From 5b7b2d24f2f8ba7d4c2816722c0450a1a2f6602d Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@robotics.uk.to>
Date: Sun, 24 Jul 2016 13:19:56 +0100
Subject: [PATCH] Tidying
---
src/freedombone-addcert | 416 ++++++------
src/freedombone-addemail | 116 ++--
src/freedombone-addlist | 96 +--
src/freedombone-addsipuser | 98 +--
src/freedombone-adduser | 460 ++++++-------
src/freedombone-addxmpp | 36 +-
src/freedombone-app-batman | 176 ++---
src/freedombone-app-cjdns | 850 +++++++++++------------
src/freedombone-app-dlna | 334 +++++-----
src/freedombone-app-emacs | 248 +++----
src/freedombone-app-gogs | 1006 ++++++++++++++--------------
src/freedombone-app-hubzilla | 836 +++++++++++------------
src/freedombone-app-ipfs | 414 ++++++------
src/freedombone-app-irc | 444 ++++++-------
src/freedombone-app-mediagoblin | 586 ++++++++--------
src/freedombone-app-rss | 900 ++++++++++++-------------
src/freedombone-app-searx | 456 ++++++-------
src/freedombone-app-sip | 722 ++++++++++----------
src/freedombone-app-syncthing | 502 +++++++-------
src/freedombone-app-tox | 910 ++++++++++++-------------
src/freedombone-app-vpn | 42 +-
src/freedombone-app-webmail | 332 ++++-----
src/freedombone-app-wiki | 778 +++++++++++-----------
src/freedombone-app-xmpp | 798 +++++++++++-----------
src/freedombone-app-zeronet | 1110 +++++++++++++++----------------
src/freedombone-mesh-install | 752 ++++++++++-----------
26 files changed, 6709 insertions(+), 6709 deletions(-)
diff --git a/src/freedombone-addcert b/src/freedombone-addcert
index cda74b4e6..63d88519e 100755
--- a/src/freedombone-addcert
+++ b/src/freedombone-addcert
@@ -58,284 +58,284 @@ FRIENDS_MIRRORS_SSH_PORT=
MY_MIRRORS_PASSWORD=
function read_repo_servers {
- if [ -f $CONFIGURATION_FILE ]; then
- if grep -q "FRIENDS_MIRRORS_SERVER" $CONFIGURATION_FILE; then
- FRIENDS_MIRRORS_SERVER=$(grep "FRIENDS_MIRRORS_SERVER" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
- fi
- if grep -q "FRIENDS_MIRRORS_SSH_PORT" $CONFIGURATION_FILE; then
- FRIENDS_MIRRORS_SSH_PORT=$(grep "FRIENDS_MIRRORS_SSH_PORT" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
- fi
- if grep -q "MY_MIRRORS_PASSWORD" $CONFIGURATION_FILE; then
- MY_MIRRORS_PASSWORD=$(grep "MY_MIRRORS_PASSWORD" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
- fi
- if grep -q "FRIENDS_MIRRORS_PASSWORD" $CONFIGURATION_FILE; then
- FRIENDS_MIRRORS_PASSWORD=$(grep "FRIENDS_MIRRORS_PASSWORD" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
- fi
+ if [ -f $CONFIGURATION_FILE ]; then
+ if grep -q "FRIENDS_MIRRORS_SERVER" $CONFIGURATION_FILE; then
+ FRIENDS_MIRRORS_SERVER=$(grep "FRIENDS_MIRRORS_SERVER" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
fi
-
- if [ ! $FRIENDS_MIRRORS_SERVER ]; then
- return
+ if grep -q "FRIENDS_MIRRORS_SSH_PORT" $CONFIGURATION_FILE; then
+ FRIENDS_MIRRORS_SSH_PORT=$(grep "FRIENDS_MIRRORS_SSH_PORT" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
fi
- if [ ${#FRIENDS_MIRRORS_SERVER} -lt 2 ]; then
- return
+ if grep -q "MY_MIRRORS_PASSWORD" $CONFIGURATION_FILE; then
+ MY_MIRRORS_PASSWORD=$(grep "MY_MIRRORS_PASSWORD" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
fi
-
- MAIN_COMMAND=/usr/local/bin/${PROJECT_NAME}
- if [ ! -f $MAIN_COMMAND ]; then
- MAIN_COMMAND=/usr/bin/${PROJECT_NAME}
+ if grep -q "FRIENDS_MIRRORS_PASSWORD" $CONFIGURATION_FILE; then
+ FRIENDS_MIRRORS_PASSWORD=$(grep "FRIENDS_MIRRORS_PASSWORD" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
fi
-
- REPOS=($(cat ${MAIN_COMMAND} | grep "_REPO=\"" | uniq -u | sed 's|${PROJECT_NAME}|'"${PROJECT_NAME}"'|g'))
-
- for line in "${REPOS[@]}"
- do
- repo_name=$(echo "$line" | awk -F '=' '{print $1}')
- mirrors_name=$(echo "$repo_name" | sed "s|_REPO||g" | awk '{print tolower($0)}')
- friends_repo_url="ssh://mirrors@${FRIENDS_MIRRORS_SERVER}:${FRIENDS_MIRRORS_SSH_PORT}/home/mirrors/${mirrors_name}"
- ${repo_name}="${friends_repo_url}"
- done
+ fi
+
+ if [ ! $FRIENDS_MIRRORS_SERVER ]; then
+ return
+ fi
+ if [ ${#FRIENDS_MIRRORS_SERVER} -lt 2 ]; then
+ return
+ fi
+
+ MAIN_COMMAND=/usr/local/bin/${PROJECT_NAME}
+ if [ ! -f $MAIN_COMMAND ]; then
+ MAIN_COMMAND=/usr/bin/${PROJECT_NAME}
+ fi
+
+ REPOS=($(cat ${MAIN_COMMAND} | grep "_REPO=\"" | uniq -u | sed 's|${PROJECT_NAME}|'"${PROJECT_NAME}"'|g'))
+
+ for line in "${REPOS[@]}"
+ do
+ repo_name=$(echo "$line" | awk -F '=' '{print $1}')
+ mirrors_name=$(echo "$repo_name" | sed "s|_REPO||g" | awk '{print tolower($0)}')
+ friends_repo_url="ssh://mirrors@${FRIENDS_MIRRORS_SERVER}:${FRIENDS_MIRRORS_SSH_PORT}/home/mirrors/${mirrors_name}"
+ ${repo_name}="${friends_repo_url}"
+ done
}
function show_help {
- echo ''
- echo $"${PROJECT_NAME}-addcert -h [hostname] -c [country code] -a [area] -l [location]"
- echo $' -o [organisation] -u [unit] --ca "" --nodh ""'
- echo ''
- echo $'Creates a self-signed certificate for the given hostname'
- echo ''
- echo $' --help Show help'
- echo $' -h --hostname [name] Hostname'
- echo $' -e --letsencrypt [hostname] Hostname to use with Lets Encrypt'
- echo $' -s --server [url] Lets Encrypt server URL'
- echo $' -c --country [code] Optional country code (eg. US, GB, etc)'
- echo $' -a --area [description] Optional area description'
- echo $' -l --location [locn] Optional location name'
- echo $' -o --organisation [name] Optional organisation name'
- echo $' -u --unit [name] Optional unit name'
- echo $' --email [address] Email address for letsencrypt'
- echo $' --dhkey [bits] DH key length in bits'
- echo $' --nodh "" Do not calculate DH params'
- echo $' --ca "" Certificate authority cert'
- echo ''
- exit 0
+ echo ''
+ echo $"${PROJECT_NAME}-addcert -h [hostname] -c [country code] -a [area] -l [location]"
+ echo $' -o [organisation] -u [unit] --ca "" --nodh ""'
+ echo ''
+ echo $'Creates a self-signed certificate for the given hostname'
+ echo ''
+ echo $' --help Show help'
+ echo $' -h --hostname [name] Hostname'
+ echo $' -e --letsencrypt [hostname] Hostname to use with Lets Encrypt'
+ echo $' -s --server [url] Lets Encrypt server URL'
+ echo $' -c --country [code] Optional country code (eg. US, GB, etc)'
+ echo $' -a --area [description] Optional area description'
+ echo $' -l --location [locn] Optional location name'
+ echo $' -o --organisation [name] Optional organisation name'
+ echo $' -u --unit [name] Optional unit name'
+ echo $' --email [address] Email address for letsencrypt'
+ echo $' --dhkey [bits] DH key length in bits'
+ echo $' --nodh "" Do not calculate DH params'
+ echo $' --ca "" Certificate authority cert'
+ echo ''
+ exit 0
}
while [[ $# > 1 ]]
do
-key="$1"
+ key="$1"
-case $key in
+ case $key in
--help)
- show_help
- ;;
+ show_help
+ ;;
-h|--hostname)
- shift
- HOSTNAME="$1"
- ;;
+ shift
+ HOSTNAME="$1"
+ ;;
-e|--letsencrypt)
- shift
- LETSENCRYPT_HOSTNAME="$1"
- ;;
+ shift
+ LETSENCRYPT_HOSTNAME="$1"
+ ;;
--email)
- shift
- MY_EMAIL_ADDRESS="$1"
- ;;
+ shift
+ MY_EMAIL_ADDRESS="$1"
+ ;;
-s|--server)
- shift
- LETSENCRYPT_SERVER="$1"
- ;;
+ shift
+ LETSENCRYPT_SERVER="$1"
+ ;;
-c|--country)
- shift
- COUNTRY_CODE="$1"
- ;;
+ shift
+ COUNTRY_CODE="$1"
+ ;;
-a|--area)
- shift
- AREA="$1"
- ;;
+ shift
+ AREA="$1"
+ ;;
-l|--location)
- shift
- LOCATION="$1"
- ;;
+ shift
+ LOCATION="$1"
+ ;;
-o|--organisation)
- shift
- ORGANISATION="$1"
- ;;
+ shift
+ ORGANISATION="$1"
+ ;;
-u|--unit)
- shift
- UNIT="$1"
- ;;
+ shift
+ UNIT="$1"
+ ;;
--ca)
- shift
- EXTENSIONS="-extensions v3_ca"
- ORGANISATION="Freedombone-CA"
- ;;
+ shift
+ EXTENSIONS="-extensions v3_ca"
+ ORGANISATION="Freedombone-CA"
+ ;;
--nodh)
- shift
- NODH="true"
- ;;
+ shift
+ NODH="true"
+ ;;
--dhkey)
- shift
- DH_KEYLENGTH=${1}
- ;;
+ shift
+ DH_KEYLENGTH=${1}
+ ;;
*)
- # unknown option
- ;;
-esac
-shift
+ # unknown option
+ ;;
+ esac
+ shift
done
if [ ! $HOSTNAME ]; then
- if [ ! $LETSENCRYPT_HOSTNAME ]; then
- echo $'No hostname specified'
- exit 5748
- fi
+ if [ ! $LETSENCRYPT_HOSTNAME ]; then
+ echo $'No hostname specified'
+ exit 5748
+ fi
fi
if ! which openssl > /dev/null ;then
- echo $"$0: openssl is not installed, exiting" 1>&2
- exit 5689
+ echo $"$0: openssl is not installed, exiting" 1>&2
+ exit 5689
fi
if [ ! -d /etc/ssl/mycerts ]; then
- mkdir /etc/ssl/mycerts
+ mkdir /etc/ssl/mycerts
fi
CERTFILE=$HOSTNAME
function add_cert_letsencrypt {
- CERTFILE=$LETSENCRYPT_HOSTNAME
-
- # obtain the email address for the admin user
- if [ ! $MY_EMAIL_ADDRESS ]; then
- if [ -f $CONFIGURATION_FILE ]; then
- if grep -q "MY_EMAIL_ADDRESS=" $CONFIGURATION_FILE; then
- MY_EMAIL_ADDRESS=$(cat $CONFIGURATION_FILE | grep "MY_EMAIL_ADDRESS=" | awk -F '=' '{print $2}')
- fi
- fi
+ CERTFILE=$LETSENCRYPT_HOSTNAME
+
+ # obtain the email address for the admin user
+ if [ ! $MY_EMAIL_ADDRESS ]; then
+ if [ -f $CONFIGURATION_FILE ]; then
+ if grep -q "MY_EMAIL_ADDRESS=" $CONFIGURATION_FILE; then
+ MY_EMAIL_ADDRESS=$(cat $CONFIGURATION_FILE | grep "MY_EMAIL_ADDRESS=" | awk -F '=' '{print $2}')
+ fi
fi
- if [ ! $MY_EMAIL_ADDRESS ]; then
- if [ -f $COMPLETION_FILE ]; then
- if grep -q "Admin user:" $COMPLETION_FILE; then
- ADMIN_USER=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}')
- MY_EMAIL_ADDRESS=$ADMIN_USER@$HOSTNAME
- fi
- fi
+ fi
+ if [ ! $MY_EMAIL_ADDRESS ]; then
+ if [ -f $COMPLETION_FILE ]; then
+ if grep -q "Admin user:" $COMPLETION_FILE; then
+ ADMIN_USER=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}')
+ MY_EMAIL_ADDRESS=$ADMIN_USER@$HOSTNAME
+ fi
fi
+ fi
- if [ ! -d $INSTALL_DIR ]; then
- mkdir -p $INSTALL_DIR
- fi
- cd $INSTALL_DIR
+ if [ ! -d $INSTALL_DIR ]; then
+ mkdir -p $INSTALL_DIR
+ fi
+ cd $INSTALL_DIR
- # obtain the repo
+ # obtain the repo
+ if [ ! -d ${INSTALL_DIR}/letsencrypt ]; then
+ git_clone $LETSENCRYPT_REPO ${INSTALL_DIR}/letsencrypt
if [ ! -d ${INSTALL_DIR}/letsencrypt ]; then
- git_clone $LETSENCRYPT_REPO ${INSTALL_DIR}/letsencrypt
- if [ ! -d ${INSTALL_DIR}/letsencrypt ]; then
- exit 76283
- fi
- else
- cd ${INSTALL_DIR}/letsencrypt
- git_pull $LETSENCRYPT_REPO
+ exit 76283
fi
+ else
+ cd ${INSTALL_DIR}/letsencrypt
+ git_pull $LETSENCRYPT_REPO
+ fi
- # stop the web server
- systemctl stop nginx
+ # stop the web server
+ systemctl stop nginx
- cd ${INSTALL_DIR}/letsencrypt
- ./letsencrypt-auto certonly --server $LETSENCRYPT_SERVER --standalone -d $LETSENCRYPT_HOSTNAME --renew-by-default --agree-tos --email $MY_EMAIL_ADDRESS
- if [ ! "$?" = "0" ]; then
- echo $"Failed to install letsencrypt for domain $LETSENCRYPT_HOSTNAME"
- systemctl start nginx
- exit 63216
+ cd ${INSTALL_DIR}/letsencrypt
+ ./letsencrypt-auto certonly --server $LETSENCRYPT_SERVER --standalone -d $LETSENCRYPT_HOSTNAME --renew-by-default --agree-tos --email $MY_EMAIL_ADDRESS
+ if [ ! "$?" = "0" ]; then
+ echo $"Failed to install letsencrypt for domain $LETSENCRYPT_HOSTNAME"
+ systemctl start nginx
+ exit 63216
+ fi
+
+ # replace some legacy filenames
+ if [ -f /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.bundle.crt ]; then
+ mv /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.bundle.crt /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem
+ fi
+ if [ -f /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.crt ]; then
+ mv /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.crt /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem
+ fi
+ sed -i "s|ssl_certificate /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.bundle.crt|ssl_certificate /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem|g" /etc/nginx/sites-available/$LETSENCRYPT_HOSTNAME
+ sed -i "s|ssl_certificate /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.crt|ssl_certificate /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem|g" /etc/nginx/sites-available/$LETSENCRYPT_HOSTNAME
+
+ # link the private key
+ if [ -f /etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key ]; then
+ if [ ! -f /etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key.old ]; then
+ mv /etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key /etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key.old
+ else
+ rm -f /etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key
fi
+ fi
+ ln -s /etc/letsencrypt/live/${LETSENCRYPT_HOSTNAME}/privkey.pem /etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key
- # replace some legacy filenames
- if [ -f /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.bundle.crt ]; then
- mv /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.bundle.crt /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem
- fi
- if [ -f /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.crt ]; then
- mv /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.crt /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem
- fi
- sed -i "s|ssl_certificate /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.bundle.crt|ssl_certificate /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem|g" /etc/nginx/sites-available/$LETSENCRYPT_HOSTNAME
- sed -i "s|ssl_certificate /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.crt|ssl_certificate /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem|g" /etc/nginx/sites-available/$LETSENCRYPT_HOSTNAME
-
- # link the private key
- if [ -f /etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key ]; then
- if [ ! -f /etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key.old ]; then
- mv /etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key /etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key.old
- else
- rm -f /etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key
- fi
- fi
- ln -s /etc/letsencrypt/live/${LETSENCRYPT_HOSTNAME}/privkey.pem /etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key
-
- # link the public key
- if [ -f /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem ]; then
- if [ ! -f /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem.old ]; then
- mv /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem.old
- else
- rm -f /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem
- fi
+ # link the public key
+ if [ -f /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem ]; then
+ if [ ! -f /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem.old ]; then
+ mv /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem.old
+ else
+ rm -f /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem
fi
- ln -s /etc/letsencrypt/live/${LETSENCRYPT_HOSTNAME}/fullchain.pem /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem
+ fi
+ ln -s /etc/letsencrypt/live/${LETSENCRYPT_HOSTNAME}/fullchain.pem /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem
- cp /etc/letsencrypt/live/${LETSENCRYPT_HOSTNAME}/fullchain.pem /etc/ssl/mycerts/${LETSENCRYPT_HOSTNAME}.pem
+ cp /etc/letsencrypt/live/${LETSENCRYPT_HOSTNAME}/fullchain.pem /etc/ssl/mycerts/${LETSENCRYPT_HOSTNAME}.pem
- systemctl start nginx
+ systemctl start nginx
- ${PROJECT_NAME}-pin-cert $LETSENCRYPT_HOSTNAME
- if [ ! "$?" = "0" ]; then
- echo $"Certificate for $LETSENCRYPT_HOSTNAME could not be pinned"
- exit 62878
- fi
+ ${PROJECT_NAME}-pin-cert $LETSENCRYPT_HOSTNAME
+ if [ ! "$?" = "0" ]; then
+ echo $"Certificate for $LETSENCRYPT_HOSTNAME could not be pinned"
+ exit 62878
+ fi
}
function add_cert_selfsigned {
- if [[ $ORGANISATION == "Freedombone-CA" ]]; then
- CERTFILE="ca-$HOSTNAME"
- fi
-
- openssl req -x509 ${EXTENSIONS} -nodes -days 3650 -sha256 \
- -subj "/O=$ORGANISATION/OU=$UNIT/C=$COUNTRY_CODE/ST=$AREA/L=$LOCATION/CN=$HOSTNAME" \
- -newkey rsa:4096 -keyout /etc/ssl/private/${CERTFILE}.key \
- -out /etc/ssl/certs/${CERTFILE}.crt
- chmod 400 /etc/ssl/private/${CERTFILE}.key
- chmod 640 /etc/ssl/certs/${CERTFILE}.crt
- cp /etc/ssl/certs/${CERTFILE}.crt /etc/ssl/mycerts
-
- ${PROJECT_NAME}-pin-cert $CERTFILE
- if [ ! "$?" = "0" ]; then
- echo $"Certificate for $CERTFILE could not be pinned"
- exit 62879
- fi
+ if [[ $ORGANISATION == "Freedombone-CA" ]]; then
+ CERTFILE="ca-$HOSTNAME"
+ fi
+
+ openssl req -x509 ${EXTENSIONS} -nodes -days 3650 -sha256 \
+ -subj "/O=$ORGANISATION/OU=$UNIT/C=$COUNTRY_CODE/ST=$AREA/L=$LOCATION/CN=$HOSTNAME" \
+ -newkey rsa:4096 -keyout /etc/ssl/private/${CERTFILE}.key \
+ -out /etc/ssl/certs/${CERTFILE}.crt
+ chmod 400 /etc/ssl/private/${CERTFILE}.key
+ chmod 640 /etc/ssl/certs/${CERTFILE}.crt
+ cp /etc/ssl/certs/${CERTFILE}.crt /etc/ssl/mycerts
+
+ ${PROJECT_NAME}-pin-cert $CERTFILE
+ if [ ! "$?" = "0" ]; then
+ echo $"Certificate for $CERTFILE could not be pinned"
+ exit 62879
+ fi
}
function generate_dh_params {
- if [ ! $NODH ]; then
- if [ ! -f /etc/ssl/certs/${CERTFILE}.dhparam ]; then
- ${PROJECT_NAME}-dhparam -h ${CERTFILE} --fast yes
- fi
+ if [ ! $NODH ]; then
+ if [ ! -f /etc/ssl/certs/${CERTFILE}.dhparam ]; then
+ ${PROJECT_NAME}-dhparam -h ${CERTFILE} --fast yes
fi
+ fi
}
function restart_web_server {
- if [ -f /etc/init.d/nginx ]; then
- /etc/init.d/nginx reload
- fi
+ if [ -f /etc/init.d/nginx ]; then
+ /etc/init.d/nginx reload
+ fi
}
function make_cert_bundle {
- # Create a bundle of your certificates
- cat /etc/ssl/mycerts/*.crt /etc/ssl/mycerts/*.pem > /etc/ssl/${PROJECT_NAME}-bundle.crt
- tar -czvf /etc/ssl/${PROJECT_NAME}-certs.tar.gz /etc/ssl/mycerts/*.crt /etc/ssl/mycerts/*.pem
+ # Create a bundle of your certificates
+ cat /etc/ssl/mycerts/*.crt /etc/ssl/mycerts/*.pem > /etc/ssl/${PROJECT_NAME}-bundle.crt
+ tar -czvf /etc/ssl/${PROJECT_NAME}-certs.tar.gz /etc/ssl/mycerts/*.crt /etc/ssl/mycerts/*.pem
}
function create_cert {
- if [ $LETSENCRYPT_HOSTNAME ]; then
- add_cert_letsencrypt
- else
- add_cert_selfsigned
- fi
+ if [ $LETSENCRYPT_HOSTNAME ]; then
+ add_cert_letsencrypt
+ else
+ add_cert_selfsigned
+ fi
}
read_repo_servers
diff --git a/src/freedombone-addemail b/src/freedombone-addemail
index 6f7b94e93..cb9ae307b 100755
--- a/src/freedombone-addemail
+++ b/src/freedombone-addemail
@@ -49,37 +49,37 @@ function show_help {
while [[ $# > 1 ]]
do
-key="$1"
-
-case $key in
- -h|--help)
- show_help
- ;;
- -u|--user)
- shift
- MYUSERNAME="$1"
- ;;
- -e|--email)
- shift
- EMAILADDRESS="$1"
- ;;
- -s|--subject)
- shift
- SUBJECT_TEXT="$1"
- ;;
- -g|--group)
+ key="$1"
+
+ case $key in
+ -h|--help)
+ show_help
+ ;;
+ -u|--user)
+ shift
+ MYUSERNAME="$1"
+ ;;
+ -e|--email)
+ shift
+ EMAILADDRESS="$1"
+ ;;
+ -s|--subject)
+ shift
+ SUBJECT_TEXT="$1"
+ ;;
+ -g|--group)
+ shift
+ GROUP_NAME="$1"
+ ;;
+ -p|--public)
+ shift
+ PUBLIC="$1"
+ ;;
+ *)
+ # unknown option
+ ;;
+ esac
shift
- GROUP_NAME="$1"
- ;;
- -p|--public)
- shift
- PUBLIC="$1"
- ;;
- *)
- # unknown option
- ;;
-esac
-shift
done
if ! [[ $MYUSERNAME && $GROUP_NAME ]]; then
@@ -88,7 +88,7 @@ fi
if [ ${#EMAILADDRESS} -lt 2 ]; then
if [ ${#SUBJECT_TEXT} -lt 2 ]; then
- show_help
+ show_help
fi
fi
@@ -112,47 +112,47 @@ fi
chown -R $MYUSERNAME:$MYUSERNAME $LISTDIR
if ! grep -q "$proc_comment" $PM; then
if [[ $PUBLIC != "yes" ]]; then
- # private emails go after the encryption stage
- echo '' >> $PM
- echo "$proc_comment" >> $PM
- echo ":0" >> $PM
- echo "$proc_rule" >> $PM
- echo "$LISTDIR/new" >> $PM
- echo "# End of rule" >> $PM
+ # private emails go after the encryption stage
+ echo '' >> $PM
+ echo "$proc_comment" >> $PM
+ echo ":0" >> $PM
+ echo "$proc_rule" >> $PM
+ echo "$LISTDIR/new" >> $PM
+ echo "# End of rule" >> $PM
else
- # public emails are copied before the encryption stage
- if ! grep -q '# encrypt' $PM; then
- echo '' >> $PM
- echo "$proc_comment" >> $PM
- echo ":0" >> $PM
- echo "$proc_rule" >> $PM
- echo "$LISTDIR/new" >> $PM
- echo "# End of rule" >> $PM
- else
- filter=$(echo "$proc_comment\n:0\n${proc_rule}\n$LISTDIR/new\n# End of rule\n")
- sed -i "/# encrypt/i ${filter}" $PM
- fi
+ # public emails are copied before the encryption stage
+ if ! grep -q '# encrypt' $PM; then
+ echo '' >> $PM
+ echo "$proc_comment" >> $PM
+ echo ":0" >> $PM
+ echo "$proc_rule" >> $PM
+ echo "$LISTDIR/new" >> $PM
+ echo "# End of rule" >> $PM
+ else
+ filter=$(echo "$proc_comment\n:0\n${proc_rule}\n$LISTDIR/new\n# End of rule\n")
+ sed -i "/# encrypt/i ${filter}" $PM
+ fi
fi
chown $MYUSERNAME:$MYUSERNAME $PM
fi
if [ ! -f "$MUTTRC" ]; then
- cp /etc/Muttrc $MUTTRC
- chown $MYUSERNAME:$MYUSERNAME $MUTTRC
+ cp /etc/Muttrc $MUTTRC
+ chown $MYUSERNAME:$MYUSERNAME $MUTTRC
fi
PROCMAILLOG=/home/$MYUSERNAME/log
if [ ! -d $PROCMAILLOG ]; then
- mkdir $PROCMAILLOG
- chown -R $MYUSERNAME:$MYUSERNAME $PROCMAILLOG
+ mkdir $PROCMAILLOG
+ chown -R $MYUSERNAME:$MYUSERNAME $PROCMAILLOG
fi
MUTT_MAILBOXES=$(grep "mailboxes =" $MUTTRC)
if [[ $MUTT_MAILBOXES != *$GROUP_NAME* ]]; then
- if ! grep -q "=$GROUP_NAME" $MUTTRC; then
- sed -i "s|$MUTT_MAILBOXES|$MUTT_MAILBOXES =$GROUP_NAME|g" $MUTTRC
- chown $MYUSERNAME:$MYUSERNAME $MUTTRC
- fi
+ if ! grep -q "=$GROUP_NAME" $MUTTRC; then
+ sed -i "s|$MUTT_MAILBOXES|$MUTT_MAILBOXES =$GROUP_NAME|g" $MUTTRC
+ chown $MYUSERNAME:$MYUSERNAME $MUTTRC
+ fi
fi
exit 0
diff --git a/src/freedombone-addlist b/src/freedombone-addlist
index 5f4d4d020..7f5cd2a51 100755
--- a/src/freedombone-addlist
+++ b/src/freedombone-addlist
@@ -49,37 +49,37 @@ function show_help {
while [[ $# > 1 ]]
do
-key="$1"
-
-case $key in
- -h|--help)
- show_help
- ;;
- -u|--user)
- shift
- MYUSERNAME="$1"
- ;;
- -l|--list)
- shift
- MAILINGLIST="$1"
- ;;
- -s|--subject)
- shift
- SUBJECTTAG="$1"
- ;;
- -e|--email)
- shift
- LIST_ADDRESS="$1"
- ;;
- -p|--public)
+ key="$1"
+
+ case $key in
+ -h|--help)
+ show_help
+ ;;
+ -u|--user)
+ shift
+ MYUSERNAME="$1"
+ ;;
+ -l|--list)
+ shift
+ MAILINGLIST="$1"
+ ;;
+ -s|--subject)
+ shift
+ SUBJECTTAG="$1"
+ ;;
+ -e|--email)
+ shift
+ LIST_ADDRESS="$1"
+ ;;
+ -p|--public)
+ shift
+ PUBLIC="$1"
+ ;;
+ *)
+ # unknown option
+ ;;
+ esac
shift
- PUBLIC="$1"
- ;;
- *)
- # unknown option
- ;;
-esac
-shift
done
if [ ! $MYUSERNAME ]; then
@@ -110,33 +110,33 @@ chown -R $MYUSERNAME:$MYUSERNAME $LISTDIR
if [ ${#SUBJECTTAG} -gt 0 ]; then
# use the subject tag
if ! grep -q "Subject:.*()\[$SUBJECTTAG\]" $PM; then
- if [[ $PUBLIC != "yes" ]]; then
- # private emails go after the encryption stage
- filter="
+ if [[ $PUBLIC != "yes" ]]; then
+ # private emails go after the encryption stage
+ filter="
# Email rule for $MAILINGLIST subject [$SUBJECTTAG]
:0
* ^Subject:.*()\[$SUBJECTTAG\]
$LISTDIR/new
# End of rule
"
- echo "$filter" >> $PM
- else
- # public emails are copied before hte encryption stage
- if ! grep -q '# encrypt' $PM; then
- filter="
+ echo "$filter" >> $PM
+ else
+ # public emails are copied before hte encryption stage
+ if ! grep -q '# encrypt' $PM; then
+ filter="
# Email rule for $MAILINGLIST subject [$SUBJECTTAG]
:0
* ^Subject:.*()\[$SUBJECTTAG\]
$LISTDIR/new
# End of rule
"
- echo "$filter" >> $PM
- else
- filter=$(echo "# Email rule for $MAILINGLIST subject [$SUBJECTTAG]\n:0\n * ^Subject:.*()\\\[$SUBJECTTAG\\\]\n$LISTDIR/new\n# End of rule\n")
- sed -i "/# encrypt/i ${filter}" $PM
- fi
- fi
- chown $MYUSERNAME:$MYUSERNAME $PM
+ echo "$filter" >> $PM
+ else
+ filter=$(echo "# Email rule for $MAILINGLIST subject [$SUBJECTTAG]\n:0\n * ^Subject:.*()\\\[$SUBJECTTAG\\\]\n$LISTDIR/new\n# End of rule\n")
+ sed -i "/# encrypt/i ${filter}" $PM
+ fi
+ fi
+ chown $MYUSERNAME:$MYUSERNAME $PM
fi
else
exit $(${PROJECT_NAME}-addemail -u $MYUSERNAME -e $LIST_ADDRESS -g $MAILINGLIST --public $PUBLIC)
@@ -156,15 +156,15 @@ fi
MUTT_MAILBOXES=$(grep "mailboxes =" $MUTTRC)
if [[ $MUTT_MAILBOXES != *$MAILINGLIST* ]]; then
if ! grep -q "=$MAILINGLIST" $MUTTRC; then
- sed -i "s|$MUTT_MAILBOXES|$MUTT_MAILBOXES =$MAILINGLIST|g" $MUTTRC
- chown $MYUSERNAME:$MYUSERNAME $MUTTRC
+ sed -i "s|$MUTT_MAILBOXES|$MUTT_MAILBOXES =$MAILINGLIST|g" $MUTTRC
+ chown $MYUSERNAME:$MYUSERNAME $MUTTRC
fi
fi
if [ $LIST_ADDRESS ]; then
sed -i "s|unsubscribe $LIST_ADDRESS|subscribe $LIST_ADDRESS|g" $MUTTRC
if ! grep -q "subscribe $LIST_ADDRESS" $MUTTRC; then
- echo "subscribe $LIST_ADDRESS" >> $MUTTRC
+ echo "subscribe $LIST_ADDRESS" >> $MUTTRC
fi
fi
diff --git a/src/freedombone-addsipuser b/src/freedombone-addsipuser
index 1eb098411..f2c3715f1 100755
--- a/src/freedombone-addsipuser
+++ b/src/freedombone-addsipuser
@@ -50,10 +50,10 @@ function show_help {
function sip_user_exists {
IFS=''
while read line; do
- if [[ "$line" == *"<user id=\"$MY_USERNAME\">" ]]; then
- USER_EXISTS="yes"
- return
- fi
+ if [[ "$line" == *"<user id=\"$MY_USERNAME\">" ]]; then
+ USER_EXISTS="yes"
+ return
+ fi
done < $CONFIG_FILE
}
@@ -61,28 +61,28 @@ function update_sip_user {
USER_FOUND=
NEW_CONFIG_FILE="${CONFIG_FILE}.new"
if [ -f $NEW_CONFIG_FILE ]; then
- rm -f $NEW_CONFIG_FILE
+ rm -f $NEW_CONFIG_FILE
fi
touch $NEW_CONFIG_FILE
IFS=''
while read line; do
- if [ ! $USER_FOUND ]; then
- if [[ "$line" == *"<user id=\"$MY_USERNAME\">" ]]; then
- USER_FOUND="yes"
- fi
- else
- if [[ "$line" == *"<extension>"* ]]; then
- line=" <extension>$EXTENSION</extension>"
- fi
- if [[ "$line" == *"<secret>"* ]]; then
- line=" <secret>$PASSWORD</secret>"
- fi
- if [[ "$line" == *"<display>"* ]]; then
- line=" <display>$MY_USERNAME $EXTENSION</display>"
- USER_FOUND=
- fi
- fi
- echo $line >> $NEW_CONFIG_FILE
+ if [ ! $USER_FOUND ]; then
+ if [[ "$line" == *"<user id=\"$MY_USERNAME\">" ]]; then
+ USER_FOUND="yes"
+ fi
+ else
+ if [[ "$line" == *"<extension>"* ]]; then
+ line=" <extension>$EXTENSION</extension>"
+ fi
+ if [[ "$line" == *"<secret>"* ]]; then
+ line=" <secret>$PASSWORD</secret>"
+ fi
+ if [[ "$line" == *"<display>"* ]]; then
+ line=" <display>$MY_USERNAME $EXTENSION</display>"
+ USER_FOUND=
+ fi
+ fi
+ echo $line >> $NEW_CONFIG_FILE
done < $CONFIG_FILE
mv $NEW_CONFIG_FILE $CONFIG_FILE
}
@@ -90,19 +90,19 @@ function update_sip_user {
function add_sip_user {
NEW_CONFIG_FILE="${CONFIG_FILE}.new"
if [ -f $NEW_CONFIG_FILE ]; then
- rm -f $NEW_CONFIG_FILE
+ rm -f $NEW_CONFIG_FILE
fi
touch $NEW_CONFIG_FILE
IFS=''
while read line; do
- if [[ "$line" == *'</provision>' ]]; then
- echo " <user id=\"$MY_USERNAME\">" >> $NEW_CONFIG_FILE
- echo " <extension>$EXTENSION</extension>" >> $NEW_CONFIG_FILE
- echo " <secret>$PASSWORD</secret>" >> $NEW_CONFIG_FILE
- echo " <display>$MY_USERNAME $EXTENSION</display>" >> $NEW_CONFIG_FILE
- echo ' </user>' >> $NEW_CONFIG_FILE
- fi
- echo $line >> $NEW_CONFIG_FILE
+ if [[ "$line" == *'</provision>' ]]; then
+ echo " <user id=\"$MY_USERNAME\">" >> $NEW_CONFIG_FILE
+ echo " <extension>$EXTENSION</extension>" >> $NEW_CONFIG_FILE
+ echo " <secret>$PASSWORD</secret>" >> $NEW_CONFIG_FILE
+ echo " <display>$MY_USERNAME $EXTENSION</display>" >> $NEW_CONFIG_FILE
+ echo ' </user>' >> $NEW_CONFIG_FILE
+ fi
+ echo $line >> $NEW_CONFIG_FILE
done < $CONFIG_FILE
mv $NEW_CONFIG_FILE $CONFIG_FILE
usermod -aG sipwitch $MY_USERNAME
@@ -113,24 +113,24 @@ do
key="$1"
case $key in
- -h|--help)
- show_help
- ;;
- -u|--user)
- shift
- MY_USERNAME="$1"
- ;;
- -e|--extension)
- shift
- EXTENSION="$1"
- ;;
- -p|--password)
- shift
- PASSWORD="$1"
- ;;
- *)
- # unknown option
- ;;
+ -h|--help)
+ show_help
+ ;;
+ -u|--user)
+ shift
+ MY_USERNAME="$1"
+ ;;
+ -e|--extension)
+ shift
+ EXTENSION="$1"
+ ;;
+ -p|--password)
+ shift
+ PASSWORD="$1"
+ ;;
+ *)
+ # unknown option
+ ;;
esac
shift
done
diff --git a/src/freedombone-adduser b/src/freedombone-adduser
index 8fcc4c7fa..d0a51b64f 100755
--- a/src/freedombone-adduser
+++ b/src/freedombone-adduser
@@ -46,19 +46,19 @@ FULLBLOG_DOMAIN_NAME=
DEFAULT_DOMAIN_NAME=
if [ ! $MY_USERNAME ]; then
- echo $'No username was given'
- exit 1
+ echo $'No username was given'
+ exit 1
fi
if [ -d /home/$MY_USERNAME ]; then
- echo $"The user $MY_USERNAME already exists"
- exit 2
+ echo $"The user $MY_USERNAME already exists"
+ exit 2
fi
if [ ! -f $COMPLETION_FILE ]; then
- echo $"$COMPLETION_FILE not found"
- userdel -r $MY_USERNAME
- exit 3
+ echo $"$COMPLETION_FILE not found"
+ userdel -r $MY_USERNAME
+ exit 3
fi
# Minimum number of characters in a password
@@ -69,40 +69,40 @@ useradd -m -p "$NEW_USER_PASSWORD" -s /bin/bash $MY_USERNAME
adduser $MY_USERNAME sasl
if [ ! -d /home/$MY_USERNAME ]; then
- echo $'Home directory was not created'
- exit 4
+ echo $'Home directory was not created'
+ exit 4
fi
if [ "$SSH_PUBLIC_KEY" ]; then
- if [ ${#SSH_PUBLIC_KEY} -gt 5 ]; then
- if [ -f "$SSH_PUBLIC_KEY" ]; then
- mkdir /home/$MY_USERNAME/.ssh
- cp $SSH_PUBLIC_KEY /home/$MY_USERNAME/.ssh/authorized_keys
- chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh
- echo $'ssh public key installed'
- else
- if [[ "$SSH_PUBLIC_KEY" == "ssh-"* ]]; then
- mkdir /home/$MY_USERNAME/.ssh
- echo "$SSH_PUBLIC_KEY" > /home/$MY_USERNAME/.ssh/authorized_keys
- chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh
- echo $'ssh public key installed'
- else
- echo $'The second parameter does not look like an ssh key'
- exit 5
- fi
- fi
+ if [ ${#SSH_PUBLIC_KEY} -gt 5 ]; then
+ if [ -f "$SSH_PUBLIC_KEY" ]; then
+ mkdir /home/$MY_USERNAME/.ssh
+ cp $SSH_PUBLIC_KEY /home/$MY_USERNAME/.ssh/authorized_keys
+ chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh
+ echo $'ssh public key installed'
+ else
+ if [[ "$SSH_PUBLIC_KEY" == "ssh-"* ]]; then
+ mkdir /home/$MY_USERNAME/.ssh
+ echo "$SSH_PUBLIC_KEY" > /home/$MY_USERNAME/.ssh/authorized_keys
+ chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh
+ echo $'ssh public key installed'
+ else
+ echo $'The second parameter does not look like an ssh key'
+ exit 5
+ fi
fi
+ fi
fi
if [ -d /home/$MY_USERNAME/Maildir ]; then
- if grep -q "set from=" /home/$MY_USERNAME/.muttrc; then
- sed -i "s|set from=.*|set from='$MY_USERNAME <$MY_USERNAME@$HOSTNAME>'|g" /home/$MY_USERNAME/.muttrc
- else
- echo "set from='$MY_USERNAME <$MY_USERNAME@$HOSTNAME>'" >> /home/$MY_USERNAME/.muttrc
- fi
-
- USERN='$USER@'
- sed -i "s|$USERN|$MY_USERNAME@|g" /home/$MY_USERNAME/.procmailrc
+ if grep -q "set from=" /home/$MY_USERNAME/.muttrc; then
+ sed -i "s|set from=.*|set from='$MY_USERNAME <$MY_USERNAME@$HOSTNAME>'|g" /home/$MY_USERNAME/.muttrc
+ else
+ echo "set from='$MY_USERNAME <$MY_USERNAME@$HOSTNAME>'" >> /home/$MY_USERNAME/.muttrc
+ fi
+
+ USERN='$USER@'
+ sed -i "s|$USERN|$MY_USERNAME@|g" /home/$MY_USERNAME/.procmailrc
fi
# generate a gpg key
@@ -136,9 +136,9 @@ MY_GPG_PUBLIC_KEY=/home/$MY_USERNAME/public_key.gpg
su -c "gpg --output $MY_GPG_PUBLIC_KEY --armor --export $MY_GPG_PUBLIC_KEY_ID" - $MY_USERNAME
if [ ! -f $MY_GPG_PUBLIC_KEY ]; then
- echo "GPG public key was not generated for $MY_USERNAME@$HOSTNAME $MY_GPG_PUBLIC_KEY_ID"
- userdel -r $MY_USERNAME
- exit 7
+ echo "GPG public key was not generated for $MY_USERNAME@$HOSTNAME $MY_GPG_PUBLIC_KEY_ID"
+ userdel -r $MY_USERNAME
+ exit 7
fi
# add a monkeysphere subkey
@@ -152,47 +152,47 @@ chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.monkeysphere
monkeysphere-authentication update-users
if [ -f /home/$MY_USERNAME/.muttrc ]; then
- # encrypt outgoing mail to the "sent" folder
- if ! grep -q "pgp_encrypt_only_command" /home/$MY_USERNAME/.muttrc; then
- echo '' >> /home/$MY_USERNAME/.muttrc
- echo $'# Encrypt items in the Sent folder' >> /home/$MY_USERNAME/.muttrc
- echo "set pgp_encrypt_only_command=\"/usr/lib/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to 0x$MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"" >> /home/$MY_USERNAME/.muttrc
- else
- sed -i "s|set pgp_encrypt_only_command.*|set pgp_encrypt_only_command=\"/usr/lib/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to 0x$MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"|g" /home/$MY_USERNAME/.muttrc
- fi
-
- if ! grep -q "pgp_encrypt_sign_command" /home/$MY_USERNAME/.muttrc; then
- echo "set pgp_encrypt_sign_command=\"/usr/lib/mutt/pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0x$MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"" >> /home/$MY_USERNAME/.muttrc
- else
- sed -i "s|set pgp_encrypt_sign_command.*|set pgp_encrypt_sign_command=\"/usr/lib/mutt/pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0x$MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"|g" /home/$MY_USERNAME/.muttrc
- fi
+ # encrypt outgoing mail to the "sent" folder
+ if ! grep -q "pgp_encrypt_only_command" /home/$MY_USERNAME/.muttrc; then
+ echo '' >> /home/$MY_USERNAME/.muttrc
+ echo $'# Encrypt items in the Sent folder' >> /home/$MY_USERNAME/.muttrc
+ echo "set pgp_encrypt_only_command=\"/usr/lib/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to 0x$MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"" >> /home/$MY_USERNAME/.muttrc
+ else
+ sed -i "s|set pgp_encrypt_only_command.*|set pgp_encrypt_only_command=\"/usr/lib/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to 0x$MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"|g" /home/$MY_USERNAME/.muttrc
+ fi
+
+ if ! grep -q "pgp_encrypt_sign_command" /home/$MY_USERNAME/.muttrc; then
+ echo "set pgp_encrypt_sign_command=\"/usr/lib/mutt/pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0x$MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"" >> /home/$MY_USERNAME/.muttrc
+ else
+ sed -i "s|set pgp_encrypt_sign_command.*|set pgp_encrypt_sign_command=\"/usr/lib/mutt/pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0x$MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"|g" /home/$MY_USERNAME/.muttrc
+ fi
fi
if ! grep -q "Change your GPG password" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'Change your GPG password' >> /home/$MY_USERNAME/README
- echo '========================' >> /home/$MY_USERNAME/README
- echo $"It's very important to add a password to your GPG key so that" >> /home/$MY_USERNAME/README
- echo $"if anyone does get access to your email they still won't be able" >> /home/$MY_USERNAME/README
- echo $'to read them without knowning the GPG password.' >> /home/$MY_USERNAME/README
- echo $'You can change the it with:' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo " gpg --edit-key $MY_GPG_PUBLIC_KEY_ID" >> /home/$MY_USERNAME/README
- echo ' passwd' >> /home/$MY_USERNAME/README
- echo ' save' >> /home/$MY_USERNAME/README
- echo ' quit' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'Change your GPG password' >> /home/$MY_USERNAME/README
+ echo '========================' >> /home/$MY_USERNAME/README
+ echo $"It's very important to add a password to your GPG key so that" >> /home/$MY_USERNAME/README
+ echo $"if anyone does get access to your email they still won't be able" >> /home/$MY_USERNAME/README
+ echo $'to read them without knowning the GPG password.' >> /home/$MY_USERNAME/README
+ echo $'You can change the it with:' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo " gpg --edit-key $MY_GPG_PUBLIC_KEY_ID" >> /home/$MY_USERNAME/README
+ echo ' passwd' >> /home/$MY_USERNAME/README
+ echo ' save' >> /home/$MY_USERNAME/README
+ echo ' quit' >> /home/$MY_USERNAME/README
fi
if ! grep -q "Publish your GPG public key" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'Publish your GPG public key' >> /home/$MY_USERNAME/README
- echo '===========================' >> /home/$MY_USERNAME/README
- echo $'So that others can send emails to you securely you should' >> /home/$MY_USERNAME/README
- echo $'publish your GPG public key with the command:' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo " gpg --send-keys $MY_GPG_PUBLIC_KEY_ID" >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'Publish your GPG public key' >> /home/$MY_USERNAME/README
+ echo '===========================' >> /home/$MY_USERNAME/README
+ echo $'So that others can send emails to you securely you should' >> /home/$MY_USERNAME/README
+ echo $'publish your GPG public key with the command:' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo " gpg --send-keys $MY_GPG_PUBLIC_KEY_ID" >> /home/$MY_USERNAME/README
fi
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
@@ -200,201 +200,201 @@ chown $MY_USERNAME:$MY_USERNAME $MY_GPG_PUBLIC_KEY
chmod 600 /home/$MY_USERNAME/README
if grep -q "install_xmpp" $COMPLETION_FILE; then
- echo $"Adding an XMPP account for $MY_USERNAME"
- ${PROJECT_NAME}-addxmpp -e "$MY_USERNAME@$HOSTNAME" -p "$NEW_USER_PASSWORD"
- if [ ! "$?" = "0" ]; then
- echo $"XMPP account not created"
- userdel -r $MY_USERNAME
- exit 8
- fi
+ echo $"Adding an XMPP account for $MY_USERNAME"
+ ${PROJECT_NAME}-addxmpp -e "$MY_USERNAME@$HOSTNAME" -p "$NEW_USER_PASSWORD"
+ if [ ! "$?" = "0" ]; then
+ echo $"XMPP account not created"
+ userdel -r $MY_USERNAME
+ exit 8
+ fi
fi
if grep -q "install_xmpp_client" $COMPLETION_FILE; then
- echo $"Adding XMPP client setup"
- XMPP_CLIENT_DIR=/home/$MY_USERNAME/.local/share/profanity
- XMPP_CLIENT_ACCOUNTS=$XMPP_CLIENT_DIR/accounts
- if [ ! -d $XMPP_CLIENT_DIR ]; then
- mkdir -p $XMPP_CLIENT_DIR
- fi
- if [ ! -d /home/$MY_USERNAME/.config/profanity ]; then
- mkdir -p /home/$MY_USERNAME/.config/profanity
- fi
- echo "[${MY_USERNAME}@${HOSTNAME}]" > $XMPP_CLIENT_ACCOUNTS
- echo 'enabled=true' >> $XMPP_CLIENT_ACCOUNTS
- echo "jid=${MY_USERNAME}@${HOSTNAME}" >> $XMPP_CLIENT_ACCOUNTS
- echo 'resource=profanity' >> $XMPP_CLIENT_ACCOUNTS
- echo "muc.service=conference.${HOSTNAME}" >> $XMPP_CLIENT_ACCOUNTS
- echo "muc.nick=${MY_USERNAME}" >> $XMPP_CLIENT_ACCOUNTS
- echo 'presence.last=online' >> $XMPP_CLIENT_ACCOUNTS
- echo 'presence.login=online' >> $XMPP_CLIENT_ACCOUNTS
- echo 'priority.online=0' >> $XMPP_CLIENT_ACCOUNTS
- echo 'priority.chat=0' >> $XMPP_CLIENT_ACCOUNTS
- echo 'priority.away=0' >> $XMPP_CLIENT_ACCOUNTS
- echo 'priority.xa=0' >> $XMPP_CLIENT_ACCOUNTS
- echo 'priority.dnd=0' >> $XMPP_CLIENT_ACCOUNTS
-
- echo '[connection]' > /home/$MY_USERNAME/.config/profanity/profrc
- echo "account=${MY_USERNAME}@${HOSTNAME}" >> /home/$MY_USERNAME/.config/profanity/profrc
-
- chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.local
- chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.config
+ echo $"Adding XMPP client setup"
+ XMPP_CLIENT_DIR=/home/$MY_USERNAME/.local/share/profanity
+ XMPP_CLIENT_ACCOUNTS=$XMPP_CLIENT_DIR/accounts
+ if [ ! -d $XMPP_CLIENT_DIR ]; then
+ mkdir -p $XMPP_CLIENT_DIR
+ fi
+ if [ ! -d /home/$MY_USERNAME/.config/profanity ]; then
+ mkdir -p /home/$MY_USERNAME/.config/profanity
+ fi
+ echo "[${MY_USERNAME}@${HOSTNAME}]" > $XMPP_CLIENT_ACCOUNTS
+ echo 'enabled=true' >> $XMPP_CLIENT_ACCOUNTS
+ echo "jid=${MY_USERNAME}@${HOSTNAME}" >> $XMPP_CLIENT_ACCOUNTS
+ echo 'resource=profanity' >> $XMPP_CLIENT_ACCOUNTS
+ echo "muc.service=conference.${HOSTNAME}" >> $XMPP_CLIENT_ACCOUNTS
+ echo "muc.nick=${MY_USERNAME}" >> $XMPP_CLIENT_ACCOUNTS
+ echo 'presence.last=online' >> $XMPP_CLIENT_ACCOUNTS
+ echo 'presence.login=online' >> $XMPP_CLIENT_ACCOUNTS
+ echo 'priority.online=0' >> $XMPP_CLIENT_ACCOUNTS
+ echo 'priority.chat=0' >> $XMPP_CLIENT_ACCOUNTS
+ echo 'priority.away=0' >> $XMPP_CLIENT_ACCOUNTS
+ echo 'priority.xa=0' >> $XMPP_CLIENT_ACCOUNTS
+ echo 'priority.dnd=0' >> $XMPP_CLIENT_ACCOUNTS
+
+ echo '[connection]' > /home/$MY_USERNAME/.config/profanity/profrc
+ echo "account=${MY_USERNAME}@${HOSTNAME}" >> /home/$MY_USERNAME/.config/profanity/profrc
+
+ chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.local
+ chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.config
fi
if grep -q "Blog domain" $COMPLETION_FILE; then
- FULLBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Blog domain" | awk -F ':' '{print $2}')
- if [ ! -d /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users ]; then
- echo $'Blog users directory not found'
- if grep -q "install_xmpp" $COMPLETION_FILE; then
- ${PROJECT_NAME}-rmxmpp -e "$MY_USERNAME@$HOSTNAME"
- fi
- userdel -r $MY_USERNAME
- exit 9
+ FULLBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Blog domain" | awk -F ':' '{print $2}')
+ if [ ! -d /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users ]; then
+ echo $'Blog users directory not found'
+ if grep -q "install_xmpp" $COMPLETION_FILE; then
+ ${PROJECT_NAME}-rmxmpp -e "$MY_USERNAME@$HOSTNAME"
fi
- NEW_USER_PASSWORD_HASH=$(${PROJECT_NAME}-sec --bloghash "$NEW_USER_PASSWORD")
- if [ ${#NEW_USER_PASSWORD_HASH} -lt 8 ]; then
- echo $'Blog admin password could not be hashed'
- exit 783528
- fi
- echo ';Password' > /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
- echo "password = $NEW_USER_PASSWORD_HASH" >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
- echo 'encryption = password_hash' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
- echo ';Role' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
- echo 'role = admin' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
- echo "$MY_USERNAME added as a blog user"
+ userdel -r $MY_USERNAME
+ exit 9
+ fi
+ NEW_USER_PASSWORD_HASH=$(${PROJECT_NAME}-sec --bloghash "$NEW_USER_PASSWORD")
+ if [ ${#NEW_USER_PASSWORD_HASH} -lt 8 ]; then
+ echo $'Blog admin password could not be hashed'
+ exit 783528
+ fi
+ echo ';Password' > /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
+ echo "password = $NEW_USER_PASSWORD_HASH" >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
+ echo 'encryption = password_hash' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
+ echo ';Role' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
+ echo 'role = admin' >> /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
+ echo "$MY_USERNAME added as a blog user"
fi
if grep -q "install_sip" $COMPLETION_FILE; then
- SIP_EXTENSION=$(${PROJECT_NAME}-sipfreeext)
- ${PROJECT_NAME}-addsipuser -u $MY_USERNAME -e $SIP_EXTENSION -p "$NEW_USER_PASSWORD"
- if [ ! "$?" = "0" ]; then
- echo $'SIP user could not be added. Ensure that extension numbers are in order and do no exceed 299'
- if grep -q "install_xmpp" $COMPLETION_FILE; then
- ${PROJECT_NAME}-rmxmpp -e "$MY_USERNAME@$HOSTNAME"
- fi
- if grep -q "Blog domain" $COMPLETION_FILE; then
- if [ -f /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini ]; then
- rm /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
- fi
- fi
- userdel -r $MY_USERNAME
- exit 10
+ SIP_EXTENSION=$(${PROJECT_NAME}-sipfreeext)
+ ${PROJECT_NAME}-addsipuser -u $MY_USERNAME -e $SIP_EXTENSION -p "$NEW_USER_PASSWORD"
+ if [ ! "$?" = "0" ]; then
+ echo $'SIP user could not be added. Ensure that extension numbers are in order and do no exceed 299'
+ if grep -q "install_xmpp" $COMPLETION_FILE; then
+ ${PROJECT_NAME}-rmxmpp -e "$MY_USERNAME@$HOSTNAME"
fi
+ if grep -q "Blog domain" $COMPLETION_FILE; then
+ if [ -f /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini ]; then
+ rm /var/www/$FULLBLOG_DOMAIN_NAME/htdocs/config/users/$MY_USERNAME.ini
+ fi
+ fi
+ userdel -r $MY_USERNAME
+ exit 10
+ fi
fi
if grep -q "install_gnusocial" $COMPLETION_FILE; then
- MICROBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "GNU Social domain" | awk -F ':' '{print $2}')
- if [ -d /var/www/$MICROBLOG_DOMAIN_NAME ]; then
- cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
- php scripts/registeruser.php -n $MY_USERNAME -w "$NEW_USER_PASSWORD" -e "$MY_USERNAME@$HOSTNAME"
- ${PROJECT_NAME}-addemail -u $MY_USERNAME -e "noreply@$MICROBLOG_DOMAIN_NAME" -g gnusocial --public no
- echo $'Created GNU Social user'
- else
- echo $"Unable to find GNU Social installation at /var/www/$MICROBLOG_DOMAIN_NAME/htdocs"
- userdel -r $MY_USERNAME
- exit 11
- fi
+ MICROBLOG_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "GNU Social domain" | awk -F ':' '{print $2}')
+ if [ -d /var/www/$MICROBLOG_DOMAIN_NAME ]; then
+ cd /var/www/$MICROBLOG_DOMAIN_NAME/htdocs
+ php scripts/registeruser.php -n $MY_USERNAME -w "$NEW_USER_PASSWORD" -e "$MY_USERNAME@$HOSTNAME"
+ ${PROJECT_NAME}-addemail -u $MY_USERNAME -e "noreply@$MICROBLOG_DOMAIN_NAME" -g gnusocial --public no
+ echo $'Created GNU Social user'
+ else
+ echo $"Unable to find GNU Social installation at /var/www/$MICROBLOG_DOMAIN_NAME/htdocs"
+ userdel -r $MY_USERNAME
+ exit 11
+ fi
fi
if grep -q "install_irc_client" $COMPLETION_FILE; then
- IRC_PORT=6697
- if grep -q "IRC_PORT" $CONFIGURATION_FILE; then
- IRC_PORT=$(grep "IRC_PORT" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
- fi
- IRC_PASSWORD=$(cat /etc/ngircd/ngircd.conf | grep "Password =" | head -n 1 | awk -F '=' '{print $2}')
- if [ ${#IRC_PASSWORD} -lt 2 ]; then
- IRC_PASSWORD=
- fi
-
- if [ ! -d /home/$MY_USERNAME/.irssi ]; then
- mkdir /home/$MY_USERNAME/.irssi
- fi
-
- echo 'servers = (' > /home/$MY_USERNAME/.irssi/config
- echo ' {' >> /home/$MY_USERNAME/.irssi/config
- echo ' address = "chat.freenode.net";' >> /home/$MY_USERNAME/.irssi/config
- echo ' chatnet = "Freenode";' >> /home/$MY_USERNAME/.irssi/config
- echo ' port = "6667";' >> /home/$MY_USERNAME/.irssi/config
- echo ' autoconnect = "no";' >> /home/$MY_USERNAME/.irssi/config
- echo ' },' >> /home/$MY_USERNAME/.irssi/config
- echo ' {' >> /home/$MY_USERNAME/.irssi/config
- echo ' address = "irc.oftc.net";' >> /home/$MY_USERNAME/.irssi/config
- echo ' chatnet = "OFTC";' >> /home/$MY_USERNAME/.irssi/config
- echo ' port = "6667";' >> /home/$MY_USERNAME/.irssi/config
- echo ' autoconnect = "yes";' >> /home/$MY_USERNAME/.irssi/config
- echo ' },' >> /home/$MY_USERNAME/.irssi/config
- echo ' {' >> /home/$MY_USERNAME/.irssi/config
- echo " address = \"${HOSTNAME}\";" >> /home/$MY_USERNAME/.irssi/config
- echo ' chatnet = "Freedombone";' >> /home/$MY_USERNAME/.irssi/config
- echo " port = \"${IRC_PORT}\";" >> /home/$MY_USERNAME/.irssi/config
- echo ' use_ssl = "yes";' >> /home/$MY_USERNAME/.irssi/config
- echo ' ssl_verify = "no";' >> /home/$MY_USERNAME/.irssi/config
- echo ' autoconnect = "yes";' >> /home/$MY_USERNAME/.irssi/config
-
- echo ' }' >> /home/$MY_USERNAME/.irssi/config
- echo ');' >> /home/$MY_USERNAME/.irssi/config
- echo '' >> /home/$MY_USERNAME/.irssi/config
- echo 'chatnets = {' >> /home/$MY_USERNAME/.irssi/config
- echo ' Freedombone = {' >> /home/$MY_USERNAME/.irssi/config
- echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_msgs = "4";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' };' >> /home/$MY_USERNAME/.irssi/config
- echo ' Freenode = {' >> /home/$MY_USERNAME/.irssi/config
- echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_msgs = "4";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' };' >> /home/$MY_USERNAME/.irssi/config
- echo ' OFTC = {' >> /home/$MY_USERNAME/.irssi/config
- echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_msgs = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' };' >> /home/$MY_USERNAME/.irssi/config
- echo '};' >> /home/$MY_USERNAME/.irssi/config
- echo '' >> /home/$MY_USERNAME/.irssi/config
- echo 'channels = (' >> /home/$MY_USERNAME/.irssi/config
- echo ' { name = "#freedombone"; chatnet = "Freedombone"; autojoin = "Yes"; },' >> /home/$MY_USERNAME/.irssi/config
- echo ');' >> /home/$MY_USERNAME/.irssi/config
- echo '' >> /home/$MY_USERNAME/.irssi/config
- echo 'settings = {' >> /home/$MY_USERNAME/.irssi/config
- echo " core = { real_name = \"$MY_NAME\"; user_name = \"$MY_USERNAME\"; nick = \"$MY_USERNAME\"; };" >> /home/$MY_USERNAME/.irssi/config
- echo ' "fe-text" = { actlist_sort = "refnum"; };' >> /home/$MY_USERNAME/.irssi/config
- echo '};' >> /home/$MY_USERNAME/.irssi/config
- echo 'ignores = ( { level = "CTCPS"; } );' >> /home/$MY_USERNAME/.irssi/config
-
- chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.irssi
+ IRC_PORT=6697
+ if grep -q "IRC_PORT" $CONFIGURATION_FILE; then
+ IRC_PORT=$(grep "IRC_PORT" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
+ fi
+ IRC_PASSWORD=$(cat /etc/ngircd/ngircd.conf | grep "Password =" | head -n 1 | awk -F '=' '{print $2}')
+ if [ ${#IRC_PASSWORD} -lt 2 ]; then
+ IRC_PASSWORD=
+ fi
+
+ if [ ! -d /home/$MY_USERNAME/.irssi ]; then
+ mkdir /home/$MY_USERNAME/.irssi
+ fi
+
+ echo 'servers = (' > /home/$MY_USERNAME/.irssi/config
+ echo ' {' >> /home/$MY_USERNAME/.irssi/config
+ echo ' address = "chat.freenode.net";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' chatnet = "Freenode";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' port = "6667";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' autoconnect = "no";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' },' >> /home/$MY_USERNAME/.irssi/config
+ echo ' {' >> /home/$MY_USERNAME/.irssi/config
+ echo ' address = "irc.oftc.net";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' chatnet = "OFTC";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' port = "6667";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' autoconnect = "yes";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' },' >> /home/$MY_USERNAME/.irssi/config
+ echo ' {' >> /home/$MY_USERNAME/.irssi/config
+ echo " address = \"${HOSTNAME}\";" >> /home/$MY_USERNAME/.irssi/config
+ echo ' chatnet = "Freedombone";' >> /home/$MY_USERNAME/.irssi/config
+ echo " port = \"${IRC_PORT}\";" >> /home/$MY_USERNAME/.irssi/config
+ echo ' use_ssl = "yes";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' ssl_verify = "no";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' autoconnect = "yes";' >> /home/$MY_USERNAME/.irssi/config
+
+ echo ' }' >> /home/$MY_USERNAME/.irssi/config
+ echo ');' >> /home/$MY_USERNAME/.irssi/config
+ echo '' >> /home/$MY_USERNAME/.irssi/config
+ echo 'chatnets = {' >> /home/$MY_USERNAME/.irssi/config
+ echo ' Freedombone = {' >> /home/$MY_USERNAME/.irssi/config
+ echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_msgs = "4";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' };' >> /home/$MY_USERNAME/.irssi/config
+ echo ' Freenode = {' >> /home/$MY_USERNAME/.irssi/config
+ echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_msgs = "4";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' };' >> /home/$MY_USERNAME/.irssi/config
+ echo ' OFTC = {' >> /home/$MY_USERNAME/.irssi/config
+ echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_msgs = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' };' >> /home/$MY_USERNAME/.irssi/config
+ echo '};' >> /home/$MY_USERNAME/.irssi/config
+ echo '' >> /home/$MY_USERNAME/.irssi/config
+ echo 'channels = (' >> /home/$MY_USERNAME/.irssi/config
+ echo ' { name = "#freedombone"; chatnet = "Freedombone"; autojoin = "Yes"; },' >> /home/$MY_USERNAME/.irssi/config
+ echo ');' >> /home/$MY_USERNAME/.irssi/config
+ echo '' >> /home/$MY_USERNAME/.irssi/config
+ echo 'settings = {' >> /home/$MY_USERNAME/.irssi/config
+ echo " core = { real_name = \"$MY_NAME\"; user_name = \"$MY_USERNAME\"; nick = \"$MY_USERNAME\"; };" >> /home/$MY_USERNAME/.irssi/config
+ echo ' "fe-text" = { actlist_sort = "refnum"; };' >> /home/$MY_USERNAME/.irssi/config
+ echo '};' >> /home/$MY_USERNAME/.irssi/config
+ echo 'ignores = ( { level = "CTCPS"; } );' >> /home/$MY_USERNAME/.irssi/config
+
+ chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.irssi
fi
if [ -f /etc/nginx/.htpasswd ]; then
- if ! grep "${MY_USERNAME}:" /etc/nginx/.htpasswd; then
- echo "$NEW_USER_PASSWORD" | htpasswd -i -s /etc/nginx/.htpasswd $MY_USERNAME
- fi
+ if ! grep "${MY_USERNAME}:" /etc/nginx/.htpasswd; then
+ echo "$NEW_USER_PASSWORD" | htpasswd -i -s /etc/nginx/.htpasswd $MY_USERNAME
+ fi
fi
# add user to the sipwitch group
if [ -f /etc/sipwitch.conf ]; then
- usermod -aG sipwitch $MY_USERNAME
+ usermod -aG sipwitch $MY_USERNAME
fi
# add user for SIP STUN/TURN
if [ -d /etc/turnserver ]; then
- if grep -q "DEFAULT_DOMAIN_NAME" $CONFIGURATION_FILE; then
- DEFAULT_DOMAIN_NAME=$(grep "DEFAULT_DOMAIN_NAME" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
- echo "${MY_USERNAME}:${NEW_USER_PASSWORD}:${DEFAULT_DOMAIN_NAME}:authorized" >> /etc/turnserver/turnusers.txt
- fi
+ if grep -q "DEFAULT_DOMAIN_NAME" $CONFIGURATION_FILE; then
+ DEFAULT_DOMAIN_NAME=$(grep "DEFAULT_DOMAIN_NAME" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
+ echo "${MY_USERNAME}:${NEW_USER_PASSWORD}:${DEFAULT_DOMAIN_NAME}:authorized" >> /etc/turnserver/turnusers.txt
+ fi
fi
# add user menu on ssh login
if ! grep -q 'control' /home/$MY_USERNAME/.bashrc; then
- echo 'control' >> /home/$MY_USERNAME/.bashrc
+ echo 'control' >> /home/$MY_USERNAME/.bashrc
fi
clear
echo $"New user $MY_USERNAME was created"
if [ $SIP_EXTENSION ]; then
- echo $"Their SIP phone extension is $SIP_EXTENSION"
+ echo $"Their SIP phone extension is $SIP_EXTENSION"
fi
echo $"Their login password is $NEW_USER_PASSWORD"
echo ''
diff --git a/src/freedombone-addxmpp b/src/freedombone-addxmpp
index 70ad3dae3..a57fceb0b 100755
--- a/src/freedombone-addxmpp
+++ b/src/freedombone-addxmpp
@@ -46,25 +46,25 @@ function show_help {
while [[ $# > 1 ]]
do
-key="$1"
+ key="$1"
-case $key in
- -h|--help)
- show_help
- ;;
- -e|--email)
- shift
- EMAIL_ADDRESS="$1"
- ;;
- -p|--password|--passphrase)
+ case $key in
+ -h|--help)
+ show_help
+ ;;
+ -e|--email)
+ shift
+ EMAIL_ADDRESS="$1"
+ ;;
+ -p|--password|--passphrase)
+ shift
+ NEW_USER_PASSWORD="$1"
+ ;;
+ *)
+ # unknown option
+ ;;
+ esac
shift
- NEW_USER_PASSWORD="$1"
- ;;
- *)
- # unknown option
- ;;
-esac
-shift
done
if [ ! -d /etc/prosody ]; then
@@ -84,7 +84,7 @@ else
DOMAIN_NAME=$(echo $EMAIL_ADDRESS | awk -F '@' '{print $2}')
prosodyctl register $USERNAME $DOMAIN_NAME "$NEW_USER_PASSWORD"
if [ ! "$?" = "0" ]; then
- exit 2
+ exit 2
fi
fi
diff --git a/src/freedombone-app-batman b/src/freedombone-app-batman
index 2d1da224a..7667ada58 100755
--- a/src/freedombone-app-batman
+++ b/src/freedombone-app-batman
@@ -34,16 +34,16 @@ ENABLE_BATMAN="no"
BATMAN_CELLID='any'
function configure_firewall_for_batma {
- if grep -Fxq "configure_firewall_for_batman" $COMPLETION_FILE; then
- return
- fi
- if [[ $ENABLE_BATMAN != "yes" ]]; then
- return
- fi
-
- function_check save_firewall_settings
- save_firewall_settings
- echo 'configure_firewall_for_batman' >> $COMPLETION_FILE
+ if grep -Fxq "configure_firewall_for_batman" $COMPLETION_FILE; then
+ return
+ fi
+ if [[ $ENABLE_BATMAN != "yes" ]]; then
+ return
+ fi
+
+ function_check save_firewall_settings
+ save_firewall_settings
+ echo 'configure_firewall_for_batman' >> $COMPLETION_FILE
}
function reconfigure_batman {
@@ -71,90 +71,90 @@ function restore_remote_batman {
}
function remove_batman {
- if ! grep -Fxq "install_batman" $COMPLETION_FILE; then
- return
- fi
-
- ${PROJECT_NAME}-mesh-install -f batman --remove yes
- if [ ! "$?" = "0" ]; then
- echo $'Failed to remove batman'
- exit 79353
- fi
- sed -i '/install_batman/d' $COMPLETION_FILE
- sed -i '/configure_firewall_for_batman/d' $COMPLETION_FILE
+ if ! grep -Fxq "install_batman" $COMPLETION_FILE; then
+ return
+ fi
+
+ ${PROJECT_NAME}-mesh-install -f batman --remove yes
+ if [ ! "$?" = "0" ]; then
+ echo $'Failed to remove batman'
+ exit 79353
+ fi
+ sed -i '/install_batman/d' $COMPLETION_FILE
+ sed -i '/configure_firewall_for_batman/d' $COMPLETION_FILE
}
function mesh_install_batman {
- chroot "$rootdir" apt-get -y install iproute bridge-utils libnetfilter-conntrack3 batctl
- chroot "$rootdir" apt-get -y install python-dev libevent-dev ebtables python-pip git
- chroot "$rootdir" apt-get -y install wireless-tools rfkill
-
- if ! grep -q "batman_adv" $rootdir/etc/modules; then
- echo 'batman_adv' >> $rootdir/etc/modules
- fi
-
- BATMAN_SCRIPT=$rootdir/var/lib/batman
-
- if [ -f /usr/local/bin/${PROJECT_NAME}-mesh-batman ]; then
- cp /usr/local/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
- else
- cp /usr/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
- fi
-
- BATMAN_DAEMON=$rootdir/etc/systemd/system/batman.service
- echo '[Unit]' > $BATMAN_DAEMON
- echo 'Description=B.A.T.M.A.N. Advanced' >> $BATMAN_DAEMON
- echo 'After=network.target' >> $BATMAN_DAEMON
- echo '' >> $BATMAN_DAEMON
- echo '[Service]' >> $BATMAN_DAEMON
- echo 'RemainAfterExit=yes' >> $BATMAN_DAEMON
- echo "ExecStart=/var/lib/batman start" >> $BATMAN_DAEMON
- echo "ExecStop=/var/lib/batman stop" >> $BATMAN_DAEMON
- echo 'Restart=on-failure' >> $BATMAN_DAEMON
- echo 'SuccessExitStatus=3 4' >> $BATMAN_DAEMON
- echo 'RestartForceExitStatus=3 4' >> $BATMAN_DAEMON
- echo '' >> $BATMAN_DAEMON
- echo '# Allow time for the server to start/stop' >> $BATMAN_DAEMON
- echo 'TimeoutSec=300' >> $BATMAN_DAEMON
- echo '' >> $BATMAN_DAEMON
- echo '[Install]' >> $BATMAN_DAEMON
- echo 'WantedBy=multi-user.target' >> $BATMAN_DAEMON
- chroot "$rootdir" systemctl enable batman
+ chroot "$rootdir" apt-get -y install iproute bridge-utils libnetfilter-conntrack3 batctl
+ chroot "$rootdir" apt-get -y install python-dev libevent-dev ebtables python-pip git
+ chroot "$rootdir" apt-get -y install wireless-tools rfkill
+
+ if ! grep -q "batman_adv" $rootdir/etc/modules; then
+ echo 'batman_adv' >> $rootdir/etc/modules
+ fi
+
+ BATMAN_SCRIPT=$rootdir/var/lib/batman
+
+ if [ -f /usr/local/bin/${PROJECT_NAME}-mesh-batman ]; then
+ cp /usr/local/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
+ else
+ cp /usr/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
+ fi
+
+ BATMAN_DAEMON=$rootdir/etc/systemd/system/batman.service
+ echo '[Unit]' > $BATMAN_DAEMON
+ echo 'Description=B.A.T.M.A.N. Advanced' >> $BATMAN_DAEMON
+ echo 'After=network.target' >> $BATMAN_DAEMON
+ echo '' >> $BATMAN_DAEMON
+ echo '[Service]' >> $BATMAN_DAEMON
+ echo 'RemainAfterExit=yes' >> $BATMAN_DAEMON
+ echo "ExecStart=/var/lib/batman start" >> $BATMAN_DAEMON
+ echo "ExecStop=/var/lib/batman stop" >> $BATMAN_DAEMON
+ echo 'Restart=on-failure' >> $BATMAN_DAEMON
+ echo 'SuccessExitStatus=3 4' >> $BATMAN_DAEMON
+ echo 'RestartForceExitStatus=3 4' >> $BATMAN_DAEMON
+ echo '' >> $BATMAN_DAEMON
+ echo '# Allow time for the server to start/stop' >> $BATMAN_DAEMON
+ echo 'TimeoutSec=300' >> $BATMAN_DAEMON
+ echo '' >> $BATMAN_DAEMON
+ echo '[Install]' >> $BATMAN_DAEMON
+ echo 'WantedBy=multi-user.target' >> $BATMAN_DAEMON
+ chroot "$rootdir" systemctl enable batman
}
function install_batman {
- if [ $INSTALLING_MESH ]; then
- mesh_install_batman
- return
- fi
- if grep -Fxq "install_batman" $COMPLETION_FILE; then
- return
- fi
- if [[ $ENABLE_BATMAN != "yes" ]]; then
- return
- fi
-
- ${PROJECT_NAME}-mesh-install -f batman
- if [ ! "$?" = "0" ]; then
- echo $'Failed to install batman'
- exit 72524
- fi
-
- if ! grep -q "Mesh Networking (B.A.T.M.A.N)" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo 'Mesh Networking (B.A.T.M.A.N)' >> /home/$MY_USERNAME/README
- echo '=============================' >> /home/$MY_USERNAME/README
- echo "Mesh ESSID: $WIFI_SSID" >> /home/$MY_USERNAME/README
- echo "Mesh cell ID: $BATMAN_CELLID" >> /home/$MY_USERNAME/README
- echo "Mesh wifi channel: $WIFI_CHANNEL" >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
- fi
-
- function_check configure_firewall_for_batman
- configure_firewall_for_batman
- echo 'install_batman' >> $COMPLETION_FILE
+ if [ $INSTALLING_MESH ]; then
+ mesh_install_batman
+ return
+ fi
+ if grep -Fxq "install_batman" $COMPLETION_FILE; then
+ return
+ fi
+ if [[ $ENABLE_BATMAN != "yes" ]]; then
+ return
+ fi
+
+ ${PROJECT_NAME}-mesh-install -f batman
+ if [ ! "$?" = "0" ]; then
+ echo $'Failed to install batman'
+ exit 72524
+ fi
+
+ if ! grep -q "Mesh Networking (B.A.T.M.A.N)" /home/$MY_USERNAME/README; then
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo 'Mesh Networking (B.A.T.M.A.N)' >> /home/$MY_USERNAME/README
+ echo '=============================' >> /home/$MY_USERNAME/README
+ echo "Mesh ESSID: $WIFI_SSID" >> /home/$MY_USERNAME/README
+ echo "Mesh cell ID: $BATMAN_CELLID" >> /home/$MY_USERNAME/README
+ echo "Mesh wifi channel: $WIFI_CHANNEL" >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
+
+ function_check configure_firewall_for_batman
+ configure_firewall_for_batman
+ echo 'install_batman' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-cjdns b/src/freedombone-app-cjdns
index a6e3b2b25..8374b4d97 100755
--- a/src/freedombone-app-cjdns
+++ b/src/freedombone-app-cjdns
@@ -42,498 +42,498 @@ CJDCMD_REPO="https://github.com/inhies/cjdcmd"
CJDCMD_COMMIT='973cca6ed0eecf9041c3403a40193c0b1291b808'
function reconfigure_cjdns {
- echo -n ''
+ echo -n ''
}
function upgrade_cjdns {
- if ! grep -Fxq "install_cjdns" $COMPLETION_FILE; then
- return
- fi
- function_check set_repo_commit
- set_repo_commit /etc/cjdns "cjdns commit" "$CJDNS_COMMIT" $CJDNS_REPO
+ if ! grep -Fxq "install_cjdns" $COMPLETION_FILE; then
+ return
+ fi
+ function_check set_repo_commit
+ set_repo_commit /etc/cjdns "cjdns commit" "$CJDNS_COMMIT" $CJDNS_REPO
}
function configure_firewall_for_cjdns {
- if grep -Fxq "configure_firewall_for_cjdns" $COMPLETION_FILE; then
- return
- fi
- if [[ $ENABLE_CJDNS != "yes" ]]; then
- return
- fi
- ip6tables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
- ip6tables -A FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
- ip6tables -A INPUT -p udp --dport $CJDNS_PORT -j ACCEPT
- ip6tables -A INPUT -p tcp --dport $CJDNS_PORT -j ACCEPT
-
- function_check save_firewall_settings
- save_firewall_settings
- echo 'configure_firewall_for_cjdns' >> $COMPLETION_FILE
+ if grep -Fxq "configure_firewall_for_cjdns" $COMPLETION_FILE; then
+ return
+ fi
+ if [[ $ENABLE_CJDNS != "yes" ]]; then
+ return
+ fi
+ ip6tables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
+ ip6tables -A FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
+ ip6tables -A INPUT -p udp --dport $CJDNS_PORT -j ACCEPT
+ ip6tables -A INPUT -p tcp --dport $CJDNS_PORT -j ACCEPT
+
+ function_check save_firewall_settings
+ save_firewall_settings
+ echo 'configure_firewall_for_cjdns' >> $COMPLETION_FILE
}
function get_cjdns_public_key {
- if [ -f /home/$MY_USERNAME/README ]; then
- if grep -q "cjdns public key" /home/$MY_USERNAME/README; then
- if [ ! $CJDNS_PUBLIC_KEY ]; then
- CJDNS_PUBLIC_KEY=$(cat /home/$MY_USERNAME/README | grep "cjdns public key" | awk -F ':' '{print $2}' | sed 's/^ *//')
- fi
- fi
+ if [ -f /home/$MY_USERNAME/README ]; then
+ if grep -q "cjdns public key" /home/$MY_USERNAME/README; then
+ if [ ! $CJDNS_PUBLIC_KEY ]; then
+ CJDNS_PUBLIC_KEY=$(cat /home/$MY_USERNAME/README | grep "cjdns public key" | awk -F ':' '{print $2}' | sed 's/^ *//')
+ fi
fi
+ fi
}
function get_cjdns_private_key {
- if [ -f /home/$MY_USERNAME/README ]; then
- if grep -q "cjdns private key" /home/$MY_USERNAME/README; then
- if [ ! $CJDNS_PRIVATE_KEY ]; then
- CJDNS_PRIVATE_KEY=$(cat /home/$MY_USERNAME/README | grep "cjdns private key" | awk -F ':' '{print $2}' | sed 's/^ *//')
- fi
- fi
+ if [ -f /home/$MY_USERNAME/README ]; then
+ if grep -q "cjdns private key" /home/$MY_USERNAME/README; then
+ if [ ! $CJDNS_PRIVATE_KEY ]; then
+ CJDNS_PRIVATE_KEY=$(cat /home/$MY_USERNAME/README | grep "cjdns private key" | awk -F ':' '{print $2}' | sed 's/^ *//')
+ fi
fi
+ fi
}
function get_cjdns_ipv6_address {
- if [ -f /home/$MY_USERNAME/README ]; then
- if grep -q "cjdns IPv6 address" /home/$MY_USERNAME/README; then
- if [ ! $CJDNS_IPV6 ]; then
- CJDNS_IPV6=$(cat /home/$MY_USERNAME/README | grep "cjdns IPv6 address" | awk -F ':' '{print $2}' | sed 's/^ *//')
- fi
- fi
+ if [ -f /home/$MY_USERNAME/README ]; then
+ if grep -q "cjdns IPv6 address" /home/$MY_USERNAME/README; then
+ if [ ! $CJDNS_IPV6 ]; then
+ CJDNS_IPV6=$(cat /home/$MY_USERNAME/README | grep "cjdns IPv6 address" | awk -F ':' '{print $2}' | sed 's/^ *//')
+ fi
fi
+ fi
}
function get_cjdns_port {
- if [ -f /home/$MY_USERNAME/README ]; then
- if grep -q "cjdns port" /home/$MY_USERNAME/README; then
- if [ ! $CJDNS_PORT ]; then
- CJDNS_PORT=$(cat /home/$MY_USERNAME/README | grep "cjdns port" | awk -F ':' '{print $2}' | sed 's/^ *//')
- fi
- fi
+ if [ -f /home/$MY_USERNAME/README ]; then
+ if grep -q "cjdns port" /home/$MY_USERNAME/README; then
+ if [ ! $CJDNS_PORT ]; then
+ CJDNS_PORT=$(cat /home/$MY_USERNAME/README | grep "cjdns port" | awk -F ':' '{print $2}' | sed 's/^ *//')
+ fi
fi
+ fi
}
function get_cjdns_password {
- if [ -f /home/$MY_USERNAME/README ]; then
- if grep -q "cjdns password" /home/$MY_USERNAME/README; then
- if [ ! $CJDNS_PASSWORD ]; then
- CJDNS_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "cjdns password" | awk -F ':' '{print $2}' | sed 's/^ *//')
- fi
- fi
+ if [ -f /home/$MY_USERNAME/README ]; then
+ if grep -q "cjdns password" /home/$MY_USERNAME/README; then
+ if [ ! $CJDNS_PASSWORD ]; then
+ CJDNS_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "cjdns password" | awk -F ':' '{print $2}' | sed 's/^ *//')
+ fi
fi
+ fi
}
function backup_local_cjdns {
- echo -n ''
+ echo -n ''
}
function restore_local_cjdns {
- if [ -d $USB_MOUNT/backup/cjdns ]; then
- echo $"Restoring cjdns installation"
- temp_restore_dir=/root/tempcjdns
- function_check restore_directory_from_usb
- restore_directory_from_usb $temp_restore_dir cjdns
- rm -rf /etc/cjdns
- cp -r $temp_restore_dir/etc/cjdns /etc/
- if [ ! "$?" = "0" ]; then
- function_check set_user_permissions
- set_user_permissions
- function_check backup_unmount_drive
- backup_unmount_drive
- exit 8472
- fi
- rm -rf $temp_restore_dir
- fi
+ if [ -d $USB_MOUNT/backup/cjdns ]; then
+ echo $"Restoring cjdns installation"
+ temp_restore_dir=/root/tempcjdns
+ function_check restore_directory_from_usb
+ restore_directory_from_usb $temp_restore_dir cjdns
+ rm -rf /etc/cjdns
+ cp -r $temp_restore_dir/etc/cjdns /etc/
+ if [ ! "$?" = "0" ]; then
+ function_check set_user_permissions
+ set_user_permissions
+ function_check backup_unmount_drive
+ backup_unmount_drive
+ exit 8472
+ fi
+ rm -rf $temp_restore_dir
+ fi
}
function backup_remote_cjdns {
- echo -n ''
+ echo -n ''
}
function restore_remote_cjdns {
- if [ -d $SERVER_DIRECTORY/backup/cjdns ]; then
- echo $"Restoring cjdns installation"
- temp_restore_dir=/root/tempcjdns
- function_check restore_directory_from_friend
- restore_directory_from_friend $temp_restore_dir cjdns
- rm -rf /etc/cjdns
- cp -r $temp_restore_dir/etc/cjdns /etc/
- if [ ! "$?" = "0" ]; then
- exit 7438
- fi
- rm -rf $temp_restore_dir
+ if [ -d $SERVER_DIRECTORY/backup/cjdns ]; then
+ echo $"Restoring cjdns installation"
+ temp_restore_dir=/root/tempcjdns
+ function_check restore_directory_from_friend
+ restore_directory_from_friend $temp_restore_dir cjdns
+ rm -rf /etc/cjdns
+ cp -r $temp_restore_dir/etc/cjdns /etc/
+ if [ ! "$?" = "0" ]; then
+ exit 7438
fi
+ rm -rf $temp_restore_dir
+ fi
}
function remove_cjdns {
- if ! grep -Fxq "install_cjdns" $COMPLETION_FILE; then
- return
- fi
- service cjdns stop
- ip6tables -D nat -D POSTROUTING -o tun0 -j MASQUERADE
- ip6tables -D FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
- ip6tables -D INPUT -p udp --dport $CJDNS_PORT -j ACCEPT
- ip6tables -D INPUT -p tcp --dport $CJDNS_PORT -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
-
- rm -rf /etc/cjdns
- sed -i '/install_cjdns/d' $COMPLETION_FILE
- sed -i '/cjdns /d' $COMPLETION_FILE
- sed -i '/configure_firewall_for_cjdns/d' $COMPLETION_FILE
+ if ! grep -Fxq "install_cjdns" $COMPLETION_FILE; then
+ return
+ fi
+ service cjdns stop
+ ip6tables -D nat -D POSTROUTING -o tun0 -j MASQUERADE
+ ip6tables -D FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
+ ip6tables -D INPUT -p udp --dport $CJDNS_PORT -j ACCEPT
+ ip6tables -D INPUT -p tcp --dport $CJDNS_PORT -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+
+ rm -rf /etc/cjdns
+ sed -i '/install_cjdns/d' $COMPLETION_FILE
+ sed -i '/cjdns /d' $COMPLETION_FILE
+ sed -i '/configure_firewall_for_cjdns/d' $COMPLETION_FILE
}
function install_cjdns_main {
- if [[ $ENABLE_CJDNS != "yes" ]]; then
- return
- fi
-
- if grep -Fxq "install_cjdns_main" $COMPLETION_FILE; then
- return
- fi
+ if [[ $ENABLE_CJDNS != "yes" ]]; then
+ return
+ fi
