free
/
freedombone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Tidying

This commit is contained in:
Bob Mottram 2018-03-02 19:17:02 +00:00
parent 9a1f8e6f26
commit 8112c240ae
54 changed files with 4920 additions and 4914 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

656
src/freedombone-app-xmpp
View File

File diff suppressed because it is too large Load Diff

309
src/freedombone-app-zeronet
View File

@ -105,7 +105,7 @@ function remove_zeronet_blog {
rm -rf $MESH_INSTALL_DIR/zeronet/ZeroBlog
fi
remove_completion_param install_zeronet_blog
sed -i '/zeronet blog/d' $COMPLETION_FILE
sed -i '/zeronet blog/d' "$COMPLETION_FILE"
}
function remove_zeronet_mail {
@ -113,7 +113,7 @@ function remove_zeronet_mail {
rm -rf $MESH_INSTALL_DIR/zeronet/ZeroMail
fi
remove_completion_param install_zeronet_mail
sed -i '/zeronet mail/d' $COMPLETION_FILE
sed -i '/zeronet mail/d' "$COMPLETION_FILE"
}
function remove_zeronet_forum {
@ -121,7 +121,7 @@ function remove_zeronet_forum {
rm -rf $MESH_INSTALL_DIR/zeronet/ZeroTalk
fi
remove_completion_param install_zeronet_forum
sed -i '/zeronet forum/d' $COMPLETION_FILE
sed -i '/zeronet forum/d' "$COMPLETION_FILE"
}
function remove_zeronet {
@ -133,10 +133,10 @@ function remove_zeronet {
firewall_remove ${TRACKER_PORT}
firewall_remove 1900 udp
${PROJECT_NAME}-mesh-install -f zeronet --remove yes
"${PROJECT_NAME}-mesh-install" -f zeronet --remove yes
remove_completion_param install_zeronet
remove_completion_param configure_firewall_for_zeronet
sed -i '/zeronet/d' $COMPLETION_FILE
sed -i '/zeronet/d' "$COMPLETION_FILE"
}
function configure_firewall_for_zeronet {
@ -161,14 +161,14 @@ function install_zeronet_blog {
ZERONET_DEFAULT_BLOG_TITLE="${MY_USERNAME}'s Blog"
cd $MESH_INSTALL_DIR/zeronet
cd "$MESH_INSTALL_DIR/zeronet" || exit 246284728
python zeronet.py --batch siteCreate 2> $MESH_INSTALL_DIR/zeronet/blog.txt
if [ ! -f $MESH_INSTALL_DIR/zeronet/blog.txt ]; then
echo $'Unable to create blog'
exit 479
fi
blog_address=$(cat blog.txt | grep "Site address" | awk -F ':' '{print $2}')
blog_private_key=$(cat blog.txt | grep "Site private key" | awk -F ':' '{print $2}')
blog_address=$(grep "Site address" blog.txt | awk -F ':' '{print $2}')
blog_private_key=$(grep "Site private key" blog.txt | awk -F ':' '{print $2}')
ZERONET_BLOG_ADDRESS=${blog_address//[[:blank:]]/}
ZERONET_BLOG_PRIVATE_KEY=${blog_private_key//[[:blank:]]/}
@ -197,24 +197,24 @@ function install_zeronet_blog {
echo $'ZeroBlog repo could not be cloned'
exit 6739
fi
cd $MESH_INSTALL_DIR/zeronet/ZeroBlog
cd "$MESH_INSTALL_DIR/zeronet/ZeroBlog" || exit 47298462874
git checkout $ZERONET_BLOG_COMMIT -b $ZERONET_BLOG_COMMIT
set_completion_param "zeroNet blog commit" "$ZERONET_BLOG_COMMIT"
echo $"ZeroNet Blog address: $ZERONET_BLOG_ADDRESS"
echo $"ZeroNet Blog private key: $ZERONET_BLOG_PRIVATE_KEY"
cp -r $MESH_INSTALL_DIR/zeronet/ZeroBlog/* $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS
cp -r "$MESH_INSTALL_DIR/zeronet/ZeroBlog/*" "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS"
if [ ! -d $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data ]; then
mkdir $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data
if [ ! -d "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data" ]; then
mkdir "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data"
fi
cp $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data-default/data.json $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data
sed -i "s/MyZeroBlog/$ZERONET_DEFAULT_BLOG_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data/data.json
sed -i "s/My ZeroBlog./$ZERONET_DEFAULT_BLOG_TAGLINE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data/data.json
sed -i "s/ZeroBlog Demo/$ZERONET_DEFAULT_BLOG_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/index.html
sed -i "s|<h3 class=\"description\">.*|<h3 class=\"description\">$ZERONET_DEFAULT_BLOG_TAGLINE</h3>|g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/index.html
sed -i "s/Blogging platform Demo/Blogging platform/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/content.json
python zeronet.py siteSign $ZERONET_BLOG_ADDRESS $ZERONET_BLOG_PRIVATE_KEY
cp "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data-default/data.json" "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data"
sed -i "s/MyZeroBlog/$ZERONET_DEFAULT_BLOG_TITLE/g" "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data/data.json"
sed -i "s/My ZeroBlog./$ZERONET_DEFAULT_BLOG_TAGLINE/g" "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/data/data.json"
sed -i "s/ZeroBlog Demo/$ZERONET_DEFAULT_BLOG_TITLE/g" "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/index.html"
sed -i "s|<h3 class=\"description\">.*|<h3 class=\"description\">$ZERONET_DEFAULT_BLOG_TAGLINE</h3>|g" "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/index.html"
sed -i "s/Blogging platform Demo/Blogging platform/g" "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_BLOG_ADDRESS/content.json"
python zeronet.py siteSign "$ZERONET_BLOG_ADDRESS" "$ZERONET_BLOG_PRIVATE_KEY"
# Add an avahi service
function_check create_avahi_service
@ -223,11 +223,11 @@ function install_zeronet_blog {
chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
if [ ! -d /home/$MY_USERNAME/.config/zeronet ]; then
mkdir -p /home/$MY_USERNAME/.config/zeronet
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.config
if [ ! -d "/home/$MY_USERNAME/.config/zeronet" ]; then
mkdir -p "/home/$MY_USERNAME/.config/zeronet"
chown -R "$MY_USERNAME":"$MY_USERNAME" "/home/$MY_USERNAME/.config"
fi
echo "${ZERONET_URL}/${ZERONET_BLOG_ADDRESS}" > /home/$MY_USERNAME/.config/zeronet/myblog
echo "${ZERONET_URL}/${ZERONET_BLOG_ADDRESS}" > "/home/$MY_USERNAME/.config/zeronet/myblog"
install_completed zeronet_blog
}
@ -244,14 +244,14 @@ function install_zeronet_mail {
ZERONET_DEFAULT_MAIL_TITLE="${MY_USERNAME}'s Mail"
cd $MESH_INSTALL_DIR/zeronet
cd "$MESH_INSTALL_DIR/zeronet" || exit 4628462862
python zeronet.py --batch siteCreate 2> $MESH_INSTALL_DIR/zeronet/mail.txt
if [ ! -f $MESH_INSTALL_DIR/zeronet/mail.txt ]; then
echo $'Unable to create mail'
exit 479
fi
mail_address=$(cat mail.txt | grep "Site address" | awk -F ':' '{print $2}')
mail_private_key=$(cat mail.txt | grep "Site private key" | awk -F ':' '{print $2}')
mail_address=$(grep "Site address" mail.txt | awk -F ':' '{print $2}')
mail_private_key=$(grep "Site private key" mail.txt | awk -F ':' '{print $2}')
ZERONET_MAIL_ADDRESS=${mail_address//[[:blank:]]/}
ZERONET_MAIL_PRIVATE_KEY=${mail_private_key//[[:blank:]]/}
@ -280,24 +280,24 @@ function install_zeronet_mail {
echo $'ZeroMail repo could not be cloned'
exit 6739
fi
cd $MESH_INSTALL_DIR/zeronet/ZeroMail
cd "$MESH_INSTALL_DIR/zeronet/ZeroMail" || exit 246284682
git checkout $ZERONET_MAIL_COMMIT -b $ZERONET_MAIL_COMMIT
set_completion_param "zeroNet mail commit" "$ZERONET_MAIL_COMMIT"
echo $"ZeroNet Mail address: $ZERONET_MAIL_ADDRESS"
echo $"ZeroNet Mail private key: $ZERONET_MAIL_PRIVATE_KEY"
cp -r $MESH_INSTALL_DIR/zeronet/ZeroMail/* $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS
cp -r "$MESH_INSTALL_DIR/zeronet/ZeroMail/*" "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS"
if [ ! -d $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data ]; then
mkdir $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data
if [ ! -d "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data" ]; then
mkdir "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data"
fi
cp $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data-default/data.json $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data
sed -i "s/MyZeroMail/$ZERONET_DEFAULT_MAIL_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data/data.json
sed -i "s/My ZeroMail./$ZERONET_DEFAULT_MAIL_TAGLINE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data/data.json
sed -i "s/ZeroMail Demo/$ZERONET_DEFAULT_MAIL_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/index.html
sed -i "s|<h3 class=\"description\">.*|<h3 class=\"description\">$ZERONET_DEFAULT_MAIL_TAGLINE</h3>|g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/index.html
sed -i "s/Mailging platform Demo/Mailging platform/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/content.json
python zeronet.py siteSign $ZERONET_MAIL_ADDRESS $ZERONET_MAIL_PRIVATE_KEY
cp "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data-default/data.json" "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data"
sed -i "s/MyZeroMail/$ZERONET_DEFAULT_MAIL_TITLE/g" "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data/data.json"
sed -i "s/My ZeroMail./$ZERONET_DEFAULT_MAIL_TAGLINE/g" "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/data/data.json"
sed -i "s/ZeroMail Demo/$ZERONET_DEFAULT_MAIL_TITLE/g" "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/index.html"
sed -i "s|<h3 class=\"description\">.*|<h3 class=\"description\">$ZERONET_DEFAULT_MAIL_TAGLINE</h3>|g" "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/index.html"
sed -i "s/Mailging platform Demo/Mailging platform/g" "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_MAIL_ADDRESS/content.json"
python zeronet.py siteSign "$ZERONET_MAIL_ADDRESS" "$ZERONET_MAIL_PRIVATE_KEY"
# Add an avahi service
function_check create_avahi_service
@ -306,11 +306,11 @@ function install_zeronet_mail {
chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
if [ ! -d /home/$MY_USERNAME/.config/zeronet ]; then
mkdir -p /home/$MY_USERNAME/.config/zeronet
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.config
if [ ! -d "/home/$MY_USERNAME/.config/zeronet" ]; then
mkdir -p "/home/$MY_USERNAME/.config/zeronet"
chown -R "$MY_USERNAME":"$MY_USERNAME" "/home/$MY_USERNAME/.config"
fi
echo "${ZERONET_URL}/${ZERONET_MAIL_ADDRESS}" > /home/$MY_USERNAME/.config/zeronet/mymail
echo "${ZERONET_URL}/${ZERONET_MAIL_ADDRESS}" > "/home/$MY_USERNAME/.config/zeronet/mymail"
install_completed zeronet_mail
}
@ -327,14 +327,14 @@ function install_zeronet_forum {
ZERONET_DEFAULT_FORUM_TITLE=$"${MY_USERNAME}'s Forum"
cd $MESH_INSTALL_DIR/zeronet
cd "$MESH_INSTALL_DIR/zeronet" || exit 472984624628
python zeronet.py --batch siteCreate 2> $MESH_INSTALL_DIR/zeronet/forum.txt
if [ ! -f $MESH_INSTALL_DIR/zeronet/forum.txt ]; then
echo $'Unable to create forum'
exit 479
fi
forum_address=$(cat forum.txt | grep "Site address" | awk -F ':' '{print $2}')
forum_private_key=$(cat forum.txt | grep "Site private key" | awk -F ':' '{print $2}')
forum_address=$(grep "Site address" forum.txt | awk -F ':' '{print $2}')
forum_private_key=$(grep "Site private key" forum.txt | awk -F ':' '{print $2}')
ZERONET_FORUM_ADDRESS=${forum_address//[[:blank:]]/}
ZERONET_FORUM_PRIVATE_KEY=${forum_private_key//[[:blank:]]/}
@ -368,13 +368,13 @@ function install_zeronet_forum {
echo $"Forum address: $ZERONET_FORUM_ADDRESS"
echo $"Forum private key: $ZERONET_FORUM_PRIVATE_KEY"
cp -r $MESH_INSTALL_DIR/zeronet/ZeroTalk/* $MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS
sed -i "s/ZeroBoard/$ZERONET_DEFAULT_FORUM_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS/index.html
sed -i "s/ZeroTalk/$ZERONET_DEFAULT_FORUM_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS/index.html
sed -i "s|Demo for dynamic, decentralized content publishing.|$ZERONET_DEFAULT_FORUM_TAGLINE|g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS/index.html
sed -i 's/Messaging Board Demo/Messaging Board/g' $MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS/content.json
sed -i "s/ZeroBoard/$ZERONET_DEFAULT_FORUM_TITLE/g" $MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS/content.json
python zeronet.py siteSign $ZERONET_FORUM_ADDRESS $ZERONET_FORUM_PRIVATE_KEY --inner_path data/users/content.json
cp -r "$MESH_INSTALL_DIR/zeronet/ZeroTalk/*" "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS"
sed -i "s/ZeroBoard/$ZERONET_DEFAULT_FORUM_TITLE/g" "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS/index.html"
sed -i "s/ZeroTalk/$ZERONET_DEFAULT_FORUM_TITLE/g" "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS/index.html"
sed -i "s|Demo for dynamic, decentralized content publishing.|$ZERONET_DEFAULT_FORUM_TAGLINE|g" "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS/index.html"
sed -i 's/Messaging Board Demo/Messaging Board/g' "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS/content.json"
sed -i "s/ZeroBoard/$ZERONET_DEFAULT_FORUM_TITLE/g" "$MESH_INSTALL_DIR/zeronet/data/$ZERONET_FORUM_ADDRESS/content.json"
python zeronet.py siteSign "$ZERONET_FORUM_ADDRESS" "$ZERONET_FORUM_PRIVATE_KEY" --inner_path data/users/content.json
# Add an avahi service
function_check create_avahi_service
@ -383,11 +383,11 @@ function install_zeronet_forum {
chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
if [ ! -d /home/$MY_USERNAME/.config/zeronet ]; then
mkdir -p /home/$MY_USERNAME/.config/zeronet
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.config
if [ ! -d "/home/$MY_USERNAME/.config/zeronet" ]; then
mkdir -p "/home/$MY_USERNAME/.config/zeronet"
chown -R "$MY_USERNAME":"$MY_USERNAME" "/home/$MY_USERNAME/.config"
fi
echo "${ZERONET_URL}/${ZERONET_FORUM_ADDRESS}" > /home/$MY_USERNAME/.config/zeronet/myforum
echo "${ZERONET_URL}/${ZERONET_FORUM_ADDRESS}" > "/home/$MY_USERNAME/.config/zeronet/myforum"
install_completed zeronet_forum
}
@ -397,7 +397,7 @@ function install_zeronet_main {
return
fi
${PROJECT_NAME}-mesh-install -f zeronet
"${PROJECT_NAME}-mesh-install" -f zeronet
systemctl daemon-reload
systemctl start tracker.service
systemctl start zeronet.service
@ -408,117 +408,118 @@ function install_zeronet_main {
}
function mesh_zeronet {
ZERONET_REPO_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_REPO=" | head -n 1 | awk -F '"' '{print $2}')
ZERONET_REPO_MAIN=$(grep "ZERONET_REPO=" "/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet" | head -n 1 | awk -F '"' '{print $2}')
if [ ${#ZERONET_REPO_MAIN} -gt 4 ]; then
ZERONET_REPO=$ZERONET_REPO_MAIN
fi
if [ ! $ZERONET_REPO ]; then
if [ ! "$ZERONET_REPO" ]; then
echo $'No ZeroNet repo was specified'
exit 723539
fi
ZERONET_COMMIT_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
ZERONET_COMMIT_MAIN=$(grep "ZERONET_COMMIT=" "/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet" | head -n 1 | awk -F "'" '{print $2}')
if [ ${#ZERONET_COMMIT_MAIN} -gt 4 ]; then
ZERONET_COMMIT=$ZERONET_COMMIT_MAIN
fi
if [ ! $ZERONET_COMMIT ]; then
if [ ! "$ZERONET_COMMIT" ]; then
echo $'No ZeroNet commit was specified'
exit 490439
fi
MESH_INSTALL_DIR_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "MESH_INSTALL_DIR=" | head -n 1 | awk -F "'" '{print $2}')
MESH_INSTALL_DIR_MAIN=$(grep "MESH_INSTALL_DIR=" "/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet" | head -n 1 | awk -F "'" '{print $2}')
if [ ${#MESH_INSTALL_DIR_MAIN} -gt 4 ]; then
MESH_INSTALL_DIR=$MESH_INSTALL_DIR_MAIN
fi
if [ ! $MESH_INSTALL_DIR ]; then
if [ ! "$MESH_INSTALL_DIR" ]; then
echo $'No mesh install dir was specified'
exit 432052
fi
# shellcheck disable=SC2154
chroot "$rootdir" apt-get -yq install python python-msgpack python-gevent
chroot "$rootdir" apt-get -yq install python-pip bittornado
chroot "$rootdir" pip install msgpack-python --upgrade
chroot "$rootdir" useradd -d $MESH_INSTALL_DIR/zeronet/ -s /bin/false zeronet
chroot "$rootdir" useradd -d "$MESH_INSTALL_DIR/zeronet/" -s /bin/false zeronet
if [ -d /repos/zeronet ]; then
mkdir $rootdir$MESH_INSTALL_DIR/zeronet
cp -r -p /repos/zeronet/. $rootdir$MESH_INSTALL_DIR/zeronet
cd $rootdir$MESH_INSTALL_DIR/zeronet
mkdir "$rootdir$MESH_INSTALL_DIR/zeronet"
cp -r -p /repos/zeronet/. "$rootdir$MESH_INSTALL_DIR/zeronet"
cd "$rootdir$MESH_INSTALL_DIR/zeronet" || exit 2648246284
git pull
else
git clone $ZERONET_REPO $rootdir$MESH_INSTALL_DIR/zeronet
git clone "$ZERONET_REPO" "$rootdir$MESH_INSTALL_DIR/zeronet"
fi
if [ ! -d $rootdir$MESH_INSTALL_DIR/zeronet ]; then
if [ ! -d "$rootdir$MESH_INSTALL_DIR/zeronet" ]; then
echo 'WARNING: Unable to clone zeronet'
return
fi
cd $rootdir$MESH_INSTALL_DIR/zeronet
git checkout $ZERONET_COMMIT -b $ZERONET_COMMIT
if ! grep -q "ZeroNet commit" $COMPLETION_FILE; then
echo "ZeroNet commit:$ZERONET_COMMIT" >> $rootdir$COMPLETION_FILE
cd "$rootdir$MESH_INSTALL_DIR/zeronet" || exit 2468276484682
git checkout "$ZERONET_COMMIT" -b "$ZERONET_COMMIT"
if ! grep -q "ZeroNet commit" "$COMPLETION_FILE"; then
echo "ZeroNet commit:$ZERONET_COMMIT" >> "$rootdir$COMPLETION_FILE"
else
sed -i "s/ZeroNet commit.*/ZeroNet commit:$ZERONET_COMMIT/g" $COMPLETION_FILE
sed -i "s/ZeroNet commit.*/ZeroNet commit:$ZERONET_COMMIT/g" "$COMPLETION_FILE"
fi
chroot "$rootdir" chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
chroot "$rootdir" chown -R zeronet:zeronet "$MESH_INSTALL_DIR/zeronet"
# Hack to ensure that the file access port is opened
# This is because zeronet normally relies on an internet site
# to do this, but on a purely local mesh the internet isn't available
sed -i 's|fileserver_port = 0|fileserver_port = config.fileserver_port\n sys.modules["main"].file_server.port_opened = True|g' $rootdir$MESH_INSTALL_DIR/zeronet/src/Site/Site.py
sed -i 's|fileserver_port = 0|fileserver_port = config.fileserver_port\n sys.modules["main"].file_server.port_opened = True|g' "$rootdir$MESH_INSTALL_DIR/zeronet/src/Site/Site.py"
ZERONET_DAEMON=$rootdir/etc/systemd/system/zeronet.service
echo '[Unit]' > $ZERONET_DAEMON
echo 'Description=Zeronet Server' >> $ZERONET_DAEMON
echo 'After=syslog.target' >> $ZERONET_DAEMON
echo 'After=network.target' >> $ZERONET_DAEMON
echo '[Service]' >> $ZERONET_DAEMON
echo 'Type=simple' >> $ZERONET_DAEMON
echo 'User=zeronet' >> $ZERONET_DAEMON
echo 'Group=zeronet' >> $ZERONET_DAEMON
echo "WorkingDirectory=$MESH_INSTALL_DIR/zeronet" >> $ZERONET_DAEMON
echo "ExecStart=/usr/bin/python zeronet.py --ip_external replace.local --trackers_file $MESH_INSTALL_DIR/zeronet/bootstrap" >> $ZERONET_DAEMON
echo '' >> $ZERONET_DAEMON
echo 'TimeoutSec=300' >> $ZERONET_DAEMON
echo '' >> $ZERONET_DAEMON
echo '[Install]' >> $ZERONET_DAEMON
echo 'WantedBy=multi-user.target' >> $ZERONET_DAEMON
{ echo '[Unit]';
echo 'Description=Zeronet Server';
echo 'After=syslog.target';
echo 'After=network.target';
echo '[Service]';
echo 'Type=simple';
echo 'User=zeronet';
echo 'Group=zeronet';
echo "WorkingDirectory=$MESH_INSTALL_DIR/zeronet";
echo "ExecStart=/usr/bin/python zeronet.py --ip_external replace.local --trackers_file $MESH_INSTALL_DIR/zeronet/bootstrap";
echo '';
echo 'TimeoutSec=300';
echo '';
echo '[Install]';
echo 'WantedBy=multi-user.target'; } > "$ZERONET_DAEMON"
TRACKER_DAEMON=$rootdir/etc/systemd/system/tracker.service
echo '[Unit]' > $TRACKER_DAEMON
echo 'Description=Torrent Tracker' >> $TRACKER_DAEMON
echo 'After=syslog.target' >> $TRACKER_DAEMON
echo 'After=network.target' >> $TRACKER_DAEMON
echo '[Service]' >> $TRACKER_DAEMON
echo 'Type=simple' >> $TRACKER_DAEMON
echo 'User=tracker' >> $TRACKER_DAEMON
echo 'Group=tracker' >> $TRACKER_DAEMON
echo "WorkingDirectory=$MESH_INSTALL_DIR/tracker" >> $TRACKER_DAEMON
echo "ExecStart=/usr/bin/bttrack --port $TRACKER_PORT --dfile $MESH_INSTALL_DIR/tracker/dstate --logfile $MESH_INSTALL_DIR/tracker/tracker.log --nat_check 0 --scrape_allowed full --ipv6_enabled 0" >> $TRACKER_DAEMON
echo '' >> $TRACKER_DAEMON
echo 'TimeoutSec=300' >> $TRACKER_DAEMON
echo '' >> $TRACKER_DAEMON
echo '[Install]' >> $TRACKER_DAEMON
echo 'WantedBy=multi-user.target' >> $TRACKER_DAEMON
{ echo '[Unit]';
echo 'Description=Torrent Tracker';
echo 'After=syslog.target';
echo 'After=network.target';
echo '[Service]';
echo 'Type=simple';
echo 'User=tracker';
echo 'Group=tracker';
echo "WorkingDirectory=$MESH_INSTALL_DIR/tracker";
echo "ExecStart=/usr/bin/bttrack --port $TRACKER_PORT --dfile $MESH_INSTALL_DIR/tracker/dstate --logfile $MESH_INSTALL_DIR/tracker/tracker.log --nat_check 0 --scrape_allowed full --ipv6_enabled 0";
echo '';
echo 'TimeoutSec=300';
echo '';
echo '[Install]';
echo 'WantedBy=multi-user.target'; } > "$TRACKER_DAEMON"
chroot "$rootdir" useradd -d $MESH_INSTALL_DIR/tracker/ -s /bin/false tracker
if [ ! -d $rootdir$MESH_INSTALL_DIR/tracker ]; then
mkdir $rootdir$MESH_INSTALL_DIR/tracker
chroot "$rootdir" useradd -d "$MESH_INSTALL_DIR/tracker/" -s /bin/false tracker
if [ ! -d "$rootdir$MESH_INSTALL_DIR/tracker" ]; then
mkdir "$rootdir$MESH_INSTALL_DIR/tracker"
fi
chroot "$rootdir" chown -R tracker:tracker $MESH_INSTALL_DIR/tracker
chroot "$rootdir" chown -R tracker:tracker "$MESH_INSTALL_DIR/tracker"
# publish regularly
MESH_SYNC_COMMAND=$rootdir/usr/bin/mesh-sync
echo '#!/bin/bash' > $MESH_SYNC_COMMAND
echo '/usr/local/bin/toxavahi 2> /dev/null' >> $MESH_SYNC_COMMAND
echo '/usr/local/bin/meshavahi 2> /dev/null' >> $MESH_SYNC_COMMAND
chmod +x $MESH_SYNC_COMMAND
{ echo '#!/bin/bash';
echo '/usr/local/bin/toxavahi 2> /dev/null';
echo '/usr/local/bin/meshavahi 2> /dev/null'; } > "$MESH_SYNC_COMMAND"
chmod +x "$MESH_SYNC_COMMAND"
if ! grep -q "mesh-sync" ${rootdir}/etc/crontab; then
echo "*/1 * * * * root /usr/bin/mesh-sync 2> /dev/null" >> ${rootdir}/etc/crontab
echo "*/1 * * * * root ( sleep 20 ; /usr/bin/mesh-sync 2> /dev/null )" >> ${rootdir}/etc/crontab
echo "*/1 * * * * root ( sleep 40 ; /usr/bin/mesh-sync 2> /dev/null )" >> ${rootdir}/etc/crontab
if ! grep -q "mesh-sync" "${rootdir}/etc/crontab"; then
{ echo "*/1 * * * * root /usr/bin/mesh-sync 2> /dev/null";
echo "*/1 * * * * root ( sleep 20 ; /usr/bin/mesh-sync 2> /dev/null )";
echo "*/1 * * * * root ( sleep 40 ; /usr/bin/mesh-sync 2> /dev/null )"; } >> "${rootdir}/etc/crontab"
fi
chroot "$rootdir" systemctl enable tracker.service
@ -526,95 +527,95 @@ function mesh_zeronet {
}
function mesh_zeronet_blog {
ZERONET_BLOG_REPO=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_BLOG_REPO=" | head -n 1 | awk -F '"' '{print $2}')
ZERONET_BLOG_COMMIT=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_BLOG_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
MESH_INSTALL_DIR_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "MESH_INSTALL_DIR=" | head -n 1 | awk -F "'" '{print $2}')
ZERONET_BLOG_REPO=$(grep "ZERONET_BLOG_REPO=" "/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet" | head -n 1 | awk -F '"' '{print $2}')
ZERONET_BLOG_COMMIT=$(grep "ZERONET_BLOG_COMMIT=" "/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet" | head -n 1 | awk -F "'" '{print $2}')
MESH_INSTALL_DIR_MAIN=$(grep "MESH_INSTALL_DIR=" "/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet" | head -n 1 | awk -F "'" '{print $2}')
if [ ${#MESH_INSTALL_DIR_MAIN} -gt 4 ]; then
MESH_INSTALL_DIR=$MESH_INSTALL_DIR_MAIN
fi
if [ ! $MESH_INSTALL_DIR ]; then
if [ ! "$MESH_INSTALL_DIR" ]; then
echo $'No mesh install dir was specified'
exit 432052
fi
git clone $ZERONET_BLOG_REPO $rootdir$MESH_INSTALL_DIR/zeronet/ZeroBlog
if [ ! -d $rootdir$MESH_INSTALL_DIR/zeronet/ZeroBlog ]; then
git clone "$ZERONET_BLOG_REPO" "$rootdir$MESH_INSTALL_DIR/zeronet/ZeroBlog"
if [ ! -d "$rootdir$MESH_INSTALL_DIR/zeronet/ZeroBlog" ]; then
echo $'ZeroBlog repo could not be cloned'
exit 6739
fi
cd $rootdir$MESH_INSTALL_DIR/zeronet/ZeroBlog
git checkout $ZERONET_BLOG_COMMIT -b $ZERONET_BLOG_COMMIT
chroot "$rootdir" chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
cd "$rootdir$MESH_INSTALL_DIR/zeronet/ZeroBlog" || exit 247824628
git checkout "$ZERONET_BLOG_COMMIT" -b "$ZERONET_BLOG_COMMIT"
chroot "$rootdir" chown -R zeronet:zeronet "$MESH_INSTALL_DIR/zeronet"
}
function mesh_zeronet_mail {
ZERONET_MAIL_REPO=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_MAIL_REPO=" | head -n 1 | awk -F '"' '{print $2}')
ZERONET_MAIL_COMMIT=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_MAIL_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
MESH_INSTALL_DIR_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "MESH_INSTALL_DIR=" | head -n 1 | awk -F "'" '{print $2}')
ZERONET_MAIL_REPO=$(grep "ZERONET_MAIL_REPO=" "/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet" | head -n 1 | awk -F '"' '{print $2}')
ZERONET_MAIL_COMMIT=$(grep "ZERONET_MAIL_COMMIT=" "/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet" | head -n 1 | awk -F "'" '{print $2}')
MESH_INSTALL_DIR_MAIN=$(grep "MESH_INSTALL_DIR=" "/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet" | head -n 1 | awk -F "'" '{print $2}')
if [ ${#MESH_INSTALL_DIR_MAIN} -gt 4 ]; then
MESH_INSTALL_DIR=$MESH_INSTALL_DIR_MAIN
fi
if [ ! $MESH_INSTALL_DIR ]; then
if [ ! "$MESH_INSTALL_DIR" ]; then
echo $'No mesh install dir was specified'
exit 432052
fi
git clone $ZERONET_MAIL_REPO $rootdir$MESH_INSTALL_DIR/zeronet/ZeroMail
if [ ! -d $rootdir$MESH_INSTALL_DIR/zeronet/ZeroMail ]; then
git clone "$ZERONET_MAIL_REPO" "$rootdir$MESH_INSTALL_DIR/zeronet/ZeroMail"
if [ ! -d "$rootdir$MESH_INSTALL_DIR/zeronet/ZeroMail" ]; then
echo $'ZeroMail repo could not be cloned'
exit 78493
fi
cd $rootdir$MESH_INSTALL_DIR/zeronet/ZeroMail
git checkout $ZERONET_MAIL_COMMIT -b $ZERONET_MAIL_COMMIT
chroot "$rootdir" chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
cd "$rootdir$MESH_INSTALL_DIR/zeronet/ZeroMail" || exit 2467824628
git checkout "$ZERONET_MAIL_COMMIT" -b "$ZERONET_MAIL_COMMIT"
chroot "$rootdir" chown -R zeronet:zeronet "$MESH_INSTALL_DIR/zeronet"
}
function mesh_zeronet_forum {
ZERONET_FORUM_REPO=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_FORUM_REPO=" | head -n 1 | awk -F '"' '{print $2}')
ZERONET_FORUM_COMMIT=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_FORUM_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
MESH_INSTALL_DIR_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "MESH_INSTALL_DIR=" | head -n 1 | awk -F "'" '{print $2}')
ZERONET_FORUM_REPO=$(grep "ZERONET_FORUM_REPO=" "/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet" | head -n 1 | awk -F '"' '{print $2}')
ZERONET_FORUM_COMMIT=$(grep "ZERONET_FORUM_COMMIT=" "/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet" | head -n 1 | awk -F "'" '{print $2}')
MESH_INSTALL_DIR_MAIN=$(grep "MESH_INSTALL_DIR=" "/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet" | head -n 1 | awk -F "'" '{print $2}')
if [ ${#MESH_INSTALL_DIR_MAIN} -gt 4 ]; then
MESH_INSTALL_DIR=$MESH_INSTALL_DIR_MAIN
fi
if [ ! $MESH_INSTALL_DIR ]; then
if [ ! "$MESH_INSTALL_DIR" ]; then
echo $'No mesh install dir was specified'
exit 432052
fi
git clone $ZERONET_FORUM_REPO $rootdir$MESH_INSTALL_DIR/zeronet/ZeroTalk
if [ ! -d $rootdir$MESH_INSTALL_DIR/zeronet/ZeroTalk ]; then
git clone "$ZERONET_FORUM_REPO" "$rootdir$MESH_INSTALL_DIR/zeronet/ZeroTalk"
if [ ! -d "$rootdir$MESH_INSTALL_DIR/zeronet/ZeroTalk" ]; then
echo $'ZeroTalk repo could not be cloned'
exit 78252
fi
cd $rootdir$MESH_INSTALL_DIR/zeronet/ZeroTalk
git checkout $ZERONET_FORUM_COMMIT -b $ZERONET_FORUM_COMMIT
chroot "$rootdir" chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
cd "$rootdir$MESH_INSTALL_DIR/zeronet/ZeroTalk" || exit 246824628
git checkout "$ZERONET_FORUM_COMMIT" -b "$ZERONET_FORUM_COMMIT"
chroot "$rootdir" chown -R zeronet:zeronet "$MESH_INSTALL_DIR/zeronet"
}
function mesh_zeronet_id {
ZERONET_ID_REPO=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_ID_REPO=" | head -n 1 | awk -F '"' '{print $2}')
ZERONET_ID_COMMIT=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "ZERONET_ID_COMMIT=" | head -n 1 | awk -F "'" '{print $2}')
MESH_INSTALL_DIR_MAIN=$(cat /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet | grep "MESH_INSTALL_DIR=" | head -n 1 | awk -F "'" '{print $2}')
ZERONET_ID_REPO=$(grep "ZERONET_ID_REPO=" "/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet" | head -n 1 | awk -F '"' '{print $2}')
ZERONET_ID_COMMIT=$(grep "ZERONET_ID_COMMIT=" "/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet" | head -n 1 | awk -F "'" '{print $2}')
MESH_INSTALL_DIR_MAIN=$(grep "MESH_INSTALL_DIR=" "/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-zeronet" | head -n 1 | awk -F "'" '{print $2}')
if [ ${#MESH_INSTALL_DIR_MAIN} -gt 4 ]; then
MESH_INSTALL_DIR=$MESH_INSTALL_DIR_MAIN
fi
if [ ! $MESH_INSTALL_DIR ]; then
if [ ! "$MESH_INSTALL_DIR" ]; then
echo $'No mesh install dir was specified'
exit 432052
fi
git clone $ZERONET_ID_REPO $rootdir$MESH_INSTALL_DIR/zeronet/ZeroID
if [ ! -d $rootdir$MESH_INSTALL_DIR/zeronet/ZeroID ]; then
git clone "$ZERONET_ID_REPO" "$rootdir$MESH_INSTALL_DIR/zeronet/ZeroID"
if [ ! -d "$rootdir$MESH_INSTALL_DIR/zeronet/ZeroID" ]; then
echo $'ZeroID repo could not be cloned'
exit 37936
fi
cd $rootdir$MESH_INSTALL_DIR/zeronet/ZeroID
git checkout $ZERONET_ID_COMMIT -b $ZERONET_ID_COMMIT
chroot "$rootdir" chown -R zeronet:zeronet $MESH_INSTALL_DIR/zeronet
cd "$rootdir$MESH_INSTALL_DIR/zeronet/ZeroID" || exit 8723563244
git checkout "$ZERONET_ID_COMMIT" -b "$ZERONET_ID_COMMIT"
chroot "$rootdir" chown -R zeronet:zeronet "$MESH_INSTALL_DIR/zeronet"
}
function install_zeronet {
if [ $INSTALLING_MESH ]; then
if [ "$INSTALLING_MESH" ]; then
mesh_zeronet
mesh_zeronet_blog
mesh_zeronet_mail

