FOLIO-INSTALL.bash

#!/bin/bash

# Copyright 2014-2024 GPLv3, Open Crypto Tracker by Mike Kilday: Mike@DragonFrugal.com (leave this copyright / attribution intact in ALL forks / copies!)


ISSUES_URL="https://github.com/taoteh1221/Open_Crypto_Tracker/issues"

echo " "
echo "PLEASE REPORT ANY ISSUES HERE: $ISSUES_URL"
echo " "
echo "Initializing, please wait..."
echo " "


######################################


# EXPLICITLY set any dietpi paths 
# Export too, in case we are calling another bash instance in this script
if [ -f /boot/dietpi/.version ]; then
PATH=/boot/dietpi:$PATH
export PATH=$PATH
fi
				

# EXPLICITLY set any ~/.local/bin paths
# Export too, in case we are calling another bash instance in this script
if [ -d ~/.local/bin ]; then
PATH=~/.local/bin:$PATH
export PATH=$PATH
fi
				

# EXPLICITLY set any /usr/sbin path
# Export too, in case we are calling another bash instance in this script
if [ -d /usr/sbin ]; then
PATH=/usr/sbin:$PATH
export PATH=$PATH
fi


# In case we are recursing back into this script (for filtering params etc),
# flag export of a few more basic sys vars if present

# Authentication of X sessions
export XAUTHORITY=~/.Xauthority 
# Working directory
export PWD=$PWD


######################################


# Get date / time
DATE=$(date '+%Y-%m-%d')
TIME=$(date '+%H:%M:%S')

# Current timestamp
CURRENT_TIMESTAMP=$(date +%s)

# Are we running on Ubuntu OS?
IS_UBUNTU=$(cat /etc/os-release | grep -i "ubuntu")


# If a symlink, get link target for script location
 # WE ALWAYS WANT THE FULL PATH!
if [[ -L "$0" ]]; then
SCRIPT_LOCATION=$(readlink "$0")
else
SCRIPT_LOCATION="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )/"$(basename "$0")""
fi

# Now set path / file vars, after setting SCRIPT_LOCATION
SCRIPT_PATH="$( cd -- "$(dirname "$SCRIPT_LOCATION")" >/dev/null 2>&1 ; pwd -P )"
SCRIPT_NAME=$(basename "$SCRIPT_LOCATION")

# Parent directory of the script location
PARENT_DIR="$(dirname "$SCRIPT_LOCATION")"


# Get the operating system and version
if [ -f /etc/os-release ]; then
    # freedesktop.org and systemd
    . /etc/os-release
    OS=$NAME
    VER=$VERSION_ID
elif type lsb_release >/dev/null 2>&1; then
    # linuxbase.org
    OS=$(lsb_release -si)
    VER=$(lsb_release -sr)
elif [ -f /etc/lsb-release ]; then
    # For some versions of Debian/Ubuntu without lsb_release command
    . /etc/lsb-release
    OS=$DISTRIB_ID
    VER=$DISTRIB_RELEASE
elif [ -f /etc/debian_version ]; then
    # Older Debian/Ubuntu/etc.
    OS=Debian
    VER=$(cat /etc/debian_version)
elif [ -f /etc/SuSe-release ]; then
    # Older SuSE/etc.
    ...
elif [ -f /etc/redhat-release ]; then
    # Older Red Hat, CentOS, etc.
    ...
else
    # Fall back to uname, e.g. "Linux <version>", also works for BSD, etc.
    OS=$(uname -s)
    VER=$(uname -r)
fi


# For setting user agent header in curl, since some API servers !REQUIRE! a set user agent OR THEY BLOCK YOU
CUSTOM_CURL_USER_AGENT_HEADER="User-Agent: Curl (${OS}/$VER; compatible;)"


######################################


# https://stackoverflow.com/questions/5947742/how-to-change-the-output-color-of-echo-in-linux

if hash tput > /dev/null 2>&1; then

red=`tput setaf 1`
green=`tput setaf 2`
yellow=`tput setaf 3`
blue=`tput setaf 4`
magenta=`tput setaf 5`
cyan=`tput setaf 6`

reset=`tput sgr0`

else

red=``
green=``
yellow=``
blue=``
magenta=``
cyan=``

reset=``

fi


######################################


# Get logged-in username (if sudo, this works best with logname)
TERMINAL_USERNAME=$(logname)

# If logname doesn't work, use the $SUDO_USER or $USER global var
if [ -z "$TERMINAL_USERNAME" ]; then

    if [ -z "$SUDO_USER" ]; then
    TERMINAL_USERNAME=$USER
    else
    TERMINAL_USERNAME=$SUDO_USER
    fi

fi


if [ "$EUID" -ne 0 ] || [ "$TERMINAL_USERNAME" == "root" ]; then 

echo " "
echo "${red}Please run as a NORMAL USER WITH 'sudo' PERMISSIONS (NOT LOGGED IN AS 'root').${reset}"

echo "${yellow} "
read -n1 -s -r -p $"PRESS ANY KEY to exit..." key
echo "${reset} "

    if [ "$key" = 'y' ] || [ "$key" != 'y' ]; then
    echo " "
    echo "${green}Exiting...${reset}"
    echo " "
    exit
    fi

fi


######################################


if [ -f "/etc/debian_version" ]; then

echo "${cyan}Your system has been detected as Debian-based, which is compatible with this automated script."

# USE 'apt-get' IN SCRIPTING!
# https://askubuntu.com/questions/990823/apt-gives-unstable-cli-interface-warning
PACKAGE_INSTALL="sudo apt-get install"
PACKAGE_REMOVE="sudo apt-get --purge remove"

echo " "
echo "Continuing...${reset}"
echo " "

elif [ -f "/etc/redhat-release" ]; then

echo "${cyan}Your system has been detected as RedHat-based, which is ${red}CURRENTLY STILL IN DEVELOPMENT TO EVENTUALLY BE (BUT IS *NOT* YET) ${cyan}compatible with this automated script."

PACKAGE_INSTALL="sudo yum install"
PACKAGE_REMOVE="sudo yum remove"

echo " "
echo "Continuing...${reset}"
echo " "

else

echo "${red}Your system has been detected as NOT BEING Debian-based OR RedHat-based. Your system is NOT compatible with this automated script."

echo "${yellow} "
read -n1 -s -r -p $"PRESS ANY KEY to exit..." key
echo "${reset} "

    if [ "$key" = 'y' ] || [ "$key" != 'y' ]; then
    echo " "
    echo "${green}Exiting...${reset}"
    echo " "
    exit
    fi

fi

     
echo "${yellow} "
read -n1 -s -r -p $"PRESS ANY KEY to continue..." key
echo "${reset} "
     
    if [ "$key" = 'y' ] || [ "$key" != 'y' ]; then
    echo " "
    echo "${green}Continuing...${reset}"
    echo " "
    fi
     
echo " "


######################################


# Path to app (CROSS-DISTRO-COMPATIBLE)
get_app_path() {

app_path_result=$(whereis -b $1)
app_path_result="${app_path_result#*$1: }"
app_path_result=${app_path_result%%[[:space:]]*}
app_path_result="${app_path_result#*$1:}"
     
     
     # If we have found the library already installed on this system
     if [ ! -z "$app_path_result" ]; then
     
     PATH_CHECK_REENTRY="" # Reset reentry flag
     
     echo "$app_path_result"
     
     # If we are re-entering from the else statement below, quit trying, with warning sent to terminal (NOT function output)
     elif [ ! -z "$PATH_CHECK_REENTRY" ]; then
     
     PATH_CHECK_REENTRY="" # Reset reentry flag
     
     echo "${red} " > /dev/tty
     echo "System path for '$1' NOT FOUND, even AFTER package installation attempts, giving up." > /dev/tty
     echo " " > /dev/tty

     echo "*PLEASE* REPORT THIS ISSUE HERE, *IF THIS SCRIPT FAILS TO RUN PROPERLY FROM THIS POINT ONWARD*:" > /dev/tty
     echo " " > /dev/tty
     echo "$ISSUES_URL" > /dev/tty
     echo "${reset} " > /dev/tty
     
     echo "${yellow} " > /dev/tty
     read -n1 -s -r -p $"PRESS ANY KEY to continue..." key
     echo "${reset} " > /dev/tty
     
         if [ "$key" = 'y' ] || [ "$key" != 'y' ]; then
         echo " " > /dev/tty
         echo "${green}Continuing...${reset}" > /dev/tty
         echo " " > /dev/tty
         fi
     
     echo " " > /dev/tty
     
     # If library not found, attempt package installation
     else
     
     
          # Handle package name exceptions...
          
          # bsdtar on Ubuntu 18.x and higher
          if [ "$1" == "bsdtar" ] && [ -f "/etc/debian_version" ]; then
          SYS_PACK="libarchive-tools"
          
          # xdg-user-dir (debian package name differs slightly)
          elif [ "$1" == "xdg-user-dir" ] && [ -f "/etc/debian_version" ]; then
          SYS_PACK="xdg-user-dirs"

          # rsyslogd (debian package name differs slightly)
          elif [ "$1" == "rsyslogd" ] && [ -f "/etc/debian_version" ]; then
          SYS_PACK="rsyslog"

          # xorg (debian package name differs)
          elif [ "$1" == "xorg" ] && [ -f "/etc/debian_version" ]; then
          SYS_PACK="xserver-xorg"

          # chromium-browser (debian package name differs)
          elif [ "$1" == "chromium-browser" ] && [ -f "/etc/debian_version" ]; then
          SYS_PACK="chromium"

          # epiphany-browser (debian package name differs)
          elif [ "$1" == "epiphany-browser" ] && [ -f "/etc/debian_version" ]; then
          SYS_PACK="epiphany"

          else
          SYS_PACK="$1"
          fi
          
          
          # Terminal alert for good UX...
          if [ "$1" != "$SYS_PACK" ]; then
          echo " " > /dev/tty
          echo "${yellow}'$1' is found WITHIN '$SYS_PACK', changing package request accordingly...${reset}" > /dev/tty
          echo " " > /dev/tty
          fi


     echo " " > /dev/tty
     echo "${cyan}Installing required component '$SYS_PACK', please wait...${reset}" > /dev/tty
     echo " " > /dev/tty
     
     sleep 3
               
     $PACKAGE_INSTALL $SYS_PACK -y > /dev/tty
     
     
          # If UBUNTU (*NOT* any other OS) snap was detected on the system, try a snap install too
          # (as they moved some libs over to snap / snap-only? now)
          if [ ! -z "$UBUNTU_SNAP_PATH" ]; then
          
