From 835c14d9289cf0b981f498054ca4b14ecc86a80f Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@robotics.uk.to>
Date: Fri, 8 Jul 2016 14:28:12 +0100
Subject: [PATCH] Function to upgrade apps
---
src/freedombone-backup-local | 1 +
src/freedombone-utils-setup | 458 ++++++++++++++++++-----------------
2 files changed, 241 insertions(+), 218 deletions(-)
diff --git a/src/freedombone-backup-local b/src/freedombone-backup-local
index 4826b18f5..9b78bdcc6 100755
--- a/src/freedombone-backup-local
+++ b/src/freedombone-backup-local
@@ -259,6 +259,7 @@ function backup_apps {
do
app_name=$(echo "${filename}" | awk -F '-app-' '{print $2}')
if [[ $(item_in_array ${app_name} ${APPS_COMPLETED[@]}) != 0 ]]; then
+ function_check app_is_installed
if [[ "$(app_is_installed $a)" == "1" ]]; then
APPS_COMPLETED+=("${app_name}")
function_check backup_local_${app_name}
diff --git a/src/freedombone-utils-setup b/src/freedombone-utils-setup
index 1c7ffc7c7..2eb098dcb 100755
--- a/src/freedombone-utils-setup
+++ b/src/freedombone-utils-setup
@@ -87,152 +87,152 @@ CHECK_MESSAGE="Check your internet connection, /etc/network/interfaces and /etc/
DH_KEYLENGTH=2048
function initial_setup {
- if grep -Fxq "initial_setup" $COMPLETION_FILE; then
- return
- fi
-
- apt-get -y remove --purge apache*
- apt-get -y dist-upgrade
- apt-get -y install ca-certificates emacs24 cpulimit
- apt-get -y install cryptsetup libgfshare-bin obnam sshpass wget
- apt-get -y install avahi-daemon avahi-utils avahi-discover
- apt-get -y install connect-proxy
-
- if [ ! -d $INSTALL_DIR ]; then
- mkdir -p $INSTALL_DIR
- fi
-
- echo 'initial_setup' >> $COMPLETION_FILE
+ if grep -Fxq "initial_setup" $COMPLETION_FILE; then
+ return
+ fi
+
+ apt-get -y remove --purge apache*
+ apt-get -y dist-upgrade
+ apt-get -y install ca-certificates emacs24 cpulimit
+ apt-get -y install cryptsetup libgfshare-bin obnam sshpass wget
+ apt-get -y install avahi-daemon avahi-utils avahi-discover
+ apt-get -y install connect-proxy
+
+ if [ ! -d $INSTALL_DIR ]; then
+ mkdir -p $INSTALL_DIR
+ fi
+
+ echo 'initial_setup' >> $COMPLETION_FILE
}
function search_for_attached_usb_drive {
- # If a USB drive is attached then search for email,
- # gpg, ssh keys and emacs configuration
- if grep -Fxq "search_for_attached_usb_drive" $COMPLETION_FILE; then
- return
- fi
- if [ -b $USB_DRIVE ]; then
- if [ ! -d $USB_MOUNT ]; then
- echo $'Mounting USB drive'
- mkdir $USB_MOUNT
- mount $USB_DRIVE $USB_MOUNT
- fi
- if ! [[ $SYSTEM_TYPE == "$VARIANT_WRITER" || $SYSTEM_TYPE == "$VARIANT_CLOUD" || $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_SOCIAL" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_DEVELOPER" || $SYSTEM_TYPE == "$VARIANT_MESH" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" ]]; then
- if [ -d $USB_MOUNT/Maildir ]; then
- echo $'Maildir found on USB drive'
- IMPORT_MAILDIR=$USB_MOUNT/Maildir
- fi
- if [ -d $USB_MOUNT/.gnupg ]; then
- echo $'Importing GPG keyring'
- cp -r $USB_MOUNT/.gnupg /home/$MY_USERNAME
- chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg
- GPG_KEYS_IMPORTED="yes"
- if [ ! -f /home/$MY_USERNAME/.gnupg/secring.gpg ]; then
- echo $'GPG files did not copy'
- exit 73529
- fi
- fi
-
- if [ -f $USB_MOUNT/.procmailrc ]; then
- echo $'Importing procmail settings'
- cp $USB_MOUNT/.procmailrc /home/$MY_USERNAME
- chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.procmailrc
- fi
-
- if [ -f $USB_MOUNT/private_key.gpg ]; then
- echo $'GPG private key found on USB drive'
- MY_GPG_PRIVATE_KEY=$USB_MOUNT/private_key.gpg
- fi
- if [ -f $USB_MOUNT/public_key.gpg ]; then
- echo $'GPG public key found on USB drive'
- MY_GPG_PUBLIC_KEY=$USB_MOUNT/public_key.gpg
- fi
- fi
- if [ -d $USB_MOUNT/prosody ]; then
- if [ ! -d $XMPP_DIRECTORY ]; then
- mkdir $XMPP_DIRECTORY