16
src/freedombone-archive-mail
View File

@ -33,34 +33,34 @@ PROJECT_NAME='freedombone'
export TEXTDOMAIN=${PROJECT_NAME}-archive-mail
export TEXTDOMAINDIR="/usr/share/locale"
source /usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-validation
source "/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-validation"
for d in /home/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
# for every user who has a mail directory
if [ -d /home/$USERNAME/Maildir ]; then
if [ -d "/home/$USERNAME/Maildir" ]; then
MUTTRC=/home/$USERNAME/.muttrc
# update archives
python /usr/bin/cleanup-maildir --archive-folder="archive" --maildir-root="/home/$USERNAME/Maildir" archive ""
# ensure the user has permissions on the archives
for archive_dir in /home/$USERNAME/Maildir/archive-* ; do
chown -R $USERNAME:$USERNAME $archive_dir
chown -R "$USERNAME":"$USERNAME" "$archive_dir"
done
# add the archive to .muttrc if needed
if [ -f $MUTTRC ]; then
MUTT_MAILBOXES=$(grep "mailboxes =" $MUTTRC)
if [ -f "$MUTTRC" ]; then
MUTT_MAILBOXES=$(grep "mailboxes =" "$MUTTRC")
YR=$(date +"%Y")
PREV_YR=$((YR - 1))
BACKUP_DIRECTORY=archive-$YR
PREV_BACKUP_DIRECTORY=archive-$PREV_YR
if [[ $MUTT_MAILBOXES != *$BACKUP_DIRECTORY* ]]; then
if [[ $MUTT_MAILBOXES == *$PREV_BACKUP_DIRECTORY* ]]; then
sed -i "s|$PREV_BACKUP_DIRECTORY|$PREV_BACKUP_DIRECTORY =$BACKUP_DIRECTORY|g" $MUTTRC
sed -i "s|$PREV_BACKUP_DIRECTORY|$PREV_BACKUP_DIRECTORY =$BACKUP_DIRECTORY|g" "$MUTTRC"
else
sed -i "s|$MUTT_MAILBOXES|$MUTT_MAILBOXES =$BACKUP_DIRECTORY|g" $MUTTRC
sed -i "s|$MUTT_MAILBOXES|$MUTT_MAILBOXES =$BACKUP_DIRECTORY|g" "$MUTTRC"
fi
chown $USERNAME:$USERNAME $MUTTRC
chown "$USERNAME":"$USERNAME" "$MUTTRC"
fi
fi
fi

121
src/freedombone-backup-local
View File

@ -59,13 +59,13 @@ function please_wait {
please_wait
source $PROJECT_INSTALL_DIR/${PROJECT_NAME}-vars
source "$PROJECT_INSTALL_DIR/${PROJECT_NAME}-vars"
# include utils which allow function_check and drive mount
UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*
UTILS_FILES="/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*"
for f in $UTILS_FILES
do
source $f
source "$f"
done
clear
@ -82,7 +82,7 @@ ADMIN_NAME=
# Sites are suspended so that verification should work
SUSPENDED_SITE=
DATABASE_PASSWORD=$(${PROJECT_NAME}-pass -u root -a mariadb)
DATABASE_PASSWORD=$("${PROJECT_NAME}-pass" -u root -a mariadb)
function make_backup_directory {
# make a backup directory on the drive
@ -100,7 +100,7 @@ function make_backup_directory {
function check_storage_space_remaining {
# Check space remaining on the usb drive
used_percent=$(df -k $USB_MOUNT | tail -n 1 | awk -F ' ' '{print $5}' | awk -F '%' '{print $1}')
if [ $used_percent -gt 95 ]; then
if [ "$used_percent" -gt 95 ]; then
echo $"Less than 5% of space remaining on backup drive"
umount $USB_MOUNT
rm -rf $USB_MOUNT
@ -114,105 +114,105 @@ function backup_users {
USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
# Backup any gpg keys
if [ -d /home/$USERNAME/.gnupg ]; then
if [ -d "/home/$USERNAME/.gnupg" ]; then
echo $"Backing up gpg keys for $USERNAME"
backup_directory_to_usb /home/$USERNAME/.gnupg gnupg/$USERNAME
backup_directory_to_usb "/home/$USERNAME/.gnupg" "gnupg/$USERNAME"
fi
# Backup any personal settings
if [ -d /home/$USERNAME/personal ]; then
if [ -d "/home/$USERNAME/personal" ]; then
echo $"Backing up personal settings for $USERNAME"
backup_directory_to_usb /home/$USERNAME/personal personal/$USERNAME
backup_directory_to_usb "/home/$USERNAME/personal" "personal/$USERNAME"
fi
# Backup ssh keys
if [ -d /home/$USERNAME/.ssh ]; then
if [ -d "/home/$USERNAME/.ssh" ]; then
echo $"Backing up ssh keys for $USERNAME"
backup_directory_to_usb /home/$USERNAME/.ssh ssh/$USERNAME
backup_directory_to_usb "/home/$USERNAME/.ssh" "ssh/$USERNAME"
fi
# Backup fin database if it exists
if [ -d /home/$USERNAME/.fin ]; then
if [ -d "/home/$USERNAME/.fin" ]; then
echo $"Backing up fin files for $USERNAME"
backup_directory_to_usb /home/$USERNAME/.fin fin/$USERNAME
backup_directory_to_usb "/home/$USERNAME/.fin" "fin/$USERNAME"
fi
# Backup emacs
if [ -d /home/$USERNAME/.emacs.d ]; then
if [ -d "/home/$USERNAME/.emacs.d" ]; then
echo $"Backing up Emacs config for $USERNAME"
if [ -f /home/$USERNAME/.emacs ]; then
cp /home/$USERNAME/.emacs /home/$USERNAME/.emacs.d/dotemacs
if [ -f "/home/$USERNAME/.emacs" ]; then
cp "/home/$USERNAME/.emacs" "/home/$USERNAME/.emacs.d/dotemacs"
fi
backup_directory_to_usb /home/$USERNAME/.emacs.d config/$USERNAME
backup_directory_to_usb "/home/$USERNAME/.emacs.d" "config/$USERNAME"
fi
# Backup user configs
if [ -d /home/$USERNAME/.config ]; then
if [ -d "/home/$USERNAME/.config" ]; then
echo $"Backing up config files for $USERNAME"
backup_directory_to_usb /home/$USERNAME/.config config/$USERNAME
backup_directory_to_usb "/home/$USERNAME/.config" "config/$USERNAME"
fi
# Backup monkeysphere
if [ -d /home/$USERNAME/.monkeysphere ]; then
if [ -d "/home/$USERNAME/.monkeysphere" ]; then
echo $"Backing up monkeysphere files for $USERNAME"
backup_directory_to_usb /home/$USERNAME/.monkeysphere monkeysphere/$USERNAME
backup_directory_to_usb "/home/$USERNAME/.monkeysphere" "monkeysphere/$USERNAME"
fi
# Backup user local
if [ -d /home/$USERNAME/.local ]; then
if [ -d "/home/$USERNAME/.local" ]; then
echo $"Backing up local files for $USERNAME"
backup_directory_to_usb /home/$USERNAME/.local local/$USERNAME
backup_directory_to_usb "/home/$USERNAME/.local" "local/$USERNAME"
fi
# Backup mutt
if [ -f /home/$USERNAME/.muttrc ]; then
if [ -f "/home/$USERNAME/.muttrc" ]; then
echo $"Backing up Mutt settings for $USERNAME"
if [ ! -d /home/$USERNAME/tempbackup ]; then
mkdir -p /home/$USERNAME/tempbackup
if [ ! -d "/home/$USERNAME/tempbackup" ]; then
mkdir -p "/home/$USERNAME/tempbackup"
fi
cp /home/$USERNAME/.muttrc /home/$USERNAME/tempbackup
cp "/home/$USERNAME/.muttrc" "/home/$USERNAME/tempbackup"
if [ -f /etc/Muttrc ]; then
cp /etc/Muttrc /home/$USERNAME/tempbackup
cp /etc/Muttrc "/home/$USERNAME/tempbackup"
fi
backup_directory_to_usb /home/$USERNAME/tempbackup mutt/$USERNAME
backup_directory_to_usb "/home/$USERNAME/tempbackup" "mutt/$USERNAME"
fi
if [ -d /home/$USERNAME/.mutt ]; then
if [ -d "/home/$USERNAME/.mutt" ]; then
echo $"Backing up Mutt configurations for $USERNAME"
backup_directory_to_usb /home/$USERNAME/.mutt mutt/${USERNAME}configs
backup_directory_to_usb "/home/$USERNAME/.mutt" "mutt/${USERNAME}configs"
fi
# Backup email
if [ -d /home/$USERNAME/Maildir ]; then
if [ -d "/home/$USERNAME/Maildir" ]; then
echo $"Stopping mail server"
systemctl stop exim4
echo $"Creating an email archive for $USERNAME"
if [ ! -d /root/tempbackupemail/$USERNAME ]; then
mkdir -p /root/tempbackupemail/$USERNAME
if [ ! -d "/root/tempbackupemail/$USERNAME" ]; then
mkdir -p "/root/tempbackupemail/$USERNAME"
fi
tar -czvf /root/tempbackupemail/$USERNAME/maildir.tar.gz /home/$USERNAME/Maildir
tar -czvf "/root/tempbackupemail/$USERNAME/maildir.tar.gz" "/home/$USERNAME/Maildir"
echo $"Restarting mail server"
systemctl start exim4
echo $"Backing up emails for $USERNAME"
backup_directory_to_usb /root/tempbackupemail/$USERNAME mail/$USERNAME
backup_directory_to_usb "/root/tempbackupemail/$USERNAME" "mail/$USERNAME"
fi
# Backup spamassassin
if [ -d /home/$USERNAME/.spamassassin ]; then
if [ -d "/home/$USERNAME/.spamassassin" ]; then
echo $"Backing up spamassassin settings for $USERNAME"
backup_directory_to_usb /home/$USERNAME/.spamassassin spamassassin/$USERNAME
backup_directory_to_usb "/home/$USERNAME/.spamassassin" "spamassassin/$USERNAME"
fi
# Backup procmail
if [ -f /home/$USERNAME/.procmailrc ]; then
if [ -f "/home/$USERNAME/.procmailrc" ]; then
echo $"Backing up procmail settings for $USERNAME"
if [ ! -d /home/$USERNAME/tempbackup ]; then
mkdir -p /home/$USERNAME/tempbackup
if [ ! -d "/home/$USERNAME/tempbackup" ]; then
mkdir -p "/home/$USERNAME/tempbackup"
fi
cp /home/$USERNAME/.procmailrc /home/$USERNAME/tempbackup
backup_directory_to_usb /home/$USERNAME/tempbackup procmail/$USERNAME
cp "/home/$USERNAME/.procmailrc" "/home/$USERNAME/tempbackup"
backup_directory_to_usb "/home/$USERNAME/tempbackup" "procmail/$USERNAME"
fi
gpg_agent_enable $USERNAME
gpg_agent_enable "$USERNAME"
fi
done
}
@ -231,11 +231,11 @@ function backup_directories {
for dr in "${backup_dirs[@]}"
do
# if this directory exists then back it up to the given destination
source_directory=$(echo $dr | awk -F ',' '{print $1}' | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
if [ -d $source_directory ]; then
dest_directory=$(echo $dr | awk -F ',' '{print $2}' | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
source_directory=$(echo "$dr" | awk -F ',' '{print $1}' | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
if [ -d "$source_directory" ]; then
dest_directory=$(echo "$dr" | awk -F ',' '{print $2}' | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
echo $"Backing up $source_directory to $dest_directory"
backup_directory_to_usb $source_directory $dest_directory
backup_directory_to_usb "$source_directory" "$dest_directory"
fi
restart_site
@ -243,8 +243,8 @@ function backup_directories {
}
function remove_backup_directory {
if [ $1 ]; then
if [[ $1 == "remove" ]]; then
if [ "$1" ]; then
if [[ "$1" == "remove" ]]; then
if [ -d $USB_MOUNT/backup ]; then
rm -rf $USB_MOUNT/backup
echo $'Existing backup directory removed'
@ -274,7 +274,7 @@ function backup_blocklist {
if [ ! -d $temp_backup_dir ]; then
mkdir -p $temp_backup_dir
fi
if [ -f $NODEJS_INSTALLED_APPS_FILE ]; then
if [ -f "$NODEJS_INSTALLED_APPS_FILE" ]; then
cp -f /root/${PROJECT_NAME}-firewall-domains.cfg $temp_backup_dir
fi
backup_directory_to_usb $temp_backup_dir blocklist
@ -287,8 +287,8 @@ function backup_configfiles {
if [ ! -d $temp_backup_dir ]; then
mkdir -p $temp_backup_dir
fi
if [ -f $NODEJS_INSTALLED_APPS_FILE ]; then
cp -f $NODEJS_INSTALLED_APPS_FILE $temp_backup_dir
if [ -f "$NODEJS_INSTALLED_APPS_FILE" ]; then
cp -f "$NODEJS_INSTALLED_APPS_FILE" $temp_backup_dir
fi
if [ -f /root/.nostore ]; then
cp -f /root/.nostore $temp_backup_dir
@ -297,13 +297,13 @@ function backup_configfiles {
rm $temp_backup_dir/.nostore
fi
fi
cp -f $CONFIGURATION_FILE $temp_backup_dir
cp -f $COMPLETION_FILE $temp_backup_dir
cp -f "$CONFIGURATION_FILE" $temp_backup_dir
cp -f "$COMPLETION_FILE" $temp_backup_dir
if [ -f $BACKUP_EXTRA_DIRECTORIES ]; then
cp -f $BACKUP_EXTRA_DIRECTORIES $temp_backup_dir
fi
if [ -f $MONGODB_APPS_FILE ]; then
cp -f $MONGODB_APPS_FILE $temp_backup_dir
if [ -f "$MONGODB_APPS_FILE" ]; then
cp -f "$MONGODB_APPS_FILE" $temp_backup_dir
fi
# nginx password hashes
if [ -f /etc/nginx/.htpasswd ]; then
@ -355,7 +355,8 @@ function backup_postgresql {
if [ ! -d $temp_backup_dir ]; then
mkdir $temp_backup_dir
fi
sudo -u postgres pg_dumpall --roles-only > $temp_backup_dir/postgresql.sql
# shellcheck disable=SC2024
sudo -u postgres pg_dumpall --roles-only > "$temp_backup_dir/postgresql.sql"
if [ ! -s $temp_backup_dir/postgresql.sql ]; then
echo $"Unable to backup postgresql settings"
rm -rf $temp_backup_dir
@ -375,8 +376,8 @@ if [[ $1 == "remove" ]]; then
fi
gpg_agent_setup root
backup_mount_drive $1 $2
remove_backup_directory $remove_option
backup_mount_drive "$1" "$2"
remove_backup_directory "$remove_option"
make_backup_directory
check_storage_space_remaining
backup_users