          UBUNTU_SNAP_INSTALL="sudo $UBUNTU_SNAP_PATH install"
          
          echo " " > /dev/tty
          echo "${yellow}CHECKING FOR UBUNTU SNAP PACKAGE '$SYS_PACK', please wait...${reset}" > /dev/tty
          echo " " > /dev/tty
          
          sleep 3
          
          $UBUNTU_SNAP_INSTALL $SYS_PACK > /dev/tty
          
          fi
     
     
     sleep 2
     
     PATH_CHECK_REENTRY=1 # Set reentry flag, right before reentry
     
     echo $(get_app_path "$1")
           
     fi


}


# Ubuntu uses snaps for very basic libraries these days, so we need to configure for possible snap installs
if [ "$IS_UBUNTU" != "" ]; then
UBUNTU_SNAP_PATH=$(get_app_path "snap")
fi


######################################


# Make sure automatic suspend / sleep is disabled
if [ ! -f "${HOME}/.sleep_disabled.dat" ]; then

echo "${red}We need to make sure your system will NOT AUTO SUSPEND / SLEEP, or your app server could stop running.${reset}"

echo "${yellow} "
read -n1 -s -r -p $"PRESS F to fix this (disables auto suspend / sleep), OR any other key to skip fixing..." key
echo "${reset} "

    if [ "$key" = 'f' ] || [ "$key" = 'F' ]; then

    echo " "
    echo "${cyan}Disabling auto suspend / sleep...${reset}"
    echo " "
    
    echo -e "ran" > ${HOME}/.sleep_disabled.dat
    
         if [ -f "/etc/debian_version" ]; then
         sudo systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target > /dev/null 2>&1
         elif [ -f "/etc/redhat-release" ]; then
         sudo -u gdm dbus-run-session gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-ac-timeout 0 > /dev/null 2>&1
         fi
	   
    else

    echo " "
    echo "${green}Skipping...${reset}"
    echo " "
    
    fi

fi


######################################


# ON DEBIAN-BASED SYSTEMS ONLY:
# Do we have less than 900MB PHYSICAL RAM (IN KILOBYTES),
# AND no swap / less swap virtual memory than 900MB (IN BYTES)?
if [ -f "/etc/debian_version" ] && [ "$(awk '/MemTotal/ {print $2}' /proc/meminfo)" -lt 900000 ] && (
[ "$(free | awk '/^Swap:/ { print $2 }')" = "0" ] || [ "$(free --bytes | awk '/^Swap:/ { print $2 }')" -lt 900000000 ]
); then

echo "${red}YOU HAVE LESS THAN 900MB *PHYSICAL* MEMORY, AND ALSO HAVE LESS THAN 900MB SWAP *VIRTUAL* MEMORY. This MAY cause your system to FREEZE, *IF* you have a desktop display attached!${reset}"

echo "${yellow} "
read -n1 -s -r -p $"PRESS F to fix this (sets swap virtual memory to 1GB), OR any other key to skip fixing..." key
echo "${reset} "

    if [ "$key" = 'f' ] || [ "$key" = 'F' ]; then

    echo " "
    echo "${cyan}Changing Swap Virtual Memory size to 1GB, please wait (THIS MAY TAKE AWHILE ON SMALLER SYSTEMS)...${reset}"
    echo " "
    
    # Required components check...
    
    # dphys-swapfile
    DPHYS_PATH=$(get_app_path "dphys-swapfile")

    # sed
    SED_PATH=$(get_app_path "sed")
    
    sudo $DPHYS_PATH swapoff
    
    sleep 5
         
        if [ -f /etc/dphys-swapfile ]; then
			    
	   DETECT_SWAP_CONF=$(sudo sed -n '/CONF_SWAPSIZE=/p' /etc/dphys-swapfile)
			
		   if [ "$DETECT_SWAP_CONF" != "" ]; then 
             sudo sed -i "s/CONF_SWAPSIZE=.*/CONF_SWAPSIZE=1024/g" /etc/dphys-swapfile
             elif [ "$DETECT_SWAP_CONF" == "" ]; then 
             sudo bash -c "echo 'CONF_SWAPSIZE=1024' >> /etc/dphys-swapfile"
	        fi
	        
	   sudo $DPHYS_PATH setup
	   
	   sleep 5
	   
	   sudo $DPHYS_PATH swapon
	   
	   sleep 5
	   
        echo " "
        echo "${green}Swap Memory size has been updated to 1GB.${reset}"
        echo " "
        
        else
	   
        echo " "
        echo "${red}Swap Memory config file could NOT be located, skipping update of Swap Memory size!${reset}"
        echo " "
	        
	   fi
	   
    else

    echo " "
    echo "${green}Skipping...${reset}"
    echo " "
    
    fi

fi


######################################


# clean_system_update function START
clean_system_update () {


     if [ -z "$ALLOW_FULL_UPGRADE" ]; then
     
     echo " "
     echo "${yellow}Does the Operating System on this device update using the \"Rolling Release\" model (Kali, Manjaro, Ubuntu Rolling Rhino, Debian Unstable, etc), or the \"Long-Term Release\" model (Debian, Ubuntu, Raspberry Pi OS, Armbian Stable, Diet Pi, etc)?"
     echo " "
     echo "${red}(You can SEVERLY MESS UP a \"Rolling Release\" Operating System IF YOU DO NOT CHOOSE CORRECTLY HERE! In that case, you can SAFELY choose \"I don't know\".)${reset}"
     echo " "
     
     echo "Enter the NUMBER next to your chosen option.${reset}"
     
     echo " "
     
          OPTIONS="rolling long_term i_dont_know"
          
          select opt in $OPTIONS; do
                  if [ "$opt" = "long_term" ]; then
                  ALLOW_FULL_UPGRADE="yes"
                  echo " "
                  echo "${green}Allowing system-wide updates before installs.${reset}"
                  break
                 else
                  ALLOW_FULL_UPGRADE="no"
                  echo " "
                  echo "${green}Disabling system-wide updates before installs.${reset}"
                  break
                 fi
          done
            
     echo " "
     
     fi


     if [ -z "$PACKAGE_CACHE_REFRESHED" ]; then


          if [ -f "/etc/debian_version" ]; then

          echo "${cyan}Making sure your APT sources list is updated before installations, please wait...${reset}"
          
          echo " "
          
          # In case package list was ever corrupted (since we are about to rebuild it anyway...avoids possible errors)
          sudo rm -rf /var/lib/apt/lists/* -vf > /dev/null 2>&1
          
          sleep 2
          
          sudo apt-get update
          
          echo " "
     
          echo "${cyan}APT sources list update complete.${reset}"
          
          echo " "
     
          fi
          
     
          if [ "$ALLOW_FULL_UPGRADE" == "yes" ]; then

          echo "${cyan}Making sure your system is updated before installations, please wait...${reset}"
          
          echo " "
          
          
               if [ -f "/etc/debian_version" ]; then
               #DO NOT RUN dist-upgrade, bad things can happen, lol
               sudo apt-get upgrade -y
               elif [ -f "/etc/redhat-release" ]; then
               sudo yum upgrade -y
               fi
          
          
          sleep 2
          
          echo " "
          				
          echo "${cyan}System updated.${reset}"
          				
          echo " "
          
          fi
     
     
     PACKAGE_CACHE_REFRESHED=1
     
     fi

}
# clean_system_update function END

# Clears / updates cache, then upgrades (if NOT a rolling release)
clean_system_update


######################################


# Get PRIMARY dependency lib's paths (for bash scripting commands...auto-install is attempted, if not found on system)
# (our usual standard library prerequisites [ordered alphabetically], for 99% of advanced bash scripting needs)

# avahi-daemon
AVAHID_PATH=$(get_app_path "avahi-daemon")

# bc
BC_PATH=$(get_app_path "bc")

# bsdtar
BSDTAR_PATH=$(get_app_path "bsdtar")

# curl
CURL_PATH=$(get_app_path "curl")

# expect
EXPECT_PATH=$(get_app_path "expect")
    
# git
GIT_PATH=$(get_app_path "git")

# jq
JQ_PATH=$(get_app_path "jq")

# less
LESS_PATH=$(get_app_path "less")

# sed
SED_PATH=$(get_app_path "sed")

# wget
WGET_PATH=$(get_app_path "wget")

# PRIMARY dependency lib's paths END
				

######################################


# Get the *INTERNAL* NETWORK ip address
IP=$(ip -o route get to 8.8.8.8 | sed -n 's/.*src \([0-9.]\+\).*/\1/p')

				
######################################


# Distro-specific logic, for PHP-FPM
if [ -f "/etc/debian_version" ]; then

# Get a list of PHP-FPM packages THAT ARE AVAILABLE TO INSTALL
PHP_FPM_LIST=$(apt-cache search php-fpm)

FPM_PACKAGE=`expr match "$PHP_FPM_LIST" '.*\(php[0-9][.][0-9]-fpm\)'`

FPM_PACKAGE_VER=`expr match "$FPM_PACKAGE" '.*\([0-9][.][0-9]\)'`

elif [ -f "/etc/redhat-release" ]; then

# Get a list of PHP-FPM packages THAT ARE AVAILABLE TO INSTALL
PHP_FPM_LIST=$(yum list php-fpm)

FPM_PACKAGE=`expr match "$PHP_FPM_LIST" '.*\(php-fpm [0-9][.][0-9]\)'`

FPM_PACKAGE_VER=`expr match "$FPM_PACKAGE" '.*\([0-9][.][0-9]\)'`

fi


######################################


# Start in user home directory
# WE DON'T USE ~/ FOR PATHS IN THIS SCRIPT BECAUSE:
# 1) WE'RE #RUNNING AS SUDO# ANYWAYS (WE CAN INSTALL ANYWHERE WE WANT)
# 2) WE SET THE USER WE WANT TO INSTALL UNDER DYNAMICALLY
# 3) IN CASE THE USER INITIATES INSTALL AS ANOTHER ADMIN USER
cd /home/$TERMINAL_USERNAME

            
######################################
         

# WE NEED TO SET THIS OUTSIDE OF / BEFORE ANY OTHER SETUP LOGIC, AS WE'RE SETTING THE SYSTEM USER VAR
echo " "
echo "${yellow}We need to know the SYSTEM username you'll be logging in as on this machine to edit web files..."
echo " "
        
echo "Enter the SYSTEM username to allow web server editing access for:"
echo "(leave blank / hit enter for default username '${TERMINAL_USERNAME}')${reset}"
echo " "
        
read APP_USER
echo " "

 if [ -z "$APP_USER" ]; then
 APP_USER=${1:-$TERMINAL_USERNAME}
 echo "${green}Using default username: $APP_USER${reset}"
 else
 echo "${green}Using username: $APP_USER${reset}"
 fi

echo " "