- fi
- cp -r $USB_MOUNT/prosody/* $XMPP_DIRECTORY
- chown -R prosody:prosody $XMPP_DIRECTORY
- fi
- if [ -d $USB_MOUNT/.ssh ]; then
- echo $'Importing ssh keys'
- cp -r $USB_MOUNT/.ssh /home/$MY_USERNAME
- chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh
- # for security delete the ssh keys from the usb drive
- if [ ! -f /home/$MY_USERNAME/.ssh/id_rsa ]; then
- echo $'ssh files did not copy'
- exit 8
- fi
- fi
- if [ -f $USB_MOUNT/.emacs ]; then
- echo $'Importing .emacs file'
- cp -f $USB_MOUNT/.emacs /home/$MY_USERNAME/.emacs
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.emacs
- fi
- if [ -d $USB_MOUNT/.emacs.d ]; then
- echo $'Importing .emacs.d directory'
- cp -r $USB_MOUNT/.emacs.d /home/$MY_USERNAME
- chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.emacs.d
- fi
- if [ -d $USB_MOUNT/ssl ]; then
- echo $'Importing SSL certificates'
- cp -r $USB_MOUNT/ssl/* /etc/ssl
- chmod 640 /etc/ssl/certs/*
- chmod 400 /etc/ssl/private/*
- # change ownership of some certificates
- if [ -d /etc/prosody ]; then
- chown prosody:prosody /etc/ssl/private/xmpp.*
- chown prosody:prosody /etc/ssl/certs/xmpp.*
- fi
- if [ -d /etc/dovecot ]; then
- chown root:dovecot /etc/ssl/certs/dovecot.*
- chown root:dovecot /etc/ssl/private/dovecot.*
- fi
- if [ -f /etc/ssl/private/exim.key ]; then
- cp /etc/ssl/private/exim.key /etc/exim4
- cp /etc/ssl/certs/exim.crt /etc/exim4
- cp /etc/ssl/certs/exim.dhparam /etc/exim4
- chown root:Debian-exim /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
- chmod 640 /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
- fi
- fi
- if [ -d $USB_MOUNT/personal ]; then
- echo $'Importing personal directory'
- cp -r $USB_MOUNT/personal /home/$MY_USERNAME
- chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/personal
- fi
- else
- if [ -d $USB_MOUNT ]; then
- umount $USB_MOUNT
- rm -rf $USB_MOUNT
- fi
- echo $'No USB drive attached'
- fi
- echo 'search_for_attached_usb_drive' >> $COMPLETION_FILE
+ # If a USB drive is attached then search for email,
+ # gpg, ssh keys and emacs configuration
+ if grep -Fxq "search_for_attached_usb_drive" $COMPLETION_FILE; then
+ return
+ fi
+ if [ -b $USB_DRIVE ]; then
+ if [ ! -d $USB_MOUNT ]; then
+ echo $'Mounting USB drive'
+ mkdir $USB_MOUNT
+ mount $USB_DRIVE $USB_MOUNT
+ fi
+ if ! [[ $SYSTEM_TYPE == "$VARIANT_WRITER" || $SYSTEM_TYPE == "$VARIANT_CLOUD" || $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_SOCIAL" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_DEVELOPER" || $SYSTEM_TYPE == "$VARIANT_MESH" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" ]]; then
+ if [ -d $USB_MOUNT/Maildir ]; then
+ echo $'Maildir found on USB drive'
+ IMPORT_MAILDIR=$USB_MOUNT/Maildir
+ fi
+ if [ -d $USB_MOUNT/.gnupg ]; then
+ echo $'Importing GPG keyring'
+ cp -r $USB_MOUNT/.gnupg /home/$MY_USERNAME
+ chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg
+ GPG_KEYS_IMPORTED="yes"
+ if [ ! -f /home/$MY_USERNAME/.gnupg/secring.gpg ]; then
+ echo $'GPG files did not copy'
+ exit 73529
+ fi
+ fi
+
+ if [ -f $USB_MOUNT/.procmailrc ]; then
+ echo $'Importing procmail settings'
+ cp $USB_MOUNT/.procmailrc /home/$MY_USERNAME
+ chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.procmailrc
+ fi
+
+ if [ -f $USB_MOUNT/private_key.gpg ]; then
+ echo $'GPG private key found on USB drive'
+ MY_GPG_PRIVATE_KEY=$USB_MOUNT/private_key.gpg
+ fi
+ if [ -f $USB_MOUNT/public_key.gpg ]; then
+ echo $'GPG public key found on USB drive'
+ MY_GPG_PUBLIC_KEY=$USB_MOUNT/public_key.gpg
+ fi
+ fi
+ if [ -d $USB_MOUNT/prosody ]; then
+ if [ ! -d $XMPP_DIRECTORY ]; then
+ mkdir $XMPP_DIRECTORY
+ fi
+ cp -r $USB_MOUNT/prosody/* $XMPP_DIRECTORY
+ chown -R prosody:prosody $XMPP_DIRECTORY
+ fi
+ if [ -d $USB_MOUNT/.ssh ]; then
+ echo $'Importing ssh keys'