184
src/freedombone-backup-remote
View File

@ -43,20 +43,20 @@ if [ -f /usr/bin/${PROJECT_NAME} ]; then
PROJECT_INSTALL_DIR=/usr/bin
fi
source $PROJECT_INSTALL_DIR/${PROJECT_NAME}-vars
source "$PROJECT_INSTALL_DIR/${PROJECT_NAME}-vars"
# utilities needed for backup commands
UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*
UTILS_FILES="/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*"
for f in $UTILS_FILES
do
source $f
source "$f"
done
# Temporary location for data to be backed up to other servers
SERVER_DIRECTORY=/root/remotebackup
# get the version of Go being used
GO_VERSION=$(cat /usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-go | grep 'GO_VERSION=' | head -n 1 | awk -F '=' '{print $2}')
GO_VERSION=$(grep 'GO_VERSION=' "/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-go" | head -n 1 | awk -F '=' '{print $2}')
ADMIN_USERNAME=$(get_completion_param "Admin user")
ADMIN_NAME=$(getent passwd $ADMIN_USERNAME | cut -d: -f5 | cut -d, -f1)
@ -66,7 +66,7 @@ if [ ! -f /etc/ssl/private/backup.key ]; then
${PROJECT_NAME}-addcert -h backup --dhkey 2048
fi
if [ ! -f /home/${ADMIN_USERNAME}/backup.list ]; then
if [ ! -f "/home/${ADMIN_USERNAME}/backup.list" ]; then
exit 1
fi
@ -92,16 +92,16 @@ function suspend_site {
return
fi
SUSPENDED_SITE="$1"
nginx_dissite $SUSPENDED_SITE
nginx_dissite "$SUSPENDED_SITE"
systemctl reload nginx
}
function restart_site {
# restarts a given website
if [ ! $SUSPENDED_SITE ]; then
if [ ! "$SUSPENDED_SITE" ]; then
return
fi
nginx_ensite $SUSPENDED_SITE
nginx_ensite "$SUSPENDED_SITE"
systemctl reload nginx
SUSPENDED_SITE=
}
@ -115,7 +115,7 @@ function backup_blocklist {
if [ ! -d $temp_backup_dir ]; then
mkdir -p $temp_backup_dir
fi
if [ -f $NODEJS_INSTALLED_APPS_FILE ]; then
if [ -f "$NODEJS_INSTALLED_APPS_FILE" ]; then
cp -f /root/${PROJECT_NAME}-firewall-domains.cfg $temp_backup_dir
fi
backup_directory_to_friend $temp_backup_dir blocklist
@ -128,8 +128,8 @@ function backup_configfiles {
if [ ! -d $temp_backup_dir ]; then
mkdir -p $temp_backup_dir
fi
if [ -f $NODEJS_INSTALLED_APPS_FILE ]; then
cp -f $NODEJS_INSTALLED_APPS_FILE $temp_backup_dir
if [ -f "$NODEJS_INSTALLED_APPS_FILE" ]; then
cp -f "$NODEJS_INSTALLED_APPS_FILE" $temp_backup_dir
fi
if [ -f /root/.nostore ]; then
cp -f /root/.nostore $temp_backup_dir
@ -138,13 +138,13 @@ function backup_configfiles {
rm $temp_backup_dir/.nostore
fi
fi
cp -f $CONFIGURATION_FILE $temp_backup_dir
cp -f $COMPLETION_FILE $temp_backup_dir
cp -f "$CONFIGURATION_FILE" $temp_backup_dir
cp -f "$COMPLETION_FILE" $temp_backup_dir
if [ -f $BACKUP_EXTRA_DIRECTORIES ]; then
cp -f $BACKUP_EXTRA_DIRECTORIES $temp_backup_dir
fi
if [ -f $MONGODB_APPS_FILE ]; then
cp -f $MONGODB_APPS_FILE $temp_backup_dir
if [ -f "$MONGODB_APPS_FILE" ]; then
cp -f "$MONGODB_APPS_FILE" $temp_backup_dir
fi
# nginx password hashes
if [ -f /etc/nginx/.htpasswd ]; then
@ -158,114 +158,114 @@ function backup_users {
USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
# personal settings
if [ -d /home/$USERNAME/personal ]; then
if [ -d "/home/$USERNAME/personal" ]; then
echo $"Backing up personal settings for $USERNAME"
backup_directory_to_friend /home/$USERNAME/personal personal/$USERNAME
backup_directory_to_friend "/home/$USERNAME/personal" "personal/$USERNAME"
fi
# gpg keys
if [ -d /home/$USERNAME/.gnupg ]; then
if [ -d "/home/$USERNAME/.gnupg" ]; then
echo $"Backing up gpg keys for $USERNAME"
backup_directory_to_friend /home/$USERNAME/.gnupg gnupg/$USERNAME
backup_directory_to_friend "/home/$USERNAME/.gnupg" "gnupg/$USERNAME"
fi
# ssh keys
if [ -d /home/$USERNAME/.ssh ]; then
if [ -d "/home/$USERNAME/.ssh" ]; then
echo $"Backing up ssh keys for $USERNAME"
backup_directory_to_friend /home/$USERNAME/.ssh ssh/$USERNAME
backup_directory_to_friend "/home/$USERNAME/.ssh" "ssh/$USERNAME"
fi
# syncthing files
if [ -d /home/$USERNAME/Sync ]; then
if [ -d "/home/$USERNAME/Sync" ]; then
echo $"Backing up syncthing files for $USERNAME"
backup_directory_to_friend /home/$USERNAME/Sync syncthing/$USERNAME
backup_directory_to_friend "/home/$USERNAME/Sync" "syncthing/$USERNAME"
# ensure that device IDs will be backed up as part of user config settings
if [ ! -d /home/$USERNAME/.config/syncthing ]; then
mkdir -p /home/$USERNAME/.config/syncthing
chown -R $USERNAME:$USERNAME /home/$USERNAME/.config
if [ ! -d "/home/$USERNAME/.config/syncthing" ]; then
mkdir -p "/home/$USERNAME/.config/syncthing"
chown -R "$USERNAME":"$USERNAME" "/home/$USERNAME/.config"
fi
if [ -f /home/$USERNAME/.syncthing-server-id ]; then
cp /home/$USERNAME/.syncthing-server-id /home/$USERNAME/.config/syncthing
chown -R $USERNAME:$USERNAME /home/$USERNAME/.config
if [ -f "/home/$USERNAME/.syncthing-server-id" ]; then
cp "/home/$USERNAME/.syncthing-server-id" "/home/$USERNAME/.config/syncthing"
chown -R "$USERNAME":"$USERNAME" "/home/$USERNAME/.config"
fi
if [ -f /home/$USERNAME/.syncthingids ]; then
cp /home/$USERNAME/.syncthingids /home/$USERNAME/.config/syncthing
chown -R $USERNAME:$USERNAME /home/$USERNAME/.config
if [ -f "/home/$USERNAME/.syncthingids" ]; then
cp "/home/$USERNAME/.syncthingids" "/home/$USERNAME/.config/syncthing"
chown -R "$USERNAME":"$USERNAME" "/home/$USERNAME/.config"
fi
fi
# config files
if [ -d /home/$USERNAME/.config ]; then
if [ -d "/home/$USERNAME/.config" ]; then
echo $"Backing up config files for $USERNAME"
backup_directory_to_friend /home/$USERNAME/.config config/$USERNAME
backup_directory_to_friend "/home/$USERNAME/.config" "config/$USERNAME"
fi
# monkeysphere files
if [ -d /home/$USERNAME/.monkeysphere ]; then
if [ -d "/home/$USERNAME/.monkeysphere" ]; then
echo $"Backing up monkeysphere files for $USERNAME"
backup_directory_to_friend /home/$USERNAME/.monkeysphere monkeysphere/$USERNAME
backup_directory_to_friend "/home/$USERNAME/.monkeysphere" "monkeysphere/$USERNAME"
fi
# fin files
if [ -d /home/$USERNAME/.fin ]; then
if [ -d "/home/$USERNAME/.fin" ]; then
echo $"Backing up fin files for $USERNAME"
backup_directory_to_friend /home/$USERNAME/.fin fin/$USERNAME
backup_directory_to_friend "/home/$USERNAME/.fin" "fin/$USERNAME"
fi
# local files
if [ -d /home/$USERNAME/.local ]; then
if [ -d "/home/$USERNAME/.local" ]; then
echo $"Backing up local files for $USERNAME"
backup_directory_to_friend /home/$USERNAME/.local local/$USERNAME
backup_directory_to_friend "/home/$USERNAME/.local" "local/$USERNAME"
fi
# mutt settings
if [ -f /home/$USERNAME/.muttrc ]; then
if [ -f "/home/$USERNAME/.muttrc" ]; then
echo $"Backing up Mutt settings for $USERNAME"
if [ ! -d /home/$USERNAME/tempbackup ]; then
mkdir -p /home/$USERNAME/tempbackup
if [ ! -d "/home/$USERNAME/tempbackup" ]; then
mkdir -p "/home/$USERNAME/tempbackup"
fi
cp /home/$USERNAME/.muttrc /home/$USERNAME/tempbackup
cp "/home/$USERNAME/.muttrc" "/home/$USERNAME/tempbackup"
if [ -f /etc/Muttrc ]; then
cp /etc/Muttrc /home/$USERNAME/tempbackup
cp /etc/Muttrc "/home/$USERNAME/tempbackup"
fi
backup_directory_to_friend /home/$USERNAME/tempbackup mutt/$USERNAME
backup_directory_to_friend "/home/$USERNAME/tempbackup" "mutt/$USERNAME"
fi
if [ -d /home/$USERNAME/.mutt ]; then
if [ -d "/home/$USERNAME/.mutt" ]; then
echo $"Backing up Mutt configurations for $USERNAME"
backup_directory_to_friend /home/$USERNAME/.mutt mutt/${USERNAME}configs
backup_directory_to_friend "/home/$USERNAME/.mutt" "mutt/${USERNAME}configs"
fi
# procmail settings
if [ -f /home/$USERNAME/.procmailrc ]; then
if [ -f "/home/$USERNAME/.procmailrc" ]; then
echo $"Backing up procmail settings for $USERNAME"
if [ ! -d /home/$USERNAME/tempbackup ]; then
mkdir -p /home/$USERNAME/tempbackup
if [ ! -d "/home/$USERNAME/tempbackup" ]; then
mkdir -p "/home/$USERNAME/tempbackup"
fi
cp /home/$USERNAME/.procmailrc /home/$USERNAME/tempbackup
backup_directory_to_friend /home/$USERNAME/tempbackup procmail/$USERNAME
cp "/home/$USERNAME/.procmailrc" "/home/$USERNAME/tempbackup"
backup_directory_to_friend "/home/$USERNAME/tempbackup" "procmail/$USERNAME"
fi
# spamassassin settings
if [ -d /home/$USERNAME/.spamassassin ]; then
if [ -d "/home/$USERNAME/.spamassassin" ]; then
echo $"Backing up spamassassin settings for $USERNAME"
backup_directory_to_friend /home/$USERNAME/.spamassassin spamassassin/$USERNAME
backup_directory_to_friend "/home/$USERNAME/.spamassassin" "spamassassin/$USERNAME"
fi
# email
if [ -d /home/$USERNAME/Maildir ]; then
if [ -d "/home/$USERNAME/Maildir" ]; then
echo $"Stopping mail server"
systemctl stop exim4
echo $"Creating an email archive"
if [ ! -d /root/backupemail/$USERNAME ]; then
mkdir -p /root/backupemail/$USERNAME
if [ ! -d "/root/backupemail/$USERNAME" ]; then
mkdir -p "/root/backupemail/$USERNAME"
fi
tar -czvf /root/backupemail/$USERNAME/maildir.tar.gz /home/$USERNAME/Maildir
tar -czvf "/root/backupemail/$USERNAME/maildir.tar.gz" "/home/$USERNAME/Maildir"
echo $"Restarting mail server"
systemctl start exim4
echo $"Backing up emails for $USERNAME"
backup_directory_to_friend /root/backupemail/$USERNAME mail/$USERNAME
backup_directory_to_friend "/root/backupemail/$USERNAME" "mail/$USERNAME"
fi
gpg_agent_enable $USERNAME
gpg_agent_enable "$USERNAME"
fi
done
}
@ -313,13 +313,13 @@ function backup_web_server {
}
function backup_admin_readme {
if [ -f /home/$ADMIN_USERNAME/README ]; then
if [ -f "/home/$ADMIN_USERNAME/README" ]; then
echo $"Backing up README"
if [ ! -d /home/$ADMIN_USERNAME/tempbackup ]; then
mkdir -p /home/$ADMIN_USERNAME/tempbackup
if [ ! -d "/home/$ADMIN_USERNAME/tempbackup" ]; then
mkdir -p "/home/$ADMIN_USERNAME/tempbackup"
fi
cp -f /home/$ADMIN_USERNAME/README /home/$ADMIN_USERNAME/tempbackup
backup_directory_to_friend /home/$ADMIN_USERNAME/tempbackup readme
cp -f "/home/$ADMIN_USERNAME/README" "/home/$ADMIN_USERNAME/tempbackup"
backup_directory_to_friend "/home/$ADMIN_USERNAME/tempbackup" readme
fi
}
@ -330,12 +330,12 @@ function backup_mariadb {
mkdir $temp_backup_dir
fi
keep_database_running
mysqldump --password=$DATABASE_PASSWORD mysql user > $temp_backup_dir/mysql.sql
mysqldump --password="$DATABASE_PASSWORD" mysql user > "$temp_backup_dir/mysql.sql"
if [ ! -s $temp_backup_dir/mysql.sql ]; then
echo $"Unable to backup MariaDB settings"
rm -rf $temp_backup_dir
# Send a warning email
echo $"Unable to export database settings" | mail -s "${PROJECT_NAME} backup to friends" $ADMIN_EMAIL_ADDRESS
echo $"Unable to export database settings" | mail -s "${PROJECT_NAME} backup to friends" "$ADMIN_EMAIL_ADDRESS"
exit 653
fi
echo "$DATABASE_PASSWORD" > $temp_backup_dir/db
@ -353,12 +353,13 @@ function backup_postgresql {
if [ ! -d $temp_backup_dir ]; then
mkdir $temp_backup_dir
fi
sudo -u postgres pg_dumpall --roles-only > $temp_backup_dir/postgresql.sql
# shellcheck disable=SC2024
sudo -u postgres pg_dumpall --roles-only > "$temp_backup_dir/postgresql.sql"
if [ ! -s $temp_backup_dir/postgresql.sql ]; then
echo $"Unable to backup postgresql settings"
rm -rf $temp_backup_dir
umount $USB_MOUNT
rm -rf $USB_MOUNT
umount "$USB_MOUNT"
rm -rf "$USB_MOUNT"
exit 684365
fi
echo "$DATABASE_PASSWORD" > $temp_backup_dir/db
@ -375,10 +376,10 @@ function get_key_share {
# Get a share index based on the supplied domain name
# This ensures that the same share is always given to the same domain
sharenumstr=$(md5sum <<< "$REMOTE_DOMAIN")
share_index=$(echo $((0x${sharenumstr%% *} % ${no_of_shares})) | tr -d -)
share_index=$(echo $((0x${sharenumstr%% *} % no_of_shares)) | tr -d -)
# get the filename
share_files=(/home/$USERNAME/.gnupg_fragments/keyshare.asc.*)
share_files=("/home/$USERNAME/.gnupg_fragments/keyshare.asc.*")
share_filename=${share_files[share_index]}
echo "$share_filename"
@ -391,35 +392,37 @@ function disperse_key_shares {
REMOTE_PASSWORD=$4
REMOTE_SERVER=$5
if [ -d /home/$USERNAME/.gnupg_fragments ]; then
if [ $REMOTE_DOMAIN ]; then
cd /home/$USERNAME/.gnupg_fragments
if [ -d "/home/$USERNAME/.gnupg_fragments" ]; then
if [ "$REMOTE_DOMAIN" ]; then
cd "/home/$USERNAME/.gnupg_fragments" || exit 34687246462
# shellcheck disable=SC2012
no_of_shares=$(ls -afq keyshare.asc.* | wc -l)
if (( no_of_shares > 1 )); then
share_filename=$(get_key_share $no_of_shares "$USERNAME" "$REMOTE_DOMAIN")
share_filename=$(get_key_share "$no_of_shares" "$USERNAME" "$REMOTE_DOMAIN")
# create a temp directory containing the share
temp_key_share_dir=/home/$USERNAME/tempkey
temp_key_share_fragments=$temp_key_share_dir/.gnupg_fragments_${USERNAME}
mkdir -p $temp_key_share_fragments
cp $share_filename $temp_key_share_fragments/
mkdir -p "$temp_key_share_fragments"
cp "$share_filename" "$temp_key_share_fragments/"
# copy the fragments directory to the remote server
/usr/bin/sshpass -p "$REMOTE_PASSWORD" \
scp -r -P $REMOTE_SSH_PORT $temp_key_share_fragments $REMOTE_SERVER
scp -r -P "$REMOTE_SSH_PORT" "$temp_key_share_fragments" "$REMOTE_SERVER"
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
# Send a warning email
echo "Key share to $REMOTE_SERVER failed" | \
mail -s "${PROJECT_NAME} social key management" $MY_EMAIL_ADDRESS
mail -s "${PROJECT_NAME} social key management" "$MY_EMAIL_ADDRESS"
else
# Send a confirmation email
echo "Key ${share_filename} shared to $REMOTE_SERVER" | \
mail -s "${PROJECT_NAME} social key management" $MY_EMAIL_ADDRESS
mail -s "${PROJECT_NAME} social key management" "$MY_EMAIL_ADDRESS"
fi
# remove the temp file/directory
shred -zu $temp_key_share_fragments/*
rm -rf $temp_key_share_dir
shred -zu "$temp_key_share_fragments/*"
rm -rf "$temp_key_share_dir"
fi
fi
fi
@ -449,13 +452,13 @@ if [[ $TEST_MODE == "no" ]]; then
fi
# For each remote server
while read remote_server
while read -r remote_server
do
# Get the server and its password
# Format is:
# username@domain <port number> /home/username <ssh password>
REMOTE_SERVER=$(echo "${remote_server}" | awk -F ' ' '{print $1}')
if [ $REMOTE_SERVER ]; then
if [ "$REMOTE_SERVER" ]; then
REMOTE_DOMAIN=$(echo "${remote_server}" | awk -F ' ' '{print $1}' | awk -F '@' '{print $2}')
REMOTE_SSH_PORT=$(echo "${remote_server}" | awk -F ' ' '{print $2}')
REMOTE_DIRECTORY=$(echo "${remote_server}" | awk -F ' ' '{print $3}')
@ -469,23 +472,22 @@ do
for d in /home/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
disperse_key_shares $USERNAME $REMOTE_DOMAIN $REMOTE_SSH_PORT "$REMOTE_PASSWORD" $REMOTE_SERVER
disperse_key_shares "$USERNAME" "$REMOTE_DOMAIN" "$REMOTE_SSH_PORT" "$REMOTE_PASSWORD" "$REMOTE_SERVER"
fi
done
if [[ $TEST_MODE == "yes" ]]; then
echo "rsync -ratlzv --rsh=\"/usr/bin/sshpass -p '$REMOTE_PASSWORD' ssh -p $REMOTE_SSH_PORT -o StrictHostKeyChecking=no\" $SERVER_DIRECTORY/backup $REMOTE_SERVER"
fi
rsync -ratlzv --rsh="/usr/bin/sshpass -p \"$REMOTE_PASSWORD\" ssh -p $REMOTE_SSH_PORT -o StrictHostKeyChecking=no" $SERVER_DIRECTORY/backup $REMOTE_SERVER
if [ ! "$?" = "0" ]; then
if ! rsync -ratlzv --rsh="/usr/bin/sshpass -p \"$REMOTE_PASSWORD\" ssh -p $REMOTE_SSH_PORT -o StrictHostKeyChecking=no" "$SERVER_DIRECTORY/backup" "$REMOTE_SERVER"; then
echo "$NOW Backup to $REMOTE_SERVER failed" >> /var/log/remotebackups.log
# Send a warning email
echo "Backup to $REMOTE_SERVER failed" | mail -s "${PROJECT_NAME} backup to friends" $ADMIN_EMAIL_ADDRESS
echo "Backup to $REMOTE_SERVER failed" | mail -s "${PROJECT_NAME} backup to friends" "$ADMIN_EMAIL_ADDRESS"
else
echo "$NOW Backed up to $REMOTE_SERVER" >> /var/log/remotebackups.log
fi
fi
done < /home/${ADMIN_USERNAME}/backup.list
done < "/home/${ADMIN_USERNAME}/backup.list"
exit 0

1174
src/freedombone-base-email
View File

File diff suppressed because it is too large Load Diff

54
src/freedombone-base-tripwire
View File

@ -37,7 +37,7 @@ function backup_remote_tripwire {
}
function remove_tripwire {
if ! grep -Fxq "tripwire" $COMPLETION_FILE; then
if ! grep -Fxq "tripwire" "$COMPLETION_FILE"; then
return
fi
apt-get -yq remove --purge tripwire
@ -45,7 +45,7 @@ function remove_tripwire {
rm -rf /etc/tripwire
fi
rm /usr/bin/reset-tripwire
sed -i '/tripwire/d' $COMPLETION_FILE
sed -i '/tripwire/d' "$COMPLETION_FILE"
}
function install_tripwire {
@ -60,35 +60,35 @@ function install_tripwire {
apt-get -yq install tripwire qrencode
apt-get -yq autoremove
cd /etc/tripwire
cd /etc/tripwire || exit 246852845
echo 'ROOT =/usr/sbin' > /etc/tripwire/twcfg.txt
echo 'POLFILE =/etc/tripwire/tw.pol' >> /etc/tripwire/twcfg.txt
echo 'DBFILE =/var/lib/tripwire/$(HOSTNAME).twd' >> /etc/tripwire/twcfg.txt
echo 'REPORTFILE =/var/lib/tripwire/report/$(HOSTNAME)-$(DATE).twr' >> /etc/tripwire/twcfg.txt
echo 'SITEKEYFILE =/etc/tripwire/$(HOSTNAME)-site.key' >> /etc/tripwire/twcfg.txt
echo 'LOCALKEYFILE =/etc/tripwire/$(HOSTNAME)-local.key' >> /etc/tripwire/twcfg.txt
echo 'EDITOR =/usr/bin/editor' >> /etc/tripwire/twcfg.txt
echo 'LATEPROMPTING =false' >> /etc/tripwire/twcfg.txt
echo 'LOOSEDIRECTORYCHECKING =false' >> /etc/tripwire/twcfg.txt
echo 'MAILNOVIOLATIONS =false' >> /etc/tripwire/twcfg.txt
echo 'EMAILREPORTLEVEL =3' >> /etc/tripwire/twcfg.txt
echo 'REPORTLEVEL =3' >> /etc/tripwire/twcfg.txt
echo 'SYSLOGREPORTING =false' >> /etc/tripwire/twcfg.txt
echo 'MAILMETHOD =SENDMAIL' >> /etc/tripwire/twcfg.txt
echo 'MAILPROGRAM =/usr/lib/sendmail -oi -t' >> /etc/tripwire/twcfg.txt
echo 'SMTPHOST =localhost' >> /etc/tripwire/twcfg.txt
echo 'SMTPPORT =25' >> /etc/tripwire/twcfg.txt
echo 'TEMPDIRECTORY =/tmp' >> /etc/tripwire/twcfg.txt
echo 'MAILFROMADDRESS =tripwire@$(HOSTNAME)' >> /etc/tripwire/twcfg.txt
{ echo 'ROOT =/usr/sbin';
echo 'POLFILE =/etc/tripwire/tw.pol';
echo "DBFILE =/var/lib/tripwire/\$(HOSTNAME).twd";
echo "REPORTFILE =/var/lib/tripwire/report/\$(HOSTNAME)-\$(DATE).twr";
echo "SITEKEYFILE =/etc/tripwire/\$(HOSTNAME)-site.key";
echo "LOCALKEYFILE =/etc/tripwire/\$(HOSTNAME)-local.key";
echo 'EDITOR =/usr/bin/editor';
echo 'LATEPROMPTING =false';
echo 'LOOSEDIRECTORYCHECKING =false';
echo 'MAILNOVIOLATIONS =false';
echo 'EMAILREPORTLEVEL =3';
echo 'REPORTLEVEL =3';
echo 'SYSLOGREPORTING =false';
echo 'MAILMETHOD =SENDMAIL';
echo 'MAILPROGRAM =/usr/lib/sendmail -oi -t';
echo 'SMTPHOST =localhost';
echo 'SMTPPORT =25';
echo 'TEMPDIRECTORY =/tmp';
echo "MAILFROMADDRESS =tripwire@\$(HOSTNAME)"; } > /etc/tripwire/twcfg.txt
echo '
' | twadmin --generate-keys -L /etc/tripwire/${HOSTNAME}-local.key -S /etc/tripwire/${HOSTNAME}-site.key
' | twadmin --generate-keys -L "/etc/tripwire/${HOSTNAME}-local.key" -S "/etc/tripwire/${HOSTNAME}-site.key"
echo '
' | twadmin --create-cfgfile -S /etc/tripwire/${HOSTNAME}-site.key /etc/tripwire/twcfg.txt
' | twadmin --create-cfgfile -S "/etc/tripwire/${HOSTNAME}-site.key" /etc/tripwire/twcfg.txt
# make a script for easy resetting of the tripwire
echo '#!/bin/sh' > /usr/bin/reset-tripwire
@ -137,14 +137,14 @@ function install_tripwire {
sed -i '/\/usr\/local\/bin/d' /etc/tripwire/twpol.txt
# Avoid logging the changed database
sed -i 's|$(TWETC)/tw.pol.*||g' /etc/tripwire/twpol.txt
sed -i "s|\$(TWETC)/tw.pol.*||g" /etc/tripwire/twpol.txt
# site key name
sed -i 's|$(TWETC)/site.key|$(TWETC)/$(HOSTNAME)-site.key|g' /etc/tripwire/twpol.txt
sed -i "s|$(TWETC)/site.key|\$(TWETC)/\$(HOSTNAME)-site.key|g" /etc/tripwire/twpol.txt
# create the policy
echo '
' | twadmin --create-polfile -S /etc/tripwire/${HOSTNAME}-site.key /etc/tripwire/twpol.txt
' | twadmin --create-polfile -S "/etc/tripwire/${HOSTNAME}-site.key" /etc/tripwire/twpol.txt
mark_completed "${FUNCNAME[0]}"
}

