diff --git a/src/freedombone-deploy b/src/freedombone-deploy deleted file mode 100755 index 48481267..00000000 --- a/src/freedombone-deploy +++ /dev/null @@ -1,165 +0,0 @@ -#!/bin/bash -# -# .---. . . -# | | | -# |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-. -# | | (.-' (.-' ( | ( )| | | | )( )| | (.-' -# ' ' --' --' -' - -' ' ' -' -' -' ' - --' -# -# Freedom in the Cloud -# -# An initialisation script which can be run after installing -# a disk image -# -# License -# ======= -# -# Copyright (C) 2015 Bob Mottram -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see . - -PROJECT_NAME='freedombone' - -export TEXTDOMAIN=${PROJECT_NAME}-deploy -export TEXTDOMAINDIR="/usr/share/locale" - -# Default username for disk images -DEFAULT_IMAGE_USERNAME='freedom' - -MY_NAME='fbn' -MY_USERNAME=$MY_NAME -MY_EMAIL_ADDRESS=$MY_USERNAME@$(hostname) - -# various passwords -CJDNS_PASSWORD= -MARIADB_PASSWORD= -MICROBLOG_ADMIN_PASSWORD= -GIT_ADMIN_PASSWORD= -HUBZILLA_ADMIN_PASSWORD= -OWNCLOUD_ADMIN_PASSWORD= -WIKI_ADMIN_PASSWORD= -FULLBLOG_ADMIN_PASSWORD= -VOIP_SERVER_PASSWORD= -SIP_SERVER_PASSWORD= - -function create_backup_gpg_key { - echo 'Key-Type: 1' > /home/$MY_USERNAME/gpg-genkey.conf - echo 'Key-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf - echo 'Subkey-Type: 1' >> /home/$MY_USERNAME/gpg-genkey.conf - echo 'Subkey-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf - echo "Name-Real: $MY_NAME" >> /home/$MY_USERNAME/gpg-genkey.conf - echo "Name-Email: $MY_EMAIL_ADDRESS" >> /home/$MY_USERNAME/gpg-genkey.conf - echo "Name-Comment: backup key" >> /home/$MY_USERNAME/gpg-genkey.conf - echo 'Expire-Date: 0' >> /home/$MY_USERNAME/gpg-genkey.conf - chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/gpg-genkey.conf - su -c "gpg --batch --gen-key /home/$MY_USERNAME/gpg-genkey.conf" - $MY_USERNAME - shred -zu /home/$MY_USERNAME/gpg-genkey.conf - BACKUP_KEY_EXISTS=$(su -c "gpg --list-keys \"$MY_NAME (backup key)\"" - $MY_USERNAME) - if [ ! "$?" = "0" ]; then - echo 'Backup key could not be created' - exit 43382 - fi - - MY_BACKUP_KEY_ID=$(su -c "gpg --list-keys \"$MY_NAME (backup key)\" | grep 'pub '" - $MY_USERNAME | awk -F ' ' '{print $2}' | awk -F '/' '{print $2}') - echo "Backup key: $MY_BACKUP_KEY_ID" - MY_BACKUP_KEY=/home/$MY_USERNAME/backup_key - su -c "gpg --output ${MY_BACKUP_KEY}_public.asc --armor --export $MY_BACKUP_KEY_ID" - $MY_USERNAME - su -c "gpg --output ${MY_BACKUP_KEY}_private.asc --armor --export-secret-key $MY_BACKUP_KEY_ID" - $MY_USERNAME - if [ ! -f ${MY_BACKUP_KEY}_public.asc ]; then - echo 'Public backup key could not be exported' - exit 36829 - fi - if [ ! -f ${MY_BACKUP_KEY}_private.asc ]; then - echo 'Private backup key could not be exported' - exit 29235 - fi - - # import backup key to root user - gpg --import --import ${MY_BACKUP_KEY}_public.asc - gpg --allow-secret-key-import --import ${MY_BACKUP_KEY}_private.asc - - shred -zu ${MY_BACKUP_KEY}_public.asc - shred -zu ${MY_BACKUP_KEY}_private.asc - echo 'New backup gpg key created' -} - -function regenerate_ssh_host_keys { - rm -f /etc/ssh/ssh_host_* - dpkg-reconfigure openssh-server - echo 'ssh host keys regenerated' - # remove small moduli - awk '$5 > 2000' /etc/ssh/moduli > ~/moduli - mv ~/moduli /etc/ssh/moduli - echo 'ssh small moduli removed' - systemctl restart ssh -} - -function get_passwords_from_readme { - readme_file=$1 - if [ ! -f $readme_file ]; then - return - fi - - if grep -q "cjdns password" $readme_file; then - if [ ! $CJDNS_PASSWORD ]; then - CJDNS_PASSWORD=$(cat $readme_file | grep "cjdns password" | awk -F ':' '{print $2}' | sed 's/^ *//') - fi - fi - if grep -q "MariaDB password" $readme_file; then - if [ -f $DATABASE_PASSWORD_FILE ]; then - MARIADB_PASSWORD=$(cat $DATABASE_PASSWORD_FILE) - else - MARIADB_PASSWORD=$(cat $readme_file | grep "MariaDB password" | awk -F ':' '{print $2}' | sed 's/^ *//') - echo "$MARIADB_PASSWORD" > $DATABASE_PASSWORD_FILE - chmod 600 $DATABASE_PASSWORD_FILE - fi - fi - if grep -q "MariaDB gnusocial admin password" $readme_file; then - MICROBLOG_ADMIN_PASSWORD=$(cat $readme_file | grep "MariaDB gnusocial admin password" | awk -F ':' '{print $2}' | sed 's/^ *//') - fi - if grep -q "Gogs admin user password" $readme_file; then - GIT_ADMIN_PASSWORD=$(cat $readme_file | grep "Gogs admin user password" | awk -F ':' '{print $2}' | sed 's/^ *//') - fi - if grep -q "MariaDB Hubzilla admin password" $readme_file; then - HUBZILLA_ADMIN_PASSWORD=$(cat $readme_file | grep "MariaDB Hubzilla admin password" | awk -F ':' '{print $2}' | sed 's/^ *//') - fi - if grep -q "Owncloud database password" $readme_file; then - OWNCLOUD_ADMIN_PASSWORD=$(cat $readme_file | grep "Owncloud database password" | awk -F ':' '{print $2}' | sed 's/^ *//') - fi - if grep -q "Wiki password" $readme_file; then - WIKI_ADMIN_PASSWORD=$(cat $readme_file | grep "Wiki password:" | awk -F ':' '{print $2}' | sed 's/^ *//') - fi -} - -function set_admin_user { - sed -i "s|Admin user:.*|Admin user:$MY_USERNAME|g" $COMPLETION_FILE -} - -if [ ! -d /home/$DEFAULT_IMAGE_USERNAME ]; then - echo "User $DEFAULT_IMAGE_USERNAME not found" - exit 52372 -fi - -if [ -d /home/$MY_USERNAME ]; then - echo "User $MY_USERNAME already exists" - exit 73538 -fi - -get_passwords_from_readme /home/$DEFAULT_IMAGE_USERNAME/README -#${PROJECT_NAME}-adduser $MY_USERNAME > ~/setup.txt -#set_admin_user -#create_backup_gpg_key -#regenerate_ssh_host_keys - -exit 0