######################################

			
echo "${yellow}Enter the FULL SYSTEM PATH to the document root of the web server:"
echo "(this does NOT automate setting apache's document root, you would need to do that manually)"
echo "(DO !NOT! INCLUDE A #TRAILING# FORWARD SLASH)"
echo " "
echo "(leave blank / hit enter to use the default value: /var/www/html)${reset}"
echo " "

read DOC_ROOT
echo " "
        
if [ -z "$DOC_ROOT" ]; then
DOC_ROOT=${1:-/var/www/html}
echo "${green}Using default website document root:"
echo "$DOC_ROOT${reset}"
else
echo "${green}Using custom website document root:"
echo "$DOC_ROOT${reset}"
fi

echo " "

if [ ! -d "$DOC_ROOT" ] && [ "$DOC_ROOT" != "/var/www/html" ]; then

echo "The defined document root directory '$DOC_ROOT' does not exist yet. Please create this directory structure before running this script."

echo "${yellow} "
read -n1 -s -r -p $"PRESS ANY KEY to exit..." key
echo "${reset} "

    if [ "$key" = 'y' ] || [ "$key" != 'y' ]; then
    echo " "
    echo "${green}Exiting...${reset}"
    echo " "
    exit
    fi

fi


######################################


echo " "
echo "${yellow}TECHNICAL NOTE:"
echo " "
echo "This script was designed to install on popular Debian-based ${green}(STABLE / POLISHED)${yellow} / RedHat-based ${red}(UNSTABLE / WORK-IN-PROGRESS)${yellow} operating systems (Debian, Ubuntu, Raspberry Pi OS [Raspbian], Armbian, DietPi, Fedora, REHL, CentOS, etc), for running as an app server WHICH IS LEFT TURNED ON 24/7 (ALL THE TIME).${reset}"
echo " "

echo "${yellow}This script MAY NOT work on ALL Debian-based / RedHat-based system setups.${reset}"
echo " "

echo "${cyan}Your operating system has been detected as:"
echo " "
echo "$OS v$VER${reset}"
echo " "

echo "${red}Recommended MINIMUM system specs:${reset}"
echo " "
echo "${yellow}1 Gigahertz CPU / 512 Megabytes RAM / HIGH QUALITY 16 Gigabyte MicroSD card (running Nginx or Apache headless with PHP v7.2+)${reset}"
echo " "

echo "${red}If you already have unrelated web site files located at $DOC_ROOT on your system, they may be affected. Please back up any important pre-existing files in that directory before proceeding.${reset}"
echo " "

     
echo "${yellow} "
read -n1 -s -r -p $"PRESS ANY KEY to continue..." key
echo "${reset} "
     
    if [ "$key" = 'y' ] || [ "$key" != 'y' ]; then
    echo " "
    echo "${green}Continuing...${reset}"
    echo " "
    fi
     
echo " "
				
				
if [ -f $DOC_ROOT/config.php ]; then
echo "${yellow}Configuration files from a previous install of Open Crypto Tracker (Server Edition) have been detected on your system."
echo " "
echo "${green}During this upgrade / re-install, they will be backed up to:"
echo " "
echo "$DOC_ROOT/[filename].php.BACKUP.$DATE.[random string]${reset}"
echo " "
echo "This will save any custom settings within them, so you can migrate settings to the new config files MANUALLY."
echo " "
echo "(ALL plugin configuration files will be backed up in the same manner)"
echo " "
echo "You will need to manually move any CUSTOMIZED DEFAULT settings from backup files to the NEW configuration files with a text editor, otherwise you can just ignore or delete the backup files."
echo " "

echo "${red}IF ANYTHING STOPS WORKING AFTER UPGRADING, CLEAR YOUR BROWSER CACHE (temporary files), AND RELOAD OR RESTART THE APP. This will load the latest Javascript / Style Sheet upgrades properly.${reset}"
echo " "

     
echo "${yellow} "
read -n1 -s -r -p $"PRESS ANY KEY to continue..." key
echo "${reset} "
     
    if [ "$key" = 'y' ] || [ "$key" != 'y' ]; then
    echo " "
    echo "${green}Continuing...${reset}"
    echo " "
    fi
     
echo " "


echo "${red}IMPORTANT *UPGRADE* NOTICES:"
echo " "
echo " "

echo "v6.00.38 and higher restructures CURRENCY settings in the config. USE THE LATEST/UPGRADED CONFIG.PHP, AND MIGRATE YOUR EXISTING CUSTOM SETTINGS TO THE NEW FORMAT."
echo " "
echo " "

echo "${reset} "

     
echo "${yellow} "
read -n1 -s -r -p $"PRESS ANY KEY to continue..." key
echo "${reset} "
     
    if [ "$key" = 'y' ] || [ "$key" != 'y' ]; then
    echo " "
    echo "${green}Continuing...${reset}"
    echo " "
    fi
     
echo " "


fi
  				

echo "${red}VERY IMPORTANT *SECURITY* NOTES:"
echo " "
echo "YOU WILL BE PROMPTED TO CREATE AN ADMIN LOGIN (FOR SECURITY OF THE ADMIN AREA), #WHEN YOU FIRST RUN THIS APP AFTER INSTALLATION#. IT'S #HIGHLY RECOMMENDED TO DO THIS IMMEDIATELY#, ESPECIALLY ON PUBLIC FACING / KNOWN SERVERS, #OR SOMEBODY ELSE MAY BEAT YOU TO IT#."
echo " "

echo "!!VERY IMPORTANT *HOSTING* NOTICE!!:"
echo " "
echo "This auto-install script is ONLY FOR SELF-HOSTED ENVIRONMENTS, THAT #DO NOT# ALREADY HAVE A APP SERVER OR CONTROL PANEL INSTALLED ON THE SYSTEM. If this is a managed hosting environment that a service provider has already provisioned, please quit this auto-install session, and refer to the \"Manual Install\" section of the README.txt file documentation.${reset}"
echo " "

echo "${yellow}PLEASE REPORT ANY ISSUES HERE: $ISSUES_URL${reset}"
echo " "

echo "${yellow} "
read -n1 -s -r -p $"Press Y to continue (or press N to exit)..." key
echo "${reset} "

    if [ "$key" = 'y' ] || [ "$key" = 'Y' ]; then
    
    echo " "
    echo "${green}Continuing...${reset}"
         
    # If all clear for takeoff, make sure a group exists with same name as user,
    # AND user is a member of it (believe it or not, I've seen this not always hold true!)
    groupadd -f $APP_USER > /dev/null 2>&1
    sleep 3
    usermod -a -G $APP_USER $APP_USER > /dev/null 2>&1

    echo " "

    else
    echo " "
    echo "${green}Exiting...${reset}"
    echo " "
    exit
    fi

echo " "


######################################

            
echo " "
echo "${yellow}OPTIONAL SECURITY-HARDENING:"
echo " "
echo "Before we install a PHP web server and Open Crypto Tracker (server edition), let's review a few OPTIONAL security-hardening configurations below. If you enable all of these security options, it will significantly improve the security of this app server (HIGHLY RECOMMENDED)...${reset}"
echo " "


######################################

            
echo "${yellow} "
read -n1 -s -r -p $'Disable bluetooth, for higher app server security? (press Y to run, or press N to skip)...\n' keystroke
echo "${reset} "
        
if [ "$keystroke" = 'y' ] || [ "$keystroke" = 'Y' ]; then
            
echo " "
echo "${cyan}Disabling bluetooth, please wait...${reset}"
                
systemctl disable hciuart.service

systemctl disable bluealsa.service

systemctl disable bluetooth.service


       # Raspberry pi devices
       if [ -f "/usr/bin/raspi-config" ]; then

         
         # Enhanced security for raspi config
         RASPI_CONF="/boot/config.txt"
            
         CHECK_RASPI_CONF=$(sed -n '/disable-bt/p' $RASPI_CONF)
            
            
            # Raspi security
            if [ "$CHECK_RASPI_CONF" == "" ]; then
            
            echo " "
            echo "${cyan}Disabling bluetooth in $RASPI_CONF, please wait...${reset}"
            echo " "
            
            
            
# Don't nest / indent, or it could malform the setting addition  
read -r -d '' RASPI_SECURITY <<- EOF
\r
# Disable on-board bluetooth
dtoverlay=disable-bt 
\r
EOF
            
            
            # Backup config before editing, to be safe
            \cp $RASPI_CONF $RASPI_CONF.BACKUP.$DATE
            
            sleep 1
            
            # APPEND the config
            echo -e "$RASPI_SECURITY" >> $RASPI_CONF

		  sleep 1
                            
            echo "${green}Disabling bluetooth in $RASPI_CONF has been completed.${reset}"
            echo " "
            
            else
            
            echo " "
            echo "${green}Bluetooth was already disabled in $RASPI_CONF.${reset}"
            echo " "
            
            fi


	  sleep 2
			
	  echo " "
       echo " "
         

       fi
          
     
echo " "
echo "${green}Disabling bluetooth has been completed.${reset}"
echo " "      
echo "${red}YOU MUST RESTART the computer for this to take affect (ONLY AFTER THIS SCRIPT IS FINISHED RUNNING).${reset}"
echo " "
            
else
echo "${green}Disabling bluetooth has been skipped.${reset}"
echo " "
fi
                

######################################

            
echo "${yellow} "
read -n1 -s -r -p $'Install / configure a firewall, for higher app server security? (press Y to run, or press N to skip)...\n' keystroke
echo "${reset} "
        
if [ "$keystroke" = 'y' ] || [ "$keystroke" = 'Y' ]; then
            
echo " "
echo "${cyan}Installing / configuring a firewall, please wait...${reset}"
echo "${yellow}(THE SSH PORT *WILL* BE ALLOWED, SO IT'S SAFE TO PRESS 'Y' WHEN ASKED)${reset}"
echo " "
                
$PACKAGE_INSTALL ufw -y

ufw allow ssh

ufw limit ssh/tcp

ufw allow 80

ufw allow 443

ufw enable

echo " "
echo "${green}Installing / configuring a firewall has been completed."
echo " "
echo "USER GUIDE: https://www.linux.com/training-tutorials/introduction-uncomplicated-firewall-ufw/"
echo "${reset}"
echo " "
            
else
echo "${green}Installing / configuring a firewall has been skipped.${reset}"
echo " "
fi
                