+ cp -r $USB_MOUNT/.ssh /home/$MY_USERNAME
+ chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh
+ # for security delete the ssh keys from the usb drive
+ if [ ! -f /home/$MY_USERNAME/.ssh/id_rsa ]; then
+ echo $'ssh files did not copy'
+ exit 8
+ fi
+ fi
+ if [ -f $USB_MOUNT/.emacs ]; then
+ echo $'Importing .emacs file'
+ cp -f $USB_MOUNT/.emacs /home/$MY_USERNAME/.emacs
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.emacs
+ fi
+ if [ -d $USB_MOUNT/.emacs.d ]; then
+ echo $'Importing .emacs.d directory'
+ cp -r $USB_MOUNT/.emacs.d /home/$MY_USERNAME
+ chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.emacs.d
+ fi
+ if [ -d $USB_MOUNT/ssl ]; then
+ echo $'Importing SSL certificates'
+ cp -r $USB_MOUNT/ssl/* /etc/ssl
+ chmod 640 /etc/ssl/certs/*
+ chmod 400 /etc/ssl/private/*
+ # change ownership of some certificates
+ if [ -d /etc/prosody ]; then
+ chown prosody:prosody /etc/ssl/private/xmpp.*
+ chown prosody:prosody /etc/ssl/certs/xmpp.*
+ fi
+ if [ -d /etc/dovecot ]; then
+ chown root:dovecot /etc/ssl/certs/dovecot.*
+ chown root:dovecot /etc/ssl/private/dovecot.*
+ fi
+ if [ -f /etc/ssl/private/exim.key ]; then
+ cp /etc/ssl/private/exim.key /etc/exim4
+ cp /etc/ssl/certs/exim.crt /etc/exim4
+ cp /etc/ssl/certs/exim.dhparam /etc/exim4
+ chown root:Debian-exim /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
+ chmod 640 /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
+ fi
+ fi
+ if [ -d $USB_MOUNT/personal ]; then
+ echo $'Importing personal directory'
+ cp -r $USB_MOUNT/personal /home/$MY_USERNAME
+ chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/personal
+ fi
+ else
+ if [ -d $USB_MOUNT ]; then
+ umount $USB_MOUNT
+ rm -rf $USB_MOUNT
+ fi
+ echo $'No USB drive attached'
+ fi
+ echo 'search_for_attached_usb_drive' >> $COMPLETION_FILE
}
function mark_admin_user_account {
- if ! grep -q "Admin user:" $COMPLETION_FILE; then
- echo "Admin user:$MY_USERNAME" >> $COMPLETION_FILE
- fi
+ if ! grep -q "Admin user:" $COMPLETION_FILE; then
+ echo "Admin user:$MY_USERNAME" >> $COMPLETION_FILE
+ fi
}
function remove_instructions_from_motd {
- sed -i '/## /d' /etc/motd
+ sed -i '/## /d' /etc/motd
}
function remove_default_user {
- # make sure you don't use the default user account
- if [[ $MY_USERNAME == "debian" ]]; then
- echo 'Do not use the default debian user account. Create a different user with: adduser [username]'
- exit 68
- fi
- # remove the default debian user to prevent it from becoming an attack vector
- if [ -d /home/debian ]; then
- userdel -r debian
- echo 'Default debian user account removed'
- fi
+ # make sure you don't use the default user account
+ if [[ $MY_USERNAME == "debian" ]]; then
+ echo 'Do not use the default debian user account. Create a different user with: adduser [username]'
+ exit 68
+ fi
+ # remove the default debian user to prevent it from becoming an attack vector
+ if [ -d /home/debian ]; then
+ userdel -r debian
+ echo 'Default debian user account removed'
+ fi
}
function upgrade_installation {
@@ -241,102 +241,124 @@ function upgrade_installation {
}
function setup_firewall {
- configure_firewall
- configure_firewall_ping
- configure_firewall_for_dns
- configure_firewall_for_avahi
+ configure_firewall
+ configure_firewall_ping
+ configure_firewall_for_dns
+ configure_firewall_for_avahi
}
function setup_utils {
- read_configuration
- upgrade_installation
- set_default_onion_domains
- locale_setup
- parse_args
- check_domains
- install_static_network
- remove_default_user
- setup_firewall
- create_repo_sources
- configure_dns
- initial_setup
- install_tor
- #resolve_dns_via_tor
- install_command_line_browser
- enable_ssh_via_onion
- check_date
- install_dynamicdns
- randomize_cron
- create_freedns_updater
- mark_admin_user_account
- enforce_good_passwords