103
src/freedombone-client
View File

@ -55,11 +55,11 @@ if [ ! -f $MAIN_PROJECT_FILE ]; then
fi
# ssh (from https://stribika.github.io/2015/01/04/secure-secure-shell.html)
UTILS_SSH=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-ssh
SSH_CIPHERS=$(cat $UTILS_SSH | grep 'SSH_CIPHERS=' | head -n 1 | awk -F '"' '{print $2}')
SSH_MACS=$(cat $UTILS_SSH | grep 'SSH_MACS=' | head -n 1 | awk -F '"' '{print $2}')
SSH_KEX=$(cat $UTILS_SSH | grep 'SSH_KEX=' | head -n 1 | awk -F '"' '{print $2}')
SSH_HOST_KEY_ALGORITHMS=$(cat $UTILS_SSH | grep 'SSH_HOST_KEY_ALGORITHMS=' | head -n 1 | awk -F '"' '{print $2}')
UTILS_SSH="/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-ssh"
SSH_CIPHERS=$(grep 'SSH_CIPHERS=' "$UTILS_SSH" | head -n 1 | awk -F '"' '{print $2}')
SSH_MACS=$(grep 'SSH_MACS=' "$UTILS_SSH" | head -n 1 | awk -F '"' '{print $2}')
SSH_KEX=$(grep 'SSH_KEX=' "$UTILS_SSH" | head -n 1 | awk -F '"' '{print $2}')
SSH_HOST_KEY_ALGORITHMS=$(grep 'SSH_HOST_KEY_ALGORITHMS=' "$UTILS_SSH" | head -n 1 | awk -F '"' '{print $2}')
# refresh gpg keys every few hours
REFRESH_GPG_KEYS_HOURS=2
@ -74,7 +74,7 @@ function global_rate_limit {
fi
sudo cp $SYSCTL_FILE ~/sysctl.conf
sudo chown $CURR_USER:$CURR_GROUP ~/sysctl.conf
sudo chown "$CURR_USER":"$CURR_GROUP" ~/sysctl.conf
if ! grep -q "tcp_challenge_ack_limit" ~/sysctl.conf; then
echo 'net.ipv4.tcp_challenge_ack_limit = 999999999' >> ~/sysctl.conf
else
@ -94,7 +94,7 @@ function refresh_gpg_keys {
fi
fi
sudo cp /etc/crontab ~/temp_crontab
sudo chown $CURR_USER:$CURR_GROUP ~/temp_crontab
sudo chown "$CURR_USER":"$CURR_GROUP" ~/temp_crontab
if ! grep -q 'gpg --refresh-keys' ~/temp_crontab; then
echo "0 */$REFRESH_GPG_KEYS_HOURS * * * $CURR_USER /usr/bin/gpg --refresh-keys > /dev/null" >> ~/temp_crontab
sudo cp ~/temp_crontab /etc/crontab
@ -105,8 +105,9 @@ function refresh_gpg_keys {
# see https://stribika.github.io/2015/01/04/secure-secure-shell.html
function ssh_remove_small_moduli {
sudo awk '$5 > 2000' /etc/ssh/moduli > /home/$CURR_USER/moduli
sudo mv /home/$CURR_USER/moduli /etc/ssh/moduli
# shellcheck disable=SC2024
sudo awk '$5 > 2000' /etc/ssh/moduli > "/home/$CURR_USER/moduli"
sudo mv "/home/$CURR_USER/moduli" /etc/ssh/moduli
}
function configure_ssh_client {
@ -124,7 +125,7 @@ function configure_ssh_client {
sudo sed -i "s/HostKeyAlgorithms.*/HostKeyAlgorithms $SSH_HOST_KEY_ALGORITHMS/g" /etc/ssh/ssh_config
if ! grep -q "HostKeyAlgorithms" /etc/ssh/ssh_config; then
sudo cp /etc/ssh/ssh_config ~/ssh_config
sudo chown $CURR_USER:$CURR_GROUP ~/ssh_config
sudo chown "$CURR_USER":"$CURR_GROUP" ~/ssh_config
echo " HostKeyAlgorithms $SSH_HOST_KEY_ALGORITHMS" >> ~/ssh_config
sudo mv ~/ssh_config /etc/ssh/ssh_config
sudo chown root:root /etc/ssh/ssh_config
@ -134,7 +135,7 @@ function configure_ssh_client {
sudo sed -i "s/Ciphers.*/Ciphers $SSH_CIPHERS/g" /etc/ssh/ssh_config
if ! grep -q "Ciphers " /etc/ssh/ssh_config; then
sudo cp /etc/ssh/ssh_config ~/ssh_config
sudo chown $CURR_USER:$CURR_GROUP ~/ssh_config
sudo chown "$CURR_USER":"$CURR_GROUP" ~/ssh_config
echo " Ciphers $SSH_CIPHERS" >> ~/ssh_config
sudo mv ~/ssh_config /etc/ssh/ssh_config
sudo chown root:root /etc/ssh/ssh_config
@ -142,17 +143,17 @@ function configure_ssh_client {
sudo sed -i "s/MACs.*/MACs $SSH_MACS/g" /etc/ssh/ssh_config
if ! grep -q "MACs " /etc/ssh/ssh_config; then
sudo cp /etc/ssh/ssh_config ~/ssh_config
sudo chown $CURR_USER:$CURR_GROUP ~/ssh_config
sudo chown "$CURR_USER":"$CURR_GROUP" ~/ssh_config
echo " MACs $SSH_MACS" >> ~/ssh_config
sudo mv ~/ssh_config /etc/ssh/ssh_config
sudo chown root:root /etc/ssh/ssh_config
fi
# Create ssh keys
if [ ! -f /home/$CURR_USER/.ssh/id_ed25519 ]; then
if [ ! -f "/home/$CURR_USER/.ssh/id_ed25519" ]; then
ssh-keygen -t ed25519 -o -a 100
fi
if [ ! -f /home/$CURR_USER/.ssh/id_rsa ]; then
if [ ! -f "/home/$CURR_USER/.ssh/id_rsa" ]; then
ssh-keygen -t rsa -b 2048 -o -a 100
fi
@ -170,20 +171,20 @@ function configure_ssh_client {
fi
if ! grep -q "# ${PROJECT_NAME} settings" ~/.ssh/config; then
if ! grep -q 'ProxyCommand' ~/.ssh/config; then
echo "# ${PROJECT_NAME} settings start" >> ~/.ssh/config
echo 'Host *.onion' >> ~/.ssh/config
echo ' ServerAliveInterval 60' >> ~/.ssh/config
echo ' ServerAliveCountMax 3' >> ~/.ssh/config
{ echo "# ${PROJECT_NAME} settings start";
echo 'Host *.onion';
echo ' ServerAliveInterval 60';
echo ' ServerAliveCountMax 3'; } >> ~/.ssh/config
if [[ $ENABLE_MONKEYSPHERE == $'yes' || $ENABLE_MONKEYSPHERE == $'y' ]]; then
if [[ "$ENABLE_MONKEYSPHERE" == $'yes' || "$ENABLE_MONKEYSPHERE" == $'y' ]]; then
echo " ProxyCommand sh -c 'monkeysphere ssh-proxycommand --no-connect %h %p ; $proxycmd'" >> ~/.ssh/config
else
echo " ProxyCommand $proxycmd" >> ~/.ssh/config
fi
echo 'Host *' >> ~/.ssh/config
echo ' ServerAliveInterval 60' >> ~/.ssh/config
echo ' ServerAliveCountMax 3' >> ~/.ssh/config
if [[ $ENABLE_MONKEYSPHERE == $'yes' || $ENABLE_MONKEYSPHERE == $'y' ]]; then
{ echo 'Host *';
echo ' ServerAliveInterval 60';
echo ' ServerAliveCountMax 3'; } >> ~/.ssh/config
if [[ "$ENABLE_MONKEYSPHERE" == $'yes' || "$ENABLE_MONKEYSPHERE" == $'y' ]]; then
echo ' ProxyCommand monkeysphere ssh-proxycommand %h %p' >> ~/.ssh/config
fi
echo "# ${PROJECT_NAME} settings end" >> ~/.ssh/config
@ -194,8 +195,8 @@ function configure_ssh_client {
echo $'Go to the Administrator Control Panel, select "Manage Users", '
echo $'"Change user ssh public key" then "yes" and paste the following:'
echo ''
echo $(cat /home/$CURR_USER/.ssh/id_rsa.pub)
echo $(cat /home/$CURR_USER/.ssh/id_ed25519.pub)
cat "/home/$CURR_USER/.ssh/id_rsa.pub"
cat "/home/$CURR_USER/.ssh/id_ed25519.pub"
echo ''
echo $'Then go to "Security Settings", select "Allow ssh login with passwords"'
echo $'and set it to "no".'
@ -222,37 +223,37 @@ function setup_client_app_irc {
else
sudo pacman -S --noconfirm hexchat tor
fi
if [ ! -d /home/$CURR_USER/.config/hexchat ]; then
mkdir -p /home/$CURR_USER/.config/hexchat
if [ ! -d "/home/$CURR_USER/.config/hexchat" ]; then
mkdir -p "/home/$CURR_USER/.config/hexchat"
fi
echo 'net_proxy_host = 127.0.0.1' > /home/$CURR_USER/.config/hexchat/hexchat.conf
echo 'net_proxy_port = 9050' >> /home/$CURR_USER/.config/hexchat/hexchat.conf
echo 'net_proxy_type = 3' >> /home/$CURR_USER/.config/hexchat/hexchat.conf
echo 'net_proxy_use = 0' >> /home/$CURR_USER/.config/hexchat/hexchat.conf
{ echo 'net_proxy_host = 127.0.0.1';
echo 'net_proxy_port = 9050';
echo 'net_proxy_type = 3';
echo 'net_proxy_use = 0';
echo 'net_proxy_auth = 1' >> /home/$CURR_USER/.config/hexchat/hexchat.conf
echo 'net_proxy_pass = HexChat' >> /home/$CURR_USER/.config/hexchat/hexchat.conf
echo 'net_proxy_user = HexChat' >> /home/$CURR_USER/.config/hexchat/hexchat.conf
echo 'net_proxy_auth = 1';
echo 'net_proxy_pass = HexChat';
echo 'net_proxy_user = HexChat';
echo 'dcc_auto_chat = 0' >> /home/$CURR_USER/.config/hexchat/hexchat.conf
echo 'dcc_auto_resume = 0' >> /home/$CURR_USER/.config/hexchat/hexchat.conf
echo 'dcc_auto_send = 0' >> /home/$CURR_USER/.config/hexchat/hexchat.conf
echo 'irc_hide_version = 1' >> /home/$CURR_USER/.config/hexchat/hexchat.conf
echo 'identd = 0' >> /home/$CURR_USER/.config/hexchat/hexchat.conf
echo 'dcc_auto_chat = 0';
echo 'dcc_auto_resume = 0';
echo 'dcc_auto_send = 0';
echo 'irc_hide_version = 1';
echo 'identd = 0';
echo 'away_reason =' >> /home/$CURR_USER/.config/hexchat/hexchat.conf
echo 'irc_part_reason =' >> /home/$CURR_USER/.config/hexchat/hexchat.conf
echo 'irc_quit_reason =' >> /home/$CURR_USER/.config/hexchat/hexchat.conf
echo 'away_reason =';
echo 'irc_part_reason =';
echo 'irc_quit_reason =';
echo "irc_real_name = ${USER}" >> /home/$CURR_USER/.config/hexchat/hexchat.conf
echo "irc_user_name = ${USER}" >> /home/$CURR_USER/.config/hexchat/hexchat.conf
echo "irc_nick1 = ${USER}" >> /home/$CURR_USER/.config/hexchat/hexchat.conf
echo "irc_nick2 = ${USER}_" >> /home/$CURR_USER/.config/hexchat/hexchat.conf
echo "irc_nick3 = ${USER}__" >> /home/$CURR_USER/.config/hexchat/hexchat.conf
echo "irc_real_name = ${USER}";
echo "irc_user_name = ${USER}";
echo "irc_nick1 = ${USER}";
echo "irc_nick2 = ${USER}_";
echo "irc_nick3 = ${USER}__";
echo 'completion_suffix = :' >> /home/$CURR_USER/.config/hexchat/hexchat.conf
echo 'completion_suffix = :';
echo 'gui_slist_skip = 1' >> /home/$CURR_USER/.config/hexchat/hexchat.conf
echo 'gui_slist_skip = 1'; } > "/home/$CURR_USER/.config/hexchat/hexchat.conf"
echo $'hexchat configured'
}
@ -272,8 +273,8 @@ function setup_client_app {
function remove_known_hosts_entries {
# remove any previous freedombone entries from known hosts
if [ -f /home/$CURR_USER/.ssh/known_hosts ]; then
sed -i "/${PROJECT_NAME}.local/d" /home/$CURR_USER/.ssh/known_hosts
if [ -f "/home/$CURR_USER/.ssh/known_hosts" ]; then
sed -i "/${PROJECT_NAME}.local/d" "/home/$CURR_USER/.ssh/known_hosts"
fi
}

102
src/freedombone-clientcert
View File

@ -59,34 +59,34 @@ function show_help {
while [ $# -gt 1 ]
do
key="$1"
key="$1"
case $key in
--help)
show_help
;;
-u|--username)
case $key in
--help)
show_help
;;
-u|--username)
shift
USERNAME="$1"
;;
*)
# unknown option
;;
esac
shift
USERNAME="$1"
;;
*)
# unknown option
;;
esac
shift
done
if [ ! $USERNAME ]; then
if [ ! "$USERNAME" ]; then
echo $'No username specified'
exit 5748
fi
if [ ! -d /home/$USERNAME ]; then
if [ ! -d "/home/$USERNAME" ]; then
echo $"User $USERNAME not found"
exit 76239
fi
if [ -d /home/$USERNAME/emailcert ]; then
if [ -d "/home/$USERNAME/emailcert" ]; then
echo $'Client certs were already for created'
exit 2953
fi
@ -97,75 +97,71 @@ fi
# Add a user password
if ! grep -q "$USERNAME:{plain}" /etc/dovecot/passwd-file; then
echo "$USERNAME:{plain}::::::nopassword" >> /etc/dovecot/passwd-file
echo "$USERNAME:{plain}::::::nopassword" >> /etc/dovecot/passwd-file
fi
chmod 600 /etc/dovecot/passwd-file
# create a user cert
${PROJECT_NAME}-addcert -h $USERNAME --nodh ""
"${PROJECT_NAME}-addcert" -h "$USERNAME" --nodh ""
if [ ! -f /etc/ssl/private/$USERNAME.key ]; then
if [ ! -f "/etc/ssl/private/$USERNAME.key" ]; then
echo $'User certificates were not created'
rm -rf /home/$USERNAME/emailcert
rm -rf "/home/$USERNAME/emailcert"
exit 74835
fi
# create a certificate request
openssl req -new -sha256 -subj \
"/O=$ORGANISATION/OU=$UNIT/C=$COUNTRY_CODE/ST=$AREA/L=$LOCATION/CN=$USERNAME" \
-key /etc/ssl/private/$USERNAME.key \
-out /etc/ssl/requests/$USERNAME.csr
-key "/etc/ssl/private/$USERNAME.key" \
-out "/etc/ssl/requests/$USERNAME.csr"
if [ ! -f /etc/ssl/requests/$USERNAME.csr ]; then
if [ ! -f "/etc/ssl/requests/$USERNAME.csr" ]; then
echo $'Certificate request was not created'
rm -rf /home/$USERNAME/emailcert
rm -rf "/home/$USERNAME/emailcert"
exit 83520
fi
# sign the certificate request
cd /etc/ssl
cd /etc/ssl || exit 742742542
openssl ca -config /etc/ssl/dovecot-ca.cnf \
-in /etc/ssl/requests/$USERNAME.csr \
-out /etc/ssl/certs/$USERNAME.cer
-in "/etc/ssl/requests/$USERNAME.csr" \
-out "/etc/ssl/certs/$USERNAME.cer"
if [ ! -f /etc/ssl/certs/$USERNAME.cer ]; then
if [ ! -f "/etc/ssl/certs/$USERNAME.cer" ]; then
echo $'Authentication certificate was not created'
rm -rf /home/$USERNAME/emailcert
rm -rf "/home/$USERNAME/emailcert"
exit 343569
fi
# move the cert to the user's home
mkdir /home/$USERNAME/emailcert
mv /etc/ssl/certs/$USERNAME.cer /home/$USERNAME/emailcert
cp /etc/ssl/certs/dovecot.crt /home/$USERNAME/emailcert
cp /etc/ssl/certs/ca-$HOSTNAME.crt /home/$USERNAME/emailcert
mv /etc/ssl/private/$USERNAME.key /home/$USERNAME/emailcert
mv /etc/ssl/certs/$USERNAME.crt /home/$USERNAME/emailcert
openssl pkcs12 -export -in /home/$USERNAME/emailcert/$USERNAME.cer \
-out /home/$USERNAME/emailcert/$USERNAME.p12 \
-inkey /home/$USERNAME/emailcert/$USERNAME.key \
-certfile /home/$USERNAME/emailcert/ca-$HOSTNAME.crt \
mkdir "/home/$USERNAME/emailcert"
mv "/etc/ssl/certs/$USERNAME.cer" "/home/$USERNAME/emailcert"
cp "/etc/ssl/certs/dovecot.crt" "/home/$USERNAME/emailcert"
cp "/etc/ssl/certs/ca-$HOSTNAME.crt" "/home/$USERNAME/emailcert"
mv "/etc/ssl/private/$USERNAME.key" "/home/$USERNAME/emailcert"
mv "/etc/ssl/certs/$USERNAME.crt" "/home/$USERNAME/emailcert"
openssl pkcs12 -export -in "/home/$USERNAME/emailcert/$USERNAME.cer" \
-out "/home/$USERNAME/emailcert/$USERNAME.p12" \
-inkey "/home/$USERNAME/emailcert/$USERNAME.key" \
-certfile "/home/$USERNAME/emailcert/ca-$HOSTNAME.crt" \
-password pass:""
# make an install script
echo '#!/bin/bash' > /home/$USERNAME/emailcert/install.sh
echo "sudo mv ca-$HOSTNAME.crt /etc/ssl/certs" >> \
/home/$USERNAME/emailcert/install.sh
echo "sudo mv $USERNAME.crt /etc/ssl/certs" >> \
/home/$USERNAME/emailcert/install.sh
echo "sudo mv dovecot.crt /etc/ssl/certs" >> \
/home/$USERNAME/emailcert/install.sh
echo "sudo mv $USERNAME.key /etc/ssl/private" >> \
/home/$USERNAME/emailcert/install.sh
echo 'exit 0' >> /home/$USERNAME/emailcert/install.sh
{ echo '#!/bin/bash';
echo "sudo mv ca-$HOSTNAME.crt /etc/ssl/certs";
echo "sudo mv $USERNAME.crt /etc/ssl/certs";
echo "sudo mv dovecot.crt /etc/ssl/certs";
echo "sudo mv $USERNAME.key /etc/ssl/private";
echo 'exit 0'; } > "/home/$USERNAME/emailcert/install.sh"
# set permissions for the user
chmod -R 755 /home/$USERNAME/emailcert
chown -R $USERNAME:$USERNAME /home/$USERNAME/emailcert
chmod +x /home/$USERNAME/emailcert/install.sh
chmod -R 755 "/home/$USERNAME/emailcert"
chown -R "$USERNAME":"$USERNAME" "/home/$USERNAME/emailcert"
chmod +x "/home/$USERNAME/emailcert/install.sh"
shred -zu /etc/ssl/requests/$USERNAME.csr
shred -zu "/etc/ssl/requests/$USERNAME.csr"
echo $'Email authentication certificate created. You can obtain it on the client with:'
echo ''