######################################


# Raspberry pi devices require sudo password
if [ -f "/usr/bin/raspi-config" ]; then

echo "${yellow} "
read -n1 -s -r -p $'Require sudo password, for higher app server security? (press Y to run, or press N to skip)...\n' keystroke
echo "${reset} "
        
     if [ "$keystroke" = 'y' ] || [ "$keystroke" = 'Y' ]; then
                 
     echo " "
     echo "${cyan}Setting up requiring sudo password, please wait...${reset}"
                     
     sed -i "s/NOPASSWD/PASSWD/g" /etc/sudoers.d/010_pi-nopasswd > /dev/null 2>&1
     
     echo " "
     echo "${green}Setting up requiring sudo password has been completed.${reset}"
     echo " "
                 
     else
     echo "${green}Setting up requiring sudo password has been skipped.${reset}"
     echo " "
     fi

fi
                

######################################

            
echo "${yellow} "
read -n1 -s -r -p $'Make your home directory private, for higher app server security? (press Y to run, or press N to skip)...\n' keystroke
echo "${reset} "
        
if [ "$keystroke" = 'y' ] || [ "$keystroke" = 'Y' ]; then
            
echo " "
echo "${cyan}Making your home directory private, please wait...${reset}"

APP_USER_HOME="/home/$APP_USER"

chmod 750 $APP_USER_HOME
        
HOME_RECURSIVE_CHOWN="-R ${APP_USER}:$APP_USER ${APP_USER_HOME}/*"
        
#$RECURSIVE_CHOWN must be in double quotes to escape the asterisk at the end
chown $HOME_RECURSIVE_CHOWN

echo " "
echo "${green}Making your home directory private has been completed.${reset}"
echo " "
            
else
echo "${green}Making your home directory private has been skipped.${reset}"
echo " "
fi
                

######################################



echo "${yellow}We need to know which version of PHP-FPM (fcgi) to use. Please select a PHP-FPM version NUMBER from the list below..."
echo " "
echo "${red}(PHP-FPM version 7.2 OR HIGHER IS REQUIRED)${reset}"
echo " "

echo "$PHP_FPM_LIST"
echo " "

echo "${yellow}#PREFERRED# PHP-FPM package auto-detected: $FPM_PACKAGE"
echo " "
   
echo "Enter the PHP-FPM version (numeric only) that you want to install / uninstall:"
echo "(leave blank / hit enter for default of '$FPM_PACKAGE_VER')${reset}"
echo " "
   
read PHP_FPM_VER
echo " "
 
	if [ -z "$PHP_FPM_VER" ]; then
 	PHP_FPM_VER=${1:-$FPM_PACKAGE_VER}
 	echo "${green}Using default PHP-FPM version: $PHP_FPM_VER${reset}"
 	else
 	echo "${green}Using custom PHP-FPM version: $PHP_FPM_VER${reset}"
 	fi
   
echo " "

INSTALL_FPM_VER="php${PHP_FPM_VER}-fpm php${PHP_FPM_VER}-mbstring php${PHP_FPM_VER}-xml php${PHP_FPM_VER}-curl php${PHP_FPM_VER}-gd php${PHP_FPM_VER}-zip php${PHP_FPM_VER}-mysql -y"

INSTALL_APACHE="apache2 php php-fpm php-db php-mbstring php-xml php-curl php-gd php-zip libapache2-mod-fcgid apache2-suexec-custom ssl-cert -y"


######################################


echo "${yellow}Select 1, 2, or 3 to choose whether to auto-install / remove the PHP web server, or skip.${reset}"
echo " "

OPTIONS="install_webserver remove_webserver skip"

select opt in $OPTIONS; do
        if [ "$opt" = "install_webserver" ]; then
         
          echo " "
			
	     echo "${green}Proceeding with PHP web server installation, please wait...${reset}"
		echo " "
        
		# !!!RUN FIRST!!! PHP FPM (fcgi) version $PHP_FPM_VER, run SEPERATE in case it fails from package not found
        
        	$PACKAGE_INSTALL $INSTALL_FPM_VER
        	
			sleep 3
			
			# PHP FPM (fcgi), Apache, required modules, etc
			$PACKAGE_INSTALL $INSTALL_APACHE
			
			sleep 3
			
			echo " "
			
			mv $DOC_ROOT/index.html $DOC_ROOT/index.php > /dev/null 2>&1


			######################################
			

			# SSL / Rewrite setup
			
			echo " "
			
			# Regenerate new self-signed SSL cert keys with ssl-cert (for secure HTTPS web pages)
			make-ssl-cert generate-default-snakeoil --force-overwrite
			
			#https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-apache-on-arch-linux

			echo "${cyan}New SSL certificate keys have been self-signed, please wait...${reset}"
			echo " "

			# Enable SSL (for secure HTTPS web pages)
			a2enmod ssl
			a2ensite default-ssl

			sleep 1
			
			echo " "

			# Enable mod-rewrite, for upcoming REST API features
			a2enmod rewrite	

			sleep 1
			
			# PHP FCGI Proxy
			a2enmod proxy_fcgi setenvif
			
			sleep 1
			
        	     CONF_FPM_VER="php${PHP_FPM_VER}-fpm"
        	
			# Config PHP FPM (fcgi) version $PHP_FPM_VER
        	     a2enconf $CONF_FPM_VER
			
			sleep 1
			
			# Suexec
			a2enmod suexec
			
			# Fcgid
			a2enmod fcgid
			
			# actions
			a2enmod actions
			
			
			# Set PHP-FPM user to $APP_USER (to run Apache PHP as this user)
			sed -i "s/user = .*/user = $APP_USER/g" /etc/php/$PHP_FPM_VER/fpm/pool.d/www.conf > /dev/null 2>&1
			sed -i "s/group = .*/group = $APP_USER/g" /etc/php/$PHP_FPM_VER/fpm/pool.d/www.conf > /dev/null 2>&1
			
			
			sleep 1
			
			echo " "
				
				if [ -f /etc/init.d/apache2 ]; then
				echo "${cyan}New Apache modules have been enabled, restarting the Apache web server, please wait...${reset}"
				/etc/init.d/apache2 restart
				echo " "
				else
				echo "${red}New Apache modules have been enabled, YOU MUST RESTART the Apache web server for these to activate.${reset}"
				echo " "
				fi


			######################################
         
         # Enhanced security for apache MAIN config
         APACHE_CONF="/etc/apache2/apache2.conf"
            
            if [ ! -f $APACHE_CONF ]; then
            
            echo "${red}$APACHE_CONF could NOT be found on your system. Please enter the FULL path to the MAIN Apache config file:${reset}"
            echo " "
            
            read APACHE_CONF
            echo " "
                    
                if [ ! -f $APACHE_CONF ] || [ -z "$APACHE_CONF" ]; then
                echo "${red}No MAIN Apache config file detected, skipping enhanced security setup.${reset}"
                SKIP_APACHE_CONF_EDIT=1
                else
                echo "${green}Using MAIN Apache config file:"
                echo "$APACHE_CONF${reset}"
                CHECK_APACHE_1=$(sed -n '/ServerTokens/p' $APACHE_CONF)
                CHECK_APACHE_2=$(sed -n '/ServerSignature/p' $APACHE_CONF)
                fi
            
            echo " "
            
            else
            
            CHECK_APACHE_1=$(sed -n '/ServerTokens/p' $APACHE_CONF)
            CHECK_APACHE_2=$(sed -n '/ServerSignature/p' $APACHE_CONF)
            
            fi
            
            
            # Apache security
            if [ "$SKIP_APACHE_CONF_EDIT" != "1" ] && [ "$CHECK_APACHE_1" == "" ] && [ "$CHECK_APACHE_2" == "" ]; then
            
            echo " "
            echo "${cyan}Enabling enhanced security for the MAIN Apache config, please wait...${reset}"
            echo " "
            
            
            
# Don't nest / indent, or it could malform the setting addition  
read -r -d '' APACHE_SECURITY <<- EOF
\r
# Disable showing apache product name and version number
ServerTokens Prod
ServerSignature Off 
\r
EOF
            
            
            # Backup the MAIN Apache config before editing, to be safe
            \cp $APACHE_CONF $APACHE_CONF.BACKUP.$DATE
            
            sleep 1
            
            # APPEND the config
            echo -e "$APACHE_SECURITY" >> $APACHE_CONF

		  sleep 1
                            
                            
                # Restart Apache
                if [ -f /etc/init.d/apache2 ]; then
                echo "${cyan}Enhanced security has been enabled for the MAIN Apache config, restarting the Apache web server, please wait...${reset}"
                /etc/init.d/apache2 restart
                echo " "
                else
                echo "${red}Enhanced security has been enabled for the MAIN Apache config. YOU MUST RESTART the Apache web server for this to take affect.${reset}"
                echo " "
                fi
            
            
            elif [ "$CHECK_APACHE_1" == "" ] && [ "$CHECK_APACHE_2" == "" ]; then
            
            echo " "
            echo "Enhanced security NOT DETECTABLE for the MAIN Apache config."
            
            else
            
            echo " "
            echo "Enhanced security was already enabled for the MAIN Apache config."
            echo " "
            
            fi


	    sleep 2
			
	    echo " "
         echo " "
			
			
         ######################################
			
       
         # Enable HTTP (port 80) htaccess
         #a2ensite 000-default
          
         HTTP_CONF="/etc/apache2/sites-available/000-default.conf"
            
            if [ ! -f $HTTP_CONF ]; then
            
            echo "${red}$HTTP_CONF could NOT be found on your system."
            echo "Please enter the FULL Apache config file path for HTTP (port 80):${reset}"
            echo " "
            
            read HTTP_CONF
            echo " "
                    
                if [ ! -f $HTTP_CONF ] || [ -z "$HTTP_CONF" ]; then
                echo "${red}No HTTP config file detected, skipping Apache config setup for port 80, please wait...${reset}"
                SKIP_HTTP_CONF_EDIT=1
                else
                echo "${green}Using Apache HTTP config file:"
                echo "$HTTP_CONF${reset}"
                CHECK_HTTP=$(<$HTTP_CONF)
                fi
            
            echo " "
            
            else
            
            CHECK_HTTP=$(<$HTTP_CONF)
            
            fi

            
            
            # Htaccess port 80
            if [ "$SKIP_HTTP_CONF_EDIT" != "1" ] && [[ $CHECK_HTTP != *"cryptocoin_htaccess_80"* ]]; then
            
            echo " "
            
            echo "${cyan}Enabling htaccess for HTTP (port 80), please wait...${reset}"
            echo " "


