Newer
Older
#!/bin/bash
#
# .---. . .
# | | |
# |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-.
# | | (.-' (.-' ( | ( )| | | | )( )| | (.-'
# ' ' --' --' -' - -' ' ' -' -' -' ' - --'
#
# Freedom in the Cloud
#
# scuttlebot pub application. Enables nat traversal for SSB.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
IN_DEFAULT_INSTALL=0
SHOW_ON_ABOUT=0
SHOW_ICANN_ADDRESS_ON_ABOUT=0
SCUTTLEBOT_DOMAIN_NAME=
SCUTTLEBOT_CODE=
SCUTTLEBOT_ONION_PORT=8623
GIT_SSB_PORT=7718
NGINX_GIT_SSB_PORT=7719
function logging_on_scuttlebot {
echo -n ''
}
function logging_off_scuttlebot {
echo -n ''
}
invite_string=$(su -c "sbot invite.create 1" - scuttlebot | sed 's/"//g')
clear
echo -e '\n\nYour Scuttlebot invite code is:\n\n'${invite_string}'\n\n'
read -n1 -r -p $"Press any key to continue..." key
}
function configure_interactive_scuttlebot {
while true
do
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
dialog --backtitle $"Freedombone Control Panel" \
--title $"Scuttlebot" \
--radiolist $"Choose an operation:" 10 50 2 \
1 $"Create an invite" off \
2 $"Exit" on 2> $data
sel=$?
case $sel in
1) return;;
255) return;;
esac
case $(cat $data) in
1) scuttlebot_create_invite;;
2) break;;
esac
done
}
function remove_user_scuttlebot {
remove_username="$1"
}
function add_user_scuttlebot {
new_username="$1"
new_user_password="$2"
echo '0'
}
function install_interactive_scuttlebot {
if [[ $ONION_ONLY != "no" ]]; then
SCUTTLEBOT_DOMAIN_NAME='scuttlebot.local'
write_config_param "SCUTTLEBOT_DOMAIN_NAME" "$SCUTTLEBOT_DOMAIN_NAME"
else
function_check interactive_site_details
interactive_site_details scuttlebot
fi
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
APP_INSTALLED=1
}
function change_password_scuttlebot {
new_username="$1"
new_user_password="$2"
echo '0'
}
function reconfigure_scuttlebot {
if [ -d /etc/scuttlebot/.ssb ]; then
systemctl stop scuttlebot
rm -rf /etc/scuttlebot/.ssb
systemctl start scuttlebot
fi
}
function upgrade_scuttlebot {
if ! grep -q 'scuttlebot version:' $COMPLETION_FILE; then
return
fi
CURR_SCUTTLEBOT_VERSION=$(get_completion_param "scuttlebot version")
echo "scuttlebot current version: ${CURR_SCUTTLEBOT_VERSION}"
echo "scuttlebot app version: ${SCUTTLEBOT_VERSION}"
if [[ "${CURR_SCUTTLEBOT_VERSION}" == "${SCUTTLEBOT_VERSION}" ]]; then
return
fi
npm upgrade -g scuttlebot@${SCUTTLEBOT_VERSION} --save
if [ ! "$?" = "0" ]; then
return
fi
sed -i "s|scuttlebot version.*|scuttlebot version:${SCUTTLEBOT_VERSION}|g" ${COMPLETION_FILE}
}
function backup_local_scuttlebot {
if [ -d /etc/scuttlebot/.ssb ]; then
systemctl stop scuttlebot
function_check backup_directory_to_usb
backup_directory_to_usb /etc/scuttlebot/.ssb scuttlebot
systemctl start scuttlebot
fi
}
function restore_local_scuttlebot {
if [ -d /etc/scuttlebot ]; then
systemctl stop scuttlebot
temp_restore_dir=/root/tempscuttlebot
function_check restore_directory_from_usb
restore_directory_from_usb $temp_restore_dir scuttlebot
if [ -d $temp_restore_dir/etc/scuttlebot/.ssb ]; then
cp -r $temp_restore_dir/etc/scuttlebot/.ssb /etc/scuttlebot/
else
cp -r $temp_restore_dir/* /etc/scuttlebot/.ssb/*
fi
fi
}
function backup_remote_scuttlebot {
if [ -d /etc/scuttlebot/.ssb ]; then
systemctl stop scuttlebot
function_check backup_directory_to_friend
backup_directory_to_friend /etc/scuttlebot/.ssb scuttlebot
