
|
echo " Update: sudo ./update.sh"
|
|
echo
|