- install_editor
- change_login_message
- enable_zram
- random_number_generator
- set_your_domain_name
- time_synchronisation_tlsdate
- configure_internet_protocol
- create_git_project
- setup_wifi
- configure_ssh
- configure_ssh_onion
- allow_ssh_to_onion_address
- remove_instructions_from_motd
- check_hwrng
- search_for_attached_usb_drive
- regenerate_ssh_keys
- create_mirrors
- create_upgrade_script
- letsencrypt_renewals
- install_watchdog_script
- configure_avahi
- create_avahi_onion_domains
- #install_atheros_wifi
- route_outgoing_traffic_through_tor
- upgrade_golang
+ read_configuration
+ upgrade_installation
+ set_default_onion_domains
+ locale_setup
+ parse_args
+ check_domains
+ install_static_network
+ remove_default_user
+ setup_firewall
+ create_repo_sources
+ configure_dns
+ initial_setup
+ install_tor
+ #resolve_dns_via_tor
+ install_command_line_browser
+ enable_ssh_via_onion
+ check_date
+ install_dynamicdns
+ randomize_cron
+ create_freedns_updater
+ mark_admin_user_account
+ enforce_good_passwords
+ install_editor
+ change_login_message
+ enable_zram
+ random_number_generator
+ set_your_domain_name
+ time_synchronisation_tlsdate
+ configure_internet_protocol
+ create_git_project
+ setup_wifi
+ configure_ssh
+ configure_ssh_onion
+ allow_ssh_to_onion_address
+ remove_instructions_from_motd
+ check_hwrng
+ search_for_attached_usb_drive
+ regenerate_ssh_keys
+ create_mirrors
+ create_upgrade_script
+ letsencrypt_renewals
+ install_watchdog_script
+ configure_avahi
+ create_avahi_onion_domains
+ #install_atheros_wifi
+ route_outgoing_traffic_through_tor
+ upgrade_golang
}
function setup_email {
- install_email
- create_procmail
- handle_admin_emails
- spam_filtering
- configure_imap
- #configure_imap_client_certs
- configure_gpg
- refresh_gpg_keys
- configure_backup_key
- install_monkeysphere
- encrypt_incoming_email
- encrypt_outgoing_email
- email_client
- email_archiving
- email_from_address
- create_public_mailing_list
- #create_private_mailing_list
- encrypt_all_email
- import_email
+ install_email
+ create_procmail
+ handle_admin_emails
+ spam_filtering
+ configure_imap
+ #configure_imap_client_certs
+ configure_gpg
+ refresh_gpg_keys
+ configure_backup_key
+ install_monkeysphere
+ encrypt_incoming_email
+ encrypt_outgoing_email
+ email_client
+ email_archiving
+ email_from_address
+ create_public_mailing_list
+ #create_private_mailing_list
+ encrypt_all_email
+ import_email
}
function setup_web {
- install_web_server
- install_web_server_access_control
+ install_web_server
+ install_web_server_access_control
+}
+
+function upgrade_apps {
+ APPS_COMPLETED=()
+ FILES=/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*
+
+ # for all the app scripts
+ for filename in $FILES
+ do
+ app_name=$(echo "${filename}" | awk -F '-app-' '{print $2}')
+ if [[ $(item_in_array ${app_name} ${APPS_COMPLETED[@]}) != 0 ]]; then
+ function_check app_is_installed
+ if [[ "$(app_is_installed $a)" == "1" ]]; then
+ APPS_COMPLETED+=("${app_name}")
+ function_check upgrade_${app_name}
+ upgrade_${app_name}
+ fi
+ fi
+ done
}
function setup_apps {
- function_check choose_apps_for_variant
- choose_apps_for_variant "$SYSTEM_TYPE"
-
- echo $"System variant: $SYSTEM_TYPE"
- echo $'The following apps have been selected'
- echo ''
- function_check list_chosen_apps
- list_chosen_apps
- echo ''
-
- function_check install_apps
- install_apps
+ function_check choose_apps_for_variant
+ choose_apps_for_variant "$SYSTEM_TYPE"
+
+ echo $"System variant: $SYSTEM_TYPE"
+ echo $'The following apps have been selected'
+ echo ''
+ function_check list_chosen_apps
+ list_chosen_apps
+ echo ''
+
+ function_check upgrade_apps
+ upgrade_apps
+
+ function_check install_apps
+ install_apps
}
# NOTE: deliberately no exit 0
--
GitLab