systemctl start scuttlebot
fi
}
function restore_remote_scuttlebot {
if [ -d /etc/scuttlebot ]; then
systemctl stop scuttlebot
temp_restore_dir=/root/tempscuttlebot
function_check restore_directory_from_friend
restore_directory_from_friend $temp_restore_dir scuttlebot
if [ -d $temp_restore_dir/etc/scuttlebot/.ssb ]; then
cp -r $temp_restore_dir/etc/scuttlebot/.ssb /etc/scuttlebot/
else
cp -r $temp_restore_dir/* /etc/scuttlebot/.ssb/*
fi
firewall_remove ${GIT_SSB_PORT}
if [ $SCUTTLEBOT_DOMAIN_NAME ]; then
nginx_dissite ${SCUTTLEBOT_DOMAIN_NAME}
rm /etc/nginx/sites-available/${SCUTTLEBOT_DOMAIN_NAME}
fi
userdel -r scuttlebot
if [ -d /etc/scuttlebot ]; then
rm -rf /etc/scuttlebot
fi
if [ -f /usr/bin/git-ssb-create ]; then
rm /usr/bin/git-ssb-create
fi
remove_completion_param install_scuttlebot
sed -i '/scuttlebot /d' $COMPLETION_FILE
}
function git_ssb_script {
if [[ "$1" == "mesh" ]]; then
git_ssb_script_name=$rootdir/usr/bin/git-ssb-create
git_ssb_daemon_filename=$rootdir/etc/systemd/system/git_ssb.service
else
git_ssb_script_name=/usr/bin/git-ssb-create
git_ssb_daemon_filename=/etc/systemd/system/git_ssb.service
fi
echo '#!/bin/bash' > $git_ssb_script_name
echo 'reponame="$1"' >> $git_ssb_script_name
echo '' >> $git_ssb_script_name
echo 'if [[ "$reponame" != "" ]]; then' >> $git_ssb_script_name
echo ' mkdir $reponame' >> $git_ssb_script_name
echo ' cd $reponame' >> $git_ssb_script_name
echo ' git init' >> $git_ssb_script_name
echo ' git ssb create ssb $reponame' >> $git_ssb_script_name
echo ' git push --tags ssb master' >> $git_ssb_script_name
echo 'fi' >> $git_ssb_script_name
echo 'exit 0' >> $git_ssb_script_name
chmod +x $git_ssb_script_name
echo '[Unit]' > $git_ssb_daemon_filename
echo 'Description=Git SSB (SSB git web interface)' >> $git_ssb_daemon_filename
echo 'After=syslog.target' >> $git_ssb_daemon_filename
echo 'After=network.target' >> $git_ssb_daemon_filename
echo 'After=scuttlebot.target' >> $git_ssb_daemon_filename
echo '' >> $git_ssb_daemon_filename
echo '[Service]' >> $git_ssb_daemon_filename
echo 'Type=simple' >> $git_ssb_daemon_filename
echo 'User=scuttlebot' >> $git_ssb_daemon_filename
echo 'Group=scuttlebot' >> $git_ssb_daemon_filename
echo "WorkingDirectory=/etc/scuttlebot" >> $git_ssb_daemon_filename
echo "ExecStart=/usr/bin/git ssb web --public localhost:$GIT_SSB_PORT" >> $git_ssb_daemon_filename
echo 'Restart=always' >> $git_ssb_daemon_filename
echo 'Environment="USER=scuttlebot"' >> $git_ssb_daemon_filename
echo '' >> $git_ssb_daemon_filename
echo '[Install]' >> $git_ssb_daemon_filename
echo 'WantedBy=multi-user.target' >> $git_ssb_daemon_filename
function scuttlebot_git_setup {
if [[ "$1" == "mesh" ]]; then
if [ ! -d $rootdir/usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight ]; then
mkdir $rootdir/usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight
fi
if [ ! -f $rootdir/usr/local/lib/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css ]; then
echo $'Could not find foundation.css'
exit 347687245
fi
cp $rootdir/usr/local/lib/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css $rootdir/usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight/foundation.css
git_ssb_nginx_site=$rootdir/etc/nginx/sites-available/git_ssb
echo 'server {' > $git_ssb_nginx_site
echo " listen $NGINX_GIT_SSB_PORT default_server;" >> $git_ssb_nginx_site