- apt-get -y install nodejs git build-essential nmap
+ if grep -Fxq "install_cjdns_main" $COMPLETION_FILE; then
+ return
+ fi
- # if a README exists then obtain the cjdns parameters
- function_check get_cjdns_ipv6_address
- get_cjdns_ipv6_address
+ apt-get -y install nodejs git build-essential nmap
- function_check get_cjdns_public_key
- get_cjdns_public_key
+ # if a README exists then obtain the cjdns parameters
+ function_check get_cjdns_ipv6_address
+ get_cjdns_ipv6_address
- function_check get_cjdns_private_key
- get_cjdns_private_key
+ function_check get_cjdns_public_key
+ get_cjdns_public_key
- function_check get_cjdns_port
- get_cjdns_port
+ function_check get_cjdns_private_key
+ get_cjdns_private_key
- function_check get_cjdns_password
- get_cjdns_password
+ function_check get_cjdns_port
+ get_cjdns_port
- # special compile settings for running ./do on the Beaglebone Black
- if [[ $INSTALLING_ON_BBB == "yes" ]]; then
- CFLAGS="-O2 -march=armv7-a -mtune=cortex-a8 -mfpu=neon -ftree-vectorize -ffast-math -mfloat-abi=hard -marm -Wno-error=maybe-uninitialized"
- export LDFLAGS="$CFLAGS"
- fi
+ function_check get_cjdns_password
+ get_cjdns_password
- if [ ! -d /etc/cjdns ]; then
- function_check git_pull
- git_clone $CJDNS_REPO /etc/cjdns
- cd /etc/cjdns
-
- git checkout $CJDNS_COMMIT -b $CJDNS_COMMIT
- if ! grep -q "cjdns commit" $COMPLETION_FILE; then
- echo "cjdns commit:$CJDNS_COMMIT" >> $COMPLETION_FILE
- else
- sed -i "s/cjdns commit.*/cjdns commit:$CJDNS_COMMIT/g" $COMPLETION_FILE
- fi
-
- ./do
- if [ ! "$?" = "0" ]; then
- exit 7439
- fi
- # create a configuration
- if [ ! -f /etc/cjdns/cjdroute.conf ]; then
- ./cjdroute --genconf > /etc/cjdns/cjdroute.conf
- if [ ! "$?" = "0" ]; then
- exit 5922
- fi
- fi
- # create a user to run as
- useradd cjdns
- else
- cd /etc/cjdns
- function_check git_pull
- git_pull $CJDNS_REPO
- ./do
- if [ ! "$?" = "0" ]; then
- exit 9926
- fi
- fi
+ # special compile settings for running ./do on the Beaglebone Black
+ if [[ $INSTALLING_ON_BBB == "yes" ]]; then
+ CFLAGS="-O2 -march=armv7-a -mtune=cortex-a8 -mfpu=neon -ftree-vectorize -ffast-math -mfloat-abi=hard -marm -Wno-error=maybe-uninitialized"
+ export LDFLAGS="$CFLAGS"
+ fi
- # set permissions
- chown -R cjdns:cjdns /etc/cjdns
- chmod 600 /etc/cjdns/cjdroute.conf
+ if [ ! -d /etc/cjdns ]; then
+ function_check git_pull
+ git_clone $CJDNS_REPO /etc/cjdns
+ cd /etc/cjdns
- /sbin/ip tuntap add mode tun user cjdns dev cjdroute0
-
- # insert values into the configuration file
- if [ $CJDNS_PRIVATE_KEY ]; then
- sed -i "s/\"privateKey\":.*/\"privateKey\": \"$CJDNS_PRIVATE_KEY\",/g" /etc/cjdns/cjdroute.conf
- else
- CJDNS_PRIVATE_KEY=$(cat /etc/cjdns/cjdroute.conf | grep '"privateKey"' | awk -F '"' '{print $4}' | sed -n 1p)
- fi
- if [ $CJDNS_PUBLIC_KEY ]; then
- sed -i "s/\"publicKey\":.*/\"publicKey\": \"$CJDNS_PUBLIC_KEY\",/g" /etc/cjdns/cjdroute.conf
- else
- CJDNS_PUBLIC_KEY=$(cat /etc/cjdns/cjdroute.conf | grep '"publicKey"' | awk -F '"' '{print $4}' | sed -n 1p)
- fi
- if [ $CJDNS_IPV6 ]; then
- sed -i "s/\"ipv6\":.*/\"ipv6\": \"$CJDNS_IPV6\",/g" /etc/cjdns/cjdroute.conf
- else
- CJDNS_IPV6=$(cat /etc/cjdns/cjdroute.conf | grep '"ipv6"' | awk -F '"' '{print $4}' | sed -n 1p)
- fi
- if [ $CJDNS_PASSWORD ]; then
- sed -i "0,/{\"password\":.*/s//{\"password\": \"$CJDNS_PASSWORD\"}/g" /etc/cjdns/cjdroute.conf
- else
- CJDNS_PASSWORD=$(cat /etc/cjdns/cjdroute.conf | grep '"password"' | awk -F '"' '{print $4}' | sed -n 1p)
- fi
- if [ $CJDNS_PORT ]; then
- sed -i "s/\"bind\": \"0.0.0.0:.*/\"bind\": \"0.0.0.0:$CJDNS_PORT\",/g" /etc/cjdns/cjdroute.conf
+ git checkout $CJDNS_COMMIT -b $CJDNS_COMMIT
+ if ! grep -q "cjdns commit" $COMPLETION_FILE; then
+ echo "cjdns commit:$CJDNS_COMMIT" >> $COMPLETION_FILE
else
- CJDNS_PORT=$(cat /etc/cjdns/cjdroute.conf | grep '"bind": "0.0.0.0:' | awk -F '"' '{print $4}' | awk -F ':' '{print $2}' | sed -n 1p)
+ sed -i "s/cjdns commit.*/cjdns commit:$CJDNS_COMMIT/g" $COMPLETION_FILE
fi
- function_check enable_ipv6
- enable_ipv6
-
- echo '#!/bin/sh -e' > /etc/init.d/cjdns
- echo '### BEGIN INIT INFO' >> /etc/init.d/cjdns
- echo '# hyperboria.sh - An init script (/etc/init.d/) for cjdns' >> /etc/init.d/cjdns
- echo '# Provides: cjdroute' >> /etc/init.d/cjdns
- echo '# Required-Start: $remote_fs $network' >> /etc/init.d/cjdns
- echo '# Required-Stop: $remote_fs $network' >> /etc/init.d/cjdns
- echo '# Default-Start: 2 3 4 5' >> /etc/init.d/cjdns
- echo '# Default-Stop: 0 1 6' >> /etc/init.d/cjdns
- echo '# Short-Description: Cjdns router' >> /etc/init.d/cjdns
- echo '# Description: A routing engine designed for security, scalability, speed and ease of use.' >> /etc/init.d/cjdns
- echo '# cjdns git repo: https://github.com/cjdelisle/cjdns/' >> /etc/init.d/cjdns
- echo '### END INIT INFO' >> /etc/init.d/cjdns
- echo '' >> /etc/init.d/cjdns
- echo 'PROG="cjdroute"' >> /etc/init.d/cjdns
- echo 'GIT_PATH="/etc/cjdns"' >> /etc/init.d/cjdns
- echo 'PROG_PATH="/etc/cjdns"' >> /etc/init.d/cjdns
- echo 'CJDNS_CONFIG="cjdroute.conf"' >> /etc/init.d/cjdns
- echo 'CJDNS_USER="cjdns"' >> /etc/init.d/cjdns
- echo "CJDNS_IP='$CJDNS_IPV6'" >> /etc/init.d/cjdns
- echo '' >> /etc/init.d/cjdns
- echo 'start() {' >> /etc/init.d/cjdns
- echo ' # Start it up with the user cjdns' >> /etc/init.d/cjdns
- echo ' if [ $(pgrep cjdroute | wc -l) != 0 ];' >> /etc/init.d/cjdns
- echo ' then' >> /etc/init.d/cjdns
- echo ' echo "cjdroute is already running. Doing nothing..."' >> /etc/init.d/cjdns
- echo ' else' >> /etc/init.d/cjdns
- echo ' echo " * Starting cjdroute"' >> /etc/init.d/cjdns
- echo ' su -c "$PROG_PATH/$PROG < $PROG_PATH/$CJDNS_CONFIG" - $CJDNS_USER' >> /etc/init.d/cjdns
- echo ' /sbin/ip addr add $CJDNS_IP/8 dev tun0' >> /etc/init.d/cjdns
- echo ' /sbin/ip link set mtu 1312 dev tun0' >> /etc/init.d/cjdns
- echo ' /sbin/ip link set tun0 up' >> /etc/init.d/cjdns
- echo ' /sbin/ip tuntap add mode tun user cjdns dev tun0' >> /etc/init.d/cjdns
- echo ' fi' >> /etc/init.d/cjdns
- echo '}' >> /etc/init.d/cjdns
- echo '' >> /etc/init.d/cjdns
- echo 'stop() {' >> /etc/init.d/cjdns
- echo '' >> /etc/init.d/cjdns
- echo ' if [ $(pgrep cjdroute | wc -l) != 2 ];' >> /etc/init.d/cjdns
- echo ' then' >> /etc/init.d/cjdns
- echo ' echo "cjdns isnt running."' >> /etc/init.d/cjdns
- echo ' else' >> /etc/init.d/cjdns
- echo ' echo "Killing cjdroute"' >> /etc/init.d/cjdns
- echo ' killall cjdroute' >> /etc/init.d/cjdns
- echo ' fi' >> /etc/init.d/cjdns
- echo '}' >> /etc/init.d/cjdns
- echo '' >> /etc/init.d/cjdns
- echo 'status() {' >> /etc/init.d/cjdns
- echo ' if [ $(pgrep cjdroute | wc -l) != 0 ];' >> /etc/init.d/cjdns
- echo ' then' >> /etc/init.d/cjdns
- echo ' echo "Cjdns is running"' >> /etc/init.d/cjdns
- echo ' else' >> /etc/init.d/cjdns
- echo ' echo "Cjdns is not running"' >> /etc/init.d/cjdns
- echo ' fi' >> /etc/init.d/cjdns
- echo '}' >> /etc/init.d/cjdns
- echo '' >> /etc/init.d/cjdns
- echo ' update() {' >> /etc/init.d/cjdns
- echo ' cd $GIT_PATH' >> /etc/init.d/cjdns
- echo ' echo "Updating..."' >> /etc/init.d/cjdns
- echo ' git pull' >> /etc/init.d/cjdns
- echo ' ./do' >> /etc/init.d/cjdns
- echo '}' >> /etc/init.d/cjdns
- echo '' >> /etc/init.d/cjdns
- echo '## Check to see if we are running as root first.' >> /etc/init.d/cjdns
- echo 'if [ "$(id -u)" != "0" ]; then' >> /etc/init.d/cjdns
- echo ' echo "This script must be run as root" 1>&2' >> /etc/init.d/cjdns
- echo ' exit 1' >> /etc/init.d/cjdns
- echo 'fi' >> /etc/init.d/cjdns
- echo '' >> /etc/init.d/cjdns
- echo 'case $1 in' >> /etc/init.d/cjdns
- echo ' start)' >> /etc/init.d/cjdns
- echo ' start' >> /etc/init.d/cjdns
- echo ' exit 0' >> /etc/init.d/cjdns
- echo ' ;;' >> /etc/init.d/cjdns
- echo ' stop)' >> /etc/init.d/cjdns
- echo ' stop' >> /etc/init.d/cjdns
- echo ' exit 0' >> /etc/init.d/cjdns
- echo ' ;;' >> /etc/init.d/cjdns
- echo ' reload|restart|force-reload)' >> /etc/init.d/cjdns
- echo ' stop' >> /etc/init.d/cjdns
- echo ' sleep 1' >> /etc/init.d/cjdns
- echo ' start' >> /etc/init.d/cjdns
- echo ' exit 0' >> /etc/init.d/cjdns
- echo ' ;;' >> /etc/init.d/cjdns
- echo ' status)' >> /etc/init.d/cjdns
- echo ' status' >> /etc/init.d/cjdns
- echo ' exit 0' >> /etc/init.d/cjdns
- echo ' ;;' >> /etc/init.d/cjdns
- echo ' update|upgrade)' >> /etc/init.d/cjdns
- echo ' update' >> /etc/init.d/cjdns
- echo ' stop' >> /etc/init.d/cjdns
- echo ' sleep 2' >> /etc/init.d/cjdns
- echo ' start' >> /etc/init.d/cjdns
- echo ' exit 0' >> /etc/init.d/cjdns
- echo ' ;;' >> /etc/init.d/cjdns
- echo ' **)' >> /etc/init.d/cjdns
- echo ' echo "Usage: $0 (start|stop|restart|status|update)" 1>&2' >> /etc/init.d/cjdns
- echo ' exit 1' >> /etc/init.d/cjdns
- echo ' ;;' >> /etc/init.d/cjdns
- echo 'esac' >> /etc/init.d/cjdns
- chmod +x /etc/init.d/cjdns
- update-rc.d cjdns defaults
- service cjdns start
+ ./do
if [ ! "$?" = "0" ]; then
- systemctl status cjdns.service
- exit 8260
- fi
-
- apt-get -y install radvd
- echo 'interface eth0' > /etc/radvd.conf
- echo '{' >> /etc/radvd.conf
- echo ' AdvSendAdvert on;' >> /etc/radvd.conf
- echo ' prefix fdfc::1/64' >> /etc/radvd.conf
- echo ' {' >> /etc/radvd.conf
- echo ' AdvRouterAddr on;' >> /etc/radvd.conf
- echo ' };' >> /etc/radvd.conf
- echo '};' >> /etc/radvd.conf
- systemctl restart radvd
+ exit 7439
+ fi
+ # create a configuration
+ if [ ! -f /etc/cjdns/cjdroute.conf ]; then
+ ./cjdroute --genconf > /etc/cjdns/cjdroute.conf
+ if [ ! "$?" = "0" ]; then
+ exit 5922
+ fi
+ fi
+ # create a user to run as
+ useradd cjdns
+ else
+ cd /etc/cjdns
+ function_check git_pull
+ git_pull $CJDNS_REPO
+ ./do
if [ ! "$?" = "0" ]; then
- systemctl status radvd.service
- exit 4395
- fi
-
- if ! grep -q "# Mesh Networking (cjdns)" /etc/network/interfaces; then
- echo '' >> /etc/network/interfaces
- echo '# Mesh Networking (cjdns)' >> /etc/network/interfaces
- echo 'iface eth0 inet6 static' >> /etc/network/interfaces
- echo ' pre-up modprobe ipv6' >> /etc/network/interfaces
- echo ' address fdfc:0000:0000:0000:0000:0000:0000:0001' >> /etc/network/interfaces
- echo ' netmask 64' >> /etc/network/interfaces
- service network-manager restart
- if [ ! "$?" = "0" ]; then
- systemctl status networking.service
- exit 6949
- fi
- fi
-
- if ! grep -q $"Mesh Networking (cjdns)" /home/$MY_USERNAME/README; then
- CURRENT_IP_ADDRESS=$(ip addr show | grep "inet " | sed -n 2p | awk -F ' ' '{print $2}' | awk -F '/' '{print $1}')
-
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'Mesh Networking (cjdns)' >> /home/$MY_USERNAME/README
- echo '=======================' >> /home/$MY_USERNAME/README
- echo $"cjdns IPv6 address: $CJDNS_IPV6" >> /home/$MY_USERNAME/README
- echo $"cjdns public key: $CJDNS_PUBLIC_KEY" >> /home/$MY_USERNAME/README
- echo $"cjdns private key: $CJDNS_PRIVATE_KEY" >> /home/$MY_USERNAME/README
- echo $"cjdns password: $CJDNS_PASSWORD" >> /home/$MY_USERNAME/README
- echo $"cjdns port: $CJDNS_PORT" >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $"Forward port $CJDNS_PORT from your internet router to the ${PROJECT_NAME}" >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'Below is an example of your connection credentials' >> /home/$MY_USERNAME/README
- echo $'that you can give to other people so they can connect' >> /home/$MY_USERNAME/README
- echo $'to you using your default password' >> /home/$MY_USERNAME/README
- echo $'Adding a unique password for each user is advisable' >> /home/$MY_USERNAME/README
- echo $'so that leaks can be isolated.' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo "\"$CURRENT_IP_ADDRESS:$CJDNS_PORT\":{\"password\":\"$CJDNS_PASSWORD\",\"publicKey\":\"$CJDNS_PUBLIC_KEY\"}" >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'More is not better. 3-5 cjdns peers is good. 30 peers is bad.' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'NEVER USE A PUBLIC PEER. These degrade the network and make it centralized.' >> /home/$MY_USERNAME/README
- echo $'Each node can handle many peers, but no node can handle the entire internet.' >> /home/$MY_USERNAME/README
- echo $'As this network grows any public peer will simply become saturated and' >> /home/$MY_USERNAME/README
- echo $'useless causing issues for the entire network.' >> /home/$MY_USERNAME/README
- echo $'Please report anyone offering you a public peer as they are promoting shared' >> /home/$MY_USERNAME/README
- echo $'passwords which could lead to people pretending to be you. A peering pass' >> /home/$MY_USERNAME/README
- echo $'should not contain someone elses nickname or info but should contain yours' >> /home/$MY_USERNAME/README
- echo $'to ensure it is not shared. It also helps when editing the conf to know who' >> /home/$MY_USERNAME/README
- echo $'each password is for.' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'Possible cjdns destinations of interest:' >> /home/$MY_USERNAME/README
- echo ' http://transitiontech.ca/faq' >> /home/$MY_USERNAME/README
- echo ' http://cjdns.ca/hypeirc.txt' >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
- fi
-
- function_check configure_firewall_for_cjdns
- configure_firewall_for_cjdns
-
- echo 'install_cjdns_main' >> $COMPLETION_FILE
+ exit 9926
+ fi
+ fi
+
+ # set permissions
+ chown -R cjdns:cjdns /etc/cjdns
+ chmod 600 /etc/cjdns/cjdroute.conf
+
+ /sbin/ip tuntap add mode tun user cjdns dev cjdroute0
+
+ # insert values into the configuration file
+ if [ $CJDNS_PRIVATE_KEY ]; then
+ sed -i "s/\"privateKey\":.*/\"privateKey\": \"$CJDNS_PRIVATE_KEY\",/g" /etc/cjdns/cjdroute.conf
+ else
+ CJDNS_PRIVATE_KEY=$(cat /etc/cjdns/cjdroute.conf | grep '"privateKey"' | awk -F '"' '{print $4}' | sed -n 1p)
+ fi
+ if [ $CJDNS_PUBLIC_KEY ]; then
+ sed -i "s/\"publicKey\":.*/\"publicKey\": \"$CJDNS_PUBLIC_KEY\",/g" /etc/cjdns/cjdroute.conf
+ else
+ CJDNS_PUBLIC_KEY=$(cat /etc/cjdns/cjdroute.conf | grep '"publicKey"' | awk -F '"' '{print $4}' | sed -n 1p)
+ fi
+ if [ $CJDNS_IPV6 ]; then
+ sed -i "s/\"ipv6\":.*/\"ipv6\": \"$CJDNS_IPV6\",/g" /etc/cjdns/cjdroute.conf
+ else
+ CJDNS_IPV6=$(cat /etc/cjdns/cjdroute.conf | grep '"ipv6"' | awk -F '"' '{print $4}' | sed -n 1p)
+ fi
+ if [ $CJDNS_PASSWORD ]; then
+ sed -i "0,/{\"password\":.*/s//{\"password\": \"$CJDNS_PASSWORD\"}/g" /etc/cjdns/cjdroute.conf
+ else
+ CJDNS_PASSWORD=$(cat /etc/cjdns/cjdroute.conf | grep '"password"' | awk -F '"' '{print $4}' | sed -n 1p)
+ fi
+ if [ $CJDNS_PORT ]; then
+ sed -i "s/\"bind\": \"0.0.0.0:.*/\"bind\": \"0.0.0.0:$CJDNS_PORT\",/g" /etc/cjdns/cjdroute.conf
+ else
+ CJDNS_PORT=$(cat /etc/cjdns/cjdroute.conf | grep '"bind": "0.0.0.0:' | awk -F '"' '{print $4}' | awk -F ':' '{print $2}' | sed -n 1p)
+ fi
+
+ function_check enable_ipv6
+ enable_ipv6
+
+ echo '#!/bin/sh -e' > /etc/init.d/cjdns
+ echo '### BEGIN INIT INFO' >> /etc/init.d/cjdns
+ echo '# hyperboria.sh - An init script (/etc/init.d/) for cjdns' >> /etc/init.d/cjdns
+ echo '# Provides: cjdroute' >> /etc/init.d/cjdns
+ echo '# Required-Start: $remote_fs $network' >> /etc/init.d/cjdns
+ echo '# Required-Stop: $remote_fs $network' >> /etc/init.d/cjdns
+ echo '# Default-Start: 2 3 4 5' >> /etc/init.d/cjdns
+ echo '# Default-Stop: 0 1 6' >> /etc/init.d/cjdns
+ echo '# Short-Description: Cjdns router' >> /etc/init.d/cjdns
+ echo '# Description: A routing engine designed for security, scalability, speed and ease of use.' >> /etc/init.d/cjdns
+ echo '# cjdns git repo: https://github.com/cjdelisle/cjdns/' >> /etc/init.d/cjdns
+ echo '### END INIT INFO' >> /etc/init.d/cjdns
+ echo '' >> /etc/init.d/cjdns
+ echo 'PROG="cjdroute"' >> /etc/init.d/cjdns
+ echo 'GIT_PATH="/etc/cjdns"' >> /etc/init.d/cjdns
+ echo 'PROG_PATH="/etc/cjdns"' >> /etc/init.d/cjdns
+ echo 'CJDNS_CONFIG="cjdroute.conf"' >> /etc/init.d/cjdns
+ echo 'CJDNS_USER="cjdns"' >> /etc/init.d/cjdns
+ echo "CJDNS_IP='$CJDNS_IPV6'" >> /etc/init.d/cjdns
+ echo '' >> /etc/init.d/cjdns
+ echo 'start() {' >> /etc/init.d/cjdns
+ echo ' # Start it up with the user cjdns' >> /etc/init.d/cjdns
+ echo ' if [ $(pgrep cjdroute | wc -l) != 0 ];' >> /etc/init.d/cjdns
+ echo ' then' >> /etc/init.d/cjdns
+ echo ' echo "cjdroute is already running. Doing nothing..."' >> /etc/init.d/cjdns
+ echo ' else' >> /etc/init.d/cjdns
+ echo ' echo " * Starting cjdroute"' >> /etc/init.d/cjdns
+ echo ' su -c "$PROG_PATH/$PROG < $PROG_PATH/$CJDNS_CONFIG" - $CJDNS_USER' >> /etc/init.d/cjdns
+ echo ' /sbin/ip addr add $CJDNS_IP/8 dev tun0' >> /etc/init.d/cjdns
+ echo ' /sbin/ip link set mtu 1312 dev tun0' >> /etc/init.d/cjdns
+ echo ' /sbin/ip link set tun0 up' >> /etc/init.d/cjdns
+ echo ' /sbin/ip tuntap add mode tun user cjdns dev tun0' >> /etc/init.d/cjdns
+ echo ' fi' >> /etc/init.d/cjdns
+ echo '}' >> /etc/init.d/cjdns
+ echo '' >> /etc/init.d/cjdns
+ echo 'stop() {' >> /etc/init.d/cjdns
+ echo '' >> /etc/init.d/cjdns
+ echo ' if [ $(pgrep cjdroute | wc -l) != 2 ];' >> /etc/init.d/cjdns
+ echo ' then' >> /etc/init.d/cjdns
+ echo ' echo "cjdns isnt running."' >> /etc/init.d/cjdns
+ echo ' else' >> /etc/init.d/cjdns
+ echo ' echo "Killing cjdroute"' >> /etc/init.d/cjdns
+ echo ' killall cjdroute' >> /etc/init.d/cjdns
+ echo ' fi' >> /etc/init.d/cjdns
+ echo '}' >> /etc/init.d/cjdns
+ echo '' >> /etc/init.d/cjdns
+ echo 'status() {' >> /etc/init.d/cjdns
+ echo ' if [ $(pgrep cjdroute | wc -l) != 0 ];' >> /etc/init.d/cjdns
+ echo ' then' >> /etc/init.d/cjdns
+ echo ' echo "Cjdns is running"' >> /etc/init.d/cjdns
+ echo ' else' >> /etc/init.d/cjdns
+ echo ' echo "Cjdns is not running"' >> /etc/init.d/cjdns
+ echo ' fi' >> /etc/init.d/cjdns
+ echo '}' >> /etc/init.d/cjdns
+ echo '' >> /etc/init.d/cjdns
+ echo ' update() {' >> /etc/init.d/cjdns
+ echo ' cd $GIT_PATH' >> /etc/init.d/cjdns
+ echo ' echo "Updating..."' >> /etc/init.d/cjdns
+ echo ' git pull' >> /etc/init.d/cjdns
+ echo ' ./do' >> /etc/init.d/cjdns
+ echo '}' >> /etc/init.d/cjdns
+ echo '' >> /etc/init.d/cjdns
+ echo '## Check to see if we are running as root first.' >> /etc/init.d/cjdns
+ echo 'if [ "$(id -u)" != "0" ]; then' >> /etc/init.d/cjdns
+ echo ' echo "This script must be run as root" 1>&2' >> /etc/init.d/cjdns
+ echo ' exit 1' >> /etc/init.d/cjdns
+ echo 'fi' >> /etc/init.d/cjdns
+ echo '' >> /etc/init.d/cjdns
+ echo 'case $1 in' >> /etc/init.d/cjdns
+ echo ' start)' >> /etc/init.d/cjdns
+ echo ' start' >> /etc/init.d/cjdns
+ echo ' exit 0' >> /etc/init.d/cjdns
+ echo ' ;;' >> /etc/init.d/cjdns
+ echo ' stop)' >> /etc/init.d/cjdns
+ echo ' stop' >> /etc/init.d/cjdns
+ echo ' exit 0' >> /etc/init.d/cjdns
+ echo ' ;;' >> /etc/init.d/cjdns
+ echo ' reload|restart|force-reload)' >> /etc/init.d/cjdns
+ echo ' stop' >> /etc/init.d/cjdns
+ echo ' sleep 1' >> /etc/init.d/cjdns
+ echo ' start' >> /etc/init.d/cjdns
+ echo ' exit 0' >> /etc/init.d/cjdns
+ echo ' ;;' >> /etc/init.d/cjdns
+ echo ' status)' >> /etc/init.d/cjdns
+ echo ' status' >> /etc/init.d/cjdns
+ echo ' exit 0' >> /etc/init.d/cjdns
+ echo ' ;;' >> /etc/init.d/cjdns
+ echo ' update|upgrade)' >> /etc/init.d/cjdns
+ echo ' update' >> /etc/init.d/cjdns
+ echo ' stop' >> /etc/init.d/cjdns
+ echo ' sleep 2' >> /etc/init.d/cjdns
+ echo ' start' >> /etc/init.d/cjdns
+ echo ' exit 0' >> /etc/init.d/cjdns
+ echo ' ;;' >> /etc/init.d/cjdns
+ echo ' **)' >> /etc/init.d/cjdns
+ echo ' echo "Usage: $0 (start|stop|restart|status|update)" 1>&2' >> /etc/init.d/cjdns
+ echo ' exit 1' >> /etc/init.d/cjdns
+ echo ' ;;' >> /etc/init.d/cjdns
+ echo 'esac' >> /etc/init.d/cjdns
+ chmod +x /etc/init.d/cjdns
+ update-rc.d cjdns defaults
+ service cjdns start
+ if [ ! "$?" = "0" ]; then
+ systemctl status cjdns.service
+ exit 8260
+ fi
+
+ apt-get -y install radvd
+ echo 'interface eth0' > /etc/radvd.conf
+ echo '{' >> /etc/radvd.conf
+ echo ' AdvSendAdvert on;' >> /etc/radvd.conf
+ echo ' prefix fdfc::1/64' >> /etc/radvd.conf
+ echo ' {' >> /etc/radvd.conf
+ echo ' AdvRouterAddr on;' >> /etc/radvd.conf
+ echo ' };' >> /etc/radvd.conf
+ echo '};' >> /etc/radvd.conf
+ systemctl restart radvd
+ if [ ! "$?" = "0" ]; then
+ systemctl status radvd.service
+ exit 4395
+ fi
+
+ if ! grep -q "# Mesh Networking (cjdns)" /etc/network/interfaces; then
+ echo '' >> /etc/network/interfaces
+ echo '# Mesh Networking (cjdns)' >> /etc/network/interfaces
+ echo 'iface eth0 inet6 static' >> /etc/network/interfaces
+ echo ' pre-up modprobe ipv6' >> /etc/network/interfaces
+ echo ' address fdfc:0000:0000:0000:0000:0000:0000:0001' >> /etc/network/interfaces
+ echo ' netmask 64' >> /etc/network/interfaces
+ service network-manager restart
+ if [ ! "$?" = "0" ]; then
+ systemctl status networking.service
+ exit 6949
+ fi
+ fi
+
+ if ! grep -q $"Mesh Networking (cjdns)" /home/$MY_USERNAME/README; then
+ CURRENT_IP_ADDRESS=$(ip addr show | grep "inet " | sed -n 2p | awk -F ' ' '{print $2}' | awk -F '/' '{print $1}')
+
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'Mesh Networking (cjdns)' >> /home/$MY_USERNAME/README
+ echo '=======================' >> /home/$MY_USERNAME/README
+ echo $"cjdns IPv6 address: $CJDNS_IPV6" >> /home/$MY_USERNAME/README
+ echo $"cjdns public key: $CJDNS_PUBLIC_KEY" >> /home/$MY_USERNAME/README
+ echo $"cjdns private key: $CJDNS_PRIVATE_KEY" >> /home/$MY_USERNAME/README
+ echo $"cjdns password: $CJDNS_PASSWORD" >> /home/$MY_USERNAME/README
+ echo $"cjdns port: $CJDNS_PORT" >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $"Forward port $CJDNS_PORT from your internet router to the ${PROJECT_NAME}" >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'Below is an example of your connection credentials' >> /home/$MY_USERNAME/README
+ echo $'that you can give to other people so they can connect' >> /home/$MY_USERNAME/README
+ echo $'to you using your default password' >> /home/$MY_USERNAME/README
+ echo $'Adding a unique password for each user is advisable' >> /home/$MY_USERNAME/README
+ echo $'so that leaks can be isolated.' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo "\"$CURRENT_IP_ADDRESS:$CJDNS_PORT\":{\"password\":\"$CJDNS_PASSWORD\",\"publicKey\":\"$CJDNS_PUBLIC_KEY\"}" >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'More is not better. 3-5 cjdns peers is good. 30 peers is bad.' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'NEVER USE A PUBLIC PEER. These degrade the network and make it centralized.' >> /home/$MY_USERNAME/README
+ echo $'Each node can handle many peers, but no node can handle the entire internet.' >> /home/$MY_USERNAME/README
+ echo $'As this network grows any public peer will simply become saturated and' >> /home/$MY_USERNAME/README
+ echo $'useless causing issues for the entire network.' >> /home/$MY_USERNAME/README
+ echo $'Please report anyone offering you a public peer as they are promoting shared' >> /home/$MY_USERNAME/README
+ echo $'passwords which could lead to people pretending to be you. A peering pass' >> /home/$MY_USERNAME/README
+ echo $'should not contain someone elses nickname or info but should contain yours' >> /home/$MY_USERNAME/README
+ echo $'to ensure it is not shared. It also helps when editing the conf to know who' >> /home/$MY_USERNAME/README
+ echo $'each password is for.' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'Possible cjdns destinations of interest:' >> /home/$MY_USERNAME/README
+ echo ' http://transitiontech.ca/faq' >> /home/$MY_USERNAME/README
+ echo ' http://cjdns.ca/hypeirc.txt' >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
+
+ function_check configure_firewall_for_cjdns
+ configure_firewall_for_cjdns
+
+ echo 'install_cjdns_main' >> $COMPLETION_FILE
}
function install_cjdns_tools {
- if grep -Fxq "install_cjdns_tools" $COMPLETION_FILE; then
- return
- fi
- if [[ $ENABLE_CJDNS != "yes" ]]; then
- return
- fi
- if [ ! -d /etc/cjdns ]; then
- install_cjdns
- fi
-
- function_check select_go_version
- select_go_version
-
- apt-get -y install golang mercurial
- if [ ! -f ~/.bashrc ]; then
- touch ~/.bashrc
- fi
-
- if [ ! -d /home/git ]; then
- # add a gogs user account
- adduser --disabled-login --gecos 'Gogs' git
-
- # install Go
- if ! grep -q "export GOPATH=" ~/.bashrc; then
- echo "export GOPATH=$GOPATH" >> ~/.bashrc
- fi
- systemctl set-environment GOPATH=$GOPATH
- if ! grep -q "systemctl set-environment GOPATH=" ~/.bashrc; then
- echo "systemctl set-environment GOPATH=$GOPATH" >> ~/.bashrc
- fi
- if [ ! -d $GOPATH ]; then
- mkdir -p $GOPATH
- fi
- fi
-
+ if grep -Fxq "install_cjdns_tools" $COMPLETION_FILE; then
+ return
+ fi
+ if [[ $ENABLE_CJDNS != "yes" ]]; then
+ return
+ fi
+ if [ ! -d /etc/cjdns ]; then
+ install_cjdns
+ fi
+
+ function_check select_go_version
+ select_go_version
+
+ apt-get -y install golang mercurial
+ if [ ! -f ~/.bashrc ]; then
+ touch ~/.bashrc
+ fi
+
+ if [ ! -d /home/git ]; then
+ # add a gogs user account
+ adduser --disabled-login --gecos 'Gogs' git
+
+ # install Go
if ! grep -q "export GOPATH=" ~/.bashrc; then
- echo "export GOPATH=$GOPATH" >> ~/.bashrc
- fi
- expected_go_path='export PATH=$PATH:'${GOPATH}'/bin'
- export PATH=$PATH:${GOPATH}/bin
- if ! grep -q "$expected_go_path" ~/.bashrc; then
- echo "$expected_go_path" >> ~/.bashrc
- fi
- export PATH=$PATH:$GOPATH/bin
- CJDCMD_REPO2=$(echo "$CJDCMD_REPO" | sed 's|https://||g')
- go get $CJDCMD_REPO2
- if [ ! -f $GOPATH/bin/cjdcmd ]; then
- echo $'cjdcmd was not compiled. Check your golang installation'
- exit 7439
- fi
- cp $GOPATH/bin/cjdcmd /usr/bin
-
- # initialise from the cjdns config
- /usr/bin/cjdcmd cjdnsadmin -file /etc/cjdns/cjdroute.conf
-
- echo 'install_cjdns_tools' >> $COMPLETION_FILE
+ echo "export GOPATH=$GOPATH" >> ~/.bashrc
+ fi
+ systemctl set-environment GOPATH=$GOPATH
+ if ! grep -q "systemctl set-environment GOPATH=" ~/.bashrc; then
+ echo "systemctl set-environment GOPATH=$GOPATH" >> ~/.bashrc
+ fi
+ if [ ! -d $GOPATH ]; then
+ mkdir -p $GOPATH
+ fi
+ fi
+
+ if ! grep -q "export GOPATH=" ~/.bashrc; then
+ echo "export GOPATH=$GOPATH" >> ~/.bashrc
+ fi
+ expected_go_path='export PATH=$PATH:'${GOPATH}'/bin'
+ export PATH=$PATH:${GOPATH}/bin
+ if ! grep -q "$expected_go_path" ~/.bashrc; then
+ echo "$expected_go_path" >> ~/.bashrc
+ fi
+ export PATH=$PATH:$GOPATH/bin
+ CJDCMD_REPO2=$(echo "$CJDCMD_REPO" | sed 's|https://||g')
+ go get $CJDCMD_REPO2
+ if [ ! -f $GOPATH/bin/cjdcmd ]; then
+ echo $'cjdcmd was not compiled. Check your golang installation'
+ exit 7439
+ fi
+ cp $GOPATH/bin/cjdcmd /usr/bin
+
+ # initialise from the cjdns config
+ /usr/bin/cjdcmd cjdnsadmin -file /etc/cjdns/cjdroute.conf
+
+ echo 'install_cjdns_tools' >> $COMPLETION_FILE
}
function install_cjdns {
- if grep -Fxq "install_cjdns" $COMPLETION_FILE; then
- return
- fi
- install_cjdns_main
- install_cjdns_tools
- echo 'install_cjdns' >> $COMPLETION_FILE
+ if grep -Fxq "install_cjdns" $COMPLETION_FILE; then
+ return
+ fi
+ install_cjdns_main
+ install_cjdns_tools
+ echo 'install_cjdns' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-dlna b/src/freedombone-app-dlna
index 734e663b1..61e599794 100755
--- a/src/freedombone-app-dlna
+++ b/src/freedombone-app-dlna
@@ -31,205 +31,205 @@
VARIANTS='full media'
function reconfigure_dlna {
- echo ''
+ echo ''
}
function upgrade_dlna {
- echo ''
+ echo ''
}
function configure_firewall_for_dlna {
- if grep -Fxq "configure_firewall_for_dlna" $COMPLETION_FILE; then
- return
- fi
- if [[ $INSTALLED_WITHIN_DOCKER == "yes" ]]; then
- # docker does its own firewalling
- return
- fi
- iptables -A INPUT -p udp --dport 1900 -j ACCEPT
- iptables -A INPUT -p tcp --dport 8200 -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
-
- OPEN_PORTS+=('DLNA 1900')
- OPEN_PORTS+=('DLNA 8200')
- echo 'configure_firewall_for_dlna' >> $COMPLETION_FILE
+ if grep -Fxq "configure_firewall_for_dlna" $COMPLETION_FILE; then
+ return
+ fi
+ if [[ $INSTALLED_WITHIN_DOCKER == "yes" ]]; then
+ # docker does its own firewalling
+ return
+ fi
+ iptables -A INPUT -p udp --dport 1900 -j ACCEPT
+ iptables -A INPUT -p tcp --dport 8200 -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+
+ OPEN_PORTS+=('DLNA 1900')
+ OPEN_PORTS+=('DLNA 8200')
+ echo 'configure_firewall_for_dlna' >> $COMPLETION_FILE
}
function backup_local_dlna {
- source_directory=/var/cache/minidlna
- if [ -d $source_directory ]; then
- dest_directory=dlna
- echo $"Backing up $source_directory to $dest_directory"
+ source_directory=/var/cache/minidlna
+ if [ -d $source_directory ]; then
+ dest_directory=dlna
+ echo $"Backing up $source_directory to $dest_directory"
- function_check backup_directory_to_usb
- backup_directory_to_usb $source_directory $dest_directory
+ function_check backup_directory_to_usb
+ backup_directory_to_usb $source_directory $dest_directory
- echo $"Backup to $dest_directory complete"
- fi
+ echo $"Backup to $dest_directory complete"
+ fi
}
function restore_local_dlna {
- if [ -d /var/cache/minidlna ]; then
- if [ -d $USB_MOUNT/backup/dlna ]; then
- echo $"Restoring DLNA cache"
- temp_restore_dir=/root/tempdlna
- function_check restore_directory_from_usb
- restore_directory_from_usb $temp_restore_dir dlna
- cp -r $temp_restore_dir/var/cache/minidlna/* /var/cache/minidlna/
- if [ ! "$?" = "0" ]; then
- rm -rf $temp_restore_dir
- function_check set_user_permissions
- set_user_permissions
- function_check backup_unmount_drive
- backup_unmount_drive
- exit 982572
- fi
- rm -rf $temp_restore_dir
- fi
- fi
+ if [ -d /var/cache/minidlna ]; then
+ if [ -d $USB_MOUNT/backup/dlna ]; then
+ echo $"Restoring DLNA cache"
+ temp_restore_dir=/root/tempdlna
+ function_check restore_directory_from_usb
+ restore_directory_from_usb $temp_restore_dir dlna
+ cp -r $temp_restore_dir/var/cache/minidlna/* /var/cache/minidlna/
+ if [ ! "$?" = "0" ]; then
+ rm -rf $temp_restore_dir
+ function_check set_user_permissions
+ set_user_permissions
+ function_check backup_unmount_drive
+ backup_unmount_drive
+ exit 982572
+ fi
+ rm -rf $temp_restore_dir
+ fi
+ fi
}
function backup_remote_dlna {
- if [ -d /var/cache/minidlna ]; then
- echo $"Backing up DLNA cache"
- backup_directory_to_friend /var/cache/minidlna dlna
- echo $"Backup of DLNA cache complete"
- fi
+ if [ -d /var/cache/minidlna ]; then
+ echo $"Backing up DLNA cache"
+ backup_directory_to_friend /var/cache/minidlna dlna
+ echo $"Backup of DLNA cache complete"
+ fi
}
function restore_remote_dlna {
- if [ -d /var/cache/minidlna ]; then
- if [ -d $SERVER_DIRECTORY/backup/dlna ]; then
- echo $"Restoring DLNA cache"
- temp_restore_dir=/root/tempdlna
- function_check restore_directory_from_friend
- restore_directory_from_friend $temp_restore_dir dlna
- cp -r $temp_restore_dir/var/cache/minidlna/* /var/cache/minidlna/
- if [ ! "$?" = "0" ]; then
- exit 982
- fi
- rm -rf $temp_restore_dir
- echo $"Restore of DLNA complete"
- fi
- fi
+ if [ -d /var/cache/minidlna ]; then
+ if [ -d $SERVER_DIRECTORY/backup/dlna ]; then
+ echo $"Restoring DLNA cache"
+ temp_restore_dir=/root/tempdlna
+ function_check restore_directory_from_friend
+ restore_directory_from_friend $temp_restore_dir dlna
+ cp -r $temp_restore_dir/var/cache/minidlna/* /var/cache/minidlna/
+ if [ ! "$?" = "0" ]; then
+ exit 982
+ fi
+ rm -rf $temp_restore_dir
+ echo $"Restore of DLNA complete"
+ fi
+ fi
}
function remove_dlna {
- if ! grep -Fxq "install_dlna" $COMPLETION_FILE; then
- return
- fi
- service minidlna stop
- apt-get -y remove --purge minidlna
- if [ -f /etc/minidlna.conf ]; then
- rm /etc/minidlna.conf
- fi
- iptables -D INPUT -p udp --dport 1900 -j ACCEPT
- iptables -D INPUT -p tcp --dport 8200 -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
- sed -i '/install_dlna/d' $COMPLETION_FILE
+ if ! grep -Fxq "install_dlna" $COMPLETION_FILE; then
+ return
+ fi
+ service minidlna stop
+ apt-get -y remove --purge minidlna
+ if [ -f /etc/minidlna.conf ]; then
+ rm /etc/minidlna.conf
+ fi
+ iptables -D INPUT -p udp --dport 1900 -j ACCEPT
+ iptables -D INPUT -p tcp --dport 8200 -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+ sed -i '/install_dlna/d' $COMPLETION_FILE
}
function install_dlna_main {
- if grep -Fxq "install_dlna_main" $COMPLETION_FILE; then
- return
- fi
-
- apt-get -y install minidlna
-
- if [ ! -f /etc/minidlna.conf ]; then
- echo $"ERROR: minidlna does not appear to have installed. $CHECK_MESSAGE"
- exit 55
- fi
-
- sed -i "s|media_dir=/var/lib/minidlna|media_dir=A,/home/$MY_USERNAME/Music|g" /etc/minidlna.conf
- if ! grep -q "/home/$MY_USERNAME/Pictures" /etc/minidlna.conf; then
- echo "media_dir=P,/home/$MY_USERNAME/Pictures" >> /etc/minidlna.conf
- fi
- if ! grep -q "/home/$MY_USERNAME/Videos" /etc/minidlna.conf; then
- echo "media_dir=V,/home/$MY_USERNAME/Videos" >> /etc/minidlna.conf
- fi
- if ! grep -q "$USB_MOUNT/Music" /etc/minidlna.conf; then
- echo "media_dir=A,$USB_MOUNT/Music" >> /etc/minidlna.conf
- fi
- if ! grep -q "$USB_MOUNT/Pictures" /etc/minidlna.conf; then
- echo "media_dir=P,$USB_MOUNT/Pictures" >> /etc/minidlna.conf
- fi
- if ! grep -q "$USB_MOUNT/Videos" /etc/minidlna.conf; then
- echo "media_dir=V,$USB_MOUNT/Videos" >> /etc/minidlna.conf
- fi
- sed -i 's/#root_container=./root_container=B/g' /etc/minidlna.conf
- if [[ $SYSTEM_TYPE != "$VARIANT_MESH" ]]; then
- sed -i 's/#network_interface=/network_interface=eth0/g' /etc/minidlna.conf
- else
- sed -i 's/#network_interface=/network_interface=$WIFI_INTERFACE/g' /etc/minidlna.conf
- fi
- sed -i "s/#friendly_name=/friendly_name=\"${PROJECT_NAME} Media\"/g" /etc/minidlna.conf
- sed -i 's|#db_dir=/var/cache/minidlna|db_dir=/var/cache/minidlna|g' /etc/minidlna.conf
- sed -i 's/#inotify=yes/inotify=yes/g' /etc/minidlna.conf
- sed -i 's/#notify_interval=895/notify_interval=300/g' /etc/minidlna.conf
- sed -i "s|#presentation_url=/|presentation_url=http://localhost:8200|g" /etc/minidlna.conf
- service minidlna force-reload
- service minidlna reload
-
- sed -i 's/fs.inotify.max_user_watches*/fs.inotify.max_user_watches=65536/g' /etc/sysctl.conf
- if ! grep -q "max_user_watches" $COMPLETION_FILE; then
- echo 'fs.inotify.max_user_watches=65536' >> /etc/sysctl.conf
- fi
- /sbin/sysctl -p
-
- function_check configure_firewall_for_dlna
- configure_firewall_for_dlna
- echo 'install_dlna_main' >> $COMPLETION_FILE
+ if grep -Fxq "install_dlna_main" $COMPLETION_FILE; then
+ return
+ fi
+
+ apt-get -y install minidlna
+
+ if [ ! -f /etc/minidlna.conf ]; then
+ echo $"ERROR: minidlna does not appear to have installed. $CHECK_MESSAGE"
+ exit 55
+ fi
+
+ sed -i "s|media_dir=/var/lib/minidlna|media_dir=A,/home/$MY_USERNAME/Music|g" /etc/minidlna.conf
+ if ! grep -q "/home/$MY_USERNAME/Pictures" /etc/minidlna.conf; then
+ echo "media_dir=P,/home/$MY_USERNAME/Pictures" >> /etc/minidlna.conf
+ fi
+ if ! grep -q "/home/$MY_USERNAME/Videos" /etc/minidlna.conf; then
+ echo "media_dir=V,/home/$MY_USERNAME/Videos" >> /etc/minidlna.conf
+ fi
+ if ! grep -q "$USB_MOUNT/Music" /etc/minidlna.conf; then
+ echo "media_dir=A,$USB_MOUNT/Music" >> /etc/minidlna.conf
+ fi
+ if ! grep -q "$USB_MOUNT/Pictures" /etc/minidlna.conf; then
+ echo "media_dir=P,$USB_MOUNT/Pictures" >> /etc/minidlna.conf
+ fi
+ if ! grep -q "$USB_MOUNT/Videos" /etc/minidlna.conf; then
+ echo "media_dir=V,$USB_MOUNT/Videos" >> /etc/minidlna.conf
+ fi
+ sed -i 's/#root_container=./root_container=B/g' /etc/minidlna.conf
+ if [[ $SYSTEM_TYPE != "$VARIANT_MESH" ]]; then
+ sed -i 's/#network_interface=/network_interface=eth0/g' /etc/minidlna.conf
+ else
+ sed -i 's/#network_interface=/network_interface=$WIFI_INTERFACE/g' /etc/minidlna.conf
+ fi
+ sed -i "s/#friendly_name=/friendly_name=\"${PROJECT_NAME} Media\"/g" /etc/minidlna.conf
+ sed -i 's|#db_dir=/var/cache/minidlna|db_dir=/var/cache/minidlna|g' /etc/minidlna.conf
+ sed -i 's/#inotify=yes/inotify=yes/g' /etc/minidlna.conf
+ sed -i 's/#notify_interval=895/notify_interval=300/g' /etc/minidlna.conf
+ sed -i "s|#presentation_url=/|presentation_url=http://localhost:8200|g" /etc/minidlna.conf
+ service minidlna force-reload
+ service minidlna reload
+
+ sed -i 's/fs.inotify.max_user_watches*/fs.inotify.max_user_watches=65536/g' /etc/sysctl.conf
+ if ! grep -q "max_user_watches" $COMPLETION_FILE; then
+ echo 'fs.inotify.max_user_watches=65536' >> /etc/sysctl.conf
+ fi
+ /sbin/sysctl -p
+
+ function_check configure_firewall_for_dlna
+ configure_firewall_for_dlna
+ echo 'install_dlna_main' >> $COMPLETION_FILE
}
function script_for_attaching_usb_drive {
- if grep -Fxq "script_for_attaching_usb_drive" $COMPLETION_FILE; then
- return
- fi
- echo '#!/bin/bash' > /usr/bin/attach-music
- echo 'remove-music' >> /usr/bin/attach-music
- echo "if [ ! -d $USB_MOUNT ]; then" >> /usr/bin/attach-music
- echo " mkdir $USB_MOUNT" >> /usr/bin/attach-music
- echo 'fi' >> /usr/bin/attach-music
- echo "mount /dev/sda1 $USB_MOUNT" >> /usr/bin/attach-music
- echo "chown root:root $USB_MOUNT" >> /usr/bin/attach-music
- echo "chown -R minidlna:minidlna $USB_MOUNT/*" >> /usr/bin/attach-music
- echo 'service minidlna restart' >> /usr/bin/attach-music
- echo 'minidlnad -R' >> /usr/bin/attach-music
- chmod +x /usr/bin/attach-music
- ln -s /usr/bin/attach-music /usr/bin/attach-usb
- ln -s /usr/bin/attach-music /usr/bin/attach-videos
- ln -s /usr/bin/attach-music /usr/bin/attach-pictures
- ln -s /usr/bin/attach-music /usr/bin/attach-media
-
- echo '#!/bin/bash' > /usr/bin/remove-music
- echo "if [ -d $USB_MOUNT ]; then" >> /usr/bin/remove-music
- echo " umount $USB_MOUNT" >> /usr/bin/remove-music
- echo " rm -rf $USB_MOUNT" >> /usr/bin/remove-music
- echo 'fi' >> /usr/bin/remove-music
- chmod +x /usr/bin/remove-music
- ln -s /usr/bin/remove-music /usr/bin/detach-music
- ln -s /usr/bin/remove-music /usr/bin/detach-usb
- ln -s /usr/bin/remove-music /usr/bin/remove-usb
- ln -s /usr/bin/remove-music /usr/bin/detach-media
- ln -s /usr/bin/remove-music /usr/bin/remove-media
- ln -s /usr/bin/remove-music /usr/bin/detach-videos
- ln -s /usr/bin/remove-music /usr/bin/remove-videos
- ln -s /usr/bin/remove-music /usr/bin/detach-pictures
- ln -s /usr/bin/remove-music /usr/bin/remove-pictures
-
- echo 'script_for_attaching_usb_drive' >> $COMPLETION_FILE
+ if grep -Fxq "script_for_attaching_usb_drive" $COMPLETION_FILE; then
+ return
+ fi
+ echo '#!/bin/bash' > /usr/bin/attach-music
+ echo 'remove-music' >> /usr/bin/attach-music
+ echo "if [ ! -d $USB_MOUNT ]; then" >> /usr/bin/attach-music
+ echo " mkdir $USB_MOUNT" >> /usr/bin/attach-music
+ echo 'fi' >> /usr/bin/attach-music
+ echo "mount /dev/sda1 $USB_MOUNT" >> /usr/bin/attach-music
+ echo "chown root:root $USB_MOUNT" >> /usr/bin/attach-music
+ echo "chown -R minidlna:minidlna $USB_MOUNT/*" >> /usr/bin/attach-music
+ echo 'service minidlna restart' >> /usr/bin/attach-music
+ echo 'minidlnad -R' >> /usr/bin/attach-music
+ chmod +x /usr/bin/attach-music
+ ln -s /usr/bin/attach-music /usr/bin/attach-usb
+ ln -s /usr/bin/attach-music /usr/bin/attach-videos
+ ln -s /usr/bin/attach-music /usr/bin/attach-pictures
+ ln -s /usr/bin/attach-music /usr/bin/attach-media
+
+ echo '#!/bin/bash' > /usr/bin/remove-music
+ echo "if [ -d $USB_MOUNT ]; then" >> /usr/bin/remove-music
+ echo " umount $USB_MOUNT" >> /usr/bin/remove-music
+ echo " rm -rf $USB_MOUNT" >> /usr/bin/remove-music
+ echo 'fi' >> /usr/bin/remove-music
+ chmod +x /usr/bin/remove-music
+ ln -s /usr/bin/remove-music /usr/bin/detach-music
+ ln -s /usr/bin/remove-music /usr/bin/detach-usb
+ ln -s /usr/bin/remove-music /usr/bin/remove-usb
+ ln -s /usr/bin/remove-music /usr/bin/detach-media
+ ln -s /usr/bin/remove-music /usr/bin/remove-media
+ ln -s /usr/bin/remove-music /usr/bin/detach-videos
+ ln -s /usr/bin/remove-music /usr/bin/remove-videos
+ ln -s /usr/bin/remove-music /usr/bin/detach-pictures
+ ln -s /usr/bin/remove-music /usr/bin/remove-pictures
+
+ echo 'script_for_attaching_usb_drive' >> $COMPLETION_FILE
}
function install_dlna {
- if grep -Fxq "install_dlna" $COMPLETION_FILE; then
- return
- fi
- install_dlna_main
- script_for_attaching_usb_drive
- echo 'install_dlna' >> $COMPLETION_FILE
+ if grep -Fxq "install_dlna" $COMPLETION_FILE; then
+ return
+ fi
+ install_dlna_main
+ script_for_attaching_usb_drive
+ echo 'install_dlna' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-emacs b/src/freedombone-app-emacs
index bccc3515e..4cecec7d9 100755
--- a/src/freedombone-app-emacs
+++ b/src/freedombone-app-emacs
@@ -31,154 +31,154 @@
VARIANTS='all'
function reconfigure_emacs {
- echo -n ''
+ echo -n ''
}
function upgrade_emacs {
- echo -n ''
+ echo -n ''
}
function backup_local_emacs {
- for d in /home/*/ ; do
- USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
- if [[ $USERNAME != "git" && $USERNAME != "mirrors" && $USERNAME != "sync" ]]; then
- if [ -d /home/$USERNAME/.emacs.d ]; then
- echo $"Backing up Emacs config for $USERNAME"
- if [ -f /home/$USERNAME/.emacs ]; then
- cp /home/$USERNAME/.emacs /home/$USERNAME/.emacs.d/dotemacs
- fi
- function_check backup_directory_to_usb
- backup_directory_to_usb /home/$USERNAME/.emacs.d config/$USERNAME
- fi
+ for d in /home/*/ ; do
+ USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
+ if [[ $USERNAME != "git" && $USERNAME != "mirrors" && $USERNAME != "sync" ]]; then
+ if [ -d /home/$USERNAME/.emacs.d ]; then
+ echo $"Backing up Emacs config for $USERNAME"
+ if [ -f /home/$USERNAME/.emacs ]; then
+ cp /home/$USERNAME/.emacs /home/$USERNAME/.emacs.d/dotemacs
fi
- done
+ function_check backup_directory_to_usb
+ backup_directory_to_usb /home/$USERNAME/.emacs.d config/$USERNAME
+ fi
+ fi
+ done
}
function restore_local_emacs {
- temp_restore_dir=/root/tempemacs
- if [ -d $USB_MOUNT/backup/emacs ]; then
- for d in $USB_MOUNT/backup/emacs/*/ ; do
- USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
- if [[ $USERNAME != "git" && $USERNAME != "mirrors" && $USERNAME != "sync" ]]; then
- if [ ! -d /home/$USERNAME ]; then
- ${PROJECT_NAME}-adduser $USERNAME
- fi
- echo $"Restoring Emacs config for $USERNAME"
- function_check restore_directory_from_usb
- restore_directory_from_usb $temp_restore_dir emacs/$USERNAME
- cp -r $temp_restore_dir/home/$USERNAME/.emacs.d /home/$USERNAME/
- if [ ! "$?" = "0" ]; then
- rm -rf $temp_restore_dir
- function_check set_user_permissions
- set_user_permissions
- function_check backup_unmount_drive
- backup_unmount_drive
- exit 664
- fi
- cp -f $temp_restore_dir/home/$USERNAME/.emacs.d/dotemacs /home/$USERNAME/.emacs
- rm -rf $temp_restore_dir
- fi
- done
- fi
+ temp_restore_dir=/root/tempemacs
+ if [ -d $USB_MOUNT/backup/emacs ]; then
+ for d in $USB_MOUNT/backup/emacs/*/ ; do
+ USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
+ if [[ $USERNAME != "git" && $USERNAME != "mirrors" && $USERNAME != "sync" ]]; then
+ if [ ! -d /home/$USERNAME ]; then
+ ${PROJECT_NAME}-adduser $USERNAME
+ fi
+ echo $"Restoring Emacs config for $USERNAME"
+ function_check restore_directory_from_usb
+ restore_directory_from_usb $temp_restore_dir emacs/$USERNAME
+ cp -r $temp_restore_dir/home/$USERNAME/.emacs.d /home/$USERNAME/
+ if [ ! "$?" = "0" ]; then
+ rm -rf $temp_restore_dir
+ function_check set_user_permissions
+ set_user_permissions
+ function_check backup_unmount_drive
+ backup_unmount_drive
+ exit 664
+ fi
+ cp -f $temp_restore_dir/home/$USERNAME/.emacs.d/dotemacs /home/$USERNAME/.emacs
+ rm -rf $temp_restore_dir
+ fi
+ done
+ fi
}
function backup_remote_emacs {
- echo -n ''
+ echo -n ''
}
function restore_remote_emacs {
- echo -n ''
+ echo -n ''
}
function remove_emacs {
- if ! grep -Fxq "install_emacs" $COMPLETION_FILE; then
- return
- fi
- apt-get -y remove --purge emacs24
- update-alternatives --set editor /usr/bin/nano
- sed -i '/install_emacs/d' $COMPLETION_FILE
+ if ! grep -Fxq "install_emacs" $COMPLETION_FILE; then
+ return
+ fi
+ apt-get -y remove --purge emacs24
+ update-alternatives --set editor /usr/bin/nano
+ sed -i '/install_emacs/d' $COMPLETION_FILE
}
function install_emacs {
- if grep -Fxq "install_emacs" $COMPLETION_FILE; then
- return
- fi
- update-alternatives --set editor /usr/bin/emacs24
+ if grep -Fxq "install_emacs" $COMPLETION_FILE; then
+ return
+ fi
+ update-alternatives --set editor /usr/bin/emacs24
- # A minimal emacs configuration
- #echo -n "(add-to-list 'load-path " > /home/$MY_USERNAME/.emacs
- #echo '"~/.emacs.d/")' >> /home/$MY_USERNAME/.emacs
- #echo '' >> /home/$MY_USERNAME/.emacs
- echo $';; ===== Remove trailing whitepace ======================================' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo ";;(add-hook 'before-save-hook 'delete-trailing-whitespace)" >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo ';; Goto a line number with CTRL-l' >> /home/$MY_USERNAME/.emacs
- echo -n '(global-set-key "\C-l" ' >> /home/$MY_USERNAME/.emacs
- echo "'goto-line)" >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo $';; ===== Show line numbers ==============================================' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo "(add-hook 'find-file-hook (lambda () (linum-mode 1)))" >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo $';; ===== Enable line wrapping in org-mode ===============================' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo " (add-hook 'org-mode-hook" >> /home/$MY_USERNAME/.emacs
- echo " '(lambda ()" >> /home/$MY_USERNAME/.emacs
- echo " (visual-line-mode 1)))" >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo $';; ===== Enable shift select in org mode ================================' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo '(setq org-support-shift-select t)' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo $';; ===== Set standard indent to 4 rather that 4 =========================' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo '(setq standard-indent 4)' >> /home/$MY_USERNAME/.emacs
- echo '(setq-default tab-width 4)' >> /home/$MY_USERNAME/.emacs
- echo '(setq c-basic-offset 4)' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo $';; ===== Support Wheel Mouse Scrolling ==================================' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo '(mouse-wheel-mode t)' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo $';; ===== Place Backup Files in Specific Directory =======================' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo '(setq make-backup-files t)' >> /home/$MY_USERNAME/.emacs
- echo '(setq version-control t)' >> /home/$MY_USERNAME/.emacs
- echo '(setq backup-directory-alist (quote ((".*" . "~/.emacs_backups/"))))' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo $';; ===== Make Text mode the default mode for new buffers ================' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo "(setq default-major-mode 'text-mode)" >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo $';; ===== Line length ====================================================' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo '(setq-default fill-column 72)' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo $';; ===== Enable Line and Column Numbering ===============================' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo '(line-number-mode 1)' >> /home/$MY_USERNAME/.emacs
- echo '(column-number-mode 1)' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo $';; ===== Turn on Auto Fill mode automatically in all modes ==============' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo ';; Auto-fill-mode the the automatic wrapping of lines and insertion of' >> /home/$MY_USERNAME/.emacs
- echo ';; newlines when the cursor goes over the column limit.' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo ';; This should actually turn on auto-fill-mode by default in all major' >> /home/$MY_USERNAME/.emacs
- echo ';; modes. The other way to do this is to turn on the fill for specific modes' >> /home/$MY_USERNAME/.emacs
- echo ';; via hooks.' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo '(setq auto-fill-mode 1)' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo $';; ===== Enable GPG encryption =========================================' >> /home/$MY_USERNAME/.emacs
- echo '' >> /home/$MY_USERNAME/.emacs
- echo "(require 'epa)" >> /home/$MY_USERNAME/.emacs
- echo '(epa-file-enable)' >> /home/$MY_USERNAME/.emacs
- cp /home/$MY_USERNAME/.emacs /root/.emacs
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.emacs
+ # A minimal emacs configuration
+ #echo -n "(add-to-list 'load-path " > /home/$MY_USERNAME/.emacs
+ #echo '"~/.emacs.d/")' >> /home/$MY_USERNAME/.emacs
+ #echo '' >> /home/$MY_USERNAME/.emacs
+ echo $';; ===== Remove trailing whitepace ======================================' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo ";;(add-hook 'before-save-hook 'delete-trailing-whitespace)" >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo ';; Goto a line number with CTRL-l' >> /home/$MY_USERNAME/.emacs
+ echo -n '(global-set-key "\C-l" ' >> /home/$MY_USERNAME/.emacs
+ echo "'goto-line)" >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo $';; ===== Show line numbers ==============================================' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo "(add-hook 'find-file-hook (lambda () (linum-mode 1)))" >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo $';; ===== Enable line wrapping in org-mode ===============================' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo " (add-hook 'org-mode-hook" >> /home/$MY_USERNAME/.emacs
+ echo " '(lambda ()" >> /home/$MY_USERNAME/.emacs
+ echo " (visual-line-mode 1)))" >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo $';; ===== Enable shift select in org mode ================================' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo '(setq org-support-shift-select t)' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo $';; ===== Set standard indent to 4 rather that 4 =========================' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo '(setq standard-indent 4)' >> /home/$MY_USERNAME/.emacs
+ echo '(setq-default tab-width 4)' >> /home/$MY_USERNAME/.emacs
+ echo '(setq c-basic-offset 4)' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo $';; ===== Support Wheel Mouse Scrolling ==================================' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo '(mouse-wheel-mode t)' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo $';; ===== Place Backup Files in Specific Directory =======================' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo '(setq make-backup-files t)' >> /home/$MY_USERNAME/.emacs
+ echo '(setq version-control t)' >> /home/$MY_USERNAME/.emacs
+ echo '(setq backup-directory-alist (quote ((".*" . "~/.emacs_backups/"))))' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo $';; ===== Make Text mode the default mode for new buffers ================' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo "(setq default-major-mode 'text-mode)" >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo $';; ===== Line length ====================================================' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo '(setq-default fill-column 72)' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo $';; ===== Enable Line and Column Numbering ===============================' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo '(line-number-mode 1)' >> /home/$MY_USERNAME/.emacs
+ echo '(column-number-mode 1)' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo $';; ===== Turn on Auto Fill mode automatically in all modes ==============' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo ';; Auto-fill-mode the the automatic wrapping of lines and insertion of' >> /home/$MY_USERNAME/.emacs
+ echo ';; newlines when the cursor goes over the column limit.' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo ';; This should actually turn on auto-fill-mode by default in all major' >> /home/$MY_USERNAME/.emacs
+ echo ';; modes. The other way to do this is to turn on the fill for specific modes' >> /home/$MY_USERNAME/.emacs
+ echo ';; via hooks.' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo '(setq auto-fill-mode 1)' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo $';; ===== Enable GPG encryption =========================================' >> /home/$MY_USERNAME/.emacs
+ echo '' >> /home/$MY_USERNAME/.emacs
+ echo "(require 'epa)" >> /home/$MY_USERNAME/.emacs
+ echo '(epa-file-enable)' >> /home/$MY_USERNAME/.emacs
+ cp /home/$MY_USERNAME/.emacs /root/.emacs
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.emacs
- echo 'install_emacs' >> $COMPLETION_FILE
+ echo 'install_emacs' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-gogs b/src/freedombone-app-gogs
index fde2e9af5..5a6c2976d 100755
--- a/src/freedombone-app-gogs
+++ b/src/freedombone-app-gogs
@@ -38,437 +38,403 @@ GIT_ADMIN_PASSWORD=
GOGS_COMMIT='3fb4f7f4980b4339fd9ef6a3ba5b0acab83d264d'
function reconfigure_gogs {
- echo -n ''
+ echo -n ''
}
function upgrade_gogs {
- if ! grep -Fxq "install_gogs" $COMPLETION_FILE; then
- return
- fi
+ if ! grep -Fxq "install_gogs" $COMPLETION_FILE; then
+ return
+ fi
- function_check select_go_version
- select_go_version
+ function_check select_go_version
+ select_go_version
- function_check set_repo_commit
- set_repo_commit $GOPATH/src/github.com/gogits/gogs "Gogs commit" "$GOGS_COMMIT" $GIT_DOMAIN_REPO
+ function_check set_repo_commit
+ set_repo_commit $GOPATH/src/github.com/gogits/gogs "Gogs commit" "$GOGS_COMMIT" $GIT_DOMAIN_REPO
}
function backup_local_gogs {
- if ! grep -q "Gogs domain" $COMPLETION_FILE; then
- return
- fi
+ if ! grep -q "Gogs domain" $COMPLETION_FILE; then
+ return
+ fi
- if [ ! -d /home/git/gogs-repositories ]; then
- return
- fi
+ if [ ! -d /home/git/gogs-repositories ]; then
+ return
+ fi
- GIT_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Gogs domain" | awk -F ':' '{print $2}')
+ GIT_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Gogs domain" | awk -F ':' '{print $2}')
- echo $"Backing up gogs"
+ echo $"Backing up gogs"
- function_check backup_database_to_usb
- backup_database_to_usb gogs
+ function_check backup_database_to_usb
+ backup_database_to_usb gogs
- function_check backup_directory_to_usb
- backup_directory_to_usb $GOPATH/src/github.com/gogits/gogs/custom gogs
- backup_directory_to_usb /home/git/gogs-repositories gogsrepos
- backup_directory_to_usb /home/git/.ssh gogsssh
+ function_check backup_directory_to_usb
+ backup_directory_to_usb $GOPATH/src/github.com/gogits/gogs/custom gogs
+ backup_directory_to_usb /home/git/gogs-repositories gogsrepos
+ backup_directory_to_usb /home/git/.ssh gogsssh
- echo $"Gogs backup complete"
+ echo $"Gogs backup complete"
}
function restore_local_gogs {
- if ! grep -q "Gogs domain" $COMPLETION_FILE; then
- return
- fi
- if [ ! -d /home/git/gogs-repositories ]; then
- return
- fi
-
- GIT_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Gogs domain" | awk -F ':' '{print $2}')
-
- export GVM_ROOT=$GVM_HOME
- if [ -d $GVM_ROOT/bin ]; then
- cd $GVM_ROOT/bin
- [[ -s "$GVM_ROOT/scripts/gvm" ]] && source "$GVM_ROOT/scripts/gvm"
- gvm use go${GO_VERSION} --default
- systemctl set-environment GOPATH=$GOPATH
- fi
-
- if [ ${#GIT_DOMAIN_NAME} -gt 2 ]; then
- function_check restore_database
- restore_database gogs ${GIT_DOMAIN_NAME}
- temp_restore_dir=/root/tempgogs
- if [ -d $USB_MOUNT/backup/gogs ]; then
- echo $"Restoring Gogs settings"
- if [ ! -d $GOPATH/src/github.com/gogits/gogs/custom ]; then
- mkdir -p $GOPATH/src/github.com/gogits/gogs/custom
- fi
- cp -r ${temp_restore_dir}/$GOPATH/src/github.com/gogits/gogs/custom/* $GOPATH/src/github.com/gogits/gogs/custom
- if [ ! "$?" = "0" ]; then
- function_check set_user_permissions
- set_user_permissions
- function_check backup_unmount_drive
- backup_unmount_drive
- exit 981
- fi
- echo $"Restoring Gogs repos"
- function_check restore_directory_from_usb
- restore_directory_from_usb ${temp_restore_dir}repos gogsrepos
- cp -r ${temp_restore_dir}repos/home/git/gogs-repositories/* /home/git/gogs-repositories/
- if [ ! "$?" = "0" ]; then
- function_check set_user_permissions
- set_user_permissions
- function_check backup_unmount_drive
- backup_unmount_drive
- exit 67574
- fi
- echo $"Restoring Gogs authorized_keys"
- function_check restore_directory_from_usb
- restore_directory_from_usb ${temp_restore_dir}ssh gogsssh
- if [ ! -d /home/git/.ssh ]; then
- mkdir /home/git/.ssh
- fi
- cp -r ${temp_restore_dir}ssh/home/git/.ssh/* /home/git/.ssh/
- if [ ! "$?" = "0" ]; then
- function_check set_user_permissions
- set_user_permissions
- function_check backup_unmount_drive
- backup_unmount_drive
- exit 8463
- fi
- rm -rf ${temp_restore_dir}
- rm -rf ${temp_restore_dir}repos
- rm -rf ${temp_restore_dir}ssh
- chown -R git:git /home/git
- fi
- fi
+ if ! grep -q "Gogs domain" $COMPLETION_FILE; then
+ return
+ fi
+ if [ ! -d /home/git/gogs-repositories ]; then
+ return
+ fi
+
+ GIT_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Gogs domain" | awk -F ':' '{print $2}')
+
+ export GVM_ROOT=$GVM_HOME
+ if [ -d $GVM_ROOT/bin ]; then
+ cd $GVM_ROOT/bin
+ [[ -s "$GVM_ROOT/scripts/gvm" ]] && source "$GVM_ROOT/scripts/gvm"
+ gvm use go${GO_VERSION} --default
+ systemctl set-environment GOPATH=$GOPATH
+ fi
+
+ if [ ${#GIT_DOMAIN_NAME} -gt 2 ]; then
+ function_check restore_database
+ restore_database gogs ${GIT_DOMAIN_NAME}
+ temp_restore_dir=/root/tempgogs
+ if [ -d $USB_MOUNT/backup/gogs ]; then
+ echo $"Restoring Gogs settings"
+ if [ ! -d $GOPATH/src/github.com/gogits/gogs/custom ]; then
+ mkdir -p $GOPATH/src/github.com/gogits/gogs/custom
+ fi
+ cp -r ${temp_restore_dir}/$GOPATH/src/github.com/gogits/gogs/custom/* $GOPATH/src/github.com/gogits/gogs/custom
+ if [ ! "$?" = "0" ]; then
+ function_check set_user_permissions
+ set_user_permissions
+ function_check backup_unmount_drive
+ backup_unmount_drive
+ exit 981
+ fi
+ echo $"Restoring Gogs repos"
+ function_check restore_directory_from_usb
+ restore_directory_from_usb ${temp_restore_dir}repos gogsrepos
+ cp -r ${temp_restore_dir}repos/home/git/gogs-repositories/* /home/git/gogs-repositories/
+ if [ ! "$?" = "0" ]; then
+ function_check set_user_permissions
+ set_user_permissions
+ function_check backup_unmount_drive
+ backup_unmount_drive
+ exit 67574
+ fi
+ echo $"Restoring Gogs authorized_keys"
+ function_check restore_directory_from_usb
+ restore_directory_from_usb ${temp_restore_dir}ssh gogsssh
+ if [ ! -d /home/git/.ssh ]; then
+ mkdir /home/git/.ssh
+ fi
+ cp -r ${temp_restore_dir}ssh/home/git/.ssh/* /home/git/.ssh/
+ if [ ! "$?" = "0" ]; then
+ function_check set_user_permissions
+ set_user_permissions
+ function_check backup_unmount_drive
+ backup_unmount_drive
+ exit 8463
+ fi
+ rm -rf ${temp_restore_dir}
+ rm -rf ${temp_restore_dir}repos
+ rm -rf ${temp_restore_dir}ssh
+ chown -R git:git /home/git
+ fi
+ fi
}
function backup_remote_gogs {
- export GVM_ROOT=/home/git/gvm
- if [ -d $GVM_ROOT/bin ]; then
- cd $GVM_ROOT/bin
- [[ -s "$GVM_ROOT/scripts/gvm" ]] && source "$GVM_ROOT/scripts/gvm"
- gvm use go${GO_VERSION} --default
- systemctl set-environment GOPATH=$GOPATH
- fi
+ export GVM_ROOT=/home/git/gvm
+ if [ -d $GVM_ROOT/bin ]; then
+ cd $GVM_ROOT/bin
+ [[ -s "$GVM_ROOT/scripts/gvm" ]] && source "$GVM_ROOT/scripts/gvm"
+ gvm use go${GO_VERSION} --default
+ systemctl set-environment GOPATH=$GOPATH
+ fi
- if [ -d $GOPATH/src/github.com/gogits ]; then
- GIT_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Gogs domain" | awk -F ':' '{print $2}')
- function_check suspend_site
- suspend_site ${GIT_DOMAIN_NAME}
+ if [ -d $GOPATH/src/github.com/gogits ]; then
+ GIT_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Gogs domain" | awk -F ':' '{print $2}')
+ function_check suspend_site
+ suspend_site ${GIT_DOMAIN_NAME}
- function_check backup_database_to_friend
- backup_database_to_friend gogs
+ function_check backup_database_to_friend
+ backup_database_to_friend gogs
- echo $"Obtaining Gogs settings backup"
+ echo $"Obtaining Gogs settings backup"
- function_check backup_directory_to_friend
- backup_directory_to_friend $GOPATH/src/github.com/gogits/gogs/custom gogs
+ function_check backup_directory_to_friend
+ backup_directory_to_friend $GOPATH/src/github.com/gogits/gogs/custom gogs
- echo $"Obtaining Gogs repos backup"
+ echo $"Obtaining Gogs repos backup"
- mv /home/git/gogs-repositories/*.git /home/git/gogs-repositories/bob
- backup_directory_to_friend /home/git/gogs-repositories gogsrepos
+ mv /home/git/gogs-repositories/*.git /home/git/gogs-repositories/bob
+ backup_directory_to_friend /home/git/gogs-repositories gogsrepos
- echo $"Obtaining Gogs authorized_keys backup"
+ echo $"Obtaining Gogs authorized_keys backup"
- backup_directory_to_friend /home/git/.ssh gogsssh
+ backup_directory_to_friend /home/git/.ssh gogsssh
- function_check restart_site
- restart_site
+ function_check restart_site
+ restart_site
- echo $"Gogs backup complete"
- fi
+ echo $"Gogs backup complete"
+ fi
}
function restore_remote_gogs {
- export GVM_ROOT=$GVM_HOME
- if [ -d $GVM_ROOT/bin ]; then
- cd $GVM_ROOT/bin
- [[ -s "$GVM_ROOT/scripts/gvm" ]] && source "$GVM_ROOT/scripts/gvm"
- gvm use go${GO_VERSION} --default
- systemctl set-environment GOPATH=$GOPATH
- fi
+ export GVM_ROOT=$GVM_HOME
+ if [ -d $GVM_ROOT/bin ]; then
+ cd $GVM_ROOT/bin
+ [[ -s "$GVM_ROOT/scripts/gvm" ]] && source "$GVM_ROOT/scripts/gvm"
+ gvm use go${GO_VERSION} --default
+ systemctl set-environment GOPATH=$GOPATH
+ fi
- if grep -q "Gogs domain" $COMPLETION_FILE; then
- GIT_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Gogs domain" | awk -F ':' '{print $2}')
- function_check restore_database_from_friend
- restore_database_from_friend gogs $GIT_DOMAIN_NAME
- if [ -d $SERVER_DIRECTORY/backup/gogs ]; then
- if [ ! -d $GOPATH/src/github.com/gogits/gogs/custom ]; then
- mkdir -p $GOPATH/src/github.com/gogits/gogs/custom
- fi
- cp -r /root/tempgogs/$GOPATH/src/github.com/gogits/gogs/custom/* $GOPATH/src/github.com/gogits/gogs/custom/
- if [ ! "$?" = "0" ]; then
- exit 5885
- fi
- echo $"Restoring Gogs repos"
- restore_directory_from_friend /root/tempgogsrepos gogsrepos
- cp -r /root/tempgogsrepos/home/git/gogs-repositories/* /home/git/gogs-repositories/
- if [ ! "$?" = "0" ]; then
- exit 7649
- fi
- echo $"Restoring Gogs authorized_keys"
- restore_directory_from_friend /root/tempgogsssh gogsssh
- if [ ! -d /home/git/.ssh ]; then
- mkdir /home/git/.ssh
- fi
- cp -r /root/tempgogsssh/home/git/.ssh/* /home/git/.ssh/
- if [ ! "$?" = "0" ]; then
- exit 74239
- fi
- rm -rf /root/tempgogs
- rm -rf /root/tempgogsrepos
- rm -rf /root/tempgogsssh
- chown -R git:git /home/git
- echo $"Restore of Gogs complete"
- fi
- fi
+ if grep -q "Gogs domain" $COMPLETION_FILE; then
+ GIT_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Gogs domain" | awk -F ':' '{print $2}')
+ function_check restore_database_from_friend
+ restore_database_from_friend gogs $GIT_DOMAIN_NAME
+ if [ -d $SERVER_DIRECTORY/backup/gogs ]; then
+ if [ ! -d $GOPATH/src/github.com/gogits/gogs/custom ]; then
+ mkdir -p $GOPATH/src/github.com/gogits/gogs/custom
+ fi
+ cp -r /root/tempgogs/$GOPATH/src/github.com/gogits/gogs/custom/* $GOPATH/src/github.com/gogits/gogs/custom/
+ if [ ! "$?" = "0" ]; then
+ exit 5885
+ fi
+ echo $"Restoring Gogs repos"
+ restore_directory_from_friend /root/tempgogsrepos gogsrepos
+ cp -r /root/tempgogsrepos/home/git/gogs-repositories/* /home/git/gogs-repositories/
+ if [ ! "$?" = "0" ]; then
+ exit 7649
+ fi
+ echo $"Restoring Gogs authorized_keys"
+ restore_directory_from_friend /root/tempgogsssh gogsssh
+ if [ ! -d /home/git/.ssh ]; then
+ mkdir /home/git/.ssh
+ fi
+ cp -r /root/tempgogsssh/home/git/.ssh/* /home/git/.ssh/
+ if [ ! "$?" = "0" ]; then
+ exit 74239
+ fi
+ rm -rf /root/tempgogs
+ rm -rf /root/tempgogsrepos
+ rm -rf /root/tempgogsssh
+ chown -R git:git /home/git
+ echo $"Restore of Gogs complete"
+ fi
+ fi
}
function remove_gogs {
- if ! grep -Fxq "install_gogs" $COMPLETION_FILE; then
- return
- fi
- function_check select_go_version
- select_go_version
-
- systemctl stop gogs
- systemctl disable gogs
- nginx_dissite $GIT_DOMAIN_NAME
- if [ -d /var/www/$GIT_DOMAIN_NAME ]; then
- rm -rf /var/www/$GIT_DOMAIN_NAME
- fi
- if [ -f /etc/nginx/sites-available/$GIT_DOMAIN_NAME ]; then
- rm /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- fi
- function_check drop_database
- drop_database gogs
- rm /etc/systemd/system/gogs.service
- rm -rf $GOPATH/src/github.com/gogits
- remove_onion_service gogs ${GIT_ONION_PORT} 9418
- sed -i '/install_gogs/d' $COMPLETION_FILE
- sed -i '/Gogs /d' $COMPLETION_FILE
+ if ! grep -Fxq "install_gogs" $COMPLETION_FILE; then
+ return
+ fi
+ function_check select_go_version
+ select_go_version
+
+ systemctl stop gogs
+ systemctl disable gogs
+ nginx_dissite $GIT_DOMAIN_NAME
+ if [ -d /var/www/$GIT_DOMAIN_NAME ]; then
+ rm -rf /var/www/$GIT_DOMAIN_NAME
+ fi
+ if [ -f /etc/nginx/sites-available/$GIT_DOMAIN_NAME ]; then
+ rm /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ fi
+ function_check drop_database
+ drop_database gogs
+ rm /etc/systemd/system/gogs.service
+ rm -rf $GOPATH/src/github.com/gogits
+ remove_onion_service gogs ${GIT_ONION_PORT} 9418
+ sed -i '/install_gogs/d' $COMPLETION_FILE
+ sed -i '/Gogs /d' $COMPLETION_FILE
}
function install_gogs {
- if [ ! $GIT_DOMAIN_NAME ]; then
- return
- fi
-
- if grep -Fxq "install_gogs" $COMPLETION_FILE; then
- return
- fi
-
- function_check select_go_version
- select_go_version
-
- if [ -d $GOPATH/src/github.com/gogits ]; then
- rm -rf $GOPATH/src/github.com/gogits
- fi
-
- if [ -d /home/git/gvm/pkgsets/go${GO_VERSION}/global/src/github.com/gogits ]; then
- rm -rf /home/git/gvm/pkgsets/go${GO_VERSION}/global/src/github.com/gogits
- fi
-
- if [ -d /home/git/gogs-repositories ]; then
- rm -rf /home/git/gogs-repositories
- fi
-
- if [ ! -d /home/git ]; then
- # add a gogs user account
- adduser --disabled-login --gecos 'Gogs' git
- fi
- if [ -d /home/git/Maildir ]; then
- rm -rf /home/git/Maildir
- fi
-
- if [ -d $GOPATH/src/github.com/gogits ]; then
- rm -rf $GOPATH/src/github.com/gogits
- fi
-
- # install Go
- apt-get -y install golang libpam0g-dev
- if ! grep -q "export GOPATH=" ~/.bashrc; then
- echo "export GOPATH=$GOPATH" >> ~/.bashrc
- else
- sed -i "s|export GOPATH=.*|export GOPATH=$GOPATH|g" ~/.bashrc
- fi
- systemctl set-environment GOPATH=$GOPATH
- if ! grep -q "systemctl set-environment GOPATH=" ~/.bashrc; then
- echo "systemctl set-environment GOPATH=$GOPATH" >> ~/.bashrc
- else
- sed -i "s|systemctl set-environment GOPATH=.*|systemctl set-environment GOPATH=$GOPATH|g" ~/.bashrc
- fi
- if [ ! -d $GOPATH ]; then
- mkdir -p $GOPATH
- fi
- GO_PACKAGE_MANAGER_REPO2=$(echo "$GO_PACKAGE_MANAGER_REPO" | sed 's|https://||g')
- go get -u $GO_PACKAGE_MANAGER_REPO2
- if [ ! "$?" = "0" ]; then
- echo $'install_gogs: go get failed'
- exit 479832
- fi
-
- # clone the repo
- if [ ! -d $GOPATH/src/github.com/gogits ]; then
- mkdir -p $GOPATH/src/github.com/gogits
- fi
- function_check git_clone
- git_clone $GIT_DOMAIN_REPO $GOPATH/src/github.com/gogits/gogs
- if [ ! -d $GOPATH/src/github.com/gogits/gogs ]; then
- echo $"Unable to clone repo $GOPATH/src/github.com/gogits/gogs"
- exit 85482
- fi
- cd $GOPATH/src/github.com/gogits/gogs
-
- # install
- go get -u ./...