303
src/freedombone-config
View File

@ -43,7 +43,7 @@ export TEXTDOMAINDIR="/usr/share/locale"
FREEDOMBONE_WEBSITE="https://freedombone.net or http://4fvfozz6g3zmvf76.onion"
# Minimum number of characters in a password
MINIMUM_PASSWORD_LENGTH=$(cat /usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-passwords | grep 'MINIMUM_PASSWORD_LENGTH=' | head -n 1 | awk -F '=' '{print $2}')
MINIMUM_PASSWORD_LENGTH=$(grep 'MINIMUM_PASSWORD_LENGTH=' "/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-passwords" | head -n 1 | awk -F '=' '{print $2}')
# file containing new password
IMAGE_PASSWORD_FILE=/root/login.txt
@ -118,18 +118,18 @@ function please_wait {
echo -n ''
}
source $PROJECT_INSTALL_DIR/${PROJECT_NAME}-vars
source "$PROJECT_INSTALL_DIR/${PROJECT_NAME}-vars"
UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*
UTILS_FILES="/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*"
for f in $UTILS_FILES
do
source $f
source "$f"
done
APP_FILES=/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*
APP_FILES="/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*"
for f in $APP_FILES
do
source $f
source "$f"
done
function show_help {
@ -157,23 +157,25 @@ function choose_email_address {
while [ ${#MY_EMAIL_ADDRESS} -lt 5 ]
do
EMAIL_ADDRESS=$(grep 'MY_EMAIL_ADDRESS' temp.cfg | awk -F '=' '{print $2}')
if [ ! $EMAIL_ADDRESS ]; then
if [ ! "$EMAIL_ADDRESS" ]; then
EMAIL_ADDRESS=$MY_USERNAME@$DEFAULT_DOMAIN_NAME
fi
if [ ${#MY_EMAIL_ADDRESS} -lt 5 ]; then
EMAIL_ADDRESS=$MY_USERNAME@$DEFAULT_DOMAIN_NAME
fi
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone Configuration" \
--inputbox $"Your email address" 10 30 "$EMAIL_ADDRESS" 2> $data
--inputbox $"Your email address" 10 30 "$EMAIL_ADDRESS" 2> "$data"
sel=$?
case $sel in
0) MY_EMAIL_ADDRESS=$(cat $data);;
1) exit 1;;
255) exit 1;;
0) MY_EMAIL_ADDRESS=$(cat "$data");;
1) rm -f "$data"
exit 1;;
255) rm -f "$data"
exit 1;;
esac
rm -f "$data"
done
fi
save_configuration_values
@ -183,23 +185,24 @@ function choose_social_instance_domain_name {
DEFAULT_DOMAIN_DETAILS_COMPLETE=
while [ ! $DEFAULT_DOMAIN_DETAILS_COMPLETE ]
do
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
if [[ $DDNS_PROVIDER == "default@freedns.afraid.org" ]]; then
dialog --backtitle $"Freedombone Configuration" \
--title $"Instance domain" \
--form $"\nEnter your instance domain name and its FreeDNS code:" 11 55 3 \
--form $"\\nEnter your instance domain name and its FreeDNS code:" 11 55 3 \
$"Domain:" 1 1 "$(grep 'DEFAULT_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 1 24 33 40 \
$"Code:" 2 1 "$(grep 'DEFAULT_DOMAIN_CODE' temp.cfg | awk -F '=' '{print $2}')" 2 24 33 255 \
2> $data
2> "$data"
sel=$?
case $sel in
1) exit 1;;
255) exit 1;;
1) rm -f "$data"
exit 1;;
255) rm -f "$data"
exit 1;;
esac
DEFAULT_DOMAIN_NAME=$(cat $data | sed -n 1p)
DEFAULT_DOMAIN_CODE=$(cat $data | sed -n 2p)
if [ $DEFAULT_DOMAIN_NAME ]; then
DEFAULT_DOMAIN_NAME=$(sed -n 1p < "$data")
DEFAULT_DOMAIN_CODE=$(sed -n 2p < "$data")
if [ "$DEFAULT_DOMAIN_NAME" ]; then
validate_freedns_code "$DEFAULT_DOMAIN_CODE"
if [ ! $VALID_CODE ]; then
DEFAULT_DOMAIN_NAME=
@ -208,24 +211,27 @@ function choose_social_instance_domain_name {
else
dialog --backtitle $"Freedombone Configuration" \
--inputbox $"Enter your instance domain name:" 10 45 \
"$(grep 'DEFAULT_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 2> $data
"$(grep 'DEFAULT_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 2> "$data"
sel=$?
case $sel in
0) DEFAULT_DOMAIN_NAME=$(cat $data);;
1) exit 1;;
255) exit 1;;
0) DEFAULT_DOMAIN_NAME=$(cat "$data");;
1) rm -f "$data"
exit 1;;
255) rm -f "$data"
exit 1;;
esac
fi
if [ $DEFAULT_DOMAIN_NAME ]; then
if [ "$DEFAULT_DOMAIN_NAME" ]; then
TEST_DOMAIN_NAME=$DEFAULT_DOMAIN_NAME
validate_domain_name
if [[ $TEST_DOMAIN_NAME != $DEFAULT_DOMAIN_NAME ]]; then
if [[ "$TEST_DOMAIN_NAME" != "$DEFAULT_DOMAIN_NAME" ]]; then
DEFAULT_DOMAIN_NAME=
dialog --title $"Domain name validation" --msgbox "$TEST_DOMAIN_NAME" 15 50
else
DEFAULT_DOMAIN_DETAILS_COMPLETE="yes"
fi
fi
rm -f "$data"
done
save_configuration_values
}
@ -242,8 +248,7 @@ function choose_default_domain_name {
DEFAULT_DOMAIN_DETAILS_COMPLETE=
while [ ! $DEFAULT_DOMAIN_DETAILS_COMPLETE ]
do
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
if [[ $DDNS_PROVIDER == "default@freedns.afraid.org" ]]; then
dialog --backtitle $"Freedombone Configuration" \
--title $"Your main domain name" \
@ -252,23 +257,26 @@ function choose_default_domain_name {
$"Code:" 2 1 "$(grep 'DEFAULT_DOMAIN_CODE' temp.cfg | awk -F '=' '{print $2}')" 2 24 33 255 \
$"mail subdomain Code:" 3 1 "$(grep 'EMAIL_DOMAIN_CODE' temp.cfg | awk -F '=' '{print $2}')" 3 24 33 255 \
$"XMPP subdomain Code:" 4 1 "$(grep 'XMPP_DOMAIN_CODE' temp.cfg | awk -F '=' '{print $2}')" 4 24 33 255 \
2> $data
2> "$data"
sel=$?
case $sel in
1) exit 1;;
255) exit 1;;
1) rm -f "$data"
exit 1;;
255) rm -f "$data"
exit 1;;
esac
DEFAULT_DOMAIN_NAME=$(cat $data | sed -n 1p)
DEFAULT_DOMAIN_CODE=$(cat $data | sed -n 2p)
EMAIL_DOMAIN_CODE=$(cat $data | sed -n 3p)
XMPP_DOMAIN_CODE=$(cat $data | sed -n 4p)
if [ $DEFAULT_DOMAIN_NAME ]; then
DEFAULT_DOMAIN_NAME=$(sed -n 1p < "$data")
DEFAULT_DOMAIN_CODE=$(sed -n 2p < "$data")
EMAIL_DOMAIN_CODE=$(sed -n 3p < "$data")
XMPP_DOMAIN_CODE=$(sed -n 4p < "$data")
rm -f "$data"
if [ "$DEFAULT_DOMAIN_NAME" ]; then
validate_freedns_code "$DEFAULT_DOMAIN_CODE"
if [ ! $VALID_CODE ]; then
DEFAULT_DOMAIN_NAME=
fi
fi
if [ $EMAIL_DOMAIN_CODE ]; then
if [ "$EMAIL_DOMAIN_CODE" ]; then
validate_freedns_code "$EMAIL_DOMAIN_CODE"
if [ ! $VALID_CODE ]; then
DEFAULT_DOMAIN_NAME=
@ -277,7 +285,7 @@ function choose_default_domain_name {
write_config_param "EMAIL_DOMAIN_CODE" "$EMAIL_DOMAIN_CODE"
fi
fi
if [ $XMPP_DOMAIN_CODE ]; then
if [ "$XMPP_DOMAIN_CODE" ]; then
validate_freedns_code "$XMPP_DOMAIN_CODE"
if [ ! $VALID_CODE ]; then
DEFAULT_DOMAIN_NAME=
@ -289,18 +297,20 @@ function choose_default_domain_name {
else
dialog --backtitle $"Freedombone Configuration" \
--inputbox $"Which domain name should your email/XMPP/IRC/Mumble be associated with?" 10 45 \
"$(grep 'DEFAULT_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 2> $data
"$(grep 'DEFAULT_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 2> "$data"
sel=$?
case $sel in
0) DEFAULT_DOMAIN_NAME=$(cat $data);;
1) exit 1;;
255) exit 1;;
0) DEFAULT_DOMAIN_NAME=$(cat "$data");;
1) rm -f "$data"
exit 1;;
255) rm -f "$data"
exit 1;;
esac
fi
if [ $DEFAULT_DOMAIN_NAME ]; then
if [ "$DEFAULT_DOMAIN_NAME" ]; then
TEST_DOMAIN_NAME=$DEFAULT_DOMAIN_NAME
validate_domain_name
if [[ $TEST_DOMAIN_NAME != $DEFAULT_DOMAIN_NAME ]]; then
if [[ "$TEST_DOMAIN_NAME" != "$DEFAULT_DOMAIN_NAME" ]]; then
DEFAULT_DOMAIN_NAME=
dialog --title $"Domain name validation" --msgbox "$TEST_DOMAIN_NAME" 15 50
else
@ -313,8 +323,7 @@ function choose_default_domain_name {
}
function dynamic_dns_setup {
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone Configuration" \
--radiolist $"Choose Dynamic DNS provider:" 40 40 40 \
1 dyn.com off \
@ -349,13 +358,15 @@ function dynamic_dns_setup {
30 strato.com off \
31 freemyip.com off \
32 cloudxns.net off \
33 none off 2> $data
33 none off 2> "$data"
sel=$?
case $sel in
1) exit 1;;
255) exit 1;;
1) rm -f "$data"
exit 1;;
255) rm -f "$data"
exit 1;;
esac
case $(cat $data) in
case $(cat "$data") in
1) DDNS_PROVIDER="default@www.dyn.com";;
2) DDNS_PROVIDER="default@freedns.afraid.org";;
3) DDNS_PROVIDER="default@www.zoneedit.com";;
@ -389,8 +400,10 @@ function dynamic_dns_setup {
31) DDNS_PROVIDER="default@freemyip.com";;
32) DDNS_PROVIDER="default@www.cloudxns.net";;
33) DDNS_PROVIDER="none";;
255) exit 1;;
255) rm -f "$data"
exit 1;;
esac
rm -f "$data"
save_configuration_values
valid_ddns_username=
@ -403,50 +416,55 @@ function dynamic_dns_setup {
else
while [ ! $valid_ddns_username ]
do
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone Configuration" \
--inputbox $"Dynamic DNS provider username" 10 30 "$(grep 'DDNS_USERNAME' temp.cfg | awk -F '=' '{print $2}')" 2> $data
--inputbox $"Dynamic DNS provider username" 10 30 "$(grep 'DDNS_USERNAME' temp.cfg | awk -F '=' '{print $2}')" 2> "$data"
sel=$?
case $sel in
0) possible_username=$(cat $data)
0) possible_username=$(cat "$data")
if [ "$possible_username" ]; then
if [ ${#possible_username} -gt 1 ]; then
valid_ddns_username=$(cat $data)
DDNS_USERNAME=$valid_ddns_username
valid_ddns_username=$(cat "$data")
DDNS_USERNAME="$valid_ddns_username"
rm -f "$data"
break;
fi
fi
;;
1) exit 1;;
255) exit 1;;
1) rm -f "$data"
exit 1;;
255) rm -f "$data"
exit 1;;
esac
rm -f "$data"
done
save_configuration_values
while [ ! $valid_ddns_password ]
do
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone Configuration" \
--clear \
--insecure \
--passwordbox $"Dynamic DNS provider password" 10 30 "$(grep 'DDNS_PASSWORD' temp.cfg | awk -F '=' '{print $2}')" 2> $data
--passwordbox $"Dynamic DNS provider password" 10 30 "$(grep 'DDNS_PASSWORD' temp.cfg | awk -F '=' '{print $2}')" 2> "$data"
sel=$?
case $sel in
0) possible_password=$(cat $data)
0) possible_password=$(cat "$data")
if [ "$possible_password" ]; then
if [ ${#possible_password} -gt 1 ]; then
valid_ddns_password=$(cat $data)
valid_ddns_password=$(cat "$data")
DDNS_PASSWORD=$valid_ddns_password
break;
fi
fi
;;
1) exit 1;;
255) exit 1;;
1) rm -f "$data"
exit 1;;
255) rm -f "$data"
exit 1;;
esac
if [ ${#DDNS_PASSWORD} -lt $MINIMUM_PASSWORD_LENGTH ]; then
rm -f "$data"
if [ ${#DDNS_PASSWORD} -lt "$MINIMUM_PASSWORD_LENGTH" ]; then
dialog --title $"Password quality check" --msgbox $"The password given was too short. It must be at least $MINIMUM_PASSWORD_LENGTH characters. You may need to change your password on the dynamic DNS provider's web site." 10 40
DDNS_PASSWORD=""
fi
@ -458,10 +476,10 @@ function dynamic_dns_setup {
function choose_dynamic_dns {
DDNS_PROVIDER="none"
if [[ $SYSTEM_TYPE != "mesh"* && $ONION_ONLY == "no" ]]; then
if [[ "$SYSTEM_TYPE" != "mesh"* && "$ONION_ONLY" == "no" ]]; then
dialog --title $"Dynamic DNS" \
--backtitle $"Freedombone Configuration" \
--yesno $"\nConfigure a dynamic DNS service?\n\nIf it is already handled by your internet router then select 'no'." 10 50
--yesno $"\\nConfigure a dynamic DNS service?\\n\\nIf it is already handled by your internet router then select 'no'." 10 50
sel=$?
case $sel in
0) dynamic_dns_setup;;
@ -472,9 +490,8 @@ function choose_dynamic_dns {
}
function choose_debian_repo {
if [[ $MINIMAL_INSTALL == "no" ]]; then
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
if [[ "$MINIMAL_INSTALL" == "no" ]]; then
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone Configuration" \
--radiolist $"Where to download Debian packages from:" 25 45 49 \
1 $"Australia" off \
@ -525,13 +542,15 @@ function choose_debian_repo {
46 $"Turkey" off \
47 $"Ukraine" off \
48 $"United Kingdom" off \
49 $"United States" on 2> $data
49 $"United States" on 2> "$data"
sel=$?
case $sel in
1) exit 1;;
255) exit 1;;
1) rm -f "$data"
exit 1;;
255) rm -f "$data"
exit 1;;
esac
case $(cat $data) in
case $(cat "$data") in
1) DEBIAN_REPO='ftp.au.debian.org';;
2) DEBIAN_REPO='ftp.at.debian.org';;
3) DEBIAN_REPO='ftp.by.debian.org';;
@ -581,8 +600,10 @@ function choose_debian_repo {
47) DEBIAN_REPO='ftp.ua.debian.org';;
48) DEBIAN_REPO='ftp.uk.debian.org';;
49) DEBIAN_REPO='ftp.us.debian.org';;
255) exit 1;;
255) rm -f "$data"
exit 1;;
esac
rm -f "$data"
save_configuration_values
else
DEBIAN_REPO='ftp.de.debian.org'
@ -591,28 +612,31 @@ function choose_debian_repo {
function choose_rng {
if [[ $MINIMAL_INSTALL == "no" ]]; then
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
if [[ $INSTALLING_ON_BBB != "yes" ]]; then
data=$(mktemp 2>/dev/null)
if [[ "$INSTALLING_ON_BBB" != "yes" ]]; then
dialog --backtitle $"Freedombone Configuration" \
--radiolist $"Type of Random Number Generator:" 10 40 2 \
1 Haveged on \
2 OneRNG off 2> $data
2 OneRNG off 2> "$data"
sel=$?
case $sel in
1) exit 1;;
255) exit 1;;
1) rm -f "$data"
exit 1;;
255) rm -f "$data"
exit 1;;
esac
case $(cat $data) in
case $(cat "$data") in
2) HWRNG_TYPE="onerng"
dialog --title $"OneRNG Device" \
--msgbox $"Please ensure that the OneRNG device is disconnected. You can reconnect it later during the installation" 8 60
;;
255) exit 1;;
255) rm -f "$data"
exit 1;;
esac
else
HWRNG_TYPE="beaglebone"
fi
rm -f "$data"
save_configuration_values
fi
}
@ -621,9 +645,7 @@ function choose_social_key_management {
if [[ $MINIMAL_INSTALL == "no" ]]; then
interactive_gpg
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
SOCIAL_KEY_STR=$"\nDo you wish to enable social key management, otherwise known as \"the unforgettable key\"?\n\nThis means that fragments of your GPG key will be included with any remote backups so that if you later lose your key then it can be reconstructed from your friends servers. If you select \"no\" then you can still do social key management, but offline using physical USB thumb drives, which is more secure but less convenient."
SOCIAL_KEY_STR=$"\\nDo you wish to enable social key management, otherwise known as \"the unforgettable key\"?\\n\\nThis means that fragments of your GPG key will be included with any remote backups so that if you later lose your key then it can be reconstructed from your friends servers. If you select \"no\" then you can still do social key management, but offline using physical USB thumb drives, which is more secure but less convenient."
if [[ $(grep "ENABLE_SOCIAL_KEY_MANAGEMENT" temp.cfg | awk -F '=' '{print $2}') == "yes" ]]; then
dialog --title $"Social Key Management" \
--backtitle $"Freedombone Configuration" \
@ -659,36 +681,36 @@ function choose_username {
if [ ! $SELECTED_USERNAME ]; then
SELECTED_USERNAME=$(grep 'MY_USERNAME' temp.cfg | awk -F '=' '{print $2}')
fi
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone Configuration" \
--title $"Username" \
--inputbox $"Set your username for the system\n\nYour username should not contain any spaces" 12 60 "$SELECTED_USERNAME" 2> $data
--inputbox $"Set your username for the system\\n\\nYour username should not contain any spaces" 12 60 "$SELECTED_USERNAME" 2> "$data"
sel=$?
case $sel in
0) possible_username=$(cat $data)
0) possible_username=$(cat "$data")
SELECTED_USERNAME=
if [[ $possible_username != *' '* && $possible_username != *'/'* && $possible_username != *'\'* && $possible_username != *'*'* ]]; then
if [ $possible_username ]; then
if [[ "$possible_username" != *' '* && "$possible_username" != *'/'* && "$possible_username" != *'*'* ]]; then
if [ "$possible_username" ]; then
if [ ${#possible_username} -gt 1 ]; then
if [[ $possible_username != $GENERIC_IMAGE_USERNAME ]]; then
MY_USERNAME=$(cat $data)
if [[ "$possible_username" != "$GENERIC_IMAGE_USERNAME" ]]; then
MY_USERNAME=$(cat "$data")
please_wait
echo ''
echo $'Creating user account'
chmod 600 /etc/shadow
chmod 600 /etc/gshadow
useradd -m -s /bin/bash $MY_USERNAME
useradd -m -s /bin/bash "$MY_USERNAME"
chmod 0000 /etc/shadow
chmod 0000 /etc/gshadow
if [ -d /home/$MY_USERNAME ]; then
echo "${MY_USERNAME}:$(printf `cat $IMAGE_PASSWORD_FILE`)" | chpasswd
if [ -d "/home/$MY_USERNAME" ]; then
echo "${MY_USERNAME}:$(printf "%s" "$(cat "$IMAGE_PASSWORD_FILE")")" | chpasswd
# Add the user as a sudoer - they will be the new admin user
if ! grep -q "$MY_USERNAME ALL=(ALL) ALL" /etc/sudoers; then
echo "$MY_USERNAME ALL=(ALL) ALL" >> /etc/sudoers
# remove the generic image admin user from sudoers
sed -i "s|${GENERIC_IMAGE_USERNAME}.*||g" /etc/sudoers
fi
rm -f "$data"
break
fi
fi
@ -696,13 +718,16 @@ function choose_username {
fi
fi
;;
1) exit 1;;
255) exit 1;;
1) rm -f "$data"
exit 1;;
255) rm -f "$data"
exit 1;;
esac
rm -f "$data"
done
else
no_of_users=$(find /home/* -maxdepth 0 -type d | wc -l)
if [ $no_of_users -eq 1 ]; then
if [ "$no_of_users" -eq 1 ]; then
# only a single user on the system
MY_USERNAME=$(ls /home)
else
@ -741,13 +766,12 @@ function choose_full_name {
valid_name=
while [ ! $valid_name ]
do
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone Configuration" \
--inputbox $"Your full name (or nick)" 10 50 "$(grep 'MY_NAME' temp.cfg | awk -F '=' '{print $2}')" 2> $data
--inputbox $"Your full name (or nick)" 10 50 "$(grep 'MY_NAME' temp.cfg | awk -F '=' '{print $2}')" 2> "$data"
sel=$?
case $sel in
0) possible_name=$(cat $data)
0) possible_name=$(cat "$data")
if [ "$possible_name" ]; then
if [ ${#possible_name} -gt 1 ]; then
valid_name="$possible_name"
@ -756,9 +780,12 @@ function choose_full_name {
fi
fi
;;
1) exit 1;;
255) exit 1;;
1) rm -f "$data"
exit 1;;
255) rm -f "$data"
exit 1;;
esac
rm -f "$data"
done
save_configuration_values
please_wait
@ -778,16 +805,17 @@ function choose_system_variant {
varstate='on'
fi
varslist="$varslist $n $a $varstate"
n=$[n+1]
n=$((n+1))
done
variant_choice=$(dialog --stdout --backtitle $"Freedombone Configuration" \
--title $"Type of Installation" \
--radiolist $'Choose:' \
27 40 20 $varslist)
27 40 20 "$varslist")
# shellcheck disable=SC2181
if [ $? -eq 0 ]; then
variant_choice=$[variant_choice-1]
variant_choice=$((variant_choice-1))
SYSTEM_TYPE=${available_variants_list[$variant_choice]}
save_configuration_values
fi
@ -796,7 +824,7 @@ function choose_system_variant {
function validate_freedns_code {
freedns_code="$1"
FREEDNS_MESSAGE=$"Please enter the FreeDNS code for this domain.\n\nThe code can be found by going to https://freedns.afraid.org, selecting 'Dynamic DNS' and then opening 'Wget example'. The code will consist of letters and numbers and be between the ? and = characters."
FREEDNS_MESSAGE=$"Please enter the FreeDNS code for this domain.\\n\\nThe code can be found by going to https://freedns.afraid.org, selecting 'Dynamic DNS' and then opening 'Wget example'. The code will consist of letters and numbers and be between the ? and = characters."
if [[ "$freedns_code" == *"."* || "$freedns_code" == "http"* || "$freedns_code" == *"wget "* || "$freedns_code" == *" "* ]]; then
dialog --title $"Invalid FreeDNS Code" --msgbox "$FREEDNS_MESSAGE" 10 70
@ -855,8 +883,7 @@ do
done
function interactive_select_language {
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone Configuration" \
--radiolist $"Select your language:" 26 40 24 \
1 $"Afrikaans" off \
@ -926,13 +953,15 @@ function interactive_select_language {
65 $"Thai" off \
66 $"Turkish" off \
67 $"Ukrainian" off \
68 $"Vietnamese" off 2> $data
68 $"Vietnamese" off 2> "$data"
sel=$?
case $sel in
1) exit 1;;
255) exit 1;;
1) rm -f "$data"
exit 1;;
255) rm -f "$data"
exit 1;;
esac
case $(cat $data) in
case $(cat "$data") in
1) DEFAULT_LANGUAGE='af_ZA.UTF-8';;
2) DEFAULT_LANGUAGE='sq_AL.UTF-8';;
3) DEFAULT_LANGUAGE='ar_SA.UTF-8';;
@ -1002,6 +1031,7 @@ function interactive_select_language {
67) DEFAULT_LANGUAGE='uk_UA.UTF-8';;
68) DEFAULT_LANGUAGE='vi_VN.UTF-8';;
esac
rm -f "$data"
save_configuration_values
please_wait
@ -1021,22 +1051,26 @@ function interactive_select_language {
function select_user {
SELECTED_USERNAME=
users_array=($(ls /home))
homedirs=$(ls /home)
# shellcheck disable=SC2206
users_array=($homedirs)
delete=(git)
for del in ${delete[@]}
for del in "${delete[@]}"
do
# shellcheck disable=SC2206
users_array=(${users_array[@]/$del})
done
i=0
W=()
name=()
# shellcheck disable=SC2068
for u in ${users_array[@]}
do
if [[ $(is_valid_user "$u") == "1" ]]; then
i=$((i+1))
W+=($i "$u")
W+=("$i" "$u")
name+=("$u")
fi
done
@ -1046,6 +1080,7 @@ function select_user {
else
user_index=$(dialog --backtitle $"Freedombone Configuration" --title $"Select User" --menu $"Select one of the following:" 24 40 17 "${W[@]}" 3>&2 2>&1 1>&3)
# shellcheck disable=SC2181
if [ $? -eq 0 ]; then
SELECTED_USERNAME="${name[$((user_index-1))]}"
fi
@ -1055,19 +1090,19 @@ function select_user {
function interactive_config {
# create a temporary copy of the configuration file
# which can be used to pre-populate selections
if [ -f $CONFIGURATION_FILE ]; then
cp $CONFIGURATION_FILE temp.cfg
if [ -f "$CONFIGURATION_FILE" ]; then
cp "$CONFIGURATION_FILE" temp.cfg
fi
interactive_select_language
if [ $SOCIALINSTANCE ]; then
INITIAL_MESSAGE=$"Welcome to your Freedombone $SOCIALINSTANCE instance.\n\nEnsure that you have your domain and dynamic DNS settings ready.\n\nFor more information please visit ${FREEDOMBONE_WEBSITE}/socialinstance.html."
if [ "$SOCIALINSTANCE" ]; then
INITIAL_MESSAGE=$"Welcome to your Freedombone $SOCIALINSTANCE instance.\\n\\nEnsure that you have your domain and dynamic DNS settings ready.\\n\\nFor more information please visit ${FREEDOMBONE_WEBSITE}/socialinstance.html."
else
if [[ $ONION_ONLY == "no" ]]; then
INITIAL_MESSAGE=$"Welcome to the Freedombone interactive installer. Communications freedom is only a short time away.\n\nEnsure that you have your domain and dynamic DNS settings ready.\n\nFor more information please visit $FREEDOMBONE_WEBSITE."
if [[ "$ONION_ONLY" == "no" ]]; then
INITIAL_MESSAGE=$"Welcome to the Freedombone interactive installer. Communications freedom is only a short time away.\\n\\nEnsure that you have your domain and dynamic DNS settings ready.\\n\\nFor more information please visit $FREEDOMBONE_WEBSITE."
else
INITIAL_MESSAGE=$"Welcome to the Freedombone interactive installer. Communications freedom is only a short time away.\n\nWeb sites created will only be viewable within a Tor browser.\n\nFor more information please visit $FREEDOMBONE_WEBSITE."
INITIAL_MESSAGE=$"Welcome to the Freedombone interactive installer. Communications freedom is only a short time away.\\n\\nWeb sites created will only be viewable within a Tor browser.\\n\\nFor more information please visit $FREEDOMBONE_WEBSITE."
fi
fi
@ -1079,7 +1114,7 @@ function interactive_config {
choose_social_key_management
choose_rng
choose_debian_repo
${PROJECT_NAME}-wifi --networksinteractive $WIFI_NETWORKS_FILE
"${PROJECT_NAME}-wifi" --networksinteractive "$WIFI_NETWORKS_FILE"
choose_dynamic_dns
choose_default_domain_name
choose_email_address
@ -1109,7 +1144,7 @@ function interactive_config {
fi
# This file indicates that the configuration happened successfully
touch $HOME/.${PROJECT_NAME}-interactive
touch "$HOME/.${PROJECT_NAME}-interactive"
}
function show_result {
@ -1120,11 +1155,11 @@ function show_result {
echo ''
echo $'Contents:'
echo ''
cat $CONFIGURATION_FILE
cat "$CONFIGURATION_FILE"
echo ''
}
if [ ! $CONFIGURATION_FILE ]; then
if [ ! "$CONFIGURATION_FILE" ]; then
CONFIGURATION_FILE=$HOME/${PROJECT_NAME}.cfg
fi