echo " server_name P${PEER_ID}.local;" >> $git_ssb_nginx_site
echo '' >> $git_ssb_nginx_site
echo ' access_log /dev/null;' >> $git_ssb_nginx_site
echo ' error_log /dev/null;' >> $git_ssb_nginx_site
echo '' >> $git_ssb_nginx_site
echo ' add_header X-XSS-Protection "1; mode=block";' >> $git_ssb_nginx_site
echo ' add_header X-Content-Type-Options nosniff;' >> $git_ssb_nginx_site
echo ' add_header X-Frame-Options SAMEORIGIN;' >> $git_ssb_nginx_site
else
if [ ! $SCUTTLEBOT_DOMAIN_NAME ]; then
exit 7357225
fi
if [ ! -d /usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight ]; then
mkdir /usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight
fi
if [ ! -f /usr/local/lib/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css ]; then
echo $'Could not find foundation.css'
exit 347687245
fi
cp /usr/local/lib/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css /usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight/foundation.css
git_ssb_nginx_site=/etc/nginx/sites-available/${SCUTTLEBOT_DOMAIN_NAME}
function_check nginx_http_redirect
nginx_http_redirect $SCUTTLEBOT_DOMAIN_NAME "index index.html"
echo 'server {' >> $git_ssb_nginx_site
echo ' listen 443 ssl;' >> $git_ssb_nginx_site
Bob Mottram
committed
echo ' #listen [::]:443 ssl;' >> $git_ssb_nginx_site
echo " server_name $SCUTTLEBOT_DOMAIN_NAME;" >> $git_ssb_nginx_site
echo '' >> $git_ssb_nginx_site
function_check nginx_compress
nginx_compress $SCUTTLEBOT_DOMAIN_NAME
echo '' >> $git_ssb_nginx_site
echo ' # Security' >> $git_ssb_nginx_site
function_check nginx_ssl
nginx_ssl $SCUTTLEBOT_DOMAIN_NAME
function_check nginx_disable_sniffing
nginx_disable_sniffing $SCUTTLEBOT_DOMAIN_NAME
fi
echo '' >> $git_ssb_nginx_site
echo ' root /usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web;' >> $git_ssb_nginx_site
echo '' >> $git_ssb_nginx_site
echo ' location = / {' >> $git_ssb_nginx_site
echo " proxy_pass http://localhost:${GIT_SSB_PORT};" >> $git_ssb_nginx_site
echo ' proxy_set_header X-Real-IP $remote_addr;' >> $git_ssb_nginx_site
echo ' proxy_set_header Host $host;' >> $git_ssb_nginx_site
echo ' proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> $git_ssb_nginx_site
echo ' proxy_http_version 1.1;' >> $git_ssb_nginx_site
echo ' proxy_set_header Upgrade $http_upgrade;' >> $git_ssb_nginx_site
echo ' proxy_set_header Connection upgrade;' >> $git_ssb_nginx_site
echo ' }' >> $git_ssb_nginx_site
echo '}' >> $git_ssb_nginx_site
if [ $SCUTTLEBOT_ONION_HOSTNAME ]; then
echo '' >> $git_ssb_nginx_site
echo 'server {' >> $git_ssb_nginx_site
echo " listen 127.0.0.1:${SCUTTLEBOT_ONION_PORT} default_server;" >> $git_ssb_nginx_site
echo " server_name ${SCUTTLEBOT_ONION_HOSTNAME};" >> $git_ssb_nginx_site
echo '' >> $git_ssb_nginx_site
echo ' access_log /dev/null;' >> $git_ssb_nginx_site
echo ' error_log /dev/null;' >> $git_ssb_nginx_site
echo '' >> $git_ssb_nginx_site
echo ' add_header X-XSS-Protection "1; mode=block";' >> $git_ssb_nginx_site
echo ' add_header X-Content-Type-Options nosniff;' >> $git_ssb_nginx_site
echo ' add_header X-Frame-Options SAMEORIGIN;' >> $git_ssb_nginx_site
echo '' >> $git_ssb_nginx_site
echo ' root /usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web;' >> $git_ssb_nginx_site
echo '' >> $git_ssb_nginx_site
echo ' location = / {' >> $git_ssb_nginx_site