+ if [ ! $GIT_DOMAIN_NAME ]; then
+ return
+ fi
- git checkout $GOGS_COMMIT -b $GOGS_COMMIT
- if ! grep -q "Gogs commit" $COMPLETION_FILE; then
- echo "Gogs commit:$GOGS_COMMIT" >> $COMPLETION_FILE
- else
- sed -i "s/Gogs commit.*/Gogs commit:$GOGS_COMMIT/g" $COMPLETION_FILE
- fi
+ if grep -Fxq "install_gogs" $COMPLETION_FILE; then
+ return
+ fi
- go build
- if [ ! "$?" = "0" ]; then
- echo $'install_gogs: go build failed'
- exit 546750
- fi
+ function_check select_go_version
+ select_go_version
- function_check install_mariadb
- install_mariadb
+ if [ -d $GOPATH/src/github.com/gogits ]; then
+ rm -rf $GOPATH/src/github.com/gogits
+ fi
- function_check get_mariadb_password
- get_mariadb_password
+ if [ -d /home/git/gvm/pkgsets/go${GO_VERSION}/global/src/github.com/gogits ]; then
+ rm -rf /home/git/gvm/pkgsets/go${GO_VERSION}/global/src/github.com/gogits
+ fi
- function_check get_mariadb_git_admin_password
- get_mariadb_git_admin_password
- if [ ! $GIT_ADMIN_PASSWORD ]; then
- if [ -f $IMAGE_PASSWORD_FILE ]; then
- GIT_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
- else
- GIT_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- fi
- fi
+ if [ -d /home/git/gogs-repositories ]; then
+ rm -rf /home/git/gogs-repositories
+ fi
- if ! grep -q $"Gogs admin user password" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo 'Gogs' >> /home/$MY_USERNAME/README
- echo '====' >> /home/$MY_USERNAME/README
- echo $'Install Steps For First-time Run:' >> /home/$MY_USERNAME/README
- echo $'Leave email service settings empty' >> /home/$MY_USERNAME/README
- echo $'Check "Enable Register Confirmation"' >> /home/$MY_USERNAME/README
- echo $'Check "Enable Mail Notification"' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'If you want to disable new account registrations then append the following:' >> /home/$MY_USERNAME/README
- echo ' [service]' >> /home/$MY_USERNAME/README
- echo ' DISABLE_REGISTRATION = true' >> /home/$MY_USERNAME/README
- echo $'Then restart with:' >> /home/$MY_USERNAME/README
- echo ' systemctl restart gogs' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $"Note that there's a usability/security trade-off made here." >> /home/$MY_USERNAME/README
- echo $"In order to allow git clone via http we don't redirect everything" >> /home/$MY_USERNAME/README
- echo $'over https. Instead only critical things such as user login,' >> /home/$MY_USERNAME/README
- echo $'settings and admin are encrypted.' >> /home/$MY_USERNAME/README
- echo $'There are also potential security issues with cloning/pulling/pushing' >> /home/$MY_USERNAME/README
- echo $'code over http, since a determined adversary could inject malware' >> /home/$MY_USERNAME/README
- echo $'into the stream as it passes, so beware.' >> /home/$MY_USERNAME/README
- echo $'If you have a bought domain and a non-self signed cert then you' >> /home/$MY_USERNAME/README
- echo $"should change /etc/nginx/sites-available/$GIT_DOMAIN_NAME to redirect everything over https." >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
- fi
+ if [ ! -d /home/git ]; then
+ # add a gogs user account
+ adduser --disabled-login --gecos 'Gogs' git
+ fi
+ if [ -d /home/git/Maildir ]; then
+ rm -rf /home/git/Maildir
+ fi
- function_check create_database
- create_database gogs "$GOGS_ADMIN_PASSWORD"
- if [ ! -f $GOPATH/src/github.com/gogits/gogs/scripts/mysql.sql ]; then
- echo $'MySql template for Gogs was not found'
- exit 72528
- fi
- function_check initialise_database
- initialise_database gogs $GOPATH/src/github.com/gogits/gogs/scripts/mysql.sql
-
- chmod 600 $GOPATH/src/github.com/gogits/gogs/custom/conf/app.ini
-
- chown -R git:git /home/git
- echo '[Unit]' > /etc/systemd/system/gogs.service
- echo 'Description=Gogs (Go Git Service)' >> /etc/systemd/system/gogs.service
- echo 'After=syslog.target' >> /etc/systemd/system/gogs.service
- echo 'After=network.target' >> /etc/systemd/system/gogs.service
- echo 'After=mysqld.service' >> /etc/systemd/system/gogs.service
- echo '' >> /etc/systemd/system/gogs.service
- echo '[Service]' >> /etc/systemd/system/gogs.service
- echo '#LimitMEMLOCK=infinity' >> /etc/systemd/system/gogs.service
- echo '#LimitNOFILE=65535' >> /etc/systemd/system/gogs.service
- echo 'Type=simple' >> /etc/systemd/system/gogs.service
- echo 'User=git' >> /etc/systemd/system/gogs.service
- echo 'Group=git' >> /etc/systemd/system/gogs.service
- echo "WorkingDirectory=$GOPATH/src/github.com/gogits/gogs" >> /etc/systemd/system/gogs.service
- echo "ExecStart=$GOPATH/src/github.com/gogits/gogs/gogs web" >> /etc/systemd/system/gogs.service
- echo 'Restart=always' >> /etc/systemd/system/gogs.service
- echo 'RestartSec=10' >> /etc/systemd/system/gogs.service
- echo 'TimeoutStartSec=120' >> /etc/systemd/system/gogs.service
- echo "Environment=\"USER=git\" \"HOME=/home/git\" \"GOPATH=$GOPATH\" \"GVM_ROOT=$GVM_HOME\"" >> /etc/systemd/system/gogs.service
- echo '' >> /etc/systemd/system/gogs.service
- echo '[Install]' >> /etc/systemd/system/gogs.service
- echo 'WantedBy=multi-user.target' >> /etc/systemd/system/gogs.service
-
- systemctl enable gogs
- systemctl daemon-reload
- systemctl restart gogs
-
- if [ ! -d /var/www/$GIT_DOMAIN_NAME ]; then
- mkdir /var/www/$GIT_DOMAIN_NAME
- fi
- if [ -d /var/www/$GIT_DOMAIN_NAME/htdocs ]; then
- rm -rf /var/www/$GIT_DOMAIN_NAME/htdocs
- fi
-
- if [[ $ONION_ONLY == "no" ]]; then
- function_check nginx_http_redirect
- nginx_http_redirect $GIT_DOMAIN_NAME
- echo 'server {' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo ' listen 443 ssl;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo " root /var/www/$GIT_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo " server_name $GIT_DOMAIN_NAME;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo ' access_log off;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo " error_log /var/log/nginx/${GIT_DOMAIN_NAME}_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $GIT_DOMAIN_NAME '10G'
- function_check nginx_ssl
- nginx_ssl $GIT_DOMAIN_NAME
- function_check nginx_disable_sniffing
- nginx_disable_sniffing $GIT_DOMAIN_NAME
- echo ' add_header Strict-Transport-Security max-age=0;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo ' location / {' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo ' proxy_pass http://localhost:3000;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo ' fastcgi_buffers 64 4K;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo ' error_page 403 /core/templates/403.php;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo ' error_page 404 /core/templates/404.php;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo ' location = /robots.txt {' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo ' allow all;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo ' log_not_found off;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo ' access_log off;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo '}' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ if [ -d $GOPATH/src/github.com/gogits ]; then
+ rm -rf $GOPATH/src/github.com/gogits
+ fi
+
+ # install Go
+ apt-get -y install golang libpam0g-dev
+ if ! grep -q "export GOPATH=" ~/.bashrc; then
+ echo "export GOPATH=$GOPATH" >> ~/.bashrc
+ else
+ sed -i "s|export GOPATH=.*|export GOPATH=$GOPATH|g" ~/.bashrc
+ fi
+ systemctl set-environment GOPATH=$GOPATH
+ if ! grep -q "systemctl set-environment GOPATH=" ~/.bashrc; then
+ echo "systemctl set-environment GOPATH=$GOPATH" >> ~/.bashrc
+ else
+ sed -i "s|systemctl set-environment GOPATH=.*|systemctl set-environment GOPATH=$GOPATH|g" ~/.bashrc
+ fi
+ if [ ! -d $GOPATH ]; then
+ mkdir -p $GOPATH
+ fi
+ GO_PACKAGE_MANAGER_REPO2=$(echo "$GO_PACKAGE_MANAGER_REPO" | sed 's|https://||g')
+ go get -u $GO_PACKAGE_MANAGER_REPO2
+ if [ ! "$?" = "0" ]; then
+ echo $'install_gogs: go get failed'
+ exit 479832
+ fi
+
+ # clone the repo
+ if [ ! -d $GOPATH/src/github.com/gogits ]; then
+ mkdir -p $GOPATH/src/github.com/gogits
+ fi
+ function_check git_clone
+ git_clone $GIT_DOMAIN_REPO $GOPATH/src/github.com/gogits/gogs
+ if [ ! -d $GOPATH/src/github.com/gogits/gogs ]; then
+ echo $"Unable to clone repo $GOPATH/src/github.com/gogits/gogs"
+ exit 85482
+ fi
+ cd $GOPATH/src/github.com/gogits/gogs
+
+ # install
+ go get -u ./...
+
+ git checkout $GOGS_COMMIT -b $GOGS_COMMIT
+ if ! grep -q "Gogs commit" $COMPLETION_FILE; then
+ echo "Gogs commit:$GOGS_COMMIT" >> $COMPLETION_FILE
+ else
+ sed -i "s/Gogs commit.*/Gogs commit:$GOGS_COMMIT/g" $COMPLETION_FILE
+ fi
+
+ go build
+ if [ ! "$?" = "0" ]; then
+ echo $'install_gogs: go build failed'
+ exit 546750
+ fi
+
+ function_check install_mariadb
+ install_mariadb
+
+ function_check get_mariadb_password
+ get_mariadb_password
+
+ function_check get_mariadb_git_admin_password
+ get_mariadb_git_admin_password
+ if [ ! $GIT_ADMIN_PASSWORD ]; then
+ if [ -f $IMAGE_PASSWORD_FILE ]; then
+ GIT_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
else
- echo -n '' > /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- fi
+ GIT_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
+ fi
+ fi
+
+ if ! grep -q $"Gogs admin user password" /home/$MY_USERNAME/README; then
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo 'Gogs' >> /home/$MY_USERNAME/README
+ echo '====' >> /home/$MY_USERNAME/README
+ echo $'Install Steps For First-time Run:' >> /home/$MY_USERNAME/README
+ echo $'Leave email service settings empty' >> /home/$MY_USERNAME/README
+ echo $'Check "Enable Register Confirmation"' >> /home/$MY_USERNAME/README
+ echo $'Check "Enable Mail Notification"' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'If you want to disable new account registrations then append the following:' >> /home/$MY_USERNAME/README
+ echo ' [service]' >> /home/$MY_USERNAME/README
+ echo ' DISABLE_REGISTRATION = true' >> /home/$MY_USERNAME/README
+ echo $'Then restart with:' >> /home/$MY_USERNAME/README
+ echo ' systemctl restart gogs' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $"Note that there's a usability/security trade-off made here." >> /home/$MY_USERNAME/README
+ echo $"In order to allow git clone via http we don't redirect everything" >> /home/$MY_USERNAME/README
+ echo $'over https. Instead only critical things such as user login,' >> /home/$MY_USERNAME/README
+ echo $'settings and admin are encrypted.' >> /home/$MY_USERNAME/README
+ echo $'There are also potential security issues with cloning/pulling/pushing' >> /home/$MY_USERNAME/README
+ echo $'code over http, since a determined adversary could inject malware' >> /home/$MY_USERNAME/README
+ echo $'into the stream as it passes, so beware.' >> /home/$MY_USERNAME/README
+ echo $'If you have a bought domain and a non-self signed cert then you' >> /home/$MY_USERNAME/README
+ echo $"should change /etc/nginx/sites-available/$GIT_DOMAIN_NAME to redirect everything over https." >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
+
+ function_check create_database
+ create_database gogs "$GOGS_ADMIN_PASSWORD"
+ if [ ! -f $GOPATH/src/github.com/gogits/gogs/scripts/mysql.sql ]; then
+ echo $'MySql template for Gogs was not found'
+ exit 72528
+ fi
+ function_check initialise_database
+ initialise_database gogs $GOPATH/src/github.com/gogits/gogs/scripts/mysql.sql
+
+ chmod 600 $GOPATH/src/github.com/gogits/gogs/custom/conf/app.ini
+
+ chown -R git:git /home/git
+ echo '[Unit]' > /etc/systemd/system/gogs.service
+ echo 'Description=Gogs (Go Git Service)' >> /etc/systemd/system/gogs.service
+ echo 'After=syslog.target' >> /etc/systemd/system/gogs.service
+ echo 'After=network.target' >> /etc/systemd/system/gogs.service
+ echo 'After=mysqld.service' >> /etc/systemd/system/gogs.service
+ echo '' >> /etc/systemd/system/gogs.service
+ echo '[Service]' >> /etc/systemd/system/gogs.service
+ echo '#LimitMEMLOCK=infinity' >> /etc/systemd/system/gogs.service
+ echo '#LimitNOFILE=65535' >> /etc/systemd/system/gogs.service
+ echo 'Type=simple' >> /etc/systemd/system/gogs.service
+ echo 'User=git' >> /etc/systemd/system/gogs.service
+ echo 'Group=git' >> /etc/systemd/system/gogs.service
+ echo "WorkingDirectory=$GOPATH/src/github.com/gogits/gogs" >> /etc/systemd/system/gogs.service
+ echo "ExecStart=$GOPATH/src/github.com/gogits/gogs/gogs web" >> /etc/systemd/system/gogs.service
+ echo 'Restart=always' >> /etc/systemd/system/gogs.service
+ echo 'RestartSec=10' >> /etc/systemd/system/gogs.service
+ echo 'TimeoutStartSec=120' >> /etc/systemd/system/gogs.service
+ echo "Environment=\"USER=git\" \"HOME=/home/git\" \"GOPATH=$GOPATH\" \"GVM_ROOT=$GVM_HOME\"" >> /etc/systemd/system/gogs.service
+ echo '' >> /etc/systemd/system/gogs.service
+ echo '[Install]' >> /etc/systemd/system/gogs.service
+ echo 'WantedBy=multi-user.target' >> /etc/systemd/system/gogs.service
+
+ systemctl enable gogs
+ systemctl daemon-reload
+ systemctl restart gogs
+
+ if [ ! -d /var/www/$GIT_DOMAIN_NAME ]; then
+ mkdir /var/www/$GIT_DOMAIN_NAME
+ fi
+ if [ -d /var/www/$GIT_DOMAIN_NAME/htdocs ]; then
+ rm -rf /var/www/$GIT_DOMAIN_NAME/htdocs
+ fi
+
+ if [[ $ONION_ONLY == "no" ]]; then
+ function_check nginx_http_redirect
+ nginx_http_redirect $GIT_DOMAIN_NAME
echo 'server {' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- echo " listen 127.0.0.1:${GIT_ONION_PORT} default_server;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo ' listen 443 ssl;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
echo " root /var/www/$GIT_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
echo " server_name $GIT_DOMAIN_NAME;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
echo ' access_log off;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
@@ -476,6 +442,8 @@ function install_gogs {
echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
function_check nginx_limits
nginx_limits $GIT_DOMAIN_NAME '10G'
+ function_check nginx_ssl
+ nginx_ssl $GIT_DOMAIN_NAME
function_check nginx_disable_sniffing
nginx_disable_sniffing $GIT_DOMAIN_NAME
echo ' add_header Strict-Transport-Security max-age=0;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
@@ -495,127 +463,159 @@ function install_gogs {
echo ' access_log off;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
echo '}' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
-
- function_check configure_php
- configure_php
-
- function_check create_site_certificate
- create_site_certificate $GIT_DOMAIN_NAME 'yes'
-
- nginx_ensite $GIT_DOMAIN_NAME
-
- if [ ! -d /var/lib/tor ]; then
- echo $'No Tor installation found. Gogs onion site cannot be configured.'
- exit 877367
- fi
- if ! grep -q "hidden_service_gogs" /etc/tor/torrc; then
- echo 'HiddenServiceDir /var/lib/tor/hidden_service_gogs/' >> /etc/tor/torrc
- echo "HiddenServicePort 80 127.0.0.1:${GIT_ONION_PORT}" >> /etc/tor/torrc
- echo "HiddenServicePort 9418 127.0.0.1:9418" >> /etc/tor/torrc
- echo $'Added onion site for Gogs'
- fi
-
- systemctl restart tor
-
- function_check wait_for_onion_service
- wait_for_onion_service 'gogs'
-
- GIT_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_gogs/hostname)
-
- systemctl restart php5-fpm
- systemctl restart nginx
-
- if ! grep -q "Gogs onion domain" /home/$MY_USERNAME/README; then
- echo "Gogs onion domain: ${GIT_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
- fi
- if ! grep -q "Gogs onion domain" $COMPLETION_FILE; then
- echo "Gogs onion domain:${GIT_ONION_HOSTNAME}" >> $COMPLETION_FILE
- fi
-
- function_check add_ddns_domain
- add_ddns_domain $GIT_DOMAIN_NAME
-
- # obtain the secret key
- GOGS_SECRET_KEY=
- if grep -q "Gogs secret key:" /home/$MY_USERNAME/README; then
- GOGS_SECRET_KEY=$(cat /home/$MY_USERNAME/README | grep "Gogs secret key:" | awk -F ':' '{print $2}' | sed 's/^ *//')
- else
- GOGS_SECRET_KEY="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- echo "Gogs secret key:$GOGS_SECRET_KEY" >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- fi
-
- # create the configuration
- GOGS_CONFIG_PATH=/home/git/gvm/pkgsets/go${GO_VERSION}/global/src/github.com/gogits/gogs/custom/conf
- if [ ! -d $GOGS_CONFIG_PATH ]; then
- mkdir -p $GOGS_CONFIG_PATH
- fi
- GOGS_CONFIG_FILE=$GOGS_CONFIG_PATH/app.ini
- echo 'RUN_USER = git' > $GOGS_CONFIG_FILE
- echo 'RUN_MODE = prod' >> $GOGS_CONFIG_FILE
- echo '' >> $GOGS_CONFIG_FILE
- echo '[database]' >> $GOGS_CONFIG_FILE
- echo 'DB_TYPE = mysql' >> $GOGS_CONFIG_FILE
- echo 'HOST = 127.0.0.1:3306' >> $GOGS_CONFIG_FILE
- echo 'NAME = gogs' >> $GOGS_CONFIG_FILE
- echo 'USER = root' >> $GOGS_CONFIG_FILE
- echo "PASSWD = $MARIADB_PASSWORD" >> $GOGS_CONFIG_FILE
- echo 'SSL_MODE = disable' >> $GOGS_CONFIG_FILE
- echo 'PATH = data/gogs.db' >> $GOGS_CONFIG_FILE
- echo '' >> $GOGS_CONFIG_FILE
- echo '[repository]' >> $GOGS_CONFIG_FILE
- echo 'ROOT = /home/git/gogs-repositories' >> $GOGS_CONFIG_FILE
- echo '' >> $GOGS_CONFIG_FILE
- echo '[server]' >> $GOGS_CONFIG_FILE
- if [[ $ONION_ONLY == 'no' ]]; then
- echo "DOMAIN = ${GIT_DOMAIN_NAME}" >> $GOGS_CONFIG_FILE
- else
- echo "DOMAIN = ${GIT_ONION_HOSTNAME}" >> $GOGS_CONFIG_FILE
- fi
- echo 'HTTP_PORT = 3000' >> $GOGS_CONFIG_FILE
- echo "ROOT_URL = http://$GIT_DOMAIN_NAME/" >> $GOGS_CONFIG_FILE
- echo "SSH_PORT = $SSH_PORT" >> $GOGS_CONFIG_FILE
- echo 'SSH_DOMAIN = %(DOMAIN)s' >> $GOGS_CONFIG_FILE
- echo "CERT_FILE = /etc/ssl/certs/${GIT_DOMAIN_NAME}.crt" >> $GOGS_CONFIG_FILE
- echo "KEY_FILE = /etc/ssl/private/${GIT_DOMAIN_NAME}.key" >> $GOGS_CONFIG_FILE
- echo 'DISABLE_ROUTER_LOG = true' >> $GOGS_CONFIG_FILE
- echo '' >> $GOGS_CONFIG_FILE
- echo '[session]' >> $GOGS_CONFIG_FILE
- echo 'PROVIDER = file' >> $GOGS_CONFIG_FILE
- echo '' >> $GOGS_CONFIG_FILE
- echo '[log]' >> $GOGS_CONFIG_FILE
- echo 'MODE = file' >> $GOGS_CONFIG_FILE
- echo 'LEVEL = Info' >> $GOGS_CONFIG_FILE
- echo '' >> $GOGS_CONFIG_FILE
- echo '[security]' >> $GOGS_CONFIG_FILE
- echo 'INSTALL_LOCK = true' >> $GOGS_CONFIG_FILE
- echo "SECRET_KEY = $GOGS_SECRET_KEY" >> $GOGS_CONFIG_FILE
- echo '' >> $GOGS_CONFIG_FILE
- echo '[service]' >> $GOGS_CONFIG_FILE
- echo 'DISABLE_REGISTRATION = false' >> $GOGS_CONFIG_FILE
- echo 'SHOW_REGISTRATION_BUTTON = true' >> $GOGS_CONFIG_FILE
- echo 'REQUIRE_SIGNIN_VIEW = false' >> $GOGS_CONFIG_FILE
- echo 'ENABLE_CAPTCHA = false' >> $GOGS_CONFIG_FILE
- echo '' >> $GOGS_CONFIG_FILE
- echo '[other]' >> $GOGS_CONFIG_FILE
- echo 'SHOW_FOOTER_BRANDING = false' >> $GOGS_CONFIG_FILE
- echo 'SHOW_FOOTER_VERSION = false' >> $GOGS_CONFIG_FILE
-
- chmod 750 $GOGS_CONFIG_FILE
- chown -R git:git /home/git
-
- systemctl restart gogs
-
- if ! grep -q "Gogs domain:" $COMPLETION_FILE; then
- echo "Gogs domain:$GIT_DOMAIN_NAME" >> $COMPLETION_FILE
- fi
-
- function_check configure_firewall_for_git
- configure_firewall_for_git
- echo 'install_gogs' >> $COMPLETION_FILE
+ echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ else
+ echo -n '' > /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ fi
+ echo 'server {' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo " listen 127.0.0.1:${GIT_ONION_PORT} default_server;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo " root /var/www/$GIT_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo " server_name $GIT_DOMAIN_NAME;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo ' access_log off;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo " error_log /var/log/nginx/${GIT_DOMAIN_NAME}_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $GIT_DOMAIN_NAME '10G'
+ function_check nginx_disable_sniffing
+ nginx_disable_sniffing $GIT_DOMAIN_NAME
+ echo ' add_header Strict-Transport-Security max-age=0;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo ' location / {' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo ' proxy_pass http://localhost:3000;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo ' fastcgi_buffers 64 4K;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo ' error_page 403 /core/templates/403.php;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo ' error_page 404 /core/templates/404.php;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo ' location = /robots.txt {' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo ' allow all;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo ' log_not_found off;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo ' access_log off;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ echo '}' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+
+ function_check configure_php
+ configure_php
+
+ function_check create_site_certificate
+ create_site_certificate $GIT_DOMAIN_NAME 'yes'
+
+ nginx_ensite $GIT_DOMAIN_NAME
+
+ if [ ! -d /var/lib/tor ]; then
+ echo $'No Tor installation found. Gogs onion site cannot be configured.'
+ exit 877367
+ fi
+ if ! grep -q "hidden_service_gogs" /etc/tor/torrc; then
+ echo 'HiddenServiceDir /var/lib/tor/hidden_service_gogs/' >> /etc/tor/torrc
+ echo "HiddenServicePort 80 127.0.0.1:${GIT_ONION_PORT}" >> /etc/tor/torrc
+ echo "HiddenServicePort 9418 127.0.0.1:9418" >> /etc/tor/torrc
+ echo $'Added onion site for Gogs'
+ fi
+
+ systemctl restart tor
+
+ function_check wait_for_onion_service
+ wait_for_onion_service 'gogs'
+
+ GIT_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_gogs/hostname)
+
+ systemctl restart php5-fpm
+ systemctl restart nginx
+
+ if ! grep -q "Gogs onion domain" /home/$MY_USERNAME/README; then
+ echo "Gogs onion domain: ${GIT_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
+ if ! grep -q "Gogs onion domain" $COMPLETION_FILE; then
+ echo "Gogs onion domain:${GIT_ONION_HOSTNAME}" >> $COMPLETION_FILE
+ fi
+
+ function_check add_ddns_domain
+ add_ddns_domain $GIT_DOMAIN_NAME
+
+ # obtain the secret key
+ GOGS_SECRET_KEY=
+ if grep -q "Gogs secret key:" /home/$MY_USERNAME/README; then
+ GOGS_SECRET_KEY=$(cat /home/$MY_USERNAME/README | grep "Gogs secret key:" | awk -F ':' '{print $2}' | sed 's/^ *//')
+ else
+ GOGS_SECRET_KEY="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
+ echo "Gogs secret key:$GOGS_SECRET_KEY" >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ fi
+
+ # create the configuration
+ GOGS_CONFIG_PATH=/home/git/gvm/pkgsets/go${GO_VERSION}/global/src/github.com/gogits/gogs/custom/conf
+ if [ ! -d $GOGS_CONFIG_PATH ]; then
+ mkdir -p $GOGS_CONFIG_PATH
+ fi
+ GOGS_CONFIG_FILE=$GOGS_CONFIG_PATH/app.ini
+ echo 'RUN_USER = git' > $GOGS_CONFIG_FILE
+ echo 'RUN_MODE = prod' >> $GOGS_CONFIG_FILE
+ echo '' >> $GOGS_CONFIG_FILE
+ echo '[database]' >> $GOGS_CONFIG_FILE
+ echo 'DB_TYPE = mysql' >> $GOGS_CONFIG_FILE
+ echo 'HOST = 127.0.0.1:3306' >> $GOGS_CONFIG_FILE
+ echo 'NAME = gogs' >> $GOGS_CONFIG_FILE
+ echo 'USER = root' >> $GOGS_CONFIG_FILE
+ echo "PASSWD = $MARIADB_PASSWORD" >> $GOGS_CONFIG_FILE
+ echo 'SSL_MODE = disable' >> $GOGS_CONFIG_FILE
+ echo 'PATH = data/gogs.db' >> $GOGS_CONFIG_FILE
+ echo '' >> $GOGS_CONFIG_FILE
+ echo '[repository]' >> $GOGS_CONFIG_FILE
+ echo 'ROOT = /home/git/gogs-repositories' >> $GOGS_CONFIG_FILE
+ echo '' >> $GOGS_CONFIG_FILE
+ echo '[server]' >> $GOGS_CONFIG_FILE
+ if [[ $ONION_ONLY == 'no' ]]; then
+ echo "DOMAIN = ${GIT_DOMAIN_NAME}" >> $GOGS_CONFIG_FILE
+ else
+ echo "DOMAIN = ${GIT_ONION_HOSTNAME}" >> $GOGS_CONFIG_FILE
+ fi
+ echo 'HTTP_PORT = 3000' >> $GOGS_CONFIG_FILE
+ echo "ROOT_URL = http://$GIT_DOMAIN_NAME/" >> $GOGS_CONFIG_FILE
+ echo "SSH_PORT = $SSH_PORT" >> $GOGS_CONFIG_FILE
+ echo 'SSH_DOMAIN = %(DOMAIN)s' >> $GOGS_CONFIG_FILE
+ echo "CERT_FILE = /etc/ssl/certs/${GIT_DOMAIN_NAME}.crt" >> $GOGS_CONFIG_FILE
+ echo "KEY_FILE = /etc/ssl/private/${GIT_DOMAIN_NAME}.key" >> $GOGS_CONFIG_FILE
+ echo 'DISABLE_ROUTER_LOG = true' >> $GOGS_CONFIG_FILE
+ echo '' >> $GOGS_CONFIG_FILE
+ echo '[session]' >> $GOGS_CONFIG_FILE
+ echo 'PROVIDER = file' >> $GOGS_CONFIG_FILE
+ echo '' >> $GOGS_CONFIG_FILE
+ echo '[log]' >> $GOGS_CONFIG_FILE
+ echo 'MODE = file' >> $GOGS_CONFIG_FILE
+ echo 'LEVEL = Info' >> $GOGS_CONFIG_FILE
+ echo '' >> $GOGS_CONFIG_FILE
+ echo '[security]' >> $GOGS_CONFIG_FILE
+ echo 'INSTALL_LOCK = true' >> $GOGS_CONFIG_FILE
+ echo "SECRET_KEY = $GOGS_SECRET_KEY" >> $GOGS_CONFIG_FILE
+ echo '' >> $GOGS_CONFIG_FILE
+ echo '[service]' >> $GOGS_CONFIG_FILE
+ echo 'DISABLE_REGISTRATION = false' >> $GOGS_CONFIG_FILE
+ echo 'SHOW_REGISTRATION_BUTTON = true' >> $GOGS_CONFIG_FILE
+ echo 'REQUIRE_SIGNIN_VIEW = false' >> $GOGS_CONFIG_FILE
+ echo 'ENABLE_CAPTCHA = false' >> $GOGS_CONFIG_FILE
+ echo '' >> $GOGS_CONFIG_FILE
+ echo '[other]' >> $GOGS_CONFIG_FILE
+ echo 'SHOW_FOOTER_BRANDING = false' >> $GOGS_CONFIG_FILE
+ echo 'SHOW_FOOTER_VERSION = false' >> $GOGS_CONFIG_FILE
+
+ chmod 750 $GOGS_CONFIG_FILE
+ chown -R git:git /home/git
+
+ systemctl restart gogs
+
+ if ! grep -q "Gogs domain:" $COMPLETION_FILE; then
+ echo "Gogs domain:$GIT_DOMAIN_NAME" >> $COMPLETION_FILE
+ fi
+
+ function_check configure_firewall_for_git
+ configure_firewall_for_git
+ echo 'install_gogs' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-hubzilla b/src/freedombone-app-hubzilla
index f71a38149..e3db14475 100755
--- a/src/freedombone-app-hubzilla
+++ b/src/freedombone-app-hubzilla
@@ -41,461 +41,461 @@ HUBZILLA_COMMIT='2d79e75788aa71664a379c4cea0b6bfe3ab87ad0'
HUBZILLA_ADDONS_COMMIT='67b40c7a40f328a93ee030eb15e9e1261f3cba64'
function reconfigure_hubzilla {
- echo -n ''
+ echo -n ''
}
function upgrade_hubzilla {
- if ! grep -Fxq "install_hubzilla" $COMPLETION_FILE; then
- return
- fi
- HUBZILLA_PATH=/var/www/$HUBZILLA_DOMAIN_NAME/htdocs
-
- function_check set_repo_commit
- set_repo_commit $HUBZILLA_PATH "Hubzilla commit" "$HUBZILLA_COMMIT" $HUBZILLA_REPO
- set_repo_commit $HUBZILLA_PATH/addon "Hubzilla addons commit" "$HUBZILLA_ADDONS_COMMIT" $HUBZILLA_ADDONS_REPO
- if [ -d $HUBZILLA_PATH/redmatrix-themes1 ]; then
- cd $HUBZILLA_PATH/redmatrix-themes1
- git stash
- git pull
- cp -r $HUBZILLA_PATH/redmatrix-themes1/* $HUBZILLA_PATH/view/theme/
- chown -R www-data:www-data $HUBZILLA_PATH
- fi
+ if ! grep -Fxq "install_hubzilla" $COMPLETION_FILE; then
+ return
+ fi
+ HUBZILLA_PATH=/var/www/$HUBZILLA_DOMAIN_NAME/htdocs
+
+ function_check set_repo_commit
+ set_repo_commit $HUBZILLA_PATH "Hubzilla commit" "$HUBZILLA_COMMIT" $HUBZILLA_REPO
+ set_repo_commit $HUBZILLA_PATH/addon "Hubzilla addons commit" "$HUBZILLA_ADDONS_COMMIT" $HUBZILLA_ADDONS_REPO
+ if [ -d $HUBZILLA_PATH/redmatrix-themes1 ]; then
+ cd $HUBZILLA_PATH/redmatrix-themes1
+ git stash
+ git pull
+ cp -r $HUBZILLA_PATH/redmatrix-themes1/* $HUBZILLA_PATH/view/theme/
+ chown -R www-data:www-data $HUBZILLA_PATH
+ fi
}
function backup_local_hubzilla {
- if grep -q "Hubzilla domain" $COMPLETION_FILE; then
- HUBZILLA_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Hubzilla domain" | awk -F ':' '{print $2}')
- hubzilla_path=/var/www/${HUBZILLA_DOMAIN_NAME}/htdocs
- if [ -d $hubzilla_path ]; then
- echo $"Backing up Hubzilla"
- function_check backup_database_to_usb
- backup_database_to_usb hubzilla
-
- backup_directory_to_usb $hubzilla_path hubzilla
-
- echo $"Hubzilla backup complete"
- fi
+ if grep -q "Hubzilla domain" $COMPLETION_FILE; then
+ HUBZILLA_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Hubzilla domain" | awk -F ':' '{print $2}')
+ hubzilla_path=/var/www/${HUBZILLA_DOMAIN_NAME}/htdocs
+ if [ -d $hubzilla_path ]; then
+ echo $"Backing up Hubzilla"
+ function_check backup_database_to_usb
+ backup_database_to_usb hubzilla
+
+ backup_directory_to_usb $hubzilla_path hubzilla
+
+ echo $"Hubzilla backup complete"
fi
+ fi
}
function restore_local_hubzilla {
- if ! grep -q "Hubzilla domain" $COMPLETION_FILE; then
- return
- fi
- HUBZILLA_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Hubzilla domain" | awk -F ':' '{print $2}')
- if [ $HUBZILLA_DOMAIN_NAME ]; then
- echo $"Restoring Hubzilla"
- temp_restore_dir=/root/temphubzilla
- hubzilla_dir=/var/www/${HUBZILLA_DOMAIN_NAME}/htdocs
- restore_database hubzilla ${HUBZILLA_DOMAIN_NAME}
- if [ -d $USB_MOUNT/backup/hubzilla ]; then
- if [ ! -d $hubzilla_dir/store/[data]/smarty3 ]; then
- mkdir -p $hubzilla_dir/store/[data]/smarty3
- fi
- chmod 777 $hubzilla_dir/store/[data]/smarty3
- chown -R www-data:www-data $hubzilla_dir/*
- if [ -d $temp_restore_dir ]; then
- rm -rf $temp_restore_dir
- fi
- fi
- echo $"Restore of Hubzilla complete"
+ if ! grep -q "Hubzilla domain" $COMPLETION_FILE; then
+ return
+ fi
+ HUBZILLA_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Hubzilla domain" | awk -F ':' '{print $2}')
+ if [ $HUBZILLA_DOMAIN_NAME ]; then
+ echo $"Restoring Hubzilla"
+ temp_restore_dir=/root/temphubzilla
+ hubzilla_dir=/var/www/${HUBZILLA_DOMAIN_NAME}/htdocs
+ restore_database hubzilla ${HUBZILLA_DOMAIN_NAME}
+ if [ -d $USB_MOUNT/backup/hubzilla ]; then
+ if [ ! -d $hubzilla_dir/store/[data]/smarty3 ]; then
+ mkdir -p $hubzilla_dir/store/[data]/smarty3
+ fi
+ chmod 777 $hubzilla_dir/store/[data]/smarty3
+ chown -R www-data:www-data $hubzilla_dir/*
+ if [ -d $temp_restore_dir ]; then
+ rm -rf $temp_restore_dir
+ fi
fi
+ echo $"Restore of Hubzilla complete"
+ fi
}
function backup_remote_hubzilla {
- if grep -q "Hubzilla domain" $COMPLETION_FILE; then
- HUBZILLA_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Hubzilla domain" | awk -F ':' '{print $2}')
- temp_backup_dir=/var/www/${HUBZILLA_DOMAIN_NAME}/htdocs
- if [ -d $temp_backup_dir ]; then
- suspend_site ${HUBZILLA_DOMAIN_NAME}
- backup_database_to_friend hubzilla
- echo "Backing up Hubzilla installation"
- backup_directory_to_friend $temp_backup_dir hubzilla
- restart_site
- echo "Backup of Hubzilla complete"
- else
- echo $"Hubzilla domain specified but not found in /var/www/${HUBZILLA_DOMAIN_NAME}"
- exit 2578
- fi
+ if grep -q "Hubzilla domain" $COMPLETION_FILE; then
+ HUBZILLA_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Hubzilla domain" | awk -F ':' '{print $2}')
+ temp_backup_dir=/var/www/${HUBZILLA_DOMAIN_NAME}/htdocs
+ if [ -d $temp_backup_dir ]; then
+ suspend_site ${HUBZILLA_DOMAIN_NAME}
+ backup_database_to_friend hubzilla
+ echo "Backing up Hubzilla installation"
+ backup_directory_to_friend $temp_backup_dir hubzilla
+ restart_site
+ echo "Backup of Hubzilla complete"
+ else
+ echo $"Hubzilla domain specified but not found in /var/www/${HUBZILLA_DOMAIN_NAME}"
+ exit 2578
fi
+ fi
}
function restore_remote_hubzilla {
- if grep -q "Hubzilla domain" $COMPLETION_FILE; then
- echo $"Restoring Hubzilla"
- HUBZILLA_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Hubzilla domain" | awk -F ':' '{print $2}')
- function_check restore_database_from_friend
- restore_database_from_friend hubzilla ${HUBZILLA_DOMAIN_NAME}
- if [ -d $SERVER_DIRECTORY/backup/hubzilla ]; then
- if [ ! -d /var/www/${HUBZILLA_DOMAIN_NAME}/htdocs/store/[data]/smarty3 ]; then
- mkdir -p /var/www/${HUBZILLA_DOMAIN_NAME}/htdocs/store/[data]/smarty3
- fi
- chmod 777 /var/www/${HUBZILLA_DOMAIN_NAME}/htdocs/store/[data]/smarty3
- chown -R www-data:www-data /var/www/${HUBZILLA_DOMAIN_NAME}/htdocs/*
- fi
- if [ -d /root/temphubzilla ]; then
- rm -rf /root/temphubzilla
- fi
- echo $"Restore of Hubzilla complete"
+ if grep -q "Hubzilla domain" $COMPLETION_FILE; then
+ echo $"Restoring Hubzilla"
+ HUBZILLA_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Hubzilla domain" | awk -F ':' '{print $2}')
+ function_check restore_database_from_friend
+ restore_database_from_friend hubzilla ${HUBZILLA_DOMAIN_NAME}
+ if [ -d $SERVER_DIRECTORY/backup/hubzilla ]; then
+ if [ ! -d /var/www/${HUBZILLA_DOMAIN_NAME}/htdocs/store/[data]/smarty3 ]; then
+ mkdir -p /var/www/${HUBZILLA_DOMAIN_NAME}/htdocs/store/[data]/smarty3
+ fi
+ chmod 777 /var/www/${HUBZILLA_DOMAIN_NAME}/htdocs/store/[data]/smarty3
+ chown -R www-data:www-data /var/www/${HUBZILLA_DOMAIN_NAME}/htdocs/*
+ fi
+ if [ -d /root/temphubzilla ]; then
+ rm -rf /root/temphubzilla
fi
+ echo $"Restore of Hubzilla complete"
+ fi
}
function remove_hubzilla {
- if ! grep -Fxq "Hubzilla domain" $COMPLETION_FILE; then
- return
- fi
- echo $'Removing Hubzilla'
- HUBZILLA_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Hubzilla domain" | awk -F ':' '{print $2}')
- nginx_dissite $HUBZILLA_DOMAIN_NAME
- if [ -d /var/www/$HUBZILLA_DOMAIN_NAME ]; then
- rm -rf /var/www/$HUBZILLA_DOMAIN_NAME
- fi
- if [ -f /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME ]; then
- rm /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- fi
- function_check drop_database
- drop_database hubzilla
- function_check remove_onion_service
- remove_onion_service hubzilla ${HUBZILLA_ONION_PORT}
- sed -i '/install_hubzilla/d' $COMPLETION_FILE
- sed -i '/Hubzilla /d' $COMPLETION_FILE
- echo $'Hubzilla was removed'
+ if ! grep -Fxq "Hubzilla domain" $COMPLETION_FILE; then
+ return
+ fi
+ echo $'Removing Hubzilla'
+ HUBZILLA_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Hubzilla domain" | awk -F ':' '{print $2}')
+ nginx_dissite $HUBZILLA_DOMAIN_NAME
+ if [ -d /var/www/$HUBZILLA_DOMAIN_NAME ]; then
+ rm -rf /var/www/$HUBZILLA_DOMAIN_NAME
+ fi
+ if [ -f /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME ]; then
+ rm /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ fi
+ function_check drop_database
+ drop_database hubzilla
+ function_check remove_onion_service
+ remove_onion_service hubzilla ${HUBZILLA_ONION_PORT}
+ sed -i '/install_hubzilla/d' $COMPLETION_FILE
+ sed -i '/Hubzilla /d' $COMPLETION_FILE
+ echo $'Hubzilla was removed'
}
function install_hubzilla {
- if [ ! $HUBZILLA_DOMAIN_NAME ]; then
- return
- fi
-
- if [[ $ONION_ONLY != "no" ]]; then
- return
- fi
-
- if grep -Fxq "install_hubzilla" $COMPLETION_FILE; then
- return
- fi
-
- HUBZILLA_PATH=/var/www/$HUBZILLA_DOMAIN_NAME/htdocs
-
- function_check install_mariadb
- install_mariadb
-
- function_check get_mariadb_password
- get_mariadb_password
-
- function_check repair_databases_script
- repair_databases_script
-
- apt-get -y install php5-common php5-cli php5-curl php5-gd php5-mysql php5-mcrypt git
- apt-get -y install php5-dev imagemagick php5-imagick
- apt-get -y install php5-memcached
-
- if [ ! -d /var/www/$HUBZILLA_DOMAIN_NAME ]; then
- mkdir /var/www/$HUBZILLA_DOMAIN_NAME
- fi
- if [ ! -d $HUBZILLA_PATH ]; then
- mkdir $HUBZILLA_PATH
- fi
-
- if [ ! -f $HUBZILLA_PATH/index.php ]; then
- cd $INSTALL_DIR
- function_check git_clone
- git_clone $HUBZILLA_REPO hubzilla
- git checkout $HUBZILLA_COMMIT -b $HUBZILLA_COMMIT
- if ! grep -q "Hubzilla commit" $COMPLETION_FILE; then
- echo "Hubzilla commit:$HUBZILLA_COMMIT" >> $COMPLETION_FILE
- else
- sed -i "s/Hubzilla commit.*/Hubzilla commit:$HUBZILLA_COMMIT/g" $COMPLETION_FILE
- fi
-
- rm -rf $HUBZILLA_PATH
- mv hubzilla $HUBZILLA_PATH
-
- git_clone $HUBZILLA_ADDONS_REPO $HUBZILLA_PATH/addon
- cd $HUBZILLA_PATH/addon
- git checkout $HUBZILLA_ADDONS_COMMIT -b $HUBZILLA_ADDONS_COMMIT
- if ! grep -q "Hubzilla addons commit" $COMPLETION_FILE; then
- echo "Hubzilla addons commit:$HUBZILLA_ADDONS_COMMIT" >> $COMPLETION_FILE
- else
- sed -i "s/Hubzilla addons commit.*/Hubzilla addons commit:$HUBZILLA_ADDONS_COMMIT/g" $COMPLETION_FILE
- fi
-
- # some extra themes
- git_clone $HUBZILLA_THEMES_REPO $HUBZILLA_PATH/redmatrix-themes1
- cp -r $HUBZILLA_PATH/redmatrix-themes1/* $HUBZILLA_PATH/view/theme/
-
- chown -R www-data:www-data $HUBZILLA_PATH
- fi
-
- HUBZILLA_ONION_HOSTNAME=
- if [[ $ONION_ONLY != "no" ]]; then
- HUBZILLA_ONION_HOSTNAME=$(add_onion_service hubzilla 80 ${HUBZILLA_ONION_PORT})
- echo "Hubzilla onion domain:${HUBZILLA_ONION_HOSTNAME}" >> $COMPLETION_FILE
- fi
-
- function_check get_mariadb_hubzilla_admin_password
- get_mariadb_hubzilla_admin_password
- if [ ! $HUBZILLA_ADMIN_PASSWORD ]; then
- if [ -f $IMAGE_PASSWORD_FILE ]; then
- HUBZILLA_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
- else
- HUBZILLA_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- fi
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo 'Hubzilla' >> /home/$MY_USERNAME/README
- echo '========' >> /home/$MY_USERNAME/README
- if [[ $ONION_ONLY == 'no' ]]; then
- echo $"Open https://$HUBZILLA_DOMAIN_NAME and register a new user" >> /home/$MY_USERNAME/README
- else
- echo $"Open http://$HUBZILLA_ONION_HOSTNAME and register a new user" >> /home/$MY_USERNAME/README
- fi
- echo $"Your MariaDB Hubzilla admin password is: $HUBZILLA_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
- fi
-
- function_check create_database
- create_database hubzilla "$HUBZILLA_ADMIN_PASSWORD"
-
- if ! grep -q "$HUBZILLA_PATH" /etc/crontab; then
- echo "12,22,32,42,52 * * * * root cd $HUBZILLA_PATH; /usr/bin/timeout 500 /usr/bin/php include/poller.php" >> /etc/crontab
- fi
-
- function_check add_ddns_domain
- add_ddns_domain $HUBZILLA_DOMAIN_NAME
-
- if [[ $ONION_ONLY == "no" ]]; then
- function_check nginx_http_redirect
- nginx_http_redirect $HUBZILLA_DOMAIN_NAME
- echo 'server {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' listen 443 ssl;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo " root $HUBZILLA_PATH;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo " server_name $HUBZILLA_DOMAIN_NAME;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo " error_log /var/log/nginx/${HUBZILLA_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' index index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' charset utf-8;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' access_log off;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $HUBZILLA_DOMAIN_NAME
- function_check nginx_ssl
- nginx_ssl $HUBZILLA_DOMAIN_NAME
- function_check nginx_disable_sniffing
- nginx_disable_sniffing $HUBZILLA_DOMAIN_NAME
- echo ' add_header Strict-Transport-Security max-age=15768000;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' location / {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' allow all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' expires 30d;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # block these file types' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # or a unix socket' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' fastcgi_read_timeout 300;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' location ~ /\. {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo '}' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ if [ ! $HUBZILLA_DOMAIN_NAME ]; then
+ return
+ fi
+
+ if [[ $ONION_ONLY != "no" ]]; then
+ return
+ fi
+
+ if grep -Fxq "install_hubzilla" $COMPLETION_FILE; then
+ return
+ fi
+
+ HUBZILLA_PATH=/var/www/$HUBZILLA_DOMAIN_NAME/htdocs
+
+ function_check install_mariadb
+ install_mariadb
+
+ function_check get_mariadb_password
+ get_mariadb_password
+
+ function_check repair_databases_script
+ repair_databases_script
+
+ apt-get -y install php5-common php5-cli php5-curl php5-gd php5-mysql php5-mcrypt git
+ apt-get -y install php5-dev imagemagick php5-imagick
+ apt-get -y install php5-memcached
+
+ if [ ! -d /var/www/$HUBZILLA_DOMAIN_NAME ]; then
+ mkdir /var/www/$HUBZILLA_DOMAIN_NAME
+ fi
+ if [ ! -d $HUBZILLA_PATH ]; then
+ mkdir $HUBZILLA_PATH
+ fi
+
+ if [ ! -f $HUBZILLA_PATH/index.php ]; then
+ cd $INSTALL_DIR
+ function_check git_clone
+ git_clone $HUBZILLA_REPO hubzilla
+ git checkout $HUBZILLA_COMMIT -b $HUBZILLA_COMMIT
+ if ! grep -q "Hubzilla commit" $COMPLETION_FILE; then
+ echo "Hubzilla commit:$HUBZILLA_COMMIT" >> $COMPLETION_FILE
else
- echo 'server {' > /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo " listen 127.0.0.1:${HUBZILLA_ONION_PORT} default_server;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo " root $HUBZILLA_PATH;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo " server_name $HUBZILLA_ONION_HOSTNAME;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo " error_log /var/log/nginx/${HUBZILLA_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' index index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' charset utf-8;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' access_log off;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- nginx_limits $HUBZILLA_DOMAIN_NAME
- nginx_disable_sniffing $HUBZILLA_DOMAIN_NAME
- echo ' add_header Strict-Transport-Security max-age=15768000;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' location / {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' allow all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' expires 30d;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # block these file types' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # or a unix socket' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' fastcgi_read_timeout 300;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' location ~ /\. {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- echo '}' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ sed -i "s/Hubzilla commit.*/Hubzilla commit:$HUBZILLA_COMMIT/g" $COMPLETION_FILE
fi
- function_check configure_php
- configure_php
+ rm -rf $HUBZILLA_PATH
+ mv hubzilla $HUBZILLA_PATH
- function_check create_site_certificate
- create_site_certificate $HUBZILLA_DOMAIN_NAME 'yes'
-
- if [ ! -d $HUBZILLA_PATH/view/tpl/smarty3 ]; then
- mkdir $HUBZILLA_PATH/view/tpl/smarty3
- fi
- if [ ! -d "$HUBZILLA_PATH/store" ]; then
- mkdir "$HUBZILLA_PATH/store"
- fi
- if [ ! -d "$HUBZILLA_PATH/store/[data]" ]; then
- mkdir "$HUBZILLA_PATH/store/[data]"
- fi
- if [ ! -d "$HUBZILLA_PATH/store/[data]/smarty3" ]; then
- mkdir "$HUBZILLA_PATH/store/[data]/smarty3"
- chmod 777 "$HUBZILLA_PATH/store/[data]/smarty3"
+ git_clone $HUBZILLA_ADDONS_REPO $HUBZILLA_PATH/addon
+ cd $HUBZILLA_PATH/addon
+ git checkout $HUBZILLA_ADDONS_COMMIT -b $HUBZILLA_ADDONS_COMMIT
+ if ! grep -q "Hubzilla addons commit" $COMPLETION_FILE; then
+ echo "Hubzilla addons commit:$HUBZILLA_ADDONS_COMMIT" >> $COMPLETION_FILE
+ else
+ sed -i "s/Hubzilla addons commit.*/Hubzilla addons commit:$HUBZILLA_ADDONS_COMMIT/g" $COMPLETION_FILE
fi
- chmod 777 $HUBZILLA_PATH/view/tpl
- chown -R www-data:www-data "$HUBZILLA_PATH/store"
- chmod 777 $HUBZILLA_PATH/view/tpl/smarty3
-
- # Ensure that the database gets backed up locally, if remote
- # backups are not being used
- function_check backup_databases_script_header
- backup_databases_script_header
- function_check backup_database_local
- backup_database_local hubzilla
+ # some extra themes
+ git_clone $HUBZILLA_THEMES_REPO $HUBZILLA_PATH/redmatrix-themes1
+ cp -r $HUBZILLA_PATH/redmatrix-themes1/* $HUBZILLA_PATH/view/theme/
chown -R www-data:www-data $HUBZILLA_PATH
-
- function_check nginx_ensite
- nginx_ensite $HUBZILLA_DOMAIN_NAME
-
- # initialize the database
- if [ ! -f $HUBZILLA_PATH/install/schema_mysql.sql ]; then
- echo $'No database schema found for hubzilla'
- exit 252782
+ fi
+
+ HUBZILLA_ONION_HOSTNAME=
+ if [[ $ONION_ONLY != "no" ]]; then
+ HUBZILLA_ONION_HOSTNAME=$(add_onion_service hubzilla 80 ${HUBZILLA_ONION_PORT})
+ echo "Hubzilla onion domain:${HUBZILLA_ONION_HOSTNAME}" >> $COMPLETION_FILE
+ fi
+
+ function_check get_mariadb_hubzilla_admin_password
+ get_mariadb_hubzilla_admin_password
+ if [ ! $HUBZILLA_ADMIN_PASSWORD ]; then
+ if [ -f $IMAGE_PASSWORD_FILE ]; then
+ HUBZILLA_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
+ else
+ HUBZILLA_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
fi
- function_check initialise_database
- initialise_database hubzilla $HUBZILLA_PATH/install/schema_mysql.sql
-
- # create the config file
- echo '<?php' > $HUBZILLA_PATH/.htconfig.php
- echo "\$db_host = 'localhost';" >> $HUBZILLA_PATH/.htconfig.php
- echo "\$db_port = '0';" >> $HUBZILLA_PATH/.htconfig.php
- echo "\$db_user = 'root';" >> $HUBZILLA_PATH/.htconfig.php
- echo "\$db_pass = '${MARIADB_PASSWORD}';" >> $HUBZILLA_PATH/.htconfig.php
- echo "\$db_data = 'hubzilla';" >> $HUBZILLA_PATH/.htconfig.php
- echo "\$db_type = '0';" >> $HUBZILLA_PATH/.htconfig.php
- echo "\$default_timezone = 'Europe/London';" >> $HUBZILLA_PATH/.htconfig.php
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo 'Hubzilla' >> /home/$MY_USERNAME/README
+ echo '========' >> /home/$MY_USERNAME/README
if [[ $ONION_ONLY == 'no' ]]; then
- echo "\$a->config['system']['baseurl'] = 'https://${HUBZILLA_DOMAIN_NAME}';" >> $HUBZILLA_PATH/.htconfig.php
+ echo $"Open https://$HUBZILLA_DOMAIN_NAME and register a new user" >> /home/$MY_USERNAME/README
else
- echo "\$a->config['system']['baseurl'] = 'http://${HUBZILLA_ONION_HOSTNAME}';" >> $HUBZILLA_PATH/.htconfig.php
+ echo $"Open http://$HUBZILLA_ONION_HOSTNAME and register a new user" >> /home/$MY_USERNAME/README
fi
- echo "\$a->config['system']['sitename'] = \"Hubzilla\";" >> $HUBZILLA_PATH/.htconfig.php
- HUBZILLA_LOCATION_HASH="$(create_password 30)"
- echo "\$a->config['system']['location_hash'] = '${HUBZILLA_LOCATION_HASH}';" >> $HUBZILLA_PATH/.htconfig.php
- echo "\$a->config['system']['register_policy'] = REGISTER_OPEN;" >> $HUBZILLA_PATH/.htconfig.php
- echo "\$a->config['system']['register_text'] = '';" >> $HUBZILLA_PATH/.htconfig.php
- echo "\$a->config['system']['admin_email'] = '${MY_EMAIL_ADDRESS}';" >> $HUBZILLA_PATH/.htconfig.php
- echo "\$a->config['system']['verify_email'] = 1;" >> $HUBZILLA_PATH/.htconfig.php
- echo "\$a->config['system']['access_policy'] = ACCESS_PRIVATE;" >> $HUBZILLA_PATH/.htconfig.php
- echo "\$a->config['system']['sellpage'] = '';" >> $HUBZILLA_PATH/.htconfig.php
- echo "\$a->config['system']['max_import_size'] = 200000;" >> $HUBZILLA_PATH/.htconfig.php
- echo "\$a->config['system']['php_path'] = '/usr/bin/php';" >> $HUBZILLA_PATH/.htconfig.php
- echo "\$a->config['system']['directory_mode'] = DIRECTORY_MODE_NORMAL;" >> $HUBZILLA_PATH/.htconfig.php
- echo "\$a->config['system']['theme'] = 'redbasic';" >> $HUBZILLA_PATH/.htconfig.php
- chown www-data:www-data $HUBZILLA_PATH/.htconfig.php
- chmod 755 $HUBZILLA_PATH/.htconfig.php
-
- systemctl restart php5-fpm
- systemctl restart nginx
- systemctl restart cron
-
- ${PROJECT_NAME}-addemail -u $MY_USERNAME -e "noreply@$HUBZILLA_DOMAIN_NAME" -g hubzilla --public no
-
- echo "Hubzilla domain:${HUBZILLA_DOMAIN_NAME}" >> $COMPLETION_FILE
- echo 'install_hubzilla' >> $COMPLETION_FILE
+ echo $"Your MariaDB Hubzilla admin password is: $HUBZILLA_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
+
+ function_check create_database
+ create_database hubzilla "$HUBZILLA_ADMIN_PASSWORD"
+
+ if ! grep -q "$HUBZILLA_PATH" /etc/crontab; then
+ echo "12,22,32,42,52 * * * * root cd $HUBZILLA_PATH; /usr/bin/timeout 500 /usr/bin/php include/poller.php" >> /etc/crontab
+ fi
+
+ function_check add_ddns_domain
+ add_ddns_domain $HUBZILLA_DOMAIN_NAME
+
+ if [[ $ONION_ONLY == "no" ]]; then
+ function_check nginx_http_redirect
+ nginx_http_redirect $HUBZILLA_DOMAIN_NAME
+ echo 'server {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' listen 443 ssl;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo " root $HUBZILLA_PATH;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo " server_name $HUBZILLA_DOMAIN_NAME;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo " error_log /var/log/nginx/${HUBZILLA_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' index index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' charset utf-8;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' access_log off;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $HUBZILLA_DOMAIN_NAME
+ function_check nginx_ssl
+ nginx_ssl $HUBZILLA_DOMAIN_NAME
+ function_check nginx_disable_sniffing
+ nginx_disable_sniffing $HUBZILLA_DOMAIN_NAME
+ echo ' add_header Strict-Transport-Security max-age=15768000;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' location / {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' allow all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' expires 30d;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # block these file types' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # or a unix socket' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' fastcgi_read_timeout 300;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' location ~ /\. {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo '}' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ else
+ echo 'server {' > /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo " listen 127.0.0.1:${HUBZILLA_ONION_PORT} default_server;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo " root $HUBZILLA_PATH;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo " server_name $HUBZILLA_ONION_HOSTNAME;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo " error_log /var/log/nginx/${HUBZILLA_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' index index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' charset utf-8;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' access_log off;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ nginx_limits $HUBZILLA_DOMAIN_NAME
+ nginx_disable_sniffing $HUBZILLA_DOMAIN_NAME
+ echo ' add_header Strict-Transport-Security max-age=15768000;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' location / {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' allow all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' expires 30d;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # block these file types' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # or a unix socket' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' fastcgi_read_timeout 300;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' location ~ /\. {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ echo '}' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ fi
+
+ function_check configure_php
+ configure_php
+
+ function_check create_site_certificate
+ create_site_certificate $HUBZILLA_DOMAIN_NAME 'yes'
+
+ if [ ! -d $HUBZILLA_PATH/view/tpl/smarty3 ]; then
+ mkdir $HUBZILLA_PATH/view/tpl/smarty3
+ fi
+ if [ ! -d "$HUBZILLA_PATH/store" ]; then
+ mkdir "$HUBZILLA_PATH/store"
+ fi
+ if [ ! -d "$HUBZILLA_PATH/store/[data]" ]; then
+ mkdir "$HUBZILLA_PATH/store/[data]"
+ fi
+ if [ ! -d "$HUBZILLA_PATH/store/[data]/smarty3" ]; then
+ mkdir "$HUBZILLA_PATH/store/[data]/smarty3"
+ chmod 777 "$HUBZILLA_PATH/store/[data]/smarty3"
+ fi
+ chmod 777 $HUBZILLA_PATH/view/tpl
+ chown -R www-data:www-data "$HUBZILLA_PATH/store"
+ chmod 777 $HUBZILLA_PATH/view/tpl/smarty3
+
+ # Ensure that the database gets backed up locally, if remote
+ # backups are not being used
+ function_check backup_databases_script_header
+ backup_databases_script_header
+
+ function_check backup_database_local
+ backup_database_local hubzilla
+
+ chown -R www-data:www-data $HUBZILLA_PATH
+
+ function_check nginx_ensite
+ nginx_ensite $HUBZILLA_DOMAIN_NAME
+
+ # initialize the database
+ if [ ! -f $HUBZILLA_PATH/install/schema_mysql.sql ]; then
+ echo $'No database schema found for hubzilla'
+ exit 252782
+ fi
+ function_check initialise_database
+ initialise_database hubzilla $HUBZILLA_PATH/install/schema_mysql.sql
+
+ # create the config file
+ echo '<?php' > $HUBZILLA_PATH/.htconfig.php
+ echo "\$db_host = 'localhost';" >> $HUBZILLA_PATH/.htconfig.php
+ echo "\$db_port = '0';" >> $HUBZILLA_PATH/.htconfig.php
+ echo "\$db_user = 'root';" >> $HUBZILLA_PATH/.htconfig.php
+ echo "\$db_pass = '${MARIADB_PASSWORD}';" >> $HUBZILLA_PATH/.htconfig.php
+ echo "\$db_data = 'hubzilla';" >> $HUBZILLA_PATH/.htconfig.php
+ echo "\$db_type = '0';" >> $HUBZILLA_PATH/.htconfig.php
+ echo "\$default_timezone = 'Europe/London';" >> $HUBZILLA_PATH/.htconfig.php
+ if [[ $ONION_ONLY == 'no' ]]; then
+ echo "\$a->config['system']['baseurl'] = 'https://${HUBZILLA_DOMAIN_NAME}';" >> $HUBZILLA_PATH/.htconfig.php
+ else
+ echo "\$a->config['system']['baseurl'] = 'http://${HUBZILLA_ONION_HOSTNAME}';" >> $HUBZILLA_PATH/.htconfig.php
+ fi
+ echo "\$a->config['system']['sitename'] = \"Hubzilla\";" >> $HUBZILLA_PATH/.htconfig.php
+ HUBZILLA_LOCATION_HASH="$(create_password 30)"
+ echo "\$a->config['system']['location_hash'] = '${HUBZILLA_LOCATION_HASH}';" >> $HUBZILLA_PATH/.htconfig.php
+ echo "\$a->config['system']['register_policy'] = REGISTER_OPEN;" >> $HUBZILLA_PATH/.htconfig.php
+ echo "\$a->config['system']['register_text'] = '';" >> $HUBZILLA_PATH/.htconfig.php
+ echo "\$a->config['system']['admin_email'] = '${MY_EMAIL_ADDRESS}';" >> $HUBZILLA_PATH/.htconfig.php
+ echo "\$a->config['system']['verify_email'] = 1;" >> $HUBZILLA_PATH/.htconfig.php
+ echo "\$a->config['system']['access_policy'] = ACCESS_PRIVATE;" >> $HUBZILLA_PATH/.htconfig.php
+ echo "\$a->config['system']['sellpage'] = '';" >> $HUBZILLA_PATH/.htconfig.php
+ echo "\$a->config['system']['max_import_size'] = 200000;" >> $HUBZILLA_PATH/.htconfig.php
+ echo "\$a->config['system']['php_path'] = '/usr/bin/php';" >> $HUBZILLA_PATH/.htconfig.php
+ echo "\$a->config['system']['directory_mode'] = DIRECTORY_MODE_NORMAL;" >> $HUBZILLA_PATH/.htconfig.php
+ echo "\$a->config['system']['theme'] = 'redbasic';" >> $HUBZILLA_PATH/.htconfig.php
+ chown www-data:www-data $HUBZILLA_PATH/.htconfig.php
+ chmod 755 $HUBZILLA_PATH/.htconfig.php
+
+ systemctl restart php5-fpm
+ systemctl restart nginx
+ systemctl restart cron
+
+ ${PROJECT_NAME}-addemail -u $MY_USERNAME -e "noreply@$HUBZILLA_DOMAIN_NAME" -g hubzilla --public no
+
+ echo "Hubzilla domain:${HUBZILLA_DOMAIN_NAME}" >> $COMPLETION_FILE
+ echo 'install_hubzilla' >> $COMPLETION_FILE
}
# NOTE: deliberately there is no "exit 0"
diff --git a/src/freedombone-app-ipfs b/src/freedombone-app-ipfs
index 39e6da911..e569e5713 100755
--- a/src/freedombone-app-ipfs
+++ b/src/freedombone-app-ipfs
@@ -35,251 +35,251 @@ IPFS_COMMIT='20b06a4cbce8884f5b194da6e98cb11f2c77f166'
IPFS_PORT=4001
function reconfigure_ipfs {
- echo -n ''
+ echo -n ''
}
function upgrade_ipfs {
- if ! grep -Fxq "install_ipfs" $COMPLETION_FILE; then
- return
- fi
+ if ! grep -Fxq "install_ipfs" $COMPLETION_FILE; then
+ return
+ fi
- function_check select_go_version
- select_go_version
+ function_check select_go_version
+ select_go_version
- function_check set_repo_commit
- set_repo_commit $GOPATH/src/github.com/ipfs/go-ipfs "ipfs commit" "$IPFS_COMMIT" $IPFS_REPO
+ function_check set_repo_commit
+ set_repo_commit $GOPATH/src/github.com/ipfs/go-ipfs "ipfs commit" "$IPFS_COMMIT" $IPFS_REPO
}
function backup_local_ipfs {
- if ! grep -q "Admin user" $COMPLETION_FILE; then
- return
- fi
- ADMIN_USERNAME=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}')
- source_directory=/home/$ADMIN_USERNAME/.ipfs
- if [ -d $source_directory ]; then
- dest_directory=ipfs
- echo $"Backing up $source_directory to $dest_directory"
-
- function_check backup_directory_to_usb
- backup_directory_to_usb $source_directory $dest_directory
-
- echo $"Backup to $dest_directory complete"
- fi
+ if ! grep -q "Admin user" $COMPLETION_FILE; then
+ return
+ fi
+ ADMIN_USERNAME=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}')
+ source_directory=/home/$ADMIN_USERNAME/.ipfs
+ if [ -d $source_directory ]; then
+ dest_directory=ipfs
+ echo $"Backing up $source_directory to $dest_directory"
+
+ function_check backup_directory_to_usb
+ backup_directory_to_usb $source_directory $dest_directory
+
+ echo $"Backup to $dest_directory complete"
+ fi
}
function restore_local_ipfs {
- if ! grep -q "Admin user" $COMPLETION_FILE; then
- return
- fi
- if [ -d $USB_MOUNT/backup/ipfs ]; then
- echo $"Restoring IPFS"
- temp_restore_dir=/root/tempipfs
- function_check restore_directory_from_usb
- restore_directory_from_usb $temp_restore_dir ipfs
- ADMIN_USERNAME=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}')
- cp -rf $temp_restore_dir/home/$ADMIN_USERNAME/.ipfs/* /home/$ADMIN_USERNAME/.ipfs
- if [ ! "$?" = "0" ]; then
- rm -rf $temp_restore_dir
- function_check set_user_permissions
- set_user_permissions
- function_check backup_unmount_drive
- backup_unmount_drive
- exit 27627
- fi
- rm -rf $temp_restore_dir
- echo $"Restore of IPFS complete"
+ if ! grep -q "Admin user" $COMPLETION_FILE; then
+ return
+ fi
+ if [ -d $USB_MOUNT/backup/ipfs ]; then
+ echo $"Restoring IPFS"
+ temp_restore_dir=/root/tempipfs
+ function_check restore_directory_from_usb
+ restore_directory_from_usb $temp_restore_dir ipfs
+ ADMIN_USERNAME=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}')
+ cp -rf $temp_restore_dir/home/$ADMIN_USERNAME/.ipfs/* /home/$ADMIN_USERNAME/.ipfs
+ if [ ! "$?" = "0" ]; then
+ rm -rf $temp_restore_dir
+ function_check set_user_permissions
+ set_user_permissions
+ function_check backup_unmount_drive
+ backup_unmount_drive
+ exit 27627
fi
+ rm -rf $temp_restore_dir
+ echo $"Restore of IPFS complete"
+ fi
}
function backup_remote_ipfs {
- if ! grep -q "Admin user" $COMPLETION_FILE; then
- return
- fi
- ADMIN_USERNAME=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}')
- if [ -d /home/$ADMIN_USERNAME/.ipfs ]; then
- echo $"Backing up IPFS"
- backup_directory_to_friend /home/$ADMIN_USERNAME/.ipfs ipfs
- echo $"Backup of IPFS complete"
- fi
+ if ! grep -q "Admin user" $COMPLETION_FILE; then
+ return
+ fi
+ ADMIN_USERNAME=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}')
+ if [ -d /home/$ADMIN_USERNAME/.ipfs ]; then
+ echo $"Backing up IPFS"
+ backup_directory_to_friend /home/$ADMIN_USERNAME/.ipfs ipfs
+ echo $"Backup of IPFS complete"
+ fi
}
function restore_remote_ipfs {
- if [ -d $SERVER_DIRECTORY/backup/ipfs ]; then
- echo $"Restoring IPFS"
- temp_restore_dir=/root/tempipfs
- function_check restore_directory_from_friend
- restore_directory_from_friend $temp_restore_dir ipfs
- cp -rf $temp_restore_dir/home/$ADMIN_USERNAME/.ipfs/* /home/$ADMIN_USERNAME/.ipfs
- if [ ! "$?" = "0" ]; then
- function_check set_user_permissions
- set_user_permissions
- rm -rf $temp_restore_dir
- exit 276357
- fi
- rm -rf $temp_restore_dir
- echo $"Restore of IPFS complete"
+ if [ -d $SERVER_DIRECTORY/backup/ipfs ]; then
+ echo $"Restoring IPFS"
+ temp_restore_dir=/root/tempipfs
+ function_check restore_directory_from_friend
+ restore_directory_from_friend $temp_restore_dir ipfs
+ cp -rf $temp_restore_dir/home/$ADMIN_USERNAME/.ipfs/* /home/$ADMIN_USERNAME/.ipfs
+ if [ ! "$?" = "0" ]; then
+ function_check set_user_permissions
+ set_user_permissions
+ rm -rf $temp_restore_dir
+ exit 276357
fi
+ rm -rf $temp_restore_dir
+ echo $"Restore of IPFS complete"
+ fi
}
function remove_ipfs {
- if ! grep -Fxq "install_ipfs" $COMPLETION_FILE; then
- return
- fi
- function_check select_go_version
- select_go_version
- systemctl stop ipfs
- systemctl disable ipfs
- systemctl daemon-reload
- rm /etc/systemd/system/ipfs.service
- rm -rf $GOPATH/src/github.com/ipfs
- iptables -D INPUT -p tcp --dport $IPFS_PORT -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
- sed -i '/install_ipfs/d' $COMPLETION_FILE
- sed -i '/ipfs /d' $COMPLETION_FILE
- sed -i '/configure_firewall_for_ipfs/d' $COMPLETION_FILE
+ if ! grep -Fxq "install_ipfs" $COMPLETION_FILE; then
+ return
+ fi
+ function_check select_go_version
+ select_go_version
+ systemctl stop ipfs
+ systemctl disable ipfs
+ systemctl daemon-reload
+ rm /etc/systemd/system/ipfs.service
+ rm -rf $GOPATH/src/github.com/ipfs
+ iptables -D INPUT -p tcp --dport $IPFS_PORT -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+ sed -i '/install_ipfs/d' $COMPLETION_FILE
+ sed -i '/ipfs /d' $COMPLETION_FILE
+ sed -i '/configure_firewall_for_ipfs/d' $COMPLETION_FILE
}
function configure_firewall_for_ipfs {
- if grep -Fxq "configure_firewall_for_ipfs" $COMPLETION_FILE; then
- return
- fi
- if [[ $ONION_ONLY != "no" ]]; then
- return
- fi
- iptables -A INPUT -p tcp --dport $IPFS_PORT -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
-
- OPEN_PORTS+=("IPFS $IPFS_PORT")
- echo 'configure_firewall_for_ipfs' >> $COMPLETION_FILE
+ if grep -Fxq "configure_firewall_for_ipfs" $COMPLETION_FILE; then
+ return
+ fi
+ if [[ $ONION_ONLY != "no" ]]; then
+ return
+ fi
+ iptables -A INPUT -p tcp --dport $IPFS_PORT -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+
+ OPEN_PORTS+=("IPFS $IPFS_PORT")
+ echo 'configure_firewall_for_ipfs' >> $COMPLETION_FILE
}
function install_ipfs {
- if grep -Fxq "install_ipfs" $COMPLETION_FILE; then
- return
- fi
-
- function_check select_go_version
- select_go_version
-
- apt-get -y install golang libpam0g-dev fuse
-
- if [ ! -d /home/git ]; then
- # add a gogs user account
- adduser --disabled-login --gecos 'Gogs' git
-
- # install Go
- if ! grep -q "export GOPATH=" ~/.bashrc; then
- echo "export GOPATH=$GOPATH" >> ~/.bashrc
- else
- sed -i "s|export GOPATH=.*|export GOPATH=$GOPATH|g" ~/.bashrc
- fi
- systemctl set-environment GOPATH=$GOPATH
- if ! grep -q "systemctl set-environment GOPATH=" ~/.bashrc; then
- echo "systemctl set-environment GOPATH=$GOPATH" >> ~/.bashrc
- else
- sed -i "s|systemctl set-environment GOPATH=.*|systemctl set-environment GOPATH=$GOPATH|g" ~/.bashrc
- fi
- if [ ! -d $GOPATH ]; then
- mkdir -p $GOPATH
- fi
- fi
+ if grep -Fxq "install_ipfs" $COMPLETION_FILE; then
+ return
+ fi
- IPFS_PATH=$GOPATH/bin
- export PATH="$GOPATH/bin:$PATH:"
- if ! grep -q 'GOPATH/bin' ~/.bashrc; then
- echo 'export PATH="$GOPATH/bin:$PATH:";' >> ~/.bashrc
- else
- sed -i "s|systemctl set-environment GOPATH=.*|systemctl set-environment GOPATH=$GOPATH|g" ~/.bashrc
- fi
+ function_check select_go_version
+ select_go_version
- # set gopath for the user
- if ! grep -q "GOPATH=" /home/$MY_USERNAME/.bashrc; then
- echo "export GOPATH=$GOPATH" >> /home/$MY_USERNAME/.bashrc
- echo 'export PATH="$GOPATH/bin:$PATH:";' >> /home/$MY_USERNAME/.bashrc
- else
- sed -i "s|export GOPATH=.*|export GOPATH=$GOPATH|g" /home/$MY_USERNAME/.bashrc
- fi
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.bashrc
+ apt-get -y install golang libpam0g-dev fuse
- IPFS_GO_REPO2=$(echo "$IPFS_GO_REPO" | sed 's|https://||g')
- go get -u ${IPFS_GO_REPO2}/cmd/ipfs
- if [ ! "$?" = "0" ]; then
- exit 8242
- fi
+ if [ ! -d /home/git ]; then
+ # add a gogs user account
+ adduser --disabled-login --gecos 'Gogs' git
- cd $GOPATH/src/$IPFS_GO_REPO2
- git checkout $IPFS_COMMIT -b $IPFS_COMMIT
- if ! grep -q "ipfs commit" $COMPLETION_FILE; then
- echo "ipfs commit:$IPFS_COMMIT" >> $COMPLETION_FILE
+ # install Go
+ if ! grep -q "export GOPATH=" ~/.bashrc; then
+ echo "export GOPATH=$GOPATH" >> ~/.bashrc
else
- sed -i "s/ipfs commit.*/ipfs commit:$IPFS_COMMIT/g" $COMPLETION_FILE
- fi
-
- # initialise
- su -c "$IPFS_PATH/ipfs init -b 4096" - $MY_USERNAME
- if [ ! -d /home/$MY_USERNAME/.ipfs ]; then
- echo "IPFS could not be initialised for user $MY_USERNAME"
- exit 7358
+ sed -i "s|export GOPATH=.*|export GOPATH=$GOPATH|g" ~/.bashrc
fi
-
- # directories to mount to
- if [ ! -d /ipfs ]; then
- mkdir /ipfs
- mkdir /ipns
- chown $MY_USERNAME:$MY_USERNAME /ipfs
- chown $MY_USERNAME:$MY_USERNAME /ipns
+ systemctl set-environment GOPATH=$GOPATH
+ if ! grep -q "systemctl set-environment GOPATH=" ~/.bashrc; then
+ echo "systemctl set-environment GOPATH=$GOPATH" >> ~/.bashrc
+ else
+ sed -i "s|systemctl set-environment GOPATH=.*|systemctl set-environment GOPATH=$GOPATH|g" ~/.bashrc
fi
-
- if [ -f /etc/fuse.conf ]; then
- chown $MY_USERNAME:$MY_USERNAME /etc/fuse.conf
+ if [ ! -d $GOPATH ]; then
+ mkdir -p $GOPATH
fi
- if [ -f /dev/fuse ]; then
- chown $MY_USERNAME:$MY_USERNAME /dev/fuse
+ fi
+
+ IPFS_PATH=$GOPATH/bin
+ export PATH="$GOPATH/bin:$PATH:"
+ if ! grep -q 'GOPATH/bin' ~/.bashrc; then
+ echo 'export PATH="$GOPATH/bin:$PATH:";' >> ~/.bashrc
+ else
+ sed -i "s|systemctl set-environment GOPATH=.*|systemctl set-environment GOPATH=$GOPATH|g" ~/.bashrc
+ fi
+
+ # set gopath for the user
+ if ! grep -q "GOPATH=" /home/$MY_USERNAME/.bashrc; then
+ echo "export GOPATH=$GOPATH" >> /home/$MY_USERNAME/.bashrc
+ echo 'export PATH="$GOPATH/bin:$PATH:";' >> /home/$MY_USERNAME/.bashrc
+ else
+ sed -i "s|export GOPATH=.*|export GOPATH=$GOPATH|g" /home/$MY_USERNAME/.bashrc
+ fi
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.bashrc
+
+ IPFS_GO_REPO2=$(echo "$IPFS_GO_REPO" | sed 's|https://||g')
+ go get -u ${IPFS_GO_REPO2}/cmd/ipfs
+ if [ ! "$?" = "0" ]; then
+ exit 8242
+ fi
+
+ cd $GOPATH/src/$IPFS_GO_REPO2
+ git checkout $IPFS_COMMIT -b $IPFS_COMMIT
+ if ! grep -q "ipfs commit" $COMPLETION_FILE; then
+ echo "ipfs commit:$IPFS_COMMIT" >> $COMPLETION_FILE
+ else
+ sed -i "s/ipfs commit.*/ipfs commit:$IPFS_COMMIT/g" $COMPLETION_FILE
+ fi
+
+ # initialise
+ su -c "$IPFS_PATH/ipfs init -b 4096" - $MY_USERNAME
+ if [ ! -d /home/$MY_USERNAME/.ipfs ]; then
+ echo "IPFS could not be initialised for user $MY_USERNAME"
+ exit 7358
+ fi
+
+ # directories to mount to
+ if [ ! -d /ipfs ]; then
+ mkdir /ipfs
+ mkdir /ipns
+ chown $MY_USERNAME:$MY_USERNAME /ipfs
+ chown $MY_USERNAME:$MY_USERNAME /ipns
+ fi
+
+ if [ -f /etc/fuse.conf ]; then
+ chown $MY_USERNAME:$MY_USERNAME /etc/fuse.conf
+ fi
+ if [ -f /dev/fuse ]; then
+ chown $MY_USERNAME:$MY_USERNAME /dev/fuse
+ fi
+
+ echo '[Unit]' > /etc/systemd/system/ipfs.service
+ echo 'Description=IPFS daemon' >> /etc/systemd/system/ipfs.service
+ echo 'After=syslog.target' >> /etc/systemd/system/ipfs.service
+ echo 'After=network.target' >> /etc/systemd/system/ipfs.service
+ echo '' >> /etc/systemd/system/ipfs.service
+ echo '[Service]' >> /etc/systemd/system/ipfs.service
+ echo 'Type=simple' >> /etc/systemd/system/ipfs.service
+ echo "User=$MY_USERNAME" >> /etc/systemd/system/ipfs.service
+ echo "Group=$MY_USERNAME" >> /etc/systemd/system/ipfs.service
+ echo "WorkingDirectory=/home/$MY_USERNAME" >> /etc/systemd/system/ipfs.service
+ echo "ExecStart=$IPFS_PATH/ipfs daemon --mount" >> /etc/systemd/system/ipfs.service
+ echo 'Restart=on-failure' >> /etc/systemd/system/ipfs.service
+ echo "Environment=\"USER=$MY_USERNAME\" \"HOME=/home/$MY_USERNAME\" \"GOPATH=$GOPATH\" \"GVM_ROOT=$GVM_HOME\"" >> /etc/systemd/system/ipfs.service
+ echo '' >> /etc/systemd/system/ipfs.service
+ echo '[Install]' >> /etc/systemd/system/ipfs.service
+ echo 'WantedBy=multi-user.target' >> /etc/systemd/system/ipfs.service
+
+ systemctl enable ipfs
+ systemctl daemon-reload
+ systemctl restart ipfs
+
+ if [ -d /etc/avahi ]; then
+ su -c "echo $($IPFS_PATH/ipfs id | grep '\"ID\":' | awk -F '\"' '{print $4}') > /tmp/ipfsid" - $MY_USERNAME
+ if [ ! -f /tmp/ipfsid ]; then
+ echo 'No IPFS identity was created'
+ exit 37895
fi
-
- echo '[Unit]' > /etc/systemd/system/ipfs.service
- echo 'Description=IPFS daemon' >> /etc/systemd/system/ipfs.service
- echo 'After=syslog.target' >> /etc/systemd/system/ipfs.service
- echo 'After=network.target' >> /etc/systemd/system/ipfs.service
- echo '' >> /etc/systemd/system/ipfs.service
- echo '[Service]' >> /etc/systemd/system/ipfs.service
- echo 'Type=simple' >> /etc/systemd/system/ipfs.service
- echo "User=$MY_USERNAME" >> /etc/systemd/system/ipfs.service
- echo "Group=$MY_USERNAME" >> /etc/systemd/system/ipfs.service
- echo "WorkingDirectory=/home/$MY_USERNAME" >> /etc/systemd/system/ipfs.service
- echo "ExecStart=$IPFS_PATH/ipfs daemon --mount" >> /etc/systemd/system/ipfs.service
- echo 'Restart=on-failure' >> /etc/systemd/system/ipfs.service
- echo "Environment=\"USER=$MY_USERNAME\" \"HOME=/home/$MY_USERNAME\" \"GOPATH=$GOPATH\" \"GVM_ROOT=$GVM_HOME\"" >> /etc/systemd/system/ipfs.service
- echo '' >> /etc/systemd/system/ipfs.service
- echo '[Install]' >> /etc/systemd/system/ipfs.service
- echo 'WantedBy=multi-user.target' >> /etc/systemd/system/ipfs.service
-
- systemctl enable ipfs
- systemctl daemon-reload
- systemctl restart ipfs
-
- if [ -d /etc/avahi ]; then
- su -c "echo $($IPFS_PATH/ipfs id | grep '\"ID\":' | awk -F '\"' '{print $4}') > /tmp/ipfsid" - $MY_USERNAME
- if [ ! -f /tmp/ipfsid ]; then
- echo 'No IPFS identity was created'
- exit 37895
- fi
- IPFS_PEER_ID=$(cat /tmp/ipfsid)
- if [ ${#IPFS_PEER_ID} -lt 10 ]; then
- echo 'Invalid IPFS peer ID'
- echo "$IPFS_PEER_ID"
- exit 74782
- fi
- # Add an avahi service
- function_check create_avahi_service
- create_avahi_service ipfs "ipfs" udp $IPFS_PORT "$IPFS_PEER_ID"
- rm /tmp/ipfsid
+ IPFS_PEER_ID=$(cat /tmp/ipfsid)
+ if [ ${#IPFS_PEER_ID} -lt 10 ]; then
+ echo 'Invalid IPFS peer ID'
+ echo "$IPFS_PEER_ID"
+ exit 74782
fi
+ # Add an avahi service
+ function_check create_avahi_service
+ create_avahi_service ipfs "ipfs" udp $IPFS_PORT "$IPFS_PEER_ID"
+ rm /tmp/ipfsid
+ fi
- function_check configure_firewall_for_ipfs
- configure_firewall_for_ipfs
+ function_check configure_firewall_for_ipfs
+ configure_firewall_for_ipfs
- echo 'install_ipfs' >> $COMPLETION_FILE
+ echo 'install_ipfs' >> $COMPLETION_FILE
}
diff --git a/src/freedombone-app-irc b/src/freedombone-app-irc
index 241785c08..9a783280f 100755
--- a/src/freedombone-app-irc
+++ b/src/freedombone-app-irc
@@ -45,268 +45,268 @@ function upgrade_irc {
}
function backup_local_irc {
- echo -n ''
+ echo -n ''
}
function restore_local_irc {
- echo -n ''
+ echo -n ''
}
function backup_remote_irc {
- echo -n ''
+ echo -n ''
}
function restore_remote_irc {
- echo -n ''
+ echo -n ''
}
function remove_irc {
- if ! grep -Fxq "install_irc" $COMPLETION_FILE; then
- return
- fi
- systemctl stop ngircd
- apt-get -y remove --purge ngircd
- apt-get -y remove --purge irssi
- if [ -d /etc/ngircd ]; then
- rm -rf /etc/ngircd
- fi
- iptables -D INPUT -p tcp --dport $IRC_PORT -j ACCEPT
- iptables -D INPUT -p tcp --dport 1024:65535 --sport $IRC_PORT -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
- function_check remove_onion_service
- remove_onion_service irc ${IRC_ONION_PORT}
- sed -i '/install_irc/d' $COMPLETION_FILE
- sed -i '/IRC /d' $COMPLETION_FILE
- sed -i '/configure_firewall_for_irc/d' $COMPLETION_FILE
+ if ! grep -Fxq "install_irc" $COMPLETION_FILE; then
+ return
+ fi
+ systemctl stop ngircd
+ apt-get -y remove --purge ngircd
+ apt-get -y remove --purge irssi
+ if [ -d /etc/ngircd ]; then
+ rm -rf /etc/ngircd
+ fi
+ iptables -D INPUT -p tcp --dport $IRC_PORT -j ACCEPT
+ iptables -D INPUT -p tcp --dport 1024:65535 --sport $IRC_PORT -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+ function_check remove_onion_service
+ remove_onion_service irc ${IRC_ONION_PORT}
+ sed -i '/install_irc/d' $COMPLETION_FILE
+ sed -i '/IRC /d' $COMPLETION_FILE
+ sed -i '/configure_firewall_for_irc/d' $COMPLETION_FILE
}
function configure_firewall_for_irc {
- if [ ! -d /etc/ngircd ]; then
- return
- fi
- if grep -Fxq "configure_firewall_for_irc" $COMPLETION_FILE; then
- return
- fi
- if [[ $INSTALLED_WITHIN_DOCKER == "yes" ]]; then
- # docker does its own firewalling
- return
- fi
- if [[ $ONION_ONLY != "no" ]]; then
- return
- fi
- iptables -A INPUT -p tcp --dport $IRC_PORT -j ACCEPT
- iptables -I INPUT -p tcp --dport 1024:65535 --sport $IRC_PORT -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
+ if [ ! -d /etc/ngircd ]; then
+ return
+ fi
+ if grep -Fxq "configure_firewall_for_irc" $COMPLETION_FILE; then
+ return
+ fi
+ if [[ $INSTALLED_WITHIN_DOCKER == "yes" ]]; then
+ # docker does its own firewalling
+ return
+ fi
+ if [[ $ONION_ONLY != "no" ]]; then
+ return
+ fi
+ iptables -A INPUT -p tcp --dport $IRC_PORT -j ACCEPT
+ iptables -I INPUT -p tcp --dport 1024:65535 --sport $IRC_PORT -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
- OPEN_PORTS+=("IRC $IRC_PORT")
- echo 'configure_firewall_for_irc' >> $COMPLETION_FILE
+ OPEN_PORTS+=("IRC $IRC_PORT")
+ echo 'configure_firewall_for_irc' >> $COMPLETION_FILE
}
function install_irc_server {
- if grep -Fxq "install_irc_server" $COMPLETION_FILE; then
- return
- fi
- apt-get -y install ngircd
+ if grep -Fxq "install_irc_server" $COMPLETION_FILE; then
+ return
+ fi
+ apt-get -y install ngircd
- if [ ! -d /etc/ngircd ]; then
- echo $"ERROR: ngircd does not appear to have installed. $CHECK_MESSAGE"
- exit 53
- fi
+ if [ ! -d /etc/ngircd ]; then
+ echo $"ERROR: ngircd does not appear to have installed. $CHECK_MESSAGE"
+ exit 53
+ fi
- if [ ! -f /etc/ssl/certs/ngircd.dhparam ]; then
- ${PROJECT_NAME}-addcert -h ngircd --dhkey $DH_KEYLENGTH
- function_check check_certificates
- check_certificates ngircd
- fi
+ if [ ! -f /etc/ssl/certs/ngircd.dhparam ]; then
+ ${PROJECT_NAME}-addcert -h ngircd --dhkey $DH_KEYLENGTH
+ function_check check_certificates
+ check_certificates ngircd
+ fi
- DEFAULTDOMAIN=$DEFAULT_DOMAIN_NAME
- if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
- DEFAULTDOMAIN="${DEFAULT_DOMAIN_NAME}.local"
- fi
+ DEFAULTDOMAIN=$DEFAULT_DOMAIN_NAME
+ if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
+ DEFAULTDOMAIN="${DEFAULT_DOMAIN_NAME}.local"
+ fi
- # create a login password if needed
- if [ ! $IRC_PASSWORD ]; then
- IRC_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- fi
+ # create a login password if needed
+ if [ ! $IRC_PASSWORD ]; then
+ IRC_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
+ fi
- echo '**************************************************' > /etc/ngircd/motd
- echo $'* F R E E D O M B O N E I R C *' >> /etc/ngircd/motd
- echo '* *' >> /etc/ngircd/motd
- echo $'* Freedom in the Cloud *' >> /etc/ngircd/motd
- echo '**************************************************' >> /etc/ngircd/motd
- sed -i 's|MotdFile = /etc/ngircd/ngircd.motd|MotdFile = /etc/ngircd/motd|g' /etc/ngircd/ngircd.conf
- sed -i "s/irc@irc.example.com/$MY_EMAIL_ADDRESS/g" /etc/ngircd/ngircd.conf
- sed -i "s/irc.example.net/$DEFAULTDOMAIN/g" /etc/ngircd/ngircd.conf
- sed -i "s|Yet another IRC Server running on Debian GNU/Linux|IRC Server of $DEFAULTDOMAIN|g" /etc/ngircd/ngircd.conf
- sed -i 's/;Password = wealllikedebian/Password =/g' /etc/ngircd/ngircd.conf
- sed -i 's|;CertFile = /etc/ssl/certs/server.crt|CertFile = /etc/ssl/certs/ngircd.crt|g' /etc/ngircd/ngircd.conf
- sed -i 's|;DHFile = /etc/ngircd/dhparams.pem|DHFile = /etc/ssl/certs/ngircd.dhparam|g' /etc/ngircd/ngircd.conf
- sed -i 's|;KeyFile = /etc/ssl/private/server.key|KeyFile = /etc/ssl/private/ngircd.key|g' /etc/ngircd/ngircd.conf
- sed -i "s/;Ports =.*/Ports = $IRC_PORT/1" /etc/ngircd/ngircd.conf
- sed -i "s/;Ports =.*/Ports = $IRC_PORT/2" /etc/ngircd/ngircd.conf
- sed -i "s/;Name = #ngircd/Name = #${PROJECT_NAME}/g" /etc/ngircd/ngircd.conf
- sed -i "s/;Topic = Our ngircd testing channel/Topic = ${PROJECT_NAME} chat channel/g" /etc/ngircd/ngircd.conf
- sed -i 's/;MaxUsers = 23/MaxUsers = 23/g' /etc/ngircd/ngircd.conf
- sed -i "s|;KeyFile = /etc/ngircd/#chan.key|KeyFile = /etc/ngircd/#${PROJECT_NAME}.key|g" /etc/ngircd/ngircd.conf
- sed -i "s/;CloakHost = cloaked.host/CloakHost = ${PROJECT_NAME}/g" /etc/ngircd/ngircd.conf
- IRC_SALT="$(create_password 30)"
- if [ -f $IMAGE_PASSWORD_FILE ]; then
- IRC_OPERATOR_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
- else
- IRC_OPERATOR_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- fi
- sed -i "s|;CloakHostSalt = abcdefghijklmnopqrstuvwxyz|CloakHostSalt = $IRC_SALT|g" /etc/ngircd/ngircd.conf
- sed -i 's/;ConnectIPv4 = yes/ConnectIPv4 = yes/g' /etc/ngircd/ngircd.conf
- sed -i 's/;MorePrivacy = no/MorePrivacy = yes/g' /etc/ngircd/ngircd.conf
- sed -i 's/;RequireAuthPing = no/RequireAuthPing = no/g' /etc/ngircd/ngircd.conf
- sed -i "s/;Name = TheOper/Name = $MY_USERNAME/g" /etc/ngircd/ngircd.conf
- sed -i "s/;Password = ThePwd/Password = $IRC_OPERATOR_PASSWORD/g" /etc/ngircd/ngircd.conf
- sed -i 's|;Listen =.*|Listen = 0.0.0.0,0.0.0.0:9050,127.0.0.1,127.0.0.1:9050|g' /etc/ngircd/ngircd.conf
- if [ $IRC_PASSWORD ]; then
- sed -i "0,/RE/s/Password =.*/Password =$IRC_PASSWORD/" /etc/ngircd/ngircd.conf
- fi
- # If we are on a mesh then DNS is not available
- if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
- sed -i "s/;DNS =.*/DNS = no/g" /etc/ngircd/ngircd.conf
- fi
- # upgrade a cypher
- sed -i 's|SECURE128|SECURE256|g' /etc/ngircd/ngircd.conf
- mkdir /var/run/ircd
- chown -R irc:irc /var/run/ircd
- mkdir /var/run/ngircd
- touch /var/run/ngircd/ngircd.pid
- chown -R irc:irc /var/run/ngircd
+ echo '**************************************************' > /etc/ngircd/motd
+ echo $'* F R E E D O M B O N E I R C *' >> /etc/ngircd/motd
+ echo '* *' >> /etc/ngircd/motd
+ echo $'* Freedom in the Cloud *' >> /etc/ngircd/motd
+ echo '**************************************************' >> /etc/ngircd/motd
+ sed -i 's|MotdFile = /etc/ngircd/ngircd.motd|MotdFile = /etc/ngircd/motd|g' /etc/ngircd/ngircd.conf
+ sed -i "s/irc@irc.example.com/$MY_EMAIL_ADDRESS/g" /etc/ngircd/ngircd.conf
+ sed -i "s/irc.example.net/$DEFAULTDOMAIN/g" /etc/ngircd/ngircd.conf
+ sed -i "s|Yet another IRC Server running on Debian GNU/Linux|IRC Server of $DEFAULTDOMAIN|g" /etc/ngircd/ngircd.conf
+ sed -i 's/;Password = wealllikedebian/Password =/g' /etc/ngircd/ngircd.conf
+ sed -i 's|;CertFile = /etc/ssl/certs/server.crt|CertFile = /etc/ssl/certs/ngircd.crt|g' /etc/ngircd/ngircd.conf
+ sed -i 's|;DHFile = /etc/ngircd/dhparams.pem|DHFile = /etc/ssl/certs/ngircd.dhparam|g' /etc/ngircd/ngircd.conf
+ sed -i 's|;KeyFile = /etc/ssl/private/server.key|KeyFile = /etc/ssl/private/ngircd.key|g' /etc/ngircd/ngircd.conf
+ sed -i "s/;Ports =.*/Ports = $IRC_PORT/1" /etc/ngircd/ngircd.conf
+ sed -i "s/;Ports =.*/Ports = $IRC_PORT/2" /etc/ngircd/ngircd.conf
+ sed -i "s/;Name = #ngircd/Name = #${PROJECT_NAME}/g" /etc/ngircd/ngircd.conf
+ sed -i "s/;Topic = Our ngircd testing channel/Topic = ${PROJECT_NAME} chat channel/g" /etc/ngircd/ngircd.conf
+ sed -i 's/;MaxUsers = 23/MaxUsers = 23/g' /etc/ngircd/ngircd.conf
+ sed -i "s|;KeyFile = /etc/ngircd/#chan.key|KeyFile = /etc/ngircd/#${PROJECT_NAME}.key|g" /etc/ngircd/ngircd.conf
+ sed -i "s/;CloakHost = cloaked.host/CloakHost = ${PROJECT_NAME}/g" /etc/ngircd/ngircd.conf
+ IRC_SALT="$(create_password 30)"
+ if [ -f $IMAGE_PASSWORD_FILE ]; then
+ IRC_OPERATOR_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
+ else
+ IRC_OPERATOR_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
+ fi
+ sed -i "s|;CloakHostSalt = abcdefghijklmnopqrstuvwxyz|CloakHostSalt = $IRC_SALT|g" /etc/ngircd/ngircd.conf
+ sed -i 's/;ConnectIPv4 = yes/ConnectIPv4 = yes/g' /etc/ngircd/ngircd.conf
