#!/bin/bash
# _____ _ _
# | __|___ ___ ___ _| |___ _____| |_ ___ ___ ___
# | __| _| -_| -_| . | . | | . | . | | -_|
# |__| |_| |___|___|___|___|_|_|_|___|___|_|_|___|
#
# Freedom in the Cloud
#
# Performs a factory reset
#
# License
# =======
#
# Copyright (C) 2018 Bob Mottram <bob@freedombone.net>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
PROJECT_NAME='freedombone'
export TEXTDOMAIN=${PROJECT_NAME}-factory-reset
export TEXTDOMAINDIR="/usr/share/locale"
CONFIGURATION_FILE="/root/${PROJECT_NAME}.cfg"
COMPLETION_FILE="/root/${PROJECT_NAME}-completed.txt"
# Start including files
source /usr/local/bin/${PROJECT_NAME}-vars
UTILS_FILES="/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*"
for f in $UTILS_FILES
do
source "$f"
done
APP_FILES="/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*"
for f in $APP_FILES
do
source "$f"
done
# End including files
FACTORY_RESET_OPTIONS=$1
if [[ "$FACTORY_RESET_OPTIONS" != '-f' && "$FACTORY_RESET_OPTIONS" != '-y' && "$FACTORY_RESET_OPTIONS" != '--force' ]]; then
echo $'>>> FACTORY RESET <<<'
read -r -p $"Do you really wish to perform a factory reset? This will erase all data. (y/n) ?" yn
if [[ $yn != 'y' && $yn != 'Y' && $yn != 'yes' && $yn != 'Yes' && $yn != 'YES' ]]; then
echo $"Factory reset was not performed"
exit 1
fi
else
echo $"Forced factory reset"
fi
echo $'Removing installed apps...'
detect_apps
get_apps_installed_names
# shellcheck disable=SC2068
for app_name in ${APPS_INSTALLED_NAMES[@]}
do
if [[ $(function_exists "remove_${app_name}") == "1" ]]; then
echo $"Removing ${app_name}"
app_load_variables "${app_name}"
# call the remove function
"remove_${app_name}"
# ensure that any tor settings are gone
if [ -d "/var/lib/tor/hidden_service_${app_name}" ]; then
rm -rf "/var/lib/tor/hidden_service_${app_name}"
fi
fi
done
if [ -f /etc/nginx/.webadminpasswd ]; then
rm /etc/nginx/.webadminpasswd
fi
if [ -f /root/.temp_webadmin_password ]; then
rm /root/.temp_webadmin_password
fi
if [ ! -f /root/.initial_setup ]; then
touch /root/.initial_setup
fi
if [ -f "$COMPLETION_FILE" ]; then
rm "$COMPLETION_FILE"
fi
# create an fbone user
MY_USERNAME=fbone
if [ ! -d /home/$MY_USERNAME ]; then
adduser --gecos "$MY_USERNAME" --disabled-password "$MY_USERNAME"
echo -n "$MY_USERNAME:${PROJECT_NAME}" | /usr/sbin/chpasswd
adduser "$MY_USERNAME" sudo
cat >> "/home/$MY_USERNAME/.bashrc" <<EOF
# initial setup of the system
if [ -f ~/.initial_setup ]; then
clear
echo "
.---. . .
| | |
|--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-.
| | (.-' (.-' ( | ( )| | | | )( )| | (.-'
' ' --' --' -' - -' ' ' -' -' -' ' - --'
Initial setup process
Please enter your password a second time.
"
sudo su
fi
EOF
touch "/home/$MY_USERNAME/.initial_setup"
/bin/chown "$MY_USERNAME":"$MY_USERNAME" "/home/$MY_USERNAME/.initial_setup"
fi
# remove existing admin user
if grep -q "MY_USERNAME=" "$CONFIGURATION_FILE"; then
MY_USERNAME=$(grep "MY_USERNAME=" "$CONFIGURATION_FILE" | awk -F '=' '{print $2}')
if [ "$MY_USERNAME" ]; then
if [[ "$MY_USERNAME" != 'fbone' ]]; then
if [ -d "/home/$MY_USERNAME" ]; then
chmod 600 /etc/shadow
chmod 600 /etc/gshadow
userdel -r "$MY_USERNAME"
groupdel "$MY_USERNAME"
chmod 0000 /etc/shadow
chmod 0000 /etc/gshadow
fi
fi
fi
fi
# ssh
rm -f /etc/ssh/ssh_host_*
dpkg-reconfigure openssh-server
echo $'ssh host keys regenerated'
# remove small moduli
awk '$5 > 2000' /etc/ssh/moduli > ~/moduli
mv ~/moduli /etc/ssh/moduli
echo $'ssh small moduli removed'
$REMOVE_UNUSED_PACKAGES
$CLEAN_PACKAGES
/bin/rm -rf /var/lib/apt/lists/*
systemctl reboot -i
exit 0