# Don't nest / indent, or it could malform the setting addition            
read -r -d '' HTACCESS_HTTP <<- EOF
\r
\t#cryptocoin_htaccess_80
\t<Directory $DOC_ROOT>
\t\tOptions Indexes FollowSymLinks MultiViews
\t\tAllowOverride All
\t\tRequire all granted
\t</Directory>
\r
EOF
            
            
            # Backup the HTTP config before editing, to be safe
            \cp $HTTP_CONF $HTTP_CONF.BACKUP.$DATE
            
            
            # Create the new HTTP config
            NEW_HTTP_CONF=$(echo -e "$HTACCESS_HTTP" | sed '/:80>/r /dev/stdin' $HTTP_CONF)
            
            
            # Install the new HTTP config
            echo -e "$NEW_HTTP_CONF" > $HTTP_CONF

		  sleep 1
                            
                            
                # Restart Apache
                if [ -f /etc/init.d/apache2 ]; then
                echo "${cyan}Htaccess has been enabled for HTTP (port 80), restarting the Apache web server, please wait...${reset}"
                /etc/init.d/apache2 restart
                echo " "
                else
                echo "${red}Htaccess has been enabled for HTTP (port 80). YOU MUST RESTART the Apache web server for this to take affect.${reset}"
                echo " "
                fi
            
            
            else
            
            echo " "
            echo "Htaccess was already enabled for HTTP (port 80)."
            echo " "
            
            fi
            

	    sleep 2
            
         ######################################
                        
                                                
         # Enable HTTPS (port 443) htaccess
         #a2ensite default-ssl
         
         
         HTTPS_CONF="/etc/apache2/sites-available/default-ssl.conf"
            
            if [ ! -f $HTTPS_CONF ]; then
            
            echo "${red}$HTTPS_CONF could NOT be found on your system. Please enter the FULL Apache config file path for HTTPS (port 443):${reset}"
            echo " "
            
            read HTTPS_CONF
            echo " "
                    
                if [ ! -f $HTTPS_CONF ] || [ -z "$HTTPS_CONF" ]; then
                echo "${red}No HTTPS config file detected, skipping Apache config setup for port 443, please wait...${reset}"
                SKIP_HTTPS_CONF_EDIT=1
                else
                echo "${green}Using Apache HTTPS config file:"
                echo "$HTTPS_CONF${reset}"
                CHECK_HTTPS=$(<$HTTPS_CONF)
                fi
            
            echo " "
            
            else
            
            CHECK_HTTPS=$(<$HTTPS_CONF)
            
            fi
            
            
            
            # Htaccess port 443
            if [ "$SKIP_HTTPS_CONF_EDIT" != "1" ] && [[ $CHECK_HTTPS != *"cryptocoin_htaccess_443"* ]]; then
            
            echo " "
            echo "${cyan}Enabling htaccess for HTTPS (port 443), please wait...${reset}"
            echo " "
            
            
            
# Don't nest / indent, or it could malform the setting addition  
read -r -d '' HTACCESS_HTTPS <<- EOF
\r
\t#cryptocoin_htaccess_443
\t<Directory $DOC_ROOT>
\t\tOptions Indexes FollowSymLinks MultiViews
\t\tAllowOverride All
\t\tRequire all granted
\t</Directory>
\r
EOF
            
            
            # Backup the HTTPS config before editing, to be safe
            \cp $HTTPS_CONF $HTTPS_CONF.BACKUP.$DATE
            
            
            # Create the new HTTPS config
            NEW_HTTPS_CONF=$(echo -e "$HTACCESS_HTTPS" | sed '/:443>/r /dev/stdin' $HTTPS_CONF)
            
            
            # Install the new HTTPS config
            echo -e "$NEW_HTTPS_CONF" > $HTTPS_CONF

				sleep 1
                            
                            
                # Restart Apache
                if [ -f /etc/init.d/apache2 ]; then
                echo "${cyan}Htaccess has been enabled for HTTPS (port 443), restarting the Apache web server, please wait...${reset}"
                /etc/init.d/apache2 restart
                echo " "
                else
                echo "${red}Htaccess has been enabled for HTTPS (port 443). YOU MUST RESTART the Apache web server for this to take affect.${reset}"
                echo " "
                fi
            
            
            else
            
            echo " "
            echo "Htaccess was already enabled for HTTPS (port 443)."
            echo " "
            
            fi


	    sleep 2
			
	    echo " "
         echo " "
			
			
         ######################################
            
            
         # Give the new HTTP server system user a chance to exist for a few seconds, before trying to determine the name / group automatically
         echo "${cyan}PHP web server installation completed, auto-detecting it's configuration, please wait...${reset}"
         echo " "
         
         sleep 3
           
         #WWW_GROUP=$(ps -ef | egrep '(httpd|httpd2|apache|apache2)' | grep -v `whoami` | grep -v root | head -n1 | awk '{print $1}')
         WWW_GROUP=$(ps axo user,group,comm | egrep '(httpd|httpd2|apache|apache2)' | grep -v ^root | cut -d\  -f 2 | uniq)
            
         echo "The web server's user group has been detected as:"
            
            if [ -z "$WWW_GROUP" ]; then
            WWW_GROUP="www-data"
            echo "User group NOT detected, using default group 'www-data'"
            else
            echo "$WWW_GROUP"
            fi
            
         echo " "
         echo "${yellow}Enter the web server's user group:"
         echo "(leave blank / hit enter to use default group '$WWW_GROUP')${reset}"
         echo " "
            
         read APACHE_USERNAME
         echo " "
                    
            if [ -z "$APACHE_USERNAME" ]; then
            APACHE_USERNAME=${1:-$WWW_GROUP}
            echo "${green}The web server's user group has been declared as: $WWW_GROUP${reset}"
            else
            echo "${green}The web server's user group has been declared as: $APACHE_USERNAME${reset}"
            fi
            
            
	    sed -i "s/${APACHE_USERNAME}/${APP_USER}/g" /usr/lib/tmpfiles.d/php${PHP_FPM_VER}-fpm.conf > /dev/null 2>&1
			
			
	    sleep 1
			
	    echo " "
				
	       if [ -f /etc/init.d/apache2 ]; then
		  echo "${cyan}Updated /usr/lib/tmpfiles.d/php${PHP_FPM_VER}-fpm.conf, restarting the Apache web server, please wait...${reset}"
		  /etc/init.d/apache2 restart
		  echo " "
		  else
		  echo "${red}Updated /usr/lib/tmpfiles.d/php${PHP_FPM_VER}-fpm.conf, YOU MUST RESTART the Apache web server for these to activate.${reset}"
		  echo " "
		  fi
            
          echo " "
        
          # We no longer need to have the app user added to the web server's default group
          # (since we now run PHP-FPM AS THE APP USER, so we remove it for TIGHTER SECURITY)
          # PARAMS ARE *BACKWARDS* COMPARED TO "usermod -a -G"
        	gpasswd -d $APP_USER $APACHE_USERNAME > /dev/null 2>&1

		sleep 1
          
          # We STILL NEED to add the web server user to the app user's default group
          # (for access to files like .htaccess / .user.ini)
        	usermod -a -G $APP_USER $APACHE_USERNAME
        	
        	echo " "
        	echo "${cyan}Access for user '$APACHE_USERNAME' within group '$APP_USER' is completed, please wait...${reset}"
          
		sleep 1
			
        	chmod 770 $DOC_ROOT
			
        	echo " "
        	echo "${cyan}Document root access is completed (chmod 770, owner:group set to '$APP_USER'), please wait...${reset}"

		sleep 1
        
        	BASE_HTDOC="$(dirname $DOC_ROOT)"
        
        	RECURSIVE_CHOWN="-R ${APP_USER}:$APP_USER ${BASE_HTDOC}/*"
        
        	#$RECURSIVE_CHOWN must be in double quotes to escape the asterisk at the end
        	chown $RECURSIVE_CHOWN

		sleep 3
        
		echo " "
		echo "${green}PHP web server configuration is complete.${reset}"
        	echo " "

          echo "${red}You MUST RESTART YOUR DEVICE (#after# you finish running this auto-install script) TO ALLOW THE SYSTEM TO PROPERLY RUN THE PHP APP SERVER CONFIGURATIONS DONE (or you may get configuration errors), by running this command:"
          echo " "
          echo "sudo reboot"
          echo "${reset} "
	     
	     SERVER_SETUP=1
        
        
        	######################################
         
         
        break
       elif [ "$opt" = "remove_webserver" ]; then
       
        echo " "
        echo "${green}Removing PHP web server, please wait...${reset}"
        echo " "
        
        # WE USE --purge TO REMOVE ANY MISCONFIGURATIONS, IN CASE SOMEBODY IS TRYING A UN-INSTALL / RE-INSTALL TO FIX THINGS
        
		  # !!!RUN FIRST!!! PHP FPM (fcgi) version $PHP_FPM_VER, run SEPERATE in case it fails from package not found
        REMOVE_FPM_VER="php${PHP_FPM_VER}-fpm php${PHP_FPM_VER}-mbstring php${PHP_FPM_VER}-xml php${PHP_FPM_VER}-curl php${PHP_FPM_VER}-gd php${PHP_FPM_VER}-zip -y"
        
        $PACKAGE_REMOVE $REMOVE_FPM_VER
        
		  sleep 3
        
        # SKIP removing openssl / ssl-cert / avahi-daemon, AS THIS WILL F!CK UP THE WHOLE SYSTEM, REMOVING ANY OTHER DEPENDANT PACKAGES TOO!!
		  $PACKAGE_REMOVE apache2 php php-fpm php-mbstring php-xml php-curl php-gd php-zip libapache2-mod-fcgid apache2-suexec-custom -y
        
		  sleep 3
			
		  echo " "
		  echo "${green}PHP web server has been removed from the system.${reset}"
        
        break
       elif [ "$opt" = "skip" ]; then
       
        echo " "
        echo "${green}Skipping PHP web server setup...${reset}"
        
        break
       fi
done

echo " "


######################################


echo "Do you want this script to automatically download the latest version of Open Crypto Tracker (Server Edition) from Github.com, and install / configure it?"
echo " "

echo "${yellow}Select 1, 2, or 3 to choose whether to auto-install / remove Open Crypto Tracker (Server Edition), or skip.${reset}"
echo " "
echo "${red}(!WARNING!: REMOVING Open Crypto Tracker WILL DELETE *EVERYTHING* IN $DOC_ROOT !!)${reset}"
echo " "

