From 299739580fdd702dac1311c896edd29c1a90a9fa Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Tue, 25 Oct 2016 20:59:03 +0100 Subject: [PATCH] Add an irc bouncer --- src/freedombone-app-irc | 121 +++++++++++++++++++++++++++++-- src/freedombone-utils-cron | 6 +- src/freedombone-utils-validation | 2 +- 3 files changed, 121 insertions(+), 8 deletions(-) diff --git a/src/freedombone-app-irc b/src/freedombone-app-irc index e2da4e58..1850932e 100755 --- a/src/freedombone-app-irc +++ b/src/freedombone-app-irc @@ -33,8 +33,9 @@ VARIANTS='full full-vim chat' IN_DEFAULT_INSTALL=1 SHOW_ON_ABOUT=1 -IRC_PORT=6697 -IRC_ONION_PORT=6697 +IRC_BOUNCER_PORT=6697 +IRC_ONION_PORT=$IRC_BOUNCER_PORT +IRC_PORT=6698 # An optional password to log into IRC. This applies to all users IRC_PASSWORD= @@ -42,14 +43,35 @@ IRC_PASSWORD= irc_variables=(MY_USERNAME MY_NAME IRC_PORT + IRC_BOUNCER_PORT IRC_PASSWORD + IRC_OPERATOR_PASSWORD DEFAULT_DOMAIN_NAME INSTALLED_WITHIN_DOCKER ONION_ONLY) +function start_irc_bouncer { + su -c 'znc -p' - znc +} + +function stop_irc_bouncer { + pkill znc +} + +function remove_user_irc_bouncer { + remove_username="$1" + + if [ -f /home/znc/.znc/config/znc.conf ]; then + stop_irc_bouncer + sed -i "//,//d" /home/znc/.znc/config/znc.conf + start_irc_bouncer + fi +} + function remove_user_irc { remove_username="$1" + remove_user_irc_bouncer ${remove_username} if [ -d /home/${remove_username}/.irssi ]; then rm -rf /home/${remove_username}/.irssi fi @@ -58,6 +80,58 @@ function remove_user_irc { fi } +function add_user_irc_bouncer { + new_username="$1" + new_user_password="$2" + is_admin='true' + if [ ! $3 ]; then + is_admin='false' + fi + + read_config_param IRC_PORT + read_config_param DEFAULT_DOMAIN_NAME + + stop_irc_bouncer + + new_user_salt_base1="$(create_password 20)" + new_user_salt_base2=$(echo "$new_user_salt_base1" | sed "s|#|.|g") + new_user_salt=$(echo "$new_user_salt_base2" | sed "s|#|.|g") + new_user_hash=$(echo "${new_user_password}${new_user_salt}" | sha256sum) + new_user_pass="sha256#${new_user_hash}#${new_user_salt}#" + + echo "" >> /home/znc/.znc/config/znc.conf + echo " Pass = ${new_user_pass}" >> /home/znc/.znc/config/znc.conf + echo " Admin = ${is_admin}" >> /home/znc/.znc/config/znc.conf + echo " Nick = ${new_username}" >> /home/znc/.znc/config/znc.conf + echo " AltNick = ${new_username}_" >> /home/znc/.znc/config/znc.conf + echo " Ident = ${new_username}" >> /home/znc/.znc/config/znc.conf + echo " RealName = ${new_username}" >> /home/znc/.znc/config/znc.conf + echo ' Buffer = 100' >> /home/znc/.znc/config/znc.conf + echo ' AutoClearChanBuffer = true' >> /home/znc/.znc/config/znc.conf + echo ' ChanModes = +stn' >> /home/znc/.znc/config/znc.conf + echo '' >> /home/znc/.znc/config/znc.conf + echo ' LoadModule = chansaver' >> /home/znc/.znc/config/znc.conf + echo ' LoadModule = controlpanel' >> /home/znc/.znc/config/znc.conf + echo ' LoadModule = perform' >> /home/znc/.znc/config/znc.conf + echo '' >> /home/znc/.znc/config/znc.conf + echo " " >> /home/znc/.znc/config/znc.conf + echo ' LoadModule = chansaver' >> /home/znc/.znc/config/znc.conf + echo ' LoadModule = keepnick' >> /home/znc/.znc/config/znc.conf + echo ' LoadModule = perform' >> /home/znc/.znc/config/znc.conf + echo ' LoadModule = simple_away' >> /home/znc/.znc/config/znc.conf + echo '' >> /home/znc/.znc/config/znc.conf + echo " Server = ${DEFAULT_DOMAIN_NAME} +${IRC_PORT}" >> /home/znc/.znc/config/znc.conf + echo '' >> /home/znc/.znc/config/znc.conf + echo " " >> /home/znc/.znc/config/znc.conf + echo ' ' >> /home/znc/.znc/config/znc.conf + echo ' ' >> /home/znc/.znc/config/znc.conf + echo '' >> /home/znc/.znc/config/znc.conf + + chown -R znc:znc /home/znc/.znc + + start_irc_bouncer +} + function add_user_irc { new_username="$1" new_user_password="$2" @@ -128,6 +202,7 @@ function add_user_irc { chown -R ${new_username}:${new_username} /home/${new_username}/.irssi + add_user_irc_bouncer "${new_username}" "${IRC_PASSWORD}" echo '0' } @@ -245,10 +320,10 @@ function remove_irc { rm -rf /etc/ngircd fi - iptables -D INPUT -p tcp --dport 1024:65535 --sport ${IRC_PORT} -j ACCEPT + iptables -D INPUT -p tcp --dport 1024:65535 --sport ${IRC_BOUNCER_PORT} -j ACCEPT function_check save_firewall_settings save_firewall_settings - firewall_remove ${IRC_PORT} tcp + firewall_remove ${IRC_BOUNCER_PORT} tcp function_check remove_onion_service remove_onion_service irc ${IRC_ONION_PORT} @@ -271,11 +346,11 @@ function configure_firewall_for_irc { if [[ ${ONION_ONLY} != "no" ]]; then return fi - iptables -I INPUT -p tcp --dport 1024:65535 --sport ${IRC_PORT} -j ACCEPT + iptables -I INPUT -p tcp --dport 1024:65535 --sport ${IRC_BOUNCER_PORT} -j ACCEPT function_check save_firewall_settings save_firewall_settings - firewall_add IRC ${IRC_PORT} tcp + firewall_add IRC ${IRC_BOUNCER_PORT} tcp echo 'configure_firewall_for_irc' >> ${COMPLETION_FILE} } @@ -457,9 +532,43 @@ function install_irc_client { install_completed irc_client } +function install_irc_bouncer { + if [[ $(app_is_installed irc_bouncer) == "1" ]]; then + return + fi + + apt-get -yq install znc + + adduser --disabled-login --gecos 'znc' znc + + mkdir -p /home/znc/.znc/configs + mkdir -p /home/znc/.znc/users + + echo 'Version = 1.4' > /home/znc/.znc/configs/znc.conf + echo '' >> /home/znc/.znc/configs/znc.conf + echo " Port = $IRC_PORT" >> /home/znc/.znc/configs/znc.conf + echo ' IPv4 = true' >> /home/znc/.znc/configs/znc.conf + echo ' IPv6 = true' >> /home/znc/.znc/configs/znc.conf + echo ' SSL = true' >> /home/znc/.znc/configs/znc.conf + echo '' >> /home/znc/.znc/configs/znc.conf + + chown -R znc:znc /home/znc/.znc + + # certificate for use with SSL + start_irc_bouncer + + function_check cron_add_mins + cron_add_mins 10 "/usr/bin/znc 2> /dev/null" znc + + add_user_irc_bouncer "${MY_USERNAME}" "${IRC_PASSWORD}" true + + install_completed irc_bouncer +} + function install_irc { install_irc_server install_irc_client + install_irc_bouncer APP_INSTALLED=1 } diff --git a/src/freedombone-utils-cron b/src/freedombone-utils-cron index 6c1bf70b..d376e45b 100755 --- a/src/freedombone-utils-cron +++ b/src/freedombone-utils-cron @@ -30,7 +30,11 @@ function cron_add_mins { if ! grep -q "${2}" /etc/crontab; then - echo "*/${1} * * * * root ${2}" >> /etc/crontab + job_user='root' + if [ $3 ]; then + job_user=$3 + fi + echo "*/${1} * * * * ${job_user} ${2}" >> /etc/crontab systemctl restart cron fi } diff --git a/src/freedombone-utils-validation b/src/freedombone-utils-validation index e268f940..7105414b 100755 --- a/src/freedombone-utils-validation +++ b/src/freedombone-utils-validation @@ -62,7 +62,7 @@ function validate_freedns_code { function is_valid_user { USRNAME="$1" - if [[ "$USRNAME" != "pihole" && "$USRNAME" != "fbone" && "$USRNAME" != "go" && "$USRNAME" != "gogs" && "$USRNAME" != "git" && "$USRNAME" != "mirrors" && "$USRNAME" != "sync" && "$USERNAME" != "tahoelafs" ]]; then + if [[ "$USRNAME" != "znc" && "$USRNAME" != "pihole" && "$USRNAME" != "fbone" && "$USRNAME" != "go" && "$USRNAME" != "gogs" && "$USRNAME" != "git" && "$USRNAME" != "mirrors" && "$USRNAME" != "sync" && "$USERNAME" != "tahoelafs" ]]; then echo "1" else echo "0"