+ sed -i 's/;MorePrivacy = no/MorePrivacy = yes/g' /etc/ngircd/ngircd.conf
+ sed -i 's/;RequireAuthPing = no/RequireAuthPing = no/g' /etc/ngircd/ngircd.conf
+ sed -i "s/;Name = TheOper/Name = $MY_USERNAME/g" /etc/ngircd/ngircd.conf
+ sed -i "s/;Password = ThePwd/Password = $IRC_OPERATOR_PASSWORD/g" /etc/ngircd/ngircd.conf
+ sed -i 's|;Listen =.*|Listen = 0.0.0.0,0.0.0.0:9050,127.0.0.1,127.0.0.1:9050|g' /etc/ngircd/ngircd.conf
+ if [ $IRC_PASSWORD ]; then
+ sed -i "0,/RE/s/Password =.*/Password =$IRC_PASSWORD/" /etc/ngircd/ngircd.conf
+ fi
+ # If we are on a mesh then DNS is not available
+ if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
+ sed -i "s/;DNS =.*/DNS = no/g" /etc/ngircd/ngircd.conf
+ fi
+ # upgrade a cypher
+ sed -i 's|SECURE128|SECURE256|g' /etc/ngircd/ngircd.conf
+ mkdir /var/run/ircd
+ chown -R irc:irc /var/run/ircd
+ mkdir /var/run/ngircd
+ touch /var/run/ngircd/ngircd.pid
+ chown -R irc:irc /var/run/ngircd
- IRC_ONION_HOSTNAME=$(add_onion_service irc ${IRC_PORT} ${IRC_ONION_PORT})
- if ! grep -q $"IRC onion domain" $COMPLETION_FILE; then
- echo "IRC onion domain:$IRC_ONION_HOSTNAME" >> $COMPLETION_FILE
- fi
+ IRC_ONION_HOSTNAME=$(add_onion_service irc ${IRC_PORT} ${IRC_ONION_PORT})
+ if ! grep -q $"IRC onion domain" $COMPLETION_FILE; then
+ echo "IRC onion domain:$IRC_ONION_HOSTNAME" >> $COMPLETION_FILE
+ fi
- systemctl restart ngircd
+ systemctl restart ngircd
- # keep the daemon running
- echo '' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
- echo '# keep irc daemon running' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
- echo 'IRC_RUNNING=$(pgrep ngircd > /dev/null && echo Running)' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
- echo 'if [ ! $IRC_RUNNING ]; then' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
- echo ' systemctl start ngircd' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
- echo ' echo -n $CURRENT_DATE >> $LOGFILE' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
- echo ' echo " IRC daemon restarted" >> $LOGFILE' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
- echo 'fi' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
+ # keep the daemon running
+ echo '' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo '# keep irc daemon running' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo 'IRC_RUNNING=$(pgrep ngircd > /dev/null && echo Running)' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo 'if [ ! $IRC_RUNNING ]; then' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo ' systemctl start ngircd' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo ' echo -n $CURRENT_DATE >> $LOGFILE' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo ' echo " IRC daemon restarted" >> $LOGFILE' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo 'fi' >> /usr/bin/$WATCHDOG_SCRIPT_NAME
- if ! grep -q $"IRC Server" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'IRC Server' >> /home/$MY_USERNAME/README
- echo '==========' >> /home/$MY_USERNAME/README
- echo $'To connect to your IRC server in irssi:' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- if [[ $ONION_ONLY != 'yes' ]]; then
- echo " irssi" >> /home/$MY_USERNAME/README
- echo " /server add -auto -ssl $DEFAULTDOMAIN $IRC_PORT" >> /home/$MY_USERNAME/README
- echo " /connect $DEFAULT_DOMAIN_NAME" >> /home/$MY_USERNAME/README
- else
- echo " usetorwith irssi" >> /home/$MY_USERNAME/README
- echo " /server add -auto $IRC_ONION_HOSTNAME $IRC_PORT" >> /home/$MY_USERNAME/README
- echo " /connect $IRC_ONION_HOSTNAME" >> /home/$MY_USERNAME/README
- fi
- echo " /join #${PROJECT_NAME}" >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
+ if ! grep -q $"IRC Server" /home/$MY_USERNAME/README; then
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'IRC Server' >> /home/$MY_USERNAME/README
+ echo '==========' >> /home/$MY_USERNAME/README
+ echo $'To connect to your IRC server in irssi:' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ if [[ $ONION_ONLY != 'yes' ]]; then
+ echo " irssi" >> /home/$MY_USERNAME/README
+ echo " /server add -auto -ssl $DEFAULTDOMAIN $IRC_PORT" >> /home/$MY_USERNAME/README
+ echo " /connect $DEFAULT_DOMAIN_NAME" >> /home/$MY_USERNAME/README
+ else
+ echo " usetorwith irssi" >> /home/$MY_USERNAME/README
+ echo " /server add -auto $IRC_ONION_HOSTNAME $IRC_PORT" >> /home/$MY_USERNAME/README
+ echo " /connect $IRC_ONION_HOSTNAME" >> /home/$MY_USERNAME/README
fi
+ echo " /join #${PROJECT_NAME}" >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
- function_check configure_firewall_for_irc
- configure_firewall_for_irc
- echo 'install_irc_server' >> $COMPLETION_FILE
+ function_check configure_firewall_for_irc
+ configure_firewall_for_irc
+ echo 'install_irc_server' >> $COMPLETION_FILE
}
function install_irc_client {
- if grep -Fxq "install_irc_client" $COMPLETION_FILE; then
- return
- fi
- apt-get -y install irssi
+ if grep -Fxq "install_irc_client" $COMPLETION_FILE; then
+ return
+ fi
+ apt-get -y install irssi
- if [ ! -d /home/$MY_USERNAME/.irssi ]; then
- mkdir /home/$MY_USERNAME/.irssi
- fi
+ if [ ! -d /home/$MY_USERNAME/.irssi ]; then
+ mkdir /home/$MY_USERNAME/.irssi
+ fi
- echo 'servers = (' > /home/$MY_USERNAME/.irssi/config
- echo ' {' >> /home/$MY_USERNAME/.irssi/config
- echo ' address = "chat.freenode.net";' >> /home/$MY_USERNAME/.irssi/config
- echo ' chatnet = "Freenode";' >> /home/$MY_USERNAME/.irssi/config
- echo ' port = "6667";' >> /home/$MY_USERNAME/.irssi/config
- echo ' autoconnect = "no";' >> /home/$MY_USERNAME/.irssi/config
- echo ' },' >> /home/$MY_USERNAME/.irssi/config
- echo ' {' >> /home/$MY_USERNAME/.irssi/config
- echo ' address = "irc.oftc.net";' >> /home/$MY_USERNAME/.irssi/config
- echo ' chatnet = "OFTC";' >> /home/$MY_USERNAME/.irssi/config
- echo ' port = "6667";' >> /home/$MY_USERNAME/.irssi/config
- echo ' autoconnect = "yes";' >> /home/$MY_USERNAME/.irssi/config
- echo ' },' >> /home/$MY_USERNAME/.irssi/config
- echo ' {' >> /home/$MY_USERNAME/.irssi/config
- echo " address = \"127.0.0.1\";" >> /home/$MY_USERNAME/.irssi/config
- if [[ $ONION_ONLY == 'no' ]]; then
- echo " port = \"${IRC_PORT}\";" >> /home/$MY_USERNAME/.irssi/config
- echo ' use_ssl = "yes";' >> /home/$MY_USERNAME/.irssi/config
- else
- IRC_ONION_HOSTNAME=$(cat $COMPLETION_FILE | grep "IRC onion domain" | awk -F ':' '{print $2}')
- echo " port = \"${IRC_ONION_PORT}\";" >> /home/$MY_USERNAME/.irssi/config
- echo ' use_ssl = "no";' >> /home/$MY_USERNAME/.irssi/config
- fi
- echo ' chatnet = "Freedombone";' >> /home/$MY_USERNAME/.irssi/config
- echo ' ssl_verify = "no";' >> /home/$MY_USERNAME/.irssi/config
- echo ' autoconnect = "yes";' >> /home/$MY_USERNAME/.irssi/config
- if [ $IRC_PASSWORD ]; then
- echo " password = \"${IRC_PASSWORD}\";" >> /home/$MY_USERNAME/.irssi/config
- fi
- echo ' }' >> /home/$MY_USERNAME/.irssi/config
- echo ');' >> /home/$MY_USERNAME/.irssi/config
- echo '' >> /home/$MY_USERNAME/.irssi/config
- echo 'chatnets = {' >> /home/$MY_USERNAME/.irssi/config
- echo ' Freedombone = {' >> /home/$MY_USERNAME/.irssi/config
- echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_msgs = "4";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' };' >> /home/$MY_USERNAME/.irssi/config
- echo ' Freenode = {' >> /home/$MY_USERNAME/.irssi/config
- echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_msgs = "4";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' };' >> /home/$MY_USERNAME/.irssi/config
- echo ' OFTC = {' >> /home/$MY_USERNAME/.irssi/config
- echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_msgs = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
- echo ' };' >> /home/$MY_USERNAME/.irssi/config
- echo '};' >> /home/$MY_USERNAME/.irssi/config
- echo '' >> /home/$MY_USERNAME/.irssi/config
- echo 'channels = (' >> /home/$MY_USERNAME/.irssi/config
- echo ' { name = "#freedombone"; chatnet = "Freedombone"; autojoin = "Yes"; },' >> /home/$MY_USERNAME/.irssi/config
- echo ');' >> /home/$MY_USERNAME/.irssi/config
- echo '' >> /home/$MY_USERNAME/.irssi/config
- echo 'settings = {' >> /home/$MY_USERNAME/.irssi/config
- echo " core = { real_name = \"$MY_NAME\"; user_name = \"$MY_USERNAME\"; nick = \"$MY_USERNAME\"; };" >> /home/$MY_USERNAME/.irssi/config
- echo ' "fe-text" = { actlist_sort = "refnum"; };' >> /home/$MY_USERNAME/.irssi/config
- echo '};' >> /home/$MY_USERNAME/.irssi/config
- echo 'ignores = ( { level = "CTCPS"; } );' >> /home/$MY_USERNAME/.irssi/config
+ echo 'servers = (' > /home/$MY_USERNAME/.irssi/config
+ echo ' {' >> /home/$MY_USERNAME/.irssi/config
+ echo ' address = "chat.freenode.net";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' chatnet = "Freenode";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' port = "6667";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' autoconnect = "no";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' },' >> /home/$MY_USERNAME/.irssi/config
+ echo ' {' >> /home/$MY_USERNAME/.irssi/config
+ echo ' address = "irc.oftc.net";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' chatnet = "OFTC";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' port = "6667";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' autoconnect = "yes";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' },' >> /home/$MY_USERNAME/.irssi/config
+ echo ' {' >> /home/$MY_USERNAME/.irssi/config
+ echo " address = \"127.0.0.1\";" >> /home/$MY_USERNAME/.irssi/config
+ if [[ $ONION_ONLY == 'no' ]]; then
+ echo " port = \"${IRC_PORT}\";" >> /home/$MY_USERNAME/.irssi/config
+ echo ' use_ssl = "yes";' >> /home/$MY_USERNAME/.irssi/config
+ else
+ IRC_ONION_HOSTNAME=$(cat $COMPLETION_FILE | grep "IRC onion domain" | awk -F ':' '{print $2}')
+ echo " port = \"${IRC_ONION_PORT}\";" >> /home/$MY_USERNAME/.irssi/config
+ echo ' use_ssl = "no";' >> /home/$MY_USERNAME/.irssi/config
+ fi
+ echo ' chatnet = "Freedombone";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' ssl_verify = "no";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' autoconnect = "yes";' >> /home/$MY_USERNAME/.irssi/config
+ if [ $IRC_PASSWORD ]; then
+ echo " password = \"${IRC_PASSWORD}\";" >> /home/$MY_USERNAME/.irssi/config
+ fi
+ echo ' }' >> /home/$MY_USERNAME/.irssi/config
+ echo ');' >> /home/$MY_USERNAME/.irssi/config
+ echo '' >> /home/$MY_USERNAME/.irssi/config
+ echo 'chatnets = {' >> /home/$MY_USERNAME/.irssi/config
+ echo ' Freedombone = {' >> /home/$MY_USERNAME/.irssi/config
+ echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_msgs = "4";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' };' >> /home/$MY_USERNAME/.irssi/config
+ echo ' Freenode = {' >> /home/$MY_USERNAME/.irssi/config
+ echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_msgs = "4";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' };' >> /home/$MY_USERNAME/.irssi/config
+ echo ' OFTC = {' >> /home/$MY_USERNAME/.irssi/config
+ echo ' type = "IRC";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_kicks = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_msgs = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' max_whois = "1";' >> /home/$MY_USERNAME/.irssi/config
+ echo ' };' >> /home/$MY_USERNAME/.irssi/config
+ echo '};' >> /home/$MY_USERNAME/.irssi/config
+ echo '' >> /home/$MY_USERNAME/.irssi/config
+ echo 'channels = (' >> /home/$MY_USERNAME/.irssi/config
+ echo ' { name = "#freedombone"; chatnet = "Freedombone"; autojoin = "Yes"; },' >> /home/$MY_USERNAME/.irssi/config
+ echo ');' >> /home/$MY_USERNAME/.irssi/config
+ echo '' >> /home/$MY_USERNAME/.irssi/config
+ echo 'settings = {' >> /home/$MY_USERNAME/.irssi/config
+ echo " core = { real_name = \"$MY_NAME\"; user_name = \"$MY_USERNAME\"; nick = \"$MY_USERNAME\"; };" >> /home/$MY_USERNAME/.irssi/config
+ echo ' "fe-text" = { actlist_sort = "refnum"; };' >> /home/$MY_USERNAME/.irssi/config
+ echo '};' >> /home/$MY_USERNAME/.irssi/config
+ echo 'ignores = ( { level = "CTCPS"; } );' >> /home/$MY_USERNAME/.irssi/config
- chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.irssi
+ chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.irssi
- echo 'install_irc_client' >> $COMPLETION_FILE
+ echo 'install_irc_client' >> $COMPLETION_FILE
}
function install_irc {
- if grep -Fxq "install_irc" $COMPLETION_FILE; then
- return
- fi
- install_irc_server
- install_irc_client
- echo 'install_irc' >> $COMPLETION_FILE
+ if grep -Fxq "install_irc" $COMPLETION_FILE; then
+ return
+ fi
+ install_irc_server
+ install_irc_client
+ echo 'install_irc' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-mediagoblin b/src/freedombone-app-mediagoblin
index d023faca8..28d7ac72c 100755
--- a/src/freedombone-app-mediagoblin
+++ b/src/freedombone-app-mediagoblin
@@ -38,311 +38,242 @@ MEDIAGOBLIN_ADMIN_PASSWORD=
MEDIAGOBLIN_ONION_PORT=8096
function reconfigure_mediagoblin {
- echo -n ''
+ echo -n ''
}
function upgrade_mediagoblin {
- echo -n ''
+ echo -n ''
}
function backup_local_mediagoblin {
- echo -n ''
+ echo -n ''
}
function restore_local_mediagoblin {
- echo -n ''
+ echo -n ''
}
function backup_remote_mediagoblin {
- if grep -q "Mediagoblin domain" $COMPLETION_FILE; then
- MEDIAGOBLIN_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Mediagoblin domain" | awk -F ':' '{print $2}')
- function_check suspend_site
- suspend_site ${MEDIAGOBLIN_DOMAIN_NAME}
+ if grep -q "Mediagoblin domain" $COMPLETION_FILE; then
+ MEDIAGOBLIN_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Mediagoblin domain" | awk -F ':' '{print $2}')
+ function_check suspend_site
+ suspend_site ${MEDIAGOBLIN_DOMAIN_NAME}
- echo $"Backing up Mediagoblin"
+ echo $"Backing up Mediagoblin"
- backup_directory_to_friend /var/www/$MEDIAGOBLIN_DOMAIN_NAME/htdocs mediagoblin
+ backup_directory_to_friend /var/www/$MEDIAGOBLIN_DOMAIN_NAME/htdocs mediagoblin
- function_check restart_site
- restart_site
+ function_check restart_site
+ restart_site
- echo $"Backup of Mediagoblin complete"
- fi
+ echo $"Backup of Mediagoblin complete"
+ fi
}
function restore_remote_mediagoblin {
- if grep -q "Mediagoblin domain" $COMPLETION_FILE; then
- MEDIAGOBLIN_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Mediagoblin domain" | awk -F ':' '{print $2}')
- if [ -d $SERVER_DIRECTORY/backup/mediagoblin ]; then
- echo $"Restoring Mediagoblin installation"
- temp_restore_dir=/root/tempmediagoblin
- function_check restore_directory_from_friend
- restore_directory_from_friend $temp_restore_dir mediagoblin
- cp -r $temp_restore_dir/* /
- if [ ! "$?" = "0" ]; then
- exit 5626
- fi
- rm -rf $temp_restore_dir
- echo $"Restore of Mediagoblin complete"
- fi
- chown -hR mediagoblin:www-data /var/www/$MEDIAGOBLIN_DOMAIN_NAME/htdocs
+ if grep -q "Mediagoblin domain" $COMPLETION_FILE; then
+ MEDIAGOBLIN_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Mediagoblin domain" | awk -F ':' '{print $2}')
+ if [ -d $SERVER_DIRECTORY/backup/mediagoblin ]; then
+ echo $"Restoring Mediagoblin installation"
+ temp_restore_dir=/root/tempmediagoblin
+ function_check restore_directory_from_friend
+ restore_directory_from_friend $temp_restore_dir mediagoblin
+ cp -r $temp_restore_dir/* /
+ if [ ! "$?" = "0" ]; then
+ exit 5626
+ fi
+ rm -rf $temp_restore_dir
+ echo $"Restore of Mediagoblin complete"
fi
+ chown -hR mediagoblin:www-data /var/www/$MEDIAGOBLIN_DOMAIN_NAME/htdocs
+ fi
}
function remove_mediagoblin {
- echo -n ''
+ echo -n ''
}
function install_mediagoblin {
- if [ ! $MEDIAGOBLIN_DOMAIN_NAME ]; then
- return
- fi
-
- MEDIAGOBLIN_WORKING_DIRECTORY=/var/www/$MEDIAGOBLIN_DOMAIN_NAME/htdocs
-
- # update to a new commit if needed
- function_check set_repo_commit
- set_repo_commit $MEDIAGOBLIN_WORKING_DIRECTORY "Mediagoblin commit" "$MEDIAGOBLIN_COMMIT" $MEDIAGOBLIN_REPO
- if [ -d $MEDIAGOBLIN_WORKING_DIRECTORY ]; then
- chown -hR mediagoblin:www-data $MEDIAGOBLIN_WORKING_DIRECTORY
- fi
-
- if grep -Fxq "install_mediagoblin" $COMPLETION_FILE; then
- return
- fi
-
- apt-get -y install git-core python python-dev python-lxml python-pil
- apt-get -y install python-virtualenv npm nodejs-legacy automake
- apt-get -y install fcgiwrap
-
- #apt-get -y install postgresql postgresql-client python-psycopg2
- #apt-get -y install python-gst-1.0 libjpeg62-turbo-dev gstreamer1.0-plugins-base python-gobject
- #apt-get -y install gstreamer1.0-plugins-good gstreamer1.0-libav libav-tools gstreamer0.10-tools
- #apt-get -y install python-numpy python-scipy libsndfile1-dev python-gst0.10-dev
- #apt-get -y install gstreamer0.10-plugins-base gstreamer0.10-plugins-good gstreamer1.0-tools
- #su -c "createuser -A -D mediagoblin" - postgres
- #su -c "createdb -E UNICODE -O mediagoblin mediagoblin" - postgres
-
- useradd -c "GNU MediaGoblin system account" -d /var/lib/mediagoblin -m -r -g www-data mediagoblin
- groupadd mediagoblin
- usermod --append -G mediagoblin mediagoblin
-
- if [ ! -d $MEDIAGOBLIN_WORKING_DIRECTORY ]; then
- mkdir -p $MEDIAGOBLIN_WORKING_DIRECTORY
- fi
-
- function_check git_clone
- git_clone $MEDIAGOBLIN_REPO $MEDIAGOBLIN_WORKING_DIRECTORY
- cd $MEDIAGOBLIN_WORKING_DIRECTORY
- git checkout $MEDIAGOBLIN_COMMIT -b $MEDIAGOBLIN_COMMIT
- git submodule init
- git submodule update
-
- if ! grep -q "Mediagoblin commit" $COMPLETION_FILE; then
- echo "Mediagoblin commit:$MEDIAGOBLIN_COMMIT" >> $COMPLETION_FILE
- else
- sed -i "s/Mediagoblin commit.*/Mediagoblin commit:$MEDIAGOBLIN_COMMIT/g" $COMPLETION_FILE
- fi
-
- chown -hR mediagoblin:www-data $MEDIAGOBLIN_WORKING_DIRECTORY
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bootstrap.sh" - mediagoblin
- if [ ! "$?" = "0" ]; then
- exit 278826
- fi
-
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./configure" - mediagoblin
- if [ ! "$?" = "0" ]; then
- exit 462826
- fi
+ if [ ! $MEDIAGOBLIN_DOMAIN_NAME ]; then
+ return
+ fi
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && make" - mediagoblin
- if [ ! "$?" = "0" ]; then
- exit 738229
- fi
-
- if [ ! -d $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev ]; then
- mkdir $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev
- fi
- chmod 750 $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install flup==1.0.3.dev-20110405" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade billiard" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade Paste" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade amqp" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade anyjson" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade py-bcrypt" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade wtforms" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade python-dateutil" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade alembic" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade waitress" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade imagesize" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade alabaster" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade snowballstemmer" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade docutils" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade Pygments" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade beautifulsoup4" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade WebOb" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade py" - mediagoblin
- su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade execnet" - mediagoblin
-
- # create some directories
- mkdir /var/log/mediagoblin
- chown -hR mediagoblin:www-data /var/log/mediagoblin
- mkdir /var/run/mediagoblin
- chown -hR mediagoblin:www-data /var/run/mediagoblin
-
- if [ ! -f $MEDIAGOBLIN_WORKING_DIRECTORY/mediagoblin.ini ]; then
- echo $'mediagoblin.ini not found'
- exit 737529
- fi
- if [ ! -f $MEDIAGOBLIN_WORKING_DIRECTORY/paste.ini ]; then
- echo $'paste.ini not found'
- exit 52762
- fi
-
- cp -av mediagoblin.ini mediagoblin_local.ini
- cp -av paste.ini paste_local.ini
+ MEDIAGOBLIN_WORKING_DIRECTORY=/var/www/$MEDIAGOBLIN_DOMAIN_NAME/htdocs
+ # update to a new commit if needed
+ function_check set_repo_commit
+ set_repo_commit $MEDIAGOBLIN_WORKING_DIRECTORY "Mediagoblin commit" "$MEDIAGOBLIN_COMMIT" $MEDIAGOBLIN_REPO
+ if [ -d $MEDIAGOBLIN_WORKING_DIRECTORY ]; then
chown -hR mediagoblin:www-data $MEDIAGOBLIN_WORKING_DIRECTORY
-
- # init with systemd
- echo '[Unit]' > /etc/systemd/system/mediagoblin-celeryd.service
- echo 'Description=Mediagoblin Celeryd' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo 'After=syslog.target' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo 'After=network.target' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo '' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo '[Service]' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo 'User=mediagoblin' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo 'Group=mediagoblin' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo 'Type=simple' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo "WorkingDirectory=$MEDIAGOBLIN_WORKING_DIRECTORY" >> /etc/systemd/system/mediagoblin-celeryd.service
- echo "Environment=MEDIAGOBLIN_CONFIG=$MEDIAGOBLIN_WORKING_DIRECTORY/mediagoblin_local.ini \\" >> /etc/systemd/system/mediagoblin-celeryd.service
- echo ' CELERY_CONFIG_MODULE=mediagoblin.init.celery.from_celery' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo "ExecStart=$MEDIAGOBLIN_WORKING_DIRECTORY/bin/celery worker \\" >> /etc/systemd/system/mediagoblin-celeryd.service
- echo ' --logfile=/var/log/mediagoblin/celery.log \' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo ' --loglevel=INFO' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo 'PIDFile=/var/run/mediagoblin/mediagoblin-celeryd.pid' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo '' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo '[Install]' >> /etc/systemd/system/mediagoblin-celeryd.service
- echo 'WantedBy=multi-user.target' >> /etc/systemd/system/mediagoblin-celeryd.service
-
- echo '[Unit]' > /etc/systemd/system/mediagoblin-paster.service
- echo 'Description=Mediagoblin' >> /etc/systemd/system/mediagoblin-paster.service
- echo 'After=syslog.target' >> /etc/systemd/system/mediagoblin-paster.service
- echo 'After=network.target' >> /etc/systemd/system/mediagoblin-paster.service
- echo '' >> /etc/systemd/system/mediagoblin-paster.service
- echo '[Service]' >> /etc/systemd/system/mediagoblin-paster.service
- echo 'Type=forking' >> /etc/systemd/system/mediagoblin-paster.service
- echo 'User=mediagoblin' >> /etc/systemd/system/mediagoblin-paster.service
- echo 'Group=mediagoblin' >> /etc/systemd/system/mediagoblin-paster.service
- echo 'Environment=CELERY_ALWAYS_EAGER=false' >> /etc/systemd/system/mediagoblin-paster.service
- echo "WorkingDirectory=$MEDIAGOBLIN_WORKING_DIRECTORY" >> /etc/systemd/system/mediagoblin-paster.service
- echo "ExecStart=$MEDIAGOBLIN_WORKING_DIRECTORY/bin/paster serve \\" >> /etc/systemd/system/mediagoblin-paster.service
- echo " $MEDIAGOBLIN_WORKING_DIRECTORY/paste_local.ini \\" >> /etc/systemd/system/mediagoblin-paster.service
- echo ' --pid-file=/var/run/mediagoblin/mediagoblin.pid \' >> /etc/systemd/system/mediagoblin-paster.service
- echo ' --log-file=/var/log/mediagoblin/mediagoblin.log \' >> /etc/systemd/system/mediagoblin-paster.service
- echo ' --daemon \' >> /etc/systemd/system/mediagoblin-paster.service
- echo ' --server-name=fcgi fcgi_host=127.0.0.1 fcgi_port=26543' >> /etc/systemd/system/mediagoblin-paster.service
- echo "ExecStop=$MEDIAGOBLIN_WORKING_DIRECTORY/bin/paster serve \\" >> /etc/systemd/system/mediagoblin-paster.service
- echo ' --pid-file=/var/run/mediagoblin/mediagoblin.pid \' >> /etc/systemd/system/mediagoblin-paster.service
- echo " $MEDIAGOBLIN_WORKING_DIRECTORY/paste_local.ini stop" >> /etc/systemd/system/mediagoblin-paster.service
- echo 'PIDFile=/var/run/mediagoblin/mediagoblin.pid' >> /etc/systemd/system/mediagoblin-paster.service
- echo '' >> /etc/systemd/system/mediagoblin-paster.service
- echo '[Install]' >> /etc/systemd/system/mediagoblin-paster.service
- echo 'WantedBy=multi-user.target' >> /etc/systemd/system/mediagoblin-paster.service
- systemctl daemon-reload
- systemctl enable mediagoblin-celeryd
- systemctl enable mediagoblin-paster
- systemctl daemon-reload
- systemctl start mediagoblin-celeryd
- systemctl start mediagoblin-paster
-
- MEDIAGOBLIN_ONION_HOSTNAME=$(add_onion_service mediagoblin 80 ${MEDIAGOBLIN_ONION_PORT})
- if ! grep -q "Mediagoblin onion domain" $COMPLETION_FILE; then
- echo "Mediagoblin onion domain:${MEDIAGOBLIN_ONION_HOSTNAME}" >> $COMPLETION_FILE
- else
- sed -i "s|Mediagoblin onion domain.*|Mediagoblin onion domain:${MEDIAGOBLIN_ONION_HOSTNAME}|g" $COMPLETION_FILE
- fi
- if [[ $MEDIAGOBLIN_ONION_HOSTNAME == *"not found"* ]]; then
- echo $'Problem creating onion address for mediagoblin'
- exit 672652
- fi
-
- # web config
- MEDIAGOBLIN_VIRTUAL_HOST=/etc/nginx/sites-available/$MEDIAGOBLIN_DOMAIN_NAME
- function_check nginx_http_redirect
- nginx_http_redirect $MEDIAGOBLIN_DOMAIN_NAME
- if [[ $ONION_ONLY == 'no' ]]; then
- echo 'server {' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' listen 443 ssl;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' #################################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Stock useful config options, but ignore them :)' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' #################################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' include /etc/nginx/mime.types;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' autoindex off;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' default_type application/octet-stream;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' sendfile on;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- function_check nginx_limits
- nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m'
- function_check nginx_ssl
- nginx_ssl $MEDIAGOBLIN_DOMAIN_NAME
- function_check nginx_disable_sniffing
- nginx_disable_sniffing $MEDIAGOBLIN_DOMAIN_NAME
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Gzip' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' gzip on;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' gzip_min_length 1024;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' gzip_buffers 4 32k;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' gzip_types text/plain application/x-javascript text/javascript text/xml text/css;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' #####################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Mounting MediaGoblin stuff' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # This is the section you should read' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' #####################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo " server_name $MEDIAGOBLIN_DOMAIN_NAME;" >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' access_log /var/log/nginx/mediagoblin.log;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' error_log /var/log/nginx/mediagoblin.error.log;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # MediaGoblins stock static files: CSS, JS, etc.' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' location /mgoblin_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/mediagoblin/static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Instance specific media:' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' location /mgoblin_media/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/media/public/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Theme static files (usually symlinked in)' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' location /theme_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/theme_static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Plugin static files (usually symlinked in)' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' location /plugin_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/plugin_static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # Mounting MediaGoblin itself via FastCGI.' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' location / {' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' fastcgi_pass 127.0.0.1:26543;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' include /etc/nginx/fastcgi_params;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # our understanding vs nginxs handling of script_name vs' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' # path_info dont match :)' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' fastcgi_param PATH_INFO $fastcgi_script_name;' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' fastcgi_param SCRIPT_NAME "";' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '}' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- else
- echo -n '' > $MEDIAGOBLIN_VIRTUAL_HOST
- fi
-
+ fi
+
+ if grep -Fxq "install_mediagoblin" $COMPLETION_FILE; then
+ return
+ fi
+
+ apt-get -y install git-core python python-dev python-lxml python-pil
+ apt-get -y install python-virtualenv npm nodejs-legacy automake
+ apt-get -y install fcgiwrap
+
+ #apt-get -y install postgresql postgresql-client python-psycopg2
+ #apt-get -y install python-gst-1.0 libjpeg62-turbo-dev gstreamer1.0-plugins-base python-gobject
+ #apt-get -y install gstreamer1.0-plugins-good gstreamer1.0-libav libav-tools gstreamer0.10-tools
+ #apt-get -y install python-numpy python-scipy libsndfile1-dev python-gst0.10-dev
+ #apt-get -y install gstreamer0.10-plugins-base gstreamer0.10-plugins-good gstreamer1.0-tools
+ #su -c "createuser -A -D mediagoblin" - postgres
+ #su -c "createdb -E UNICODE -O mediagoblin mediagoblin" - postgres
+
+ useradd -c "GNU MediaGoblin system account" -d /var/lib/mediagoblin -m -r -g www-data mediagoblin
+ groupadd mediagoblin
+ usermod --append -G mediagoblin mediagoblin
+
+ if [ ! -d $MEDIAGOBLIN_WORKING_DIRECTORY ]; then
+ mkdir -p $MEDIAGOBLIN_WORKING_DIRECTORY
+ fi
+
+ function_check git_clone
+ git_clone $MEDIAGOBLIN_REPO $MEDIAGOBLIN_WORKING_DIRECTORY
+ cd $MEDIAGOBLIN_WORKING_DIRECTORY
+ git checkout $MEDIAGOBLIN_COMMIT -b $MEDIAGOBLIN_COMMIT
+ git submodule init
+ git submodule update
+
+ if ! grep -q "Mediagoblin commit" $COMPLETION_FILE; then
+ echo "Mediagoblin commit:$MEDIAGOBLIN_COMMIT" >> $COMPLETION_FILE
+ else
+ sed -i "s/Mediagoblin commit.*/Mediagoblin commit:$MEDIAGOBLIN_COMMIT/g" $COMPLETION_FILE
+ fi
+
+ chown -hR mediagoblin:www-data $MEDIAGOBLIN_WORKING_DIRECTORY
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bootstrap.sh" - mediagoblin
+ if [ ! "$?" = "0" ]; then
+ exit 278826
+ fi
+
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./configure" - mediagoblin
+ if [ ! "$?" = "0" ]; then
+ exit 462826
+ fi
+
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && make" - mediagoblin
+ if [ ! "$?" = "0" ]; then
+ exit 738229
+ fi
+
+ if [ ! -d $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev ]; then
+ mkdir $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev
+ fi
+ chmod 750 $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install flup==1.0.3.dev-20110405" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade billiard" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade Paste" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade amqp" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade anyjson" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade py-bcrypt" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade wtforms" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade python-dateutil" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade alembic" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade waitress" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade imagesize" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade alabaster" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade snowballstemmer" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade docutils" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade Pygments" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade beautifulsoup4" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade WebOb" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade py" - mediagoblin
+ su -c "cd $MEDIAGOBLIN_WORKING_DIRECTORY && ./bin/easy_install --upgrade execnet" - mediagoblin
+
+ # create some directories
+ mkdir /var/log/mediagoblin
+ chown -hR mediagoblin:www-data /var/log/mediagoblin
+ mkdir /var/run/mediagoblin
+ chown -hR mediagoblin:www-data /var/run/mediagoblin
+
+ if [ ! -f $MEDIAGOBLIN_WORKING_DIRECTORY/mediagoblin.ini ]; then
+ echo $'mediagoblin.ini not found'
+ exit 737529
+ fi
+ if [ ! -f $MEDIAGOBLIN_WORKING_DIRECTORY/paste.ini ]; then
+ echo $'paste.ini not found'
+ exit 52762
+ fi
+
+ cp -av mediagoblin.ini mediagoblin_local.ini
+ cp -av paste.ini paste_local.ini
+
+ chown -hR mediagoblin:www-data $MEDIAGOBLIN_WORKING_DIRECTORY
+
+ # init with systemd
+ echo '[Unit]' > /etc/systemd/system/mediagoblin-celeryd.service
+ echo 'Description=Mediagoblin Celeryd' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo 'After=syslog.target' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo 'After=network.target' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo '' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo '[Service]' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo 'User=mediagoblin' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo 'Group=mediagoblin' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo 'Type=simple' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo "WorkingDirectory=$MEDIAGOBLIN_WORKING_DIRECTORY" >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo "Environment=MEDIAGOBLIN_CONFIG=$MEDIAGOBLIN_WORKING_DIRECTORY/mediagoblin_local.ini \\" >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo ' CELERY_CONFIG_MODULE=mediagoblin.init.celery.from_celery' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo "ExecStart=$MEDIAGOBLIN_WORKING_DIRECTORY/bin/celery worker \\" >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo ' --logfile=/var/log/mediagoblin/celery.log \' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo ' --loglevel=INFO' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo 'PIDFile=/var/run/mediagoblin/mediagoblin-celeryd.pid' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo '' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo '[Install]' >> /etc/systemd/system/mediagoblin-celeryd.service
+ echo 'WantedBy=multi-user.target' >> /etc/systemd/system/mediagoblin-celeryd.service
+
+ echo '[Unit]' > /etc/systemd/system/mediagoblin-paster.service
+ echo 'Description=Mediagoblin' >> /etc/systemd/system/mediagoblin-paster.service
+ echo 'After=syslog.target' >> /etc/systemd/system/mediagoblin-paster.service
+ echo 'After=network.target' >> /etc/systemd/system/mediagoblin-paster.service
+ echo '' >> /etc/systemd/system/mediagoblin-paster.service
+ echo '[Service]' >> /etc/systemd/system/mediagoblin-paster.service
+ echo 'Type=forking' >> /etc/systemd/system/mediagoblin-paster.service
+ echo 'User=mediagoblin' >> /etc/systemd/system/mediagoblin-paster.service
+ echo 'Group=mediagoblin' >> /etc/systemd/system/mediagoblin-paster.service
+ echo 'Environment=CELERY_ALWAYS_EAGER=false' >> /etc/systemd/system/mediagoblin-paster.service
+ echo "WorkingDirectory=$MEDIAGOBLIN_WORKING_DIRECTORY" >> /etc/systemd/system/mediagoblin-paster.service
+ echo "ExecStart=$MEDIAGOBLIN_WORKING_DIRECTORY/bin/paster serve \\" >> /etc/systemd/system/mediagoblin-paster.service
+ echo " $MEDIAGOBLIN_WORKING_DIRECTORY/paste_local.ini \\" >> /etc/systemd/system/mediagoblin-paster.service
+ echo ' --pid-file=/var/run/mediagoblin/mediagoblin.pid \' >> /etc/systemd/system/mediagoblin-paster.service
+ echo ' --log-file=/var/log/mediagoblin/mediagoblin.log \' >> /etc/systemd/system/mediagoblin-paster.service
+ echo ' --daemon \' >> /etc/systemd/system/mediagoblin-paster.service
+ echo ' --server-name=fcgi fcgi_host=127.0.0.1 fcgi_port=26543' >> /etc/systemd/system/mediagoblin-paster.service
+ echo "ExecStop=$MEDIAGOBLIN_WORKING_DIRECTORY/bin/paster serve \\" >> /etc/systemd/system/mediagoblin-paster.service
+ echo ' --pid-file=/var/run/mediagoblin/mediagoblin.pid \' >> /etc/systemd/system/mediagoblin-paster.service
+ echo " $MEDIAGOBLIN_WORKING_DIRECTORY/paste_local.ini stop" >> /etc/systemd/system/mediagoblin-paster.service
+ echo 'PIDFile=/var/run/mediagoblin/mediagoblin.pid' >> /etc/systemd/system/mediagoblin-paster.service
+ echo '' >> /etc/systemd/system/mediagoblin-paster.service
+ echo '[Install]' >> /etc/systemd/system/mediagoblin-paster.service
+ echo 'WantedBy=multi-user.target' >> /etc/systemd/system/mediagoblin-paster.service
+ systemctl daemon-reload
+ systemctl enable mediagoblin-celeryd
+ systemctl enable mediagoblin-paster
+ systemctl daemon-reload
+ systemctl start mediagoblin-celeryd
+ systemctl start mediagoblin-paster
+
+ MEDIAGOBLIN_ONION_HOSTNAME=$(add_onion_service mediagoblin 80 ${MEDIAGOBLIN_ONION_PORT})
+ if ! grep -q "Mediagoblin onion domain" $COMPLETION_FILE; then
+ echo "Mediagoblin onion domain:${MEDIAGOBLIN_ONION_HOSTNAME}" >> $COMPLETION_FILE
+ else
+ sed -i "s|Mediagoblin onion domain.*|Mediagoblin onion domain:${MEDIAGOBLIN_ONION_HOSTNAME}|g" $COMPLETION_FILE
+ fi
+ if [[ $MEDIAGOBLIN_ONION_HOSTNAME == *"not found"* ]]; then
+ echo $'Problem creating onion address for mediagoblin'
+ exit 672652
+ fi
+
+ # web config
+ MEDIAGOBLIN_VIRTUAL_HOST=/etc/nginx/sites-available/$MEDIAGOBLIN_DOMAIN_NAME
+ function_check nginx_http_redirect
+ nginx_http_redirect $MEDIAGOBLIN_DOMAIN_NAME
+ if [[ $ONION_ONLY == 'no' ]]; then
echo 'server {' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo " listen 127.0.0.1:${MEDIAGOBLIN_ONION_PORT} default_server;" >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' listen 443 ssl;' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' #################################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' # Stock useful config options, but ignore them :)' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' #################################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
@@ -354,6 +285,8 @@ function install_mediagoblin {
echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
function_check nginx_limits
nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m'
+ function_check nginx_ssl
+ nginx_ssl $MEDIAGOBLIN_DOMAIN_NAME
function_check nginx_disable_sniffing
nginx_disable_sniffing $MEDIAGOBLIN_DOMAIN_NAME
echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
@@ -368,7 +301,7 @@ function install_mediagoblin {
echo ' # This is the section you should read' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' #####################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- echo " server_name $MEDIAGOBLIN_ONION_HOSTNAME;" >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo " server_name $MEDIAGOBLIN_DOMAIN_NAME;" >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' access_log /var/log/nginx/mediagoblin.log;' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' error_log /var/log/nginx/mediagoblin.error.log;' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
@@ -403,23 +336,90 @@ function install_mediagoblin {
echo ' fastcgi_param SCRIPT_NAME "";' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo '}' >> $MEDIAGOBLIN_VIRTUAL_HOST
-
- function_check create_site_certificate
- create_site_certificate $MEDIAGOBLIN_DOMAIN_NAME
-
- nginx_ensite $MEDIAGOBLIN_DOMAIN_NAME
- systemctl restart php5-fpm
- systemctl restart nginx
-
- add_ddns_domain $MEDIAGOBLIN_DOMAIN_NAME
-
- if ! grep -q "Mediagoblin domain" $COMPLETION_FILE; then
- echo "Mediagoblin domain:$MEDIAGOBLIN_DOMAIN_NAME" >> $COMPLETION_FILE
- else
- sed -i "s/Mediagoblin domain.*/Mediagoblin domain:$MEDIAGOBLIN_DOMAIN_NAME/g" $COMPLETION_FILE
- fi
-
- echo 'install_mediagoblin' >> $COMPLETION_FILE
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ else
+ echo -n '' > $MEDIAGOBLIN_VIRTUAL_HOST
+ fi
+
+ echo 'server {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo " listen 127.0.0.1:${MEDIAGOBLIN_ONION_PORT} default_server;" >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' #################################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Stock useful config options, but ignore them :)' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' #################################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' include /etc/nginx/mime.types;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' autoindex off;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' default_type application/octet-stream;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' sendfile on;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ function_check nginx_limits
+ nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m'
+ function_check nginx_disable_sniffing
+ nginx_disable_sniffing $MEDIAGOBLIN_DOMAIN_NAME
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Gzip' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' gzip on;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' gzip_min_length 1024;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' gzip_buffers 4 32k;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' gzip_types text/plain application/x-javascript text/javascript text/xml text/css;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' #####################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Mounting MediaGoblin stuff' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # This is the section you should read' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' #####################################' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo " server_name $MEDIAGOBLIN_ONION_HOSTNAME;" >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' access_log /var/log/nginx/mediagoblin.log;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' error_log /var/log/nginx/mediagoblin.error.log;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # MediaGoblins stock static files: CSS, JS, etc.' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' location /mgoblin_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/mediagoblin/static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Instance specific media:' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' location /mgoblin_media/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/media/public/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Theme static files (usually symlinked in)' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' location /theme_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/theme_static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Plugin static files (usually symlinked in)' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' location /plugin_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/plugin_static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # Mounting MediaGoblin itself via FastCGI.' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' location / {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' fastcgi_pass 127.0.0.1:26543;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' include /etc/nginx/fastcgi_params;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # our understanding vs nginxs handling of script_name vs' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' # path_info dont match :)' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' fastcgi_param PATH_INFO $fastcgi_script_name;' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' fastcgi_param SCRIPT_NAME "";' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ echo '}' >> $MEDIAGOBLIN_VIRTUAL_HOST
+
+ function_check create_site_certificate
+ create_site_certificate $MEDIAGOBLIN_DOMAIN_NAME
+
+ nginx_ensite $MEDIAGOBLIN_DOMAIN_NAME
+ systemctl restart php5-fpm
+ systemctl restart nginx
+
+ add_ddns_domain $MEDIAGOBLIN_DOMAIN_NAME
+
+ if ! grep -q "Mediagoblin domain" $COMPLETION_FILE; then
+ echo "Mediagoblin domain:$MEDIAGOBLIN_DOMAIN_NAME" >> $COMPLETION_FILE
+ else
+ sed -i "s/Mediagoblin domain.*/Mediagoblin domain:$MEDIAGOBLIN_DOMAIN_NAME/g" $COMPLETION_FILE
+ fi
+
+ echo 'install_mediagoblin' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-rss b/src/freedombone-app-rss
index a8c7090fd..1488d2eb3 100755
--- a/src/freedombone-app-rss
+++ b/src/freedombone-app-rss
@@ -43,508 +43,508 @@ RSS_READER_GNUSOCIAL_REPO="https://github.com/bashrc/ttrss-gnusocial"
RSS_READER_GNUSOCIAL_COMMIT='8b92b8f5db7b0d12459c7bd86a50f48815efe642'
function reconfigure_rss {
- echo -n ''
+ echo -n ''
}
function upgrade_rss {
- if grep -Fxq "install_rss" $COMPLETION_FILE; then
- function_check set_repo_commit
- set_repo_commit $RSS_READER_PATH "RSS reader commit" "$RSS_READER_COMMIT" $RSS_READER_REPO
+ if grep -Fxq "install_rss" $COMPLETION_FILE; then
+ function_check set_repo_commit
+ set_repo_commit $RSS_READER_PATH "RSS reader commit" "$RSS_READER_COMMIT" $RSS_READER_REPO
+ fi
+
+ if grep -Fxq "install_rss_mobile_reader" $COMPLETION_FILE; then
+ if [ ! $RSS_READER_PATH ]; then
+ RSS_READER_PATH=/etc/share/tt-rss
fi
- if grep -Fxq "install_rss_mobile_reader" $COMPLETION_FILE; then
- if [ ! $RSS_READER_PATH ]; then
- RSS_READER_PATH=/etc/share/tt-rss
- fi
-
- if [ ! -d $RSS_READER_PATH ]; then
- echo $'tt-rss is not installed, so the mobile version cannot be installed'
- exit 63452
- fi
-
- RSS_MOBILE_READER_PATH=/etc/share/ttrss-mobile
-
- # remove any previous install
- if [ -d $RSS_READER_PATH/g2ttree-mobile ]; then
- if grep -Fxq "install_rss_mobile_reader" $COMPLETION_FILE; then
- sed -i '/install_rss_mobile_reader/d' $COMPLETION_FILE
- sed -i '/RSS mobile reader commit/d' $COMPLETION_FILE
- rm -rf $RSS_READER_PATH/g2ttree-mobile
- fi
- fi
-
- # update to the next commit
- function_check set_repo_commit
- set_repo_commit $RSS_MOBILE_READER_PATH "RSS mobile reader commit" "$RSS_MOBILE_READER_COMMIT" $RSS_MOBILE_READER_REPO
+ if [ ! -d $RSS_READER_PATH ]; then
+ echo $'tt-rss is not installed, so the mobile version cannot be installed'
+ exit 63452
+ fi
+
+ RSS_MOBILE_READER_PATH=/etc/share/ttrss-mobile
+
+ # remove any previous install
+ if [ -d $RSS_READER_PATH/g2ttree-mobile ]; then
+ if grep -Fxq "install_rss_mobile_reader" $COMPLETION_FILE; then
+ sed -i '/install_rss_mobile_reader/d' $COMPLETION_FILE
+ sed -i '/RSS mobile reader commit/d' $COMPLETION_FILE
+ rm -rf $RSS_READER_PATH/g2ttree-mobile
+ fi
fi
+
+ # update to the next commit
+ function_check set_repo_commit
+ set_repo_commit $RSS_MOBILE_READER_PATH "RSS mobile reader commit" "$RSS_MOBILE_READER_COMMIT" $RSS_MOBILE_READER_REPO
+ fi
}
function backup_local_rss {
- RSS_READER_DOMAIN_NAME='ttrss'
- if grep -q "RSS reader domain" $COMPLETION_FILE; then
- RSS_READER_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "RSS reader domain" | awk -F ':' '{print $2}')
- fi
+ RSS_READER_DOMAIN_NAME='ttrss'
+ if grep -q "RSS reader domain" $COMPLETION_FILE; then
+ RSS_READER_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "RSS reader domain" | awk -F ':' '{print $2}')
+ fi
- if grep -q "RSS reader domain" $COMPLETION_FILE; then
- if [ -d /etc/share/tt-rss ]; then
- RSS_READER_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "RSS reader domain" | awk -F ':' '{print $2}')
+ if grep -q "RSS reader domain" $COMPLETION_FILE; then
+ if [ -d /etc/share/tt-rss ]; then
+ RSS_READER_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "RSS reader domain" | awk -F ':' '{print $2}')
- echo $"Backing up ttrss"
+ echo $"Backing up ttrss"
- function_check backup_database_to_usb
- backup_database_to_usb ttrss
+ function_check backup_database_to_usb
+ backup_database_to_usb ttrss
- backup_directory_to_usb /etc/share/tt-rss ttrss
+ backup_directory_to_usb /etc/share/tt-rss ttrss
- echo $"ttrss backup complete"
- fi
+ echo $"ttrss backup complete"
fi
+ fi
}
function restore_local_rss {
- if ! grep -q "RSS reader domain" $COMPLETION_FILE; then
- return
- fi
- RSS_READER_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "RSS reader domain" | awk -F ':' '{print $2}')
- if [ $RSS_READER_DOMAIN_NAME ]; then
- echo $"Restoring ttrss"
- temp_restore_dir=/root/tempttrss
- restore_database ttrss ${RSS_READER_DOMAIN_NAME}
- if [ -d $USB_MOUNT/backup/ttrss ]; then
- chown -R www-data:www-data /etc/share/tt-rss
- if [ -d $temp_restore_dir ]; then
- rm -rf $temp_restore_dir
- fi
- fi
- echo $"Restore of ttrss complete"
- fi
+ if ! grep -q "RSS reader domain" $COMPLETION_FILE; then
+ return
+ fi
+ RSS_READER_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "RSS reader domain" | awk -F ':' '{print $2}')
+ if [ $RSS_READER_DOMAIN_NAME ]; then
+ echo $"Restoring ttrss"
+ temp_restore_dir=/root/tempttrss
+ restore_database ttrss ${RSS_READER_DOMAIN_NAME}
+ if [ -d $USB_MOUNT/backup/ttrss ]; then
+ chown -R www-data:www-data /etc/share/tt-rss
+ if [ -d $temp_restore_dir ]; then
+ rm -rf $temp_restore_dir
+ fi
+ fi
+ echo $"Restore of ttrss complete"
+ fi
}
function backup_remote_rss {
- if grep -q "RSS reader domain" $COMPLETION_FILE; then
- RSS_READER_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "RSS reader domain" | awk -F ':' '{print $2}')
- if [ -d /etc/share/tt-rss ]; then
- function_check suspend_site
- suspend_site ${RSS_READER_DOMAIN_NAME}
+ if grep -q "RSS reader domain" $COMPLETION_FILE; then
+ RSS_READER_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "RSS reader domain" | awk -F ':' '{print $2}')
+ if [ -d /etc/share/tt-rss ]; then
+ function_check suspend_site
+ suspend_site ${RSS_READER_DOMAIN_NAME}
- function_check backup_database_to_friend
- backup_database_to_friend ttrss
+ function_check backup_database_to_friend
+ backup_database_to_friend ttrss
- echo $"Backing up RSS reader installation"
+ echo $"Backing up RSS reader installation"
- function_check backup_directory_to_friend
- backup_directory_to_friend /etc/share/tt-rss ttrss
+ function_check backup_directory_to_friend
+ backup_directory_to_friend /etc/share/tt-rss ttrss
- function_check restart_site
- restart_site
- else
- echo $"RSS reader domain specified but not found in /etc/share/ttrss}"
- fi
+ function_check restart_site
+ restart_site
+ else
+ echo $"RSS reader domain specified but not found in /etc/share/ttrss}"
fi
+ fi
}
function restore_remote_rss {
- if grep -q "RSS reader domain" $COMPLETION_FILE; then
- echo $"Restoring ttrss"
- RSS_READER_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "RSS reader domain" | awk -F ':' '{print $2}')
- function_check restore_database_from_friend
- restore_database_from_friend ttrss ${RSS_READER_DOMAIN_NAME}
- if [ -d $SERVER_DIRECTORY/backup/ttrss ]; then
- chown -R www-data:www-data /etc/share/tt-rss
- fi
- if [ -d /root/tempttrss ]; then
- rm -rf /root/tempttrss
- fi
- echo $"Restore of ttrss complete"
+ if grep -q "RSS reader domain" $COMPLETION_FILE; then
+ echo $"Restoring ttrss"
+ RSS_READER_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "RSS reader domain" | awk -F ':' '{print $2}')
+ function_check restore_database_from_friend
+ restore_database_from_friend ttrss ${RSS_READER_DOMAIN_NAME}
+ if [ -d $SERVER_DIRECTORY/backup/ttrss ]; then
+ chown -R www-data:www-data /etc/share/tt-rss
fi
+ if [ -d /root/tempttrss ]; then
+ rm -rf /root/tempttrss
+ fi
+ echo $"Restore of ttrss complete"
+ fi
}
function remove_rss {
- if ! grep -Fxq "install_rss" $COMPLETION_FILE; then
- return
- fi
- nginx_dissite $RSS_READER_DOMAIN_NAME
- function_check remove_onion_service
- remove_onion_service ttrss ${RSS_READER_ONION_PORT} ${RSS_MOBILE_READER_ONION_PORT}
- if [ -f /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME ]; then
- rm /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- fi
- if [ -d $RSS_READER_PATH ]; then
- rm -rf $RSS_READER_PATH
- fi
- function_check drop_database
- drop_database ttrss
- sed -i '/install_rss/d' $COMPLETION_FILE
- sed -i '/RSS /d' $COMPLETION_FILE
+ if ! grep -Fxq "install_rss" $COMPLETION_FILE; then
+ return
+ fi
+ nginx_dissite $RSS_READER_DOMAIN_NAME
+ function_check remove_onion_service
+ remove_onion_service ttrss ${RSS_READER_ONION_PORT} ${RSS_MOBILE_READER_ONION_PORT}
+ if [ -f /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME ]; then
+ rm /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ fi
+ if [ -d $RSS_READER_PATH ]; then
+ rm -rf $RSS_READER_PATH
+ fi
+ function_check drop_database
+ drop_database ttrss
+ sed -i '/install_rss/d' $COMPLETION_FILE
+ sed -i '/RSS /d' $COMPLETION_FILE
}
function rss_modifications {
- # modify the rss reader to use a socks5 proxy rather than a http proxy
- if [ ! -d $RSS_READER_PATH ]; then
- return
- fi
-
- # ensure that socks5 proxy is used
- if ! grep -q "CURLOPT_PROXYTYPE" $RSS_READER_PATH/plugins/af_unburn/init.php; then
- sed -i '/curl_setopt($ch, CURLOPT_PROXY, _CURL_HTTP_PROXY);/a \\t\t\t\t\tcurl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);' $RSS_READER_PATH/plugins/af_unburn/init.php
- fi
- if ! grep -q "CURLOPT_PROXYTYPE" $RSS_READER_PATH/include/functions.php; then
- sed -i '/curl_setopt($ch, CURLOPT_PROXY, _CURL_HTTP_PROXY);/a \\t\t\t\tcurl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);' $RSS_READER_PATH/include/functions.php
- fi
- chown -R www-data:www-data $RSS_READER_PATH
- chmod a+x $RSS_READER_PATH
+ # modify the rss reader to use a socks5 proxy rather than a http proxy
+ if [ ! -d $RSS_READER_PATH ]; then
+ return
+ fi
+
+ # ensure that socks5 proxy is used
+ if ! grep -q "CURLOPT_PROXYTYPE" $RSS_READER_PATH/plugins/af_unburn/init.php; then
+ sed -i '/curl_setopt($ch, CURLOPT_PROXY, _CURL_HTTP_PROXY);/a \\t\t\t\t\tcurl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);' $RSS_READER_PATH/plugins/af_unburn/init.php
+ fi
+ if ! grep -q "CURLOPT_PROXYTYPE" $RSS_READER_PATH/include/functions.php; then
+ sed -i '/curl_setopt($ch, CURLOPT_PROXY, _CURL_HTTP_PROXY);/a \\t\t\t\tcurl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);' $RSS_READER_PATH/include/functions.php
+ fi
+ chown -R www-data:www-data $RSS_READER_PATH
+ chmod a+x $RSS_READER_PATH
}
function install_rss_main {
- if grep -Fxq "install_rss_main" $COMPLETION_FILE; then
- return
- fi
-
- apt-get -y install php-gettext php5-curl php5-gd php5-mysql git curl php-xml-parser
-
- if [ ! -d /etc/share ]; then
- mkdir /etc/share
- fi
- cd /etc/share
- function_check git_clone
- git_clone $RSS_READER_REPO tt-rss
- if [ ! -d $RSS_READER_PATH ]; then
- echo $'Could not clone RSS reader repo'
- exit 52925
- fi
- cd $RSS_READER_PATH
- git checkout $RSS_READER_COMMIT -b $RSS_READER_COMMIT
- if ! grep -q "RSS reader commit" $COMPLETION_FILE; then
- echo "RSS reader commit:$RSS_READER_COMMIT" >> $COMPLETION_FILE
- fi
-
- function_check install_mariadb
- install_mariadb
-
- function_check get_mariadb_password
- get_mariadb_password
-
- function_check repair_databases_script
- repair_databases_script
-
- function_check get_mariadb_rss_admin_password
- get_mariadb_rss_admin_password
- if [ ! $RSS_READER_ADMIN_PASSWORD ]; then
- if [ -f $IMAGE_PASSWORD_FILE ]; then
- RSS_READER_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
- else
- RSS_READER_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- fi
- fi
-
- function_check create_database
- create_database ttrss "$RSS_READER_ADMIN_PASSWORD" $MY_USERNAME
-
- RSS_READER_ONION_HOSTNAME=$(add_onion_service ttrss 80 ${RSS_READER_ONION_PORT})
- RSS_MOBILE_READER_ONION_HOSTNAME=$(add_onion_service ttrss 80 ${RSS_MOBILE_READER_ONION_PORT})
-
- echo 'server {' > /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo " listen 127.0.0.1:$RSS_MOBILE_READER_ONION_PORT;" >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo " server_name $RSS_MOBILE_READER_ONION_HOSTNAME;" >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' access_log off;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' error_log off;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' root /etc/share/ttrss-mobile;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' index index.html index.php;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' location ~ \.php {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' include snippets/fastcgi-php.conf;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' location / {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' try_files $uri $uri/ @ttrss;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' location /tt-rss {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' try_files $uri $uri/ @ttrss_base;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' location @ttrss {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' rewrite ^(.*)$ /index.html?p=$1 last;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' location @ttrss_base {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' rewrite ^(.*)$ /index.php?p=$1 last;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' location ~ /\.(git) {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' add_header X-Frame-Options DENY;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' client_max_body_size 15m;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '}' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo 'server {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo " listen 127.0.0.1:$RSS_READER_ONION_PORT default_server;" >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo " server_name $RSS_READER_ONION_HOSTNAME;" >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' access_log off;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' error_log off;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' root /etc/share/tt-rss;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' index index.php;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' location ~ \.php {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' include snippets/fastcgi-php.conf;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' set $mobile_rewrite do_not_perform;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' ## chi http_user_agent for mobile / smart phones ##' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' if ($http_user_agent ~* "(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows (ce|phone)|xda|xiino") {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' set $mobile_rewrite perform;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' if ($http_user_agent ~* "^(1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-)") {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' set $mobile_rewrite perform;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' if ($mobile_rewrite = perform) {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo " rewrite ^/(.*) http://$RSS_MOBILE_READER_ONION_HOSTNAME permanent;" >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' break;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' location ~ \.php {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' include snippets/fastcgi-php.conf;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' location / {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' try_files $uri $uri/ @ttrss;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' location @ttrss {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' rewrite ^(.*)$ /index.php?p=$1 last;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' location ~ /\.(git) {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' add_header X-Frame-Options DENY;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo ' client_max_body_size 15m;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
- echo '}' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
-
- if [ ! -f $RSS_READER_PATH/config.php ]; then
- # generate a config file
- RSS_FEED_CRYPT_KEY="$(create_password 24)"
- echo '<?php' > $RSS_READER_PATH/config.php
- echo " define ('_CURL_HTTP_PROXY', '127.0.0.1:9050');" >> $RSS_READER_PATH/config.php
- echo " define('DB_TYPE', 'mysql');" >> $RSS_READER_PATH/config.php
- echo " define('DB_HOST', 'localhost');" >> $RSS_READER_PATH/config.php
- echo " define('DB_USER', 'root');" >> $RSS_READER_PATH/config.php
- echo " define('DB_NAME', 'ttrss');" >> $RSS_READER_PATH/config.php
- echo " define('DB_PASS', '${MARIADB_PASSWORD}');" >> $RSS_READER_PATH/config.php
- echo " define('DB_PORT', '3306');" >> $RSS_READER_PATH/config.php
- echo " define('MYSQL_CHARSET', 'UTF8');" >> $RSS_READER_PATH/config.php
- echo " define('SELF_URL_PATH', 'http://${RSS_READER_ONION_HOSTNAME}/');" >> $RSS_READER_PATH/config.php
- echo " define('FEED_CRYPT_KEY', '${RSS_FEED_CRYPT_KEY}');" >> $RSS_READER_PATH/config.php
- echo " define('SINGLE_USER_MODE', false);" >> $RSS_READER_PATH/config.php
- echo " define('SIMPLE_UPDATE_MODE', false);" >> $RSS_READER_PATH/config.php
- echo " define('PHP_EXECUTABLE', '/usr/bin/php');" >> $RSS_READER_PATH/config.php
- echo " define('LOCK_DIRECTORY', 'lock');" >> $RSS_READER_PATH/config.php
- echo " define('CACHE_DIR', 'cache');" >> $RSS_READER_PATH/config.php
- echo " define('ICONS_DIR', \"feed-icons\");" >> $RSS_READER_PATH/config.php
- echo " define('ICONS_URL', \"feed-icons\");" >> $RSS_READER_PATH/config.php
- echo " define('AUTH_AUTO_CREATE', true);" >> $RSS_READER_PATH/config.php
- echo " define('AUTH_AUTO_LOGIN', true);" >> $RSS_READER_PATH/config.php
- echo " define('FORCE_ARTICLE_PURGE', 0);" >> $RSS_READER_PATH/config.php
- echo " define('PUBSUBHUBBUB_HUB', '');" >> $RSS_READER_PATH/config.php
- echo " define('PUBSUBHUBBUB_ENABLED', false);" >> $RSS_READER_PATH/config.php
- echo " define('SPHINX_SERVER', 'localhost:9312');" >> $RSS_READER_PATH/config.php
- echo " define('SPHINX_INDEX', 'ttrss, delta');" >> $RSS_READER_PATH/config.php
- echo " define('ENABLE_REGISTRATION', false);" >> $RSS_READER_PATH/config.php
- echo " define('REG_NOTIFY_ADDRESS', '${MY_EMAIL_ADDRESS}');" >> $RSS_READER_PATH/config.php
- echo " define('REG_MAX_USERS', 10);" >> $RSS_READER_PATH/config.php
- echo " define('SESSION_COOKIE_LIFETIME', 86400);" >> $RSS_READER_PATH/config.php
- echo " define('SMTP_FROM_NAME', 'Tiny Tiny RSS');" >> $RSS_READER_PATH/config.php
- echo " define('SMTP_FROM_ADDRESS', 'noreply@${RSS_READER_ONION_HOSTNAME}');" >> $RSS_READER_PATH/config.php
- echo " define('DIGEST_SUBJECT', '[tt-rss] New headlines for last 24 hours');" >> $RSS_READER_PATH/config.php
- echo " define('SMTP_SERVER', '');" >> $RSS_READER_PATH/config.php
- echo " define('SMTP_LOGIN', '');" >> $RSS_READER_PATH/config.php
- echo " define('SMTP_PASSWORD', '');" >> $RSS_READER_PATH/config.php
- echo " define('SMTP_SECURE', '');" >> $RSS_READER_PATH/config.php
- echo " define('CHECK_FOR_UPDATES', false);" >> $RSS_READER_PATH/config.php
- echo " define('ENABLE_GZIP_OUTPUT', false);" >> $RSS_READER_PATH/config.php
- echo " define('PLUGINS', 'auth_internal, note, gnusocial');" >> $RSS_READER_PATH/config.php
- echo " define('LOG_DESTINATION', 'sql');" >> $RSS_READER_PATH/config.php
- echo " define('CONFIG_VERSION', 26);" >> $RSS_READER_PATH/config.php
- fi
-
- # initialize the database
- if [ ! -f $RSS_READER_PATH/schema/ttrss_schema_mysql.sql ]; then
- echo $'No database schema found for rss reader'
- exit 52926
- fi
- initialise_database ttrss $RSS_READER_PATH/schema/ttrss_schema_mysql.sql
-
- # change the password from the default
- RSS_READER_ADMIN_PASSWORD_HASH=$(echo -n "${RSS_READER_ADMIN_PASSWORD}" | sha1sum | awk -F ' ' '{print $1}')
-
- function_check run_query
- run_query ttrss "update ttrss_users set pwd_hash = 'SHA1:${RSS_READER_ADMIN_PASSWORD_HASH}', salt= '' WHERE login = 'admin';"
-
- function_check rss_modifications
- rss_modifications
-
- function_check configure_php
- configure_php
-
- nginx_ensite $RSS_READER_DOMAIN_NAME
- systemctl restart php5-fpm
- systemctl restart nginx
-
- if ! grep -q "RSS reader onion domain" $COMPLETION_FILE; then
- echo "RSS reader onion domain:${RSS_READER_ONION_HOSTNAME}" >> $COMPLETION_FILE
- fi
- if ! grep -q "RSS reader domain" $COMPLETION_FILE; then
- echo "RSS reader domain:${RSS_READER_DOMAIN_NAME}" >> $COMPLETION_FILE
- fi
-
- # daemon to update feeds
- echo '[Unit]' > /etc/systemd/system/ttrss.service
- echo 'Description=ttrss_backend' >> /etc/systemd/system/ttrss.service
- echo 'After=network.target mysql.service' >> /etc/systemd/system/ttrss.service
- echo 'After=tor.service' >> /etc/systemd/system/ttrss.service
- echo '' >> /etc/systemd/system/ttrss.service
- echo '[Service]' >> /etc/systemd/system/ttrss.service
- echo 'User=www-data' >> /etc/systemd/system/ttrss.service
- echo "ExecStart=/usr/bin/php $RSS_READER_PATH/update.php --daemon" >> /etc/systemd/system/ttrss.service
- echo '' >> /etc/systemd/system/ttrss.service
- echo '[Install]' >> /etc/systemd/system/ttrss.service
- echo 'WantedBy=multi-user.target' >> /etc/systemd/system/ttrss.service
- systemctl enable ttrss
- systemctl daemon-reload
- systemctl start ttrss
-
- # some post-install instructions for the user
- if ! grep -q $"RSS Reader" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'RSS Reader' >> /home/$MY_USERNAME/README
- echo '==========' >> /home/$MY_USERNAME/README
- echo $"RSS reader domain: ${RSS_READER_DOMAIN_NAME}" >> /home/$MY_USERNAME/README
- echo $"RSS reader onion domain: ${RSS_READER_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
- echo $"RSS reader admin username: admin" >> /home/$MY_USERNAME/README
- echo $"RSS reader admin password: ${RSS_READER_ADMIN_PASSWORD}" >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
- fi
-
- echo 'install_rss_main' >> $COMPLETION_FILE
+ if grep -Fxq "install_rss_main" $COMPLETION_FILE; then
+ return
+ fi
+
+ apt-get -y install php-gettext php5-curl php5-gd php5-mysql git curl php-xml-parser
+
+ if [ ! -d /etc/share ]; then
+ mkdir /etc/share
+ fi
+ cd /etc/share
+ function_check git_clone
+ git_clone $RSS_READER_REPO tt-rss
+ if [ ! -d $RSS_READER_PATH ]; then
+ echo $'Could not clone RSS reader repo'
+ exit 52925
+ fi
+ cd $RSS_READER_PATH
+ git checkout $RSS_READER_COMMIT -b $RSS_READER_COMMIT
+ if ! grep -q "RSS reader commit" $COMPLETION_FILE; then
+ echo "RSS reader commit:$RSS_READER_COMMIT" >> $COMPLETION_FILE
+ fi
+
+ function_check install_mariadb
+ install_mariadb
+
+ function_check get_mariadb_password
+ get_mariadb_password
+
+ function_check repair_databases_script
+ repair_databases_script
+
+ function_check get_mariadb_rss_admin_password
+ get_mariadb_rss_admin_password
+ if [ ! $RSS_READER_ADMIN_PASSWORD ]; then
+ if [ -f $IMAGE_PASSWORD_FILE ]; then
+ RSS_READER_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
+ else
+ RSS_READER_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
+ fi
+ fi
+
+ function_check create_database
+ create_database ttrss "$RSS_READER_ADMIN_PASSWORD" $MY_USERNAME
+
+ RSS_READER_ONION_HOSTNAME=$(add_onion_service ttrss 80 ${RSS_READER_ONION_PORT})
+ RSS_MOBILE_READER_ONION_HOSTNAME=$(add_onion_service ttrss 80 ${RSS_MOBILE_READER_ONION_PORT})
+
+ echo 'server {' > /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo " listen 127.0.0.1:$RSS_MOBILE_READER_ONION_PORT;" >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo " server_name $RSS_MOBILE_READER_ONION_HOSTNAME;" >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' access_log off;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' error_log off;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' root /etc/share/ttrss-mobile;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' index index.html index.php;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' location ~ \.php {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' include snippets/fastcgi-php.conf;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' location / {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' try_files $uri $uri/ @ttrss;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' location /tt-rss {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' try_files $uri $uri/ @ttrss_base;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' location @ttrss {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' rewrite ^(.*)$ /index.html?p=$1 last;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' location @ttrss_base {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' rewrite ^(.*)$ /index.php?p=$1 last;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' location ~ /\.(git) {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' add_header X-Frame-Options DENY;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' client_max_body_size 15m;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '}' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo 'server {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo " listen 127.0.0.1:$RSS_READER_ONION_PORT default_server;" >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo " server_name $RSS_READER_ONION_HOSTNAME;" >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' access_log off;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' error_log off;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' root /etc/share/tt-rss;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' index index.php;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' location ~ \.php {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' include snippets/fastcgi-php.conf;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' set $mobile_rewrite do_not_perform;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' ## chi http_user_agent for mobile / smart phones ##' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' if ($http_user_agent ~* "(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows (ce|phone)|xda|xiino") {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' set $mobile_rewrite perform;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' if ($http_user_agent ~* "^(1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-)") {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' set $mobile_rewrite perform;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' if ($mobile_rewrite = perform) {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo " rewrite ^/(.*) http://$RSS_MOBILE_READER_ONION_HOSTNAME permanent;" >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' break;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' location ~ \.php {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' include snippets/fastcgi-php.conf;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' location / {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' try_files $uri $uri/ @ttrss;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' location @ttrss {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' rewrite ^(.*)$ /index.php?p=$1 last;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' location ~ /\.(git) {' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' add_header X-Frame-Options DENY;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo ' client_max_body_size 15m;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+ echo '}' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
+
+ if [ ! -f $RSS_READER_PATH/config.php ]; then
+ # generate a config file
+ RSS_FEED_CRYPT_KEY="$(create_password 24)"
+ echo '<?php' > $RSS_READER_PATH/config.php
+ echo " define ('_CURL_HTTP_PROXY', '127.0.0.1:9050');" >> $RSS_READER_PATH/config.php
+ echo " define('DB_TYPE', 'mysql');" >> $RSS_READER_PATH/config.php
+ echo " define('DB_HOST', 'localhost');" >> $RSS_READER_PATH/config.php
+ echo " define('DB_USER', 'root');" >> $RSS_READER_PATH/config.php
+ echo " define('DB_NAME', 'ttrss');" >> $RSS_READER_PATH/config.php
+ echo " define('DB_PASS', '${MARIADB_PASSWORD}');" >> $RSS_READER_PATH/config.php
+ echo " define('DB_PORT', '3306');" >> $RSS_READER_PATH/config.php
+ echo " define('MYSQL_CHARSET', 'UTF8');" >> $RSS_READER_PATH/config.php
+ echo " define('SELF_URL_PATH', 'http://${RSS_READER_ONION_HOSTNAME}/');" >> $RSS_READER_PATH/config.php
+ echo " define('FEED_CRYPT_KEY', '${RSS_FEED_CRYPT_KEY}');" >> $RSS_READER_PATH/config.php
+ echo " define('SINGLE_USER_MODE', false);" >> $RSS_READER_PATH/config.php
+ echo " define('SIMPLE_UPDATE_MODE', false);" >> $RSS_READER_PATH/config.php
+ echo " define('PHP_EXECUTABLE', '/usr/bin/php');" >> $RSS_READER_PATH/config.php
+ echo " define('LOCK_DIRECTORY', 'lock');" >> $RSS_READER_PATH/config.php
+ echo " define('CACHE_DIR', 'cache');" >> $RSS_READER_PATH/config.php
+ echo " define('ICONS_DIR', \"feed-icons\");" >> $RSS_READER_PATH/config.php
+ echo " define('ICONS_URL', \"feed-icons\");" >> $RSS_READER_PATH/config.php
+ echo " define('AUTH_AUTO_CREATE', true);" >> $RSS_READER_PATH/config.php
+ echo " define('AUTH_AUTO_LOGIN', true);" >> $RSS_READER_PATH/config.php
+ echo " define('FORCE_ARTICLE_PURGE', 0);" >> $RSS_READER_PATH/config.php
+ echo " define('PUBSUBHUBBUB_HUB', '');" >> $RSS_READER_PATH/config.php
+ echo " define('PUBSUBHUBBUB_ENABLED', false);" >> $RSS_READER_PATH/config.php
+ echo " define('SPHINX_SERVER', 'localhost:9312');" >> $RSS_READER_PATH/config.php
+ echo " define('SPHINX_INDEX', 'ttrss, delta');" >> $RSS_READER_PATH/config.php
+ echo " define('ENABLE_REGISTRATION', false);" >> $RSS_READER_PATH/config.php
+ echo " define('REG_NOTIFY_ADDRESS', '${MY_EMAIL_ADDRESS}');" >> $RSS_READER_PATH/config.php
+ echo " define('REG_MAX_USERS', 10);" >> $RSS_READER_PATH/config.php
+ echo " define('SESSION_COOKIE_LIFETIME', 86400);" >> $RSS_READER_PATH/config.php
+ echo " define('SMTP_FROM_NAME', 'Tiny Tiny RSS');" >> $RSS_READER_PATH/config.php
+ echo " define('SMTP_FROM_ADDRESS', 'noreply@${RSS_READER_ONION_HOSTNAME}');" >> $RSS_READER_PATH/config.php
+ echo " define('DIGEST_SUBJECT', '[tt-rss] New headlines for last 24 hours');" >> $RSS_READER_PATH/config.php
+ echo " define('SMTP_SERVER', '');" >> $RSS_READER_PATH/config.php
+ echo " define('SMTP_LOGIN', '');" >> $RSS_READER_PATH/config.php
+ echo " define('SMTP_PASSWORD', '');" >> $RSS_READER_PATH/config.php
+ echo " define('SMTP_SECURE', '');" >> $RSS_READER_PATH/config.php
+ echo " define('CHECK_FOR_UPDATES', false);" >> $RSS_READER_PATH/config.php
+ echo " define('ENABLE_GZIP_OUTPUT', false);" >> $RSS_READER_PATH/config.php
+ echo " define('PLUGINS', 'auth_internal, note, gnusocial');" >> $RSS_READER_PATH/config.php
+ echo " define('LOG_DESTINATION', 'sql');" >> $RSS_READER_PATH/config.php
+ echo " define('CONFIG_VERSION', 26);" >> $RSS_READER_PATH/config.php
+ fi
+
+ # initialize the database
+ if [ ! -f $RSS_READER_PATH/schema/ttrss_schema_mysql.sql ]; then
+ echo $'No database schema found for rss reader'
+ exit 52926
+ fi
+ initialise_database ttrss $RSS_READER_PATH/schema/ttrss_schema_mysql.sql
+
+ # change the password from the default
+ RSS_READER_ADMIN_PASSWORD_HASH=$(echo -n "${RSS_READER_ADMIN_PASSWORD}" | sha1sum | awk -F ' ' '{print $1}')
+
+ function_check run_query
+ run_query ttrss "update ttrss_users set pwd_hash = 'SHA1:${RSS_READER_ADMIN_PASSWORD_HASH}', salt= '' WHERE login = 'admin';"
+
+ function_check rss_modifications
+ rss_modifications
+
+ function_check configure_php
+ configure_php
+
+ nginx_ensite $RSS_READER_DOMAIN_NAME
+ systemctl restart php5-fpm
+ systemctl restart nginx
+
+ if ! grep -q "RSS reader onion domain" $COMPLETION_FILE; then
+ echo "RSS reader onion domain:${RSS_READER_ONION_HOSTNAME}" >> $COMPLETION_FILE
+ fi
+ if ! grep -q "RSS reader domain" $COMPLETION_FILE; then
+ echo "RSS reader domain:${RSS_READER_DOMAIN_NAME}" >> $COMPLETION_FILE
+ fi
+
+ # daemon to update feeds
+ echo '[Unit]' > /etc/systemd/system/ttrss.service
+ echo 'Description=ttrss_backend' >> /etc/systemd/system/ttrss.service
+ echo 'After=network.target mysql.service' >> /etc/systemd/system/ttrss.service
+ echo 'After=tor.service' >> /etc/systemd/system/ttrss.service
+ echo '' >> /etc/systemd/system/ttrss.service
+ echo '[Service]' >> /etc/systemd/system/ttrss.service
+ echo 'User=www-data' >> /etc/systemd/system/ttrss.service
+ echo "ExecStart=/usr/bin/php $RSS_READER_PATH/update.php --daemon" >> /etc/systemd/system/ttrss.service
+ echo '' >> /etc/systemd/system/ttrss.service
+ echo '[Install]' >> /etc/systemd/system/ttrss.service
+ echo 'WantedBy=multi-user.target' >> /etc/systemd/system/ttrss.service
+ systemctl enable ttrss
+ systemctl daemon-reload
+ systemctl start ttrss
+
+ # some post-install instructions for the user
+ if ! grep -q $"RSS Reader" /home/$MY_USERNAME/README; then
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'RSS Reader' >> /home/$MY_USERNAME/README
+ echo '==========' >> /home/$MY_USERNAME/README
+ echo $"RSS reader domain: ${RSS_READER_DOMAIN_NAME}" >> /home/$MY_USERNAME/README
+ echo $"RSS reader onion domain: ${RSS_READER_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
+ echo $"RSS reader admin username: admin" >> /home/$MY_USERNAME/README
+ echo $"RSS reader admin password: ${RSS_READER_ADMIN_PASSWORD}" >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
+
+ echo 'install_rss_main' >> $COMPLETION_FILE
}
function install_rss_gnusocial {
- if [ ! $MICROBLOG_DOMAIN_NAME ]; then
- return
- fi
-
- if [ ! $RSS_READER_PATH ]; then
- RSS_READER_PATH=/etc/share/tt-rss
- fi
- RSS_READER_GNUSOCIAL_PATH=${RSS_READER_PATH}/plugins/gnusocial
-
- # update to the next commit
- function_check set_repo_commit
- set_repo_commit $RSS_READER_GNUSOCIAL_PATH "RSS reader gnusocial commit" "$RSS_READER_GNUSOCIAL_COMMIT" $RSS_READER_GNUSOCIAL_REPO
- chown -R www-data:www-data $RSS_READER_GNUSOCIAL_PATH
-