OPTIONS="install_portfolio_app remove_portfolio_app skip"

select opt in $OPTIONS; do
        if [ "$opt" = "install_portfolio_app" ]; then
        
        		if [ ! -d "$DOC_ROOT" ]; then
        		
        		echo " "
				
				echo "${red}Directory $DOC_ROOT DOES NOT exist, cannot install Open Crypto Tracker. Skipping auto-install of Open Crypto Tracker.${reset}"
				else
				
				echo " "
				echo "${cyan}Proceeding with required component installation, please wait...${reset}"
				echo " "
				
				sleep 3
				
				# Safely install other packages seperately, so they aren't cancelled by 'package missing' errors
				$PACKAGE_INSTALL pwgen openssl -y

				sleep 3
				
				echo " "
				echo "${cyan}Required component installation completed.${reset}"
				
				echo " "
				echo "${cyan}Downloading the latest version of Open Crypto Tracker (Server Edition) from Github.com, please wait...${reset}"
                    echo " "
				
				mkdir DFD-Cryptocoin-Values-TEMP
				
				cd DFD-Cryptocoin-Values-TEMP
				
				# Set curl user agent, as the github API REQUIRES ONE
				curl -H "$CUSTOM_CURL_USER_AGENT_HEADER"
				
				ZIP_DL=$(curl -s 'https://api.github.com/repos/taoteh1221/Open_Crypto_Tracker/releases/latest' | jq -r '.zipball_url')
				
				wget -O DFD-Cryptocoin-Values-TEMP.zip $ZIP_DL
				
				sleep 2
				
				echo " "
				echo "${cyan}Extracting download archive, please wait...${reset}"
				echo " "
				
				bsdtar --strip-components=1 -xvf DFD-Cryptocoin-Values-TEMP.zip

				sleep 3
				
				rm DFD-Cryptocoin-Values-TEMP.zip
				
				
					if [ -f $DOC_ROOT/config.php ]; then
					
					# Generate random string 16 characters long
					RAND_STRING=$(pwgen -s 16 1)
					
					
						# If pwgen fails, use openssl
						if [ -z "$RAND_STRING" ]; then
  						RAND_STRING=$(openssl rand -hex 12)
						fi
				
						# If openssl fails, create manually
						if [ -z "$RAND_STRING" ]; then
						echo " "
						echo "${red}Automatic random hash creation has failed, please enter a random alphanumeric string of text (no spaces / symbols) at least 10 characters long."
						echo " "
						echo "IF YOU SKIP THIS, no backup of the previous install's configuration files will be created (for security reasons), and YOU WILL LOSE ALL PREVIOUSLY-CONFIGURED SETTINGS.${reset}"
						echo " "
  						read RAND_STRING
                        echo " "
						fi
				
						# If $RAND_STRING has a value, backup config.php, otherwise don't create backup file (for security reasons)
						if [ ! -z "$RAND_STRING" ]; then
  						
				
						echo " "
						echo "Backing up old configuration file(s) before upgrading, please wait..."
						echo " "
						
  						
  						# MIGRATE OLD FILE NAMING BEFORE BACKING UP...

						
  						# 'address-balance-tracker' plugin config MIGRATION (NEW FILE NAME)
  						MOVE_CONF="/plugins/recurring-reminder"
						mv $DOC_ROOT$MOVE_CONF/plugin-config.php $DOC_ROOT$MOVE_CONF/plug-conf.php > /dev/null 2>&1
						chown $APP_USER:$APP_USER $DOC_ROOT$MOVE_CONF/plug-conf.php > /dev/null 2>&1
						
  						# 'price-target-alert' plugin config MIGRATION (NEW FILE NAME)
  						MOVE_CONF="/plugins/price-target-alert"
						mv $DOC_ROOT$MOVE_CONF/plugin-config.php $DOC_ROOT$MOVE_CONF/plug-conf.php > /dev/null 2>&1
						chown $APP_USER:$APP_USER $DOC_ROOT$MOVE_CONF/plug-conf.php > /dev/null 2>&1
						
  						# 'recurring-reminder' plugin config MIGRATION (NEW FILE NAME)
  						MOVE_CONF="/plugins/recurring-reminder"
						mv $DOC_ROOT$MOVE_CONF/plugin-config.php $DOC_ROOT$MOVE_CONF/plug-conf.php > /dev/null 2>&1
						chown $APP_USER:$APP_USER $DOC_ROOT$MOVE_CONF/plug-conf.php > /dev/null 2>&1
						
						sleep 3
						
				
						# NOW THAT WE'VE MIGRATED FROM OLDER FILE NAMES, PROCEED WITH BACKUPS...
						
  						# Main config
  						BACKUP_CONF="/config.php"
						cp $DOC_ROOT$BACKUP_CONF $DOC_ROOT$BACKUP_CONF.BACKUP.$DATE.$RAND_STRING > /dev/null 2>&1
						chown $APP_USER:$APP_USER $DOC_ROOT$BACKUP_CONF.BACKUP.$DATE.$RAND_STRING > /dev/null 2>&1
						
  						# Dynamic config
  						BACKUP_CONF="/dynamic-config.php"
						cp $DOC_ROOT$BACKUP_CONF $DOC_ROOT$BACKUP_CONF.BACKUP.$DATE.$RAND_STRING > /dev/null 2>&1
						chown $APP_USER:$APP_USER $DOC_ROOT$BACKUP_CONF.BACKUP.$DATE.$RAND_STRING > /dev/null 2>&1


						     # Backup all plugin configs too
                                   for plugin_dir in $DOC_ROOT/plugins/*; do
     						cp $plugin_dir/plug-conf.php $plugin_dir/plug-conf.php.BACKUP.$DATE.$RAND_STRING > /dev/null 2>&1
     						chown $APP_USER:$APP_USER $plugin_dir/plug-conf.php.BACKUP.$DATE.$RAND_STRING > /dev/null 2>&1
                                   done
                                   
						
						sleep 3
						
						CONFIG_BACKUP=1
				
						
  						else
  						echo " "
  						echo "${red}No backup of the previous install's configuration files was created (for security reasons). The new install WILL NOW OVERWRITE ALL PREVIOUSLY-CONFIGURED SETTINGS in $DOC_ROOT/config.php...${reset}"
  						echo " "
						fi
						
					
  					fi
  				
  				
				echo " "
				echo "${cyan}Making sure any previous install's DEPRECIATED directories / files are cleaned up, please wait...${reset}"
				
				
				# Move to new locations
				
				mv $DOC_ROOT/cache/vars/app_version.dat $DOC_ROOT/cache/vars/state-tracking/app_version.dat > /dev/null 2>&1
				mv $DOC_ROOT/cache/vars/default_bitcoin_primary_currency_pair.dat $DOC_ROOT/cache/vars/state-tracking/default_bitcoin_primary_currency_pair.dat > /dev/null 2>&1
				mv $DOC_ROOT/cache/vars/default_ct_conf_md5.dat $DOC_ROOT/cache/vars/state-tracking/default_ct_conf_md5.dat > /dev/null 2>&1
				mv $DOC_ROOT/cache/vars/light_chart_struct.dat $DOC_ROOT/cache/vars/state-tracking/light_chart_struct.dat > /dev/null 2>&1
				mv $DOC_ROOT/cache/vars/php_timeout.dat $DOC_ROOT/cache/vars/state-tracking/php_timeout.dat > /dev/null 2>&1
				mv $DOC_ROOT/cache/vars/upgrade_check_latest_version.dat $DOC_ROOT/cache/vars/state-tracking/upgrade_check_latest_version.dat > /dev/null 2>&1
				
  				# Delete old directory / file structures
  				
  				# Directories
  				rm -rf $DOC_ROOT/app-lib > /dev/null 2>&1
  				rm -rf $DOC_ROOT/backups > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/apis > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/charts/spot_price_24hr_volume/lite/1_day > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/charts/spot_price_24hr_volume/lite/3_day > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/charts/spot_price_24hr_volume/lite/7_day > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/charts/spot_price_24hr_volume/lite/30_day > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/charts/spot_price_24hr_volume/lite/90_day > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/charts/spot_price_24hr_volume/lite/180_day > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/charts/spot_price_24hr_volume/lite/365_day > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/charts/spot_price_24hr_volume/lite/730_day > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/charts/spot_price_24hr_volume/lite/1460_day > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/charts/spot_price_24hr_volume/lite/all_day > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/charts/spot_price_24hr_volume/lite/1_week > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/charts/spot_price_24hr_volume/lite/1_month > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/charts/spot_price_24hr_volume/lite/3_months > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/charts/spot_price_24hr_volume/lite/6_months > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/charts/spot_price_24hr_volume/lite/1_year > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/charts/spot_price_24hr_volume/lite/2_years > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/charts/spot_price_24hr_volume/lite/4_years > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/charts/spot_price_24hr_volume/lite/all > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/logs/debugging > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/logs/errors > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/secured/external_api > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/internal-api > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/queue > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/rest-api > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/secured/apis > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/events/lite_chart_rebuilds > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/charts/system/lite > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cache/charts/spot_price_24hr_volume/lite > /dev/null 2>&1
  				rm -rf $DOC_ROOT/misc-docs-etc > /dev/null 2>&1
  				rm -rf $DOC_ROOT/templates > /dev/null 2>&1
  				rm -rf $DOC_ROOT/ui-templates > /dev/null 2>&1
  				rm -rf $DOC_ROOT/cron-plugins > /dev/null 2>&1
  				rm -rf $DOC_ROOT/plugins/debt-tracker > /dev/null 2>&1
  				rm -rf $DOC_ROOT/plugins/crypto-data-bot > /dev/null 2>&1
  				rm -rf $DOC_ROOT/plugins/transaction-fee-charts > /dev/null 2>&1
  				rm -rf $DOC_ROOT/plugins/address-balance-tracker/plugin-lib > /dev/null 2>&1
  				rm -rf $DOC_ROOT/plugins/price-target-alert/plugin-lib > /dev/null 2>&1
  				rm -rf $DOC_ROOT/plugins/recurring-reminder/plugin-lib > /dev/null 2>&1
  				rm -rf $DOC_ROOT/plugins/transaction-fee-charts > /dev/null 2>&1