845
src/freedombone-controlpanel
View File

File diff suppressed because it is too large Load Diff

427
src/freedombone-controlpanel-user
View File

@ -34,17 +34,17 @@ export TEXTDOMAIN=${PROJECT_NAME}-controlpanel-user
export TEXTDOMAINDIR="/usr/share/locale"
MY_EMAIL_ADDRESS=$USER@$HOSTNAME
GPG_ID=$(gpg --list-keys $MY_EMAIL_ADDRESS | sed -n '2p' | sed 's/^[ \t]*//')
GPG_ID=$(gpg --list-keys "$MY_EMAIL_ADDRESS" | sed -n '2p' | sed 's/^[ \t]*//')
GPG_BACKUP_ID=$(gpg --list-keys "(backup key)" | sed -n '2p' | sed 's/^[ \t]*//')
# If the default key is specified within gpg.conf
if [ -f ~/.gnupg/gpg.conf ]; then
if grep -q "default-key" ~/.gnupg/gpg.conf; then
default_gpg_key=$(cat ~/.gnupg/gpg.conf | grep "default-key")
default_gpg_key=$(grep "default-key" ~/.gnupg/gpg.conf)
if [[ "$default_gpg_key" != *'#'* ]]; then
default_gpg_key=$(cat ~/.gnupg/gpg.conf | grep "default-key" | awk -F ' ' '{print $2}')
default_gpg_key=$(grep "default-key" ~/.gnupg/gpg.conf | awk -F ' ' '{print $2}')
if [ ${#default_gpg_key} -gt 3 ]; then
GPG_ID=$(gpg --list-keys $default_gpg_key | sed -n '2p' | sed 's/^[ \t]*//')
GPG_ID=$(gpg --list-keys "$default_gpg_key" | sed -n '2p' | sed 's/^[ \t]*//')
fi
fi
fi
@ -52,27 +52,29 @@ fi
# Start including files
UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*
UTILS_FILES="/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*"
for f in $UTILS_FILES
do
source $f
source "$f"
done
APP_FILES=/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*
APP_FILES="/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*"
for f in $APP_FILES
do
source $f
source "$f"
done
# End including files
function any_key {
echo ' '
# shellcheck disable=SC2034
read -n1 -r -p $"Press any key to continue..." key
}
function remove_user_from_mailing_list {
USER_MAILING_LISTS=$(cat "/home/$USER/.procmailrc" | grep '\[' | grep '\]' | awk -F '\[' '{print $2}' | awk -F '\\' '{print $1}')
# shellcheck disable=SC1003
USER_MAILING_LISTS=$(grep '\[' "/home/$USER/.procmailrc" | grep '\]' | awk -F '\[' '{print $2}' | awk -F '\\' '{print $1}')
i=0
W=()
@ -80,19 +82,20 @@ function remove_user_from_mailing_list {
while read -r listname; do
i=$((i+1))
if [[ "$listname" != *']'* && "$listname" != *'['* ]]; then
W+=($i "$listname")
W+=("$i" "$listname")
list_name+=("$listname")
echo $listname
echo "$listname"
fi
done <<< "$USER_MAILING_LISTS"
i=$((i+1))
W+=($i $"Exit back to filtering rules menu")
W+=("$i" $"Exit back to filtering rules menu")
list_selected=$(dialog --default-item "$i" --backtitle $"Freedombone User Control Panel" --title $"Remove yourself from a mailing list" --menu $"Select one of the following:" 24 50 17 "${W[@]}" 3>&2 2>&1 1>&3)
# shellcheck disable=SC2181
if [ $? -eq 0 ]; then # Exit with OK
if [ ${list_selected} -ne ${i} ]; then
if [ "${list_selected}" -ne "${i}" ]; then
remove_list_name="${list_name[$((list_selected-1))]}"
# find the line number where the list is defined
@ -100,7 +103,7 @@ function remove_user_from_mailing_list {
i=0
while read -r line
do
if [[ "$line" == *"\[${remove_list_name}\\]"* ]]; then
if [[ "$line" == *"\\[${remove_list_name}\\]"* ]]; then
line_number=${i}
fi
i=$((i+1))
@ -112,8 +115,8 @@ function remove_user_from_mailing_list {
fi
# recreate the file
if [ -f /home/${USER}/.procmailrc_new ]; then
rm /home/${USER}/.procmailrc_new
if [ -f "/home/${USER}/.procmailrc_new" ]; then
rm "/home/${USER}/.procmailrc_new"
fi
i=0
clip=0
@ -141,15 +144,15 @@ function remove_user_from_mailing_list {
fi
fi
echo "$line" >> /home/${USER}/.procmailrc_new
echo "$line" >> "/home/${USER}/.procmailrc_new"
if [[ "$line" == *"\[${remove_list_name}\\]"* ]]; then
if [[ "$line" == *"\\[${remove_list_name}\\]"* ]]; then
line_number=${i}
fi
done < "/home/$USER/.procmailrc"
cp /home/${USER}/.procmailrc_new /home/${USER}/.procmailrc
rm /home/${USER}/.procmailrc_new
chown ${USER}:${USER} /home/${USER}/.procmailrc
cp "/home/${USER}/.procmailrc_new" "/home/${USER}/.procmailrc"
rm "/home/${USER}/.procmailrc_new"
chown "${USER}":"${USER}" "/home/${USER}/.procmailrc"
dialog --title $"Remove yourself from mailing list" \
--msgbox $"You have been removed from ${remove_list_name}" 6 50
fi
@ -157,27 +160,26 @@ function remove_user_from_mailing_list {
}
function add_to_mailing_list {
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone User Control Panel" \
--title $"Subscribe to a mailing list" \
--form $"You can either enter a subject or an email address\n" 11 68 4 \
--form $"You can either enter a subject or an email address\\n" 11 68 4 \
$"List folder name:" 1 1 "" 1 35 26 25 \
$"Name between [] on subject line:" 2 1 "" 2 35 26 25 \
$"List email address:" 3 1 "" 3 35 26 25 \
$"Public:" 4 1 $"yes" 4 35 4 25 \
2> $data
2> "$data"
sel=$?
case $sel in
1) rm $data
1) rm -f "$data"
return;;
255) rm $data
255) rm -f "$data"
return;;
esac
LIST_NAME=$(cat $data | sed -n 1p)
LIST_SUBJECT=$(cat $data | sed -n 2p)
LIST_EMAIL=$(cat $data | sed -n 3p)
LIST_PUBLIC=$(cat $data | sed -n 4p)
LIST_NAME=$(sed -n 1p < "$data")
LIST_SUBJECT=$(sed -n 2p < "$data")
LIST_EMAIL=$(sed -n 3p < "$data")
LIST_PUBLIC=$(sed -n 4p < "$data")
if [ ${#LIST_PUBLIC} -lt 1 ]; then
LIST_PUBLIC='no'
@ -190,57 +192,56 @@ function add_to_mailing_list {
if [ ${#LIST_NAME} -lt 2 ]; then
dialog --title $"Add mailing list" \
--msgbox $"No mailing list name was given" 6 40
rm $data
rm -f "$data"
return
fi
if [ ${#LIST_SUBJECT} -lt 2 ]; then
if [ ${#LIST_EMAIL} -lt 2 ]; then
dialog --title $"Add mailing list" \
--msgbox $"No mailing list subject or address was given" 6 40
rm $data
rm -f "$data"
return
fi
fi
if [ ${#LIST_SUBJECT} -gt 1 ]; then
${PROJECT_NAME}-addlist -u $USER -l "$LIST_NAME" \
-s "$LIST_SUBJECT" --public $LIST_PUBLIC
"${PROJECT_NAME}-addlist" -u "$USER" -l "$LIST_NAME" \
-s "$LIST_SUBJECT" --public "$LIST_PUBLIC"
else
if [[ "$LIST_EMAIL" != *"@"* || "$LIST_EMAIL" != *"."* ]]; then
dialog --title $"Add mailing list" \
--msgbox $"Unrecognised email address" 6 40
rm $data
rm -f "$data"
return
else
${PROJECT_NAME}-addlist -u $USER -l "$LIST_NAME" \
-e "$LIST_EMAIL" --public $LIST_PUBLIC
"${PROJECT_NAME}-addlist" -u "$USER" -l "$LIST_NAME" \
-e "$LIST_EMAIL" --public "$LIST_PUBLIC"
fi
fi
dialog --title $"Add mailing list" \
--msgbox $"$LIST_NAME list was added" 6 40
rm $data
rm -f "$data"
}
function email_rule_address {
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone User Control Panel" \
--title $"Create an email rule" \
--form "\n" 9 65 4 \
--form "\\n" 9 65 4 \
$"When email arrives from address:" 1 1 "" 1 35 24 28 \
$"Move to folder:" 2 1 "" 2 35 24 28 \
$"Public:" 3 1 $"no" 3 35 4 25 \
2> $data
2> "$data"
sel=$?
case $sel in
1) rm $data
1) rm -f "$data"
return;;
255) rm $data
255) rm -f "$data"
return;;
esac
RULE_EMAIL=$(cat $data | sed -n 1p)
RULE_FOLDER=$(cat $data | sed -n 2p)
RULE_PUBLIC=$(cat $data | sed -n 3p)
RULE_EMAIL=$(sed -n 1p < "$data")
RULE_FOLDER=$(sed -n 2p < "$data")
RULE_PUBLIC=$(sed -n 3p < "$data")
if [ ${#RULE_PUBLIC} -lt 1 ]; then
RULE_PUBLIC='no'
@ -253,27 +254,27 @@ function email_rule_address {
if [ ${#RULE_EMAIL} -lt 2 ]; then
dialog --title $"Create an email rule" \
--msgbox $"No email address was given" 6 40
rm $data
rm -f "$data"
return
fi
if [ ${#RULE_FOLDER} -lt 2 ]; then
dialog --title $"Create an email rule" \
--msgbox $"No folder name was given" 6 40
rm $data
rm -f "$data"
return
fi
if [[ "$RULE_EMAIL" != *"@"* || "$RULE_EMAIL" != *"."* ]]; then
dialog --title $"Create an email rule" \
--msgbox $"Unrecognised email address" 6 40
rm $data
rm -f "$data"
return
fi
${PROJECT_NAME}-addemail -u $USER -e "$RULE_EMAIL" \
"${PROJECT_NAME}-addemail" -u "$USER" -e "$RULE_EMAIL" \
-g "$RULE_FOLDER" --public $RULE_PUBLIC
dialog --title $"Create an email rule" \
--msgbox $"Email rule for $RULE_EMAIL was added" 6 40
rm $data
rm -f "$data"
}
function gpg_set_trust {
@ -281,8 +282,7 @@ function gpg_set_trust {
fpr=$(gpg --with-colons --fingerprint "$TRUST_ADDRESS" | grep fpr | head -n 1 | awk -F ':' '{print $10}')
if [ ${#fpr} -gt 2 ]; then
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone User Control Panel" \
--title $"Trust a PGP/GPG key or website domain" \
--radiolist $"Set the trust level for $TRUST_ADDRESS:" 18 70 10 \
@ -290,19 +290,18 @@ function gpg_set_trust {
2 $"I do NOT trust" off \
3 $"I trust marginally" on \
4 $"I trust fully" off \
5 $"I trust ultimately" off 2> $data
5 $"I trust ultimately" off 2> "$data"
sel=$?
case $sel in
1) rm $data
1) rm -f "$data"
return;;
255) rm $data
255) rm -f "$data"
return;;
esac
TRUST_LEVEL=$(cat $data)
if [ ${TRUST_LEVEL} -ge 1 ] ; then
if [ ${TRUST_LEVEL} -le 5 ] ; then
echo -e "trust\n${TRUST_LEVEL}\ny\nsave\n" | gpg --command-fd 0 --edit-key $fpr
if [ "$?" = "0" ]; then
TRUST_LEVEL=$(cat "$data")
if [ "${TRUST_LEVEL}" -ge 1 ] ; then
if [ "${TRUST_LEVEL}" -le 5 ] ; then
if echo -e "trust\\n${TRUST_LEVEL}\\ny\\nsave\\n" | gpg --command-fd 0 --edit-key "$fpr"; then
gpg --update-trustdb
dialog --title $"Trust a PGP/GPG key or website domain" \
--backtitle $"Freedombone User Control Panel" \
@ -310,30 +309,29 @@ function gpg_set_trust {
fi
fi
fi
rm $data
rm -f "$data"
fi
}
function email_rule_subject {
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone User Control Panel" \
--title $"Create an email rule" \
--form "\n" 9 75 4 \
--form "\\n" 9 75 4 \
$"When email arrives with subject containing:" 1 1 "" 1 45 24 28 \
$"Move to folder:" 2 1 "" 2 45 24 28 \
$"Public:" 3 1 $"no" 3 45 4 25 \
2> $data
2> "$data"
sel=$?
case $sel in
1) rm $data
1) rm -f "$data"
return;;
255) rm $data
255) rm -f "$data"
return;;
esac
RULE_SUBJECT=$(cat $data | sed -n 1p)
RULE_FOLDER=$(cat $data | sed -n 2p)
RULE_PUBLIC=$(cat $data | sed -n 3p)
RULE_SUBJECT=$(sed -n 1p < "$data")
RULE_FOLDER=$(sed -n 2p < "$data")
RULE_PUBLIC=$(sed -n 3p < "$data")
if [ ${#RULE_PUBLIC} -lt 1 ]; then
RULE_PUBLIC='no'
@ -346,42 +344,41 @@ function email_rule_subject {
if [ ${#RULE_SUBJECT} -lt 2 ]; then
dialog --title $"Create an email rule" \
--msgbox $"No subject text was given" 6 40
rm $data
rm -f "$data"
return
fi
if [ ${#RULE_FOLDER} -lt 2 ]; then
dialog --title $"Create an email rule" \
--msgbox $"No folder name was given" 6 40
rm $data
rm -f "$data"
return
fi
${PROJECT_NAME}-addemail -u $USER -s "$RULE_SUBJECT" \
-g "$RULE_FOLDER" --public $RULE_PUBLIC
"${PROJECT_NAME}-addemail" -u "$USER" -s "$RULE_SUBJECT" \
-g "$RULE_FOLDER" --public "$RULE_PUBLIC"
dialog --title $"Create an email rule" \
--msgbox $"Email rule for subject '$RULE_SUBJECT' was added" 6 40
rm $data
rm -f "$data"
}
function block_unblock_email {
blockstr=$"Block or unblock emails from a given address"
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone User Control Panel" \
--title "$blockstr" \
--form "\n" 8 65 3 \
--form "\\n" 8 65 3 \
$"When email arrives from address:" 1 1 "" 1 35 24 100 \
$"Block it:" 2 1 "yes" 2 35 4 4 \
2> $data
2> "$data"
sel=$?
case $sel in
1) rm $data
1) rm -f "$data"
return;;
255) rm $data
255) rm -f "$data"
return;;
esac
BLOCK_EMAIL=$(cat $data | sed -n 1p)
BLOCK=$(cat $data | sed -n 2p)
BLOCK_EMAIL=$(sed -n 1p < "$data")
BLOCK=$(sed -n 2p < "$data")
if [ ${#BLOCK_EMAIL} -lt 2 ]; then
dialog --title "$blockstr" \
--msgbox $"No email address was given" 6 40
@ -390,64 +387,63 @@ function block_unblock_email {
if [[ "$BLOCK_EMAIL" != *"@"* || "$BLOCK_EMAIL" != *"."* ]]; then
dialog --title "$blockstr" \
--msgbox $"Unrecognised email address" 6 40
rm $data
rm -f "$data"
return
fi
if [[ $BLOCK == "y"* || $BLOCK == "Y"* ]]; then
${PROJECT_NAME}-ignore -u $USER -e "$BLOCK_EMAIL"
"${PROJECT_NAME}-ignore" -u "$USER" -e "$BLOCK_EMAIL"
dialog --title $"Block an email" \
--msgbox "Email from $BLOCK_EMAIL is now blocked" 6 75
else
${PROJECT_NAME}-unignore -u $USER -e "$BLOCK_EMAIL"
"${PROJECT_NAME}-unignore" -u "$USER" -e "$BLOCK_EMAIL"
dialog --title $"Unblock an email" \
--msgbox "Email from $BLOCK_EMAIL is now unblocked" 6 75
fi
rm $data
rm -f "$data"
}
function block_unblock_subject {
blockstr=$"Block or unblock emails with text in the subject line"
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone User Control Panel" \
--title "$blockstr" \
--form "\n" 8 70 3 \
--form "\\n" 8 70 3 \
$"When email arrives with subject text:" 1 1 "" 1 40 24 28 \
$"Block it:" 2 1 "yes" 2 40 4 4 \
2> $data
2> "$data"
sel=$?
case $sel in
1) rm $data
1) rm -f "$data"
return;;
255) rm $data
255) rm -f "$data"
return;;
esac
BLOCK_SUBJECT=$(cat $data | sed -n 1p)
BLOCK=$(cat $data | sed -n 2p)
BLOCK_SUBJECT=$(sed -n 1p < "$data")
BLOCK=$(sed -n 2p < "$data")
if [ ${#BLOCK_SUBJECT} -lt 2 ]; then
dialog --title "$blockstr" \
--msgbox $"No subject was given" 6 40
rm $data
rm -f "$data"
return
fi
if [[ $BLOCK == "y"* || $BLOCK == "Y"* ]]; then
${PROJECT_NAME}-ignore -u $USER -t "$BLOCK_SUBJECT"
"${PROJECT_NAME}-ignore" -u "$USER" -t "$BLOCK_SUBJECT"
dialog --title $"Block an email" \
--msgbox $"Email with subject $BLOCK_SUBJECT is now blocked" 6 40
else
${PROJECT_NAME}-unignore -u $USER -t "$BLOCK_SUBJECT"
"${PROJECT_NAME}-unignore" -u "$USER" -t "$BLOCK_SUBJECT"
dialog --title $"Unblock an email" \
--msgbox $"Email with subject $BLOCK_SUBJECT is now unblocked" 6 40
fi
rm $data
rm -f "$data"
}
function show_gpg_key {
GPG_FINGERPRINT=$(gpg --fingerprint $GPG_ID | sed -n '2p' | sed 's/^[ \t]*//')
GPG_DATE=$(gpg --fingerprint $GPG_ID | grep -i "pub" | head -n 1 | awk -F ' ' '{print $3}')
GPG_FINGERPRINT=$(gpg --fingerprint "$GPG_ID" | sed -n '2p' | sed 's/^[ \t]*//')
GPG_DATE=$(gpg --fingerprint "$GPG_ID" | grep -i "pub" | head -n 1 | awk -F ' ' '{print $3}')
dialog --title $"My PGP/GPG Key" \
--backtitle $"Freedombone User Control Panel" \
--msgbox $"Email Address: $MY_EMAIL_ADDRESS\n\nKey ID: $GPG_ID\n\nFingerprint: $GPG_FINGERPRINT\n\nCreated: $GPG_DATE" 12 70
--msgbox $"Email Address: $MY_EMAIL_ADDRESS\\n\\nKey ID: $GPG_ID\\n\\nFingerprint: $GPG_FINGERPRINT\\n\\nCreated: $GPG_DATE" 12 70
}
function show_full_gpg_key {
@ -455,18 +451,18 @@ function show_full_gpg_key {
echo ''
echo ''
echo ''
gpg --armor --export $GPG_ID
gpg --armor --export "$GPG_ID"
echo ''
echo ''
echo ''
gpg --armor --export-secret-key $GPG_ID
gpg --armor --export-secret-key "$GPG_ID"
any_key
}
function publish_gpg_key {
gpg --send-key $GPG_ID
if [ $GPG_BACKUP_ID ]; then
gpg --send-key $GPG_BACKUP_ID
gpg --send-key "$GPG_ID"
if [ "$GPG_BACKUP_ID" ]; then
gpg --send-key "$GPG_BACKUP_ID"
fi
dialog --title $"Publish your PGP/GPG key" \
--msgbox $"Your key has now been published" 6 40
@ -479,15 +475,14 @@ function refresh_gpg_keys {
}
function add_gpg_key {
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --title $"Enter email address, Key ID or full key below" \
--backtitle $"Freedombone User Control Panel" \
--editbox $data 8 60 2>$data
--editbox "$data" 8 60
sel=$?
case $sel in
0)
ADD_EMAIL_ADDRESS=$(<$data)
ADD_EMAIL_ADDRESS=$(<"$data")
if [ ${#ADD_EMAIL_ADDRESS} -gt 2 ]; then
address_is_valid=
@ -522,24 +517,23 @@ function add_gpg_key {
fi
;;
esac
rm $data
rm "$data"
}
function remove_gpg_key {
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --title $"Remove someone's PGP/GPG key" \
--backtitle $"Freedombone User Control Panel" \
--inputbox $"Enter their email address or key ID below" 8 60 2>$data
--inputbox $"Enter their email address or key ID below" 8 60 2>"$data"
sel=$?
case $sel in
0)
REMOVE_EMAIL_ADDRESS=$(<$data)
REMOVE_EMAIL_ADDRESS=$(<"$data")
if [ ${#REMOVE_EMAIL_ADDRESS} -gt 2 ]; then
if [[ $REMOVE_EMAIL_ADDRESS == *"@"* && $REMOVE_EMAIL_ADDRESS == *"."* ]]; then
if [[ $REMOVE_EMAIL_ADDRESS != $MY_EMAIL_ADDRESS ]]; then
if [[ "$REMOVE_EMAIL_ADDRESS" != "$MY_EMAIL_ADDRESS" ]]; then
clear
gpg --delete-key $REMOVE_EMAIL_ADDRESS
gpg --delete-key "$REMOVE_EMAIL_ADDRESS"
else
dialog --title $"Remove someone's PGP/GPG key" \
--backtitle $"Freedombone User Control Panel" \
@ -548,7 +542,7 @@ function remove_gpg_key {
else
if [[ $REMOVE_EMAIL_ADDRESS == "0x"* ]]; then
clear
gpg --delete-key $REMOVE_EMAIL_ADDRESS
gpg --delete-key "$REMOVE_EMAIL_ADDRESS"
else
dialog --title $"Unrecognised email address" \
--backtitle $"Freedombone User Control Panel" \
@ -558,29 +552,28 @@ function remove_gpg_key {
fi
;;
esac
rm $data
rm -f "$data"
}
function add_ssh_key {
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --title $"Add an ssh key for logging in" \
--backtitle $"Freedombone User Control Panel" \
--inputbox $"This will allow you to log into ${PROJECT_NAME} if you have an ssh key on your system, and provides much stronger security than simply using a login password.\n\nWARNING: If you make any mistakes here then you may not be able to log in and will need to get the administrator to clear your ssh authorized_keys file." 15 60 2>$data
--inputbox $"This will allow you to log into ${PROJECT_NAME} if you have an ssh key on your system, and provides much stronger security than simply using a login password.\\n\\nWARNING: If you make any mistakes here then you may not be able to log in and will need to get the administrator to clear your ssh authorized_keys file." 15 60 2>"$data"
sel=$?
case $sel in
0)
SSH_PUBLIC_KEY=$(<$data)
SSH_PUBLIC_KEY=$(<"$data")
if [ ${#SSH_PUBLIC_KEY} -gt 20 ]; then
if [[ "$SSH_PUBLIC_KEY" == "ssh-"* ]]; then
if [ ! -d /home/$USER/.ssh ]; then
mkdir /home/$USER/.ssh
if [ ! -d "/home/$USER/.ssh" ]; then
mkdir "/home/$USER/.ssh"
fi
if [ ! -f /home/$USER/.ssh/authorized_keys ]; then
touch /home/$USER/.ssh/authorized_keys
if [ ! -f "/home/$USER/.ssh/authorized_keys" ]; then
touch "/home/$USER/.ssh/authorized_keys"
fi
if ! grep -q "$SSH_PUBLIC_KEY" /home/$USER/.ssh/authorized_keys; then
echo "$SSH_PUBLIC_KEY" >> /home/$USER/.ssh/authorized_keys
if ! grep -q "$SSH_PUBLIC_KEY" "/home/$USER/.ssh/authorized_keys"; then
echo "$SSH_PUBLIC_KEY" >> "/home/$USER/.ssh/authorized_keys"
dialog --title $"New ssh key added" \
--backtitle $"Freedombone User Control Panel" \
--msgbox $"Your ssh key has now been added" 6 50
@ -597,22 +590,21 @@ function add_ssh_key {
fi
;;
esac
rm $data
rm -f "$data"
}
function remove_ssh_key {
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --title $"Remove an ssh key for logging in" \
--backtitle $"Freedombone User Control Panel" \
--inputbox $"Enter the ssh public key which is to be removed. This can be just the address at the end.\n\nWARNING: If you make any mistakes here then you may not be able to log in and will need to get the administrator to clear your ssh authorized_keys file." 15 60 2>$data
--inputbox $"Enter the ssh public key which is to be removed. This can be just the address at the end.\\n\\nWARNING: If you make any mistakes here then you may not be able to log in and will need to get the administrator to clear your ssh authorized_keys file." 15 60 2>"$data"
sel=$?
case $sel in
0)
SSH_PUBLIC_KEY=$(<$data)
SSH_PUBLIC_KEY=$(<"$data")
if [ ${#SSH_PUBLIC_KEY} -gt 5 ]; then
if [ -f /home/$USER/.ssh/authorized_keys ]; then
sed -i "s|.*${SSH_PUBLIC_KEY}.*||g" /home/$USER/.ssh/authorized_keys
if [ -f "/home/$USER/.ssh/authorized_keys" ]; then
sed -i "s|.*${SSH_PUBLIC_KEY}.*||g" "/home/$USER/.ssh/authorized_keys"
dialog --title $"Remove an ssh public key" \
--backtitle $"Freedombone User Control Panel" \
--msgbox $"The ssh key has been removed" 6 50
@ -620,12 +612,12 @@ function remove_ssh_key {
fi
;;
esac
rm $data
rm -f "$data"
}
function smtp_proxy {
MUTTRC_FILE=/home/$USER/.muttrc
if [ ! -f $MUTTRC_FILE ]; then
if [ ! -f "$MUTTRC_FILE" ]; then
return
fi
SMTP_PROXY_ENABLE=$'no'
@ -635,21 +627,20 @@ function smtp_proxy {
SMTP_PROXY_USERNAME=''
SMTP_PROXY_PASSWORD=''
if grep -q "set smtp_url" $MUTTRC_FILE; then
if grep -q "#set smtp_url" $MUTTRC_FILE; then
if grep -q "set smtp_url" "$MUTTRC_FILE"; then
if grep -q "#set smtp_url" "$MUTTRC_FILE"; then
SMTP_PROXY_ENABLE=$'no'
else
SMTP_PROXY_ENABLE=$'yes'
fi
SMTP_PROXY_PROTOCOL=$(cat $MUTTRC_FILE | grep "set smtp_url" | awk -F '"' '{print $2}' | awk -F ':' '{print $1}')
SMTP_PROXY_SERVER=$(cat $MUTTRC_FILE | grep "set smtp_url" | awk -F '"' '{print $2}' | awk -F '/' '{print $3}' | awk -F ':' '{print $2}' | awk -F '@' '{print $2}')
SMTP_PROXY_PORT=$(cat $MUTTRC_FILE | grep "set smtp_url" | awk -F ':' '{print $4}' | awk -F '/' '{print $1}')
SMTP_PROXY_USERNAME=$(cat $MUTTRC_FILE | grep "set smtp_url" | awk -F '"' '{print $2}' | awk -F '/' '{print $3}' | awk -F ':' '{print $1}')
SMTP_PROXY_PASSWORD=$(cat $MUTTRC_FILE | grep "set smtp_url" | awk -F '"' '{print $2}' | awk -F '/' '{print $3}' | awk -F ':' '{print $2}' | awk -F '@' '{print $1}')
SMTP_PROXY_PROTOCOL=$(grep "set smtp_url" "$MUTTRC_FILE" | awk -F '"' '{print $2}' | awk -F ':' '{print $1}')
SMTP_PROXY_SERVER=$(grep "set smtp_url" "$MUTTRC_FILE" | awk -F '"' '{print $2}' | awk -F '/' '{print $3}' | awk -F ':' '{print $2}' | awk -F '@' '{print $2}')
SMTP_PROXY_PORT=$(grep "set smtp_url" "$MUTTRC_FILE" | awk -F ':' '{print $4}' | awk -F '/' '{print $1}')
SMTP_PROXY_USERNAME=$(grep "set smtp_url" "$MUTTRC_FILE" | awk -F '"' '{print $2}' | awk -F '/' '{print $3}' | awk -F ':' '{print $1}')
SMTP_PROXY_PASSWORD=$(grep "set smtp_url" "$MUTTRC_FILE" | awk -F '"' '{print $2}' | awk -F '/' '{print $3}' | awk -F ':' '{print $2}' | awk -F '@' '{print $1}')
fi
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone Control Panel" \
--title $"SMTP Proxy for $USER" \
--form $"You may need to proxy outgoing email via your ISP's mail server. If so enter the details below." 14 75 6 \
@ -659,54 +650,52 @@ function smtp_proxy {
$"Port:" 4 1 "$SMTP_PROXY_PORT" 4 24 5 5 \
$"Username:" 5 1 "$SMTP_PROXY_USERNAME" 5 24 40 10000 \
$"Password:" 6 1 "$SMTP_PROXY_PASSWORD" 6 24 40 10000 \
2> $data
2> "$data"
sel=$?
case $sel in
1) rm $data
1) rm -f "$data"
return;;
255) rm $data
255) rm -f "$data"
return;;
esac
SMTP_PROXY_ENABLE=$(cat $data | sed -n 1p)
SMTP_PROXY_PROTOCOL=$(cat $data | sed -n 2p)
SMTP_PROXY_SERVER=$(cat $data | sed -n 3p)
SMTP_PROXY_PORT=$(cat $data | sed -n 4p)
SMTP_PROXY_USERNAME=$(cat $data | sed -n 5p)
SMTP_PROXY_PASSWORD=$(cat $data | sed -n 6p)
SMTP_PROXY_ENABLE=$(sed -n 1p < "$data")
SMTP_PROXY_PROTOCOL=$(sed -n 2p < "$data")
SMTP_PROXY_SERVER=$(sed -n 3p < "$data")
SMTP_PROXY_PORT=$(sed -n 4p < "$data")
SMTP_PROXY_USERNAME=$(sed -n 5p < "$data")
SMTP_PROXY_PASSWORD=$(sed -n 6p < "$data")
# change muttrc
if [ $SMTP_PROXY_ENABLE != $'no' ]; then
if ! grep -q "set smtp_url" $MUTTRC_FILE; then
echo "set smtp_url=\"${SMTP_PROXY_PROTOCOL}://${SMTP_PROXY_USERNAME}:${SMTP_PROXY_PASSWORD}@${SMTP_PROXY_SERVER}:${SMTP_PROXY_PORT}/\"" >> $MUTTRC_FILE
if [ "$SMTP_PROXY_ENABLE" != $'no' ]; then
if ! grep -q "set smtp_url" "$MUTTRC_FILE"; then
echo "set smtp_url=\"${SMTP_PROXY_PROTOCOL}://${SMTP_PROXY_USERNAME}:${SMTP_PROXY_PASSWORD}@${SMTP_PROXY_SERVER}:${SMTP_PROXY_PORT}/\"" >> "$MUTTRC_FILE"
else
sed -i "s|set smtp_url=.*|set smtp_url=\"${SMTP_PROXY_PROTOCOL}://${SMTP_PROXY_USERNAME}:${SMTP_PROXY_PASSWORD}@${SMTP_PROXY_SERVER}:${SMTP_PROXY_PORT}/\"|g" $MUTTRC_FILE
sed -i "s|set smtp_url=.*|set smtp_url=\"${SMTP_PROXY_PROTOCOL}://${SMTP_PROXY_USERNAME}:${SMTP_PROXY_PASSWORD}@${SMTP_PROXY_SERVER}:${SMTP_PROXY_PORT}/\"|g" "$MUTTRC_FILE"
fi
sed -i 's|#set smtp_url|set smtp_url|g' $MUTTRC_FILE
sed -i 's|#set smtp_url|set smtp_url|g' "$MUTTRC_FILE"
else
if grep -q "set smtp_url" $MUTTRC_FILE; then
sed -i 's|set smtp_url|#set smtp_url|g' $MUTTRC_FILE
if grep -q "set smtp_url" "$MUTTRC_FILE"; then
sed -i 's|set smtp_url|#set smtp_url|g' "$MUTTRC_FILE"
fi
fi
rm $data
rm -f "$data"
}
function sign_gpg_key {
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --title $"Sign a PGP/GPG key or website domain" \
--backtitle $"Freedombone User Control Panel" \
--inputbox $"Enter the Key ID, address or domain to be signed.\n\nIf you are signing a website domain then include the https:// at the beginning.\n\nIf you are signing an ssh key then include ssh:// before the domain name." 14 75 2>$data
--inputbox $"Enter the Key ID, address or domain to be signed.\\n\\nIf you are signing a website domain then include the https:// at the beginning.\\n\\nIf you are signing an ssh key then include ssh:// before the domain name." 14 75 2>"$data"
sel=$?
case $sel in
0)
SIGN_ADDRESS=$(<$data)
SIGN_ADDRESS=$(<"$data")
if [ ${#SIGN_ADDRESS} -gt 2 ]; then
clear
gpg --search "$SIGN_ADDRESS"
fpr=$(gpg --with-colons --fingerprint "$SIGN_ADDRESS" | grep fpr | head -n 1 | awk -F ':' '{print $10}')
if [ ${#fpr} -gt 2 ]; then
gpg --sign-key $fpr
if [ "$?" = "0" ]; then
if gpg --sign-key "$fpr"; then
gpg --update-trustdb
dialog --title $"Sign a PGP/GPG key" \
--backtitle $"Freedombone User Control Panel" \
@ -716,20 +705,19 @@ function sign_gpg_key {
fi
;;
esac
rm $data
rm -f "$data"
}
function gpg_key_trust {
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --title $"Trust a PGP/GPG key or website domain" \
--backtitle $"Freedombone User Control Panel" \
--inputbox $"Enter the Key ID, address or domain to be trusted.\n\nIf you are trusting a website domain then include the https:// at the beginning.\n\nIf you are trusting an ssh key then include ssh:// before the domain name." 14 75 2>$data
--inputbox $"Enter the Key ID, address or domain to be trusted.\\n\\nIf you are trusting a website domain then include the https:// at the beginning.\\n\\nIf you are trusting an ssh key then include ssh:// before the domain name." 14 75 2>"$data"
sel=$?
case $sel in
0)
TRUST_ADDRESS=$(<$data)
TRUST_ADDRESS=$(<"$data")
if [ ${#TRUST_ADDRESS} -gt 2 ]; then
clear
gpg --search "$TRUST_ADDRESS"
@ -737,14 +725,13 @@ function gpg_key_trust {
fi
;;
esac
rm $data
rm -f "$data"
}
function menu_encryption_keys {
while true
do
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone User Control Panel" \
--title $"My Encryption Keys" \
--radiolist $"Choose an operation:" 19 70 11 \
@ -758,15 +745,15 @@ function menu_encryption_keys {
8 $"Add an ssh key for logging in" off \
9 $"Remove an ssh key for logging in" off \
10 $"Set the trust level for a PGP/GPG key" off \
11 $"Back to main menu" on 2> $data
11 $"Back to main menu" on 2> "$data"
sel=$?
case $sel in
1) rm $data
1) rm -f "$data"
break;;
255) rm $data
255) rm -f "$data"
break;;
esac
case $(cat $data) in
case $(cat "$data") in
1) show_gpg_key;;
2) show_full_gpg_key;;
3) publish_gpg_key;;
@ -777,18 +764,17 @@ function menu_encryption_keys {
8) add_ssh_key;;
9) remove_ssh_key;;
10) gpg_key_trust;;
11) rm $data
11) rm -f "$data"
break;;
esac
rm $data
rm -f "$data"
done
}
function menu_email {
while true
do
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone User Control Panel" \
--title $"Change Email Filtering Rules" \
--radiolist $"Choose an operation:" 14 70 7 \
@ -798,25 +784,25 @@ function menu_email {
4 $"Add an email rule for a subject" off \
5 $"Block or unblock an email address" off \
6 $"Block or unblock email with subject text" off \
7 $"Back to main menu" on 2> $data
7 $"Back to main menu" on 2> "$data"
sel=$?
case $sel in
1) rm $data
1) rm -f "$data"
break;;
255) rm $data
255) rm -f "$data"
break;;
esac
case $(cat $data) in
case $(cat "$data") in
1) add_to_mailing_list;;
2) remove_user_from_mailing_list;;
3) email_rule_address;;
4) email_rule_subject;;
5) block_unblock_email;;
6) block_unblock_subject;;
7) rm $data
7) rm -f "$data"
break;;
esac
rm $data
rm -f "$data"
done
}
@ -829,17 +815,17 @@ function menu_admin {
}
function sign_keys {
if [ ! -f /home/$USER/.monkeysphere/server_keys ]; then
if [ ! -f "/home/$USER/.monkeysphere/server_keys" ]; then
return
fi
dialog --title $"Monkeysphere sign server keys" \
--backtitle $"Freedombone Security Configuration" \
--defaultno \
--yesno $"\nMonkeysphere has been enabled and you will need to sign and trust the server keys. Do you want to do that now?" 8 60
--yesno $"\\nMonkeysphere has been enabled and you will need to sign and trust the server keys. Do you want to do that now?" 8 60
sel=$?
case $sel in
0) ${PROJECT_NAME}-sec --sign yes;;
0) "${PROJECT_NAME}-sec" --sign yes;;
esac
}
@ -853,13 +839,13 @@ function menu_run_client_app {
for a in "${APPS_AVAILABLE[@]}"
do
if [[ ${APPS_INSTALLED[$app_index]} != "0" ]]; then
if [[ $(function_exists run_client_${a}) == "1" ]]; then
if [[ $(function_exists "run_client_${a}") == "1" ]]; then
applist="$applist $n $a off"
n=$[n+1]
n=$((n+1))
appnames+=("$a")
fi
fi
app_index=$[app_index+1]
app_index=$((app_index+1))
done
if [ $n -le 1 ]; then
return
@ -871,29 +857,30 @@ function menu_run_client_app {
choice=$(dialog --stdout --backtitle $"Freedombone" \
--title $"Run an App" \
--radiolist $'Choose:' \
16 40 20 $applist)
16 40 20 "$applist")
# shellcheck disable=SC2181
if [ $? -eq 0 ]; then
app_index=$[choice-1]
app_index=$((choice-1))
chosen_app=${appnames[$app_index]}
if [[ $chosen_app != "Exit" ]]; then
run_client_${chosen_app}
"run_client_${chosen_app}"
fi
fi
}
function show_your_email_address {
GPG_FINGERPRINT=$(gpg --fingerprint $GPG_ID | sed -n '2p' | sed 's/^[ \t]*//')
GPG_DATE=$(gpg --fingerprint $GPG_ID | grep -i "pub" | head -n 1 | awk -F ' ' '{print $3}')
GPG_FINGERPRINT=$(gpg --fingerprint "$GPG_ID" | sed -n '2p' | sed 's/^[ \t]*//')
GPG_DATE=$(gpg --fingerprint "$GPG_ID" | grep -i "pub" | head -n 1 | awk -F ' ' '{print $3}')
if [ ! -f ~/.mutt/bdsmail ]; then
dialog --title $"Show your Email Address" \
--backtitle $"Freedombone User Control Panel" \
--msgbox $"Email Address: $MY_EMAIL_ADDRESS\n\nKey ID: $GPG_ID\n\nFingerprint: $GPG_FINGERPRINT\n\nCreated: $GPG_DATE" 12 70
--msgbox $"Email Address: $MY_EMAIL_ADDRESS\\n\\nKey ID: $GPG_ID\\n\\nFingerprint: $GPG_FINGERPRINT\\n\\nCreated: $GPG_DATE" 12 70
else
bdsmail_address=$(cat ~/.mutt/bdsmail | grep 'set from=' | awk -F '=' '{print $2}')
bdsmail_address=$(grep 'set from=' ~/.mutt/bdsmail | awk -F '=' '{print $2}')
dialog --title $"Show your Email Address" \
--backtitle $"Freedombone User Control Panel" \
--msgbox $"\nYou can press SHIFT and then drag the mouse and right click to copy.\n\nEmail Address: $MY_EMAIL_ADDRESS\n\nKey ID: $GPG_ID\n\nFingerprint: $GPG_FINGERPRINT\n\nCreated: $GPG_DATE\n\nI2P Address: ${bdsmail_address}" 17 90
--msgbox $"\\nYou can press SHIFT and then drag the mouse and right click to copy.\\n\\nEmail Address: $MY_EMAIL_ADDRESS\\n\\nKey ID: $GPG_ID\\n\\nFingerprint: $GPG_FINGERPRINT\\n\\nCreated: $GPG_DATE\\n\\nI2P Address: ${bdsmail_address}" 17 90
clear
echo ''
echo $'Your bdsmail address as a QR code'
@ -909,8 +896,7 @@ function show_your_email_address {
function menu_top_level {
while true
do
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
dialog --backtitle $"Freedombone User Control Panel" \
--title $"User Control Panel" \
--radiolist $"Choose an operation:" 20 60 13 \
@ -923,15 +909,15 @@ function menu_top_level {
7 $"Set an outgoing email proxy" off \
8 $"Administrator controls" off \
9 $"Exit to the command line" off \
10 $"Log out" on 2> $data
10 $"Log out" on 2> "$data"
sel=$?
case $sel in
1) rm $data
1) rm -f "$data"
exit 1;;
255) rm $data
255) rm -f "$data"
exit 1;;
esac
case $(cat $data) in
case $(cat "$data") in
1) mutt;;
2) show_your_email_address;;
3) menu_email;;
@ -940,17 +926,18 @@ function menu_top_level {
6) menu_encryption_keys;;
7) smtp_proxy;;
8) menu_admin;;
9) rm $data
9) rm -f "$data"
break;;
10) kill -HUP `pgrep -s 0 -o`;;
10) kill -HUP "$(pgrep -s 0 -o)";;
esac
rm $data
rm -f "$data"
done
}
sign_keys
gpg_agent_enable $USER
gpg_agent_enable "$USER"
menu_top_level
clear
# shellcheck disable=SC1090
. ~/.bashrc
exit 0