- if grep -Fxq "install_rss_gnusocial" $COMPLETION_FILE; then
- return
- fi
-
- if [ ! -d $INSTALL_DIR ]; then
- mkdir -p $INSTALL_DIR
- fi
-
- cd $INSTALL_DIR
- function_check git_clone
- git_clone $RSS_READER_GNUSOCIAL_REPO ttrss-gnusocial
- if [ ! -d $INSTALL_DIR/ttrss-gnusocial ]; then
- echo $'Could not clone repo for RSS reader GNU Social plugin'
- exit 52838
- fi
- cp -r $INSTALL_DIR/ttrss-gnusocial $RSS_READER_GNUSOCIAL_PATH
- cd $RSS_READER_GNUSOCIAL_PATH
- git checkout $RSS_READER_GNUSOCIAL_COMMIT -b $RSS_READER_GNUSOCIAL_COMMIT
- if ! grep -q "RSS reader gnusocial commit" $COMPLETION_FILE; then
- echo "RSS reader gnusocial commit:$RSS_READER_GNUSOCIAL_COMMIT" >> $COMPLETION_FILE
- fi
- chown -R www-data:www-data $RSS_READER_GNUSOCIAL_PATH
-
- echo 'install_rss_gnusocial' >> $COMPLETION_FILE
+ if [ ! $MICROBLOG_DOMAIN_NAME ]; then
+ return
+ fi
+
+ if [ ! $RSS_READER_PATH ]; then
+ RSS_READER_PATH=/etc/share/tt-rss
+ fi
+ RSS_READER_GNUSOCIAL_PATH=${RSS_READER_PATH}/plugins/gnusocial
+
+ # update to the next commit
+ function_check set_repo_commit
+ set_repo_commit $RSS_READER_GNUSOCIAL_PATH "RSS reader gnusocial commit" "$RSS_READER_GNUSOCIAL_COMMIT" $RSS_READER_GNUSOCIAL_REPO
+ chown -R www-data:www-data $RSS_READER_GNUSOCIAL_PATH
+
+ if grep -Fxq "install_rss_gnusocial" $COMPLETION_FILE; then
+ return
+ fi
+
+ if [ ! -d $INSTALL_DIR ]; then
+ mkdir -p $INSTALL_DIR
+ fi
+
+ cd $INSTALL_DIR
+ function_check git_clone
+ git_clone $RSS_READER_GNUSOCIAL_REPO ttrss-gnusocial
+ if [ ! -d $INSTALL_DIR/ttrss-gnusocial ]; then
+ echo $'Could not clone repo for RSS reader GNU Social plugin'
+ exit 52838
+ fi
+ cp -r $INSTALL_DIR/ttrss-gnusocial $RSS_READER_GNUSOCIAL_PATH
+ cd $RSS_READER_GNUSOCIAL_PATH
+ git checkout $RSS_READER_GNUSOCIAL_COMMIT -b $RSS_READER_GNUSOCIAL_COMMIT
+ if ! grep -q "RSS reader gnusocial commit" $COMPLETION_FILE; then
+ echo "RSS reader gnusocial commit:$RSS_READER_GNUSOCIAL_COMMIT" >> $COMPLETION_FILE
+ fi
+ chown -R www-data:www-data $RSS_READER_GNUSOCIAL_PATH
+
+ echo 'install_rss_gnusocial' >> $COMPLETION_FILE
}
function install_rss_mobile_reader {
- if [ ! $RSS_READER_PATH ]; then
- RSS_READER_PATH=/etc/share/tt-rss
- fi
+ if [ ! $RSS_READER_PATH ]; then
+ RSS_READER_PATH=/etc/share/tt-rss
+ fi
- if [ ! -d $RSS_READER_PATH ]; then
- echo $'tt-rss is not installed, so the mobile version cannot be installed'
- exit 63452
- fi
+ if [ ! -d $RSS_READER_PATH ]; then
+ echo $'tt-rss is not installed, so the mobile version cannot be installed'
+ exit 63452
+ fi
- RSS_MOBILE_READER_PATH=/etc/share/ttrss-mobile
-
- # remove any previous install
- if [ -d $RSS_READER_PATH/g2ttree-mobile ]; then
- if grep -Fxq "install_rss_mobile_reader" $COMPLETION_FILE; then
- sed -i '/install_rss_mobile_reader/d' $COMPLETION_FILE
- sed -i '/RSS mobile reader commit/d' $COMPLETION_FILE
- rm -rf $RSS_READER_PATH/g2ttree-mobile
- fi
- fi
+ RSS_MOBILE_READER_PATH=/etc/share/ttrss-mobile
+ # remove any previous install
+ if [ -d $RSS_READER_PATH/g2ttree-mobile ]; then
if grep -Fxq "install_rss_mobile_reader" $COMPLETION_FILE; then
- return
- fi
-
- cd /etc/share
- function_check git_clone
- git_clone $RSS_MOBILE_READER_REPO ttrss-mobile
- if [ ! -d $RSS_MOBILE_READER_PATH ]; then
- echo $'Could not clone RSS mobile reader repo'
- exit 24816
- fi
- cd $RSS_MOBILE_READER_PATH
- git checkout $RSS_MOBILE_READER_COMMIT -b $RSS_MOBILE_READER_COMMIT
- if ! grep -q "RSS mobile reader commit" $COMPLETION_FILE; then
- echo "RSS mobile reader commit:$RSS_MOBILE_READER_COMMIT" >> $COMPLETION_FILE
- fi
-
- echo 'define({' > $RSS_MOBILE_READER_PATH/scripts/conf.js
- echo ' apiPath: "/tt-rss/"' >> $RSS_MOBILE_READER_PATH/scripts/conf.js
- echo '});' >> $RSS_MOBILE_READER_PATH/scripts/conf.js
-
- # link to the main site
- ln -s $RSS_READER_PATH $RSS_MOBILE_READER_PATH/tt-rss
-
- chown -R www-data:www-data $RSS_MOBILE_READER_PATH
- chown -R www-data:www-data $RSS_READER_PATH
- chmod a+x $RSS_MOBILE_READER_PATH
-
- echo 'install_rss_mobile_reader' >> $COMPLETION_FILE
+ sed -i '/install_rss_mobile_reader/d' $COMPLETION_FILE
+ sed -i '/RSS mobile reader commit/d' $COMPLETION_FILE
+ rm -rf $RSS_READER_PATH/g2ttree-mobile
+ fi
+ fi
+
+ if grep -Fxq "install_rss_mobile_reader" $COMPLETION_FILE; then
+ return
+ fi
+
+ cd /etc/share
+ function_check git_clone
+ git_clone $RSS_MOBILE_READER_REPO ttrss-mobile
+ if [ ! -d $RSS_MOBILE_READER_PATH ]; then
+ echo $'Could not clone RSS mobile reader repo'
+ exit 24816
+ fi
+ cd $RSS_MOBILE_READER_PATH
+ git checkout $RSS_MOBILE_READER_COMMIT -b $RSS_MOBILE_READER_COMMIT
+ if ! grep -q "RSS mobile reader commit" $COMPLETION_FILE; then
+ echo "RSS mobile reader commit:$RSS_MOBILE_READER_COMMIT" >> $COMPLETION_FILE
+ fi
+
+ echo 'define({' > $RSS_MOBILE_READER_PATH/scripts/conf.js
+ echo ' apiPath: "/tt-rss/"' >> $RSS_MOBILE_READER_PATH/scripts/conf.js
+ echo '});' >> $RSS_MOBILE_READER_PATH/scripts/conf.js
+
+ # link to the main site
+ ln -s $RSS_READER_PATH $RSS_MOBILE_READER_PATH/tt-rss
+
+ chown -R www-data:www-data $RSS_MOBILE_READER_PATH
+ chown -R www-data:www-data $RSS_READER_PATH
+ chmod a+x $RSS_MOBILE_READER_PATH
+
+ echo 'install_rss_mobile_reader' >> $COMPLETION_FILE
}
function install_rss {
- if grep -Fxq "install_rss" $COMPLETION_FILE; then
- return
- fi
- install_rss_main
- install_rss_gnusocial
- install_rss_mobile_reader
- echo 'install_rss' >> $COMPLETION_FILE
+ if grep -Fxq "install_rss" $COMPLETION_FILE; then
+ return
+ fi
+ install_rss_main
+ install_rss_gnusocial
+ install_rss_mobile_reader
+ echo 'install_rss' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-searx b/src/freedombone-app-searx
index 725eaac7b..20f738415 100755
--- a/src/freedombone-app-searx
+++ b/src/freedombone-app-searx
@@ -43,254 +43,254 @@ function reconfigure_searx {
}
function upgrade_searx {
- if ! grep -Fxq "install_searx" $COMPLETION_FILE; then
- return
- fi
-
- set_repo_commit $SEARX_PATH/searx "Search engine commit" "$SEARX_COMMIT" $SEARX_REPO
- if grep "Search engine key" $COMPLETION_FILE; then
- if [ -f ${SEARX_PATH}/searx/searx/settings.yml ]; then
- # note: this might change to a --tor option in a later version
- if ! grep 'socks5://127.0.0.1:9050' ${SEARX_PATH}/searx/searx/settings.yml; then
- echo 'outgoing: # communication with search engines' >> ${SEARX_PATH}/searx/searx/settings.yml
- echo ' proxies:' >> ${SEARX_PATH}/searx/searx/settings.yml
- echo ' http : socks5://127.0.0.1:9050' >> ${SEARX_PATH}/searx/searx/settings.yml
- echo ' https: socks5://127.0.0.1:9050' >> ${SEARX_PATH}/searx/searx/settings.yml
- fi
- SEARX_SECRET_KEY=$(cat $COMPLETION_FILE | grep "Search engine key" | awk -F ':' '{print $2}')
- sed -i "s|secret_key.*|secret_key : \"${SEARX_SECRET_KEY}\"|g" ${SEARX_PATH}/searx/searx/settings.yml
- if [ -f /var/lib/tor/hidden_service_searx/hostname ]; then
- SEARX_ONION_HOSTNAME=$(echo /var/lib/tor/hidden_service_searx/hostname)
- sed -i '0,/RE/s/base_url.*/base_url : \"http://${SEARX_ONION_HOSTNAME}\/' ${SEARX_PATH}/searx/searx/settings.yml
- fi
- fi
+ if ! grep -Fxq "install_searx" $COMPLETION_FILE; then
+ return
+ fi
+
+ set_repo_commit $SEARX_PATH/searx "Search engine commit" "$SEARX_COMMIT" $SEARX_REPO
+ if grep "Search engine key" $COMPLETION_FILE; then
+ if [ -f ${SEARX_PATH}/searx/searx/settings.yml ]; then
+ # note: this might change to a --tor option in a later version
+ if ! grep 'socks5://127.0.0.1:9050' ${SEARX_PATH}/searx/searx/settings.yml; then
+ echo 'outgoing: # communication with search engines' >> ${SEARX_PATH}/searx/searx/settings.yml
+ echo ' proxies:' >> ${SEARX_PATH}/searx/searx/settings.yml
+ echo ' http : socks5://127.0.0.1:9050' >> ${SEARX_PATH}/searx/searx/settings.yml
+ echo ' https: socks5://127.0.0.1:9050' >> ${SEARX_PATH}/searx/searx/settings.yml
+ fi
+ SEARX_SECRET_KEY=$(cat $COMPLETION_FILE | grep "Search engine key" | awk -F ':' '{print $2}')
+ sed -i "s|secret_key.*|secret_key : \"${SEARX_SECRET_KEY}\"|g" ${SEARX_PATH}/searx/searx/settings.yml
+ if [ -f /var/lib/tor/hidden_service_searx/hostname ]; then
+ SEARX_ONION_HOSTNAME=$(echo /var/lib/tor/hidden_service_searx/hostname)
+ sed -i '0,/RE/s/base_url.*/base_url : \"http://${SEARX_ONION_HOSTNAME}\/' ${SEARX_PATH}/searx/searx/settings.yml
+ fi
fi
+ fi
}
function backup_local_searx {
- echo -n ''
+ echo -n ''
}
function restore_local_searx {
- echo -n ''
+ echo -n ''
}
function backup_remote_searx {
- echo -n ''
+ echo -n ''
}
function restore_remote_searx {
- echo -n ''
+ echo -n ''
}
function remove_searx {
- if ! grep -Fxq "install_searx" $COMPLETION_FILE; then
- return
- fi
- systemctl stop searx
- systemctl disable searx
- rm /etc/systemd/system/searx.service
- function_check remove_onion_service
- remove_onion_service searx ${SEARX_ONION_PORT}
- userdel -r searx
- nginx_dissite searx
- if [ -f /etc/nginx/sites-available/searx ]; then
- rm /etc/nginx/sites-available/searx
- fi
- if [ -d ${SEARX_PATH}/searx ]; then
- rm -rf ${SEARX_PATH}/searx
- fi
- sed -i '/install_searx/d' $COMPLETION_FILE
- sed -i '/Search engine /d' $COMPLETION_FILE
+ if ! grep -Fxq "install_searx" $COMPLETION_FILE; then
+ return
+ fi
+ systemctl stop searx
+ systemctl disable searx
+ rm /etc/systemd/system/searx.service
+ function_check remove_onion_service
+ remove_onion_service searx ${SEARX_ONION_PORT}
+ userdel -r searx
+ nginx_dissite searx
+ if [ -f /etc/nginx/sites-available/searx ]; then
+ rm /etc/nginx/sites-available/searx
+ fi
+ if [ -d ${SEARX_PATH}/searx ]; then
+ rm -rf ${SEARX_PATH}/searx
+ fi
+ sed -i '/install_searx/d' $COMPLETION_FILE
+ sed -i '/Search engine /d' $COMPLETION_FILE
}
function install_searx {
- # Note: currently socks5 outgoing proxies to other search engines does not work
- if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
- return
- fi
- if [ ! -d /etc/nginx ]; then
- echo $'Webserver is not installed'
- exit 62429
- fi
-
- if grep -Fxq "install_searx" $COMPLETION_FILE; then
- return
+ # Note: currently socks5 outgoing proxies to other search engines does not work
+ if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
+ return
+ fi
+ if [ ! -d /etc/nginx ]; then
+ echo $'Webserver is not installed'
+ exit 62429
+ fi
+
+ if grep -Fxq "install_searx" $COMPLETION_FILE; then
+ return
+ fi
+
+ apt-get -y install python-pip libyaml-dev python-werkzeug python-babel python-lxml apache2-utils
+ apt-get -y install git build-essential libxslt-dev python-dev python-virtualenv python-pybabel zlib1g-dev uwsgi uwsgi-plugin-python libapache2-mod-uwsgi
+
+ pip install --upgrade pip
+
+ pip install certifi
+ if [ ! "$?" = "0" ]; then
+ echo $'Failed to install certifi'
+ exit 737692
+ fi
+
+ pip install pyyaml
+ if [ ! "$?" = "0" ]; then
+ echo $'Failed to install pyyaml'
+ exit 469242
+ fi
+
+ pip install flask --upgrade
+ if [ ! "$?" = "0" ]; then
+ echo $'Failed to install flask'
+ exit 888575
+ fi
+
+ pip install flask_restless --upgrade
+ if [ ! "$?" = "0" ]; then
+ echo $'Failed to install flask_restless'
+ exit 54835
+ fi
+
+ pip install flask_babel --upgrade
+ if [ ! "$?" = "0" ]; then
+ echo $'Failed to install flask_babel'
+ exit 63738
+ fi
+
+ if [ ! -d $SEARX_PATH ]; then
+ mkdir -p $SEARX_PATH
+ fi
+
+ # clone the repo
+ cd $SEARX_PATH
+ function_check git_clone
+ git_clone $SEARX_REPO searx
+ git checkout $SEARX_COMMIT -b $SEARX_COMMIT
+ if ! grep -q "Search engine commit" $COMPLETION_FILE; then
+ echo "Search engine commit:$SEARX_COMMIT" >> $COMPLETION_FILE
+ else
+ sed -i "s/Search engine commit.*/Search engine commit:$SEARX_COMMIT/g" $COMPLETION_FILE
+ fi
+
+ # create an onion service
+ SEARX_ONION_HOSTNAME=$(add_onion_service searx 80 ${SEARX_ONION_PORT})
+ if ! grep "Search engine onion domain" $COMPLETION_FILE; then
+ echo "Search engine onion domain:${SEARX_ONION_HOSTNAME}" >> $COMPLETION_FILE
+ else
+ sed -i "s|Search engine onion domain.*|Search engine onion domain:${SEARX_ONION_HOSTNAME}|g" $COMPLETION_FILE
+ fi
+
+ # an unprivileged user to run as
+ useradd -d ${SEARX_PATH}/searx/ -s /bin/false searx
+ adduser searx debian-tor
+
+ # daemon
+ echo '[Unit]' > /etc/systemd/system/searx.service
+ echo 'Description=Searx (search engine)' >> /etc/systemd/system/searx.service
+ echo 'After=syslog.target' >> /etc/systemd/system/searx.service
+ echo 'After=network.target' >> /etc/systemd/system/searx.service
+ echo '' >> /etc/systemd/system/searx.service
+ echo '[Service]' >> /etc/systemd/system/searx.service
+ echo 'Type=simple' >> /etc/systemd/system/searx.service
+ echo 'User=searx' >> /etc/systemd/system/searx.service
+ echo 'Group=searx' >> /etc/systemd/system/searx.service
+ echo "WorkingDirectory=${SEARX_PATH}/searx" >> /etc/systemd/system/searx.service
+ echo "ExecStart=/usr/bin/python ${SEARX_PATH}/searx/searx/webapp.py" >> /etc/systemd/system/searx.service
+ echo 'Restart=always' >> /etc/systemd/system/searx.service
+ echo 'Environment="USER=searx"' >> /etc/systemd/system/searx.service
+ echo '' >> /etc/systemd/system/searx.service
+ echo '[Install]' >> /etc/systemd/system/searx.service
+ echo 'WantedBy=multi-user.target' >> /etc/systemd/system/searx.service
+
+ # create a webserver file
+ echo 'server {' > /etc/nginx/sites-available/searx
+ echo " listen 127.0.0.1:${SEARX_ONION_PORT} default_server;" >> /etc/nginx/sites-available/searx
+ echo " root ${SEARX_PATH}/searx;" >> /etc/nginx/sites-available/searx
+ echo " server_name ${SEARX_ONION_HOSTNAME};" >> /etc/nginx/sites-available/searx
+ echo ' access_log off;' >> /etc/nginx/sites-available/searx
+ echo " error_log /var/log/searx_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/searx
+ echo '' >> /etc/nginx/sites-available/searx
+ function_check nginx_limits
+ nginx_limits searx '1M'
+ function_check nginx_disable_sniffing
+ nginx_disable_sniffing searx
+ echo ' add_header Strict-Transport-Security max-age=0;' >> /etc/nginx/sites-available/searx
+ echo '' >> /etc/nginx/sites-available/searx
+ echo ' location / {' >> /etc/nginx/sites-available/searx
+ echo ' proxy_pass http://localhost:8888;' >> /etc/nginx/sites-available/searx
+ echo ' proxy_set_header Host $host;' >> /etc/nginx/sites-available/searx
+ echo ' proxy_set_header X-Real-IP $remote_addr;' >> /etc/nginx/sites-available/searx
+ echo ' proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> /etc/nginx/sites-available/searx
+ echo ' proxy_set_header X-Remote-Port $remote_port;' >> /etc/nginx/sites-available/searx
+ echo ' proxy_set_header X-Forwarded-Proto $scheme;' >> /etc/nginx/sites-available/searx
+ echo ' proxy_redirect off;' >> /etc/nginx/sites-available/searx
+
+ echo " auth_basic \"${SEARX_LOGIN_TEXT}\";" >> /etc/nginx/sites-available/searx
+ echo ' auth_basic_user_file /etc/nginx/.htpasswd;' >> /etc/nginx/sites-available/searx
+ echo ' }' >> /etc/nginx/sites-available/searx
+ echo '' >> /etc/nginx/sites-available/searx
+ echo ' fastcgi_buffers 64 4K;' >> /etc/nginx/sites-available/searx
+ echo '' >> /etc/nginx/sites-available/searx
+ echo ' error_page 403 /core/templates/403.php;' >> /etc/nginx/sites-available/searx
+ echo ' error_page 404 /core/templates/404.php;' >> /etc/nginx/sites-available/searx
+ echo '' >> /etc/nginx/sites-available/searx
+ echo ' location = /robots.txt {' >> /etc/nginx/sites-available/searx
+ echo ' allow all;' >> /etc/nginx/sites-available/searx
+ echo ' log_not_found off;' >> /etc/nginx/sites-available/searx
+ echo ' access_log off;' >> /etc/nginx/sites-available/searx
+ echo ' }' >> /etc/nginx/sites-available/searx
+ echo '}' >> /etc/nginx/sites-available/searx
+
+ # replace the secret key
+ if ! grep "Search engine key" $COMPLETION_FILE; then
+ SEARX_SECRET_KEY="$(create_password 30)"
+ echo "Search engine key:${SEARX_SECRET_KEY}" >> $COMPLETION_FILE
+ else
+ SEARX_SECRET_KEY=$(cat $COMPLETION_FILE | grep "Search engine key" | awk -F ':' '{print $2}')
+ fi
+ sed -i "s|secret_key.*|secret_key : \"${SEARX_SECRET_KEY}\"|g" ${SEARX_PATH}/searx/searx/settings.yml
+ sed -i "s|secret_key.*|secret_key : \"${SEARX_SECRET_KEY}\"|g" ${SEARX_PATH}/searx/searx/settings_robot.yml
+ sed -i '0,/RE/s/base_url.*/base_url : \"http://${SEARX_ONION_HOSTNAME}\/' ${SEARX_PATH}/searx/searx/settings.yml
+ sed -i '0,/RE/s/base_url.*/base_url : \"http://${SEARX_ONION_HOSTNAME}\/' ${SEARX_PATH}/searx/searx/settings_robot.yml
+
+ # note: this might change to a --tor option in a later version
+ if ! grep 'socks5://127.0.0.1:9050' ${SEARX_PATH}/searx/searx/settings.yml; then
+ echo 'outgoing: # communication with search engines' >> ${SEARX_PATH}/searx/searx/settings.yml
+ echo ' proxies:' >> ${SEARX_PATH}/searx/searx/settings.yml
+ echo ' http : socks5://127.0.0.1:9050' >> ${SEARX_PATH}/searx/searx/settings.yml
+ echo ' https: socks5://127.0.0.1:9050' >> ${SEARX_PATH}/searx/searx/settings.yml
+ fi
+
+ chown -R searx:searx ${SEARX_PATH}/searx
+
+ # enable the site
+ nginx_ensite searx
+
+ # restart the web server
+ systemctl restart php5-fpm
+ systemctl restart nginx
+
+ # start the daemon
+ systemctl enable searx.service
+ systemctl daemon-reload
+ systemctl start searx.service
+
+ if ! grep -q "Your search engine password is" /home/$MY_USERNAME/README; then
+ if [ ${#SEARX_PASSWORD} -lt 8 ]; then
+ if [ -f $IMAGE_PASSWORD_FILE ]; then
+ SEARX_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
+ else
+ SEARX_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
+ fi
fi
-
- apt-get -y install python-pip libyaml-dev python-werkzeug python-babel python-lxml apache2-utils
- apt-get -y install git build-essential libxslt-dev python-dev python-virtualenv python-pybabel zlib1g-dev uwsgi uwsgi-plugin-python libapache2-mod-uwsgi
-
- pip install --upgrade pip
-
- pip install certifi
- if [ ! "$?" = "0" ]; then
- echo $'Failed to install certifi'
- exit 737692
- fi
-
- pip install pyyaml
- if [ ! "$?" = "0" ]; then
- echo $'Failed to install pyyaml'
- exit 469242
- fi
-
- pip install flask --upgrade
- if [ ! "$?" = "0" ]; then
- echo $'Failed to install flask'
- exit 888575
- fi
-
- pip install flask_restless --upgrade
- if [ ! "$?" = "0" ]; then
- echo $'Failed to install flask_restless'
- exit 54835
- fi
-
- pip install flask_babel --upgrade
- if [ ! "$?" = "0" ]; then
- echo $'Failed to install flask_babel'
- exit 63738
- fi
-
- if [ ! -d $SEARX_PATH ]; then
- mkdir -p $SEARX_PATH
- fi
-
- # clone the repo
- cd $SEARX_PATH
- function_check git_clone
- git_clone $SEARX_REPO searx
- git checkout $SEARX_COMMIT -b $SEARX_COMMIT
- if ! grep -q "Search engine commit" $COMPLETION_FILE; then
- echo "Search engine commit:$SEARX_COMMIT" >> $COMPLETION_FILE
- else
- sed -i "s/Search engine commit.*/Search engine commit:$SEARX_COMMIT/g" $COMPLETION_FILE
- fi
-
- # create an onion service
- SEARX_ONION_HOSTNAME=$(add_onion_service searx 80 ${SEARX_ONION_PORT})
- if ! grep "Search engine onion domain" $COMPLETION_FILE; then
- echo "Search engine onion domain:${SEARX_ONION_HOSTNAME}" >> $COMPLETION_FILE
- else
- sed -i "s|Search engine onion domain.*|Search engine onion domain:${SEARX_ONION_HOSTNAME}|g" $COMPLETION_FILE
- fi
-
- # an unprivileged user to run as
- useradd -d ${SEARX_PATH}/searx/ -s /bin/false searx
- adduser searx debian-tor
-
- # daemon
- echo '[Unit]' > /etc/systemd/system/searx.service
- echo 'Description=Searx (search engine)' >> /etc/systemd/system/searx.service
- echo 'After=syslog.target' >> /etc/systemd/system/searx.service
- echo 'After=network.target' >> /etc/systemd/system/searx.service
- echo '' >> /etc/systemd/system/searx.service
- echo '[Service]' >> /etc/systemd/system/searx.service
- echo 'Type=simple' >> /etc/systemd/system/searx.service
- echo 'User=searx' >> /etc/systemd/system/searx.service
- echo 'Group=searx' >> /etc/systemd/system/searx.service
- echo "WorkingDirectory=${SEARX_PATH}/searx" >> /etc/systemd/system/searx.service
- echo "ExecStart=/usr/bin/python ${SEARX_PATH}/searx/searx/webapp.py" >> /etc/systemd/system/searx.service
- echo 'Restart=always' >> /etc/systemd/system/searx.service
- echo 'Environment="USER=searx"' >> /etc/systemd/system/searx.service
- echo '' >> /etc/systemd/system/searx.service
- echo '[Install]' >> /etc/systemd/system/searx.service
- echo 'WantedBy=multi-user.target' >> /etc/systemd/system/searx.service
-
- # create a webserver file
- echo 'server {' > /etc/nginx/sites-available/searx
- echo " listen 127.0.0.1:${SEARX_ONION_PORT} default_server;" >> /etc/nginx/sites-available/searx
- echo " root ${SEARX_PATH}/searx;" >> /etc/nginx/sites-available/searx
- echo " server_name ${SEARX_ONION_HOSTNAME};" >> /etc/nginx/sites-available/searx
- echo ' access_log off;' >> /etc/nginx/sites-available/searx
- echo " error_log /var/log/searx_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/searx
- echo '' >> /etc/nginx/sites-available/searx
- function_check nginx_limits
- nginx_limits searx '1M'
- function_check nginx_disable_sniffing
- nginx_disable_sniffing searx
- echo ' add_header Strict-Transport-Security max-age=0;' >> /etc/nginx/sites-available/searx
- echo '' >> /etc/nginx/sites-available/searx
- echo ' location / {' >> /etc/nginx/sites-available/searx
- echo ' proxy_pass http://localhost:8888;' >> /etc/nginx/sites-available/searx
- echo ' proxy_set_header Host $host;' >> /etc/nginx/sites-available/searx
- echo ' proxy_set_header X-Real-IP $remote_addr;' >> /etc/nginx/sites-available/searx
- echo ' proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> /etc/nginx/sites-available/searx
- echo ' proxy_set_header X-Remote-Port $remote_port;' >> /etc/nginx/sites-available/searx
- echo ' proxy_set_header X-Forwarded-Proto $scheme;' >> /etc/nginx/sites-available/searx
- echo ' proxy_redirect off;' >> /etc/nginx/sites-available/searx
-
- echo " auth_basic \"${SEARX_LOGIN_TEXT}\";" >> /etc/nginx/sites-available/searx
- echo ' auth_basic_user_file /etc/nginx/.htpasswd;' >> /etc/nginx/sites-available/searx
- echo ' }' >> /etc/nginx/sites-available/searx
- echo '' >> /etc/nginx/sites-available/searx
- echo ' fastcgi_buffers 64 4K;' >> /etc/nginx/sites-available/searx
- echo '' >> /etc/nginx/sites-available/searx
- echo ' error_page 403 /core/templates/403.php;' >> /etc/nginx/sites-available/searx
- echo ' error_page 404 /core/templates/404.php;' >> /etc/nginx/sites-available/searx
- echo '' >> /etc/nginx/sites-available/searx
- echo ' location = /robots.txt {' >> /etc/nginx/sites-available/searx
- echo ' allow all;' >> /etc/nginx/sites-available/searx
- echo ' log_not_found off;' >> /etc/nginx/sites-available/searx
- echo ' access_log off;' >> /etc/nginx/sites-available/searx
- echo ' }' >> /etc/nginx/sites-available/searx
- echo '}' >> /etc/nginx/sites-available/searx
-
- # replace the secret key
- if ! grep "Search engine key" $COMPLETION_FILE; then
- SEARX_SECRET_KEY="$(create_password 30)"
- echo "Search engine key:${SEARX_SECRET_KEY}" >> $COMPLETION_FILE
- else
- SEARX_SECRET_KEY=$(cat $COMPLETION_FILE | grep "Search engine key" | awk -F ':' '{print $2}')
- fi
- sed -i "s|secret_key.*|secret_key : \"${SEARX_SECRET_KEY}\"|g" ${SEARX_PATH}/searx/searx/settings.yml
- sed -i "s|secret_key.*|secret_key : \"${SEARX_SECRET_KEY}\"|g" ${SEARX_PATH}/searx/searx/settings_robot.yml
- sed -i '0,/RE/s/base_url.*/base_url : \"http://${SEARX_ONION_HOSTNAME}\/' ${SEARX_PATH}/searx/searx/settings.yml
- sed -i '0,/RE/s/base_url.*/base_url : \"http://${SEARX_ONION_HOSTNAME}\/' ${SEARX_PATH}/searx/searx/settings_robot.yml
-
- # note: this might change to a --tor option in a later version
- if ! grep 'socks5://127.0.0.1:9050' ${SEARX_PATH}/searx/searx/settings.yml; then
- echo 'outgoing: # communication with search engines' >> ${SEARX_PATH}/searx/searx/settings.yml
- echo ' proxies:' >> ${SEARX_PATH}/searx/searx/settings.yml
- echo ' http : socks5://127.0.0.1:9050' >> ${SEARX_PATH}/searx/searx/settings.yml
- echo ' https: socks5://127.0.0.1:9050' >> ${SEARX_PATH}/searx/searx/settings.yml
- fi
-
- chown -R searx:searx ${SEARX_PATH}/searx
-
- # enable the site
- nginx_ensite searx
-
- # restart the web server
- systemctl restart php5-fpm
- systemctl restart nginx
-
- # start the daemon
- systemctl enable searx.service
- systemctl daemon-reload
- systemctl start searx.service
-
- if ! grep -q "Your search engine password is" /home/$MY_USERNAME/README; then
- if [ ${#SEARX_PASSWORD} -lt 8 ]; then
- if [ -f $IMAGE_PASSWORD_FILE ]; then
- SEARX_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
- else
- SEARX_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- fi
- fi
- echo "$SEARX_PASSWORD" | htpasswd -i -s -c /etc/nginx/.htpasswd $MY_USERNAME
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'Search Engine' >> /home/$MY_USERNAME/README
- echo '=============' >> /home/$MY_USERNAME/README
- echo $"Search engine onion domain: ${SEARX_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
- echo $"Your search engine password is: $SEARX_PASSWORD" >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
- fi
-
- echo 'install_searx' >> $COMPLETION_FILE
+ echo "$SEARX_PASSWORD" | htpasswd -i -s -c /etc/nginx/.htpasswd $MY_USERNAME
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'Search Engine' >> /home/$MY_USERNAME/README
+ echo '=============' >> /home/$MY_USERNAME/README
+ echo $"Search engine onion domain: ${SEARX_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
+ echo $"Your search engine password is: $SEARX_PASSWORD" >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
+
+ echo 'install_searx' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-sip b/src/freedombone-app-sip
index 5d5b24acb..07a4a9de0 100755
--- a/src/freedombone-app-sip
+++ b/src/freedombone-app-sip
@@ -38,415 +38,415 @@ VOIP_TURN_TLS_PORT=5349
VOIP_TURN_NONCE=
function reconfigure_sip {
- echo -n ''
+ echo -n ''
}
function upgrade_sip {
- # remove the original sipwitch daemon if it exists
- if [ -f /etc/init.d/sipwitch ]; then
- rm -f /etc/init.d/sipwitch
- fi
+ # remove the original sipwitch daemon if it exists
+ if [ -f /etc/init.d/sipwitch ]; then
+ rm -f /etc/init.d/sipwitch
+ fi
}
function backup_local_sip {
- if [ -f /etc/sipwitch.conf ]; then
- echo $"Backing up SIP settings"
- temp_backup_dir=/root/tempsipbackup
- if [ ! -d $temp_backup_dir ]; then
- mkdir -p $temp_backup_dir
- fi
- cp -f /etc/sipwitch.conf $temp_backup_dir
- backup_directory_to_usb $temp_backup_dir sip
- echo $"SIP settings backup complete"
+ if [ -f /etc/sipwitch.conf ]; then
+ echo $"Backing up SIP settings"
+ temp_backup_dir=/root/tempsipbackup
+ if [ ! -d $temp_backup_dir ]; then
+ mkdir -p $temp_backup_dir
fi
+ cp -f /etc/sipwitch.conf $temp_backup_dir
+ backup_directory_to_usb $temp_backup_dir sip
+ echo $"SIP settings backup complete"
+ fi
}
function restore_local_sip {
- if [ -d $USB_MOUNT/backup/sip ]; then
- echo $"Restoring SIP settings"
- temp_restore_dir=/root/tempsip
- function_check restore_directory_from_usb
- restore_directory_from_usb $temp_restore_dir sip
- cp -f $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/sipwitch.conf /etc/sipwitch.conf
- if [ ! "$?" = "0" ]; then
- rm -rf $temp_restore_dir
- function_check set_user_permissions
- set_user_permissions
- backup_unmount_drive
- exit 3679
- fi
- rm -rf $temp_restore_dir
- service sipwitch restart
- echo $"Restore of SIP settings complete"
+ if [ -d $USB_MOUNT/backup/sip ]; then
+ echo $"Restoring SIP settings"
+ temp_restore_dir=/root/tempsip
+ function_check restore_directory_from_usb
+ restore_directory_from_usb $temp_restore_dir sip
+ cp -f $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/sipwitch.conf /etc/sipwitch.conf
+ if [ ! "$?" = "0" ]; then
+ rm -rf $temp_restore_dir
+ function_check set_user_permissions
+ set_user_permissions
+ backup_unmount_drive
+ exit 3679
fi
+ rm -rf $temp_restore_dir
+ service sipwitch restart
+ echo $"Restore of SIP settings complete"
+ fi
}
function backup_remote_sip {
- if [ -f /etc/sipwitch.conf ]; then
- echo $"Backing up SIP settings"
- temp_backup_dir=/root/tempsipbackup
- if [ ! -d $temp_backup_dir ]; then
- mkdir -p $temp_backup_dir
- fi
- cp -f /etc/sipwitch.conf $temp_backup_dir
- backup_directory_to_friend $temp_backup_dir sip
- echo $"Backup SIP settings complete"
+ if [ -f /etc/sipwitch.conf ]; then
+ echo $"Backing up SIP settings"
+ temp_backup_dir=/root/tempsipbackup
+ if [ ! -d $temp_backup_dir ]; then
+ mkdir -p $temp_backup_dir
fi
+ cp -f /etc/sipwitch.conf $temp_backup_dir
+ backup_directory_to_friend $temp_backup_dir sip
+ echo $"Backup SIP settings complete"
+ fi
}
function restore_remote_sip {
- echo -n ''
+ echo -n ''
}
function remove_sip {
- if ! grep -Fxq "install_sip" $COMPLETION_FILE; then
- return
- fi
- iptables -D INPUT -p udp --dport $VOIP_TURN_PORT -j ACCEPT
- iptables -D INPUT -p tcp --dport $VOIP_TURN_PORT -j ACCEPT
- iptables -D INPUT -p tcp --dport $VOIP_TURN_TLS_PORT -j ACCEPT
- iptables -D INPUT -p udp --dport $SIP_PORT -j ACCEPT
- iptables -D INPUT -p tcp --dport $SIP_PORT -j ACCEPT
- iptables -D INPUT -p udp --dport $SIP_TLS_PORT -j ACCEPT
- iptables -D INPUT -p tcp --dport $SIP_TLS_PORT -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
-
- function_check remove_onion_service
- remove_onion_service sip ${SIP_PORT}
-
- apt-get -y remove --purge sipwitch
- apt-get -y remove --purge turnserver
- if [ -f /etc/sipwitch.conf ]; then
- rm /etc/sipwitch.conf
- fi
- if [ -d /etc/turnserver ]; then
- rm -rf /etc/turnserver
- fi
- sed -i '/install_sip/d' $COMPLETION_FILE
- sed -i '/configure_firewall_for_voip_turn/d' $COMPLETION_FILE
- sed -i '/configure_firewall_for_sip4/d' $COMPLETION_FILE
+ if ! grep -Fxq "install_sip" $COMPLETION_FILE; then
+ return
+ fi
+ iptables -D INPUT -p udp --dport $VOIP_TURN_PORT -j ACCEPT
+ iptables -D INPUT -p tcp --dport $VOIP_TURN_PORT -j ACCEPT
+ iptables -D INPUT -p tcp --dport $VOIP_TURN_TLS_PORT -j ACCEPT
+ iptables -D INPUT -p udp --dport $SIP_PORT -j ACCEPT
+ iptables -D INPUT -p tcp --dport $SIP_PORT -j ACCEPT
+ iptables -D INPUT -p udp --dport $SIP_TLS_PORT -j ACCEPT
+ iptables -D INPUT -p tcp --dport $SIP_TLS_PORT -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+
+ function_check remove_onion_service
+ remove_onion_service sip ${SIP_PORT}
+
+ apt-get -y remove --purge sipwitch
+ apt-get -y remove --purge turnserver
+ if [ -f /etc/sipwitch.conf ]; then
+ rm /etc/sipwitch.conf
+ fi
+ if [ -d /etc/turnserver ]; then
+ rm -rf /etc/turnserver
+ fi
+ sed -i '/install_sip/d' $COMPLETION_FILE
+ sed -i '/configure_firewall_for_voip_turn/d' $COMPLETION_FILE
+ sed -i '/configure_firewall_for_sip4/d' $COMPLETION_FILE
}
function configure_firewall_for_voip_turn {
- if grep -Fxq "configure_firewall_for_voip_turn" $COMPLETION_FILE; then
- return
- fi
- if [[ $ONION_ONLY != "no" ]]; then
- return
- fi
- iptables -A INPUT -p udp --dport $VOIP_TURN_PORT -j ACCEPT
- iptables -A INPUT -p tcp --dport $VOIP_TURN_PORT -j ACCEPT
- iptables -A INPUT -p tcp --dport $VOIP_TURN_TLS_PORT -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
-
- OPEN_PORTS+=("TURN $VOIP_TURN_PORT")
- OPEN_PORTS+=("TURN TLS $VOIP_TURN_TLS_PORT")
- echo 'configure_firewall_for_voip_turn' >> $COMPLETION_FILE
+ if grep -Fxq "configure_firewall_for_voip_turn" $COMPLETION_FILE; then
+ return
+ fi
+ if [[ $ONION_ONLY != "no" ]]; then
+ return
+ fi
+ iptables -A INPUT -p udp --dport $VOIP_TURN_PORT -j ACCEPT
+ iptables -A INPUT -p tcp --dport $VOIP_TURN_PORT -j ACCEPT
+ iptables -A INPUT -p tcp --dport $VOIP_TURN_TLS_PORT -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+
+ OPEN_PORTS+=("TURN $VOIP_TURN_PORT")
+ OPEN_PORTS+=("TURN TLS $VOIP_TURN_TLS_PORT")
+ echo 'configure_firewall_for_voip_turn' >> $COMPLETION_FILE
}
function configure_firewall_for_sip4 {
- if grep -Fxq "configure_firewall_for_sip4" $COMPLETION_FILE; then
- return
- fi
- if [[ $ONION_ONLY != "no" ]]; then
- return
- fi
- iptables -A INPUT -p udp --dport $SIP_PORT -j ACCEPT
- iptables -A INPUT -p tcp --dport $SIP_PORT -j ACCEPT
- iptables -A INPUT -p udp --dport $SIP_TLS_PORT -j ACCEPT
- iptables -A INPUT -p tcp --dport $SIP_TLS_PORT -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
-
- OPEN_PORTS+=("SIP $SIP_PORT")
- OPEN_PORTS+=("SIP TLS $SIP_TLS_PORT")
- echo 'configure_firewall_for_sip4' >> $COMPLETION_FILE
+ if grep -Fxq "configure_firewall_for_sip4" $COMPLETION_FILE; then
+ return
+ fi
+ if [[ $ONION_ONLY != "no" ]]; then
+ return
+ fi
+ iptables -A INPUT -p udp --dport $SIP_PORT -j ACCEPT
+ iptables -A INPUT -p tcp --dport $SIP_PORT -j ACCEPT
+ iptables -A INPUT -p udp --dport $SIP_TLS_PORT -j ACCEPT
+ iptables -A INPUT -p tcp --dport $SIP_TLS_PORT -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+
+ OPEN_PORTS+=("SIP $SIP_PORT")
+ OPEN_PORTS+=("SIP TLS $SIP_TLS_PORT")
+ echo 'configure_firewall_for_sip4' >> $COMPLETION_FILE
}
function get_sip_server_password {
- if [ -f /home/$MY_USERNAME/README ]; then
- if grep -q "SIP server password" /home/$MY_USERNAME/README; then
- if [ ! $SIP_SERVER_PASSWORD ]; then
- SIP_SERVER_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "SIP server password" | awk -F ':' '{print $2}' | sed 's/^ *//')
- fi
- fi
+ if [ -f /home/$MY_USERNAME/README ]; then
+ if grep -q "SIP server password" /home/$MY_USERNAME/README; then
+ if [ ! $SIP_SERVER_PASSWORD ]; then
+ SIP_SERVER_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "SIP server password" | awk -F ':' '{print $2}' | sed 's/^ *//')
+ fi
fi
+ fi
}
function update_sipwitch_daemon {
- if [ ! -f /etc/init.d/sipwitch ]; then
- return
- fi
- service sipwitch stop
-
- # remove the original sipwitch daemon if it exists
- if [ -f /etc/init.d/sipwitch ]; then
- rm -f /etc/init.d/sipwitch
- fi
-
- # daemon
- echo '[Unit]' > /etc/systemd/system/sipwitch.service
- echo 'Description=GNU SIP Witch, a SIP telephony service daemon.' >> /etc/systemd/system/sipwitch.service
- echo 'After=network.target' >> /etc/systemd/system/sipwitch.service
- echo '' >> /etc/systemd/system/sipwitch.service
- echo '[Service]' >> /etc/systemd/system/sipwitch.service
- echo 'Type=simple' >> /etc/systemd/system/sipwitch.service
- echo 'Group=sipwitch' >> /etc/systemd/system/sipwitch.service
- echo 'PIDFile=/var/run/sipwitch/pidfile' >> /etc/systemd/system/sipwitch.service
- echo 'EnvironmentFile=-/etc/conf.d/sipwitch' >> /etc/systemd/system/sipwitch.service
- echo 'EnvironmentFile=-/etc/sipwitch.conf' >> /etc/systemd/system/sipwitch.service
- echo 'EnvironmentFile=-/etc/default/sipwitch' >> /etc/systemd/system/sipwitch.service
- echo 'ExecStartPre=-/bin/rm -f /var/run/sipwitch/control' >> /etc/systemd/system/sipwitch.service
- echo "ExecStart=/usr/sbin/sipw -f \$OPTIONS -P$SIP_PORT" >> /etc/systemd/system/sipwitch.service
- echo 'Restart=always' >> /etc/systemd/system/sipwitch.service
- echo 'NotifyAccess=main' >> /etc/systemd/system/sipwitch.service
- echo '' >> /etc/systemd/system/sipwitch.service
- echo '[Install]' >> /etc/systemd/system/sipwitch.service
- echo 'WantedBy=multi-user.target' >> /etc/systemd/system/sipwitch.service
-
- systemctl enable sipwitch
- systemctl daemon-reload
- systemctl start sipwitch
+ if [ ! -f /etc/init.d/sipwitch ]; then
+ return
+ fi
+ service sipwitch stop
+
+ # remove the original sipwitch daemon if it exists
+ if [ -f /etc/init.d/sipwitch ]; then
+ rm -f /etc/init.d/sipwitch
+ fi
+
+ # daemon
+ echo '[Unit]' > /etc/systemd/system/sipwitch.service
+ echo 'Description=GNU SIP Witch, a SIP telephony service daemon.' >> /etc/systemd/system/sipwitch.service
+ echo 'After=network.target' >> /etc/systemd/system/sipwitch.service
+ echo '' >> /etc/systemd/system/sipwitch.service
+ echo '[Service]' >> /etc/systemd/system/sipwitch.service
+ echo 'Type=simple' >> /etc/systemd/system/sipwitch.service
+ echo 'Group=sipwitch' >> /etc/systemd/system/sipwitch.service
+ echo 'PIDFile=/var/run/sipwitch/pidfile' >> /etc/systemd/system/sipwitch.service
+ echo 'EnvironmentFile=-/etc/conf.d/sipwitch' >> /etc/systemd/system/sipwitch.service
+ echo 'EnvironmentFile=-/etc/sipwitch.conf' >> /etc/systemd/system/sipwitch.service
+ echo 'EnvironmentFile=-/etc/default/sipwitch' >> /etc/systemd/system/sipwitch.service
+ echo 'ExecStartPre=-/bin/rm -f /var/run/sipwitch/control' >> /etc/systemd/system/sipwitch.service
+ echo "ExecStart=/usr/sbin/sipw -f \$OPTIONS -P$SIP_PORT" >> /etc/systemd/system/sipwitch.service
+ echo 'Restart=always' >> /etc/systemd/system/sipwitch.service
+ echo 'NotifyAccess=main' >> /etc/systemd/system/sipwitch.service
+ echo '' >> /etc/systemd/system/sipwitch.service
+ echo '[Install]' >> /etc/systemd/system/sipwitch.service
+ echo 'WantedBy=multi-user.target' >> /etc/systemd/system/sipwitch.service
+
+ systemctl enable sipwitch
+ systemctl daemon-reload
+ systemctl start sipwitch
}
function install_sip_main {
- if grep -Fxq "install_sip_main" $COMPLETION_FILE; then
- return
- fi
+ if grep -Fxq "install_sip_main" $COMPLETION_FILE; then
+ return
+ fi
- apt-get -y install sipwitch
+ apt-get -y install sipwitch
- function_check get_sip_server_password
- get_sip_server_password
- if [ ! $SIP_SERVER_PASSWORD ]; then
- if [ -f $IMAGE_PASSWORD_FILE ]; then
- SIP_SERVER_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
- else
- SIP_SERVER_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- fi
- fi
-
- echo '<?xml version="1.0"?>' > /etc/sipwitch.conf
- echo '<sipwitch>' >> /etc/sipwitch.conf
- echo '<provision>' >> /etc/sipwitch.conf
-
- echo "<user id=\"$MY_USERNAME\">" >> /etc/sipwitch.conf
- echo '<extension>201</extension>' >> /etc/sipwitch.conf
- echo "<secret>$SIP_SERVER_PASSWORD</secret>" >> /etc/sipwitch.conf
- echo "<display>$MY_USERNAME 201</display>" >> /etc/sipwitch.conf
- echo '</user>' >> /etc/sipwitch.conf
-
- echo '</provision>' >> /etc/sipwitch.conf
- echo '<access>' >> /etc/sipwitch.conf
- echo '</access>' >> /etc/sipwitch.conf
- echo '<stack>' >> /etc/sipwitch.conf
- echo " <localnames>$DEFAULT_DOMAIN_NAME</localnames>" >> /etc/sipwitch.conf
- echo ' <mapped>200</mapped>' >> /etc/sipwitch.conf
- echo ' <threading>2</threading>' >> /etc/sipwitch.conf
- echo ' <interface>*</interface>' >> /etc/sipwitch.conf
- echo ' <dumping>false</dumping>' >> /etc/sipwitch.conf
- echo ' <system>system</system>' >> /etc/sipwitch.conf
- echo ' <anon>anonymous</anon>' >> /etc/sipwitch.conf
- echo '</stack>' >> /etc/sipwitch.conf
- echo '<timers>' >> /etc/sipwitch.conf
- echo ' <!-- ring every 4 seconds -->' >> /etc/sipwitch.conf
- echo ' <ring>4</ring>' >> /etc/sipwitch.conf
- echo ' <!-- call forward no answer after x rings -->' >> /etc/sipwitch.conf
- echo ' <cfna>4</cfna>' >> /etc/sipwitch.conf
- echo ' <!-- call reset to clear cid in stack, 6 seconds -->' >> /etc/sipwitch.conf
- echo ' <reset>6</reset>' >> /etc/sipwitch.conf
- echo '</timers>' >> /etc/sipwitch.conf
- echo '<!-- we have 2xx numbers plus space for external users -->' >> /etc/sipwitch.conf
- echo '<registry>' >> /etc/sipwitch.conf
- echo ' <prefix>200</prefix>' >> /etc/sipwitch.conf
- echo ' <range>100</range>' >> /etc/sipwitch.conf
- echo ' <keysize>77</keysize>' >> /etc/sipwitch.conf
- echo ' <mapped>200</mapped>' >> /etc/sipwitch.conf
- echo ' <!-- <realm>GNU Telephony</realm> -->' >> /etc/sipwitch.conf
- echo '</registry>' >> /etc/sipwitch.conf
- echo '<routing>' >> /etc/sipwitch.conf
- echo '</routing>' >> /etc/sipwitch.conf
- echo '</sipwitch>' >> /etc/sipwitch.conf
-
- sed -i 's|#PLUGINS=|PLUGINS=|g' /etc/default/sipwitch
- sed -i 's|PLUGINS=.*|PLUGINS="zeroconf subscriber forward"|g' /etc/default/sipwitch
- groupadd sipwitch
- usermod -aG sipwitch $MY_USERNAME
-
- SIP_ONION_HOSTNAME=$(add_onion_service sip ${SIP_PORT} ${SIP_PORT})
- if ! grep -q $"SIP onion domain" $COMPLETION_FILE; then
- echo "SIP onion domain:$SIP_ONION_HOSTNAME" >> $COMPLETION_FILE
- fi
-
- if ! grep -q $"SIP Server" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'SIP Server' >> /home/$MY_USERNAME/README
- echo '==========' >> /home/$MY_USERNAME/README
- echo $"SIP onion_domain: $SIP_ONION_HOSTNAME" >> /home/$MY_USERNAME/README
- echo $"SIP server username: $MY_USERNAME" >> /home/$MY_USERNAME/README
- echo $"SIP server extension: 201" >> /home/$MY_USERNAME/README
- echo $"SIP server password: $SIP_SERVER_PASSWORD" >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
+ function_check get_sip_server_password
+ get_sip_server_password
+ if [ ! $SIP_SERVER_PASSWORD ]; then
+ if [ -f $IMAGE_PASSWORD_FILE ]; then
+ SIP_SERVER_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
+ else
+ SIP_SERVER_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
fi
-
- function_check configure_firewall_for_sip4
- configure_firewall_for_sip4
- echo 'install_sip_main' >> $COMPLETION_FILE
+ fi
+
+ echo '<?xml version="1.0"?>' > /etc/sipwitch.conf
+ echo '<sipwitch>' >> /etc/sipwitch.conf
+ echo '<provision>' >> /etc/sipwitch.conf
+
+ echo "<user id=\"$MY_USERNAME\">" >> /etc/sipwitch.conf
+ echo '<extension>201</extension>' >> /etc/sipwitch.conf
+ echo "<secret>$SIP_SERVER_PASSWORD</secret>" >> /etc/sipwitch.conf
+ echo "<display>$MY_USERNAME 201</display>" >> /etc/sipwitch.conf
+ echo '</user>' >> /etc/sipwitch.conf
+
+ echo '</provision>' >> /etc/sipwitch.conf
+ echo '<access>' >> /etc/sipwitch.conf
+ echo '</access>' >> /etc/sipwitch.conf
+ echo '<stack>' >> /etc/sipwitch.conf
+ echo " <localnames>$DEFAULT_DOMAIN_NAME</localnames>" >> /etc/sipwitch.conf
+ echo ' <mapped>200</mapped>' >> /etc/sipwitch.conf
+ echo ' <threading>2</threading>' >> /etc/sipwitch.conf
+ echo ' <interface>*</interface>' >> /etc/sipwitch.conf
+ echo ' <dumping>false</dumping>' >> /etc/sipwitch.conf
+ echo ' <system>system</system>' >> /etc/sipwitch.conf
+ echo ' <anon>anonymous</anon>' >> /etc/sipwitch.conf
+ echo '</stack>' >> /etc/sipwitch.conf
+ echo '<timers>' >> /etc/sipwitch.conf
+ echo ' <!-- ring every 4 seconds -->' >> /etc/sipwitch.conf
+ echo ' <ring>4</ring>' >> /etc/sipwitch.conf
+ echo ' <!-- call forward no answer after x rings -->' >> /etc/sipwitch.conf
+ echo ' <cfna>4</cfna>' >> /etc/sipwitch.conf
+ echo ' <!-- call reset to clear cid in stack, 6 seconds -->' >> /etc/sipwitch.conf
+ echo ' <reset>6</reset>' >> /etc/sipwitch.conf
+ echo '</timers>' >> /etc/sipwitch.conf
+ echo '<!-- we have 2xx numbers plus space for external users -->' >> /etc/sipwitch.conf
+ echo '<registry>' >> /etc/sipwitch.conf
+ echo ' <prefix>200</prefix>' >> /etc/sipwitch.conf
+ echo ' <range>100</range>' >> /etc/sipwitch.conf
+ echo ' <keysize>77</keysize>' >> /etc/sipwitch.conf
+ echo ' <mapped>200</mapped>' >> /etc/sipwitch.conf
+ echo ' <!-- <realm>GNU Telephony</realm> -->' >> /etc/sipwitch.conf
+ echo '</registry>' >> /etc/sipwitch.conf
+ echo '<routing>' >> /etc/sipwitch.conf
+ echo '</routing>' >> /etc/sipwitch.conf
+ echo '</sipwitch>' >> /etc/sipwitch.conf
+
+ sed -i 's|#PLUGINS=|PLUGINS=|g' /etc/default/sipwitch
+ sed -i 's|PLUGINS=.*|PLUGINS="zeroconf subscriber forward"|g' /etc/default/sipwitch
+ groupadd sipwitch
+ usermod -aG sipwitch $MY_USERNAME
+
+ SIP_ONION_HOSTNAME=$(add_onion_service sip ${SIP_PORT} ${SIP_PORT})
+ if ! grep -q $"SIP onion domain" $COMPLETION_FILE; then
+ echo "SIP onion domain:$SIP_ONION_HOSTNAME" >> $COMPLETION_FILE
+ fi
+
+ if ! grep -q $"SIP Server" /home/$MY_USERNAME/README; then
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'SIP Server' >> /home/$MY_USERNAME/README
+ echo '==========' >> /home/$MY_USERNAME/README
+ echo $"SIP onion_domain: $SIP_ONION_HOSTNAME" >> /home/$MY_USERNAME/README
+ echo $"SIP server username: $MY_USERNAME" >> /home/$MY_USERNAME/README
+ echo $"SIP server extension: 201" >> /home/$MY_USERNAME/README
+ echo $"SIP server password: $SIP_SERVER_PASSWORD" >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
+
+ function_check configure_firewall_for_sip4
+ configure_firewall_for_sip4
+ echo 'install_sip_main' >> $COMPLETION_FILE
}
function install_sip_turn {
- if grep -Fxq "install_sip_turn" $COMPLETION_FILE; then
- return
+ if grep -Fxq "install_sip_turn" $COMPLETION_FILE; then
+ return
+ fi
+
+ apt-get -y install turnserver
+
+ # create a nonce if needed
+ if [ ! $VOIP_TURN_NONCE ]; then
+ VOIP_TURN_NONCE="$(create_password 30)"
+ fi
+
+ function_check create_site_certificate
+ create_site_certificate $DEFAULT_DOMAIN_NAME
+
+ echo '##' > /etc/turnserver/turnserver.conf
+ echo '# TurnServer configuration file.' >> /etc/turnserver/turnserver.conf
+ echo '#' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Public IPv4 address of any relayed address (if not set, no relay for IPv4).' >> /etc/turnserver/turnserver.conf
+ echo '## To have multiple address, separate addresses with a comma' >> /etc/turnserver/turnserver.conf
+ echo '## (i.e. listen_address = { "172.16.0.1", "172.17.0.1" }).' >> /etc/turnserver/turnserver.conf
+ echo "listen_address = { \"192.168.0.1\" }" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Public IPv6 address of any relayed address (if not set, no relay for IPv6).' >> /etc/turnserver/turnserver.conf
+ echo '## To have multiple address, separate address with a comma' >> /etc/turnserver/turnserver.conf
+ echo '## (i.e. listen_addressv6 = { "2001:db8:1::1", "2001:db8:2::1" }).' >> /etc/turnserver/turnserver.conf
+ echo "#listen_addressv6 = { \"2001:db8::1\" }" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## UDP listening port.' >> /etc/turnserver/turnserver.conf
+ echo "udp_port = $VOIP_TURN_PORT" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## TCP listening port.' >> /etc/turnserver/turnserver.conf
+ echo "tcp_port = $VOIP_TURN_PORT" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## TLS listening port.' >> /etc/turnserver/turnserver.conf
+ echo "tls_port = $VOIP_TURN_TLS_PORT" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## TLS support.' >> /etc/turnserver/turnserver.conf
+ echo 'tls = true' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## DTLS support. It is an experimental feature and is not defined in TURN' >> /etc/turnserver/turnserver.conf
+ echo '## standard.' >> /etc/turnserver/turnserver.conf
+ echo 'dtls = false' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Maximum allocation port number.' >> /etc/turnserver/turnserver.conf
+ echo 'max_port = 65535' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Minimum allocation port number.' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo 'min_port = 49152' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## TURN-TCP support.' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo 'turn_tcp = true' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## TURN-TCP buffering mode:' >> /etc/turnserver/turnserver.conf
+ echo '## - true, use userspace buffering;' >> /etc/turnserver/turnserver.conf
+ echo '## - false, use kernel buffering.' >> /etc/turnserver/turnserver.conf
+ echo 'tcp_buffer_userspace = true' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## TURN-TCP maximum buffer size.' >> /etc/turnserver/turnserver.conf
+ echo 'tcp_buffer_size = 32768' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Daemon mode.' >> /etc/turnserver/turnserver.conf
+ echo 'daemon = true' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Unprivileged user.' >> /etc/turnserver/turnserver.conf
+ echo '## If you want to use this feature create a system user.' >> /etc/turnserver/turnserver.conf
+ echo '## On Linux: adduser --system --group turnserver' >> /etc/turnserver/turnserver.conf
+ echo 'unpriv_user = turnserver' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Realm value.' >> /etc/turnserver/turnserver.conf
+ echo "realm = \"$DEFAULT_DOMAIN_NAME\"" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Nonce key.' >> /etc/turnserver/turnserver.conf
+ echo "nonce_key = \"$VOIP_TURN_NONCE\"" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Max relay per username.' >> /etc/turnserver/turnserver.conf
+ echo 'max_relay_per_username = 5' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Allocation lifetime.' >> /etc/turnserver/turnserver.conf
+ echo 'allocation_lifetime = 1800' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Allocation bandwidth limitation (in KBytes/s).' >> /etc/turnserver/turnserver.conf
+ echo '## 0 value means bandwidth quota disabled.' >> /etc/turnserver/turnserver.conf
+ echo 'bandwidth_per_allocation = 150' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Restricted user bandwidth (in KBytes/s).' >> /etc/turnserver/turnserver.conf
+ echo '## 0 value means bandwidth limitation disabled.' >> /etc/turnserver/turnserver.conf
+ echo 'restricted_bandwidth = 10' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Denied addresses.' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '# disallow relaying to localhost' >> /etc/turnserver/turnserver.conf
+ echo 'denied_address {' >> /etc/turnserver/turnserver.conf
+ echo ' address = "127.0.0.1"' >> /etc/turnserver/turnserver.conf
+ echo ' mask = "8"' >> /etc/turnserver/turnserver.conf
+ echo ' port = 0' >> /etc/turnserver/turnserver.conf
+ echo '}' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '# disallow relaying to ip6-localhost' >> /etc/turnserver/turnserver.conf
+ echo 'denied_address {' >> /etc/turnserver/turnserver.conf
+ echo ' address = "::1"' >> /etc/turnserver/turnserver.conf
+ echo ' mask = "128"' >> /etc/turnserver/turnserver.conf
+ echo ' port = 0' >> /etc/turnserver/turnserver.conf
+ echo '}' >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Certification Authority file.' >> /etc/turnserver/turnserver.conf
+ echo "ca_file = \"/etc/ssl/certs/ca-certificates.crt\"" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Server certificate file.' >> /etc/turnserver/turnserver.conf
+ if [ -f /etc/ssl/certs/$DEFAULT_DOMAIN_NAME.pem ]; then
+ echo "cert_file = \"/etc/ssl/certs/$DEFAULT_DOMAIN_NAME.pem\"" >> /etc/turnserver/turnserver.conf
+ else
+ if [ -f /etc/ssl/certs/$DEFAULT_DOMAIN_NAME.crt ]; then
+ echo "cert_file = \"/etc/ssl/certs/$DEFAULT_DOMAIN_NAME.crt\"" >> /etc/turnserver/turnserver.conf
fi
-
- apt-get -y install turnserver
-
- # create a nonce if needed
- if [ ! $VOIP_TURN_NONCE ]; then
- VOIP_TURN_NONCE="$(create_password 30)"
- fi
-
- function_check create_site_certificate
- create_site_certificate $DEFAULT_DOMAIN_NAME
-
- echo '##' > /etc/turnserver/turnserver.conf
- echo '# TurnServer configuration file.' >> /etc/turnserver/turnserver.conf
- echo '#' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Public IPv4 address of any relayed address (if not set, no relay for IPv4).' >> /etc/turnserver/turnserver.conf
- echo '## To have multiple address, separate addresses with a comma' >> /etc/turnserver/turnserver.conf
- echo '## (i.e. listen_address = { "172.16.0.1", "172.17.0.1" }).' >> /etc/turnserver/turnserver.conf
- echo "listen_address = { \"192.168.0.1\" }" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Public IPv6 address of any relayed address (if not set, no relay for IPv6).' >> /etc/turnserver/turnserver.conf
- echo '## To have multiple address, separate address with a comma' >> /etc/turnserver/turnserver.conf
- echo '## (i.e. listen_addressv6 = { "2001:db8:1::1", "2001:db8:2::1" }).' >> /etc/turnserver/turnserver.conf
- echo "#listen_addressv6 = { \"2001:db8::1\" }" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## UDP listening port.' >> /etc/turnserver/turnserver.conf
- echo "udp_port = $VOIP_TURN_PORT" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## TCP listening port.' >> /etc/turnserver/turnserver.conf
- echo "tcp_port = $VOIP_TURN_PORT" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## TLS listening port.' >> /etc/turnserver/turnserver.conf
- echo "tls_port = $VOIP_TURN_TLS_PORT" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## TLS support.' >> /etc/turnserver/turnserver.conf
- echo 'tls = true' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## DTLS support. It is an experimental feature and is not defined in TURN' >> /etc/turnserver/turnserver.conf
- echo '## standard.' >> /etc/turnserver/turnserver.conf
- echo 'dtls = false' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Maximum allocation port number.' >> /etc/turnserver/turnserver.conf
- echo 'max_port = 65535' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Minimum allocation port number.' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo 'min_port = 49152' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## TURN-TCP support.' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo 'turn_tcp = true' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## TURN-TCP buffering mode:' >> /etc/turnserver/turnserver.conf
- echo '## - true, use userspace buffering;' >> /etc/turnserver/turnserver.conf
- echo '## - false, use kernel buffering.' >> /etc/turnserver/turnserver.conf
- echo 'tcp_buffer_userspace = true' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## TURN-TCP maximum buffer size.' >> /etc/turnserver/turnserver.conf
- echo 'tcp_buffer_size = 32768' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Daemon mode.' >> /etc/turnserver/turnserver.conf
- echo 'daemon = true' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Unprivileged user.' >> /etc/turnserver/turnserver.conf
- echo '## If you want to use this feature create a system user.' >> /etc/turnserver/turnserver.conf
- echo '## On Linux: adduser --system --group turnserver' >> /etc/turnserver/turnserver.conf
- echo 'unpriv_user = turnserver' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Realm value.' >> /etc/turnserver/turnserver.conf
- echo "realm = \"$DEFAULT_DOMAIN_NAME\"" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Nonce key.' >> /etc/turnserver/turnserver.conf
- echo "nonce_key = \"$VOIP_TURN_NONCE\"" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Max relay per username.' >> /etc/turnserver/turnserver.conf
- echo 'max_relay_per_username = 5' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Allocation lifetime.' >> /etc/turnserver/turnserver.conf
- echo 'allocation_lifetime = 1800' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Allocation bandwidth limitation (in KBytes/s).' >> /etc/turnserver/turnserver.conf
- echo '## 0 value means bandwidth quota disabled.' >> /etc/turnserver/turnserver.conf
- echo 'bandwidth_per_allocation = 150' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Restricted user bandwidth (in KBytes/s).' >> /etc/turnserver/turnserver.conf
- echo '## 0 value means bandwidth limitation disabled.' >> /etc/turnserver/turnserver.conf
- echo 'restricted_bandwidth = 10' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Denied addresses.' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '# disallow relaying to localhost' >> /etc/turnserver/turnserver.conf
- echo 'denied_address {' >> /etc/turnserver/turnserver.conf
- echo ' address = "127.0.0.1"' >> /etc/turnserver/turnserver.conf
- echo ' mask = "8"' >> /etc/turnserver/turnserver.conf
- echo ' port = 0' >> /etc/turnserver/turnserver.conf
- echo '}' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '# disallow relaying to ip6-localhost' >> /etc/turnserver/turnserver.conf
- echo 'denied_address {' >> /etc/turnserver/turnserver.conf
- echo ' address = "::1"' >> /etc/turnserver/turnserver.conf
- echo ' mask = "128"' >> /etc/turnserver/turnserver.conf
- echo ' port = 0' >> /etc/turnserver/turnserver.conf
- echo '}' >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Certification Authority file.' >> /etc/turnserver/turnserver.conf
- echo "ca_file = \"/etc/ssl/certs/ca-certificates.crt\"" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Server certificate file.' >> /etc/turnserver/turnserver.conf
- if [ -f /etc/ssl/certs/$DEFAULT_DOMAIN_NAME.pem ]; then
- echo "cert_file = \"/etc/ssl/certs/$DEFAULT_DOMAIN_NAME.pem\"" >> /etc/turnserver/turnserver.conf
- else
- if [ -f /etc/ssl/certs/$DEFAULT_DOMAIN_NAME.crt ]; then
- echo "cert_file = \"/etc/ssl/certs/$DEFAULT_DOMAIN_NAME.crt\"" >> /etc/turnserver/turnserver.conf
- fi
- fi
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Private key file.' >> /etc/turnserver/turnserver.conf
- echo "private_key_file = \"/etc/ssl/certs/$DEFAULT_DOMAIN_NAME.key\"" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Account method.' >> /etc/turnserver/turnserver.conf
- echo "account_method = \"file\"" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## Account file (if account_method = file).' >> /etc/turnserver/turnserver.conf
- echo "account_file = \"/etc/turnserver/turnusers.txt\"" >> /etc/turnserver/turnserver.conf
- echo '' >> /etc/turnserver/turnserver.conf
- echo '## mod_tmpuser.' >> /etc/turnserver/turnserver.conf
- echo 'mod_tmpuser = false' >> /etc/turnserver/turnserver.conf
-
- echo "${MY_USERNAME}:password:${DEFAULT_DOMAIN_NAME}:authorized" > /etc/turnserver/turnusers.txt
-
- systemctl restart turnserver
-
- function_check configure_firewall_for_voip_turn
- configure_firewall_for_voip_turn
- echo 'install_sip_turn' >> $COMPLETION_FILE
+ fi
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Private key file.' >> /etc/turnserver/turnserver.conf
+ echo "private_key_file = \"/etc/ssl/certs/$DEFAULT_DOMAIN_NAME.key\"" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Account method.' >> /etc/turnserver/turnserver.conf
+ echo "account_method = \"file\"" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## Account file (if account_method = file).' >> /etc/turnserver/turnserver.conf
+ echo "account_file = \"/etc/turnserver/turnusers.txt\"" >> /etc/turnserver/turnserver.conf
+ echo '' >> /etc/turnserver/turnserver.conf
+ echo '## mod_tmpuser.' >> /etc/turnserver/turnserver.conf
+ echo 'mod_tmpuser = false' >> /etc/turnserver/turnserver.conf
+
+ echo "${MY_USERNAME}:password:${DEFAULT_DOMAIN_NAME}:authorized" > /etc/turnserver/turnusers.txt
+
+ systemctl restart turnserver
+
+ function_check configure_firewall_for_voip_turn
+ configure_firewall_for_voip_turn
+ echo 'install_sip_turn' >> $COMPLETION_FILE
}
function install_sip {
- if grep -Fxq "install_sip" $COMPLETION_FILE; then
- return
- fi
- install_sip_main
- update_sipwitch_daemon
- echo 'install_sip' >> $COMPLETION_FILE
+ if grep -Fxq "install_sip" $COMPLETION_FILE; then
+ return
+ fi
+ install_sip_main
+ update_sipwitch_daemon
+ echo 'install_sip' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-syncthing b/src/freedombone-app-syncthing
index c93c50dd6..20c0d86ca 100755
--- a/src/freedombone-app-syncthing
+++ b/src/freedombone-app-syncthing
@@ -40,300 +40,300 @@ SYNCTHING_SHARED_DATA=/var/lib/syncthing/SyncShared
SYNCTHING_USER_IDS_FILE='.syncthingids'
function reconfigure_syncthing {
- echo -n ''
+ echo -n ''
}
function upgrade_syncthing {
- echo -n ''
+ echo -n ''
}
function backup_local_syncthing {
- if [ -d /var/lib/syncthing/SyncShared ]; then
- echo $"Backing up syncthing"
+ if [ -d /var/lib/syncthing/SyncShared ]; then
+ echo $"Backing up syncthing"
- function_check backup_directory_to_usb
- backup_directory_to_usb /var/lib/syncthing/SyncShared syncthingshared
- backup_directory_to_usb /root/.config/syncthing syncthingconfig
+ function_check backup_directory_to_usb
+ backup_directory_to_usb /var/lib/syncthing/SyncShared syncthingshared
+ backup_directory_to_usb /root/.config/syncthing syncthingconfig
- echo $"Backup to syncthing complete"
- fi
+ echo $"Backup to syncthing complete"
+ fi
}
function restore_local_syncthing {
- if [ -f /etc/systemd/system/syncthing.service ]; then
- systemctl stop syncthing
- systemctl stop cron
+ if [ -f /etc/systemd/system/syncthing.service ]; then
+ systemctl stop syncthing
+ systemctl stop cron
+ fi
+
+ temp_restore_dir=/root/tempsyncthing
+ if [ -d $USB_MOUNT/backup/syncthingconfig ]; then
+ echo $"Restoring syncthing configuration"
+ function_check restore_directory_from_usb
+ restore_directory_from_usb ${temp_restore_dir}config syncthingconfig
+ cp -r ${temp_restore_dir}config/* /
+ if [ ! "$?" = "0" ]; then
+ set_user_permissions
+ backup_unmount_drive
+ systemctl start syncthing
+ systemctl start cron
+ exit 6833
fi
-
- temp_restore_dir=/root/tempsyncthing
- if [ -d $USB_MOUNT/backup/syncthingconfig ]; then
- echo $"Restoring syncthing configuration"
- function_check restore_directory_from_usb
- restore_directory_from_usb ${temp_restore_dir}config syncthingconfig
- cp -r ${temp_restore_dir}config/* /
- if [ ! "$?" = "0" ]; then
- set_user_permissions
- backup_unmount_drive
- systemctl start syncthing
- systemctl start cron
- exit 6833
- fi
- rm -rf ${temp_restore_dir}config
+ rm -rf ${temp_restore_dir}config
+ fi
+
+ if [ -d $USB_MOUNT/backup/syncthingshared ]; then
+ echo $"Restoring syncthing shared files"
+ restore_directory_from_usb ${temp_restore_dir}shared syncthingshared
+ cp -r ${temp_restore_dir}shared/* /
+ if [ ! "$?" = "0" ]; then
+ set_user_permissions
+ backup_unmount_drive
+ systemctl start syncthing
+ systemctl start cron
+ exit 37904
fi
-
- if [ -d $USB_MOUNT/backup/syncthingshared ]; then
- echo $"Restoring syncthing shared files"
- restore_directory_from_usb ${temp_restore_dir}shared syncthingshared
- cp -r ${temp_restore_dir}shared/* /
+ rm -rf ${temp_restore_dir}shared
+ fi
+
+ if [ -d $USB_MOUNT/backup/syncthing ]; then
+ for d in $USB_MOUNT/backup/syncthing/*/ ; do
+ USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
+ if [[ $USERNAME != "git" && $USERNAME != "mirrors" && $USERNAME != "sync" ]]; then
+ if [ ! -d /home/$USERNAME ]; then
+ ${PROJECT_NAME}-adduser $USERNAME
+ fi
+ echo $"Restoring syncthing files for $USERNAME"
+ restore_directory_from_usb ${temp_restore_dir} syncthing/$USERNAME
+ cp -r ${temp_restore_dir}/home/$USERNAME/Sync /home/$USERNAME/
if [ ! "$?" = "0" ]; then
- set_user_permissions
- backup_unmount_drive
- systemctl start syncthing
- systemctl start cron
- exit 37904
+ rm -rf ${temp_restore_dir}
+ set_user_permissions
+ backup_unmount_drive
+ systemctl start syncthing
+ systemctl start cron
+ exit 68438
fi
- rm -rf ${temp_restore_dir}shared
- fi
+ rm -rf ${temp_restore_dir}
- if [ -d $USB_MOUNT/backup/syncthing ]; then
- for d in $USB_MOUNT/backup/syncthing/*/ ; do
- USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
- if [[ $USERNAME != "git" && $USERNAME != "mirrors" && $USERNAME != "sync" ]]; then
- if [ ! -d /home/$USERNAME ]; then
- ${PROJECT_NAME}-adduser $USERNAME
- fi
- echo $"Restoring syncthing files for $USERNAME"
- restore_directory_from_usb ${temp_restore_dir} syncthing/$USERNAME
- cp -r ${temp_restore_dir}/home/$USERNAME/Sync /home/$USERNAME/
- if [ ! "$?" = "0" ]; then
- rm -rf ${temp_restore_dir}
- set_user_permissions
- backup_unmount_drive
- systemctl start syncthing
- systemctl start cron
- exit 68438
- fi
- rm -rf ${temp_restore_dir}
-
- # restore device IDs from config settings
- if [ -f /home/$USERNAME/.config/syncthing/.syncthing-server-id ]; then
- cp /home/$USERNAME/.config/syncthing/.syncthing-server-id /home/$USERNAME/.syncthing-server-id
- chown $USERNAME:$USERNAME /home/$USERNAME/.syncthing-server-id
- fi
- if [ -f /home/$USERNAME/.config/syncthing/.syncthingids ]; then
- cp /home/$USERNAME/.config/syncthing/.syncthingids /home/$USERNAME/.syncthingids
- chown $USERNAME:$USERNAME /home/$USERNAME/.syncthingids
- fi
- fi
- done
- fi
+ # restore device IDs from config settings
+ if [ -f /home/$USERNAME/.config/syncthing/.syncthing-server-id ]; then
+ cp /home/$USERNAME/.config/syncthing/.syncthing-server-id /home/$USERNAME/.syncthing-server-id
+ chown $USERNAME:$USERNAME /home/$USERNAME/.syncthing-server-id
+ fi
+ if [ -f /home/$USERNAME/.config/syncthing/.syncthingids ]; then
+ cp /home/$USERNAME/.config/syncthing/.syncthingids /home/$USERNAME/.syncthingids
+ chown $USERNAME:$USERNAME /home/$USERNAME/.syncthingids
+ fi
+ fi
+ done
+ fi
- if [ -f /etc/systemd/system/syncthing.service ]; then
- systemctl start syncthing
- systemctl start cron
- fi
+ if [ -f /etc/systemd/system/syncthing.service ]; then
+ systemctl start syncthing
+ systemctl start cron
+ fi
}
function backup_remote_syncthing {
- if [ -d /root/.config/syncthing ]; then
- echo $"Backing up syncthing configuration"
- function_check backup_directory_to_friend
- backup_directory_to_friend /root/.config/syncthing syncthingconfig
- echo $"Backup of syncthing configuration complete"
- fi
- if [ -d /var/lib/syncthing/SyncShared ]; then
- echo $"Backing up syncthing shared files"
- function_check backup_directory_to_friend
- backup_directory_to_friend /var/lib/syncthing/SyncShared syncthingshared
- echo $"Backup of syncthing shared files complete"
- fi
+ if [ -d /root/.config/syncthing ]; then
+ echo $"Backing up syncthing configuration"
+ function_check backup_directory_to_friend
+ backup_directory_to_friend /root/.config/syncthing syncthingconfig
+ echo $"Backup of syncthing configuration complete"
+ fi
+ if [ -d /var/lib/syncthing/SyncShared ]; then
+ echo $"Backing up syncthing shared files"
+ function_check backup_directory_to_friend
+ backup_directory_to_friend /var/lib/syncthing/SyncShared syncthingshared
+ echo $"Backup of syncthing shared files complete"
+ fi
}
function restore_remote_syncthing {
- if [ -f /etc/systemd/system/syncthing.service ]; then
- systemctl stop syncthing
- systemctl stop cron
+ if [ -f /etc/systemd/system/syncthing.service ]; then
+ systemctl stop syncthing
+ systemctl stop cron
+ fi
+
+ if [ -d $SERVER_DIRECTORY/backup/syncthingconfig ]; then
+ echo $"Restoring syncthing configuration"
+ temp_restore_dir=/root/tempsyncthingconfig
+ function_check restore_directory_from_friend
+ restore_directory_from_friend $temp_restore_dir syncthingconfig
+ cp -r $temp_restore_dir/* /
+ if [ ! "$?" = "0" ]; then
+ systemctl start syncthing
+ systemctl start cron
+ exit 6833
fi
-
- if [ -d $SERVER_DIRECTORY/backup/syncthingconfig ]; then
- echo $"Restoring syncthing configuration"
- temp_restore_dir=/root/tempsyncthingconfig
- function_check restore_directory_from_friend
- restore_directory_from_friend $temp_restore_dir syncthingconfig
- cp -r $temp_restore_dir/* /
- if [ ! "$?" = "0" ]; then
- systemctl start syncthing
- systemctl start cron
- exit 6833
- fi
- rm -rf $temp_restore_dir
+ rm -rf $temp_restore_dir
+ fi
+
+ if [ -d $SERVER_DIRECTORY/backup/syncthingshared ]; then
+ echo $"Restoring syncthing shared files"
+ temp_restore_dir=/root/tempsyncthingshared
+ function_check restore_directory_from_friend
+ restore_directory_from_friend $temp_restore_dir syncthingshared
+ cp -r $temp_restore_dir/* /
+ if [ ! "$?" = "0" ]; then
+ systemctl start syncthing
+ systemctl start cron
+ exit 37904
fi
-
- if [ -d $SERVER_DIRECTORY/backup/syncthingshared ]; then
- echo $"Restoring syncthing shared files"
- temp_restore_dir=/root/tempsyncthingshared
+ rm -rf $temp_restore_dir
+ fi
+
+ if [ -d $SERVER_DIRECTORY/backup/syncthing ]; then
+ for d in $SERVER_DIRECTORY/backup/syncthing/*/ ; do
+ USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
+ if [[ $USERNAME != "git" && $USERNAME != "mirrors" && $USERNAME != "sync" ]]; then
+ if [ ! -d /home/$USERNAME ]; then
+ ${PROJECT_NAME}-adduser $USERNAME
+ fi
+ echo $"Restoring syncthing files for $USERNAME"
+ temp_restore_dir=/root/tempsyncthing
function_check restore_directory_from_friend
- restore_directory_from_friend $temp_restore_dir syncthingshared
- cp -r $temp_restore_dir/* /
+ restore_directory_from_friend $temp_restore_dir syncthing/$USERNAME
+ cp -r $temp_restore_dir/home/$USERNAME/Sync /home/$USERNAME/
if [ ! "$?" = "0" ]; then
- systemctl start syncthing
- systemctl start cron
- exit 37904
+ rm -rf $temp_restore_dir
+ systemctl start syncthing
+ systemctl start cron
+ exit 68438
fi
rm -rf $temp_restore_dir
- fi
- if [ -d $SERVER_DIRECTORY/backup/syncthing ]; then
- for d in $SERVER_DIRECTORY/backup/syncthing/*/ ; do
- USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
- if [[ $USERNAME != "git" && $USERNAME != "mirrors" && $USERNAME != "sync" ]]; then
- if [ ! -d /home/$USERNAME ]; then
- ${PROJECT_NAME}-adduser $USERNAME
- fi
- echo $"Restoring syncthing files for $USERNAME"
- temp_restore_dir=/root/tempsyncthing
- function_check restore_directory_from_friend
- restore_directory_from_friend $temp_restore_dir syncthing/$USERNAME
- cp -r $temp_restore_dir/home/$USERNAME/Sync /home/$USERNAME/
- if [ ! "$?" = "0" ]; then
- rm -rf $temp_restore_dir
- systemctl start syncthing
- systemctl start cron
- exit 68438
- fi
- rm -rf $temp_restore_dir
-
- # restore device IDs from config settings
- if [ -f /home/$USERNAME/.config/syncthing/.syncthing-server-id ]; then
- cp /home/$USERNAME/.config/syncthing/.syncthing-server-id /home/$USERNAME/.syncthing-server-id
- chown $USERNAME:$USERNAME /home/$USERNAME/.syncthing-server-id
- fi
- if [ -f /home/$USERNAME/.config/syncthing/.syncthingids ]; then
- cp /home/$USERNAME/.config/syncthing/.syncthingids /home/$USERNAME/.syncthingids
- chown $USERNAME:$USERNAME /home/$USERNAME/.syncthingids
- fi
- echo $"Restore of syncthing files for $USERNAME complete"
- fi
- done
- fi
+ # restore device IDs from config settings
+ if [ -f /home/$USERNAME/.config/syncthing/.syncthing-server-id ]; then
+ cp /home/$USERNAME/.config/syncthing/.syncthing-server-id /home/$USERNAME/.syncthing-server-id
+ chown $USERNAME:$USERNAME /home/$USERNAME/.syncthing-server-id
+ fi
+ if [ -f /home/$USERNAME/.config/syncthing/.syncthingids ]; then
+ cp /home/$USERNAME/.config/syncthing/.syncthingids /home/$USERNAME/.syncthingids
+ chown $USERNAME:$USERNAME /home/$USERNAME/.syncthingids
+ fi
+ echo $"Restore of syncthing files for $USERNAME complete"
+ fi
+ done
+ fi
- if [ -f /etc/systemd/system/syncthing.service ]; then
- systemctl start syncthing
- systemctl start cron
- fi
+ if [ -f /etc/systemd/system/syncthing.service ]; then
+ systemctl start syncthing
+ systemctl start cron
+ fi
}
function remove_syncthing {
- if ! grep -Fxq "install_syncthing" $COMPLETION_FILE; then
- return
- fi
- iptables -D INPUT -p udp --dport $SYNCTHING_PORT -j ACCEPT
- iptables -D INPUT -p tcp --dport $SYNCTHING_PORT -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
-
- systemctl stop syncthing
- systemctl disable syncthing
- apt-get -y remove --purge syncthing
- rm /etc/systemd/system/syncthing.service
- sed -i "/${PROJECT_NAME}-syncthing/d" /etc/crontab
- sed -i '/install_syncthing/d' $COMPLETION_FILE
- sed -i '/configure_firewall_for_syncthing/d' $COMPLETION_FILE
- systemctl restart cron
+ if ! grep -Fxq "install_syncthing" $COMPLETION_FILE; then
+ return
+ fi
+ iptables -D INPUT -p udp --dport $SYNCTHING_PORT -j ACCEPT
+ iptables -D INPUT -p tcp --dport $SYNCTHING_PORT -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+
+ systemctl stop syncthing
+ systemctl disable syncthing
+ apt-get -y remove --purge syncthing
+ rm /etc/systemd/system/syncthing.service
+ sed -i "/${PROJECT_NAME}-syncthing/d" /etc/crontab
+ sed -i '/install_syncthing/d' $COMPLETION_FILE
+ sed -i '/configure_firewall_for_syncthing/d' $COMPLETION_FILE
+ systemctl restart cron
}
function configure_firewall_for_syncthing {
- if grep -Fxq "configure_firewall_for_syncthing" $COMPLETION_FILE; then
- return
- fi
- iptables -A INPUT -p udp --dport $SYNCTHING_PORT -j ACCEPT
- iptables -A INPUT -p tcp --dport $SYNCTHING_PORT -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
-
- OPEN_PORTS+=("Syncthing $SYNCTHING_PORT")
- echo 'configure_firewall_for_syncthing' >> $COMPLETION_FILE
+ if grep -Fxq "configure_firewall_for_syncthing" $COMPLETION_FILE; then
+ return
+ fi
+ iptables -A INPUT -p udp --dport $SYNCTHING_PORT -j ACCEPT
+ iptables -A INPUT -p tcp --dport $SYNCTHING_PORT -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+
+ OPEN_PORTS+=("Syncthing $SYNCTHING_PORT")
+ echo 'configure_firewall_for_syncthing' >> $COMPLETION_FILE
}
function mesh_install_syncthing {
- chroot "$rootdir" wget -q https://syncthing.net/release-key.txt -O- | apt-key add -
-
- echo "deb http://apt.syncthing.net/ syncthing release" | tee $rootdir/etc/apt/sources.list.d/syncthing.list
- chroot "$rootdir" apt-get update
- chroot "$rootdir" apt-get -y --force-yes install syncthing
-
- # This probably does need to run as root so that it can access the Sync directories
- # in each user's home directory
- echo '[Unit]' > $rootdir/etc/systemd/system/syncthing.service
- echo 'Description=Syncthing - Open Source Continuous File Synchronization' >> $rootdir/etc/systemd/system/syncthing.service
- echo 'Documentation=man:syncthing(1)' >> $rootdir/etc/systemd/system/syncthing.service
- echo 'After=network.target' >> $rootdir/etc/systemd/system/syncthing.service
- echo 'Wants=syncthing-inotify@.service' >> $rootdir/etc/systemd/system/syncthing.service
- echo '' >> $rootdir/etc/systemd/system/syncthing.service
- echo '[Service]' >> $rootdir/etc/systemd/system/syncthing.service
- echo 'User=root' >> $rootdir/etc/systemd/system/syncthing.service
- echo "Environment='all_proxy=socks5://localhost:9050'" >> $rootdir/etc/systemd/system/syncthing.service
- echo 'ExecStart=/usr/bin/syncthing -no-browser -no-restart -logflags=0' >> $rootdir/etc/systemd/system/syncthing.service
- echo 'Restart=on-failure' >> $rootdir/etc/systemd/system/syncthing.service
- echo 'SuccessExitStatus=3 4' >> $rootdir/etc/systemd/system/syncthing.service
- echo 'RestartForceExitStatus=3 4' >> $rootdir/etc/systemd/system/syncthing.service
- echo '' >> $rootdir/etc/systemd/system/syncthing.service
- echo '[Install]' >> $rootdir/etc/systemd/system/syncthing.service
- echo 'WantedBy=multi-user.target' >> $rootdir/etc/systemd/system/syncthing.service
- chroot "$rootdir" systemctl enable syncthing
-
- if ! grep -q "syncthing" $rootdir/etc/crontab; then
- echo "*/1 * * * * root /usr/local/bin/${PROJECT_NAME}-syncthing > /dev/null" >> $rootdir/etc/crontab
- fi
-
- echo 'mesh_install_syncthing'
+ chroot "$rootdir" wget -q https://syncthing.net/release-key.txt -O- | apt-key add -
+
+ echo "deb http://apt.syncthing.net/ syncthing release" | tee $rootdir/etc/apt/sources.list.d/syncthing.list
+ chroot "$rootdir" apt-get update
+ chroot "$rootdir" apt-get -y --force-yes install syncthing
+
+ # This probably does need to run as root so that it can access the Sync directories
+ # in each user's home directory
+ echo '[Unit]' > $rootdir/etc/systemd/system/syncthing.service
+ echo 'Description=Syncthing - Open Source Continuous File Synchronization' >> $rootdir/etc/systemd/system/syncthing.service
+ echo 'Documentation=man:syncthing(1)' >> $rootdir/etc/systemd/system/syncthing.service
+ echo 'After=network.target' >> $rootdir/etc/systemd/system/syncthing.service
+ echo 'Wants=syncthing-inotify@.service' >> $rootdir/etc/systemd/system/syncthing.service
+ echo '' >> $rootdir/etc/systemd/system/syncthing.service
+ echo '[Service]' >> $rootdir/etc/systemd/system/syncthing.service
+ echo 'User=root' >> $rootdir/etc/systemd/system/syncthing.service
+ echo "Environment='all_proxy=socks5://localhost:9050'" >> $rootdir/etc/systemd/system/syncthing.service
+ echo 'ExecStart=/usr/bin/syncthing -no-browser -no-restart -logflags=0' >> $rootdir/etc/systemd/system/syncthing.service
+ echo 'Restart=on-failure' >> $rootdir/etc/systemd/system/syncthing.service
+ echo 'SuccessExitStatus=3 4' >> $rootdir/etc/systemd/system/syncthing.service
+ echo 'RestartForceExitStatus=3 4' >> $rootdir/etc/systemd/system/syncthing.service
+ echo '' >> $rootdir/etc/systemd/system/syncthing.service
+ echo '[Install]' >> $rootdir/etc/systemd/system/syncthing.service
+ echo 'WantedBy=multi-user.target' >> $rootdir/etc/systemd/system/syncthing.service
+ chroot "$rootdir" systemctl enable syncthing
+
+ if ! grep -q "syncthing" $rootdir/etc/crontab; then
+ echo "*/1 * * * * root /usr/local/bin/${PROJECT_NAME}-syncthing > /dev/null" >> $rootdir/etc/crontab
+ fi
+
+ echo 'mesh_install_syncthing'
}
function install_syncthing {
- if [ $INSTALLING_MESH ]; then
- mesh_install_syncthing
- return
- fi
-
- if grep -Fxq "install_syncthing" $COMPLETION_FILE; then
- return
- fi
-
- apt-get -y install curl
-
- curl -s https://syncthing.net/release-key.txt | apt-key add -
- echo "deb http://apt.syncthing.net/ syncthing release" | tee /etc/apt/sources.list.d/syncthing.list
- apt-get update
- apt-get -y install syncthing
-
- # This probably does need to run as root so that it can access the Sync directories
- # in each user's home directory
- echo '[Unit]' > /etc/systemd/system/syncthing.service
- echo 'Description=Syncthing - Open Source Continuous File Synchronization' >> /etc/systemd/system/syncthing.service
- echo 'Documentation=man:syncthing(1)' >> /etc/systemd/system/syncthing.service
- echo 'After=network.target' >> /etc/systemd/system/syncthing.service
- echo 'Wants=syncthing-inotify@.service' >> /etc/systemd/system/syncthing.service
- echo '' >> /etc/systemd/system/syncthing.service
- echo '[Service]' >> /etc/systemd/system/syncthing.service
- echo 'User=root' >> /etc/systemd/system/syncthing.service
- echo "Environment='all_proxy=socks5://localhost:9050'" >> /etc/systemd/system/syncthing.service
- echo 'ExecStart=/usr/bin/syncthing -no-browser -no-restart -logflags=0' >> /etc/systemd/system/syncthing.service
- echo 'Restart=on-failure' >> /etc/systemd/system/syncthing.service
- echo 'SuccessExitStatus=3 4' >> /etc/systemd/system/syncthing.service
- echo 'RestartForceExitStatus=3 4' >> /etc/systemd/system/syncthing.service
- echo '' >> /etc/systemd/system/syncthing.service
- echo '[Install]' >> /etc/systemd/system/syncthing.service
- echo 'WantedBy=multi-user.target' >> /etc/systemd/system/syncthing.service
- systemctl enable syncthing
- systemctl daemon-reload
- systemctl start syncthing
-
- function_check cron_add_mins
- cron_add_mins 1 "/usr/local/bin/${PROJECT_NAME}-syncthing > /dev/null"
-
- function_check configure_firewall_for_syncthing
- configure_firewall_for_syncthing
- echo 'install_syncthing' >> $COMPLETION_FILE
+ if [ $INSTALLING_MESH ]; then
+ mesh_install_syncthing
+ return
+ fi
+