				sleep 3
				
  				# Files
				rm $DOC_ROOT/CONFIG.EXAMPLE.txt > /dev/null 2>&1
				rm $DOC_ROOT/HELP-FAQ.txt > /dev/null 2>&1
				rm $DOC_ROOT/PORTFOLIO-IMPORT-EXAMPLE-SPREADSHEET.csv > /dev/null 2>&1
				rm $DOC_ROOT/oauth.php > /dev/null 2>&1
				rm $DOC_ROOT/webhook.php > /dev/null 2>&1
				rm $DOC_ROOT/rest-api.php > /dev/null 2>&1
				rm $DOC_ROOT/logs.php > /dev/null 2>&1
				rm $DOC_ROOT/dynamic-config-only.php > /dev/null 2>&1
				rm $DOC_ROOT/cache/cacert.pem > /dev/null 2>&1
				rm $DOC_ROOT/cache/events/notifications-queue-processing.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/events/check-domain-security.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/events/email-debugging-logs.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/events/purge-debugging-logs.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/events/email-error-logs.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/events/purge-error-logs.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/events/charts-first-run.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/events/cron-first-run.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/events/emulated-cron-lock.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/events/ui_upgrade_alert.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/events/upgrade_check_reminder.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/logs/errors.log > /dev/null 2>&1
				rm $DOC_ROOT/cache/logs/error.log > /dev/null 2>&1
				rm $DOC_ROOT/cache/logs/debugging.log > /dev/null 2>&1
				rm $DOC_ROOT/cache/logs/debug.log > /dev/null 2>&1
				rm $DOC_ROOT/cache/vars/app_config_md5.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/vars/default_app_config_md5.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/vars/default_ocpt_conf_md5.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/vars/default_pt_conf_md5.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/vars/default_oct_conf_md5.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/vars/default_btc_prim_curr_pairing.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/vars/default_btc_prim_currency_pairing.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/vars/default_btc_prim_currency_pair.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/vars/lite_chart_structure.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/vars/lite_chart_struct.dat > /dev/null 2>&1
				rm $DOC_ROOT/cache/vars/beta_v6_admin_pages.dat > /dev/null 2>&1
				rm $DOC_ROOT/DOCUMENTATION-ETC/CONFIG.EXAMPLE.txt > /dev/null 2>&1
				rm $DOC_ROOT/DOCUMENTATION-ETC/CRON_PLUGINS_README.txt > /dev/null 2>&1
				rm $DOC_ROOT/DOCUMENTATION-ETC/CRON-PLUGINS-README.txt > /dev/null 2>&1
				rm $DOC_ROOT/DOCUMENTATION-ETC/RASPBERRY-PI-HEADLESS-WIFI-SSH.txt > /dev/null 2>&1
				rm $DOC_ROOT/DOCUMENTATION-ETC/RASPBERRY-PI-SECURITY.txt > /dev/null 2>&1
				
				# Force-resets script timeout from config.php (automatically / dynamically re-created by app)
				rm $DOC_ROOT/.htaccess > /dev/null 2>&1 
				rm $DOC_ROOT/.user.ini > /dev/null 2>&1
				#

				sleep 3
				
				echo " "
				echo "${cyan}Installing Open Crypto Tracker (Server Edition), please wait...${reset}"
  				
  				# Copy over the upgrade install files to the install directory, after cleaning up dev files
				# No trailing forward slash here
				
				rm -rf .github > /dev/null 2>&1
				rm -rf .git > /dev/null 2>&1

				sleep 3
				
				rm .whitesource > /dev/null 2>&1
				rm .gitattributes > /dev/null 2>&1
				rm .gitignore > /dev/null 2>&1
				rm .travis.yml > /dev/null 2>&1
				rm CODEOWNERS > /dev/null 2>&1
				
				\cp -r ./ $DOC_ROOT

				sleep 3
				
				cd ../
				
				rm -rf DFD-Cryptocoin-Values-TEMP
				
				# Group read/write/exec
				chmod 770 $DOC_ROOT/cache
				chmod 770 $DOC_ROOT/plugins
				
				# Group exec
				chmod 750 $DOC_ROOT/cron.php

				sleep 1
				
				# No trailing forward slash here
				chown -R $APP_USER:$APP_USER $DOC_ROOT

				sleep 3
				
				echo " "
				echo "${green}Open Crypto Tracker (Server Edition) has been installed.${reset}"
				
				
                    ######################################
                    
                    
          		  echo " "
                    echo "If you want to use price alerts or charts, you'll need to setup a background task (cron job) for that."
                    echo " "
                    
                    echo "${yellow}Select 1 or 2 to choose whether to setup a background task (cron job) for price alerts / charts, or skip it.${reset}"
                    echo " "
                    
                    OPTIONS="auto_setup_cron skip"
                    
                    select opt in $OPTIONS; do
                            if [ "$opt" = "auto_setup_cron" ]; then
                            
                            echo " "
                            echo "${yellow}Enter the FULL system path to cron.php:"
                            echo "(leave blank / hit enter for default of $DOC_ROOT/cron.php)${reset}"
                            echo " "
                            
                            read SYS_PATH
                            echo " "
                            
                                if [ -z "$SYS_PATH" ]; then
                                SYS_PATH=${1:-$DOC_ROOT/cron.php}
                            		echo "${green}Using default system path to cron.php:"
                            		echo " "
                            		echo "$SYS_PATH${reset}"
                                else
                            		echo "${green}System path set to cron.php:"
                            		echo " "
                            		echo "$SYS_PATH${reset}"
                                fi
                            
                            echo " "
                            echo "${yellow}Options for choosing a time interval to run the background task (cron job)..."
                            echo " "
                            echo "${red}IT'S RECOMMENDED TO GO #NO LOWER THAN# EVERY 20 MINUTES FOR CHART DATA, OTHERWISE LIGHT CHART DISK WRITES MAY BE EXCESSIVE FOR LOWER END HARDWARE (Raspberry PI MicroSD cards etc)."
                            echo " "
                            echo "${yellow}Enter the time interval in minutes to run this cron job:"
                            echo "(#MUST BE# either 5, 10, 15, 20, or 30...leave blank / hit enter for default of 20)${reset}"
                            echo " "
                            
                            read INTERVAL
                            echo " "
                            
                                if [ -z "$INTERVAL" ]; then
                                INTERVAL=${2:-20}
                            		echo "${green}Using default time interval of $INTERVAL minutes.${reset}"
                                else
                            		echo "${green}Time interval set to $INTERVAL minutes.${reset}"
                                fi
                            
                                    
                            # Setup cron (to check logs after install: tail -f /var/log/syslog | grep cron -i)
                            
                            
          						  # PHP FULL PATHS
          						  PHP_FPM_PATH=$(which php${PHP_FPM_VER})
          						  PHP_PATH=$(which php)
                   					
                   					# If PHP $PHP_FPM_VER specific CLI binary not found, use the standard path
          						  		if [ -f $PHP_FPM_PATH ]; then
          						  		CRONJOB="*/$INTERVAL * * * * $APP_USER $PHP_FPM_PATH -q $SYS_PATH > /dev/null 2>&1"
          						  		else
          						  		CRONJOB="*/$INTERVAL * * * * $APP_USER $PHP_PATH -q $SYS_PATH > /dev/null 2>&1"
          						  		fi
                    
                    
                            # Play it safe and be sure their is a newline after this job entry
                            echo -e "$CRONJOB\n" > /etc/cron.d/cryptocoin
          
          						  sleep 1
                              
                            # cron.d entries must be a permission of 644
                            chmod 644 /etc/cron.d/cryptocoin
          
          						  sleep 1
                              
                            # cron.d entries MUST BE OWNED BY ROOT, OR THEY CRASH!
                            chown root:root /etc/cron.d/cryptocoin
                              
                            
                            echo " "
                            echo "${green}A background task (cron job) has been setup for user '$APP_USER', as a command in /etc/cron.d/cryptocoin:"
                            echo " "
                            echo "$CRONJOB"
                            echo " "
          				
          				    echo " "
          					echo "Open Crypto Tracker (Server Edition) has been configured.${reset}"
                            
                            CRON_SETUP=1
                            
                            break
                           elif [ "$opt" = "skip" ]; then
                           
                            echo " "
                            echo "${green}Skipping cron job setup.${reset}"
                    		echo " "
                    
                            break
                           fi
                    
                    
                    done
                    
                    
                    ######################################
            
				
	        	APP_SETUP=1
	        	
   	     	
  		     fi

        break
       elif [ "$opt" = "remove_portfolio_app" ]; then
       
        echo " "
        echo "${green}Removing Open Crypto Tracker (Server Edition), please wait...${reset}"
        
        rm /etc/cron.d/cryptocoin > /dev/null 2>&1
		  
        rm $DOC_ROOT/.htaccess > /dev/null 2>&1
	   
	   rm $DOC_ROOT/.user.ini > /dev/null 2>&1
        
        rm -rf $DOC_ROOT/* > /dev/null 2>&1

		sleep 3
        
		echo " "
		echo "${green}Open Crypto Tracker (Server Edition) has been removed from the system.${reset}"
        
        break
       elif [ "$opt" = "skip" ]; then
       
        echo " "
        echo "${green}Skipping auto-install of Open Crypto Tracker (Server Edition).${reset}"
        
        break
       fi
done

echo " "


######################################


echo "Enabling the built-in SSH server on your system allows easy remote management via SSH / SFTP (from another computer on your home / internal network), with Putty / Filezilla or any other SSH / SFTP enabled client software."
echo " "

echo "If you choose to NOT enable SSH on your system, you'll need to install / update your web site files directly on the device itself (not recommended)."
echo " "

echo "If you do use SSH, ---make sure the password for username '$APP_USER' is strong---, because anybody on your home / internal network will have access if they know the username/password!"
echo " "

if [ -f "/usr/bin/raspi-config" ]; then
echo "${yellow}Select 1 or 2 to choose whether to setup SSH (under 'Interfacing Options' in raspi-config), or skip it.${reset}"
echo " "
echo "${red}IF YOU CHOOSE OPTION 1, AND IT ASKS IF YOU WANT TO REBOOT AFTER CONFIGURATION, CHOOSE 'NO' OTHERWISE #THIS AUTO-INSTALL WILL ABORT PREMATURELY#! ONLY REBOOT #AFTER# AUTO-INSTALL WITH: sudo reboot${reset}"
else
echo "${yellow}Select 1 or 2 to choose whether to setup SSH, or skip it.${reset}"
fi

echo " "

OPTIONS="setup_ssh skip"

select opt in $OPTIONS; do
        if [ "$opt" = "setup_ssh" ]; then
        

				if [ -f "/usr/bin/raspi-config" ]; then
				echo " "
				echo "${cyan}Initiating raspi-config, please wait...${reset}"
				# WE NEED SUDO HERE, or raspi-config fails in bash
				sudo raspi-config
				elif [ -f /boot/dietpi/.version ]; then
				echo " "
				echo "${cyan}Initiating dietpi-software, please wait...${reset}"
				dietpi-software
				else
				
				echo " "
				echo "${green}Proceeding with openssh-server installation, please wait...${reset}"
				echo " "
				