27
src/freedombone-dhparam
View File

@ -141,38 +141,37 @@ function calc_dh {
if [[ $FAST == 'yes' ]]; then
DHGROUP=$(( ( RANDOM % 4 ) + 14 ))
if [[ ${DHGROUP} == 14 ]]; then
echo "$BETTERCRYPTO_GROUP14" > ${1}
echo "$BETTERCRYPTO_GROUP14" > "${1}"
else
if [[ ${DHGROUP} == 15 ]]; then
echo "$BETTERCRYPTO_GROUP15" > ${1}
echo "$BETTERCRYPTO_GROUP15" > "${1}"
else
if [[ ${DHGROUP} == 16 ]]; then
echo "$BETTERCRYPTO_GROUP16" > ${1}
echo "$BETTERCRYPTO_GROUP16" > "${1}"
else
if [[ ${DHGROUP} == 17 ]]; then
echo "$BETTERCRYPTO_GROUP17" > ${1}
echo "$BETTERCRYPTO_GROUP17" > "${1}"
else
echo "$BETTERCRYPTO_GROUP18" > ${1}
echo "$BETTERCRYPTO_GROUP18" > "${1}"
fi
fi
fi
fi
else
openssl dhparam -check -text $KEYLENGTH -out ${1}
if [ ! "$?" = "0" ]; then
if ! openssl dhparam -check -text $KEYLENGTH -out "${1}"; then
exit 3674
fi
fi
chmod 640 ${1}
chmod 640 "${1}"
}
function regenerate_dh_keys {
for file in /etc/ssl/mycerts/*
do
if [[ -f $file ]]; then
filename=/etc/ssl/certs/$(echo $file | awk -F '/etc/ssl/mycerts/' '{print $2}' | awk -F '.crt' '{print $1}').dhparam
if [ -f $filename ]; then
calc_dh $filename
filename=/etc/ssl/certs/$(echo "$file" | awk -F '/etc/ssl/mycerts/' '{print $2}' | awk -F '.crt' '{print $1}').dhparam
if [ -f "$filename" ]; then
calc_dh "$filename"
echo $"Recalculated DH params for $filename"
fi
fi
@ -202,7 +201,7 @@ do
-o|--output)
shift
FAST='yes'
calc_dh ${1}
calc_dh "${1}"
exit 0
;;
--fast)
@ -223,7 +222,7 @@ if [[ $RECALCULATE == "yes" || $RECALCULATE == "y" ]]; then
exit 0
fi
if [ ! $HOSTNAME ]; then
if [ ! "$HOSTNAME" ]; then
echo $'No hostname specified'
exit 5728
fi
@ -237,7 +236,7 @@ if [ ! -d /etc/ssl/mycerts ]; then
mkdir -p /etc/ssl/mycerts
fi
calc_dh /etc/ssl/certs/$HOSTNAME.dhparam
calc_dh "/etc/ssl/certs/$HOSTNAME.dhparam"
systemctl reload nginx
exit 0

16
src/freedombone-encrypt-mail
View File

@ -31,17 +31,17 @@
USERNAME=$1
PROJECT_NAME='freedombone'
COMPLETION_FILE=$HOME/${PROJECT_NAME}-completed.txt
COMPLETION_FILE="$HOME/${PROJECT_NAME}-completed.txt"
UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*
UTILS_FILES="/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*"
for f in $UTILS_FILES
do
source $f
source "$f"
done
ADMIN_USER=$(get_completion_param "Admin user")
if [ ! $USERNAME ]; then
if [ ! "$USERNAME" ]; then
USERNAME=$ADMIN_USER
fi
@ -49,23 +49,23 @@ MAIL_DIR=/home/$USERNAME/Maildir
EMAIL_ADDRESS=$USERNAME@$HOSTNAME
# Does this key exist?
gpg --list-keys "$EMAIL_ADDRESS" > /dev/null 2>&1
if [ $? -gt 0 ]; then
if ! gpg --list-keys "$EMAIL_ADDRESS" > /dev/null 2>&1; then
echo $"A GPG key for $EMAIL_ADDRESS could not be found!"
exit 0
fi
# Find all files in the Maildir specified.
echo $"Calling find"
find "$MAIL_DIR" -type f -regex '.*/\(cur\|new\)/.*' $4|while read line; do
find "$MAIL_DIR" -type f -regex '.*/\(cur\|new\)/.*' "$4"|while read -r line; do
gpgit.pl --encrypt-mode prefer-inline "$EMAIL_ADDRESS" "/tmp/msg_$USERNAME"
# Check to see if there are differences between the existing
# Maildir file and what was created by gpgit.pl
diff -qa "$line" "/tmp/msg_$USERNAME" > /dev/null 2>&1;
# shellcheck disable=SC2181
if [ $? -gt 0 ]; then
# Preserve timestamps, set ownership.
chown $USERNAME:$USERNAME "/tmp/msg_$USERNAME"
chown "$USERNAME":"$USERNAME" "/tmp/msg_$USERNAME"
chmod 600 "/tmp/msg_$USERNAME"
touch "/tmp/msg_$USERNAME" --reference="$line"

13
src/freedombone-format
View File

@ -33,7 +33,7 @@ PROJECT_NAME='freedombone'
export TEXTDOMAIN=${PROJECT_NAME}-format
export TEXTDOMAINDIR="/usr/share/locale"
if [ ! $1 ]; then
if [ ! "$1" ]; then
echo $'Specify a drive, such as sdb, sdc, etc'
exit 1
fi
@ -62,21 +62,18 @@ p
a
1
w
" | fdisk /dev/${USB_DRIVE_SHORT};mkfs.ext4 -L "$LABEL" /dev/${USB_DRIVE_SHORT}1
" | fdisk "/dev/${USB_DRIVE_SHORT}";mkfs.ext4 -L "$LABEL" "/dev/${USB_DRIVE_SHORT}1"
echo $"Formatting $USB_DRIVE as LUKS"
cryptsetup -y -v luksFormat ${USB_DRIVE}
if [ ! "$?" = "0" ]; then
if ! cryptsetup -y -v luksFormat "${USB_DRIVE}"; then
echo $"Failed to format $USB_DRIVE as LUKS"
exit 36823
fi
cryptsetup luksOpen ${USB_DRIVE} encrypted_usb
if [ ! "$?" = "0" ]; then
if ! cryptsetup luksOpen "${USB_DRIVE}" encrypted_usb; then
echo $"Failed to open LUKS formatted drive $USB_DRIVE"
exit 37232
fi
mkfs.ext4 /dev/mapper/encrypted_usb -L "$LABEL"
if [ ! "$?" = "0" ]; then
if ! mkfs.ext4 /dev/mapper/encrypted_usb -L "$LABEL"; then
cryptsetup luksClose encrypted_usb
echo $'Format of drive $USB_DRIVE failed'
exit 73218

15
src/freedombone-freedns
View File

@ -41,7 +41,7 @@ if [[ "$1" == "--verbose" || "$1" == "-v" ]]; then
VERBOSE=1
fi
if [ ! -f $CONFIGURATION_FILE ]; then
if [ ! -f "$CONFIGURATION_FILE" ]; then
exit 0
fi
@ -52,28 +52,29 @@ function item_in_array {
}
detected_codes=()
codelines=$(grep "_CODE=" $CONFIGURATION_FILE | uniq)
codelines=$(grep "_CODE=" "$CONFIGURATION_FILE" | uniq)
while read -r line; do
code=$(echo "$line" | awk -F '=' '{print $2}')
item_in_array "$code" "${detected_codes[@]}"
if [[ $? != 0 ]]; then
if ! item_in_array "$code" "${detected_codes[@]}"; then
detected_codes+=("$code")
fi
done <<< "$codelines"
if [ ! -d $HOME/.freedns-update ]; then
mkdir $HOME/.freedns-update
if [ ! -d "$HOME/.freedns-update" ]; then
mkdir "$HOME/.freedns-update"
fi
cd $HOME/.freedns-update
cd "$HOME/.freedns-update" || exit 2467824684
for code in "${detected_codes[@]}"
do
if [ $VERBOSE ]; then
echo $"command: $FREEDNS_WGET${code}="
# shellcheck disable=SC1066,SC1067
$FREEDNS_WGET${code}=
else
if [ -f /tmp/freedns ]; then
rm /tmp/freedns
fi
# shellcheck disable=SC1066,SC1067,SC1007
$FREEDNS_WGET${code}= >> /tmp/freedns 2>&1
fi
done