+ if grep -Fxq "install_syncthing" $COMPLETION_FILE; then
+ return
+ fi
+
+ apt-get -y install curl
+
+ curl -s https://syncthing.net/release-key.txt | apt-key add -
+ echo "deb http://apt.syncthing.net/ syncthing release" | tee /etc/apt/sources.list.d/syncthing.list
+ apt-get update
+ apt-get -y install syncthing
+
+ # This probably does need to run as root so that it can access the Sync directories
+ # in each user's home directory
+ echo '[Unit]' > /etc/systemd/system/syncthing.service
+ echo 'Description=Syncthing - Open Source Continuous File Synchronization' >> /etc/systemd/system/syncthing.service
+ echo 'Documentation=man:syncthing(1)' >> /etc/systemd/system/syncthing.service
+ echo 'After=network.target' >> /etc/systemd/system/syncthing.service
+ echo 'Wants=syncthing-inotify@.service' >> /etc/systemd/system/syncthing.service
+ echo '' >> /etc/systemd/system/syncthing.service
+ echo '[Service]' >> /etc/systemd/system/syncthing.service
+ echo 'User=root' >> /etc/systemd/system/syncthing.service
+ echo "Environment='all_proxy=socks5://localhost:9050'" >> /etc/systemd/system/syncthing.service
+ echo 'ExecStart=/usr/bin/syncthing -no-browser -no-restart -logflags=0' >> /etc/systemd/system/syncthing.service
+ echo 'Restart=on-failure' >> /etc/systemd/system/syncthing.service
+ echo 'SuccessExitStatus=3 4' >> /etc/systemd/system/syncthing.service
+ echo 'RestartForceExitStatus=3 4' >> /etc/systemd/system/syncthing.service
+ echo '' >> /etc/systemd/system/syncthing.service
+ echo '[Install]' >> /etc/systemd/system/syncthing.service
+ echo 'WantedBy=multi-user.target' >> /etc/systemd/system/syncthing.service
+ systemctl enable syncthing
+ systemctl daemon-reload
+ systemctl start syncthing
+
+ function_check cron_add_mins
+ cron_add_mins 1 "/usr/local/bin/${PROJECT_NAME}-syncthing > /dev/null"
+
+ function_check configure_firewall_for_syncthing
+ configure_firewall_for_syncthing
+ echo 'install_syncthing' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-tox b/src/freedombone-app-tox
index c9f94a8fe..ad0070a3c 100755
--- a/src/freedombone-app-tox
+++ b/src/freedombone-app-tox
@@ -47,344 +47,344 @@ TOXIC_COMMIT='cf16849b374e484a33a4dffa3dfb937b59d537f2'
TOXIC_FILE=/usr/local/bin/toxic
function reconfigure_tox {
- echo -n ''
+ echo -n ''
}
function upgrade_tox {
- if ! grep -Fxq "install_tox" $COMPLETION_FILE; then
- return
- fi
- function_check set_repo_commit
- set_repo_commit $INSTALL_DIR/toxcore "toxcore commit" "$TOXCORE_COMMIT" $TOXCORE_REPO
-
- function_check set_repo_commit
- set_repo_commit $INSTALL_DIR/toxic "Toxic commit" "$TOXIC_COMMIT" $TOXIC_REPO
+ if ! grep -Fxq "install_tox" $COMPLETION_FILE; then
+ return
+ fi
+ function_check set_repo_commit
+ set_repo_commit $INSTALL_DIR/toxcore "toxcore commit" "$TOXCORE_COMMIT" $TOXCORE_REPO
+
+ function_check set_repo_commit
+ set_repo_commit $INSTALL_DIR/toxic "Toxic commit" "$TOXIC_COMMIT" $TOXIC_REPO
}
function backup_local_tox {
- if [ -d /var/lib/tox-bootstrapd ]; then
- echo $"Backing up Tox"
+ if [ -d /var/lib/tox-bootstrapd ]; then
+ echo $"Backing up Tox"
- if [ -d /var/lib/tox-bootstrapd ]; then
- cp /etc/tox-bootstrapd.conf /var/lib/tox-bootstrapd
- if [ -d /var/lib/tox-bootstrapd/Maildir ]; then
- rm -rf /var/lib/tox-bootstrapd/Maildir
- fi
- fi
+ if [ -d /var/lib/tox-bootstrapd ]; then
+ cp /etc/tox-bootstrapd.conf /var/lib/tox-bootstrapd
+ if [ -d /var/lib/tox-bootstrapd/Maildir ]; then
+ rm -rf /var/lib/tox-bootstrapd/Maildir
+ fi
+ fi
- function_check backup_directory_to_usb
- backup_directory_to_usb /var/lib/tox-bootstrapd tox
+ function_check backup_directory_to_usb
+ backup_directory_to_usb /var/lib/tox-bootstrapd tox
- echo $"Backup of Tox complete"
- fi
+ echo $"Backup of Tox complete"
+ fi
}
function restore_local_tox {
- if [ -d $USB_MOUNT/backup/tox ]; then
- echo $"Restoring Tox node settings"
- function_check restore_directory_from_usb
- restore_directory_from_usb / tox
- if [ ! "$?" = "0" ]; then
- function_check set_user_permissions
- set_user_permissions
- function_check backup_unmount_drive
- backup_unmount_drive
- exit 6393
- fi
- cp /var/lib/tox-bootstrapd/tox-bootstrapd.conf /etc/tox-bootstrapd.conf
- systemctl restart tox-bootstrapd.service
- if [ ! "$?" = "0" ]; then
- systemctl status tox-bootstrapd.service
- function_check set_user_permissions
- set_user_permissions
- function_check backup_unmount_drive
- backup_unmount_drive
- exit 59369
- fi
+ if [ -d $USB_MOUNT/backup/tox ]; then
+ echo $"Restoring Tox node settings"
+ function_check restore_directory_from_usb
+ restore_directory_from_usb / tox
+ if [ ! "$?" = "0" ]; then
+ function_check set_user_permissions
+ set_user_permissions
+ function_check backup_unmount_drive
+ backup_unmount_drive
+ exit 6393
fi
+ cp /var/lib/tox-bootstrapd/tox-bootstrapd.conf /etc/tox-bootstrapd.conf
+ systemctl restart tox-bootstrapd.service
+ if [ ! "$?" = "0" ]; then
+ systemctl status tox-bootstrapd.service
+ function_check set_user_permissions
+ set_user_permissions
+ function_check backup_unmount_drive
+ backup_unmount_drive
+ exit 59369
+ fi
+ fi
}
function backup_remote_tox {
- if [ -d /var/lib/tox-bootstrapd ]; then
- echo "Backing up Tox node settings"
- if [ -d /var/lib/tox-bootstrapd/Maildir ]; then
- rm -rf /var/lib/tox-bootstrapd/Maildir
- fi
- cp /etc/tox-bootstrapd.conf /var/lib/tox-bootstrapd
- backup_directory_to_friend /var/lib/tox-bootstrapd tox
- echo "Backup of Tox node settings complete"
- fi
+ if [ -d /var/lib/tox-bootstrapd ]; then
+ echo "Backing up Tox node settings"
+ if [ -d /var/lib/tox-bootstrapd/Maildir ]; then
+ rm -rf /var/lib/tox-bootstrapd/Maildir
+ fi
+ cp /etc/tox-bootstrapd.conf /var/lib/tox-bootstrapd
+ backup_directory_to_friend /var/lib/tox-bootstrapd tox
+ echo "Backup of Tox node settings complete"
+ fi
}
function restore_remote_tox {
- if [ -d $SERVER_DIRECTORY/backup/tox ]; then
- echo $"Restoring Tox node settings"
- function_check restore_directory_from_friend
- restore_directory_from_friend / tox
- if [ ! "$?" = "0" ]; then
- exit 93653
- fi
- cp /var/lib/tox-bootstrapd/tox-bootstrapd.conf /etc/tox-bootstrapd.conf
- systemctl restart tox-bootstrapd.service
- if [ ! "$?" = "0" ]; then
- systemctl status tox-bootstrapd.service
- exit 59369
- fi
- echo $"Restore of Tox node complete"
+ if [ -d $SERVER_DIRECTORY/backup/tox ]; then
+ echo $"Restoring Tox node settings"
+ function_check restore_directory_from_friend
+ restore_directory_from_friend / tox
+ if [ ! "$?" = "0" ]; then
+ exit 93653
fi
+ cp /var/lib/tox-bootstrapd/tox-bootstrapd.conf /etc/tox-bootstrapd.conf
+ systemctl restart tox-bootstrapd.service
+ if [ ! "$?" = "0" ]; then
+ systemctl status tox-bootstrapd.service
+ exit 59369
+ fi
+ echo $"Restore of Tox node complete"
+ fi
}
function remove_tox_node {
- if ! grep -Fxq "install_tox_node" $COMPLETION_FILE; then
- return
- fi
-
- iptables -D INPUT -p tcp --dport $TOX_PORT -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
-
- function_check remove_onion_service
- remove_onion_service tox ${TOX_PORT}
-
- ${PROJECT_NAME}-mesh-install -f tox_node --remove yes
- if [ ! "$?" = "0" ]; then
- echo $'Failed to remove tox node'
- exit 763836
- fi
- sed -i '/install_tox_node/d' $COMPLETION_FILE
- sed -i '/configure_firewall_for_tox/d' $COMPLETION_FILE
+ if ! grep -Fxq "install_tox_node" $COMPLETION_FILE; then
+ return
+ fi
+
+ iptables -D INPUT -p tcp --dport $TOX_PORT -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+
+ function_check remove_onion_service
+ remove_onion_service tox ${TOX_PORT}
+
+ ${PROJECT_NAME}-mesh-install -f tox_node --remove yes
+ if [ ! "$?" = "0" ]; then
+ echo $'Failed to remove tox node'
+ exit 763836
+ fi
+ sed -i '/install_tox_node/d' $COMPLETION_FILE
+ sed -i '/configure_firewall_for_tox/d' $COMPLETION_FILE
}
function remove_tox_avahi {
- if ! grep -Fxq "tox_avahi" $COMPLETION_FILE; then
- return
- fi
- cd $INSTALL_DIR/toxid
- make uninstall
- rm -rf $INSTALL_DIR/toxid
- sed -i '/toxavahi/d' /etc/crontab
- systemctl restart cron
- sed -i '/tox_avahi/d' $COMPLETION_FILE
+ if ! grep -Fxq "tox_avahi" $COMPLETION_FILE; then
+ return
+ fi
+ cd $INSTALL_DIR/toxid
+ make uninstall
+ rm -rf $INSTALL_DIR/toxid
+ sed -i '/toxavahi/d' /etc/crontab
+ systemctl restart cron
+ sed -i '/tox_avahi/d' $COMPLETION_FILE
}
function remove_tox_client {
- if ! grep -Fxq "install_tox_client" $COMPLETION_FILE; then
- return
- fi
-
- ${PROJECT_NAME}-mesh-install -f tox_client --remove yes
- if [ ! "$?" = "0" ]; then
- echo $'Could not remove Tox client'
- exit 737253
- fi
- sed -i '/install_tox_client/d' $COMPLETION_FILE
- sed -i '/Tox /d' $COMPLETION_FILE
- sed -i '/Toxic /d' $COMPLETION_FILE
+ if ! grep -Fxq "install_tox_client" $COMPLETION_FILE; then
+ return
+ fi
+
+ ${PROJECT_NAME}-mesh-install -f tox_client --remove yes
+ if [ ! "$?" = "0" ]; then
+ echo $'Could not remove Tox client'
+ exit 737253
+ fi
+ sed -i '/install_tox_client/d' $COMPLETION_FILE
+ sed -i '/Tox /d' $COMPLETION_FILE
+ sed -i '/Toxic /d' $COMPLETION_FILE
}
function remove_tox {
- remove_tox_client
- remove_tox_avahi
- remove_tox_node
+ remove_tox_client
+ remove_tox_avahi
+ remove_tox_node
}
function configure_firewall_for_tox {
- if [ ! $INSTALLING_MESH ]; then
- if [ -f $COMPLETION_FILE ]; then
- if grep -Fxq "configure_firewall_for_tox" $COMPLETION_FILE; then
- return
- fi
- fi
- fi
-
- if [[ $INSTALLED_WITHIN_DOCKER == "yes" ]]; then
- # docker does its own firewalling
- return
- fi
- if [[ $ONION_ONLY != "no" ]]; then
- return
- fi
-
- TOX_PORT_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-tox | grep "TOX_PORT=" | head -n 1 | awk -F '=' '{print $2}')
- if [ ${#TOX_PORT_MAIN} -gt 2 ]; then
- TOX_PORT=$TOX_PORT_MAIN
- fi
- if [ ! $TOX_PORT ]; then
- echo $'No Tox port was specified'
- exit 32856
- fi
-
- iptables -A INPUT -p tcp --dport $TOX_PORT -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
-
- OPEN_PORTS+=("Tox $TOX_PORT")
+ if [ ! $INSTALLING_MESH ]; then
if [ -f $COMPLETION_FILE ]; then
- echo 'configure_firewall_for_tox' >> $COMPLETION_FILE
- fi
+ if grep -Fxq "configure_firewall_for_tox" $COMPLETION_FILE; then
+ return
+ fi
+ fi
+ fi
+
+ if [[ $INSTALLED_WITHIN_DOCKER == "yes" ]]; then
+ # docker does its own firewalling
+ return
+ fi
+ if [[ $ONION_ONLY != "no" ]]; then
+ return
+ fi
+
+ TOX_PORT_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-tox | grep "TOX_PORT=" | head -n 1 | awk -F '=' '{print $2}')
+ if [ ${#TOX_PORT_MAIN} -gt 2 ]; then
+ TOX_PORT=$TOX_PORT_MAIN
+ fi
+ if [ ! $TOX_PORT ]; then
+ echo $'No Tox port was specified'
+ exit 32856
+ fi
+
+ iptables -A INPUT -p tcp --dport $TOX_PORT -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+
+ OPEN_PORTS+=("Tox $TOX_PORT")
+ if [ -f $COMPLETION_FILE ]; then
+ echo 'configure_firewall_for_tox' >> $COMPLETION_FILE
+ fi
}
function tox_avahi {
- if [[ $SYSTEM_TYPE != "$VARIANT_MESH" ]]; then
- return
- fi
- if grep -Fxq "tox_avahi" $COMPLETION_FILE; then
- return
- fi
-
- if [ ! -d /etc/avahi ]; then
- echo $'tox_avahi: avahi is not installed'
- exit 87359
- fi
-
- # install a command to obtain the Tox ID
- cd $INSTALL_DIR
- function_check git_clone
- git_clone $TOXID_REPO $INSTALL_DIR/toxid
- if [ ! -d $INSTALL_DIR/toxid ]; then
- exit 63921
- fi
- cd $INSTALL_DIR/toxid
- make
- if [ ! "$?" = "0" ]; then
- exit 58432
- fi
- make install
-
- toxavahi
-
- # publish regularly
- function_check cron_add_mins
- cron_add_mins 1 'toxavahi > /dev/null'
-
- systemctl restart avahi-daemon
-
- echo 'tox_avahi' >> $COMPLETION_FILE
+ if [[ $SYSTEM_TYPE != "$VARIANT_MESH" ]]; then
+ return
+ fi
+ if grep -Fxq "tox_avahi" $COMPLETION_FILE; then
+ return
+ fi
+
+ if [ ! -d /etc/avahi ]; then
+ echo $'tox_avahi: avahi is not installed'
+ exit 87359
+ fi
+
+ # install a command to obtain the Tox ID
+ cd $INSTALL_DIR
+ function_check git_clone
+ git_clone $TOXID_REPO $INSTALL_DIR/toxid
+ if [ ! -d $INSTALL_DIR/toxid ]; then
+ exit 63921
+ fi
+ cd $INSTALL_DIR/toxid
+ make
+ if [ ! "$?" = "0" ]; then
+ exit 58432
+ fi
+ make install
+
+ toxavahi
+
+ # publish regularly
+ function_check cron_add_mins
+ cron_add_mins 1 'toxavahi > /dev/null'
+
+ systemctl restart avahi-daemon
+
+ echo 'tox_avahi' >> $COMPLETION_FILE
}
function install_tox_node {
- if grep -Fxq "install_tox_node" $COMPLETION_FILE; then
- return
- fi
-
- mesh_tox_node
-
- TOX_ONION_HOSTNAME=$(add_onion_service tox ${TOX_PORT} ${TOX_PORT})
-
- if ! grep -q "tox onion domain" $COMPLETION_FILE; then
- echo "tox onion domain:${TOX_ONION_HOSTNAME}" >> $COMPLETION_FILE
- else
- sed -i "s|tox onion domain.*|tox onion domain:${TOX_ONION_HOSTNAME}|g" $COMPLETION_FILE
- fi
-
- systemctl restart tox-bootstrapd.service
-
- TOX_PUBLIC_KEY=$(cat /var/log/syslog | grep tox | grep "Public Key" | awk -F ' ' '{print $8}' | tail -1)
- if [ ${#TOX_PUBLIC_KEY} -lt 30 ]; then
- echo $'Could not obtain the tox node public key'
- exit 6529
- fi
-
- # save the public key for later reference
- echo "$TOX_PUBLIC_KEY" > $TOX_BOOTSTRAP_ID_FILE
-
- function_check configure_firewall_for_tox
- configure_firewall_for_tox
-
- if ! grep -q $"Your Tox node public key is" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo 'Tox' >> /home/$MY_USERNAME/README
- echo '===' >> /home/$MY_USERNAME/README
- echo $"tox onion domain: ${TOX_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
- echo $"Your Tox node public key is: $TOX_PUBLIC_KEY" >> /home/$MY_USERNAME/README
- echo $'In the Toxic client you can connect to it with:' >> /home/$MY_USERNAME/README
- echo " /connect $DEFAULT_DOMAIN_NAME.local $TOX_PORT $TOX_PUBLIC_KEY" >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
- fi
-
- function_check configure_firewall_for_tox
- configure_firewall_for_tox
- echo 'install_tox_node' >> $COMPLETION_FILE
+ if grep -Fxq "install_tox_node" $COMPLETION_FILE; then
+ return
+ fi
+
+ mesh_tox_node
+
+ TOX_ONION_HOSTNAME=$(add_onion_service tox ${TOX_PORT} ${TOX_PORT})
+
+ if ! grep -q "tox onion domain" $COMPLETION_FILE; then
+ echo "tox onion domain:${TOX_ONION_HOSTNAME}" >> $COMPLETION_FILE
+ else
+ sed -i "s|tox onion domain.*|tox onion domain:${TOX_ONION_HOSTNAME}|g" $COMPLETION_FILE
+ fi
+
+ systemctl restart tox-bootstrapd.service
+
+ TOX_PUBLIC_KEY=$(cat /var/log/syslog | grep tox | grep "Public Key" | awk -F ' ' '{print $8}' | tail -1)
+ if [ ${#TOX_PUBLIC_KEY} -lt 30 ]; then
+ echo $'Could not obtain the tox node public key'
+ exit 6529
+ fi
+
+ # save the public key for later reference
+ echo "$TOX_PUBLIC_KEY" > $TOX_BOOTSTRAP_ID_FILE
+
+ function_check configure_firewall_for_tox
+ configure_firewall_for_tox
+
+ if ! grep -q $"Your Tox node public key is" /home/$MY_USERNAME/README; then
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo 'Tox' >> /home/$MY_USERNAME/README
+ echo '===' >> /home/$MY_USERNAME/README
+ echo $"tox onion domain: ${TOX_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
+ echo $"Your Tox node public key is: $TOX_PUBLIC_KEY" >> /home/$MY_USERNAME/README
+ echo $'In the Toxic client you can connect to it with:' >> /home/$MY_USERNAME/README
+ echo " /connect $DEFAULT_DOMAIN_NAME.local $TOX_PORT $TOX_PUBLIC_KEY" >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
+
+ function_check configure_firewall_for_tox
+ configure_firewall_for_tox
+ echo 'install_tox_node' >> $COMPLETION_FILE
}
function install_tox_client {
- if grep -Fxq "install_tox_client" $COMPLETION_FILE; then
- return
- fi
+ if grep -Fxq "install_tox_client" $COMPLETION_FILE; then
+ return
+ fi
- mesh_tox_client
+ mesh_tox_client
- echo 'install_tox_client' >> $COMPLETION_FILE
+ echo 'install_tox_client' >> $COMPLETION_FILE
}
function mesh_tox_node {
- # obtain commits from the main file
- TOXCORE_COMMIT_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-tox | grep "TOXCORE_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
- if [ ${#TOXCORE_COMMIT_MAIN} -gt 10 ]; then
- TOXCORE_COMMIT=$TOXCORE_COMMIT_MAIN
- fi
- if [ ! $TOXCORE_COMMIT ]; then
- echo $'No Tox commit was specified'
- exit 76325
- fi
-
- TOXID_REPO_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-tox | grep "TOXID_REPO=" | head -n 1 | awk -F '"' '{print $2}')
- if [ ${#TOXID_REPO_MAIN} -gt 5 ]; then
- TOXID_REPO=$TOXID_REPO_MAIN
- fi
- if [ ! $TOXID_REPO ]; then
- echo $'No ToxID repo was specified'
- exit 78252
- fi
-
- TOX_PORT_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-tox | grep "TOX_PORT=" | head -n 1 | awk -F '=' '{print $2}')
- if [ ${#TOX_PORT_MAIN} -gt 2 ]; then
- TOX_PORT=$TOX_PORT_MAIN
- fi
- if [ ! $TOX_PORT ]; then
- echo $'No Tox port was specified'
- exit 32856
- fi
-
- TOXCORE_REPO_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-tox | grep "TOXCORE_REPO=" | head -n 1 | awk -F '"' '{print $2}')
- if [ ${#TOXCORE_REPO_MAIN} -gt 10 ]; then
- TOXCORE_REPO=$TOXCORE_REPO_MAIN
- fi
- if [ ! $TOXCORE_REPO ]; then
- echo $'No Tox repo was specified'
- exit 16865
- fi
-
- if [ ! $TOXCORE_COMMIT ]; then
- echo $'No Tox commit was specified'
- exit 76325
- fi
-
- if [ ! $TOXCORE_REPO ]; then
- echo $'No Tox repo was specified'
- exit 16865
- fi
-
- mesh_tox_node_prefix=''
- if [ $rootdir ]; then
- mesh_tox_node_prefix="chroot \"$rootdir\""
- fi
- $mesh_tox_node_prefix apt-get -y install build-essential libtool autotools-dev
- $mesh_tox_node_prefix apt-get -y install automake checkinstall check git yasm
- $mesh_tox_node_prefix apt-get -y install libsodium13 libsodium-dev libcap2-bin
- $mesh_tox_node_prefix apt-get -y install libconfig9 libconfig-dev autoconf
-
- mkdir -p ${rootdir}${INSTALL_DIR}
- git clone ${TOXCORE_REPO} ${rootdir}${INSTALL_DIR}/toxcore
- if [ ! "$?" = "0" ]; then
- exit 429252
- fi
- cd ${rootdir}$INSTALL_DIR/toxcore
- git checkout $TOXCORE_COMMIT -b $TOXCORE_COMMIT
-
- $mesh_tox_node_prefix /bin/bash -x <<EOF
+ # obtain commits from the main file
+ TOXCORE_COMMIT_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-tox | grep "TOXCORE_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
+ if [ ${#TOXCORE_COMMIT_MAIN} -gt 10 ]; then
+ TOXCORE_COMMIT=$TOXCORE_COMMIT_MAIN
+ fi
+ if [ ! $TOXCORE_COMMIT ]; then
+ echo $'No Tox commit was specified'
+ exit 76325
+ fi
+
+ TOXID_REPO_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-tox | grep "TOXID_REPO=" | head -n 1 | awk -F '"' '{print $2}')
+ if [ ${#TOXID_REPO_MAIN} -gt 5 ]; then
+ TOXID_REPO=$TOXID_REPO_MAIN
+ fi
+ if [ ! $TOXID_REPO ]; then
+ echo $'No ToxID repo was specified'
+ exit 78252
+ fi
+
+ TOX_PORT_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-tox | grep "TOX_PORT=" | head -n 1 | awk -F '=' '{print $2}')
+ if [ ${#TOX_PORT_MAIN} -gt 2 ]; then
+ TOX_PORT=$TOX_PORT_MAIN
+ fi
+ if [ ! $TOX_PORT ]; then
+ echo $'No Tox port was specified'
+ exit 32856
+ fi
+
+ TOXCORE_REPO_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-tox | grep "TOXCORE_REPO=" | head -n 1 | awk -F '"' '{print $2}')
+ if [ ${#TOXCORE_REPO_MAIN} -gt 10 ]; then
+ TOXCORE_REPO=$TOXCORE_REPO_MAIN
+ fi
+ if [ ! $TOXCORE_REPO ]; then
+ echo $'No Tox repo was specified'
+ exit 16865
+ fi
+
+ if [ ! $TOXCORE_COMMIT ]; then
+ echo $'No Tox commit was specified'
+ exit 76325
+ fi
+
+ if [ ! $TOXCORE_REPO ]; then
+ echo $'No Tox repo was specified'
+ exit 16865
+ fi
+
+ mesh_tox_node_prefix=''
+ if [ $rootdir ]; then
+ mesh_tox_node_prefix="chroot \"$rootdir\""
+ fi
+ $mesh_tox_node_prefix apt-get -y install build-essential libtool autotools-dev
+ $mesh_tox_node_prefix apt-get -y install automake checkinstall check git yasm
+ $mesh_tox_node_prefix apt-get -y install libsodium13 libsodium-dev libcap2-bin
+ $mesh_tox_node_prefix apt-get -y install libconfig9 libconfig-dev autoconf
+
+ mkdir -p ${rootdir}${INSTALL_DIR}
+ git clone ${TOXCORE_REPO} ${rootdir}${INSTALL_DIR}/toxcore
+ if [ ! "$?" = "0" ]; then
+ exit 429252
+ fi
+ cd ${rootdir}$INSTALL_DIR/toxcore
+ git checkout $TOXCORE_COMMIT -b $TOXCORE_COMMIT
+
+ $mesh_tox_node_prefix /bin/bash -x <<EOF
cd ${INSTALL_DIR}/toxcore
autoreconf -i
./configure --enable-daemon --disable-av
@@ -392,200 +392,200 @@ make
make install
EOF
- cp $rootdir/usr/local/lib/libtoxcore* $rootdir/usr/lib/
- cp ${rootdir}${INSTALL_DIR}/toxcore/other/bootstrap_daemon/tox-bootstrapd.service $rootdir/etc/systemd/system/
- sed -i 's|ExecStart=.*|ExecStart=/usr/local/bin/tox-bootstrapd --config /etc/tox-bootstrapd.conf|g' $rootdir/etc/systemd/system/tox-bootstrapd.service
- $mesh_tox_node_prefix systemctl enable tox-bootstrapd.service
-
- SECONDS=0
- if [ ! -f $rootdir/usr/local/bin/tox-bootstrapd ]; then
- duration=$SECONDS
- echo $"Toxcore compile failed at $(($duration / 60)) minutes and $(($duration % 60)) seconds elapsed."
- echo $'Unable to make toxcore'
- exit 73835
- fi
- duration=$SECONDS
- echo $"Toxcore compile $(($duration / 60)) minutes and $(($duration % 60)) seconds elapsed."
-
- $mesh_tox_node_prefix useradd --home-dir /var/lib/tox-bootstrapd --create-home --system --shell /sbin/nologin --comment $"Account to run Tox's DHT bootstrap daemon" --user-group tox-bootstrapd
- $mesh_tox_node_prefix chmod 700 /var/lib/tox-bootstrapd
-
- # remove Maildir
- if [ -d $rootdir/var/lib/tox-bootstrapd/Maildir ]; then
- rm -rf $rootdir/var/lib/tox-bootstrapd/Maildir
- fi
+ cp $rootdir/usr/local/lib/libtoxcore* $rootdir/usr/lib/
+ cp ${rootdir}${INSTALL_DIR}/toxcore/other/bootstrap_daemon/tox-bootstrapd.service $rootdir/etc/systemd/system/
+ sed -i 's|ExecStart=.*|ExecStart=/usr/local/bin/tox-bootstrapd --config /etc/tox-bootstrapd.conf|g' $rootdir/etc/systemd/system/tox-bootstrapd.service
+ $mesh_tox_node_prefix systemctl enable tox-bootstrapd.service
- # create configuration file
- TOX_BOOTSTRAP_CONFIG=$rootdir/etc/tox-bootstrapd.conf
- echo "port = $TOX_PORT" > $TOX_BOOTSTRAP_CONFIG
- echo 'keys_file_path = "/var/lib/tox-bootstrapd/keys"' >> $TOX_BOOTSTRAP_CONFIG
- echo 'pid_file_path = "/var/run/tox-bootstrapd/tox-bootstrapd.pid"' >> $TOX_BOOTSTRAP_CONFIG
- echo 'enable_ipv6 = true' >> $TOX_BOOTSTRAP_CONFIG
- echo 'enable_ipv4_fallback = true' >> $TOX_BOOTSTRAP_CONFIG
- echo 'enable_lan_discovery = true' >> $TOX_BOOTSTRAP_CONFIG
- echo 'enable_tcp_relay = true' >> $TOX_BOOTSTRAP_CONFIG
- echo "tcp_relay_ports = [443, 3389, $TOX_PORT]" >> $TOX_BOOTSTRAP_CONFIG
- echo 'enable_motd = true' >> $TOX_BOOTSTRAP_CONFIG
- echo 'motd = "tox-bootstrapd"' >> $TOX_BOOTSTRAP_CONFIG
-
- if [ $TOX_NODES ]; then
- echo 'bootstrap_nodes = (' >> $TOX_BOOTSTRAP_CONFIG
- toxcount=0
- while [ "x${TOX_NODES[toxcount]}" != "x" ]
- do
- toxval_ipv4=$(echo $TOX_NODES[toxcount] | awk -F ',' '{print $1}')
- toxval_ipv6=$(echo $TOX_NODES[toxcount] | awk -F ',' '{print $2}')
- toxval_port=$(echo $TOX_NODES[toxcount] | awk -F ',' '{print $3}')
- toxval_pubkey=$(echo $TOX_NODES[toxcount] | awk -F ',' '{print $4}')
- toxval_maintainer=$(echo $TOX_NODES[toxcount] | awk -F ',' '{print $5}')
- echo "{ // $toxval_maintainer" >> $TOX_BOOTSTRAP_CONFIG
- if [[ $toxval_ipv6 != 'NONE' ]]; then
- echo " address = \"$toxval_ipv6\"" >> $TOX_BOOTSTRAP_CONFIG
- else
- echo " address = \"$toxval_ipv4\"" >> $TOX_BOOTSTRAP_CONFIG
- fi
- echo " port = $toxval_port" >> $TOX_BOOTSTRAP_CONFIG
- echo " public_key = \"$toxval_pubkey\"" >> $TOX_BOOTSTRAP_CONFIG
- toxcount=$(( $toxcount + 1 ))
- if [ "x${TOX_NODES[toxcount]}" != "x" ]; then
- echo "}," >> $TOX_BOOTSTRAP_CONFIG
- else
- echo "}" >> $TOX_BOOTSTRAP_CONFIG
- fi
- done
- echo ')' >> $TOX_BOOTSTRAP_CONFIG
- fi
+ SECONDS=0
+ if [ ! -f $rootdir/usr/local/bin/tox-bootstrapd ]; then
+ duration=$SECONDS
+ echo $"Toxcore compile failed at $(($duration / 60)) minutes and $(($duration % 60)) seconds elapsed."
+ echo $'Unable to make toxcore'
+ exit 73835
+ fi
+ duration=$SECONDS
+ echo $"Toxcore compile $(($duration / 60)) minutes and $(($duration % 60)) seconds elapsed."
+
+ $mesh_tox_node_prefix useradd --home-dir /var/lib/tox-bootstrapd --create-home --system --shell /sbin/nologin --comment $"Account to run Tox's DHT bootstrap daemon" --user-group tox-bootstrapd
+ $mesh_tox_node_prefix chmod 700 /var/lib/tox-bootstrapd
+
+ # remove Maildir
+ if [ -d $rootdir/var/lib/tox-bootstrapd/Maildir ]; then
+ rm -rf $rootdir/var/lib/tox-bootstrapd/Maildir
+ fi
+
+ # create configuration file
+ TOX_BOOTSTRAP_CONFIG=$rootdir/etc/tox-bootstrapd.conf
+ echo "port = $TOX_PORT" > $TOX_BOOTSTRAP_CONFIG
+ echo 'keys_file_path = "/var/lib/tox-bootstrapd/keys"' >> $TOX_BOOTSTRAP_CONFIG
+ echo 'pid_file_path = "/var/run/tox-bootstrapd/tox-bootstrapd.pid"' >> $TOX_BOOTSTRAP_CONFIG
+ echo 'enable_ipv6 = true' >> $TOX_BOOTSTRAP_CONFIG
+ echo 'enable_ipv4_fallback = true' >> $TOX_BOOTSTRAP_CONFIG
+ echo 'enable_lan_discovery = true' >> $TOX_BOOTSTRAP_CONFIG
+ echo 'enable_tcp_relay = true' >> $TOX_BOOTSTRAP_CONFIG
+ echo "tcp_relay_ports = [443, 3389, $TOX_PORT]" >> $TOX_BOOTSTRAP_CONFIG
+ echo 'enable_motd = true' >> $TOX_BOOTSTRAP_CONFIG
+ echo 'motd = "tox-bootstrapd"' >> $TOX_BOOTSTRAP_CONFIG
+
+ if [ $TOX_NODES ]; then
+ echo 'bootstrap_nodes = (' >> $TOX_BOOTSTRAP_CONFIG
+ toxcount=0
+ while [ "x${TOX_NODES[toxcount]}" != "x" ]
+ do
+ toxval_ipv4=$(echo $TOX_NODES[toxcount] | awk -F ',' '{print $1}')
+ toxval_ipv6=$(echo $TOX_NODES[toxcount] | awk -F ',' '{print $2}')
+ toxval_port=$(echo $TOX_NODES[toxcount] | awk -F ',' '{print $3}')
+ toxval_pubkey=$(echo $TOX_NODES[toxcount] | awk -F ',' '{print $4}')
+ toxval_maintainer=$(echo $TOX_NODES[toxcount] | awk -F ',' '{print $5}')
+ echo "{ // $toxval_maintainer" >> $TOX_BOOTSTRAP_CONFIG
+ if [[ $toxval_ipv6 != 'NONE' ]]; then
+ echo " address = \"$toxval_ipv6\"" >> $TOX_BOOTSTRAP_CONFIG
+ else
+ echo " address = \"$toxval_ipv4\"" >> $TOX_BOOTSTRAP_CONFIG
+ fi
+ echo " port = $toxval_port" >> $TOX_BOOTSTRAP_CONFIG
+ echo " public_key = \"$toxval_pubkey\"" >> $TOX_BOOTSTRAP_CONFIG
+ toxcount=$(( $toxcount + 1 ))
+ if [ "x${TOX_NODES[toxcount]}" != "x" ]; then
+ echo "}," >> $TOX_BOOTSTRAP_CONFIG
+ else
+ echo "}" >> $TOX_BOOTSTRAP_CONFIG
+ fi
+ done
+ echo ')' >> $TOX_BOOTSTRAP_CONFIG
+ fi
}
function mesh_tox_avahi {
- mesh_tox_avahi_prefix=''
- if [ $rootdir ]; then
- mesh_tox_avahi_prefix="chroot \"$rootdir\""
- fi
-
- if [ ! -d $rootdir/etc/avahi ]; then
- echo $'tox_avahi: avahi is not installed'
- exit 87359
- fi
-
- if [ ! $TOXID_REPO ]; then
- echo $'No ToxID repo was specified'
- exit 78252
- fi
-
- if [ ! -d ${rootdir}${INSTALL_DIR} ]; then
- mkdir -p ${rootdir}${INSTALL_DIR}
- fi
+ mesh_tox_avahi_prefix=''
+ if [ $rootdir ]; then
+ mesh_tox_avahi_prefix="chroot \"$rootdir\""
+ fi
+
+ if [ ! -d $rootdir/etc/avahi ]; then
+ echo $'tox_avahi: avahi is not installed'
+ exit 87359
+ fi
+
+ if [ ! $TOXID_REPO ]; then
+ echo $'No ToxID repo was specified'
+ exit 78252
+ fi
+
+ if [ ! -d ${rootdir}${INSTALL_DIR} ]; then
+ mkdir -p ${rootdir}${INSTALL_DIR}
+ fi
- git clone ${TOXID_REPO} ${rootdir}${INSTALL_DIR}/toxid
- if [ ! -d ${rootdir}${INSTALL_DIR}/toxid ]; then
- echo $'Unable to clone toxid repo'
- exit 768352
- fi
+ git clone ${TOXID_REPO} ${rootdir}${INSTALL_DIR}/toxid
+ if [ ! -d ${rootdir}${INSTALL_DIR}/toxid ]; then
+ echo $'Unable to clone toxid repo'
+ exit 768352
+ fi
- $mesh_tox_avahi_prefix /bin/bash -x <<EOF
+ $mesh_tox_avahi_prefix /bin/bash -x <<EOF
cd ${INSTALL_DIR}/toxid
make
make install
EOF
- if [ ! -f $rootdir/usr/local/bin/toxid ]; then
- echo $'toxid not found'
- exit 74370
- fi
- if [ ! -f $rootdir/usr/local/bin/toxavahi ]; then
- exit 3621729
- fi
- echo "*/1 * * * * root /usr/local/bin/toxavahi > /dev/null" >> $rootdir/etc/crontab
+ if [ ! -f $rootdir/usr/local/bin/toxid ]; then
+ echo $'toxid not found'
+ exit 74370
+ fi
+ if [ ! -f $rootdir/usr/local/bin/toxavahi ]; then
+ exit 3621729
+ fi
+ echo "*/1 * * * * root /usr/local/bin/toxavahi > /dev/null" >> $rootdir/etc/crontab
}
function mesh_tox_client {
- mesh_tox_client_prefix=''
- if [ $rootdir ]; then
- mesh_tox_client_prefix="chroot \"$rootdir\""
- fi
-
- TOXIC_FILE=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-tox | grep "TOXIC_FILE=" | head -n 1 | awk -F '=' '{print $2}')
-
- # obtain commits from the main file
- TOXIC_COMMIT_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-tox | grep "TOXIC_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
- if [ ${#TOXIC_COMMIT_MAIN} -gt 10 ]; then
- TOXIC_COMMIT=$TOXIC_COMMIT_MAIN
- fi
-
- TOXIC_REPO_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-tox | grep "TOXIC_REPO=" | head -n 1 | awk -F '"' '{print $2}')
- if [ ${#TOXIC_REPO_MAIN} -gt 5 ]; then
- TOXIC_REPO=$TOXIC_REPO_MAIN
- fi
-
- $mesh_tox_client_prefix apt-get -y install libncursesw5-dev libconfig-dev libqrencode-dev
- $mesh_tox_client_prefix apt-get -y install libcurl4-openssl-dev libvpx-dev libopenal-dev
-
- TEMP_SCRIPT_NAME=fbtmp728353.sh
- TEMP_SCRIPT=/tmp/$TEMP_SCRIPT_NAME
- echo '#!/bin/bash' > $TEMP_SCRIPT
- echo "mkdir -p $INSTALL_DIR" >> $TEMP_SCRIPT
- echo "git clone $TOXIC_REPO $INSTALL_DIR/toxic" >> $TEMP_SCRIPT
- echo "cd $INSTALL_DIR/toxic" >> $TEMP_SCRIPT
- echo "git checkout $TOXIC_COMMIT -b $TOXIC_COMMIT" >> $TEMP_SCRIPT
- echo 'make' >> $TEMP_SCRIPT
- echo 'if [ ! "$?" = "0" ]; then' >> $TEMP_SCRIPT
- echo ' exit 1' >> $TEMP_SCRIPT
- echo 'fi' >> $TEMP_SCRIPT
- echo 'make install' >> $TEMP_SCRIPT
- echo 'exit 0' >> $TEMP_SCRIPT
- chmod +x $TEMP_SCRIPT
- cp $TEMP_SCRIPT $rootdir/root/
-
- TOXIC_FILE=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-tox | grep "TOXIC_FILE=" | head -n 1 | awk -F '=' '{print $2}')
-
- SECONDS=0
- $mesh_tox_client_prefix /root/$TEMP_SCRIPT_NAME
- if [ ! "$?" = "0" ]; then
- duration=$SECONDS
- echo $"Toxic client compile failed at $(($duration / 60)) minutes and $(($duration % 60)) seconds elapsed."
- echo $'Unable to make tox client'
- rm $TEMP_SCRIPT
- exit 74872
- fi
- rm $TEMP_SCRIPT
- if [ ! -f $rootdir$TOXIC_FILE ]; then
- echo $"Tox client was not installed to $TOXIC_FILE"
- exit 63278
- fi
+ mesh_tox_client_prefix=''
+ if [ $rootdir ]; then
+ mesh_tox_client_prefix="chroot \"$rootdir\""
+ fi
+
+ TOXIC_FILE=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-tox | grep "TOXIC_FILE=" | head -n 1 | awk -F '=' '{print $2}')
+
+ # obtain commits from the main file
+ TOXIC_COMMIT_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-tox | grep "TOXIC_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
+ if [ ${#TOXIC_COMMIT_MAIN} -gt 10 ]; then
+ TOXIC_COMMIT=$TOXIC_COMMIT_MAIN
+ fi
+
+ TOXIC_REPO_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-tox | grep "TOXIC_REPO=" | head -n 1 | awk -F '"' '{print $2}')
+ if [ ${#TOXIC_REPO_MAIN} -gt 5 ]; then
+ TOXIC_REPO=$TOXIC_REPO_MAIN
+ fi
+
+ $mesh_tox_client_prefix apt-get -y install libncursesw5-dev libconfig-dev libqrencode-dev
+ $mesh_tox_client_prefix apt-get -y install libcurl4-openssl-dev libvpx-dev libopenal-dev
+
+ TEMP_SCRIPT_NAME=fbtmp728353.sh
+ TEMP_SCRIPT=/tmp/$TEMP_SCRIPT_NAME
+ echo '#!/bin/bash' > $TEMP_SCRIPT
+ echo "mkdir -p $INSTALL_DIR" >> $TEMP_SCRIPT
+ echo "git clone $TOXIC_REPO $INSTALL_DIR/toxic" >> $TEMP_SCRIPT
+ echo "cd $INSTALL_DIR/toxic" >> $TEMP_SCRIPT
+ echo "git checkout $TOXIC_COMMIT -b $TOXIC_COMMIT" >> $TEMP_SCRIPT
+ echo 'make' >> $TEMP_SCRIPT
+ echo 'if [ ! "$?" = "0" ]; then' >> $TEMP_SCRIPT
+ echo ' exit 1' >> $TEMP_SCRIPT
+ echo 'fi' >> $TEMP_SCRIPT
+ echo 'make install' >> $TEMP_SCRIPT
+ echo 'exit 0' >> $TEMP_SCRIPT
+ chmod +x $TEMP_SCRIPT
+ cp $TEMP_SCRIPT $rootdir/root/
+
+ TOXIC_FILE=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-tox | grep "TOXIC_FILE=" | head -n 1 | awk -F '=' '{print $2}')
+
+ SECONDS=0
+ $mesh_tox_client_prefix /root/$TEMP_SCRIPT_NAME
+ if [ ! "$?" = "0" ]; then
duration=$SECONDS
- echo $"Toxic client compile $(($duration / 60)) minutes and $(($duration % 60)) seconds elapsed."
+ echo $"Toxic client compile failed at $(($duration / 60)) minutes and $(($duration % 60)) seconds elapsed."
+ echo $'Unable to make tox client'
+ rm $TEMP_SCRIPT
+ exit 74872
+ fi
+ rm $TEMP_SCRIPT
+ if [ ! -f $rootdir$TOXIC_FILE ]; then
+ echo $"Tox client was not installed to $TOXIC_FILE"
+ exit 63278
+ fi
+ duration=$SECONDS
+ echo $"Toxic client compile $(($duration / 60)) minutes and $(($duration % 60)) seconds elapsed."
}
function enable_tox_repo {
- echo 'deb http://download.opensuse.org/repositories/home:/antonbatenev:/tox/Debian_8.0/ /' > $rootdir/etc/apt/sources.list.d/tox.list
+ echo 'deb http://download.opensuse.org/repositories/home:/antonbatenev:/tox/Debian_8.0/ /' > $rootdir/etc/apt/sources.list.d/tox.list
- chroot "$rootdir" wget -q http://download.opensuse.org/repositories/home:antonbatenev:tox/Debian_8.0/Release.key -O- | apt-key add -
- chroot "$rootdir" apt-get update
- echo "Tox Repository Installed."
+ chroot "$rootdir" wget -q http://download.opensuse.org/repositories/home:antonbatenev:tox/Debian_8.0/Release.key -O- | apt-key add -
+ chroot "$rootdir" apt-get update
+ echo "Tox Repository Installed."
}
function install_tox {
- if [ ! $INSTALLING_MESH ]; then
- if grep -Fxq "install_tox" $COMPLETION_FILE; then
- return
- fi
+ if [ ! $INSTALLING_MESH ]; then
+ if grep -Fxq "install_tox" $COMPLETION_FILE; then
+ return
fi
+ fi
- configure_firewall_for_tox
+ configure_firewall_for_tox
- if [ $INSTALLING_MESH ]; then
- mesh_tox_node
- mesh_tox_avahi
- mesh_tox_client
- else
- install_tox_node
- tox_avahi
- install_tox_client
- fi
+ if [ $INSTALLING_MESH ]; then
+ mesh_tox_node
+ mesh_tox_avahi
+ mesh_tox_client
+ else
+ install_tox_node
+ tox_avahi
+ install_tox_client
+ fi
- echo 'install_tox' >> $COMPLETION_FILE
+ echo 'install_tox' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-vpn b/src/freedombone-app-vpn
index 60beebf53..f62b49ebd 100755
--- a/src/freedombone-app-vpn
+++ b/src/freedombone-app-vpn
@@ -39,44 +39,44 @@ function upgrade_vpn {
}
function backup_local_vpn {
- echo -n ''
+ echo -n ''
}
function restore_local_vpn {
- echo -n ''
+ echo -n ''
}
function backup_remote_vpn {
- echo -n ''
+ echo -n ''
}
function restore_remote_vpn {
- echo -n ''
+ echo -n ''
}
function remove_vpn {
- apt-get -y remove --purge fastd
- sed -i '/install_vpn/d' $COMPLETION_FILE
+ apt-get -y remove --purge fastd
+ sed -i '/install_vpn/d' $COMPLETION_FILE
}
function install_vpn {
- if grep -Fxq "install_vpn" $COMPLETION_FILE; then
- return
+ if grep -Fxq "install_vpn" $COMPLETION_FILE; then
+ return
+ fi
+ if ! grep -q "repo.universe-factory.net" /etc/apt/sources.list; then
+ echo 'deb http://repo.universe-factory.net/debian/ sid main' >> /etc/apt/sources.list
+ gpg --keyserver pgpkeys.mit.edu --recv-key 16EF3F64CB201D9C
+ if [ ! "$?" = "0" ]; then
+ exit 76272
fi
- if ! grep -q "repo.universe-factory.net" /etc/apt/sources.list; then
- echo 'deb http://repo.universe-factory.net/debian/ sid main' >> /etc/apt/sources.list
- gpg --keyserver pgpkeys.mit.edu --recv-key 16EF3F64CB201D9C
- if [ ! "$?" = "0" ]; then
- exit 76272
- fi
- gpg -a --export 16EF3F64CB201D9C | sudo apt-key add -
- apt-get update
- apt-get -y install fastd
- if [ ! "$?" = "0" ]; then
- exit 52026
- fi
+ gpg -a --export 16EF3F64CB201D9C | sudo apt-key add -
+ apt-get update
+ apt-get -y install fastd
+ if [ ! "$?" = "0" ]; then
+ exit 52026
fi
- echo 'install_vpn' >> $COMPLETION_FILE
+ fi
+ echo 'install_vpn' >> $COMPLETION_FILE
}
# NOTE: deliberately there is no "exit 0"
diff --git a/src/freedombone-app-webmail b/src/freedombone-app-webmail
index 48ae01046..217604e3d 100755
--- a/src/freedombone-app-webmail
+++ b/src/freedombone-app-webmail
@@ -43,198 +43,198 @@ function reconfigure_webmail {
}
function upgrade_webmail {
- if ! grep -Fxq "install_webmail" $COMPLETION_FILE; then
- return
- fi
- function_check set_repo_commit
- set_repo_commit $WEBMAIL_PATH "Webmail commit" "$WEBMAIL_COMMIT" $WEBMAIL_REPO
+ if ! grep -Fxq "install_webmail" $COMPLETION_FILE; then
+ return
+ fi
+ function_check set_repo_commit
+ set_repo_commit $WEBMAIL_PATH "Webmail commit" "$WEBMAIL_COMMIT" $WEBMAIL_REPO
}
function backup_local_webmail {
- if ! grep -q "install_webmail" $COMPLETION_FILE; then
- return
- fi
- echo $"Backing up webmail"
+ if ! grep -q "install_webmail" $COMPLETION_FILE; then
+ return
+ fi
+ echo $"Backing up webmail"
- function_check backup_database_to_usb
- backup_database_to_usb webmail
+ function_check backup_database_to_usb
+ backup_database_to_usb webmail
- echo $"Backing up webmail complete"
+ echo $"Backing up webmail complete"
}
function restore_local_webmail {
- if ! grep -q "install_webmail" $COMPLETION_FILE; then
- return
- fi
- echo $"Restoring webmail"
+ if ! grep -q "install_webmail" $COMPLETION_FILE; then
+ return
+ fi
+ echo $"Restoring webmail"
- function_check restore_database
- restore_database webmail
+ function_check restore_database
+ restore_database webmail
- echo $"Restore of webmail complete"
+ echo $"Restore of webmail complete"
}
function backup_remote_webmail {
- echo -n ''
+ echo -n ''
}
function restore_remote_webmail {
- echo -n ''
+ echo -n ''
}
function remove_webmail {
- if ! grep -Fxq "install_webmail" $COMPLETION_FILE; then
- return
- fi
- nginx_dissite webmail
- if [ -f /etc/nginx/sites-available/webmail ]; then
- rm /etc/nginx/sites-available/webmail
- fi
- function_check remove_onion_service
- remove_onion_service webmail ${WEBMAIL_ONION_PORT}
- function_check drop_database
- drop_database webmail
- if [ -d $WEB_PATH/webmail ]; then
- rm -rf $WEB_PATH/webmail
- fi
- sed -i '/Webmail /d' $COMPLETION_FILE
- sed -i '/install_webmail/d' $COMPLETION_FILE
+ if ! grep -Fxq "install_webmail" $COMPLETION_FILE; then
+ return
+ fi
+ nginx_dissite webmail
+ if [ -f /etc/nginx/sites-available/webmail ]; then
+ rm /etc/nginx/sites-available/webmail
+ fi
+ function_check remove_onion_service
+ remove_onion_service webmail ${WEBMAIL_ONION_PORT}
+ function_check drop_database
+ drop_database webmail
+ if [ -d $WEB_PATH/webmail ]; then
+ rm -rf $WEB_PATH/webmail
+ fi
+ sed -i '/Webmail /d' $COMPLETION_FILE
+ sed -i '/install_webmail/d' $COMPLETION_FILE
}
function install_webmail {
- if grep -Fxq "install_webmail" $COMPLETION_FILE; then
- return
+ if grep -Fxq "install_webmail" $COMPLETION_FILE; then
+ return
+ fi
+ if [ -d /etc/apache2 ]; then
+ rm -rf /etc/apache2
+ echo $'Removed Apache installation after Dokuwiki install'
+ fi
+
+ function_check install_mariadb
+ install_mariadb
+
+ function_check get_mariadb_password
+ get_mariadb_password
+
+ function_check repair_databases_script
+ repair_databases_script
+
+ apt-get -y install php5-common php5-cli php5-curl php5-gd php5-mysql php5-mcrypt git
+ apt-get -y install php5-dev imagemagick php5-imagick php5-sqlite php-auth-sasl php-net-smtp php-mime-type
+ apt-get -y install php-mail-mime php-mail-mimedecode php-net-ldap3 php5-pspell
+ pear install Net_IDNA2
+
+ if [ ! -f $WEBMAIL_PATH/index.php ]; then
+ cd $WEB_PATH
+ git_clone $WEBMAIL_REPO webmail
+ cd $WEBMAIL_PATH
+ git checkout $WEBMAIL_COMMIT -b $WEBMAIL_COMMIT
+ if ! grep -q "Webmail commit" $COMPLETION_FILE; then
+ echo "Webmail commit:$WEBMAIL_COMMIT" >> $COMPLETION_FILE
+ else
+ sed -i "s/Webmail commit.*/Webmail commit:$WEBMAIL_COMMIT/g" $COMPLETION_FILE
fi
- if [ -d /etc/apache2 ]; then
- rm -rf /etc/apache2
- echo $'Removed Apache installation after Dokuwiki install'
+ fi
+ if [ ! -f $WEBMAIL_PATH/index.php ]; then
+ echo $'Did not clone webmail repo'
+ exit 52825
+ fi
+
+ WEBMAIL_ONION_HOSTNAME=$(add_onion_service webmail 80 ${WEBMAIL_ONION_PORT})
+ echo "Webmail onion domain:${WEBMAIL_ONION_HOSTNAME}" >> $COMPLETION_FILE
+
+ function_check get_mariadb_webmail_admin_password
+ get_mariadb_webmail_admin_password
+ if [ ! $WEBMAIL_ADMIN_PASSWORD ]; then
+ if [ -f $IMAGE_PASSWORD_FILE ]; then
+ WEBMAIL_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
+ else
+ WEBMAIL_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
fi
-
- function_check install_mariadb
- install_mariadb
-
- function_check get_mariadb_password
- get_mariadb_password
-
- function_check repair_databases_script
- repair_databases_script
-
- apt-get -y install php5-common php5-cli php5-curl php5-gd php5-mysql php5-mcrypt git
- apt-get -y install php5-dev imagemagick php5-imagick php5-sqlite php-auth-sasl php-net-smtp php-mime-type
- apt-get -y install php-mail-mime php-mail-mimedecode php-net-ldap3 php5-pspell
- pear install Net_IDNA2
-
- if [ ! -f $WEBMAIL_PATH/index.php ]; then
- cd $WEB_PATH
- git_clone $WEBMAIL_REPO webmail
- cd $WEBMAIL_PATH
- git checkout $WEBMAIL_COMMIT -b $WEBMAIL_COMMIT
- if ! grep -q "Webmail commit" $COMPLETION_FILE; then
- echo "Webmail commit:$WEBMAIL_COMMIT" >> $COMPLETION_FILE
- else
- sed -i "s/Webmail commit.*/Webmail commit:$WEBMAIL_COMMIT/g" $COMPLETION_FILE
- fi
- fi
- if [ ! -f $WEBMAIL_PATH/index.php ]; then
- echo $'Did not clone webmail repo'
- exit 52825
- fi
-
- WEBMAIL_ONION_HOSTNAME=$(add_onion_service webmail 80 ${WEBMAIL_ONION_PORT})
- echo "Webmail onion domain:${WEBMAIL_ONION_HOSTNAME}" >> $COMPLETION_FILE
-
- function_check get_mariadb_webmail_admin_password
- get_mariadb_webmail_admin_password
- if [ ! $WEBMAIL_ADMIN_PASSWORD ]; then
- if [ -f $IMAGE_PASSWORD_FILE ]; then
- WEBMAIL_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
- else
- WEBMAIL_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- fi
- fi
- function_check create_database
- create_database webmail "$WEBMAIL_ADMIN_PASSWORD"
- mysql -u root --password="$MARIADB_PASSWORD" -D webmail < $WEBMAIL_PATH/SQL/mysql.initial.sql
-
- if [ ! -d /var/www/$DEFAULT_DOMAIN_NAME/htdocs ]; then
- mkdir -p /var/www/$DEFAULT_DOMAIN_NAME/htdocs
- fi
- ln -s $WEBMAIL_PATH /var/www/$DEFAULT_DOMAIN_NAME/htdocs/webmail
-
- if [ ! -f /var/www/webmail/config/config.inc.php ]; then
- # generate the configuration
- echo '<?php' > /var/www/webmail/config/config.inc.php
- echo "\$config['db_dsnw'] = 'mysql://root:${MARIADB_PASSWORD}@localhost/webmail';" >> /var/www/webmail/config/config.inc.php
- echo "\$config['default_host'] = 'localhost';" >> /var/www/webmail/config/config.inc.php
- echo "\$config['support_url'] = '';" >> /var/www/webmail/config/config.inc.php
- WEBMAIL_DES_KEY="$(create_password 25)"
- echo "\$config['des_key'] = '${WEBMAIL_DES_KEY}';" >> /var/www/webmail/config/config.inc.php
- echo "\$config['product_name'] = '${PROJECT_NAME}';" >> /var/www/webmail/config/config.inc.php
- echo "\$config['plugins'] = array('enigma');" >> /var/www/webmail/config/config.inc.php
- echo "\$config['mime_param_folding'] = 0;" >> /var/www/webmail/config/config.inc.php
- echo "\$config['enable_installer'] = false;" >> /var/www/webmail/config/config.inc.php
- fi
-
- chown -R www-data:www-data $WEBMAIL_PATH
-
- echo 'server {' > /etc/nginx/sites-available/webmail
- echo " listen 127.0.0.1:$WEBMAIL_ONION_PORT default_server;" >> /etc/nginx/sites-available/webmail
- echo " server_name $WEBMAIL_ONION_HOSTNAME;" >> /etc/nginx/sites-available/webmail
- echo " root ${WEBMAIL_PATH};" >> /etc/nginx/sites-available/webmail
- echo ' index index.php index.html index.htm;' >> /etc/nginx/sites-available/webmail
- echo ' access_log off;' >> /etc/nginx/sites-available/webmail
- echo ' error_log off;' >> /etc/nginx/sites-available/webmail
- echo ' location / {' >> /etc/nginx/sites-available/webmail
- echo ' try_files $uri $uri/ /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/webmail
- echo ' }' >> /etc/nginx/sites-available/webmail
- echo ' error_page 404 /404.html;' >> /etc/nginx/sites-available/webmail
- echo ' error_page 500 502 503 504 /50x.html;' >> /etc/nginx/sites-available/webmail
- echo ' location = /50x.html {' >> /etc/nginx/sites-available/webmail
- echo " root ${WEBMAIL_PATH};" >> /etc/nginx/sites-available/webmail
- echo ' }' >> /etc/nginx/sites-available/webmail
- echo ' location ~ ^/(README.md|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {' >> /etc/nginx/sites-available/webmail
- echo ' deny all;' >> /etc/nginx/sites-available/webmail
- echo ' }' >> /etc/nginx/sites-available/webmail
- echo ' location ~ ^/(config|temp|logs)/ {' >> /etc/nginx/sites-available/webmail
- echo ' deny all;' >> /etc/nginx/sites-available/webmail
- echo ' }' >> /etc/nginx/sites-available/webmail
- echo ' location ~ /\. {' >> /etc/nginx/sites-available/webmail
- echo ' deny all;' >> /etc/nginx/sites-available/webmail
- echo ' access_log off;' >> /etc/nginx/sites-available/webmail
- echo ' log_not_found off;' >> /etc/nginx/sites-available/webmail
- echo ' }' >> /etc/nginx/sites-available/webmail
- echo ' location ~ \.php$ {' >> /etc/nginx/sites-available/webmail
- echo ' try_files $uri =404;' >> /etc/nginx/sites-available/webmail
- echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/webmail
- echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/webmail
- echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/webmail
- echo ' include fastcgi_params;' >> /etc/nginx/sites-available/webmail
- echo ' }' >> /etc/nginx/sites-available/webmail
- echo ' add_header X-Frame-Options DENY;' >> /etc/nginx/sites-available/webmail
- echo ' add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/webmail
- echo ' client_max_body_size 15m;' >> /etc/nginx/sites-available/webmail
- echo '}' >> /etc/nginx/sites-available/webmail
-
- nginx_ensite webmail
- systemctl restart php5-fpm
- systemctl restart nginx
-
- if ! grep -q "Webmail" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo 'Webmail' >> /home/$MY_USERNAME/README
- echo '=======' >> /home/$MY_USERNAME/README
- if [[ $ONION_ONLY == 'no' ]]; then
- echo $"Open https://$DEFAULT_DOMAIN_NAME/webmail/index.php" >> /home/$MY_USERNAME/README
- else
- echo $"Open http://$WEBMAIL_ONION_HOSTNAME" >> /home/$MY_USERNAME/README
- fi
- echo $"MariaDB webmail admin password: $WEBMAIL_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
+ fi
+ function_check create_database
+ create_database webmail "$WEBMAIL_ADMIN_PASSWORD"
+ mysql -u root --password="$MARIADB_PASSWORD" -D webmail < $WEBMAIL_PATH/SQL/mysql.initial.sql
+
+ if [ ! -d /var/www/$DEFAULT_DOMAIN_NAME/htdocs ]; then
+ mkdir -p /var/www/$DEFAULT_DOMAIN_NAME/htdocs
+ fi
+ ln -s $WEBMAIL_PATH /var/www/$DEFAULT_DOMAIN_NAME/htdocs/webmail
+
+ if [ ! -f /var/www/webmail/config/config.inc.php ]; then
+ # generate the configuration
+ echo '<?php' > /var/www/webmail/config/config.inc.php
+ echo "\$config['db_dsnw'] = 'mysql://root:${MARIADB_PASSWORD}@localhost/webmail';" >> /var/www/webmail/config/config.inc.php
+ echo "\$config['default_host'] = 'localhost';" >> /var/www/webmail/config/config.inc.php
+ echo "\$config['support_url'] = '';" >> /var/www/webmail/config/config.inc.php
+ WEBMAIL_DES_KEY="$(create_password 25)"
+ echo "\$config['des_key'] = '${WEBMAIL_DES_KEY}';" >> /var/www/webmail/config/config.inc.php
+ echo "\$config['product_name'] = '${PROJECT_NAME}';" >> /var/www/webmail/config/config.inc.php
+ echo "\$config['plugins'] = array('enigma');" >> /var/www/webmail/config/config.inc.php
+ echo "\$config['mime_param_folding'] = 0;" >> /var/www/webmail/config/config.inc.php
+ echo "\$config['enable_installer'] = false;" >> /var/www/webmail/config/config.inc.php
+ fi
+
+ chown -R www-data:www-data $WEBMAIL_PATH
+
+ echo 'server {' > /etc/nginx/sites-available/webmail
+ echo " listen 127.0.0.1:$WEBMAIL_ONION_PORT default_server;" >> /etc/nginx/sites-available/webmail
+ echo " server_name $WEBMAIL_ONION_HOSTNAME;" >> /etc/nginx/sites-available/webmail
+ echo " root ${WEBMAIL_PATH};" >> /etc/nginx/sites-available/webmail
+ echo ' index index.php index.html index.htm;' >> /etc/nginx/sites-available/webmail
+ echo ' access_log off;' >> /etc/nginx/sites-available/webmail
+ echo ' error_log off;' >> /etc/nginx/sites-available/webmail
+ echo ' location / {' >> /etc/nginx/sites-available/webmail
+ echo ' try_files $uri $uri/ /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/webmail
+ echo ' }' >> /etc/nginx/sites-available/webmail
+ echo ' error_page 404 /404.html;' >> /etc/nginx/sites-available/webmail
+ echo ' error_page 500 502 503 504 /50x.html;' >> /etc/nginx/sites-available/webmail
+ echo ' location = /50x.html {' >> /etc/nginx/sites-available/webmail
+ echo " root ${WEBMAIL_PATH};" >> /etc/nginx/sites-available/webmail
+ echo ' }' >> /etc/nginx/sites-available/webmail
+ echo ' location ~ ^/(README.md|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {' >> /etc/nginx/sites-available/webmail
+ echo ' deny all;' >> /etc/nginx/sites-available/webmail
+ echo ' }' >> /etc/nginx/sites-available/webmail
+ echo ' location ~ ^/(config|temp|logs)/ {' >> /etc/nginx/sites-available/webmail
+ echo ' deny all;' >> /etc/nginx/sites-available/webmail
+ echo ' }' >> /etc/nginx/sites-available/webmail
+ echo ' location ~ /\. {' >> /etc/nginx/sites-available/webmail
+ echo ' deny all;' >> /etc/nginx/sites-available/webmail
+ echo ' access_log off;' >> /etc/nginx/sites-available/webmail
+ echo ' log_not_found off;' >> /etc/nginx/sites-available/webmail
+ echo ' }' >> /etc/nginx/sites-available/webmail
+ echo ' location ~ \.php$ {' >> /etc/nginx/sites-available/webmail
+ echo ' try_files $uri =404;' >> /etc/nginx/sites-available/webmail
+ echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/webmail
+ echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/webmail
+ echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/webmail
+ echo ' include fastcgi_params;' >> /etc/nginx/sites-available/webmail
+ echo ' }' >> /etc/nginx/sites-available/webmail
+ echo ' add_header X-Frame-Options DENY;' >> /etc/nginx/sites-available/webmail
+ echo ' add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/webmail
+ echo ' client_max_body_size 15m;' >> /etc/nginx/sites-available/webmail
+ echo '}' >> /etc/nginx/sites-available/webmail
+
+ nginx_ensite webmail
+ systemctl restart php5-fpm
+ systemctl restart nginx
+
+ if ! grep -q "Webmail" /home/$MY_USERNAME/README; then
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo 'Webmail' >> /home/$MY_USERNAME/README
+ echo '=======' >> /home/$MY_USERNAME/README
+ if [[ $ONION_ONLY == 'no' ]]; then
+ echo $"Open https://$DEFAULT_DOMAIN_NAME/webmail/index.php" >> /home/$MY_USERNAME/README
+ else
+ echo $"Open http://$WEBMAIL_ONION_HOSTNAME" >> /home/$MY_USERNAME/README
fi
+ echo $"MariaDB webmail admin password: $WEBMAIL_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
- echo 'install_webmail' >> $COMPLETION_FILE
+ echo 'install_webmail' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-wiki b/src/freedombone-app-wiki
index 6db1c580e..f37759cfe 100755
--- a/src/freedombone-app-wiki
+++ b/src/freedombone-app-wiki
@@ -37,391 +37,302 @@ WIKI_CODE=
WIKI_ONION_PORT=8089
function reconfigure_wiki {
- echo -n ''
+ echo -n ''
}
function upgrade_wiki {
- echo -n ''
+ echo -n ''
}
function backup_local_wiki {
- source_directory=/var/lib/dokuwiki
- if [ -d $source_directory ]; then
- dest_directory=wiki
- echo $"Backing up $source_directory to $dest_directory"
+ source_directory=/var/lib/dokuwiki
+ if [ -d $source_directory ]; then
+ dest_directory=wiki
+ echo $"Backing up $source_directory to $dest_directory"
- function_check backup_directory_to_usb
- backup_directory_to_usb $source_directory $dest_directory
- backup_directory_to_usb /etc/dokuwiki wiki2
+ function_check backup_directory_to_usb
+ backup_directory_to_usb $source_directory $dest_directory
+ backup_directory_to_usb /etc/dokuwiki wiki2
- echo $"Backup to $dest_directory complete"
- fi
+ echo $"Backup to $dest_directory complete"
+ fi
}
function restore_local_wiki {
- if [ -d /var/lib/dokuwiki ]; then
- echo $"Restoring Wiki installation"
- WIKI_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Wiki domain" | awk -F ':' '{print $2}')
- temp_restore_dir=/root/tempwiki
- function_check restore_directory_from_usb
- restore_directory_from_usb $temp_restore_dir wiki
- cp -r $temp_restore_dir/var/lib/dokuwiki/* /var/lib/dokuwiki/
- if [ ! "$?" = "0" ]; then
- function_check restore_directory_from_usb
- set_user_permissions
- function_check backup_unmount_drive
- backup_unmount_drive
- exit 868
- fi
- restore_directory_from_usb ${temp_restore_dir}2 wiki2
- cp -r ${temp_restore_dir}2/etc/dokuwiki/* /etc/dokuwiki/
- if [ ! "$?" = "0" ]; then
- function_check set_user_permissions
- set_user_permissions
- function_check backup_unmount_drive
- backup_unmount_drive
- exit 869
- fi
- rm -rf $temp_restore_dir
- rm -rf ${temp_restore_dir}2
- chown -R www-data:www-data /var/lib/dokuwiki/*
- # Ensure that the bundled SSL cert is being used
- if [ -f /etc/ssl/certs/${WIKI_DOMAIN_NAME}.bundle.crt ]; then
- sed -i "s|${WIKI_DOMAIN_NAME}.crt|${WIKI_DOMAIN_NAME}.bundle.crt|g" /etc/nginx/sites-available/${WIKI_DOMAIN_NAME}
- fi
- if [ -d /etc/letsencrypt/live/${WIKI_DOMAIN_NAME} ]; then
- ln -s /etc/letsencrypt/live/${WIKI_DOMAIN_NAME}/privkey.pem /etc/ssl/private/${WIKI_DOMAIN_NAME}.key
- ln -s /etc/letsencrypt/live/${WIKI_DOMAIN_NAME}/fullchain.pem /etc/ssl/certs/${WIKI_DOMAIN_NAME}.pem
- fi
- echo $"Restore of Wiki complete"
+ if [ -d /var/lib/dokuwiki ]; then
+ echo $"Restoring Wiki installation"
+ WIKI_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Wiki domain" | awk -F ':' '{print $2}')
+ temp_restore_dir=/root/tempwiki
+ function_check restore_directory_from_usb
+ restore_directory_from_usb $temp_restore_dir wiki
+ cp -r $temp_restore_dir/var/lib/dokuwiki/* /var/lib/dokuwiki/
+ if [ ! "$?" = "0" ]; then
+ function_check restore_directory_from_usb
+ set_user_permissions
+ function_check backup_unmount_drive
+ backup_unmount_drive
+ exit 868
+ fi
+ restore_directory_from_usb ${temp_restore_dir}2 wiki2
+ cp -r ${temp_restore_dir}2/etc/dokuwiki/* /etc/dokuwiki/
+ if [ ! "$?" = "0" ]; then
+ function_check set_user_permissions
+ set_user_permissions
+ function_check backup_unmount_drive
+ backup_unmount_drive
+ exit 869
+ fi
+ rm -rf $temp_restore_dir
+ rm -rf ${temp_restore_dir}2
+ chown -R www-data:www-data /var/lib/dokuwiki/*
+ # Ensure that the bundled SSL cert is being used
+ if [ -f /etc/ssl/certs/${WIKI_DOMAIN_NAME}.bundle.crt ]; then
+ sed -i "s|${WIKI_DOMAIN_NAME}.crt|${WIKI_DOMAIN_NAME}.bundle.crt|g" /etc/nginx/sites-available/${WIKI_DOMAIN_NAME}
+ fi
+ if [ -d /etc/letsencrypt/live/${WIKI_DOMAIN_NAME} ]; then
+ ln -s /etc/letsencrypt/live/${WIKI_DOMAIN_NAME}/privkey.pem /etc/ssl/private/${WIKI_DOMAIN_NAME}.key
+ ln -s /etc/letsencrypt/live/${WIKI_DOMAIN_NAME}/fullchain.pem /etc/ssl/certs/${WIKI_DOMAIN_NAME}.pem
fi
+ echo $"Restore of Wiki complete"
+ fi
}
function backup_remote_wiki {
- if [ -d /etc/dokuwiki ]; then
- echo $"Backing up wiki"
- backup_directory_to_friend /var/lib/dokuwiki wiki
- backup_directory_to_friend /etc/dokuwiki wiki2
- fi
+ if [ -d /etc/dokuwiki ]; then
+ echo $"Backing up wiki"
+ backup_directory_to_friend /var/lib/dokuwiki wiki
+ backup_directory_to_friend /etc/dokuwiki wiki2
+ fi
}
function restore_remote_wiki {
- if [ -d $SERVER_DIRECTORY/backup/wiki ]; then
- WIKI_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Wiki domain" | awk -F ':' '{print $2}')
- echo $"Restoring Wiki installation $WIKI_DOMAIN_NAME"
- function_check restore_directory_from_friend
- restore_directory_from_friend /root/tempwiki wiki
- cp -r /root/tempwiki/var/lib/dokuwiki/* /var/lib/dokuwiki/
- if [ ! "$?" = "0" ]; then
- exit 868
- fi
- restore_directory_from_friend /root/tempwiki2 wiki2
- cp -r /root/tempwiki2/etc/dokuwiki/* /etc/dokuwiki/
- if [ ! "$?" = "0" ]; then
- exit 869
- fi
- rm -rf /root/tempwiki
- rm -rf /root/tempwiki2
- chown -R www-data:www-data /var/lib/dokuwiki/*
- # Ensure that the bundled SSL cert is being used
- if [ -f /etc/ssl/certs/${WIKI_DOMAIN_NAME}.bundle.crt ]; then
- sed -i "s|${WIKI_DOMAIN_NAME}.crt|${WIKI_DOMAIN_NAME}.bundle.crt|g" /etc/nginx/sites-available/${WIKI_DOMAIN_NAME}
- fi
- if [ -d /etc/letsencrypt/live/${WIKI_DOMAIN_NAME} ]; then
- ln -s /etc/letsencrypt/live/${WIKI_DOMAIN_NAME}/privkey.pem /etc/ssl/private/${WIKI_DOMAIN_NAME}.key
- ln -s /etc/letsencrypt/live/${WIKI_DOMAIN_NAME}/fullchain.pem /etc/ssl/certs/${WIKI_DOMAIN_NAME}.pem
- fi
- echo $"Restore of Wiki complete"
+ if [ -d $SERVER_DIRECTORY/backup/wiki ]; then
+ WIKI_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Wiki domain" | awk -F ':' '{print $2}')
+ echo $"Restoring Wiki installation $WIKI_DOMAIN_NAME"
+ function_check restore_directory_from_friend
+ restore_directory_from_friend /root/tempwiki wiki
+ cp -r /root/tempwiki/var/lib/dokuwiki/* /var/lib/dokuwiki/
+ if [ ! "$?" = "0" ]; then
+ exit 868
fi
-}
-
-function remove_wiki {
- if ! grep -Fxq "install_wiki" $COMPLETION_FILE; then
- return
+ restore_directory_from_friend /root/tempwiki2 wiki2
+ cp -r /root/tempwiki2/etc/dokuwiki/* /etc/dokuwiki/
+ if [ ! "$?" = "0" ]; then
+ exit 869
fi
- function_check remove_onion_service
- remove_onion_service wiki ${WIKI_ONION_PORT}
- nginx_dissite $WIKI_DOMAIN_NAME
- if [ -f /etc/nginx/sites-available/$WIKI_DOMAIN_NAME ]; then
- rm /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ rm -rf /root/tempwiki
+ rm -rf /root/tempwiki2
+ chown -R www-data:www-data /var/lib/dokuwiki/*
+ # Ensure that the bundled SSL cert is being used
+ if [ -f /etc/ssl/certs/${WIKI_DOMAIN_NAME}.bundle.crt ]; then
+ sed -i "s|${WIKI_DOMAIN_NAME}.crt|${WIKI_DOMAIN_NAME}.bundle.crt|g" /etc/nginx/sites-available/${WIKI_DOMAIN_NAME}
fi
- apt-get -y remove --purge dokuwiki
- if [ ! -d /var/www/$WIKI_DOMAIN_NAME ]; then
- rm -rf /var/www/$WIKI_DOMAIN_NAME
+ if [ -d /etc/letsencrypt/live/${WIKI_DOMAIN_NAME} ]; then
+ ln -s /etc/letsencrypt/live/${WIKI_DOMAIN_NAME}/privkey.pem /etc/ssl/private/${WIKI_DOMAIN_NAME}.key
+ ln -s /etc/letsencrypt/live/${WIKI_DOMAIN_NAME}/fullchain.pem /etc/ssl/certs/${WIKI_DOMAIN_NAME}.pem
fi
- if [ -d /var/lib/dokuwiki ]; then
- rm -rf /var/lib/dokuwiki
- fi
- if [ -d /etc/dokuwiki ]; then
- rm -rf /etc/dokuwiki
- fi
- if [ -d /usr/share/dokuwiki ]; then
- rm -rf /usr/share/dokuwiki
- fi
- sed -i '/install_wiki/d' $COMPLETION_FILE
+ echo $"Restore of Wiki complete"
+ fi
+}
+
+function remove_wiki {
+ if ! grep -Fxq "install_wiki" $COMPLETION_FILE; then
+ return
+ fi
+ function_check remove_onion_service
+ remove_onion_service wiki ${WIKI_ONION_PORT}
+ nginx_dissite $WIKI_DOMAIN_NAME
+ if [ -f /etc/nginx/sites-available/$WIKI_DOMAIN_NAME ]; then
+ rm /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ fi
+ apt-get -y remove --purge dokuwiki
+ if [ ! -d /var/www/$WIKI_DOMAIN_NAME ]; then
+ rm -rf /var/www/$WIKI_DOMAIN_NAME
+ fi
+ if [ -d /var/lib/dokuwiki ]; then
+ rm -rf /var/lib/dokuwiki
+ fi
+ if [ -d /etc/dokuwiki ]; then
+ rm -rf /etc/dokuwiki
+ fi
+ if [ -d /usr/share/dokuwiki ]; then
+ rm -rf /usr/share/dokuwiki
+ fi
+ sed -i '/install_wiki/d' $COMPLETION_FILE
}
function get_wiki_admin_password {
- if [ -f /home/$MY_USERNAME/README ]; then
- if grep -q "Wiki password" /home/$MY_USERNAME/README; then
- WIKI_ADMIN_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "Wiki password:" | awk -F ':' '{print $2}' | sed 's/^ *//')
- fi
+ if [ -f /home/$MY_USERNAME/README ]; then
+ if grep -q "Wiki password" /home/$MY_USERNAME/README; then
+ WIKI_ADMIN_PASSWORD=$(cat /home/$MY_USERNAME/README | grep "Wiki password:" | awk -F ':' '{print $2}' | sed 's/^ *//')
fi
+ fi
}
function install_wiki {
- if grep -Fxq "install_wiki" $COMPLETION_FILE; then
- return
- fi
- if [ ! $WIKI_DOMAIN_NAME ]; then
- return
- fi
- apt-get -y install dokuwiki
- apt-get -y remove --purge apache*
- if [ -d /etc/apache2 ]; then
- rm -rf /etc/apache2
- echo $'Removed Apache installation after Dokuwiki install'
- fi
-
- if [ ! -d /var/www/$WIKI_DOMAIN_NAME ]; then
- mkdir /var/www/$WIKI_DOMAIN_NAME
- fi
- if [ -d /var/www/$WIKI_DOMAIN_NAME/htdocs ]; then
- rm -rf /var/www/$WIKI_DOMAIN_NAME/htdocs
- fi
-
- ln -s /usr/share/dokuwiki /var/www/$WIKI_DOMAIN_NAME/htdocs
-
- mkdir /var/lib/dokuwiki/custom
- cp /etc/dokuwiki/local.php.dist /var/lib/dokuwiki/custom/local.php
- ln -s /var/lib/dokuwiki/custom/local.php /etc/dokuwiki/local.php
-
- chown www-data /var/lib/dokuwiki/custom
- chown www-data /var/lib/dokuwiki/custom/local.php
- chown -R www-data /etc/dokuwiki
- chown -R www-data /usr/share/dokuwiki/lib/
- chmod 600 /var/lib/dokuwiki/custom/local.php
- chmod -R 755 /usr/share/dokuwiki/lib
-
- sed -i 's|//$conf|$conf|g' /var/lib/dokuwiki/custom/local.php
- sed -i "s|joe|$MY_USERNAME|g" /var/lib/dokuwiki/custom/local.php
-
- sed -i "s|Debian DokuWiki|$WIKI_TITLE|g" /etc/dokuwiki/local.php
-
- # set the admin user
- sed -i "s/@admin/$MY_USERNAME/g" /etc/dokuwiki/local.php
-
- # disallow registration of new users
- if ! grep -q "disableactions" /etc/dokuwiki/local.php; then
- echo "\$conf['disableactions'] = 'register';" >> /etc/dokuwiki/local.php
- fi
- if ! grep -q "disableactions" /var/lib/dokuwiki/custom/local.php; then
- echo "\$conf['disableactions'] = 'register';" >> /var/lib/dokuwiki/custom/local.php
- fi
-
- if ! grep -q "authtype" /var/lib/dokuwiki/custom/local.php; then
- echo "\$conf['authtype'] = 'authplain';" >> /var/lib/dokuwiki/custom/local.php
- fi
- if ! grep -q "authtype" /etc/dokuwiki/local.php; then
- echo "\$conf['authtype'] = 'authplain';" >> /etc/dokuwiki/local.php
- fi
-
- function_check get_wiki_admin_password
- get_wiki_admin_password
- if [ ! $WIKI_ADMIN_PASSWORD ]; then
- if [ -f $IMAGE_PASSWORD_FILE ]; then
- WIKI_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
- else
- WIKI_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- fi
- fi
- HASHED_WIKI_PASSWORD=$(echo -n "$WIKI_ADMIN_PASSWORD" | md5sum | awk -F ' ' '{print $1}')
- echo -n "$MY_USERNAME:$HASHED_WIKI_PASSWORD:$MY_NAME:$MY_EMAIL:admin,user,upload" > /var/lib/dokuwiki/acl/users.auth.php
- chmod 640 /var/lib/dokuwiki/acl/users.auth.php
-
- if ! grep -q "video/ogg" /etc/dokuwiki/mime.conf; then
- echo 'ogv video/ogg' >> /etc/dokuwiki/mime.conf
- fi
- if ! grep -q "video/mp4" /etc/dokuwiki/mime.conf; then
- echo 'mp4 video/mp4' >> /etc/dokuwiki/mime.conf
- fi
- if ! grep -q "video/webm" /etc/dokuwiki/mime.conf; then
- echo 'webm video/webm' >> /etc/dokuwiki/mime.conf
- fi
-
- WIKI_ONION_HOSTNAME=$(add_onion_service wiki 80 ${WIKI_ONION_PORT})
-
- if [[ $ONION_ONLY == "no" ]]; then
- echo 'server {' > /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' listen 80;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " root /var/www/$WIKI_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " server_name $WIKI_DOMAIN_NAME;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' access_log off;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " error_log /var/log/nginx/${WIKI_DOMAIN_NAME}_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' charset utf-8;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- function_check nginx_disable_sniffing
- nginx_disable_sniffing $WIKI_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $WIKI_DOMAIN_NAME
- echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location / {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' allow all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' expires 30d;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # block these file types' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # or a unix socket' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /\. {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' #deny access to store' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /store {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '}' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo 'server {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' listen 443 ssl;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " root /var/www/$WIKI_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " server_name $WIKI_DOMAIN_NAME;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' access_log off;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " error_log /var/log/nginx/${WIKI_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' charset utf-8;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $WIKI_DOMAIN_NAME
- function_check nginx_ssl
- nginx_ssl $WIKI_DOMAIN_NAME
- function_check nginx_disable_sniffing
- nginx_disable_sniffing $WIKI_DOMAIN_NAME
- echo ' add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # webmail' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location /webmail {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' rewrite ^/(.*) /webmail/index.php last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' rewrite ^/(.*) /webmail/installer/index.php last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location / {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' allow all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' expires 30d;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # block these file types' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # or a unix socket' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /\. {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' #deny access to store' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /store {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '}' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ if grep -Fxq "install_wiki" $COMPLETION_FILE; then
+ return
+ fi
+ if [ ! $WIKI_DOMAIN_NAME ]; then
+ return
+ fi
+ apt-get -y install dokuwiki
+ apt-get -y remove --purge apache*
+ if [ -d /etc/apache2 ]; then
+ rm -rf /etc/apache2
+ echo $'Removed Apache installation after Dokuwiki install'
+ fi
+
+ if [ ! -d /var/www/$WIKI_DOMAIN_NAME ]; then
+ mkdir /var/www/$WIKI_DOMAIN_NAME
+ fi
+ if [ -d /var/www/$WIKI_DOMAIN_NAME/htdocs ]; then
+ rm -rf /var/www/$WIKI_DOMAIN_NAME/htdocs
+ fi
+
+ ln -s /usr/share/dokuwiki /var/www/$WIKI_DOMAIN_NAME/htdocs
+
+ mkdir /var/lib/dokuwiki/custom
+ cp /etc/dokuwiki/local.php.dist /var/lib/dokuwiki/custom/local.php
+ ln -s /var/lib/dokuwiki/custom/local.php /etc/dokuwiki/local.php
+
+ chown www-data /var/lib/dokuwiki/custom
+ chown www-data /var/lib/dokuwiki/custom/local.php
+ chown -R www-data /etc/dokuwiki
+ chown -R www-data /usr/share/dokuwiki/lib/
+ chmod 600 /var/lib/dokuwiki/custom/local.php
+ chmod -R 755 /usr/share/dokuwiki/lib
+
+ sed -i 's|//$conf|$conf|g' /var/lib/dokuwiki/custom/local.php
+ sed -i "s|joe|$MY_USERNAME|g" /var/lib/dokuwiki/custom/local.php
+
+ sed -i "s|Debian DokuWiki|$WIKI_TITLE|g" /etc/dokuwiki/local.php
+
+ # set the admin user
+ sed -i "s/@admin/$MY_USERNAME/g" /etc/dokuwiki/local.php
+
+ # disallow registration of new users
+ if ! grep -q "disableactions" /etc/dokuwiki/local.php; then
+ echo "\$conf['disableactions'] = 'register';" >> /etc/dokuwiki/local.php
+ fi
+ if ! grep -q "disableactions" /var/lib/dokuwiki/custom/local.php; then
+ echo "\$conf['disableactions'] = 'register';" >> /var/lib/dokuwiki/custom/local.php
+ fi
+
+ if ! grep -q "authtype" /var/lib/dokuwiki/custom/local.php; then
+ echo "\$conf['authtype'] = 'authplain';" >> /var/lib/dokuwiki/custom/local.php
+ fi
+ if ! grep -q "authtype" /etc/dokuwiki/local.php; then
+ echo "\$conf['authtype'] = 'authplain';" >> /etc/dokuwiki/local.php
+ fi
+
+ function_check get_wiki_admin_password
+ get_wiki_admin_password
+ if [ ! $WIKI_ADMIN_PASSWORD ]; then
+ if [ -f $IMAGE_PASSWORD_FILE ]; then
+ WIKI_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
else
- echo -n '' > /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ WIKI_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
fi
+ fi
+ HASHED_WIKI_PASSWORD=$(echo -n "$WIKI_ADMIN_PASSWORD" | md5sum | awk -F ' ' '{print $1}')
+ echo -n "$MY_USERNAME:$HASHED_WIKI_PASSWORD:$MY_NAME:$MY_EMAIL:admin,user,upload" > /var/lib/dokuwiki/acl/users.auth.php
+ chmod 640 /var/lib/dokuwiki/acl/users.auth.php
+
+ if ! grep -q "video/ogg" /etc/dokuwiki/mime.conf; then
+ echo 'ogv video/ogg' >> /etc/dokuwiki/mime.conf
+ fi
+ if ! grep -q "video/mp4" /etc/dokuwiki/mime.conf; then
+ echo 'mp4 video/mp4' >> /etc/dokuwiki/mime.conf
+ fi
+ if ! grep -q "video/webm" /etc/dokuwiki/mime.conf; then
+ echo 'webm video/webm' >> /etc/dokuwiki/mime.conf
+ fi
+
+ WIKI_ONION_HOSTNAME=$(add_onion_service wiki 80 ${WIKI_ONION_PORT})
+
+ if [[ $ONION_ONLY == "no" ]]; then
+ echo 'server {' > /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' listen 80;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " root /var/www/$WIKI_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " server_name $WIKI_DOMAIN_NAME;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' access_log off;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " error_log /var/log/nginx/${WIKI_DOMAIN_NAME}_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' charset utf-8;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ function_check nginx_disable_sniffing
+ nginx_disable_sniffing $WIKI_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $WIKI_DOMAIN_NAME
+ echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location / {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' allow all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' expires 30d;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # block these file types' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # or a unix socket' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~ /\. {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' #deny access to store' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~ /store {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '}' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo 'server {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " listen 127.0.0.1:${WIKI_ONION_PORT} default_server;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' listen 443 ssl;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo " root /var/www/$WIKI_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- echo " server_name $WIKI_ONION_HOSTNAME;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " server_name $WIKI_DOMAIN_NAME;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' access_log off;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo " error_log /var/log/nginx/${WIKI_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
@@ -429,10 +340,18 @@ function install_wiki {
echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
function_check nginx_limits
nginx_limits $WIKI_DOMAIN_NAME
+ function_check nginx_ssl
+ nginx_ssl $WIKI_DOMAIN_NAME
function_check nginx_disable_sniffing
nginx_disable_sniffing $WIKI_DOMAIN_NAME
echo ' add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # webmail' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location /webmail {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' rewrite ^/(.*) /webmail/index.php last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' rewrite ^/(.*) /webmail/installer/index.php last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' location / {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
@@ -495,43 +414,124 @@ function install_wiki {
echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo '}' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
-
- function_check create_site_certificate
- create_site_certificate $WIKI_DOMAIN_NAME
-
- function_check configure_php
- configure_php
-
- nginx_ensite $WIKI_DOMAIN_NAME
-
- systemctl restart php5-fpm
- systemctl restart nginx
-
- echo "Wiki onion domain:${WIKI_ONION_HOSTNAME}" >> $COMPLETION_FILE
-
- function_check add_ddns_domain
- add_ddns_domain $WIKI_DOMAIN_NAME
-
- # add some post-install instructions
- if ! grep -q $"Wiki password" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'Wiki' >> /home/$MY_USERNAME/README
- echo '====' >> /home/$MY_USERNAME/README
- echo $"Wiki onion domain: ${WIKI_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
- echo $"Wiki username: $MY_USERNAME" >> /home/$MY_USERNAME/README
- echo $"Wiki password: $WIKI_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'Once you have set up the wiki then remove the install file:' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo " rm /var/www/$WIKI_DOMAIN_NAME/htdocs/install.php" >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
- fi
-
- echo "Wiki domain:$WIKI_DOMAIN_NAME" >> $COMPLETION_FILE
- echo 'install_wiki' >> $COMPLETION_FILE
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ else
+ echo -n '' > /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ fi
+ echo 'server {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " listen 127.0.0.1:${WIKI_ONION_PORT} default_server;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " root /var/www/$WIKI_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " server_name $WIKI_ONION_HOSTNAME;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' access_log off;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " error_log /var/log/nginx/${WIKI_DOMAIN_NAME}_error_ssl.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' charset utf-8;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $WIKI_DOMAIN_NAME
+ function_check nginx_disable_sniffing
+ nginx_disable_sniffing $WIKI_DOMAIN_NAME
+ echo ' add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location / {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # make sure webfinger and other well known services aren't blocked" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # by denying dot files and rewrite request to the front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ^~ /.well-known/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' allow all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # statically serve these file types when possible' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # otherwise fall back to front controller' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # allow browser to cache them' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' expires 30d;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # block these file types' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # or a unix socket' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo " # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # With php5-cgi alone:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # With php5-fpm:' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' fastcgi_pass unix:/var/run/php5-fpm.sock;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' fastcgi_index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' # deny access to all dot files' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~ /\. {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' #deny access to store' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~ /store {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' location ~ /\.ht {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' deny all;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ echo '}' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+
+ function_check create_site_certificate
+ create_site_certificate $WIKI_DOMAIN_NAME
+
+ function_check configure_php
+ configure_php
+
+ nginx_ensite $WIKI_DOMAIN_NAME
+
+ systemctl restart php5-fpm
+ systemctl restart nginx
+
+ echo "Wiki onion domain:${WIKI_ONION_HOSTNAME}" >> $COMPLETION_FILE
+
+ function_check add_ddns_domain
+ add_ddns_domain $WIKI_DOMAIN_NAME
+
+ # add some post-install instructions
+ if ! grep -q $"Wiki password" /home/$MY_USERNAME/README; then
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'Wiki' >> /home/$MY_USERNAME/README
+ echo '====' >> /home/$MY_USERNAME/README
+ echo $"Wiki onion domain: ${WIKI_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
+ echo $"Wiki username: $MY_USERNAME" >> /home/$MY_USERNAME/README
+ echo $"Wiki password: $WIKI_ADMIN_PASSWORD" >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'Once you have set up the wiki then remove the install file:' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo " rm /var/www/$WIKI_DOMAIN_NAME/htdocs/install.php" >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
+
+ echo "Wiki domain:$WIKI_DOMAIN_NAME" >> $COMPLETION_FILE
+ echo 'install_wiki' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-xmpp b/src/freedombone-app-xmpp
index f32df760b..560c09c39 100755
--- a/src/freedombone-app-xmpp
+++ b/src/freedombone-app-xmpp
@@ -38,444 +38,444 @@ XMPP_CIPHERS='"EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+
XMPP_ECC_CURVE='"secp384r1"'
function reconfigure_xmpp {
- echo -n ''
+ echo -n ''
}
function update_prosody_modules {
- if [ ! -d $INSTALL_DIR/prosody-modules ]; then
- return
- fi
- if [ ! -d /usr/lib/prosody ]; then
- return
- fi
-
- cd $INSTALL_DIR/prosody-modules
- hg pull
- hg update
-
- # support onion addresses
- if [ -f $INSTALL_DIR/prosody-modules/mod_onions/mod_onions.lua ]; then
- cp $INSTALL_DIR/prosody-modules/mod_onions/mod_onions.lua /usr/lib/prosody/modules/mod_onions.lua
- fi
-
- # XEP-0313 message archive management
- # https://modules.prosody.im/mod_mam.html
- # Allows you to download your previous messages onto a new client
- # This only applies if you are not using forward secret crypto
- # such as OTR or OMEMO (eg. OpenPGP)
- if [ -d $INSTALL_DIR/prosody-modules/mod_mam ]; then
- cp $INSTALL_DIR/prosody-modules/mod_mam/*.lua /usr/lib/prosody/modules
- fi
-
- # XEP-0352 Client State Indication
- # Notifies the server if the app is in the background or not
- if [ -d $INSTALL_DIR/prosody-modules/mod_csi ]; then
- cp $INSTALL_DIR/prosody-modules/mod_csi/*.lua /usr/lib/prosody/modules
- fi
-
- # XEP-0280 Message Carbons
- # Ensures all messages get delivered to all clients (if you have a mobile and desktop client)
- if [ -d $INSTALL_DIR/prosody-modules/mod_carbons ]; then
- cp $INSTALL_DIR/prosody-modules/mod_carbons/*.lua /usr/lib/prosody/modules
- fi
-
- # XEP-0198 Stream management
- # Helps mobile apps recover when a device switches networks.