				$PACKAGE_INSTALL openssh-server -y
				
				sleep 3
				
				echo " "
				echo "${green}openssh-server installation completed.${reset}"
				
				fi
        
        
        SSH_SETUP=1
        break
       elif [ "$opt" = "skip" ]; then
        echo " "
        echo "${green}Skipping SSH setup.${reset}"
        break
       fi
done
       
echo " "


######################################

# Return to user's home directory
cd /home/$APP_USER/


echo "${yellow} "
echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
echo "# SAVE THE INFORMATION BELOW FOR FUTURE ACCESS TO THIS APP #"
echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
echo "${reset} "



if [ "$SERVER_SETUP" = "1" ]; then

echo "${red}REMINDER...You MUST RESTART YOUR DEVICE (#after# you finish running this auto-install script) TO ALLOW THE SYSTEM TO PROPERLY RUN THE PHP APP SERVER CONFIGURATIONS DONE (or you may get configuration errors), by running this command:"
echo " "
echo "sudo reboot"
echo "${reset} "

fi


if [ "$APP_SETUP" = "1" ]; then

echo "${cyan}Web server setup and installation / configuration of Open Crypto Tracker (Server Edition) should now be complete (if you chose those options), unless you saw any errors on screen during setup."
echo " "

echo "${green}Open Crypto Tracker is located at (and can be edited) inside this folder:"
echo " "
echo "$DOC_ROOT"
echo " "

echo "${yellow}You may now optionally edit the APP DEFAULT CONFIG (configuration file config.php) remotely via SFTP, or by editing it locally with nano or any other installed text editor."
echo "${reset} "


    if [ "$CONFIG_BACKUP" = "1" ]; then
    
     echo "${green}The previously-installed configuration files $DOC_ROOT/config.php AND $DOC_ROOT/dynamic-config.php have been backed up to:"
	echo " "
     echo "$DOC_ROOT/[filename].php.BACKUP.$DATE.$RAND_STRING"
	echo " "
	echo "${yellow}The bundled plugin's configuration files were also be backed up in the same manner."
	echo " "
	echo "You will need to manually move any CUSTOMIZED DEFAULT settings from backup files to the NEW configuration files with a text editor, otherwise you can just ignore or delete the backup files."
     echo "${reset} "

     echo "${red}IF ANYTHING STOPS WORKING AFTER UPGRADING, CLEAR YOUR BROWSER CACHE (temporary files), AND RELOAD OR RESTART THE APP. This will load the latest Javascript / Style Sheet upgrades properly.${reset}"
     echo " "
    
    fi
    
    
    if [ "$CRON_SETUP" = "1" ]; then
    
    echo "${green}A background task (cron job) has been setup for user '$APP_USER', as a command in /etc/cron.d/cryptocoin:"
    echo " "
    echo "$CRONJOB"
    echo "${reset} "
    
    fi


else

echo "${yellow}Web server setup should now be complete (if you chose that option), unless you saw any errors on screen during setup."
echo " "

echo "${green}Web site app files must be placed inside this folder:"
echo " "
echo "$DOC_ROOT"
echo " "

echo "${yellow}If web server setup has completed successfully, Open Crypto Tracker (Server Edition) can now be installed (if you haven't already) in $DOC_ROOT remotely via SFTP, or by copying over app files locally."
echo "${reset} "

fi



if [ "$SSH_SETUP" = "1" ]; then

echo "${yellow}SFTP login details are..."
echo " "

echo "${green}INTERNAL NETWORK SFTP host (port 22, on home / internal network):"
echo " "
echo "$IP"
echo " "

echo "SFTP username: $APP_USER"
echo " "
echo "SFTP password: (password for system user $APP_USER)"
echo " "

echo "SFTP remote working directory (where web site files should be placed on web server):"
echo " "
echo "$DOC_ROOT"
echo "${reset} "

fi



echo "${yellow}#INTERNAL# NETWORK SSL / HTTPS (secure / private SSL connection) web addresses are..."
echo " "
echo "${green}IP ADDRESS (may change, unless set as static for this device within the router):"
echo " "
echo "https://$IP"
echo " "
echo "HOST ADDRESS (ONLY works on linux / mac / windows, NOT android as of 2020):"
echo "${yellow}(IF YOU JUST CHANGED '${HOSTNAME}' in raspi / dietpi config, USE THAT INSTEAD)"
echo "${green} "
echo "https://${HOSTNAME}.local"
echo "${reset} "

echo "${red}IMPORTANT NOTES:"
echo " "
echo "YOU WILL BE PROMPTED TO CREATE AN ADMIN LOGIN (FOR SECURITY OF THE ADMIN AREA), #WHEN YOU FIRST RUN THIS APP#. IT'S #HIGHLY RECOMMENDED TO DO THIS IMMEDIATELY#, ESPECIALLY ON PUBLIC FACING / KNOWN SERVERS, #OR SOMEBODY ELSE MAY BEAT YOU TO IT#."
echo " "
echo "The SSL certificate created on this web server is SELF-SIGNED (not issued by a CA), so your browser ---will give you a warning message--- when you visit the above HTTPS addresses. This is --normal behavior for self-signed certificates--. Google search for 'self-signed ssl certificate' for more information on the topic."
echo " "
echo "THAT SAID, ONLY TRUST SELF-SIGNED CERTIFICATES #IF YOUR COMPUTER CREATED THE CERTIFICATE#. !NEVER! TRUST SELF-SIGNED CERTIFICATES SIGNED BY THIRD PARTIES!"
echo " "

echo "${yellow}If you wish to allow external access to this app (when not on your home / internal network), a static internal ip address / port forwarding / dynamic DNS service on your router needs to be setup (preferably with strict firewall rules using a 'guest network' configuration, to disallow this device requesting access to other machines on your home / internal network, and only allow it an access route through the internet gateway)."
echo " "
echo "A #VERY HIGH# port number is recommended (NON-STANDARD is above 1,023 / UNREGISTERED is from 49,152 to 65,535), to help avoid port scanning bots from detecting your machine (and then starting hack attempts on your bound port)."
echo " "

if [ "$ALLOW_FULL_UPGRADE" == "yes" ]; then
echo "${red}FOR ADDED SECURITY, YOU SHOULD #ALWAYS KEEP THIS OPERATING SYSTEM UP-TO-DATE# WITH THIS TERMINAL COMMAND:"
echo " "
echo "${green}sudo apt update;sudo apt upgrade -y"
echo " "
fi

echo "${yellow}SEE /DOCUMENTATION-ETC/RASPBERRY-PI/ for additional information on securing and setting up Raspberry Pi OS (disabling bluetooth, firewall setup, remote login, hostname, etc)."
echo " "

echo "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~${reset}"
echo " "


echo " "
echo "${red}!!!!!BE SURE TO SCROLL UP, TO SAVE #ALL THE APP USAGE DOCUMENTATION# PRINTED OUT ABOVE, BEFORE YOU SIGN OFF FROM THIS TERMINAL SESSION!!!!!${reset}"

     
echo "${yellow} "
read -n1 -s -r -p $"PRESS ANY KEY to continue..." key
echo "${reset} "
     
    if [ "$key" = 'y' ] || [ "$key" != 'y' ]; then
    echo " "
    echo "${green}Continuing...${reset}"
    echo " "
    fi
     
echo " "


######################################


echo "${yellow}ANY DONATIONS (LARGE OR SMALL) HELP SUPPORT DEVELOPMENT OF MY APPS..."
echo " "
echo "${cyan}Bitcoin: ${green}3Nw6cvSgnLEFmQ1V4e8RSBG23G7pDjF3hW"
echo " "
echo "${cyan}Ethereum: ${green}0x644343e8D0A4cF33eee3E54fE5d5B8BFD0285EF8"
echo " "
echo "${cyan}Solana: ${green}GvX4AU4V9atTBof9dT9oBnLPmPiz3mhoXBdqcxyRuQnU"
echo " "


######################################


# Mark the portfolio install as having run already, to avoid showing
# the OPTIONAL portfolio install options at end of the ticker install
export FOLIO_INSTALL_RAN=1

                    
if [ -z "$TICKER_INSTALL_RAN" ]; then

echo " "
echo "Also check out my 100% FREE open source multi-crypto slideshow ticker for Raspberry Pi LCD screens:"
echo " "
echo "https://sourceforge.net/projects/dfd-crypto-ticker"
echo " "
echo "https://github.com/taoteh1221/Slideshow_Crypto_Ticker"
echo " "

echo "Would you like to ${red}ADDITIONALLY / OPTIONALLY${reset} install Slideshow Crypto Ticker, multi-crypto slideshow ticker for Raspberry Pi LCD screens on this machine?"
echo " "

echo "Select 1 or 2 to choose whether to ${red}optionally${reset} install the crypto ticker for Raspberry Pi LCD screens, or skip."
echo " "

OPTIONS="install_crypto_ticker skip"

	select opt in $OPTIONS; do
        if [ "$opt" = "install_crypto_ticker" ]; then
         
			
			echo " "
			
			echo "${green}Proceeding with crypto ticker installation, please wait...${reset}"
			
			echo " "
			
			wget --no-cache -O TICKER-INSTALL.bash https://raw.githubusercontent.com/taoteh1221/Slideshow_Crypto_Ticker/main/TICKER-INSTALL.bash
			
			chmod +x TICKER-INSTALL.bash
			
			chown $APP_USER:$APP_USER TICKER-INSTALL.bash
			
			./TICKER-INSTALL.bash
			
			
        break
       elif [ "$opt" = "skip" ]; then
       
        echo " "
        echo "${green}Skipping the ${red}OPTIONAL ${green}crypto ticker install...${reset}"
		echo " "

          echo "${yellow} "
          read -n1 -s -r -p $"Installation / setup has finished, PRESS ANY KEY to exit..." key
          echo "${reset} "
          
              if [ "$key" = 'y' ] || [ "$key" != 'y' ]; then
              echo " "
              echo "${green}Exiting...${reset}"
              echo " "
              exit
              fi
		  
        break
        
       fi
	done


else

echo " "
echo "${red}!!!!!BE SURE TO SCROLL UP, TO SAVE #ALL THE APP USAGE DOCUMENTATION# PRINTED OUT ABOVE, BEFORE YOU SIGN OFF FROM THIS TERMINAL SESSION!!!!!${reset}"
echo " "

echo "${yellow} "
read -n1 -s -r -p $"Installation / setup has finished, PRESS ANY KEY to exit..." key
echo "${reset} "

    if [ "$key" = 'y' ] || [ "$key" != 'y' ]; then
    echo " "
    echo "${green}Exiting...${reset}"
    echo " "
    exit
    fi

fi


######################################