echo " proxy_pass http://localhost:${GIT_SSB_PORT};" >> $git_ssb_nginx_site
echo ' proxy_set_header X-Real-IP $remote_addr;' >> $git_ssb_nginx_site
echo ' proxy_set_header Host $host;' >> $git_ssb_nginx_site
echo ' proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> $git_ssb_nginx_site
echo ' proxy_http_version 1.1;' >> $git_ssb_nginx_site
echo ' proxy_set_header Upgrade $http_upgrade;' >> $git_ssb_nginx_site
echo ' proxy_set_header Connection upgrade;' >> $git_ssb_nginx_site
echo ' }' >> $git_ssb_nginx_site
echo '}' >> $git_ssb_nginx_site
fi
if [[ "$1" != "mesh" ]]; then
nginx_ensite git_ssb
fi
function mesh_install_dat {
get_npm_arch
cat <<EOF > $rootdir/usr/bin/install_dat
#!/bin/bash
npm install --arch=$NPM_ARCH -g dat
npm install --arch=$NPM_ARCH -g @garbados/dat-boi
npm install --arch=$NPM_ARCH -g add-to-systemd
add-to-systemd dat-boi --user $(whoami) `which dat-boi`
EOF
chroot "$rootdir" /bin/chmod +x /usr/bin/install_dat
chroot "$rootdir" /usr/bin/install_dat
rm $rootdir/usr/bin/install_dat
}
function install_dat {
npm install -g dat
npm install -g @garbados/dat-boi
npm install -g add-to-systemd
add-to-systemd dat-boi --user $(whoami) `which dat-boi`
}
SCUTTLEBOT_ONION_HOSTNAME=
cat <<EOF > $rootdir/usr/bin/install_scuttlebot
#!/bin/bash
npm install --arch=$NPM_ARCH -g scuttlebot@${SCUTTLEBOT_VERSION}
npm install --arch=$NPM_ARCH -g git-ssb
npm install --arch=$NPM_ARCH -g git-remote-ssb
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
EOF
chroot "$rootdir" /bin/chmod +x /usr/bin/install_scuttlebot
chroot "$rootdir" /usr/bin/install_scuttlebot
rm $rootdir/usr/bin/install_scuttlebot
if [ ! -f $rootdir/usr/local/bin/sbot ]; then
echo $'Scuttlebot was not installed'
exit 528253
fi
if [ ! -d $rootdir/etc/scuttlebot ]; then
mkdir -p $rootdir/etc/scuttlebot
fi
# an unprivileged user to run as
chroot "$rootdir" useradd -d /etc/scuttlebot/ scuttlebot
# daemon
echo '[Unit]' > $rootdir/etc/systemd/system/scuttlebot.service
echo 'Description=Scuttlebot (messaging system)' >> $rootdir/etc/systemd/system/scuttlebot.service
echo 'After=syslog.target' >> $rootdir/etc/systemd/system/scuttlebot.service
echo 'After=network.target' >> $rootdir/etc/systemd/system/scuttlebot.service
echo '' >> $rootdir/etc/systemd/system/scuttlebot.service
echo '[Service]' >> $rootdir/etc/systemd/system/scuttlebot.service
echo 'Type=simple' >> $rootdir/etc/systemd/system/scuttlebot.service
echo 'User=scuttlebot' >> $rootdir/etc/systemd/system/scuttlebot.service
echo 'Group=scuttlebot' >> $rootdir/etc/systemd/system/scuttlebot.service
echo "WorkingDirectory=/etc/scuttlebot" >> $rootdir/etc/systemd/system/scuttlebot.service
echo 'ExecStart=/usr/local/bin/sbot server' >> $rootdir/etc/systemd/system/scuttlebot.service
echo 'Restart=always' >> $rootdir/etc/systemd/system/scuttlebot.service
echo 'Environment="USER=scuttlebot"' >> $rootdir/etc/systemd/system/scuttlebot.service
echo '' >> $rootdir/etc/systemd/system/scuttlebot.service
echo '[Install]' >> $rootdir/etc/systemd/system/scuttlebot.service
echo 'WantedBy=multi-user.target' >> $rootdir/etc/systemd/system/scuttlebot.service
scuttlebot_git_setup mesh
function install_scuttlebot {
function_check install_nodejs
install_nodejs scuttlebot
npm install -g scuttlebot@${SCUTTLEBOT_VERSION}
if [ ! -f /usr/local/bin/sbot ]; then
exit 528253
fi
npm install -g git-ssb