- if [ -d $INSTALL_DIR/prosody-modules/mod_smacks ]; then
- cp $INSTALL_DIR/prosody-modules/mod_smacks/*.lua /usr/lib/prosody/modules
- fi
- if [ -d $INSTALL_DIR/prosody-modules/mod_smacks_offline ]; then
- cp $INSTALL_DIR/prosody-modules/mod_smacks_offline/*.lua /usr/lib/prosody/modules
- fi
-
- # XEP-0191: blocking
- if [ -d $INSTALL_DIR/prosody-modules/mod_blocking ]; then
- cp $INSTALL_DIR/prosody-modules/mod_blocking/*.lua /usr/lib/prosody/modules
- fi
-
- # XEP-0016 Privacy lists
- if [ -d $INSTALL_DIR/prosody-modules/mod_privacy_lists ]; then
- cp $INSTALL_DIR/prosody-modules/mod_privacy_lists/*.lua /usr/lib/prosody/modules
- fi
+ if [ ! -d $INSTALL_DIR/prosody-modules ]; then
+ return
+ fi
+ if [ ! -d /usr/lib/prosody ]; then
+ return
+ fi
+
+ cd $INSTALL_DIR/prosody-modules
+ hg pull
+ hg update
+
+ # support onion addresses
+ if [ -f $INSTALL_DIR/prosody-modules/mod_onions/mod_onions.lua ]; then
+ cp $INSTALL_DIR/prosody-modules/mod_onions/mod_onions.lua /usr/lib/prosody/modules/mod_onions.lua
+ fi
+
+ # XEP-0313 message archive management
+ # https://modules.prosody.im/mod_mam.html
+ # Allows you to download your previous messages onto a new client
+ # This only applies if you are not using forward secret crypto
+ # such as OTR or OMEMO (eg. OpenPGP)
+ if [ -d $INSTALL_DIR/prosody-modules/mod_mam ]; then
+ cp $INSTALL_DIR/prosody-modules/mod_mam/*.lua /usr/lib/prosody/modules
+ fi
+
+ # XEP-0352 Client State Indication
+ # Notifies the server if the app is in the background or not
+ if [ -d $INSTALL_DIR/prosody-modules/mod_csi ]; then
+ cp $INSTALL_DIR/prosody-modules/mod_csi/*.lua /usr/lib/prosody/modules
+ fi
+
+ # XEP-0280 Message Carbons
+ # Ensures all messages get delivered to all clients (if you have a mobile and desktop client)
+ if [ -d $INSTALL_DIR/prosody-modules/mod_carbons ]; then
+ cp $INSTALL_DIR/prosody-modules/mod_carbons/*.lua /usr/lib/prosody/modules
+ fi
+
+ # XEP-0198 Stream management
+ # Helps mobile apps recover when a device switches networks.
+ if [ -d $INSTALL_DIR/prosody-modules/mod_smacks ]; then
+ cp $INSTALL_DIR/prosody-modules/mod_smacks/*.lua /usr/lib/prosody/modules
+ fi
+ if [ -d $INSTALL_DIR/prosody-modules/mod_smacks_offline ]; then
+ cp $INSTALL_DIR/prosody-modules/mod_smacks_offline/*.lua /usr/lib/prosody/modules
+ fi
+
+ # XEP-0191: blocking
+ if [ -d $INSTALL_DIR/prosody-modules/mod_blocking ]; then
+ cp $INSTALL_DIR/prosody-modules/mod_blocking/*.lua /usr/lib/prosody/modules
+ fi
+
+ # XEP-0016 Privacy lists
+ if [ -d $INSTALL_DIR/prosody-modules/mod_privacy_lists ]; then
+ cp $INSTALL_DIR/prosody-modules/mod_privacy_lists/*.lua /usr/lib/prosody/modules
+ fi
}
function upgrade_xmpp {
- if ! grep -Fxq "install_xmpp_main" $COMPLETION_FILE; then
- return
- fi
- function_check update_prosody_modules
- update_prosody_modules
+ if ! grep -Fxq "install_xmpp_main" $COMPLETION_FILE; then
+ return
+ fi
+ function_check update_prosody_modules
+ update_prosody_modules
}
function backup_local_xmpp {
- source_directory=/var/lib/prosody xmpp
- if [ -d $source_directory ]; then
- dest_directory=xmpp
- echo $"Backing up $source_directory to $dest_directory"
+ source_directory=/var/lib/prosody xmpp
+ if [ -d $source_directory ]; then
+ dest_directory=xmpp
+ echo $"Backing up $source_directory to $dest_directory"
- function_check backup_directory_to_usb
- backup_directory_to_usb $source_directory $dest_directory
+ function_check backup_directory_to_usb
+ backup_directory_to_usb $source_directory $dest_directory
- echo $"Backup to $dest_directory complete"
- fi
+ echo $"Backup to $dest_directory complete"
+ fi
}
function restore_local_xmpp {
- if [ -d /var/lib/prosody ]; then
- echo $"Restoring XMPP settings"
- temp_restore_dir=/root/tempxmpp
- function_check restore_directory_from_usb
- restore_directory_from_usb $temp_restore_dir xmpp
- cp -r $temp_restore_dir/var/lib/prosody/* /var/lib/prosody
- if [ ! "$?" = "0" ]; then
- function_check set_user_permissions
- set_user_permissions
- function_check backup_unmount_drive
- backup_unmount_drive
- exit 725
- fi
- rm -rf $temp_restore_dir
- service prosody restart
- chown -R prosody:prosody /var/lib/prosody/*
- echo $"Restore of XMPP settings complete"
- fi
+ if [ -d /var/lib/prosody ]; then
+ echo $"Restoring XMPP settings"
+ temp_restore_dir=/root/tempxmpp
+ function_check restore_directory_from_usb
+ restore_directory_from_usb $temp_restore_dir xmpp
+ cp -r $temp_restore_dir/var/lib/prosody/* /var/lib/prosody
+ if [ ! "$?" = "0" ]; then
+ function_check set_user_permissions
+ set_user_permissions
+ function_check backup_unmount_drive
+ backup_unmount_drive
+ exit 725
+ fi
+ rm -rf $temp_restore_dir
+ service prosody restart
+ chown -R prosody:prosody /var/lib/prosody/*
+ echo $"Restore of XMPP settings complete"
+ fi
}
function backup_remote_xmpp {
- if [ -d /var/lib/prosody ]; then
- echo $"Backing up the XMPP settings"
- backup_directory_to_friend /var/lib/prosody xmpp
- echo $"Backup of XMPP settings complete"
- fi
+ if [ -d /var/lib/prosody ]; then
+ echo $"Backing up the XMPP settings"
+ backup_directory_to_friend /var/lib/prosody xmpp
+ echo $"Backup of XMPP settings complete"
+ fi
}
function restore_remote_xmpp {
- if [ -d /var/lib/prosody ]; then
- echo $"Restoring XMPP settings"
- temp_restore_dir=/root/tempxmpp
- function_check restore_directory_from_friend
- restore_directory_from_friend $temp_restore_dir xmpp
- cp -r $temp_restore_dir/var/lib/prosody/* /var/lib/prosody
- if [ ! "$?" = "0" ]; then
- exit 725
- fi
- rm -rf $temp_restore_dir
- service prosody restart
- chown -R prosody:prosody /var/lib/prosody/*
- echo $"Restore of XMPP settings complete"
- fi
+ if [ -d /var/lib/prosody ]; then
+ echo $"Restoring XMPP settings"
+ temp_restore_dir=/root/tempxmpp
+ function_check restore_directory_from_friend
+ restore_directory_from_friend $temp_restore_dir xmpp
+ cp -r $temp_restore_dir/var/lib/prosody/* /var/lib/prosody
+ if [ ! "$?" = "0" ]; then
+ exit 725
+ fi
+ rm -rf $temp_restore_dir
+ service prosody restart
+ chown -R prosody:prosody /var/lib/prosody/*
+ echo $"Restore of XMPP settings complete"
+ fi
}
function configure_firewall_for_xmpp {
- if [ ! -d /etc/prosody ]; then
- return
- fi
- if grep -Fxq "configure_firewall_for_xmpp" $COMPLETION_FILE; then
- return
- fi
- if [[ $INSTALLED_WITHIN_DOCKER == "yes" ]]; then
- # docker does its own firewalling
- return
- fi
- if [[ $ONION_ONLY != "no" ]]; then
- return
- fi
- iptables -A INPUT -p tcp --dport 5222:5223 -j ACCEPT
- iptables -A INPUT -p tcp --dport 5269 -j ACCEPT
- iptables -A INPUT -p tcp --dport 5280:5281 -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
-
- OPEN_PORTS+=('XMPP 5222-5223')
- OPEN_PORTS+=('XMPP 5269')
- OPEN_PORTS+=('XMPP 5280-5281')
- echo 'configure_firewall_for_xmpp' >> $COMPLETION_FILE
+ if [ ! -d /etc/prosody ]; then
+ return
+ fi
+ if grep -Fxq "configure_firewall_for_xmpp" $COMPLETION_FILE; then
+ return
+ fi
+ if [[ $INSTALLED_WITHIN_DOCKER == "yes" ]]; then
+ # docker does its own firewalling
+ return
+ fi
+ if [[ $ONION_ONLY != "no" ]]; then
+ return
+ fi
+ iptables -A INPUT -p tcp --dport 5222:5223 -j ACCEPT
+ iptables -A INPUT -p tcp --dport 5269 -j ACCEPT
+ iptables -A INPUT -p tcp --dport 5280:5281 -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+
+ OPEN_PORTS+=('XMPP 5222-5223')
+ OPEN_PORTS+=('XMPP 5269')
+ OPEN_PORTS+=('XMPP 5280-5281')
+ echo 'configure_firewall_for_xmpp' >> $COMPLETION_FILE
}
function remove_xmpp_client {
- if ! grep -Fxq "install_xmpp_client" $COMPLETION_FILE; then
- return
- fi
- apt-get -y remove --purge profanity
- sed '/install_xmpp_client/d' $COMPLETION_FILE
+ if ! grep -Fxq "install_xmpp_client" $COMPLETION_FILE; then
+ return
+ fi
+ apt-get -y remove --purge profanity
+ sed '/install_xmpp_client/d' $COMPLETION_FILE
}
function remove_xmpp {
- remove_xmpp_client
- if ! grep -Fxq "install_xmpp" $COMPLETION_FILE; then
- return
- fi
- iptables -D INPUT -p tcp --dport 5222:5223 -j ACCEPT
- iptables -D INPUT -p tcp --dport 5269 -j ACCEPT
- iptables -D INPUT -p tcp --dport 5280:5281 -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
-
- function_check remove_onion_service
- remove_onion_service xmpp 5222 5223 5269
-
- apt-get -y remove --purge prosody prosody-modules
- if [ -d $INSTALL_DIR/prosody-modules ]; then
- rm -rf $INSTALL_DIR/prosody-modules
- fi
- if [ -d /etc/prosody ]; then
- rm -rf /etc/prosody
- fi
-
- sed '/install_xmpp/d' $COMPLETION_FILE
- sed '/XMPP /d' $COMPLETION_FILE
+ remove_xmpp_client
+ if ! grep -Fxq "install_xmpp" $COMPLETION_FILE; then
+ return
+ fi
+ iptables -D INPUT -p tcp --dport 5222:5223 -j ACCEPT
+ iptables -D INPUT -p tcp --dport 5269 -j ACCEPT
+ iptables -D INPUT -p tcp --dport 5280:5281 -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+
+ function_check remove_onion_service
+ remove_onion_service xmpp 5222 5223 5269
+
+ apt-get -y remove --purge prosody prosody-modules
+ if [ -d $INSTALL_DIR/prosody-modules ]; then
+ rm -rf $INSTALL_DIR/prosody-modules
+ fi
+ if [ -d /etc/prosody ]; then
+ rm -rf /etc/prosody
+ fi
+
+ sed '/install_xmpp/d' $COMPLETION_FILE
+ sed '/XMPP /d' $COMPLETION_FILE
}
function install_xmpp_main {
- update_prosody_modules
-
- if grep -Fxq "install_xmpp_main" $COMPLETION_FILE; then
- return
- fi
- apt-get -y install lua-sec lua-bitop
- apt-get -y install prosody prosody-modules mercurial
-
- if [ ! -d /etc/prosody ]; then
- echo $"ERROR: prosody does not appear to have installed. $CHECK_MESSAGE"
- exit 52
- fi
-
- # obtain the prosody modules
- cd $INSTALL_DIR
- hg clone https://hg.prosody.im/prosody-modules/ prosody-modules
- if [ ! -d $INSTALL_DIR/prosody-modules/mod_onions ]; then
- echo $'mod_onions prosody module could not be found'
- exit 73254
- fi
-
- # install the onions module
- update_prosody_modules
- if [ ! -f /usr/lib/prosody/modules/mod_onions.lua ]; then
- echo $'mod_onions.lua could not be copied to the prosody modules directory'
- exit 63952
- fi
-
- # create a certificate
- if [ ! -f /etc/ssl/certs/xmpp.dhparam ]; then
- ${PROJECT_NAME}-addcert -h xmpp --dhkey $DH_KEYLENGTH
- check_certificates xmpp
- fi
- chown prosody:prosody /etc/ssl/private/xmpp.key
- chown prosody:prosody /etc/ssl/certs/xmpp.*
- cp -a /etc/prosody/conf.avail/example.com.cfg.lua /etc/prosody/conf.avail/xmpp.cfg.lua
-
- sed -i 's|/etc/prosody/certs/example.com.key|/etc/ssl/private/xmpp.key|g' /etc/prosody/conf.avail/xmpp.cfg.lua
- sed -i 's|/etc/prosody/certs/example.com.crt|/etc/ssl/certs/xmpp.crt|g' /etc/prosody/conf.avail/xmpp.cfg.lua
- if ! grep -q "xmpp.dhparam" /etc/prosody/conf.avail/xmpp.cfg.lua; then
- sed -i '/certificate =/a\ dhparam = "/etc/ssl/certs/xmpp.dhparam";' /etc/prosody/conf.avail/xmpp.cfg.lua
- fi
- if ! grep -q 'options = {"no_sslv2", "no_sslv3" }' /etc/prosody/conf.avail/xmpp.cfg.lua; then
- sed -i '/certificate =/a\ options = {"no_sslv2", "no_sslv3" };' /etc/prosody/conf.avail/xmpp.cfg.lua
- fi
- if ! grep -q 'ciphers =' /etc/prosody/conf.avail/xmpp.cfg.lua; then
- sed -i "/certificate =/a\ ciphers = $XMPP_CIPHERS;" /etc/prosody/conf.avail/xmpp.cfg.lua
- fi
- if ! grep -q 'depth = "1";' /etc/prosody/conf.avail/xmpp.cfg.lua; then
- sed -i '/certificate =/a\ depth = "1";' /etc/prosody/conf.avail/xmpp.cfg.lua
- fi
- if ! grep -q 'curve =' /etc/prosody/conf.avail/xmpp.cfg.lua; then
- sed -i "/certificate =/a\ curve = $XMPP_ECC_CURVE;" /etc/prosody/conf.avail/xmpp.cfg.lua
- fi
-
- sed -i "s/example.com/$DEFAULT_DOMAIN_NAME/g" /etc/prosody/conf.avail/xmpp.cfg.lua
- sed -i 's/enabled = false -- Remove this line to enable this host//g' /etc/prosody/conf.avail/xmpp.cfg.lua
-
- if ! grep -q "modules_enabled" /etc/prosody/conf.avail/xmpp.cfg.lua; then
- echo '' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo 'modules_enabled = {' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo ' "bosh"; -- Enable mod_bosh' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo ' "tls"; -- Enable mod_tls' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo ' "saslauth"; -- Enable mod_saslauth' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo ' "onions"; -- Enable chat via onion service' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo ' "mam"; -- Message archive management' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo ' "csi"; -- Client state indication' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo ' "carbons"; -- Message carbons' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo ' "smacks"; -- Stream management' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo ' "smacks_offline"; -- Stream management' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo ' "pep"; -- Personal Eventing Protocol (to support OMEMO)' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo ' "privacy"; -- Privacy lists' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo ' "privacy_lists"; -- Privacy lists' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo ' "blocking"; -- Blocking command' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo ' "roster"; -- Roster versioning' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo '}' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo '' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo 'c2s_require_encryption = true' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo 's2s_require_encryption = true' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo 'allow_unencrypted_plain_auth = false' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- fi
- ln -sf /etc/prosody/conf.avail/xmpp.cfg.lua /etc/prosody/conf.d/xmpp.cfg.lua
-
- sed -i 's|/etc/prosody/certs/localhost.key|/etc/ssl/private/xmpp.key|g' /etc/prosody/prosody.cfg.lua
- sed -i 's|/etc/prosody/certs/localhost.crt|/etc/ssl/certs/xmpp.crt|g' /etc/prosody/prosody.cfg.lua
- if ! grep -q "xmpp.dhparam" /etc/prosody/prosody.cfg.lua; then
- sed -i '/certificate =/a\ dhparam = "/etc/ssl/certs/xmpp.dhparam";' /etc/prosody/prosody.cfg.lua
- fi
- if ! grep -q 'options = {"no_sslv2", "no_sslv3" }' /etc/prosody/prosody.cfg.lua; then
- sed -i '/certificate =/a\ options = {"no_sslv2", "no_sslv3" };' /etc/prosody/prosody.cfg.lua
- fi
- if ! grep -q 'ciphers =' /etc/prosody/prosody.cfg.lua; then
- sed -i "/certificate =/a\ ciphers = $XMPP_CIPHERS;" /etc/prosody/prosody.cfg.lua
- fi
- if ! grep -q 'depth = "1";' /etc/prosody/prosody.cfg.lua; then
- sed -i '/certificate =/a\ depth = "1";' /etc/prosody/prosody.cfg.lua
- fi
- if ! grep -q 'curve =' /etc/prosody/prosody.cfg.lua; then
- sed -i "/certificate =/a\ curve = $XMPP_ECC_CURVE;" /etc/prosody/prosody.cfg.lua
- fi
- sed -i 's/c2s_require_encryption = false/c2s_require_encryption = true/g' /etc/prosody/prosody.cfg.lua
- if ! grep -q "s2s_require_encryption" /etc/prosody/prosody.cfg.lua; then
- sed -i '/c2s_require_encryption/a\s2s_require_encryption = true' /etc/prosody/prosody.cfg.lua
- fi
- if ! grep -q "allow_unencrypted_plain_auth" /etc/prosody/prosody.cfg.lua; then
- echo 'allow_unencrypted_plain_auth = false' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- fi
- sed -i 's/--"bosh";/"bosh";/g' /etc/prosody/prosody.cfg.lua
- sed -i 's/authentication = "internal_plain"/authentication = "internal_hashed"/g' /etc/prosody/prosody.cfg.lua
- sed -i 's/enabled = false -- Remove this line to enable this host//g' /etc/prosody/prosody.cfg.lua
- sed -i 's|key = "/etc/prosody/certs/example.com.key"|key = "/etc/ssl/private/xmpp.key"|g' /etc/prosody/prosody.cfg.lua
- sed -i 's|certificate = "/etc/prosody/certs/example.com.crt"|certificate = "/etc/ssl/certs/xmpp.crt"|g' /etc/prosody/prosody.cfg.lua
- sed -i "s/example.com/$DEFAULT_DOMAIN_NAME/g" /etc/prosody/prosody.cfg.lua
-
- systemctl restart prosody
- touch /home/$MY_USERNAME/README
-
- if [ ! -d /var/lib/tor ]; then
- echo $'No Tor installation found. XMPP onion site cannot be configured.'
- exit 877367
- fi
- if ! grep -q "hidden_service_xmpp" /etc/tor/torrc; then
- echo 'HiddenServiceDir /var/lib/tor/hidden_service_xmpp/' >> /etc/tor/torrc
- echo "HiddenServicePort 5222 127.0.0.1:5222" >> /etc/tor/torrc
- echo "HiddenServicePort 5269 127.0.0.1:5269" >> /etc/tor/torrc
- echo $'Added onion site for XMPP chat'
- fi
-
- systemctl restart tor
- wait_for_onion_service 'xmpp'
-
- if [ ! -f /var/lib/tor/hidden_service_xmpp/hostname ]; then
- echo $'XMPP onion site hostname not found'
- exit 65349
- fi
- XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_xmpp/hostname)
- if ! grep -q "${XMPP_ONION_HOSTNAME}" /etc/prosody/conf.avail/xmpp.cfg.lua; then
- echo '' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo "VirtualHost \"${XMPP_ONION_HOSTNAME}\"" >> /etc/prosody/conf.avail/xmpp.cfg.lua
- echo ' modules_enabled = { "onions" };' >> /etc/prosody/conf.avail/xmpp.cfg.lua
- fi
- if ! grep -q "XMPP onion domain" $COMPLETION_FILE; then
- echo "XMPP onion domain:${XMPP_ONION_HOSTNAME}" >> $COMPLETION_FILE
- else
- sed -i "s|XMPP onion domain.*|XMPP onion domain:${XMPP_ONION_HOSTNAME}|g" $COMPLETION_FILE
- fi
-
- if ! grep -q "Your XMPP password is" /home/$MY_USERNAME/README; then
- if [ ${#XMPP_PASSWORD} -lt 8 ]; then
- if [ -f $IMAGE_PASSWORD_FILE ]; then
- XMPP_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
- else
- XMPP_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
- fi
- fi
- prosodyctl register $MY_USERNAME $DEFAULT_DOMAIN_NAME $XMPP_PASSWORD
- echo '' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo $'XMPP' >> /home/$MY_USERNAME/README
- echo '====' >> /home/$MY_USERNAME/README
- echo $"XMPP onion domain: ${XMPP_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
- echo $"Your XMPP password is: $XMPP_PASSWORD" >> /home/$MY_USERNAME/README
- echo $'You can change it with: ' >> /home/$MY_USERNAME/README
- echo '' >> /home/$MY_USERNAME/README
- echo " prosodyctl passwd $MY_EMAIL_ADDRESS" >> /home/$MY_USERNAME/README
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
- chmod 600 /home/$MY_USERNAME/README
- fi
-
- function_check configure_firewall_for_xmpp
- configure_firewall_for_xmpp
-
- echo 'install_xmpp_main' >> $COMPLETION_FILE
+ update_prosody_modules
+
+ if grep -Fxq "install_xmpp_main" $COMPLETION_FILE; then
+ return
+ fi
+ apt-get -y install lua-sec lua-bitop
+ apt-get -y install prosody prosody-modules mercurial
+
+ if [ ! -d /etc/prosody ]; then
+ echo $"ERROR: prosody does not appear to have installed. $CHECK_MESSAGE"
+ exit 52
+ fi
+
+ # obtain the prosody modules
+ cd $INSTALL_DIR
+ hg clone https://hg.prosody.im/prosody-modules/ prosody-modules
+ if [ ! -d $INSTALL_DIR/prosody-modules/mod_onions ]; then
+ echo $'mod_onions prosody module could not be found'
+ exit 73254
+ fi
+
+ # install the onions module
+ update_prosody_modules
+ if [ ! -f /usr/lib/prosody/modules/mod_onions.lua ]; then
+ echo $'mod_onions.lua could not be copied to the prosody modules directory'
+ exit 63952
+ fi
+
+ # create a certificate
+ if [ ! -f /etc/ssl/certs/xmpp.dhparam ]; then
+ ${PROJECT_NAME}-addcert -h xmpp --dhkey $DH_KEYLENGTH
+ check_certificates xmpp
+ fi
+ chown prosody:prosody /etc/ssl/private/xmpp.key
+ chown prosody:prosody /etc/ssl/certs/xmpp.*
+ cp -a /etc/prosody/conf.avail/example.com.cfg.lua /etc/prosody/conf.avail/xmpp.cfg.lua
+
+ sed -i 's|/etc/prosody/certs/example.com.key|/etc/ssl/private/xmpp.key|g' /etc/prosody/conf.avail/xmpp.cfg.lua
+ sed -i 's|/etc/prosody/certs/example.com.crt|/etc/ssl/certs/xmpp.crt|g' /etc/prosody/conf.avail/xmpp.cfg.lua
+ if ! grep -q "xmpp.dhparam" /etc/prosody/conf.avail/xmpp.cfg.lua; then
+ sed -i '/certificate =/a\ dhparam = "/etc/ssl/certs/xmpp.dhparam";' /etc/prosody/conf.avail/xmpp.cfg.lua
+ fi
+ if ! grep -q 'options = {"no_sslv2", "no_sslv3" }' /etc/prosody/conf.avail/xmpp.cfg.lua; then
+ sed -i '/certificate =/a\ options = {"no_sslv2", "no_sslv3" };' /etc/prosody/conf.avail/xmpp.cfg.lua
+ fi
+ if ! grep -q 'ciphers =' /etc/prosody/conf.avail/xmpp.cfg.lua; then
+ sed -i "/certificate =/a\ ciphers = $XMPP_CIPHERS;" /etc/prosody/conf.avail/xmpp.cfg.lua
+ fi
+ if ! grep -q 'depth = "1";' /etc/prosody/conf.avail/xmpp.cfg.lua; then
+ sed -i '/certificate =/a\ depth = "1";' /etc/prosody/conf.avail/xmpp.cfg.lua
+ fi
+ if ! grep -q 'curve =' /etc/prosody/conf.avail/xmpp.cfg.lua; then
+ sed -i "/certificate =/a\ curve = $XMPP_ECC_CURVE;" /etc/prosody/conf.avail/xmpp.cfg.lua
+ fi
+
+ sed -i "s/example.com/$DEFAULT_DOMAIN_NAME/g" /etc/prosody/conf.avail/xmpp.cfg.lua
+ sed -i 's/enabled = false -- Remove this line to enable this host//g' /etc/prosody/conf.avail/xmpp.cfg.lua
+
+ if ! grep -q "modules_enabled" /etc/prosody/conf.avail/xmpp.cfg.lua; then
+ echo '' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo 'modules_enabled = {' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo ' "bosh"; -- Enable mod_bosh' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo ' "tls"; -- Enable mod_tls' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo ' "saslauth"; -- Enable mod_saslauth' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo ' "onions"; -- Enable chat via onion service' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo ' "mam"; -- Message archive management' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo ' "csi"; -- Client state indication' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo ' "carbons"; -- Message carbons' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo ' "smacks"; -- Stream management' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo ' "smacks_offline"; -- Stream management' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo ' "pep"; -- Personal Eventing Protocol (to support OMEMO)' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo ' "privacy"; -- Privacy lists' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo ' "privacy_lists"; -- Privacy lists' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo ' "blocking"; -- Blocking command' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo ' "roster"; -- Roster versioning' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo '}' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo '' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo 'c2s_require_encryption = true' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo 's2s_require_encryption = true' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo 'allow_unencrypted_plain_auth = false' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ fi
+ ln -sf /etc/prosody/conf.avail/xmpp.cfg.lua /etc/prosody/conf.d/xmpp.cfg.lua
+
+ sed -i 's|/etc/prosody/certs/localhost.key|/etc/ssl/private/xmpp.key|g' /etc/prosody/prosody.cfg.lua
+ sed -i 's|/etc/prosody/certs/localhost.crt|/etc/ssl/certs/xmpp.crt|g' /etc/prosody/prosody.cfg.lua
+ if ! grep -q "xmpp.dhparam" /etc/prosody/prosody.cfg.lua; then
+ sed -i '/certificate =/a\ dhparam = "/etc/ssl/certs/xmpp.dhparam";' /etc/prosody/prosody.cfg.lua
+ fi
+ if ! grep -q 'options = {"no_sslv2", "no_sslv3" }' /etc/prosody/prosody.cfg.lua; then
+ sed -i '/certificate =/a\ options = {"no_sslv2", "no_sslv3" };' /etc/prosody/prosody.cfg.lua
+ fi
+ if ! grep -q 'ciphers =' /etc/prosody/prosody.cfg.lua; then
+ sed -i "/certificate =/a\ ciphers = $XMPP_CIPHERS;" /etc/prosody/prosody.cfg.lua
+ fi
+ if ! grep -q 'depth = "1";' /etc/prosody/prosody.cfg.lua; then
+ sed -i '/certificate =/a\ depth = "1";' /etc/prosody/prosody.cfg.lua
+ fi
+ if ! grep -q 'curve =' /etc/prosody/prosody.cfg.lua; then
+ sed -i "/certificate =/a\ curve = $XMPP_ECC_CURVE;" /etc/prosody/prosody.cfg.lua
+ fi
+ sed -i 's/c2s_require_encryption = false/c2s_require_encryption = true/g' /etc/prosody/prosody.cfg.lua
+ if ! grep -q "s2s_require_encryption" /etc/prosody/prosody.cfg.lua; then
+ sed -i '/c2s_require_encryption/a\s2s_require_encryption = true' /etc/prosody/prosody.cfg.lua
+ fi
+ if ! grep -q "allow_unencrypted_plain_auth" /etc/prosody/prosody.cfg.lua; then
+ echo 'allow_unencrypted_plain_auth = false' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ fi
+ sed -i 's/--"bosh";/"bosh";/g' /etc/prosody/prosody.cfg.lua
+ sed -i 's/authentication = "internal_plain"/authentication = "internal_hashed"/g' /etc/prosody/prosody.cfg.lua
+ sed -i 's/enabled = false -- Remove this line to enable this host//g' /etc/prosody/prosody.cfg.lua
+ sed -i 's|key = "/etc/prosody/certs/example.com.key"|key = "/etc/ssl/private/xmpp.key"|g' /etc/prosody/prosody.cfg.lua
+ sed -i 's|certificate = "/etc/prosody/certs/example.com.crt"|certificate = "/etc/ssl/certs/xmpp.crt"|g' /etc/prosody/prosody.cfg.lua
+ sed -i "s/example.com/$DEFAULT_DOMAIN_NAME/g" /etc/prosody/prosody.cfg.lua
+
+ systemctl restart prosody
+ touch /home/$MY_USERNAME/README
+
+ if [ ! -d /var/lib/tor ]; then
+ echo $'No Tor installation found. XMPP onion site cannot be configured.'
+ exit 877367
+ fi
+ if ! grep -q "hidden_service_xmpp" /etc/tor/torrc; then
+ echo 'HiddenServiceDir /var/lib/tor/hidden_service_xmpp/' >> /etc/tor/torrc
+ echo "HiddenServicePort 5222 127.0.0.1:5222" >> /etc/tor/torrc
+ echo "HiddenServicePort 5269 127.0.0.1:5269" >> /etc/tor/torrc
+ echo $'Added onion site for XMPP chat'
+ fi
+
+ systemctl restart tor
+ wait_for_onion_service 'xmpp'
+
+ if [ ! -f /var/lib/tor/hidden_service_xmpp/hostname ]; then
+ echo $'XMPP onion site hostname not found'
+ exit 65349
+ fi
+ XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_xmpp/hostname)
+ if ! grep -q "${XMPP_ONION_HOSTNAME}" /etc/prosody/conf.avail/xmpp.cfg.lua; then
+ echo '' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo "VirtualHost \"${XMPP_ONION_HOSTNAME}\"" >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ echo ' modules_enabled = { "onions" };' >> /etc/prosody/conf.avail/xmpp.cfg.lua
+ fi
+ if ! grep -q "XMPP onion domain" $COMPLETION_FILE; then
+ echo "XMPP onion domain:${XMPP_ONION_HOSTNAME}" >> $COMPLETION_FILE
+ else
+ sed -i "s|XMPP onion domain.*|XMPP onion domain:${XMPP_ONION_HOSTNAME}|g" $COMPLETION_FILE
+ fi
+
+ if ! grep -q "Your XMPP password is" /home/$MY_USERNAME/README; then
+ if [ ${#XMPP_PASSWORD} -lt 8 ]; then
+ if [ -f $IMAGE_PASSWORD_FILE ]; then
+ XMPP_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
+ else
+ XMPP_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
+ fi
+ fi
+ prosodyctl register $MY_USERNAME $DEFAULT_DOMAIN_NAME $XMPP_PASSWORD
+ echo '' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo $'XMPP' >> /home/$MY_USERNAME/README
+ echo '====' >> /home/$MY_USERNAME/README
+ echo $"XMPP onion domain: ${XMPP_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
+ echo $"Your XMPP password is: $XMPP_PASSWORD" >> /home/$MY_USERNAME/README
+ echo $'You can change it with: ' >> /home/$MY_USERNAME/README
+ echo '' >> /home/$MY_USERNAME/README
+ echo " prosodyctl passwd $MY_EMAIL_ADDRESS" >> /home/$MY_USERNAME/README
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
+ chmod 600 /home/$MY_USERNAME/README
+ fi
+
+ function_check configure_firewall_for_xmpp
+ configure_firewall_for_xmpp
+
+ echo 'install_xmpp_main' >> $COMPLETION_FILE
}
function install_xmpp_client {
- if grep -Fxq "install_xmpp_client" $COMPLETION_FILE; then
- return
- fi
- apt-get -y install profanity
-
- XMPP_CLIENT_DIR=/home/$MY_USERNAME/.local/share/profanity
- XMPP_CLIENT_ACCOUNTS=$XMPP_CLIENT_DIR/accounts
- if [ ! -d $XMPP_CLIENT_DIR ]; then
- mkdir -p $XMPP_CLIENT_DIR
- fi
-
+ if grep -Fxq "install_xmpp_client" $COMPLETION_FILE; then
+ return
+ fi
+ apt-get -y install profanity
+
+ XMPP_CLIENT_DIR=/home/$MY_USERNAME/.local/share/profanity
+ XMPP_CLIENT_ACCOUNTS=$XMPP_CLIENT_DIR/accounts
+ if [ ! -d $XMPP_CLIENT_DIR ]; then
+ mkdir -p $XMPP_CLIENT_DIR
+ fi
+
+ if [[ $ONION_ONLY == 'no' ]]; then
+ echo "[${MY_USERNAME}@${DEFAULT_DOMAIN_NAME}]" > $XMPP_CLIENT_ACCOUNTS
+ echo 'enabled=true' >> $XMPP_CLIENT_ACCOUNTS
+ echo "jid=${MY_USERNAME}@${DEFAULT_DOMAIN_NAME}" >> $XMPP_CLIENT_ACCOUNTS
+ echo 'resource=profanity' >> $XMPP_CLIENT_ACCOUNTS
+ echo "muc.service=conference.${DEFAULT_DOMAIN_NAME}" >> $XMPP_CLIENT_ACCOUNTS
+ echo "muc.nick=${MY_USERNAME}" >> $XMPP_CLIENT_ACCOUNTS
+ echo 'presence.last=online' >> $XMPP_CLIENT_ACCOUNTS
+ echo 'presence.login=online' >> $XMPP_CLIENT_ACCOUNTS
+ echo 'priority.online=0' >> $XMPP_CLIENT_ACCOUNTS
+ echo 'priority.chat=0' >> $XMPP_CLIENT_ACCOUNTS
+ echo 'priority.away=0' >> $XMPP_CLIENT_ACCOUNTS
+ echo 'priority.xa=0' >> $XMPP_CLIENT_ACCOUNTS
+ echo 'priority.dnd=0' >> $XMPP_CLIENT_ACCOUNTS
+ if [ ${#XMPP_PASSWORD} -gt 2 ]; then
+ echo "password=$XMPP_PASSWORD" >> $XMPP_CLIENT_ACCOUNTS
+ fi
+ fi
+
+ if [ -f /var/lib/tor/hidden_service_xmpp/hostname ]; then
+ XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_xmpp/hostname)
+ echo "[${MY_USERNAME}@${XMPP_ONION_HOSTNAME}]" >> $XMPP_CLIENT_ACCOUNTS
if [[ $ONION_ONLY == 'no' ]]; then
- echo "[${MY_USERNAME}@${DEFAULT_DOMAIN_NAME}]" > $XMPP_CLIENT_ACCOUNTS
- echo 'enabled=true' >> $XMPP_CLIENT_ACCOUNTS
- echo "jid=${MY_USERNAME}@${DEFAULT_DOMAIN_NAME}" >> $XMPP_CLIENT_ACCOUNTS
- echo 'resource=profanity' >> $XMPP_CLIENT_ACCOUNTS
- echo "muc.service=conference.${DEFAULT_DOMAIN_NAME}" >> $XMPP_CLIENT_ACCOUNTS
- echo "muc.nick=${MY_USERNAME}" >> $XMPP_CLIENT_ACCOUNTS
- echo 'presence.last=online' >> $XMPP_CLIENT_ACCOUNTS
- echo 'presence.login=online' >> $XMPP_CLIENT_ACCOUNTS
- echo 'priority.online=0' >> $XMPP_CLIENT_ACCOUNTS
- echo 'priority.chat=0' >> $XMPP_CLIENT_ACCOUNTS
- echo 'priority.away=0' >> $XMPP_CLIENT_ACCOUNTS
- echo 'priority.xa=0' >> $XMPP_CLIENT_ACCOUNTS
- echo 'priority.dnd=0' >> $XMPP_CLIENT_ACCOUNTS
- if [ ${#XMPP_PASSWORD} -gt 2 ]; then
- echo "password=$XMPP_PASSWORD" >> $XMPP_CLIENT_ACCOUNTS
- fi
- fi
-
- if [ -f /var/lib/tor/hidden_service_xmpp/hostname ]; then
- XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_xmpp/hostname)
- echo "[${MY_USERNAME}@${XMPP_ONION_HOSTNAME}]" >> $XMPP_CLIENT_ACCOUNTS
- if [[ $ONION_ONLY == 'no' ]]; then
- echo 'enabled=false' >> $XMPP_CLIENT_ACCOUNTS
- else
- echo 'enabled=true' >> $XMPP_CLIENT_ACCOUNTS
- fi
- echo "jid=${MY_USERNAME}@${XMPP_ONION_HOSTNAME}" >> $XMPP_CLIENT_ACCOUNTS
- echo 'resource=profanity' >> $XMPP_CLIENT_ACCOUNTS
- echo "muc.service=conference.${XMPP_ONION_HOSTNAME}" >> $XMPP_CLIENT_ACCOUNTS
- echo "muc.nick=${MY_USERNAME}" >> $XMPP_CLIENT_ACCOUNTS
- echo 'presence.last=online' >> $XMPP_CLIENT_ACCOUNTS
- echo 'presence.login=online' >> $XMPP_CLIENT_ACCOUNTS
- echo 'priority.online=0' >> $XMPP_CLIENT_ACCOUNTS
- echo 'priority.chat=0' >> $XMPP_CLIENT_ACCOUNTS
- echo 'priority.away=0' >> $XMPP_CLIENT_ACCOUNTS
- echo 'priority.xa=0' >> $XMPP_CLIENT_ACCOUNTS
- echo 'priority.dnd=0' >> $XMPP_CLIENT_ACCOUNTS
- if [ ${#XMPP_PASSWORD} -gt 2 ]; then
- echo "password=$XMPP_PASSWORD" >> $XMPP_CLIENT_ACCOUNTS
- fi
- fi
-
- if [ ! -d /home/$MY_USERNAME/.config/profanity ]; then
- mkdir /home/$MY_USERNAME/.config/profanity
- fi
- echo '[connection]' > /home/$MY_USERNAME/.config/profanity/profrc
- echo "account=${MY_USERNAME}@${DEFAULT_DOMAIN_NAME}" >> /home/$MY_USERNAME/.config/profanity/profrc
-
- chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.local
- chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.config
-
- echo 'install_xmpp_client' >> $COMPLETION_FILE
+ echo 'enabled=false' >> $XMPP_CLIENT_ACCOUNTS
+ else
+ echo 'enabled=true' >> $XMPP_CLIENT_ACCOUNTS
+ fi
+ echo "jid=${MY_USERNAME}@${XMPP_ONION_HOSTNAME}" >> $XMPP_CLIENT_ACCOUNTS
+ echo 'resource=profanity' >> $XMPP_CLIENT_ACCOUNTS
+ echo "muc.service=conference.${XMPP_ONION_HOSTNAME}" >> $XMPP_CLIENT_ACCOUNTS
+ echo "muc.nick=${MY_USERNAME}" >> $XMPP_CLIENT_ACCOUNTS
+ echo 'presence.last=online' >> $XMPP_CLIENT_ACCOUNTS
+ echo 'presence.login=online' >> $XMPP_CLIENT_ACCOUNTS
+ echo 'priority.online=0' >> $XMPP_CLIENT_ACCOUNTS
+ echo 'priority.chat=0' >> $XMPP_CLIENT_ACCOUNTS
+ echo 'priority.away=0' >> $XMPP_CLIENT_ACCOUNTS
+ echo 'priority.xa=0' >> $XMPP_CLIENT_ACCOUNTS
+ echo 'priority.dnd=0' >> $XMPP_CLIENT_ACCOUNTS
+ if [ ${#XMPP_PASSWORD} -gt 2 ]; then
+ echo "password=$XMPP_PASSWORD" >> $XMPP_CLIENT_ACCOUNTS
+ fi
+ fi
+
+ if [ ! -d /home/$MY_USERNAME/.config/profanity ]; then
+ mkdir /home/$MY_USERNAME/.config/profanity
+ fi
+ echo '[connection]' > /home/$MY_USERNAME/.config/profanity/profrc
+ echo "account=${MY_USERNAME}@${DEFAULT_DOMAIN_NAME}" >> /home/$MY_USERNAME/.config/profanity/profrc
+
+ chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.local
+ chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.config
+
+ echo 'install_xmpp_client' >> $COMPLETION_FILE
}
function install_xmpp {
- if grep -Fxq "install_xmpp" $COMPLETION_FILE; then
- return
- fi
- install_xmpp_main
- install_xmpp_client
- echo 'install_xmpp' >> $COMPLETION_FILE
+ if grep -Fxq "install_xmpp" $COMPLETION_FILE; then
+ return
+ fi
+ install_xmpp_main
+ install_xmpp_client
+ echo 'install_xmpp' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-app-zeronet b/src/freedombone-app-zeronet
index 92d49a0ad..e491476f9 100755
--- a/src/freedombone-app-zeronet
+++ b/src/freedombone-app-zeronet
@@ -50,621 +50,621 @@ ZERONET_ID_REPO="https://github.com/HelloZeroNet/ZeroID"
ZERONET_ID_COMMIT='ccf14fdc96fa9cdb2ddd8a7ab283a8e17a4f234b'
function reconfigure_zeronet {
- echo -n ''
+ echo -n ''
}
function upgrade_zeronet {
- if ! grep -Fxq "install_zeronet" $COMPLETION_FILE; then
- return
- fi
- function_check set_repo_commit
- set_repo_commit $MESH_INSTALL_DIR/zeronet "ZeroNet commit" "$ZERONET_COMMIT" $ZERONET_REPO
- set_repo_commit $MESH_INSTALL_DIR/zeronet/ZeroBlog "ZeroNet Blog commit" "$ZERONET_BLOG_COMMIT" $ZERONET_BLOG_REPO
- set_repo_commit $MESH_INSTALL_DIR/zeronet/ZeroMail "ZeroNet Mail commit" "$ZERONET_MAIL_COMMIT" $ZERONET_MAIL_REPO
- set_repo_commit $MESH_INSTALL_DIR/zeronet/ZeroTalk "ZeroNet Forum commit" "$ZERONET_FORUM_COMMIT" $ZERONET_FORUM_REPO
+ if ! grep -Fxq "install_zeronet" $COMPLETION_FILE; then
+ return
+ fi
+ function_check set_repo_commit
+ set_repo_commit $MESH_INSTALL_DIR/zeronet "ZeroNet commit" "$ZERONET_COMMIT" $ZERONET_REPO
+ set_repo_commit $MESH_INSTALL_DIR/zeronet/ZeroBlog "ZeroNet Blog commit" "$ZERONET_BLOG_COMMIT" $ZERONET_BLOG_REPO
+ set_repo_commit $MESH_INSTALL_DIR/zeronet/ZeroMail "ZeroNet Mail commit" "$ZERONET_MAIL_COMMIT" $ZERONET_MAIL_REPO
+ set_repo_commit $MESH_INSTALL_DIR/zeronet/ZeroTalk "ZeroNet Forum commit" "$ZERONET_FORUM_COMMIT" $ZERONET_FORUM_REPO
}
function backup_local_zeronet {
- echo -n ''
+ echo -n ''
}
function restore_local_zeronet {
- echo -n ''
+ echo -n ''
}
function backup_remote_zeronet {
- echo -n ''
+ echo -n ''
}
function restore_remote_zeronet {
- echo -n ''
+ echo -n ''
}
function remove_zeronet_blog {
- if ! grep -Fxq "install_zeronet_blog" $COMPLETION_FILE; then
- return
- fi
- if [ -d $MESH_INSTALL_DIR/zeronet/ZeroBlog ]; then
- rm -rf $MESH_INSTALL_DIR/zeronet/ZeroBlog
- fi
- sed -i '/install_zeronet_blog/d' $COMPLETION_FILE
- sed -i '/ZeroNet Blog/d' $COMPLETION_FILE
+ if ! grep -Fxq "install_zeronet_blog" $COMPLETION_FILE; then
+ return
+ fi
+ if [ -d $MESH_INSTALL_DIR/zeronet/ZeroBlog ]; then
+ rm -rf $MESH_INSTALL_DIR/zeronet/ZeroBlog
+ fi
+ sed -i '/install_zeronet_blog/d' $COMPLETION_FILE
+ sed -i '/ZeroNet Blog/d' $COMPLETION_FILE
}
function remove_zeronet_mail {
- if ! grep -Fxq "install_zeronet_mail" $COMPLETION_FILE; then
- return
- fi
- if [ -d $MESH_INSTALL_DIR/zeronet/ZeroMail ]; then
- rm -rf $MESH_INSTALL_DIR/zeronet/ZeroMail
- fi
- sed -i '/install_zeronet_mail/d' $COMPLETION_FILE
- sed -i '/ZeroNet Mail/d' $COMPLETION_FILE
+ if ! grep -Fxq "install_zeronet_mail" $COMPLETION_FILE; then
+ return
+ fi
+ if [ -d $MESH_INSTALL_DIR/zeronet/ZeroMail ]; then
+ rm -rf $MESH_INSTALL_DIR/zeronet/ZeroMail
+ fi
+ sed -i '/install_zeronet_mail/d' $COMPLETION_FILE
+ sed -i '/ZeroNet Mail/d' $COMPLETION_FILE
}
function remove_zeronet_forum {
- if ! grep -Fxq "install_zeronet_forum" $COMPLETION_FILE; then
- return
- fi
- if [ -d $MESH_INSTALL_DIR/zeronet/ZeroTalk ]; then
- rm -rf $MESH_INSTALL_DIR/zeronet/ZeroTalk
- fi
- sed -i '/install_zeronet_forum/d' $COMPLETION_FILE
- sed -i '/ZeroNet Forum/d' $COMPLETION_FILE
+ if ! grep -Fxq "install_zeronet_forum" $COMPLETION_FILE; then
+ return
+ fi
+ if [ -d $MESH_INSTALL_DIR/zeronet/ZeroTalk ]; then
+ rm -rf $MESH_INSTALL_DIR/zeronet/ZeroTalk
+ fi
+ sed -i '/install_zeronet_forum/d' $COMPLETION_FILE
+ sed -i '/ZeroNet Forum/d' $COMPLETION_FILE
}
function remove_zeronet {
- remove_zeronet_blog
- remove_zeronet_mail
- remove_zeronet_forum
- if ! grep -Fxq "install_zeronet" $COMPLETION_FILE; then
- return
- fi
- iptables -D INPUT -i $WIFI_INTERFACE -p udp --dport $ZERONET_PORT -j ACCEPT
- iptables -D INPUT -i $WIFI_INTERFACE -p tcp --dport $ZERONET_PORT -j ACCEPT
- iptables -D INPUT -i $WIFI_INTERFACE -p udp --dport $TRACKER_PORT -j ACCEPT
- iptables -D INPUT -i $WIFI_INTERFACE -p tcp --dport $TRACKER_PORT -j ACCEPT
- iptables -D INPUT -i $WIFI_INTERFACE -p udp --dport 1900 -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
- ${PROJECT_NAME}-mesh-install -f zeronet --remove yes
- sed -i '/install_zeronet/d' $COMPLETION_FILE
- sed -i '/ZeroNet /d' $COMPLETION_FILE
- sed -i '/configure_firewall_for_zeronet/d' $COMPLETION_FILE
+ remove_zeronet_blog
+ remove_zeronet_mail
+ remove_zeronet_forum
+ if ! grep -Fxq "install_zeronet" $COMPLETION_FILE; then
+ return
+ fi
+ iptables -D INPUT -i $WIFI_INTERFACE -p udp --dport $ZERONET_PORT -j ACCEPT
+ iptables -D INPUT -i $WIFI_INTERFACE -p tcp --dport $ZERONET_PORT -j ACCEPT
+ iptables -D INPUT -i $WIFI_INTERFACE -p udp --dport $TRACKER_PORT -j ACCEPT
+ iptables -D INPUT -i $WIFI_INTERFACE -p tcp --dport $TRACKER_PORT -j ACCEPT
+ iptables -D INPUT -i $WIFI_INTERFACE -p udp --dport 1900 -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+ ${PROJECT_NAME}-mesh-install -f zeronet --remove yes
+ sed -i '/install_zeronet/d' $COMPLETION_FILE
+ sed -i '/ZeroNet /d' $COMPLETION_FILE
+ sed -i '/configure_firewall_for_zeronet/d' $COMPLETION_FILE
}
function configure_firewall_for_zeronet {
- if grep -Fxq "configure_firewall_for_zeronet" $COMPLETION_FILE; then
- return
- fi
- iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport $ZERONET_PORT -j ACCEPT
- iptables -A INPUT -i $WIFI_INTERFACE -p tcp --dport $ZERONET_PORT -j ACCEPT
- iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport $TRACKER_PORT -j ACCEPT
- iptables -A INPUT -i $WIFI_INTERFACE -p tcp --dport $TRACKER_PORT -j ACCEPT
- iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport 1900 -j ACCEPT
- function_check save_firewall_settings
- save_firewall_settings
-
- OPEN_PORTS+=("ZeroNet $ZERONET_PORT")
- OPEN_PORTS+=("Tracker $TRACKER_PORT")
- echo 'configure_firewall_for_zeronet' >> $COMPLETION_FILE
+ if grep -Fxq "configure_firewall_for_zeronet" $COMPLETION_FILE; then
+ return
+ fi
+ iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport $ZERONET_PORT -j ACCEPT
+ iptables -A INPUT -i $WIFI_INTERFACE -p tcp --dport $ZERONET_PORT -j ACCEPT
+ iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport $TRACKER_PORT -j ACCEPT
+ iptables -A INPUT -i $WIFI_INTERFACE -p tcp --dport $TRACKER_PORT -j ACCEPT
+ iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport 1900 -j ACCEPT
+ function_check save_firewall_settings
+ save_firewall_settings
+
+ OPEN_PORTS+=("ZeroNet $ZERONET_PORT")
+ OPEN_PORTS+=("Tracker $TRACKER_PORT")
+ echo 'configure_firewall_for_zeronet' >> $COMPLETION_FILE
}
function install_zeronet_blog {
- if grep -Fxq "install_zeronet_blog" $COMPLETION_FILE; then
- return
- fi
-
- if [ ! -f /home/$MY_USERNAME/README ]; then
- touch /home/$MY_USERNAME/README
- fi
-
- if grep -q "ZeroNet Blog address" /home/$MY_USERNAME/README; then
- return
- fi
-
- if [ ! -d /etc/avahi ]; then
- echo $'Avahi is not installed'
- exit 736
- fi
-
- ZERONET_DEFAULT_BLOG_TITLE="${MY_USERNAME}'s Blog"
-
- cd $MESH_INSTALL_DIR/zeronet
- python zeronet.py --batch siteCreate 2> $MESH_INSTALL_DIR/zeronet/blog.txt
- if [ ! -f $MESH_INSTALL_DIR/zeronet/blog.txt ]; then
- echo $'Unable to create blog'
- exit 479
- fi
- blog_address=$(cat blog.txt | grep "Site address" | awk -F ':' '{print $2}')
- blog_private_key=$(cat blog.txt | grep "Site private key" | awk -F ':' '{print $2}')
- ZERONET_BLOG_ADDRESS=${blog_address//[[:blank:]]/}
- ZERONET_BLOG_PRIVATE_KEY=${blog_private_key//[[:blank:]]/}
-
- if [ ${#ZERONET_BLOG_ADDRESS} -lt 20 ]; then
- echo $"Address: $ZERONET_BLOG_ADDRESS"
- echo $"Public key: $ZERONET_BLOG_PRIVATE_KEY"
- echo $'Unable to create zeronet blog address'
- exit 7358
- fi
-
- if [ ${#ZERONET_BLOG_PRIVATE_KEY} -lt 20 ]; then
- echo $"Address: $ZERONET_BLOG_ADDRESS"
- echo $"Public key: $ZERONET_BLOG_PRIVATE_KEY"
- echo $'Unable to create zeronet blog private key'
- exit 1639
- fi
-
- if [ ! -d "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS" ]; then
- echo $"Unable to find site directory: $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS"
- exit 7638
- fi
-
- function_check git_clone
- git_clone $ZERONET_BLOG_REPO ZeroBlog
- if [ ! -d $MESH_INSTALL_DIR/zeronet/ZeroBlog ]; then
- echo $'ZeroBlog repo could not be cloned'
- exit 6739
- fi
- cd $MESH_INSTALL_DIR/zeronet/ZeroBlog
- git checkout $ZERONET_BLOG_COMMIT -b $ZERONET_BLOG_COMMIT
- if ! grep -q "ZeroNet Blog commit" $COMPLETION_FILE; then
- echo "ZeroNet Blog commit:$ZERONET_BLOG_COMMIT" >> $COMPLETION_FILE
- else
- sed -i "s/ZeroNet Blog commit.*/ZeroNet Blog commit:$ZERONET_BLOG_COMMIT/g" $COMPLETION_FILE
- fi
-
- echo $"ZeroNet Blog address: $ZERONET_BLOG_ADDRESS"
- echo $"ZeroNet Blog private key: $ZERONET_BLOG_PRIVATE_KEY"
- cp -r $MESH_INSTALL_DIR/zeronet/ZeroBlog/* $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS
-
- if [ ! -d $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data ]; then
- mkdir $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data
- fi
- cp $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data-default/data.json $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data
- sed -i "s/MyZeroBlog/$ZERONET_DEFAULT_BLOG_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data/data.json
- sed -i "s/My ZeroBlog./$ZERONET_DEFAULT_BLOG_TAGLINE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data/data.json
- sed -i "s/ZeroBlog Demo/$ZERONET_DEFAULT_BLOG_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/index.html
- sed -i "s|<h3 class=\"description\">.*|<h3 class=\"description\">$ZERONET_DEFAULT_BLOG_TAGLINE</h3>|g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/index.html
- sed -i "s/Blogging platform Demo/Blogging platform/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/content.json
- python zeronet.py siteSign $ZERONET_BLOG_ADDRESS $ZERONET_BLOG_PRIVATE_KEY
-
- # Add an avahi service
- function_check create_avahi_service
- create_avahi_service zeronet-blog "zeronet-blog" udp $ZERONET_PORT "${ZERONET_URL}/${ZERONET_BLOG_ADDRESS}"
- cp /tmp/zeronet-blog.service /etc/avahi/services/zeronet-blog.service
-
- chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
-
- if [ ! -d /home/$MY_USERNAME/.config/zeronet ]; then
- mkdir -p /home/$MY_USERNAME/.config/zeronet
- chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.config
- fi
- echo "${ZERONET_URL}/${ZERONET_BLOG_ADDRESS}" > /home/$MY_USERNAME/.config/zeronet/myblog
-
- if ! grep -q "ZeroNet Blog address" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo "ZeroNet Blog address: $ZERONET_BLOG_ADDRESS" >> /home/$MY_USERNAME/README
- echo "ZeroNet Blog private key: $ZERONET_BLOG_PRIVATE_KEY" >> /home/$MY_USERNAME/README
- fi
-
- echo 'install_zeronet_blog' >> $COMPLETION_FILE
+ if grep -Fxq "install_zeronet_blog" $COMPLETION_FILE; then
+ return
+ fi
+
+ if [ ! -f /home/$MY_USERNAME/README ]; then
+ touch /home/$MY_USERNAME/README
+ fi
+
+ if grep -q "ZeroNet Blog address" /home/$MY_USERNAME/README; then
+ return
+ fi
+
+ if [ ! -d /etc/avahi ]; then
+ echo $'Avahi is not installed'
+ exit 736
+ fi
+
+ ZERONET_DEFAULT_BLOG_TITLE="${MY_USERNAME}'s Blog"
+
+ cd $MESH_INSTALL_DIR/zeronet
+ python zeronet.py --batch siteCreate 2> $MESH_INSTALL_DIR/zeronet/blog.txt
+ if [ ! -f $MESH_INSTALL_DIR/zeronet/blog.txt ]; then
+ echo $'Unable to create blog'
+ exit 479
+ fi
+ blog_address=$(cat blog.txt | grep "Site address" | awk -F ':' '{print $2}')
+ blog_private_key=$(cat blog.txt | grep "Site private key" | awk -F ':' '{print $2}')
+ ZERONET_BLOG_ADDRESS=${blog_address//[[:blank:]]/}
+ ZERONET_BLOG_PRIVATE_KEY=${blog_private_key//[[:blank:]]/}
+
+ if [ ${#ZERONET_BLOG_ADDRESS} -lt 20 ]; then
+ echo $"Address: $ZERONET_BLOG_ADDRESS"
+ echo $"Public key: $ZERONET_BLOG_PRIVATE_KEY"
+ echo $'Unable to create zeronet blog address'
+ exit 7358
+ fi
+
+ if [ ${#ZERONET_BLOG_PRIVATE_KEY} -lt 20 ]; then
+ echo $"Address: $ZERONET_BLOG_ADDRESS"
+ echo $"Public key: $ZERONET_BLOG_PRIVATE_KEY"
+ echo $'Unable to create zeronet blog private key'
+ exit 1639
+ fi
+
+ if [ ! -d "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS" ]; then
+ echo $"Unable to find site directory: $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS"
+ exit 7638
+ fi
+
+ function_check git_clone
+ git_clone $ZERONET_BLOG_REPO ZeroBlog
+ if [ ! -d $MESH_INSTALL_DIR/zeronet/ZeroBlog ]; then
+ echo $'ZeroBlog repo could not be cloned'
+ exit 6739
+ fi
+ cd $MESH_INSTALL_DIR/zeronet/ZeroBlog
+ git checkout $ZERONET_BLOG_COMMIT -b $ZERONET_BLOG_COMMIT
+ if ! grep -q "ZeroNet Blog commit" $COMPLETION_FILE; then
+ echo "ZeroNet Blog commit:$ZERONET_BLOG_COMMIT" >> $COMPLETION_FILE
+ else
+ sed -i "s/ZeroNet Blog commit.*/ZeroNet Blog commit:$ZERONET_BLOG_COMMIT/g" $COMPLETION_FILE
+ fi
+
+ echo $"ZeroNet Blog address: $ZERONET_BLOG_ADDRESS"
+ echo $"ZeroNet Blog private key: $ZERONET_BLOG_PRIVATE_KEY"
+ cp -r $MESH_INSTALL_DIR/zeronet/ZeroBlog/* $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS
+
+ if [ ! -d $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data ]; then
+ mkdir $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data
+ fi
+ cp $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data-default/data.json $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data
+ sed -i "s/MyZeroBlog/$ZERONET_DEFAULT_BLOG_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data/data.json
+ sed -i "s/My ZeroBlog./$ZERONET_DEFAULT_BLOG_TAGLINE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data/data.json
+ sed -i "s/ZeroBlog Demo/$ZERONET_DEFAULT_BLOG_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/index.html
+ sed -i "s|<h3 class=\"description\">.*|<h3 class=\"description\">$ZERONET_DEFAULT_BLOG_TAGLINE</h3>|g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/index.html
+ sed -i "s/Blogging platform Demo/Blogging platform/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/content.json
+ python zeronet.py siteSign $ZERONET_BLOG_ADDRESS $ZERONET_BLOG_PRIVATE_KEY
+
+ # Add an avahi service
+ function_check create_avahi_service
+ create_avahi_service zeronet-blog "zeronet-blog" udp $ZERONET_PORT "${ZERONET_URL}/${ZERONET_BLOG_ADDRESS}"
+ cp /tmp/zeronet-blog.service /etc/avahi/services/zeronet-blog.service
+
+ chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
+
+ if [ ! -d /home/$MY_USERNAME/.config/zeronet ]; then
+ mkdir -p /home/$MY_USERNAME/.config/zeronet
+ chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.config
+ fi
+ echo "${ZERONET_URL}/${ZERONET_BLOG_ADDRESS}" > /home/$MY_USERNAME/.config/zeronet/myblog
+
+ if ! grep -q "ZeroNet Blog address" /home/$MY_USERNAME/README; then
+ echo '' >> /home/$MY_USERNAME/README
+ echo "ZeroNet Blog address: $ZERONET_BLOG_ADDRESS" >> /home/$MY_USERNAME/README
+ echo "ZeroNet Blog private key: $ZERONET_BLOG_PRIVATE_KEY" >> /home/$MY_USERNAME/README
+ fi
+
+ echo 'install_zeronet_blog' >> $COMPLETION_FILE
}
function install_zeronet_mail {
- if grep -Fxq "install_zeronet_mail" $COMPLETION_FILE; then
- return
- fi
-
- if [ ! -f /home/$MY_USERNAME/README ]; then
- touch /home/$MY_USERNAME/README
- fi
-
- if grep -q "ZeroNet Mail address" /home/$MY_USERNAME/README; then
- return
- fi
-
- if [ ! -d /etc/avahi ]; then
- echo 'Avahi is not installed'
- exit 736
- fi
-
- ZERONET_DEFAULT_MAIL_TITLE="${MY_USERNAME}'s Mail"
-
- cd $MESH_INSTALL_DIR/zeronet
- python zeronet.py --batch siteCreate 2> $MESH_INSTALL_DIR/zeronet/mail.txt
- if [ ! -f $MESH_INSTALL_DIR/zeronet/mail.txt ]; then
- echo $'Unable to create mail'
- exit 479
- fi
- mail_address=$(cat mail.txt | grep "Site address" | awk -F ':' '{print $2}')
- mail_private_key=$(cat mail.txt | grep "Site private key" | awk -F ':' '{print $2}')
- ZERONET_MAIL_ADDRESS=${mail_address//[[:blank:]]/}
- ZERONET_MAIL_PRIVATE_KEY=${mail_private_key//[[:blank:]]/}
-
- if [ ${#ZERONET_MAIL_ADDRESS} -lt 20 ]; then
- echo $"Address: $ZERONET_MAIL_ADDRESS"
- echo $"Public key: $ZERONET_MAIL_PRIVATE_KEY"
- echo $'Unable to create zeronet mail address'
- exit 7358
- fi
-
- if [ ${#ZERONET_MAIL_PRIVATE_KEY} -lt 20 ]; then
- echo $"Address: $ZERONET_MAIL_ADDRESS"
- echo $"Public key: $ZERONET_MAIL_PRIVATE_KEY"
- echo $'Unable to create zeronet mail private key'
- exit 1639
- fi
-
- if [ ! -d "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS" ]; then
- echo $"Unable to find site directory: $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS"
- exit 7638
- fi
-
- function_check git_clone
- git_clone $ZERONET_MAIL_REPO ZeroMail
- if [ ! -d $MESH_INSTALL_DIR/zeronet/ZeroMail ]; then
- echo $'ZeroMail repo could not be cloned'
- exit 6739
- fi
- cd $MESH_INSTALL_DIR/zeronet/ZeroMail
- git checkout $ZERONET_MAIL_COMMIT -b $ZERONET_MAIL_COMMIT
- if ! grep -q "ZeroNet Mail commit" $COMPLETION_FILE; then
- echo "ZeroNet Mail commit:$ZERONET_MAIL_COMMIT" >> $COMPLETION_FILE
- else
- sed -i "s/ZeroNet Mail commit.*/ZeroNet Mail commit:$ZERONET_MAIL_COMMIT/g" $COMPLETION_FILE
- fi
-
- echo $"ZeroNet Mail address: $ZERONET_MAIL_ADDRESS"
- echo $"ZeroNet Mail private key: $ZERONET_MAIL_PRIVATE_KEY"
- cp -r $MESH_INSTALL_DIR/zeronet/ZeroMail/* $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS
-
- if [ ! -d $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data ]; then
- mkdir $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data
- fi
- cp $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data-default/data.json $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data
- sed -i "s/MyZeroMail/$ZERONET_DEFAULT_MAIL_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data/data.json
- sed -i "s/My ZeroMail./$ZERONET_DEFAULT_MAIL_TAGLINE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data/data.json
- sed -i "s/ZeroMail Demo/$ZERONET_DEFAULT_MAIL_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/index.html
- sed -i "s|<h3 class=\"description\">.*|<h3 class=\"description\">$ZERONET_DEFAULT_MAIL_TAGLINE</h3>|g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/index.html
- sed -i "s/Mailging platform Demo/Mailging platform/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/content.json
- python zeronet.py siteSign $ZERONET_MAIL_ADDRESS $ZERONET_MAIL_PRIVATE_KEY
-
- # Add an avahi service
- function_check create_avahi_service
- create_avahi_service zeronet-mail "zeronet-mail" udp $ZERONET_PORT "${ZERONET_URL}/${ZERONET_MAIL_ADDRESS}"
- cp /tmp/zeronet-mail.service /etc/avahi/services/zeronet-mail.service
-
- chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
-
- if [ ! -d /home/$MY_USERNAME/.config/zeronet ]; then
- mkdir -p /home/$MY_USERNAME/.config/zeronet
- chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.config
- fi
- echo "${ZERONET_URL}/${ZERONET_MAIL_ADDRESS}" > /home/$MY_USERNAME/.config/zeronet/mymail
-
- if ! grep -q $"ZeroNet Mail address" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo $"ZeroNet Mail address: $ZERONET_MAIL_ADDRESS" >> /home/$MY_USERNAME/README
- echo $"ZeroNet Mail private key: $ZERONET_MAIL_PRIVATE_KEY" >> /home/$MY_USERNAME/README
- fi
-
- echo 'install_zeronet_mail' >> $COMPLETION_FILE
+ if grep -Fxq "install_zeronet_mail" $COMPLETION_FILE; then
+ return
+ fi
+
+ if [ ! -f /home/$MY_USERNAME/README ]; then
+ touch /home/$MY_USERNAME/README
+ fi
+
+ if grep -q "ZeroNet Mail address" /home/$MY_USERNAME/README; then
+ return
+ fi
+
+ if [ ! -d /etc/avahi ]; then
+ echo 'Avahi is not installed'
+ exit 736
+ fi
+
+ ZERONET_DEFAULT_MAIL_TITLE="${MY_USERNAME}'s Mail"
+
+ cd $MESH_INSTALL_DIR/zeronet
+ python zeronet.py --batch siteCreate 2> $MESH_INSTALL_DIR/zeronet/mail.txt
+ if [ ! -f $MESH_INSTALL_DIR/zeronet/mail.txt ]; then
+ echo $'Unable to create mail'
+ exit 479
+ fi
+ mail_address=$(cat mail.txt | grep "Site address" | awk -F ':' '{print $2}')
+ mail_private_key=$(cat mail.txt | grep "Site private key" | awk -F ':' '{print $2}')
+ ZERONET_MAIL_ADDRESS=${mail_address//[[:blank:]]/}
+ ZERONET_MAIL_PRIVATE_KEY=${mail_private_key//[[:blank:]]/}
+
+ if [ ${#ZERONET_MAIL_ADDRESS} -lt 20 ]; then
+ echo $"Address: $ZERONET_MAIL_ADDRESS"
+ echo $"Public key: $ZERONET_MAIL_PRIVATE_KEY"
+ echo $'Unable to create zeronet mail address'
+ exit 7358
+ fi
+
+ if [ ${#ZERONET_MAIL_PRIVATE_KEY} -lt 20 ]; then
+ echo $"Address: $ZERONET_MAIL_ADDRESS"
+ echo $"Public key: $ZERONET_MAIL_PRIVATE_KEY"
+ echo $'Unable to create zeronet mail private key'
+ exit 1639
+ fi
+
+ if [ ! -d "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS" ]; then
+ echo $"Unable to find site directory: $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS"
+ exit 7638
+ fi
+
+ function_check git_clone
+ git_clone $ZERONET_MAIL_REPO ZeroMail
+ if [ ! -d $MESH_INSTALL_DIR/zeronet/ZeroMail ]; then
+ echo $'ZeroMail repo could not be cloned'
+ exit 6739
+ fi
+ cd $MESH_INSTALL_DIR/zeronet/ZeroMail
+ git checkout $ZERONET_MAIL_COMMIT -b $ZERONET_MAIL_COMMIT
+ if ! grep -q "ZeroNet Mail commit" $COMPLETION_FILE; then
+ echo "ZeroNet Mail commit:$ZERONET_MAIL_COMMIT" >> $COMPLETION_FILE
+ else
+ sed -i "s/ZeroNet Mail commit.*/ZeroNet Mail commit:$ZERONET_MAIL_COMMIT/g" $COMPLETION_FILE
+ fi
+
+ echo $"ZeroNet Mail address: $ZERONET_MAIL_ADDRESS"
+ echo $"ZeroNet Mail private key: $ZERONET_MAIL_PRIVATE_KEY"
+ cp -r $MESH_INSTALL_DIR/zeronet/ZeroMail/* $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS
+
+ if [ ! -d $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data ]; then
+ mkdir $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data
+ fi
+ cp $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data-default/data.json $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data
+ sed -i "s/MyZeroMail/$ZERONET_DEFAULT_MAIL_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data/data.json
+ sed -i "s/My ZeroMail./$ZERONET_DEFAULT_MAIL_TAGLINE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data/data.json
+ sed -i "s/ZeroMail Demo/$ZERONET_DEFAULT_MAIL_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/index.html
+ sed -i "s|<h3 class=\"description\">.*|<h3 class=\"description\">$ZERONET_DEFAULT_MAIL_TAGLINE</h3>|g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/index.html
+ sed -i "s/Mailging platform Demo/Mailging platform/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/content.json
+ python zeronet.py siteSign $ZERONET_MAIL_ADDRESS $ZERONET_MAIL_PRIVATE_KEY
+
+ # Add an avahi service
+ function_check create_avahi_service
+ create_avahi_service zeronet-mail "zeronet-mail" udp $ZERONET_PORT "${ZERONET_URL}/${ZERONET_MAIL_ADDRESS}"
+ cp /tmp/zeronet-mail.service /etc/avahi/services/zeronet-mail.service
+
+ chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
+
+ if [ ! -d /home/$MY_USERNAME/.config/zeronet ]; then
+ mkdir -p /home/$MY_USERNAME/.config/zeronet
+ chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.config
+ fi
+ echo "${ZERONET_URL}/${ZERONET_MAIL_ADDRESS}" > /home/$MY_USERNAME/.config/zeronet/mymail
+
+ if ! grep -q $"ZeroNet Mail address" /home/$MY_USERNAME/README; then
+ echo '' >> /home/$MY_USERNAME/README
+ echo $"ZeroNet Mail address: $ZERONET_MAIL_ADDRESS" >> /home/$MY_USERNAME/README
+ echo $"ZeroNet Mail private key: $ZERONET_MAIL_PRIVATE_KEY" >> /home/$MY_USERNAME/README
+ fi
+
+ echo 'install_zeronet_mail' >> $COMPLETION_FILE
}
function install_zeronet_forum {
- if grep -Fxq "install_zeronet_forum" $COMPLETION_FILE; then
- return
- fi
-
- if [ ! -f /home/$MY_USERNAME/README ]; then
- touch /home/$MY_USERNAME/README
- fi
-
- if grep -q "ZeroNet Forum address" /home/$MY_USERNAME/README; then
- return
- fi
-
- if [ ! -d /etc/avahi ]; then
- echo $'Avahi is not installed'
- exit 736
- fi
-
- ZERONET_DEFAULT_FORUM_TITLE=$"${MY_USERNAME}'s Forum"
-
- cd $MESH_INSTALL_DIR/zeronet
- python zeronet.py --batch siteCreate 2> $MESH_INSTALL_DIR/zeronet/forum.txt
- if [ ! -f $MESH_INSTALL_DIR/zeronet/forum.txt ]; then
- echo $'Unable to create forum'
- exit 479
- fi
- forum_address=$(cat forum.txt | grep "Site address" | awk -F ':' '{print $2}')
- forum_private_key=$(cat forum.txt | grep "Site private key" | awk -F ':' '{print $2}')
- ZERONET_FORUM_ADDRESS=${forum_address//[[:blank:]]/}
- ZERONET_FORUM_PRIVATE_KEY=${forum_private_key//[[:blank:]]/}
-
- if [ ${#ZERONET_FORUM_ADDRESS} -lt 20 ]; then
- echo $"Address: $ZERONET_FORUM_ADDRESS"
- echo $"Public key: $ZERONET_FORUM_PRIVATE_KEY"
- echo $'Unable to create zeronet forum address'
- exit 76352
- fi
-
- if [ ${#ZERONET_FORUM_PRIVATE_KEY} -lt 20 ]; then
- echo $"Address: $ZERONET_FORUM_ADDRESS"
- echo $"Public key: $ZERONET_FORUM_PRIVATE_KEY"
- echo $'Unable to create zeronet forum private key'
- exit 87356
- fi
-
- if [ ! -d "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS" ]; then
- echo $"Unable to find site directory: $MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS"
- exit 7638
- fi
-
- function_check git_clone
- git_clone $ZERONET_FORUM_REPO ZeroTalk
- if [ ! -d $MESH_INSTALL_DIR/zeronet/ZeroTalk ]; then
- echo $'ZeroTalk repo could not be cloned'
- exit 6739
- fi
- git checkout $ZERONET_FORUM_COMMIT -b $ZERONET_FORUM_COMMIT
- if ! grep -q "ZeroNet Forum commit" $COMPLETION_FILE; then
- echo "ZeroNet Forum commit:$ZERONET_FORUM_COMMIT" >> $COMPLETION_FILE
- else
- sed -i "s/ZeroNet Forum commit.*/ZeroNet Forum commit:$ZERONET_FORUM_COMMIT/g" $COMPLETION_FILE
- fi
-
- echo $"Forum address: $ZERONET_FORUM_ADDRESS"
- echo $"Forum private key: $ZERONET_FORUM_PRIVATE_KEY"
- cp -r $MESH_INSTALL_DIR/zeronet/ZeroTalk/* $MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS
- sed -i "s/ZeroBoard/$ZERONET_DEFAULT_FORUM_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS/index.html
- sed -i "s/ZeroTalk/$ZERONET_DEFAULT_FORUM_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS/index.html
- sed -i "s|Demo for dynamic, decentralized content publishing.|$ZERONET_DEFAULT_FORUM_TAGLINE|g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS/index.html
- sed -i 's/Messaging Board Demo/Messaging Board/g' $MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS/content.json
- sed -i "s/ZeroBoard/$ZERONET_DEFAULT_FORUM_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS/content.json
- python zeronet.py siteSign $ZERONET_FORUM_ADDRESS $ZERONET_FORUM_PRIVATE_KEY --inner_path data/users/content.json
-
- # Add an avahi service
- function_check create_avahi_service
- create_avahi_service zeronet-forum "zeronet-forum" udp $ZERONET_PORT "${ZERONET_URL}/${ZERONET_FORUM_ADDRESS}"
- sudo cp /tmp/zeronet-forum.service /etc/avahi/services/zeronet-forum.service
-
- chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
-
- if [ ! -d /home/$MY_USERNAME/.config/zeronet ]; then
- mkdir -p /home/$MY_USERNAME/.config/zeronet
- chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.config
- fi
- echo "${ZERONET_URL}/${ZERONET_FORUM_ADDRESS}" > /home/$MY_USERNAME/.config/zeronet/myforum
-
- if ! grep -q $"ZeroNet Forum address" /home/$MY_USERNAME/README; then
- echo '' >> /home/$MY_USERNAME/README
- echo $"ZeroNet Forum address: $ZERONET_FORUM_ADDRESS" >> /home/$MY_USERNAME/README
- echo $"ZeroNet Forum private key: $ZERONET_FORUM_PRIVATE_KEY" >> /home/$MY_USERNAME/README
- fi
-
- echo 'install_zeronet_forum' >> $COMPLETION_FILE
+ if grep -Fxq "install_zeronet_forum" $COMPLETION_FILE; then
+ return
+ fi
+
+ if [ ! -f /home/$MY_USERNAME/README ]; then
+ touch /home/$MY_USERNAME/README
+ fi
+
+ if grep -q "ZeroNet Forum address" /home/$MY_USERNAME/README; then
+ return
+ fi
+
+ if [ ! -d /etc/avahi ]; then
+ echo $'Avahi is not installed'
+ exit 736
+ fi
+
+ ZERONET_DEFAULT_FORUM_TITLE=$"${MY_USERNAME}'s Forum"
+
+ cd $MESH_INSTALL_DIR/zeronet
+ python zeronet.py --batch siteCreate 2> $MESH_INSTALL_DIR/zeronet/forum.txt
+ if [ ! -f $MESH_INSTALL_DIR/zeronet/forum.txt ]; then
+ echo $'Unable to create forum'
+ exit 479
+ fi
+ forum_address=$(cat forum.txt | grep "Site address" | awk -F ':' '{print $2}')
+ forum_private_key=$(cat forum.txt | grep "Site private key" | awk -F ':' '{print $2}')
+ ZERONET_FORUM_ADDRESS=${forum_address//[[:blank:]]/}
+ ZERONET_FORUM_PRIVATE_KEY=${forum_private_key//[[:blank:]]/}
+
+ if [ ${#ZERONET_FORUM_ADDRESS} -lt 20 ]; then
+ echo $"Address: $ZERONET_FORUM_ADDRESS"
+ echo $"Public key: $ZERONET_FORUM_PRIVATE_KEY"
+ echo $'Unable to create zeronet forum address'
+ exit 76352
+ fi
+
+ if [ ${#ZERONET_FORUM_PRIVATE_KEY} -lt 20 ]; then
+ echo $"Address: $ZERONET_FORUM_ADDRESS"
+ echo $"Public key: $ZERONET_FORUM_PRIVATE_KEY"
+ echo $'Unable to create zeronet forum private key'
+ exit 87356
+ fi
+
+ if [ ! -d "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS" ]; then
+ echo $"Unable to find site directory: $MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS"
+ exit 7638
+ fi
+
+ function_check git_clone
+ git_clone $ZERONET_FORUM_REPO ZeroTalk
+ if [ ! -d $MESH_INSTALL_DIR/zeronet/ZeroTalk ]; then
+ echo $'ZeroTalk repo could not be cloned'
+ exit 6739
+ fi
+ git checkout $ZERONET_FORUM_COMMIT -b $ZERONET_FORUM_COMMIT
+ if ! grep -q "ZeroNet Forum commit" $COMPLETION_FILE; then
+ echo "ZeroNet Forum commit:$ZERONET_FORUM_COMMIT" >> $COMPLETION_FILE
+ else
+ sed -i "s/ZeroNet Forum commit.*/ZeroNet Forum commit:$ZERONET_FORUM_COMMIT/g" $COMPLETION_FILE
+ fi
+
+ echo $"Forum address: $ZERONET_FORUM_ADDRESS"
+ echo $"Forum private key: $ZERONET_FORUM_PRIVATE_KEY"
+ cp -r $MESH_INSTALL_DIR/zeronet/ZeroTalk/* $MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS
+ sed -i "s/ZeroBoard/$ZERONET_DEFAULT_FORUM_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS/index.html
+ sed -i "s/ZeroTalk/$ZERONET_DEFAULT_FORUM_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS/index.html
+ sed -i "s|Demo for dynamic, decentralized content publishing.|$ZERONET_DEFAULT_FORUM_TAGLINE|g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS/index.html
+ sed -i 's/Messaging Board Demo/Messaging Board/g' $MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS/content.json
+ sed -i "s/ZeroBoard/$ZERONET_DEFAULT_FORUM_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS/content.json
+ python zeronet.py siteSign $ZERONET_FORUM_ADDRESS $ZERONET_FORUM_PRIVATE_KEY --inner_path data/users/content.json
+
+ # Add an avahi service
+ function_check create_avahi_service
+ create_avahi_service zeronet-forum "zeronet-forum" udp $ZERONET_PORT "${ZERONET_URL}/${ZERONET_FORUM_ADDRESS}"
+ sudo cp /tmp/zeronet-forum.service /etc/avahi/services/zeronet-forum.service
+
+ chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
+
+ if [ ! -d /home/$MY_USERNAME/.config/zeronet ]; then
+ mkdir -p /home/$MY_USERNAME/.config/zeronet
+ chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.config
+ fi
+ echo "${ZERONET_URL}/${ZERONET_FORUM_ADDRESS}" > /home/$MY_USERNAME/.config/zeronet/myforum
+
+ if ! grep -q $"ZeroNet Forum address" /home/$MY_USERNAME/README; then
+ echo '' >> /home/$MY_USERNAME/README
+ echo $"ZeroNet Forum address: $ZERONET_FORUM_ADDRESS" >> /home/$MY_USERNAME/README
+ echo $"ZeroNet Forum private key: $ZERONET_FORUM_PRIVATE_KEY" >> /home/$MY_USERNAME/README
+ fi
+
+ echo 'install_zeronet_forum' >> $COMPLETION_FILE
}
function install_zeronet_main {
- if grep -Fxq "install_zeronet_main" $COMPLETION_FILE; then
- return
- fi
-
- ${PROJECT_NAME}-mesh-install -f zeronet
- systemctl daemon-reload
- systemctl start tracker.service
- systemctl start zeronet.service
-
- function_check configure_firewall_for_zeronet
- configure_firewall_for_zeronet
- echo 'install_zeronet_main' >> $COMPLETION_FILE
+ if grep -Fxq "install_zeronet_main" $COMPLETION_FILE; then
+ return
+ fi
+
+ ${PROJECT_NAME}-mesh-install -f zeronet
+ systemctl daemon-reload
+ systemctl start tracker.service
+ systemctl start zeronet.service
+
+ function_check configure_firewall_for_zeronet
+ configure_firewall_for_zeronet
+ echo 'install_zeronet_main' >> $COMPLETION_FILE
}
function mesh_zeronet {
- ZERONET_REPO_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_REPO=" | head -n 1 | awk -F '"' '{print $2}')
- if [ ${#ZERONET_REPO_MAIN} -gt 4 ]; then
- ZERONET_REPO=$ZERONET_REPO_MAIN
- fi
- if [ ! $ZERONET_REPO ]; then
- echo $'No ZeroNet repo was specified'
- exit 723539
- fi
-
- ZERONET_COMMIT_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
- if [ ${#ZERONET_COMMIT_MAIN} -gt 4 ]; then
- ZERONET_COMMIT=$ZERONET_COMMIT_MAIN
- fi
- if [ ! $ZERONET_COMMIT ]; then
- echo $'No ZeroNet commit was specified'
- exit 490439
- fi
-
- MESH_INSTALL_DIR_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "MESH_INSTALL_DIR=" | head -n 1 | awk -F "'" '{print $2}')
- if [ ${#MESH_INSTALL_DIR_MAIN} -gt 4 ]; then
- MESH_INSTALL_DIR=$MESH_INSTALL_DIR_MAIN
- fi
- if [ ! $MESH_INSTALL_DIR ]; then
- echo $'No mesh install dir was specified'
- exit 432052
- fi
-
- chroot "$rootdir" apt-get -y install python python-msgpack python-gevent
- chroot "$rootdir" apt-get -y install python-pip bittornado
- chroot "$rootdir" pip install msgpack-python --upgrade
-
- chroot "$rootdir" useradd -d $MESH_INSTALL_DIR/zeronet/ -s /bin/false zeronet
- git clone $ZERONET_REPO $rootdir$MESH_INSTALL_DIR/zeronet
- if [ ! -d $rootdir$MESH_INSTALL_DIR/zeronet ]; then
- echo 'WARNING: Unable to clone zeronet'
- return
- fi
- cd $rootdir$MESH_INSTALL_DIR/zeronet
- git checkout $ZERONET_COMMIT -b $ZERONET_COMMIT
- if ! grep -q "ZeroNet commit" $COMPLETION_FILE; then
- echo "ZeroNet commit:$ZERONET_COMMIT" >> $rootdir$COMPLETION_FILE
- else
- sed -i "s/ZeroNet commit.*/ZeroNet commit:$ZERONET_COMMIT/g" $COMPLETION_FILE
- fi
- chroot "$rootdir" chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
-
- # Hack to ensure that the file access port is opened
- # This is because zeronet normally relies on an internet site
- # to do this, but on a purely local mesh the internet isn't available
- sed -i 's|fileserver_port = 0|fileserver_port = config.fileserver_port\n sys.modules["main"].file_server.port_opened = True|g' $rootdir$MESH_INSTALL_DIR/zeronet/src/Site/Site.py
-
- ZERONET_DAEMON=$rootdir/etc/systemd/system/zeronet.service
- echo '[Unit]' > $ZERONET_DAEMON
- echo 'Description=Zeronet Server' >> $ZERONET_DAEMON
- echo 'After=syslog.target' >> $ZERONET_DAEMON
- echo 'After=network.target' >> $ZERONET_DAEMON
- echo '[Service]' >> $ZERONET_DAEMON
- echo 'Type=simple' >> $ZERONET_DAEMON
- echo 'User=zeronet' >> $ZERONET_DAEMON
- echo 'Group=zeronet' >> $ZERONET_DAEMON
- echo "WorkingDirectory=$MESH_INSTALL_DIR/zeronet" >> $ZERONET_DAEMON
- echo "ExecStart=/usr/bin/python zeronet.py --ip_external replace.local --trackers_file $MESH_INSTALL_DIR/zeronet/bootstrap" >> $ZERONET_DAEMON
- echo '' >> $ZERONET_DAEMON
- echo 'TimeoutSec=300' >> $ZERONET_DAEMON
- echo '' >> $ZERONET_DAEMON
- echo '[Install]' >> $ZERONET_DAEMON
- echo 'WantedBy=multi-user.target' >> $ZERONET_DAEMON
-
- TRACKER_DAEMON=$rootdir/etc/systemd/system/tracker.service
- echo '[Unit]' > $TRACKER_DAEMON
- echo 'Description=Torrent Tracker' >> $TRACKER_DAEMON
- echo 'After=syslog.target' >> $TRACKER_DAEMON
- echo 'After=network.target' >> $TRACKER_DAEMON
- echo '[Service]' >> $TRACKER_DAEMON
- echo 'Type=simple' >> $TRACKER_DAEMON
- echo 'User=tracker' >> $TRACKER_DAEMON
- echo 'Group=tracker' >> $TRACKER_DAEMON
- echo "WorkingDirectory=$MESH_INSTALL_DIR/tracker" >> $TRACKER_DAEMON
- echo "ExecStart=/usr/bin/bttrack --port $TRACKER_PORT --dfile $MESH_INSTALL_DIR/tracker/dstate --logfile $MESH_INSTALL_DIR/tracker/tracker.log --nat_check 0 --scrape_allowed full --ipv6_enabled 0" >> $TRACKER_DAEMON
- echo '' >> $TRACKER_DAEMON
- echo 'TimeoutSec=300' >> $TRACKER_DAEMON
- echo '' >> $TRACKER_DAEMON
- echo '[Install]' >> $TRACKER_DAEMON
- echo 'WantedBy=multi-user.target' >> $TRACKER_DAEMON
-
- chroot "$rootdir" useradd -d $MESH_INSTALL_DIR/tracker/ -s /bin/false tracker
- if [ ! -d $rootdir$MESH_INSTALL_DIR/tracker ]; then
- mkdir $rootdir$MESH_INSTALL_DIR/tracker
- fi
- chroot "$rootdir" chown -R tracker:tracker $MESH_INSTALL_DIR/tracker
-
- # publish regularly
- echo "*/1 * * * * root /usr/local/bin/zeronetavahi > /dev/null" >> $rootdir/etc/crontab
-
- chroot "$rootdir" systemctl enable tracker.service
- chroot "$rootdir" systemctl enable zeronet.service
+ ZERONET_REPO_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_REPO=" | head -n 1 | awk -F '"' '{print $2}')
+ if [ ${#ZERONET_REPO_MAIN} -gt 4 ]; then
+ ZERONET_REPO=$ZERONET_REPO_MAIN
+ fi
+ if [ ! $ZERONET_REPO ]; then
+ echo $'No ZeroNet repo was specified'
+ exit 723539
+ fi
+
+ ZERONET_COMMIT_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
+ if [ ${#ZERONET_COMMIT_MAIN} -gt 4 ]; then
+ ZERONET_COMMIT=$ZERONET_COMMIT_MAIN
+ fi
+ if [ ! $ZERONET_COMMIT ]; then
+ echo $'No ZeroNet commit was specified'
+ exit 490439
+ fi
+
+ MESH_INSTALL_DIR_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "MESH_INSTALL_DIR=" | head -n 1 | awk -F "'" '{print $2}')
+ if [ ${#MESH_INSTALL_DIR_MAIN} -gt 4 ]; then
+ MESH_INSTALL_DIR=$MESH_INSTALL_DIR_MAIN
+ fi
+ if [ ! $MESH_INSTALL_DIR ]; then
+ echo $'No mesh install dir was specified'
+ exit 432052
+ fi
+
+ chroot "$rootdir" apt-get -y install python python-msgpack python-gevent
+ chroot "$rootdir" apt-get -y install python-pip bittornado
+ chroot "$rootdir" pip install msgpack-python --upgrade
+
+ chroot "$rootdir" useradd -d $MESH_INSTALL_DIR/zeronet/ -s /bin/false zeronet
+ git clone $ZERONET_REPO $rootdir$MESH_INSTALL_DIR/zeronet
+ if [ ! -d $rootdir$MESH_INSTALL_DIR/zeronet ]; then
+ echo 'WARNING: Unable to clone zeronet'
+ return
+ fi
+ cd $rootdir$MESH_INSTALL_DIR/zeronet
+ git checkout $ZERONET_COMMIT -b $ZERONET_COMMIT
+ if ! grep -q "ZeroNet commit" $COMPLETION_FILE; then
+ echo "ZeroNet commit:$ZERONET_COMMIT" >> $rootdir$COMPLETION_FILE
+ else
+ sed -i "s/ZeroNet commit.*/ZeroNet commit:$ZERONET_COMMIT/g" $COMPLETION_FILE
+ fi
+ chroot "$rootdir" chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
+
+ # Hack to ensure that the file access port is opened
+ # This is because zeronet normally relies on an internet site
+ # to do this, but on a purely local mesh the internet isn't available
+ sed -i 's|fileserver_port = 0|fileserver_port = config.fileserver_port\n sys.modules["main"].file_server.port_opened = True|g' $rootdir$MESH_INSTALL_DIR/zeronet/src/Site/Site.py
+
+ ZERONET_DAEMON=$rootdir/etc/systemd/system/zeronet.service
+ echo '[Unit]' > $ZERONET_DAEMON
+ echo 'Description=Zeronet Server' >> $ZERONET_DAEMON
+ echo 'After=syslog.target' >> $ZERONET_DAEMON
+ echo 'After=network.target' >> $ZERONET_DAEMON
+ echo '[Service]' >> $ZERONET_DAEMON
+ echo 'Type=simple' >> $ZERONET_DAEMON
+ echo 'User=zeronet' >> $ZERONET_DAEMON
+ echo 'Group=zeronet' >> $ZERONET_DAEMON
+ echo "WorkingDirectory=$MESH_INSTALL_DIR/zeronet" >> $ZERONET_DAEMON
+ echo "ExecStart=/usr/bin/python zeronet.py --ip_external replace.local --trackers_file $MESH_INSTALL_DIR/zeronet/bootstrap" >> $ZERONET_DAEMON
+ echo '' >> $ZERONET_DAEMON
+ echo 'TimeoutSec=300' >> $ZERONET_DAEMON
+ echo '' >> $ZERONET_DAEMON
+ echo '[Install]' >> $ZERONET_DAEMON
+ echo 'WantedBy=multi-user.target' >> $ZERONET_DAEMON
+
+ TRACKER_DAEMON=$rootdir/etc/systemd/system/tracker.service
+ echo '[Unit]' > $TRACKER_DAEMON
+ echo 'Description=Torrent Tracker' >> $TRACKER_DAEMON
+ echo 'After=syslog.target' >> $TRACKER_DAEMON
+ echo 'After=network.target' >> $TRACKER_DAEMON
+ echo '[Service]' >> $TRACKER_DAEMON
+ echo 'Type=simple' >> $TRACKER_DAEMON
+ echo 'User=tracker' >> $TRACKER_DAEMON
+ echo 'Group=tracker' >> $TRACKER_DAEMON
+ echo "WorkingDirectory=$MESH_INSTALL_DIR/tracker" >> $TRACKER_DAEMON
+ echo "ExecStart=/usr/bin/bttrack --port $TRACKER_PORT --dfile $MESH_INSTALL_DIR/tracker/dstate --logfile $MESH_INSTALL_DIR/tracker/tracker.log --nat_check 0 --scrape_allowed full --ipv6_enabled 0" >> $TRACKER_DAEMON
+ echo '' >> $TRACKER_DAEMON
+ echo 'TimeoutSec=300' >> $TRACKER_DAEMON
+ echo '' >> $TRACKER_DAEMON
+ echo '[Install]' >> $TRACKER_DAEMON
+ echo 'WantedBy=multi-user.target' >> $TRACKER_DAEMON
+
+ chroot "$rootdir" useradd -d $MESH_INSTALL_DIR/tracker/ -s /bin/false tracker
+ if [ ! -d $rootdir$MESH_INSTALL_DIR/tracker ]; then
+ mkdir $rootdir$MESH_INSTALL_DIR/tracker
+ fi
+ chroot "$rootdir" chown -R tracker:tracker $MESH_INSTALL_DIR/tracker
+
+ # publish regularly
+ echo "*/1 * * * * root /usr/local/bin/zeronetavahi > /dev/null" >> $rootdir/etc/crontab
+
+ chroot "$rootdir" systemctl enable tracker.service
+ chroot "$rootdir" systemctl enable zeronet.service
}
function mesh_zeronet_blog {
- ZERONET_BLOG_REPO=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_BLOG_REPO=" | head -n 1 | awk -F '"' '{print $2}')
- ZERONET_BLOG_COMMIT=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_BLOG_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
- MESH_INSTALL_DIR_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "MESH_INSTALL_DIR=" | head -n 1 | awk -F "'" '{print $2}')
- if [ ${#MESH_INSTALL_DIR_MAIN} -gt 4 ]; then
- MESH_INSTALL_DIR=$MESH_INSTALL_DIR_MAIN
- fi
- if [ ! $MESH_INSTALL_DIR ]; then
- echo $'No mesh install dir was specified'
- exit 432052
- fi
-
- git clone $ZERONET_BLOG_REPO $rootdir$MESH_INSTALL_DIR/zeronet/ZeroBlog
- if [ ! -d $rootdir$MESH_INSTALL_DIR/zeronet/ZeroBlog ]; then
- echo $'ZeroBlog repo could not be cloned'
- exit 6739
- fi
- cd $rootdir$MESH_INSTALL_DIR/zeronet/ZeroBlog
- git checkout $ZERONET_BLOG_COMMIT -b $ZERONET_BLOG_COMMIT
- chroot "$rootdir" chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
+ ZERONET_BLOG_REPO=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_BLOG_REPO=" | head -n 1 | awk -F '"' '{print $2}')
+ ZERONET_BLOG_COMMIT=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_BLOG_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
+ MESH_INSTALL_DIR_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "MESH_INSTALL_DIR=" | head -n 1 | awk -F "'" '{print $2}')
+ if [ ${#MESH_INSTALL_DIR_MAIN} -gt 4 ]; then
+ MESH_INSTALL_DIR=$MESH_INSTALL_DIR_MAIN
+ fi
+ if [ ! $MESH_INSTALL_DIR ]; then
+ echo $'No mesh install dir was specified'
+ exit 432052
+ fi
+
+ git clone $ZERONET_BLOG_REPO $rootdir$MESH_INSTALL_DIR/zeronet/ZeroBlog
+ if [ ! -d $rootdir$MESH_INSTALL_DIR/zeronet/ZeroBlog ]; then
+ echo $'ZeroBlog repo could not be cloned'
+ exit 6739
+ fi
+ cd $rootdir$MESH_INSTALL_DIR/zeronet/ZeroBlog
+ git checkout $ZERONET_BLOG_COMMIT -b $ZERONET_BLOG_COMMIT
+ chroot "$rootdir" chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
}
function mesh_zeronet_mail {
- ZERONET_MAIL_REPO=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_MAIL_REPO=" | head -n 1 | awk -F '"' '{print $2}')
- ZERONET_MAIL_COMMIT=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_MAIL_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
- MESH_INSTALL_DIR_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "MESH_INSTALL_DIR=" | head -n 1 | awk -F "'" '{print $2}')
- if [ ${#MESH_INSTALL_DIR_MAIN} -gt 4 ]; then
- MESH_INSTALL_DIR=$MESH_INSTALL_DIR_MAIN
- fi
- if [ ! $MESH_INSTALL_DIR ]; then
- echo $'No mesh install dir was specified'
- exit 432052
- fi
-
- git clone $ZERONET_MAIL_REPO $rootdir$MESH_INSTALL_DIR/zeronet/ZeroMail
- if [ ! -d $rootdir$MESH_INSTALL_DIR/zeronet/ZeroMail ]; then
- echo $'ZeroMail repo could not be cloned'
- exit 78493
- fi
- cd $rootdir$MESH_INSTALL_DIR/zeronet/ZeroMail
- git checkout $ZERONET_MAIL_COMMIT -b $ZERONET_MAIL_COMMIT
- chroot "$rootdir" chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
+ ZERONET_MAIL_REPO=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_MAIL_REPO=" | head -n 1 | awk -F '"' '{print $2}')
+ ZERONET_MAIL_COMMIT=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_MAIL_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
+ MESH_INSTALL_DIR_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "MESH_INSTALL_DIR=" | head -n 1 | awk -F "'" '{print $2}')
+ if [ ${#MESH_INSTALL_DIR_MAIN} -gt 4 ]; then
+ MESH_INSTALL_DIR=$MESH_INSTALL_DIR_MAIN
+ fi
+ if [ ! $MESH_INSTALL_DIR ]; then
+ echo $'No mesh install dir was specified'
+ exit 432052
+ fi
+
+ git clone $ZERONET_MAIL_REPO $rootdir$MESH_INSTALL_DIR/zeronet/ZeroMail
+ if [ ! -d $rootdir$MESH_INSTALL_DIR/zeronet/ZeroMail ]; then
+ echo $'ZeroMail repo could not be cloned'
+ exit 78493
+ fi
+ cd $rootdir$MESH_INSTALL_DIR/zeronet/ZeroMail
+ git checkout $ZERONET_MAIL_COMMIT -b $ZERONET_MAIL_COMMIT
+ chroot "$rootdir" chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
}
function mesh_zeronet_forum {
- ZERONET_FORUM_REPO=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_FORUM_REPO=" | head -n 1 | awk -F '"' '{print $2}')
- ZERONET_FORUM_COMMIT=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_FORUM_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
- MESH_INSTALL_DIR_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "MESH_INSTALL_DIR=" | head -n 1 | awk -F "'" '{print $2}')
- if [ ${#MESH_INSTALL_DIR_MAIN} -gt 4 ]; then
- MESH_INSTALL_DIR=$MESH_INSTALL_DIR_MAIN
- fi
- if [ ! $MESH_INSTALL_DIR ]; then
- echo $'No mesh install dir was specified'
- exit 432052
- fi
-
- git clone $ZERONET_FORUM_REPO $rootdir$MESH_INSTALL_DIR/zeronet/ZeroTalk
- if [ ! -d $rootdir$MESH_INSTALL_DIR/zeronet/ZeroTalk ]; then
- echo $'ZeroTalk repo could not be cloned'
- exit 78252
- fi
- cd $rootdir$MESH_INSTALL_DIR/zeronet/ZeroTalk
- git checkout $ZERONET_FORUM_COMMIT -b $ZERONET_FORUM_COMMIT
- chroot "$rootdir" chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
+ ZERONET_FORUM_REPO=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_FORUM_REPO=" | head -n 1 | awk -F '"' '{print $2}')
+ ZERONET_FORUM_COMMIT=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_FORUM_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
+ MESH_INSTALL_DIR_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "MESH_INSTALL_DIR=" | head -n 1 | awk -F "'" '{print $2}')
+ if [ ${#MESH_INSTALL_DIR_MAIN} -gt 4 ]; then
+ MESH_INSTALL_DIR=$MESH_INSTALL_DIR_MAIN
+ fi
+ if [ ! $MESH_INSTALL_DIR ]; then
+ echo $'No mesh install dir was specified'
+ exit 432052
+ fi
+
+ git clone $ZERONET_FORUM_REPO $rootdir$MESH_INSTALL_DIR/zeronet/ZeroTalk
+ if [ ! -d $rootdir$MESH_INSTALL_DIR/zeronet/ZeroTalk ]; then
+ echo $'ZeroTalk repo could not be cloned'
+ exit 78252
+ fi
+ cd $rootdir$MESH_INSTALL_DIR/zeronet/ZeroTalk
+ git checkout $ZERONET_FORUM_COMMIT -b $ZERONET_FORUM_COMMIT
+ chroot "$rootdir" chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
}
function mesh_zeronet_id {
- ZERONET_ID_REPO=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_ID_REPO=" | head -n 1 | awk -F '"' '{print $2}')
- ZERONET_ID_COMMIT=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_ID_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
- MESH_INSTALL_DIR_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "MESH_INSTALL_DIR=" | head -n 1 | awk -F "'" '{print $2}')
- if [ ${#MESH_INSTALL_DIR_MAIN} -gt 4 ]; then
- MESH_INSTALL_DIR=$MESH_INSTALL_DIR_MAIN
- fi
- if [ ! $MESH_INSTALL_DIR ]; then
- echo $'No mesh install dir was specified'
- exit 432052
- fi
-
- git clone $ZERONET_ID_REPO $rootdir$MESH_INSTALL_DIR/zeronet/ZeroID
- if [ ! -d $rootdir$MESH_INSTALL_DIR/zeronet/ZeroID ]; then
- echo $'ZeroID repo could not be cloned'
- exit 37936
- fi
- cd $rootdir$MESH_INSTALL_DIR/zeronet/ZeroID
- git checkout $ZERONET_ID_COMMIT -b $ZERONET_ID_COMMIT
- chroot "$rootdir" chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
+ ZERONET_ID_REPO=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_ID_REPO=" | head -n 1 | awk -F '"' '{print $2}')
+ ZERONET_ID_COMMIT=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_ID_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
+ MESH_INSTALL_DIR_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "MESH_INSTALL_DIR=" | head -n 1 | awk -F "'" '{print $2}')
+ if [ ${#MESH_INSTALL_DIR_MAIN} -gt 4 ]; then
+ MESH_INSTALL_DIR=$MESH_INSTALL_DIR_MAIN
+ fi
+ if [ ! $MESH_INSTALL_DIR ]; then
+ echo $'No mesh install dir was specified'
+ exit 432052
+ fi
+
+ git clone $ZERONET_ID_REPO $rootdir$MESH_INSTALL_DIR/zeronet/ZeroID
+ if [ ! -d $rootdir$MESH_INSTALL_DIR/zeronet/ZeroID ]; then
+ echo $'ZeroID repo could not be cloned'
+ exit 37936
+ fi
+ cd $rootdir$MESH_INSTALL_DIR/zeronet/ZeroID
+ git checkout $ZERONET_ID_COMMIT -b $ZERONET_ID_COMMIT
+ chroot "$rootdir" chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
}
function install_zeronet {
- if [ $INSTALLING_MESH ]; then
- mesh_zeronet
- mesh_zeronet_blog
- mesh_zeronet_mail
- mesh_zeronet_forum
- return
- fi
- if grep -Fxq "install_zeronet" $COMPLETION_FILE; then
- return
- fi
- install_zeronet_main
- install_zeronet_blog
- install_zeronet_mail
- install_zeronet_forum
- echo 'install_zeronet' >> $COMPLETION_FILE
+ if [ $INSTALLING_MESH ]; then
+ mesh_zeronet
+ mesh_zeronet_blog
+ mesh_zeronet_mail
+ mesh_zeronet_forum
+ return
+ fi
+ if grep -Fxq "install_zeronet" $COMPLETION_FILE; then
+ return
+ fi
+ install_zeronet_main
+ install_zeronet_blog
+ install_zeronet_mail
+ install_zeronet_forum
+ echo 'install_zeronet' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0
diff --git a/src/freedombone-mesh-install b/src/freedombone-mesh-install
index 4aea4183c..6ca9d25bc 100755
--- a/src/freedombone-mesh-install
+++ b/src/freedombone-mesh-install
@@ -82,434 +82,434 @@ REMOVE='no'
source /usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-git
function show_help {
- echo ''
- echo $"${PROJECT_NAME}-mesh-install -f [function] -r [rootdir]"
- echo ''
- echo $'Runs a mesh network install function'
- echo ''
- echo $' -h --help Show help'
- echo $' -f --function [name] Name of the function to be run'
- echo $' -r --rootdir [directory] Root directory'
- echo $' -w --wifi [interface] e.g. wlan0'
- echo ''
- exit 0
+ echo ''
+ echo $"${PROJECT_NAME}-mesh-install -f [function] -r [rootdir]"
+ echo ''
+ echo $'Runs a mesh network install function'
+ echo ''
+ echo $' -h --help Show help'
+ echo $' -f --function [name] Name of the function to be run'
+ echo $' -r --rootdir [directory] Root directory'
+ echo $' -w --wifi [interface] e.g. wlan0'
+ echo ''
+ exit 0
}
function install_babel {
- $CHROOT_PREFIX apt-get -y install babeld
-
- babel_script=${rootdir}/var/lib/babel
-
- echo '#!/bin/bash' > $babel_script
- echo '' >> $babel_script
- echo 'if [[ $1 == "ls" || $1 == "list" ]]; then' >> $babel_script
- echo ' avahi-browse -atl' >> $babel_script
- echo ' exit 0' >> $babel_script
- echo 'fi' >> $babel_script
- echo '' >> $babel_script
- echo 'if [[ $1 == "start" ]]; then' >> $babel_script
- echo ' sed -i "s|#host-name=.*|host-name=$(hostname)|g" /etc/avahi/avahi-daemon.conf' >> $babel_script
- echo ' sed -i "s|host-name=.*|host-name=$(hostname)|g" /etc/avahi/avahi-daemon.conf' >> $babel_script
- echo ' sed -i "s|use-ipv4=.*|use-ipv4=yes|g" /etc/avahi/avahi-daemon.conf' >> $babel_script
- echo ' sed -i "s|use-ipv6=.*|use-ipv6=no|g" /etc/avahi/avahi-daemon.conf' >> $babel_script
- echo ' sed -i "s|hosts:.*|hosts: files mdns4_minimal dns mdns4 mdns|g" /etc/nsswitch.conf' >> $babel_script
- echo ' systemctl restart avahi-daemon' >> $babel_script
- echo 'fi' >> $babel_script
- echo '' >> $babel_script
- echo "IFACE=$WIFI_INTERFACE" >> $babel_script
- echo 'if [[ $IFACE == "wlan0" ]]; then' >> $babel_script
- echo ' if grep -q "wlan1" /proc/net/dev; then' >> $babel_script
- echo ' IFACE=wlan1' >> $babel_script
- echo ' fi' >> $babel_script
- echo 'fi' >> $babel_script
- echo 'if [[ $IFACE == "wlan0" ]]; then' >> $babel_script
- echo ' if grep -q "wlan2" /proc/net/dev; then' >> $babel_script
- echo ' IFACE=wlan2' >> $babel_script
- echo ' fi' >> $babel_script
- echo 'fi' >> $babel_script
- echo 'if [[ $IFACE == "wlan0" ]]; then' >> $babel_script
- echo ' if grep -q "wlan3" /proc/net/dev; then' >> $babel_script
- echo ' IFACE=wlan3' >> $babel_script
- echo ' fi' >> $babel_script
- echo 'fi' >> $babel_script
- echo '' >> $babel_script
- echo 'if [[ ! grep -q "$IFACE" /proc/net/dev || $1 == "stop" ]]; then' >> $babel_script
- echo ' if ! grep -q "$IFACE" /proc/net/dev; then' >> $babel_script
- echo ' echo "Interface $IFACE was not found"' >> $babel_script
- echo ' else' >> $babel_script
- echo ' echo "Stopping"' >> $babel_script
- echo ' fi' >> $babel_script
- echo ' ifconfig $IFACE down' >> $babel_script
- echo ' pkill babeld' >> $babel_script
- echo ' systemctl restart network-manager' >> $babel_script
- echo ' exit 1' >> $babel_script
- echo 'fi' >> $babel_script
- echo '' >> $babel_script
- echo 'systemctl stop network-manager' >> $babel_script
- echo 'ifconfig $IFACE down' >> $babel_script
- echo -n 'iwconfig $IFACE mode ad-hoc channel ' >> $babel_script
- echo "$WIFI_CHANNEL essid \"$WIFI_SSID\"" >> $babel_script
- echo 'ifconfig $IFACE up' >> $babel_script
- echo -n 'ifconfig $IFACE:avahi ' >> $babel_script
- echo -n "$LOCAL_NETWORK_STATIC_IP_ADDRESS netmask " >> $babel_script
- echo '255.255.255.0 broadcast 192.168.13.255' >> $babel_script
- echo -n 'babeld -D $IFACE:avahi -p ' >> $babel_script
- echo -n "$BABEL_PORT -d 5 " >> $babel_script
- echo '$IFACE' >> $babel_script
- echo 'exit 0' >> $babel_script
- chmod +x $babel_script
-
- echo '[Unit]' > ${rootdir}/etc/systemd/system/babel.service
- echo 'Description=Babel Mesh' >> ${rootdir}/etc/systemd/system/babel.service
- echo '' >> ${rootdir}/etc/systemd/system/babel.service
- echo '[Service]' >> ${rootdir}/etc/systemd/system/babel.service
- echo 'Type=oneshot' >> ${rootdir}/etc/systemd/system/babel.service
- echo "ExecStart=$babel_script start" >> ${rootdir}/etc/systemd/system/babel.service
- echo "ExecStop=$babel_script stop" >> ${rootdir}/etc/systemd/system/babel.service
- echo 'RemainAfterExit=yes' >> ${rootdir}/etc/systemd/system/babel.service
- echo '' >> ${rootdir}/etc/systemd/system/babel.service
- echo '# Allow time for the server to start/stop' >> ${rootdir}/etc/systemd/system/babel.service
- echo 'TimeoutSec=300' >> ${rootdir}/etc/systemd/system/babel.service
- echo '' >> ${rootdir}/etc/systemd/system/babel.service
- echo '[Install]' >> /etc/systemd/system/babel.service
- echo 'WantedBy=multi-user.target' >> ${rootdir}/etc/systemd/system/babel.service
- $CHROOT_PREFIX systemctl enable babel
+ $CHROOT_PREFIX apt-get -y install babeld
+
+ babel_script=${rootdir}/var/lib/babel
+
+ echo '#!/bin/bash' > $babel_script
+ echo '' >> $babel_script
+ echo 'if [[ $1 == "ls" || $1 == "list" ]]; then' >> $babel_script
+ echo ' avahi-browse -atl' >> $babel_script
+ echo ' exit 0' >> $babel_script
+ echo 'fi' >> $babel_script
+ echo '' >> $babel_script
+ echo 'if [[ $1 == "start" ]]; then' >> $babel_script
+ echo ' sed -i "s|#host-name=.*|host-name=$(hostname)|g" /etc/avahi/avahi-daemon.conf' >> $babel_script
+ echo ' sed -i "s|host-name=.*|host-name=$(hostname)|g" /etc/avahi/avahi-daemon.conf' >> $babel_script
+ echo ' sed -i "s|use-ipv4=.*|use-ipv4=yes|g" /etc/avahi/avahi-daemon.conf' >> $babel_script
+ echo ' sed -i "s|use-ipv6=.*|use-ipv6=no|g" /etc/avahi/avahi-daemon.conf' >> $babel_script
+ echo ' sed -i "s|hosts:.*|hosts: files mdns4_minimal dns mdns4 mdns|g" /etc/nsswitch.conf' >> $babel_script
+ echo ' systemctl restart avahi-daemon' >> $babel_script
+ echo 'fi' >> $babel_script
+ echo '' >> $babel_script
+ echo "IFACE=$WIFI_INTERFACE" >> $babel_script
+ echo 'if [[ $IFACE == "wlan0" ]]; then' >> $babel_script
+ echo ' if grep -q "wlan1" /proc/net/dev; then' >> $babel_script
+ echo ' IFACE=wlan1' >> $babel_script
+ echo ' fi' >> $babel_script
+ echo 'fi' >> $babel_script
+ echo 'if [[ $IFACE == "wlan0" ]]; then' >> $babel_script
+ echo ' if grep -q "wlan2" /proc/net/dev; then' >> $babel_script
+ echo ' IFACE=wlan2' >> $babel_script
+ echo ' fi' >> $babel_script
+ echo 'fi' >> $babel_script
+ echo 'if [[ $IFACE == "wlan0" ]]; then' >> $babel_script
+ echo ' if grep -q "wlan3" /proc/net/dev; then' >> $babel_script
+ echo ' IFACE=wlan3' >> $babel_script
+ echo ' fi' >> $babel_script
+ echo 'fi' >> $babel_script
+ echo '' >> $babel_script
+ echo 'if [[ ! grep -q "$IFACE" /proc/net/dev || $1 == "stop" ]]; then' >> $babel_script
+ echo ' if ! grep -q "$IFACE" /proc/net/dev; then' >> $babel_script
+ echo ' echo "Interface $IFACE was not found"' >> $babel_script
+ echo ' else' >> $babel_script
+ echo ' echo "Stopping"' >> $babel_script
+ echo ' fi' >> $babel_script
+ echo ' ifconfig $IFACE down' >> $babel_script
+ echo ' pkill babeld' >> $babel_script
+ echo ' systemctl restart network-manager' >> $babel_script
+ echo ' exit 1' >> $babel_script
+ echo 'fi' >> $babel_script
+ echo '' >> $babel_script
+ echo 'systemctl stop network-manager' >> $babel_script
+ echo 'ifconfig $IFACE down' >> $babel_script
+ echo -n 'iwconfig $IFACE mode ad-hoc channel ' >> $babel_script
+ echo "$WIFI_CHANNEL essid \"$WIFI_SSID\"" >> $babel_script
+ echo 'ifconfig $IFACE up' >> $babel_script
+ echo -n 'ifconfig $IFACE:avahi ' >> $babel_script
+ echo -n "$LOCAL_NETWORK_STATIC_IP_ADDRESS netmask " >> $babel_script
+ echo '255.255.255.0 broadcast 192.168.13.255' >> $babel_script
+ echo -n 'babeld -D $IFACE:avahi -p ' >> $babel_script
+ echo -n "$BABEL_PORT -d 5 " >> $babel_script
+ echo '$IFACE' >> $babel_script
+ echo 'exit 0' >> $babel_script
+ chmod +x $babel_script
+
+ echo '[Unit]' > ${rootdir}/etc/systemd/system/babel.service
+ echo 'Description=Babel Mesh' >> ${rootdir}/etc/systemd/system/babel.service
+ echo '' >> ${rootdir}/etc/systemd/system/babel.service
+ echo '[Service]' >> ${rootdir}/etc/systemd/system/babel.service
+ echo 'Type=oneshot' >> ${rootdir}/etc/systemd/system/babel.service
+ echo "ExecStart=$babel_script start" >> ${rootdir}/etc/systemd/system/babel.service
+ echo "ExecStop=$babel_script stop" >> ${rootdir}/etc/systemd/system/babel.service
+ echo 'RemainAfterExit=yes' >> ${rootdir}/etc/systemd/system/babel.service
+ echo '' >> ${rootdir}/etc/systemd/system/babel.service
+ echo '# Allow time for the server to start/stop' >> ${rootdir}/etc/systemd/system/babel.service
+ echo 'TimeoutSec=300' >> ${rootdir}/etc/systemd/system/babel.service
+ echo '' >> ${rootdir}/etc/systemd/system/babel.service
+ echo '[Install]' >> /etc/systemd/system/babel.service
+ echo 'WantedBy=multi-user.target' >> ${rootdir}/etc/systemd/system/babel.service
+ $CHROOT_PREFIX systemctl enable babel
}
function install_babel_remove {
- $CHROOT_PREFIX systemctl stop babel
- $CHROOT_PREFIX apt-get -y remove --purge babeld
- rm ${rootdir}/var/lib/babel
- rm ${rootdir}/etc/systemd/system/babel.service
+ $CHROOT_PREFIX systemctl stop babel
+ $CHROOT_PREFIX apt-get -y remove --purge babeld
+ rm ${rootdir}/var/lib/babel
+ rm ${rootdir}/etc/systemd/system/babel.service
}
function mesh_avahi {
- $CHROOT_PREFIX apt-get -y install avahi-utils avahi-autoipd avahi-dnsconfd
-
- decarray=( 1 2 3 4 5 6 7 8 9 0 )
- PEER_ID=${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}
- sed -i "s|#host-name=.*|host-name=P$PEER_ID|g" $rootdir/etc/avahi/avahi-daemon.conf
-
- if [ ! -d $rootdir/etc/avahi/services ]; then
- mkdir -p $rootdir/etc/avahi/services
- fi
-
- # remove an avahi service which isn't used
- if [ -f $rootdir/etc/avahi/services/udisks.service ]; then
- rm $rootdir/etc/avahi/services/udisks.service
- fi
-
- # Add an ssh service
- echo '<?xml version="1.0" standalone="no"?><!--*-nxml-*-->' > $rootdir/etc/avahi/services/ssh.service
- echo '<!DOCTYPE service-group SYSTEM "avahi-service.dtd">' >> $rootdir/etc/avahi/services/ssh.service
- echo '<service-group>' >> $rootdir/etc/avahi/services/ssh.service
- echo ' <name replace-wildcards="yes">%h SSH</name>' >> $rootdir/etc/avahi/services/ssh.service
- echo ' <service>' >> $rootdir/etc/avahi/services/ssh.service
- echo ' <type>_ssh._tcp</type>' >> $rootdir/etc/avahi/services/ssh.service
- echo " <port>$SSH_PORT</port>" >> $rootdir/etc/avahi/services/ssh.service
- echo ' </service>' >> $rootdir/etc/avahi/services/ssh.service
- echo '</service-group>' >> $rootdir/etc/avahi/services/ssh.service
-
- # keep the daemon running
- WATCHDOG_SCRIPT_NAME="keepon"
- echo '' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
- echo '# keep avahi daemon running' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
- echo 'AVAHI_RUNNING=$(pgrep avahi-daemon > /dev/null && echo Running)' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
- echo 'if [ ! $AVAHI_RUNNING ]; then' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
- echo ' systemctl start avahi-daemon' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
- echo ' echo -n $CURRENT_DATE >> $LOGFILE' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
- echo ' echo " Avahi daemon restarted" >> $LOGFILE' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
- echo 'fi' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
- chmod +x $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
+ $CHROOT_PREFIX apt-get -y install avahi-utils avahi-autoipd avahi-dnsconfd
+
+ decarray=( 1 2 3 4 5 6 7 8 9 0 )
+ PEER_ID=${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}${decarray[$RANDOM%10]}
+ sed -i "s|#host-name=.*|host-name=P$PEER_ID|g" $rootdir/etc/avahi/avahi-daemon.conf
+
+ if [ ! -d $rootdir/etc/avahi/services ]; then
+ mkdir -p $rootdir/etc/avahi/services
+ fi
+
+ # remove an avahi service which isn't used
+ if [ -f $rootdir/etc/avahi/services/udisks.service ]; then
+ rm $rootdir/etc/avahi/services/udisks.service
+ fi
+
+ # Add an ssh service
+ echo '<?xml version="1.0" standalone="no"?><!--*-nxml-*-->' > $rootdir/etc/avahi/services/ssh.service
+ echo '<!DOCTYPE service-group SYSTEM "avahi-service.dtd">' >> $rootdir/etc/avahi/services/ssh.service
+ echo '<service-group>' >> $rootdir/etc/avahi/services/ssh.service
+ echo ' <name replace-wildcards="yes">%h SSH</name>' >> $rootdir/etc/avahi/services/ssh.service
+ echo ' <service>' >> $rootdir/etc/avahi/services/ssh.service
+ echo ' <type>_ssh._tcp</type>' >> $rootdir/etc/avahi/services/ssh.service
+ echo " <port>$SSH_PORT</port>" >> $rootdir/etc/avahi/services/ssh.service
+ echo ' </service>' >> $rootdir/etc/avahi/services/ssh.service
+ echo '</service-group>' >> $rootdir/etc/avahi/services/ssh.service
+
+ # keep the daemon running
+ WATCHDOG_SCRIPT_NAME="keepon"
+ echo '' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo '# keep avahi daemon running' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo 'AVAHI_RUNNING=$(pgrep avahi-daemon > /dev/null && echo Running)' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo 'if [ ! $AVAHI_RUNNING ]; then' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo ' systemctl start avahi-daemon' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo ' echo -n $CURRENT_DATE >> $LOGFILE' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo ' echo " Avahi daemon restarted" >> $LOGFILE' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
+ echo 'fi' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
+ chmod +x $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
}
function install_babel_client {
- # TODO to be fixed
- TOXIC_FILE=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-tox | grep "TOXIC_FILE=" | head -n 1 | awk -F '=' '{print $2}')
-
- if [ ! -f ${rootdir}/tmp/meshtype ]; then
- $CHROOT_PREFIX sudo apt-get -y install babeld
- if [ ! -f $TOXIC_FILE ]; then
- $CHROOT_PREFIX sudo apt-get -y install toxic
- fi
-
- CURR_DIR=$(pwd)
- if [ ! -f ~/develop/toxid ]; then
- if [ ! -f ~/develop ]; then
- mkdir ~/develop
- fi
- cd ~/develop
- git_clone $TOXID_REPO ~/develop/toxid
- fi
- cd ~/develop/toxid
- sudo make install
- cd $CURR_DIR
+ # TODO to be fixed
+ TOXIC_FILE=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-tox | grep "TOXIC_FILE=" | head -n 1 | awk -F '=' '{print $2}')
+
+ if [ ! -f ${rootdir}/tmp/meshtype ]; then
+ $CHROOT_PREFIX sudo apt-get -y install babeld
+ if [ ! -f $TOXIC_FILE ]; then
+ $CHROOT_PREFIX sudo apt-get -y install toxic
fi
- babel_script=${rootdir}/tmp/babel
-
- echo '#!/bin/bash' > $babel_script
- echo '' >> $babel_script
- echo 'if [[ $1 == "ls" || $1 == "list" ]]; then' >> $babel_script
- echo ' avahi-browse -atl' >> $babel_script
- echo ' exit 0' >> $babel_script
- echo 'fi' >> $babel_script
- echo '' >> $babel_script
- echo 'if [[ $1 == "start" ]]; then' >> $babel_script
- echo ' if [ -f /tmp/meshtype ] ; then' >> $babel_script
- echo ' echo "Mesh already running"' >> $babel_script
- echo ' return' >> $babel_script
- echo ' fi' >> $batman_script
- echo ' # install avahi' >> $babel_script
- echo ' apt-get -y install avahi-utils avahi-autoipd avahi-daemon avahi-dnsconfd bittornado' >> $babel_script
- echo ' sed -i "s|#host-name=.*|host-name=$(hostname)|g" /etc/avahi/avahi-daemon.conf' >> $babel_script
- echo ' sed -i "s|host-name=.*|host-name=$(hostname)|g" /etc/avahi/avahi-daemon.conf' >> $babel_script
- echo ' if [ -f /bin/systemctl ]; then' >> $babel_script
- echo ' systemctl restart avahi-daemon' >> $babel_script
- echo ' else' >> $babel_script
- echo ' service avahi-daemon restart' >> $babel_script
- echo ' fi' >> $babel_script
- echo ' echo "babel" > /tmp/meshtype' >> $babel_script
- echo 'fi' >> $babel_script
- echo '' >> $babel_script
- echo "IFACE=$WIFI_INTERFACE" >> $babel_script
- echo 'if [[ $IFACE == "wlan0" ]]; then' >> $babel_script
- echo ' if grep -q "wlan1" /proc/net/dev; then' >> $babel_script
- echo ' IFACE=wlan1' >> $babel_script
- echo ' fi' >> $babel_script
- echo 'fi' >> $babel_script
- echo 'if [[ $IFACE == "wlan0" ]]; then' >> $babel_script
- echo ' if grep -q "wlan2" /proc/net/dev; then' >> $babel_script
- echo ' IFACE=wlan2' >> $babel_script
- echo ' fi' >> $babel_script
- echo 'fi' >> $babel_script
- echo 'if [[ $IFACE == "wlan0" ]]; then' >> $babel_script
- echo ' if grep -q "wlan3" /proc/net/dev; then' >> $babel_script
- echo ' IFACE=wlan3' >> $babel_script
- echo ' fi' >> $babel_script
- echo 'fi' >> $babel_script
- echo '' >> $babel_script
- echo 'if [[ ! grep -q "$IFACE" /proc/net/dev || $1 == "stop" ]]; then' >> $babel_script
- echo ' if ! grep -q "$IFACE" /proc/net/dev; then' >> $babel_script
- echo ' echo "Interface $IFACE was not found"' >> $babel_script
- echo ' else' >> $babel_script
- echo ' echo "Stopping"' >> $babel_script
- echo ' fi' >> $babel_script
- echo ' ifconfig $IFACE down' >> $babel_script
- echo ' pkill babeld' >> $babel_script
- echo ' if [ -f /bin/systemctl ]; then' >> $babel_script
- echo ' systemctl restart network-manager' >> $babel_script
- echo ' else' >> $babel_script
- echo ' service network-manager restart' >> $babel_script
- echo ' fi' >> $babel_script
- echo ' exit 1' >> $babel_script
- echo 'fi' >> $babel_script
- echo '' >> $babel_script
- echo 'if [ -f /bin/systemctl ]; then' >> $babel_script
- echo ' systemctl stop network-manager' >> $babel_script
- echo 'else' >> $babel_script
- echo ' service network-manager stop' >> $babel_script
- echo 'fi' >> $babel_script
- echo 'ifconfig $IFACE down' >> $babel_script
- echo -n 'iwconfig $IFACE mode ad-hoc channel ' >> $babel_script
- echo "$WIFI_CHANNEL essid \"$WIFI_SSID\"" >> $babel_script
- echo 'ifconfig $IFACE up' >> $babel_script
- echo -n 'ifconfig $IFACE:avahi ' >> $babel_script
- echo -n "$LOCAL_NETWORK_STATIC_IP_ADDRESS netmask " >> $babel_script
- echo '255.255.255.0 broadcast 192.168.13.255' >> $babel_script
- echo -n 'babeld -D $IFACE:avahi -p ' >> $babel_script
- echo -n "$BABEL_PORT -d 5 " >> $babel_script
- echo '$IFACE' >> $babel_script
- echo 'exit 0' >> $babel_script
- chmod +x $babel_script
- sudo mv $babel_script ${rootdir}/usr/bin/babel
+ CURR_DIR=$(pwd)
+ if [ ! -f ~/develop/toxid ]; then
+ if [ ! -f ~/develop ]; then
+ mkdir ~/develop
+ fi
+ cd ~/develop
+ git_clone $TOXID_REPO ~/develop/toxid
+ fi
+ cd ~/develop/toxid
+ sudo make install
+ cd $CURR_DIR
+ fi
+
+ babel_script=${rootdir}/tmp/babel
+
+ echo '#!/bin/bash' > $babel_script
+ echo '' >> $babel_script
+ echo 'if [[ $1 == "ls" || $1 == "list" ]]; then' >> $babel_script
+ echo ' avahi-browse -atl' >> $babel_script
+ echo ' exit 0' >> $babel_script
+ echo 'fi' >> $babel_script
+ echo '' >> $babel_script
+ echo 'if [[ $1 == "start" ]]; then' >> $babel_script
+ echo ' if [ -f /tmp/meshtype ] ; then' >> $babel_script
+ echo ' echo "Mesh already running"' >> $babel_script
+ echo ' return' >> $babel_script
+ echo ' fi' >> $batman_script
+ echo ' # install avahi' >> $babel_script
+ echo ' apt-get -y install avahi-utils avahi-autoipd avahi-daemon avahi-dnsconfd bittornado' >> $babel_script
+ echo ' sed -i "s|#host-name=.*|host-name=$(hostname)|g" /etc/avahi/avahi-daemon.conf' >> $babel_script
+ echo ' sed -i "s|host-name=.*|host-name=$(hostname)|g" /etc/avahi/avahi-daemon.conf' >> $babel_script
+ echo ' if [ -f /bin/systemctl ]; then' >> $babel_script
+ echo ' systemctl restart avahi-daemon' >> $babel_script
+ echo ' else' >> $babel_script
+ echo ' service avahi-daemon restart' >> $babel_script
+ echo ' fi' >> $babel_script
+ echo ' echo "babel" > /tmp/meshtype' >> $babel_script
+ echo 'fi' >> $babel_script
+ echo '' >> $babel_script
+ echo "IFACE=$WIFI_INTERFACE" >> $babel_script
+ echo 'if [[ $IFACE == "wlan0" ]]; then' >> $babel_script
+ echo ' if grep -q "wlan1" /proc/net/dev; then' >> $babel_script
+ echo ' IFACE=wlan1' >> $babel_script
+ echo ' fi' >> $babel_script
+ echo 'fi' >> $babel_script
+ echo 'if [[ $IFACE == "wlan0" ]]; then' >> $babel_script
+ echo ' if grep -q "wlan2" /proc/net/dev; then' >> $babel_script
+ echo ' IFACE=wlan2' >> $babel_script
+ echo ' fi' >> $babel_script
+ echo 'fi' >> $babel_script
+ echo 'if [[ $IFACE == "wlan0" ]]; then' >> $babel_script
+ echo ' if grep -q "wlan3" /proc/net/dev; then' >> $babel_script
+ echo ' IFACE=wlan3' >> $babel_script
+ echo ' fi' >> $babel_script
+ echo 'fi' >> $babel_script
+ echo '' >> $babel_script
+ echo 'if [[ ! grep -q "$IFACE" /proc/net/dev || $1 == "stop" ]]; then' >> $babel_script
+ echo ' if ! grep -q "$IFACE" /proc/net/dev; then' >> $babel_script
+ echo ' echo "Interface $IFACE was not found"' >> $babel_script
+ echo ' else' >> $babel_script
+ echo ' echo "Stopping"' >> $babel_script
+ echo ' fi' >> $babel_script
+ echo ' ifconfig $IFACE down' >> $babel_script
+ echo ' pkill babeld' >> $babel_script
+ echo ' if [ -f /bin/systemctl ]; then' >> $babel_script
+ echo ' systemctl restart network-manager' >> $babel_script
+ echo ' else' >> $babel_script
+ echo ' service network-manager restart' >> $babel_script
+ echo ' fi' >> $babel_script
+ echo ' exit 1' >> $babel_script
+ echo 'fi' >> $babel_script
+ echo '' >> $babel_script
+ echo 'if [ -f /bin/systemctl ]; then' >> $babel_script
+ echo ' systemctl stop network-manager' >> $babel_script
+ echo 'else' >> $babel_script
+ echo ' service network-manager stop' >> $babel_script
+ echo 'fi' >> $babel_script
+ echo 'ifconfig $IFACE down' >> $babel_script
+ echo -n 'iwconfig $IFACE mode ad-hoc channel ' >> $babel_script
+ echo "$WIFI_CHANNEL essid \"$WIFI_SSID\"" >> $babel_script
+ echo 'ifconfig $IFACE up' >> $babel_script
+ echo -n 'ifconfig $IFACE:avahi ' >> $babel_script
+ echo -n "$LOCAL_NETWORK_STATIC_IP_ADDRESS netmask " >> $babel_script
+ echo '255.255.255.0 broadcast 192.168.13.255' >> $babel_script
+ echo -n 'babeld -D $IFACE:avahi -p ' >> $babel_script
+ echo -n "$BABEL_PORT -d 5 " >> $babel_script
+ echo '$IFACE' >> $babel_script
+ echo 'exit 0' >> $babel_script
+ chmod +x $babel_script
+ sudo mv $babel_script ${rootdir}/usr/bin/babel
}
function install_batman_remove {
- systemctl stop batman
- rm $rootdir/var/lib/batman
- rm $rootdir/etc/systemd/system/batman.service
+ systemctl stop batman
+ rm $rootdir/var/lib/batman
+ rm $rootdir/etc/systemd/system/batman.service
}
function install_batman {
- $CHROOT_PREFIX apt-get -y install iproute bridge-utils libnetfilter-conntrack3 batctl
- $CHROOT_PREFIX apt-get -y install python-dev libevent-dev ebtables python-pip git
- $CHROOT_PREFIX apt-get -y install wireless-tools rfkill
-
- if ! grep -q "batman_adv" $rootdir/etc/modules; then
- echo 'batman_adv' >> $rootdir/etc/modules
- fi
-
- BATMAN_SCRIPT=$rootdir/var/lib/batman
-
- if [ -f /usr/local/bin/${PROJECT_NAME}-mesh-batman ]; then
- cp /usr/local/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
- else
- cp /usr/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
- fi
-
- BATMAN_DAEMON=$rootdir/etc/systemd/system/batman.service
- echo '[Unit]' > $BATMAN_DAEMON
- echo 'Description=B.A.T.M.A.N. Advanced' >> $BATMAN_DAEMON
- echo 'After=network.target' >> $BATMAN_DAEMON
- echo '' >> $BATMAN_DAEMON
- echo '[Service]' >> $BATMAN_DAEMON
- echo 'RemainAfterExit=yes' >> $BATMAN_DAEMON
- echo "ExecStart=/var/lib/batman start" >> $BATMAN_DAEMON
- echo "ExecStop=/var/lib/batman stop" >> $BATMAN_DAEMON
- echo 'Restart=on-failure' >> $BATMAN_DAEMON
- echo 'SuccessExitStatus=3 4' >> $BATMAN_DAEMON
- echo 'RestartForceExitStatus=3 4' >> $BATMAN_DAEMON
- echo '' >> $BATMAN_DAEMON
- echo '# Allow time for the server to start/stop' >> $BATMAN_DAEMON
- echo 'TimeoutSec=300' >> $BATMAN_DAEMON
- echo '' >> $BATMAN_DAEMON
- echo '[Install]' >> $BATMAN_DAEMON
- echo 'WantedBy=multi-user.target' >> $BATMAN_DAEMON
- $CHROOT_PREFIX systemctl enable batman
+ $CHROOT_PREFIX apt-get -y install iproute bridge-utils libnetfilter-conntrack3 batctl
+ $CHROOT_PREFIX apt-get -y install python-dev libevent-dev ebtables python-pip git
+ $CHROOT_PREFIX apt-get -y install wireless-tools rfkill
+
+ if ! grep -q "batman_adv" $rootdir/etc/modules; then
+ echo 'batman_adv' >> $rootdir/etc/modules
+ fi
+
+ BATMAN_SCRIPT=$rootdir/var/lib/batman
+
+ if [ -f /usr/local/bin/${PROJECT_NAME}-mesh-batman ]; then
+ cp /usr/local/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
+ else
+ cp /usr/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
+ fi
+
+ BATMAN_DAEMON=$rootdir/etc/systemd/system/batman.service
+ echo '[Unit]' > $BATMAN_DAEMON
+ echo 'Description=B.A.T.M.A.N. Advanced' >> $BATMAN_DAEMON
+ echo 'After=network.target' >> $BATMAN_DAEMON
+ echo '' >> $BATMAN_DAEMON
+ echo '[Service]' >> $BATMAN_DAEMON
+ echo 'RemainAfterExit=yes' >> $BATMAN_DAEMON
+ echo "ExecStart=/var/lib/batman start" >> $BATMAN_DAEMON
+ echo "ExecStop=/var/lib/batman stop" >> $BATMAN_DAEMON
+ echo 'Restart=on-failure' >> $BATMAN_DAEMON
+ echo 'SuccessExitStatus=3 4' >> $BATMAN_DAEMON
+ echo 'RestartForceExitStatus=3 4' >> $BATMAN_DAEMON
+ echo '' >> $BATMAN_DAEMON
+ echo '# Allow time for the server to start/stop' >> $BATMAN_DAEMON
+ echo 'TimeoutSec=300' >> $BATMAN_DAEMON
+ echo '' >> $BATMAN_DAEMON
+ echo '[Install]' >> $BATMAN_DAEMON
+ echo 'WantedBy=multi-user.target' >> $BATMAN_DAEMON
+ $CHROOT_PREFIX systemctl enable batman
}
function mesh_firewall {
- FIREWALL_FILENAME=${rootdir}/etc/systemd/system/meshfirewall.service
- MESH_FIREWALL_SCRIPT=${rootdir}/usr/bin/mesh-firewall
-
- echo '#!/bin/bash' > $MESH_FIREWALL_SCRIPT
- echo 'iptables -P INPUT ACCEPT' >> $MESH_FIREWALL_SCRIPT
- echo 'ip6tables -P INPUT ACCEPT' >> $MESH_FIREWALL_SCRIPT
- echo 'iptables -F' >> $MESH_FIREWALL_SCRIPT
- echo 'ip6tables -F' >> $MESH_FIREWALL_SCRIPT
- echo 'iptables -t nat -F' >> $MESH_FIREWALL_SCRIPT
- echo 'ip6tables -t nat -F' >> $MESH_FIREWALL_SCRIPT
- echo 'iptables -X' >> $MESH_FIREWALL_SCRIPT
- echo 'ip6tables -X' >> $MESH_FIREWALL_SCRIPT
- echo 'iptables -P INPUT DROP' >> $MESH_FIREWALL_SCRIPT
- echo 'ip6tables -P INPUT DROP' >> $MESH_FIREWALL_SCRIPT
- echo 'iptables -A INPUT -i lo -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
- echo 'iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
- echo '' >> $MESH_FIREWALL_SCRIPT
- echo '# Make sure incoming tcp connections are SYN packets' >> $MESH_FIREWALL_SCRIPT
- echo 'iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP' >> $MESH_FIREWALL_SCRIPT
- echo '' >> $MESH_FIREWALL_SCRIPT
- echo '# Drop packets with incoming fragments' >> $MESH_FIREWALL_SCRIPT
- echo 'iptables -A INPUT -f -j DROP' >> $MESH_FIREWALL_SCRIPT
- echo '' >> $MESH_FIREWALL_SCRIPT
- echo '# Drop bogons' >> $MESH_FIREWALL_SCRIPT
- echo 'iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP' >> $MESH_FIREWALL_SCRIPT
- echo 'iptables -A INPUT -p tcp --tcp-flags ALL FIN,PSH,URG -j DROP' >> $MESH_FIREWALL_SCRIPT
- echo 'iptables -A INPUT -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP' >> $MESH_FIREWALL_SCRIPT
- echo '' >> $MESH_FIREWALL_SCRIPT
- echo '# Incoming malformed NULL packets:' >> $MESH_FIREWALL_SCRIPT
- echo 'iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP' >> $MESH_FIREWALL_SCRIPT
- echo '' >> $MESH_FIREWALL_SCRIPT
- echo "iptables -A INPUT -p tcp --dport $TOX_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
- echo "iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport $ZERONET_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
- echo "iptables -A INPUT -i $WIFI_INTERFACE -p tcp --dport $ZERONET_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
- echo "iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport $TRACKER_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
- echo "iptables -A INPUT -i $WIFI_INTERFACE -p tcp --dport $TRACKER_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
- echo "iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport 1900 -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
- chmod +x $MESH_FIREWALL_SCRIPT
-
- echo '[Unit]' > $FIREWALL_FILENAME
- echo 'Description=Mesh Firewall' >> $FIREWALL_FILENAME
- echo '' >> $FIREWALL_FILENAME
- echo '[Service]' >> $FIREWALL_FILENAME
- echo 'Type=oneshot' >> $FIREWALL_FILENAME
- echo 'ExecStart=/usr/bin/mesh-firewall' >> $FIREWALL_FILENAME
- echo 'RemainAfterExit=no' >> $FIREWALL_FILENAME
- echo '' >> $FIREWALL_FILENAME
- echo 'TimeoutSec=30' >> $FIREWALL_FILENAME
- echo '' >> $FIREWALL_FILENAME
- echo '[Install]' >> $FIREWALL_FILENAME
- echo 'WantedBy=multi-user.target' >> $FIREWALL_FILENAME
- $CHROOT_PREFIX systemctl enable meshfirewall
+ FIREWALL_FILENAME=${rootdir}/etc/systemd/system/meshfirewall.service
+ MESH_FIREWALL_SCRIPT=${rootdir}/usr/bin/mesh-firewall
+
+ echo '#!/bin/bash' > $MESH_FIREWALL_SCRIPT
+ echo 'iptables -P INPUT ACCEPT' >> $MESH_FIREWALL_SCRIPT
+ echo 'ip6tables -P INPUT ACCEPT' >> $MESH_FIREWALL_SCRIPT
+ echo 'iptables -F' >> $MESH_FIREWALL_SCRIPT
+ echo 'ip6tables -F' >> $MESH_FIREWALL_SCRIPT
+ echo 'iptables -t nat -F' >> $MESH_FIREWALL_SCRIPT
+ echo 'ip6tables -t nat -F' >> $MESH_FIREWALL_SCRIPT
+ echo 'iptables -X' >> $MESH_FIREWALL_SCRIPT
+ echo 'ip6tables -X' >> $MESH_FIREWALL_SCRIPT
+ echo 'iptables -P INPUT DROP' >> $MESH_FIREWALL_SCRIPT
+ echo 'ip6tables -P INPUT DROP' >> $MESH_FIREWALL_SCRIPT
+ echo 'iptables -A INPUT -i lo -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
+ echo 'iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
+ echo '' >> $MESH_FIREWALL_SCRIPT
+ echo '# Make sure incoming tcp connections are SYN packets' >> $MESH_FIREWALL_SCRIPT
+ echo 'iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP' >> $MESH_FIREWALL_SCRIPT
+ echo '' >> $MESH_FIREWALL_SCRIPT
+ echo '# Drop packets with incoming fragments' >> $MESH_FIREWALL_SCRIPT
+ echo 'iptables -A INPUT -f -j DROP' >> $MESH_FIREWALL_SCRIPT
+ echo '' >> $MESH_FIREWALL_SCRIPT
+ echo '# Drop bogons' >> $MESH_FIREWALL_SCRIPT
+ echo 'iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP' >> $MESH_FIREWALL_SCRIPT
+ echo 'iptables -A INPUT -p tcp --tcp-flags ALL FIN,PSH,URG -j DROP' >> $MESH_FIREWALL_SCRIPT
+ echo 'iptables -A INPUT -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP' >> $MESH_FIREWALL_SCRIPT
+ echo '' >> $MESH_FIREWALL_SCRIPT
+ echo '# Incoming malformed NULL packets:' >> $MESH_FIREWALL_SCRIPT
+ echo 'iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP' >> $MESH_FIREWALL_SCRIPT
+ echo '' >> $MESH_FIREWALL_SCRIPT
+ echo "iptables -A INPUT -p tcp --dport $TOX_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
+ echo "iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport $ZERONET_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
+ echo "iptables -A INPUT -i $WIFI_INTERFACE -p tcp --dport $ZERONET_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
+ echo "iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport $TRACKER_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
+ echo "iptables -A INPUT -i $WIFI_INTERFACE -p tcp --dport $TRACKER_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
+ echo "iptables -A INPUT -i $WIFI_INTERFACE -p udp --dport 1900 -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
+ chmod +x $MESH_FIREWALL_SCRIPT
+
+ echo '[Unit]' > $FIREWALL_FILENAME
+ echo 'Description=Mesh Firewall' >> $FIREWALL_FILENAME
+ echo '' >> $FIREWALL_FILENAME
+ echo '[Service]' >> $FIREWALL_FILENAME
+ echo 'Type=oneshot' >> $FIREWALL_FILENAME
+ echo 'ExecStart=/usr/bin/mesh-firewall' >> $FIREWALL_FILENAME
+ echo 'RemainAfterExit=no' >> $FIREWALL_FILENAME
+ echo '' >> $FIREWALL_FILENAME
+ echo 'TimeoutSec=30' >> $FIREWALL_FILENAME
+ echo '' >> $FIREWALL_FILENAME
+ echo '[Install]' >> $FIREWALL_FILENAME
+ echo 'WantedBy=multi-user.target' >> $FIREWALL_FILENAME
+ $CHROOT_PREFIX systemctl enable meshfirewall
}
function enable_tox_repo {
- sudo sh -c "echo 'deb http://download.opensuse.org/repositories/home:/antonbatenev:/tox/Debian_8.0/ /' > /etc/apt/sources.list.d/tox.list"
- wget http://download.opensuse.org/repositories/home:antonbatenev:tox/Debian_8.0/Release.key
- sudo sh -c "apt-key add - < Release.key"
- sudo apt-get update
- echo "Tox Repository Installed."
+ sudo sh -c "echo 'deb http://download.opensuse.org/repositories/home:/antonbatenev:/tox/Debian_8.0/ /' > /etc/apt/sources.list.d/tox.list"
+ wget http://download.opensuse.org/repositories/home:antonbatenev:tox/Debian_8.0/Release.key
+ sudo sh -c "apt-key add - < Release.key"
+ sudo apt-get update
+ echo "Tox Repository Installed."
}
function mesh_tox_client_qtox {
- enable_tox_repo
- sudo apt-get -y install qtox
- echo "qTox Installed."
+ enable_tox_repo
+ sudo apt-get -y install qtox
+ echo "qTox Installed."
}
function mesh_tox_client_toxic_from_repo {
- enable_tox_repo
- sudo apt-get -y install toxic
- echo "Toxic Installed."
+ enable_tox_repo
+ sudo apt-get -y install toxic
+ echo "Toxic Installed."
}
while [[ $# > 1 ]]
do
- key="$1"
-
- case $key in
- -h|--help)
- show_help
- ;;
- -f|--function)
- shift
- FN="$1"
- ;;
- -r|--rootdir)
- shift
- rootdir="$1"
- CHROOT_PREFIX='chroot "${rootdir}"'
- ;;
- -w|--wifi|--interface)
- shift
- WIFI_INTERFACE="$1"
- ;;
- -m|--mirror)
- shift
- FRIENDS_MIRRORS_SERVER="$1"
- ;;
- --remove)
- shift
- REMOVE="$1"
- ;;
- *)
- # unknown option
- ;;
-
- esac
- shift
+ key="$1"
+
+ case $key in
+ -h|--help)
+ show_help
+ ;;
+ -f|--function)
+ shift
+ FN="$1"
+ ;;
+ -r|--rootdir)
+ shift
+ rootdir="$1"
+ CHROOT_PREFIX='chroot "${rootdir}"'
+ ;;
+ -w|--wifi|--interface)
+ shift
+ WIFI_INTERFACE="$1"
+ ;;
+ -m|--mirror)
+ shift
+ FRIENDS_MIRRORS_SERVER="$1"
+ ;;
+ --remove)
+ shift
+ REMOVE="$1"
+ ;;
+ *)
+ # unknown option
+ ;;
+
+ esac
+ shift
done
if [[ $FN == 'babel' ]]; then
- if [[ $REMOVE != 'yes' ]]; then
- install_babel
- else
- install_babel_remove
- fi
+ if [[ $REMOVE != 'yes' ]]; then
+ install_babel
+ else
+ install_babel_remove
+ fi
fi
if [[ $FN == 'babel_client' ]]; then
- install_babel_client
+ install_babel_client
fi
if [[ $FN == 'avahi' ]]; then
- mesh_avahi
+ mesh_avahi
fi
if [[ $FN == 'firewall' ]]; then
- mesh_firewall
+ mesh_firewall
fi
if [[ $FN == 'batman' ]]; then
- if [[ $REMOVE != 'yes' ]]; then
- install_batman
- else
- install_batman_remove
- fi
+ if [[ $REMOVE != 'yes' ]]; then
+ install_batman
+ else
+ install_batman_remove
+ fi
fi
if [[ $FN == 'qtox' ]]; then
- mesh_tox_client_qtox
+ mesh_tox_client_qtox
fi
if [[ $FN == 'toxic' ]]; then
- mesh_tox_client_toxic_from_repo
+ mesh_tox_client_toxic_from_repo
fi
exit 0
--
GitLab