npm install -g git-remote-ssb
if [ ! -d /etc/scuttlebot ]; then
mkdir -p /etc/scuttlebot
fi
# an unprivileged user to run as
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
# daemon
echo '[Unit]' > /etc/systemd/system/scuttlebot.service
echo 'Description=Scuttlebot (messaging system)' >> /etc/systemd/system/scuttlebot.service
echo 'After=syslog.target' >> /etc/systemd/system/scuttlebot.service
echo 'After=network.target' >> /etc/systemd/system/scuttlebot.service
echo '' >> /etc/systemd/system/scuttlebot.service
echo '[Service]' >> /etc/systemd/system/scuttlebot.service
echo 'Type=simple' >> /etc/systemd/system/scuttlebot.service
echo 'User=scuttlebot' >> /etc/systemd/system/scuttlebot.service
echo 'Group=scuttlebot' >> /etc/systemd/system/scuttlebot.service
echo "WorkingDirectory=/etc/scuttlebot" >> /etc/systemd/system/scuttlebot.service
echo 'ExecStart=/usr/local/bin/sbot server' >> /etc/systemd/system/scuttlebot.service
echo 'Restart=always' >> /etc/systemd/system/scuttlebot.service
echo 'Environment="USER=scuttlebot"' >> /etc/systemd/system/scuttlebot.service
echo '' >> /etc/systemd/system/scuttlebot.service
echo '[Install]' >> /etc/systemd/system/scuttlebot.service
echo 'WantedBy=multi-user.target' >> /etc/systemd/system/scuttlebot.service
chown -R scuttlebot:scuttlebot /etc/scuttlebot
# files gw_name myhostname mdns4_minimal [NOTFOUND=return] dns
sed -i "s|hosts:.*|hosts: files mdns4_minimal dns mdns4 mdns|g" /etc/nsswitch.conf
# start the daemon
systemctl enable scuttlebot.service
systemctl daemon-reload
systemctl start scuttlebot.service
sleep 3
if [ ! -d /etc/scuttlebot/.ssb ]; then
echo $'Scuttlebot config not generated'
exit 73528
fi
echo '{' > /etc/scuttlebot/.ssb/config
echo " \"host\": \"${DEFAULT_DOMAIN_NAME}\"," >> /etc/scuttlebot/.ssb/config
echo " \"port\": ${SCUTTLEBOT_PORT}," >> /etc/scuttlebot/.ssb/config
echo ' "timeout": 30000,' >> /etc/scuttlebot/.ssb/config
echo ' "pub": true,' >> /etc/scuttlebot/.ssb/config
echo ' "local": true,' >> /etc/scuttlebot/.ssb/config
echo ' "friends": {' >> /etc/scuttlebot/.ssb/config
echo ' "dunbar": 150,' >> /etc/scuttlebot/.ssb/config
echo ' "hops": 3' >> /etc/scuttlebot/.ssb/config
echo ' },' >> /etc/scuttlebot/.ssb/config
echo ' "gossip": {' >> /etc/scuttlebot/.ssb/config
echo ' "connections": 2' >> /etc/scuttlebot/.ssb/config
echo ' },' >> /etc/scuttlebot/.ssb/config
echo ' "master": [],' >> /etc/scuttlebot/.ssb/config
echo ' "logging": {' >> /etc/scuttlebot/.ssb/config
echo ' "level": "error"' >> /etc/scuttlebot/.ssb/config
echo ' }' >> /etc/scuttlebot/.ssb/config
echo '}' >> /etc/scuttlebot/.ssb/config
chown scuttlebot:scuttlebot /etc/scuttlebot/.ssb/config
systemctl restart scuttlebot.service
firewall_add git_ssb ${GIT_SSB_PORT}
SCUTTLEBOT_ONION_HOSTNAME=$(add_onion_service scuttlebot 80 ${SCUTTLEBOT_ONION_PORT})
scuttlebot_git_setup
systemctl enable git_ssb.service
systemctl daemon-reload
systemctl start git_ssb.service
function_check create_site_certificate
create_site_certificate ${SCUTTLEBOT_DOMAIN_NAME} 'yes'
systemctl restart nginx
if ! grep -q "scuttlebot version:" ${COMPLETION_FILE}; then
echo "scuttlebot version:${SCUTTLEBOT_VERSION}" >> ${COMPLETION_FILE}
else
sed -i "s|scuttlebot version.*|scuttlebot version:${SCUTTLEBOT_VERSION}|g" ${COMPLETION_FILE}
fi
APP_INSTALLED=1
}
# NOTE: deliberately no exit 0