40
src/freedombone-ignore
View File

@ -79,37 +79,37 @@ if ! [[ $MYUSERNAME && $EMAIL_ADDRESS ]]; then
fi
fi
MUTTRC=/home/$MYUSERNAME/.muttrc
PM=/home/$MYUSERNAME/.procmailrc
MUTTRC="/home/$MYUSERNAME/.muttrc"
PM="/home/$MYUSERNAME/.procmailrc"
# Ignore if subject line contains text
if [ "$SUBJECT_TEXT" ]; then
if ! grep -q "Ignore rule for $SUBJECT_TEXT" $PM; then
echo "# Ignore rule for $SUBJECT_TEXT" >> $PM
echo ":0" >> $PM
echo " * ^Subject:.*$SUBJECT_TEXT" >> $PM
echo "/dev/null" >> $PM
echo "# End of ignore rule" >> $PM
chown $MYUSERNAME:$MYUSERNAME $PM
if ! grep -q "Ignore rule for $SUBJECT_TEXT" "$PM"; then
{ echo "# Ignore rule for $SUBJECT_TEXT";
echo ":0";
echo " * ^Subject:.*$SUBJECT_TEXT";
echo "/dev/null";
echo "# End of ignore rule"; } >> "$PM"
chown "$MYUSERNAME":"$MYUSERNAME" "$PM"
fi
fi
# ignore an email address
if [ $EMAIL_ADDRESS ]; then
if ! grep -q "Ignore rule for $EMAIL_ADDRESS" $PM; then
echo "# Ignore rule for $EMAIL_ADDRESS" >> $PM
echo ":0" >> $PM
echo " * ^From:.*$EMAIL_ADDRESS" >> $PM
echo "/dev/null" >> $PM
echo "# End of ignore rule" >> $PM
chown $MYUSERNAME:$MYUSERNAME $PM
if [ "$EMAIL_ADDRESS" ]; then
if ! grep -q "Ignore rule for $EMAIL_ADDRESS" "$PM"; then
{ echo "# Ignore rule for $EMAIL_ADDRESS";
echo ":0";
echo " * ^From:.*$EMAIL_ADDRESS";
echo "/dev/null";
echo "# End of ignore rule"; } >> "$PM"
chown "$MYUSERNAME":"$MYUSERNAME" "$PM"
fi
fi
PROCMAILLOG=/home/$MYUSERNAME/log
if [ ! -d $PROCMAILLOG ]; then
mkdir $PROCMAILLOG
chown -R $MYUSERNAME:$MYUSERNAME $PROCMAILLOG
if [ ! -d "$PROCMAILLOG" ]; then
mkdir "$PROCMAILLOG"
chown -R "$MYUSERNAME":"$MYUSERNAME" "$PROCMAILLOG"
fi
exit 0

149
src/freedombone-image
View File

@ -42,14 +42,14 @@ if [ -f /usr/bin/${PROJECT_NAME} ]; then
PROJECT_INSTALL_DIR=/usr/bin
fi
source $PROJECT_INSTALL_DIR/${PROJECT_NAME}-vars
source "$PROJECT_INSTALL_DIR/${PROJECT_NAME}-vars"
#get the project repo
PROJECT_REPO="https://github.com/bashrc/${PROJECT_NAME}"
UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*
UTILS_FILES="/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*"
for f in $UTILS_FILES
do
source $f
source "$f"
done
read_config_param PROJECT_REPO
@ -96,7 +96,7 @@ CONFIG_FILENAME=
DEFAULT_DOMAIN_NAME="${LOCAL_NAME}.local"
# Minimum number of characters in a password
MINIMUM_PASSWORD_LENGTH=$(cat /usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-passwords | grep 'MINIMUM_PASSWORD_LENGTH=' | head -n 1 | awk -F '=' '{print $2}')
MINIMUM_PASSWORD_LENGTH=$(grep 'MINIMUM_PASSWORD_LENGTH=' "/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-passwords" | head -n 1 | awk -F '=' '{print $2}')
# Optional ssh public key to allow
SSH_PUBKEY="no"
@ -175,38 +175,36 @@ function image_setup {
sudo pacman -S --noconfirm qemu-static binfmt-qemu-static uboot-tools qemu parted
sudo pacman -S --noconfirm dpkg-devtools bin86 arch-install-scripts qemu-arch-extra
sudo pacman -S --noconfirm syncthing
mkdir $USERHOME/develop
if [ -d $USERHOME/develop/python-cliapp ]; then
sudo rm -rf $USERHOME/develop/python-cliapp
mkdir "$USERHOME/develop"
if [ -d "$USERHOME/develop/python-cliapp" ]; then
sudo rm -rf "$USERHOME/develop/python-cliapp"
fi
git_clone $CLIAPP_REPO $USERHOME/develop/python-cliapp
if [ ! "$?" = "0" ]; then
if ! git_clone "$CLIAPP_REPO" "$USERHOME/develop/python-cliapp"; then
echo $"Failed to clone python-cliapp"
return
fi
if [ ! -d $USERHOME/develop/python-cliapp ]; then
if [ ! -d "$USERHOME/develop/python-cliapp" ]; then
echo $"Couldn't clone python-cliapp"
return
fi
sudo pacman -S --noconfirm python2-coverage python2-pytest-cov python2-sphinx
sudo pacman -S --noconfirm autopep8 python2-pylint python2-yaml python2-xdg python2-pip
cd $USERHOME/develop/python-cliapp
cd "$USERHOME/develop/python-cliapp" || exit 7824526242
git checkout $CLIAPP_COMMIT -b $CLIAPP_COMMIT
sudo python2 setup.py install
sudo pip2 install distro-info logging
if [ -d $USERHOME/develop/mbr ]; then
sudo rm -rf $USERHOME/develop/mbr
if [ -d "$USERHOME/develop/mbr" ]; then
sudo rm -rf "$USERHOME/develop/mbr"
fi
git_clone $MBR_REPO $USERHOME/develop/mbr
if [ ! "$?" = "0" ]; then
if ! git_clone $MBR_REPO "$USERHOME/develop/mbr"; then
echo $"Failed to clone mbr"
return
fi
if [ ! -d $USERHOME/develop/mbr ]; then
if [ ! -d "$USERHOME/develop/mbr" ]; then
echo $"Couldn't clone mbr"
return
fi
cd $USERHOME/develop/mbr
cd "$USERHOME/develop/mbr" || exit 2468724524
git checkout $MBR_COMMIT -b $MBR_COMMIT
makepkg --force --noconfirm
if [ ! -f mbr-${MBR_VERSION}.tar.gz ]; then
@ -214,11 +212,11 @@ function image_setup {
return
fi
tar -xzvf mbr-${MBR_VERSION}.tar.gz
if [ ! -d $USERHOME/develop/mbr/mbr-${MBR_VERSION} ]; then
if [ ! -d "$USERHOME/develop/mbr/mbr-${MBR_VERSION}" ]; then
echo $"mbr tarball could not be extracted"
return
fi
cd $USERHOME/develop/mbr/mbr-${MBR_VERSION}
cd "$USERHOME/develop/mbr/mbr-${MBR_VERSION}" || exit 13584584
cp ../*.patch .
patch -p0 < *.patch
./configure
@ -229,35 +227,34 @@ function image_setup {
return
fi
sudo cp /usr/local/sbin/install-mbr /sbin
if [ -d $USERHOME/develop/multipath-tools ]; then
sudo rm -rf $USERHOME/develop/multipath-tools
if [ -d "$USERHOME/develop/multipath-tools" ]; then
sudo rm -rf "$USERHOME/develop/multipath-tools"
fi
git_clone $MULTIPATH_TOOLS_REPO $USERHOME/develop/multipath-tools
if [ ! "$?" = "0" ]; then
if ! git_clone "$MULTIPATH_TOOLS_REPO" "$USERHOME/develop/multipath-tools"; then
echo $"Failed to clone multipath-tools"
return
fi
if [ ! -d $USERHOME/develop/multipath-tools ]; then
if [ ! -d "$USERHOME/develop/multipath-tools" ]; then
echo $"Couldn't clone multipath-tools"
return
fi
sudo pacman -S --noconfirm device-mapper libaio liburcu fakeroot
cd $USERHOME/develop/multipath-tools
cd "$USERHOME/develop/multipath-tools" || exit 27462454
makepkg --force --noconfirm
makepkg -i --force --noconfirm
sudo wget https://raw.githubusercontent.com/bashrc/freedombone/master/image_build/debootstrap/scripts/${DEBIAN_VERSION} -O /usr/share/debootstrap/scripts/debscript
sudo cp -f /usr/share/debootstrap/scripts/debscript /usr/share/debootstrap/scripts/${DEBIAN_VERSION}
if [ ! -f /usr/share/debootstrap/scripts/${DEBIAN_VERSION} ]; then
sudo wget "https://raw.githubusercontent.com/bashrc/freedombone/master/image_build/debootstrap/scripts/${DEBIAN_VERSION}" -O /usr/share/debootstrap/scripts/debscript
sudo cp -f "/usr/share/debootstrap/scripts/debscript /usr/share/debootstrap/scripts/${DEBIAN_VERSION}"
if [ ! -f "/usr/share/debootstrap/scripts/${DEBIAN_VERSION}" ]; then
echo $"No debian debootstrap script was found for $DEBIAN_VERSION"
return
fi
debian_script_hash=$(sha256sum /usr/share/debootstrap/scripts/${DEBIAN_VERSION} | awk -F ' ' '{print $1}')
debian_script_hash=$(sha256sum "/usr/share/debootstrap/scripts/${DEBIAN_VERSION}" | awk -F ' ' '{print $1}')
expected_debian_script_hash='620fa84c7ef64d10349aed38fa9cc2e7f00a6fcd1bc425f33ca2b57cc946fd0c'
if [[ "$debian_script_hash" != "$expected_debian_script_hash" ]]; then
echo $"Invalid hash for debootstrap ${DEBIAN_VERSION} script"
return
fi
sudo chmod +x /usr/share/debootstrap/scripts/${DEBIAN_VERSION}
sudo chmod +x "/usr/share/debootstrap/scripts/${DEBIAN_VERSION}"
;;
*)
echo $'Unkown operating system'
@ -271,26 +268,26 @@ function image_setup {
function mesh_router_setup_script {
# create a setup script for a mesh router
mesh_script_filename=$1
echo "MY_USERNAME=${USERNAME}" > $mesh_script_filename
echo "DEFAULT_DOMAIN_NAME=${USERNAME}" >> $mesh_script_filename
echo 'SYSTEM_TYPE=mesh' >> $mesh_script_filename
echo 'INSTALLING_ON_BBB=no' >> $mesh_script_filename
echo 'USB_DRIVE=/dev/sda1' >> $mesh_script_filename
echo 'DDNS_PROVIDER=' >> $mesh_script_filename
echo 'DDNS_USERNAME=' >> $mesh_script_filename
echo 'DDNS_PASSWORD=' >> $mesh_script_filename
echo 'DEFAULT_LANGUAGE=en_GB.UTF-8' >> $mesh_script_filename
echo 'MY_EMAIL_ADDRESS=' >> $mesh_script_filename
echo 'ENABLE_BATMAN=yes' >> $mesh_script_filename
echo 'DEBIAN_REPO=' >> $mesh_script_filename
echo 'NAMESERVER1=' >> $mesh_script_filename
echo 'NAMESERVER2=' >> $mesh_script_filename
echo 'NAMESERVER3=' >> $mesh_script_filename
echo 'NAMESERVER4=' >> $mesh_script_filename
echo 'NAMESERVER5=' >> $mesh_script_filename
echo 'NAMESERVER6=' >> $mesh_script_filename
echo 'BATMAN_CELLID=any' >> $mesh_script_filename
echo 'WIFI_CHANNEL=9' >> $mesh_script_filename
{ echo "MY_USERNAME=${USERNAME}";
echo "DEFAULT_DOMAIN_NAME=${USERNAME}";
echo 'SYSTEM_TYPE=mesh';
echo 'INSTALLING_ON_BBB=no';
echo 'USB_DRIVE=/dev/sda1';
echo 'DDNS_PROVIDER=';
echo 'DDNS_USERNAME=';
echo 'DDNS_PASSWORD=';
echo 'DEFAULT_LANGUAGE=en_GB.UTF-8';
echo 'MY_EMAIL_ADDRESS=';
echo 'ENABLE_BATMAN=yes';
echo 'DEBIAN_REPO=';
echo 'NAMESERVER1=';
echo 'NAMESERVER2=';
echo 'NAMESERVER3=';
echo 'NAMESERVER4=';
echo 'NAMESERVER5=';
echo 'NAMESERVER6=';
echo 'BATMAN_CELLID=any';
echo 'WIFI_CHANNEL=9'; } > "$mesh_script_filename"
}
while [ $# -gt 1 ]
@ -304,11 +301,11 @@ do
-c|--config)
shift
CONFIG_FILENAME="$1"
if [ ! -f $CONFIG_FILENAME ]; then
if [ ! -f "$CONFIG_FILENAME" ]; then
echo $"Config file $CONFIG_FILENAME not found"
exit 3
fi
DEFAULT_DOMAIN_NAME=$(cat $CONFIG_FILENAME | grep 'DEFAULT_DOMAIN_NAME' | awk -F '=' '{print $2}')
DEFAULT_DOMAIN_NAME=$(grep 'DEFAULT_DOMAIN_NAME' "$CONFIG_FILENAME" | awk -F '=' '{print $2}')
;;
-t|--target|--board)
shift
@ -321,7 +318,7 @@ do
-p|--password)
shift
PASSWORD="$1"
if [ ${#PASSWORD} -lt $MINIMUM_PASSWORD_LENGTH ]; then
if [ ${#PASSWORD} -lt "$MINIMUM_PASSWORD_LENGTH" ]; then
echo $"Your password chould contain at least ${MINIMUM_PASSWORD_LENGTH} characters"
exit 3628
fi
@ -415,7 +412,7 @@ do
shift
MIRROR="$1"
;;
--debianonly|--basic|--minimal)
--debianonly|--basic)
shift
DEBIAN_INSTALL_ONLY="$1"
;;
@ -467,9 +464,9 @@ done
if [[ $INTERACTIVE == "yes" || $INTERACTIVE == "y" || $INTERACTIVE == "Yes" ]]; then
${PROJECT_NAME}-config --minimal "$MINIMAL_INSTALL"
if [ -f $HOME/${PROJECT_NAME}.cfg ]; then
if [ -f "$HOME/${PROJECT_NAME}.cfg" ]; then
CONFIG_FILENAME=$HOME/${PROJECT_NAME}.cfg
DEFAULT_DOMAIN_NAME=$(cat $CONFIG_FILENAME | grep 'DEFAULT_DOMAIN_NAME' | awk -F '=' '{print $2}')
DEFAULT_DOMAIN_NAME=$(grep 'DEFAULT_DOMAIN_NAME' "$CONFIG_FILENAME" | awk -F '=' '{print $2}')
fi
fi
@ -480,34 +477,36 @@ fi
if [ ! $PASSWORD ]; then
# generate a random password
PASSWORD=$(openssl rand -base64 32 | tr -dc A-Za-z0-9 | head -c ${MINIMUM_PASSWORD_LENGTH})
PASSWORD=$(openssl rand -base64 32 | tr -dc A-Za-z0-9 | head -c "${MINIMUM_PASSWORD_LENGTH}")
fi
# Move any existing images into a build subdirectory
image_types=( xz img sig vdi qcow2 )
for im in "${image_types[@]}"
do
# shellcheck disable=SC2012,SC2086
no_of_files=$(ls -afq ${CURR_DIR}/${PROJECT_NAME}*.${im} | wc -l)
if (( no_of_files > 0 )); then
if [ ! -d ${CURR_DIR}/build ]; then
mkdir ${CURR_DIR}/build
if [ ! -d "${CURR_DIR}/build" ]; then
mkdir "${CURR_DIR}/build"
fi
mv -f ${CURR_DIR}/${PROJECT_NAME}*.${im} ${CURR_DIR}/build
mv -f "${CURR_DIR}/${PROJECT_NAME}*.${im}" "${CURR_DIR}/build"
fi
done
# Delete anything which didn't move
for im in "${image_types[@]}"
do
# shellcheck disable=SC2012,SC2086
no_of_files=$(ls -afq ${CURR_DIR}/${PROJECT_NAME}*.${im} | wc -l)
if (( no_of_files > 0 )); then
rm -f ${CURR_DIR}/${PROJECT_NAME}*.${im}
rm -f "${CURR_DIR}/${PROJECT_NAME}*.${im}"
fi
done
# Remove any existing login credentials file
if [ -f ${CURR_DIR}/${PROJECT_NAME}_login_credentials.txt ]; then
rm ${CURR_DIR}/${PROJECT_NAME}_login_credentials.txt
if [ -f "${CURR_DIR}/${PROJECT_NAME}_login_credentials.txt" ]; then
rm "${CURR_DIR}/${PROJECT_NAME}_login_credentials.txt"
fi
if [ -d $TEMPBUILD_DIR ]; then
@ -522,8 +521,8 @@ fi
cp -r /etc/${PROJECT_NAME}/* $TEMPBUILD_DIR
rm -rf $TEMPBUILD_DIR/vendor
chown -R $CURR_USER:$CURR_USER $TEMPBUILD_DIR
cd $TEMPBUILD_DIR
chown -R "$CURR_USER":"$CURR_USER" $TEMPBUILD_DIR
cd $TEMPBUILD_DIR || exit 24729847
if [[ $MINIMAL_INSTALL == "yes" ]]; then
IMAGE_NAME=$'min'
@ -565,8 +564,8 @@ if [[ "$SOCIALINSTANCE" == "gnusocial" || "$SOCIALINSTANCE" == "postactiv" ]]; t
IMAGE_NAME="${IMAGE_NAME}-${SOCIALINSTANCE}"
fi
cd $TEMPBUILD_DIR
make $IMAGE_TYPE \
cd $TEMPBUILD_DIR || exit 724245267
make "$IMAGE_TYPE" \
MYUSERNAME="$USERNAME" \
MYPASSWORD="$PASSWORD" \
ROUTER_IP_ADDRESS="$ROUTER_IP_ADDRESS" \
@ -603,6 +602,7 @@ make $IMAGE_TYPE \
SOCIALINSTANCE="$SOCIALINSTANCE" \
LOCAL_NAME="$LOCAL_NAME"
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
echo $'Build failed'
rm -rf $TEMPBUILD_DIR
@ -615,7 +615,7 @@ if [[ $IMAGE_TYPE == "qemu"* ]]; then
fi
shopt -s nullglob
imgfiles=(build/${PROJECT_NAME}*.${EXPECTED_EXTENSION})
imgfiles=("build/${PROJECT_NAME}*.${EXPECTED_EXTENSION}")
if [ ${#imgfiles[@]} -eq 0 ]; then
echo $'Image was not created'
rm -rf $TEMPBUILD_DIR
@ -625,17 +625,18 @@ fi
# Move images from temporary directory to the current directory
for im in "${image_types[@]}"
do
# shellcheck disable=SC2012,SC2086
no_of_files=$(ls -afq build/${PROJECT_NAME}*.${im} | wc -l)
if (( no_of_files > 0 )); then
mv build/${PROJECT_NAME}*.${im} ${CURR_DIR}/
sudo chown ${CURR_USER}:${CURR_USER} ${CURR_DIR}/*.${im}
mv "build/${PROJECT_NAME}*.${im}" "${CURR_DIR}/"
sudo chown "${CURR_USER}":"${CURR_USER}" "${CURR_DIR}/*.${im}"
fi
done
# Remove the temporary directory
rm -rf ${TEMPBUILD_DIR}
cd ${CURR_DIR}
cd "${CURR_DIR}" || exit 2842845284
clear
if [[ $VARIANT != 'meshclient' && $VARIANT != 'meshusb' && $VARIANT != 'mesh' ]]; then
@ -676,13 +677,13 @@ ls -lh ${PROJECT_NAME}*.img ${PROJECT_NAME}*.sig ${PROJECT_NAME}*.xz ${PROJECT_N
# Remove the mesh script after use
if [[ $VARIANT == "mesh"* ]]; then
rm -f $CONFIG_FILENAME
rm -f "$CONFIG_FILENAME"
fi
# record the default login credentials for later use
echo $"Username: $USERNAME
Password: $PASSWORD" > ${CURR_DIR}/${PROJECT_NAME}_login_credentials.txt
chmod 600 ${CURR_DIR}/${PROJECT_NAME}_login_credentials.txt
Password: $PASSWORD" > "${CURR_DIR}/${PROJECT_NAME}_login_credentials.txt"
chmod 600 "${CURR_DIR}/${PROJECT_NAME}_login_credentials.txt"
if [[ $IMAGE_TYPE != "qemu"* ]]; then
echo ''

1328
src/freedombone-image-customise
View File

File diff suppressed because it is too large Load Diff

44
src/freedombone-image-hardware-setup
View File

@ -34,12 +34,11 @@ export TEXTDOMAINDIR="/usr/share/locale"
enable_serial_console() {
# By default, spawn a console on the serial port
device="$1"
echo $"Adding a getty on the serial port"
echo "Adding a getty on the serial port"
echo "T0:12345:respawn:/sbin/getty -L $device 115200 vt100" >> /etc/inittab
}
beaglebone_setup_boot() {
bbb_version=$1
# Setup uEnv.txt
if grep -q btrfs /etc/fstab ; then
@ -47,12 +46,9 @@ beaglebone_setup_boot() {
else
fstype=ext4
fi
if [ ! $bbb_version ]; then
kernelVersion=$(ls /usr/lib/*/am335x-boneblack.dtb | head -1 | cut -d/ -f4)
else
kernelVersion=$(ls /usr/lib/*/am335x-boneblack-${1}.dtb | head -1 | cut -d/ -f4)
fi
version=$(echo $kernelVersion | sed 's/linux-image-\(.*\)/\1/')
# shellcheck disable=SC2012
kernelVersion=$(ls "/usr/lib/*/am335x-boneblack.dtb" | head -1 | cut -d/ -f4)
version=$(echo "$kernelVersion" | sed 's/linux-image-\(.*\)/\1/')
initRd=initrd.img-$version
vmlinuz=vmlinuz-$version
@ -103,7 +99,6 @@ beaglebone_flash() {
}
beaglebone_repack_kernel() {
bbb_version=$1
# process installed kernel to create uImage, uInitrd, dtb
# using flash-kernel would be a good approach, except it fails in the
# cross build environment due to too many environment checks...
@ -119,12 +114,10 @@ beaglebone_repack_kernel() {
echo "info: repacking beaglebone kernel and initrd"
bbb_dtb='am335x-boneblack'
if [ $bbb_version ]; then
bbb_dtb="am335x-boneblack-${bbb_version}"
fi
kernelVersion=$(ls /usr/lib/*/${bbb_dtb}.dtb | head -1 | cut -d/ -f4)
version=$(echo $kernelVersion | sed 's/linux-image-\(.*\)/\1/')
# shellcheck disable=SC2012
kernelVersion=$(ls "/usr/lib/*/${bbb_dtb}.dtb" | head -1 | cut -d/ -f4)
version=$(echo "$kernelVersion" | sed 's/linux-image-\(.*\)/\1/')
initRd=initrd.img-$version
vmlinuz=vmlinuz-$version
@ -143,23 +136,23 @@ beaglebone_repack_kernel() {
mkdir /tmp/initrd-repack
(cd /tmp/initrd-repack ; \
zcat /boot/$initRd | cpio -i ; \
(cd /tmp/initrd-repack || exit 2468246 ; \
zcat "/boot/$initRd" | cpio -i ; \
rm -f conf/param.conf ; \
find . | cpio --quiet -o -H newc | \
gzip -9 > /boot/$initRd )
gzip -9 > "/boot/$initRd" )
rm -rf /tmp/initrd-repack
(cd /boot ; \
cp ${bbb_dtb_file} dtb ; \
cat $vmlinuz dtb >> temp-kernel ; \
(cd /boot || exit 246824684 ; \
cp "${bbb_dtb_file}" dtb ; \
cat "$vmlinuz" dtb >> temp-kernel ; \
mkimage -A arm -O linux -T kernel -n "Debian kernel ${version}" \
-C none -a 0x82000000 -e 0x82000000 -d temp-kernel uImage ; \
rm -f temp-kernel ; \
mkimage -A arm -O linux -T ramdisk -C gzip -a 0x88080000 -e 0x88080000 \
-n "Debian ramdisk ${version}" \
-d $initRd uInitrd )
-d "$initRd" uInitrd )
}
a20_setup_boot() {
@ -171,8 +164,9 @@ a20_setup_boot() {
else
fstype=ext4
fi
kernelVersion=$(ls /usr/lib/*/$dtb | head -1 | cut -d/ -f4)
version=$(echo $kernelVersion | sed 's/linux-image-\(.*\)/\1/')
# shellcheck disable=SC2012
kernelVersion=$(ls "/usr/lib/*/$dtb" | head -1 | cut -d/ -f4)
version=$(echo "$kernelVersion" | sed 's/linux-image-\(.*\)/\1/')
initRd=initrd.img-$version
vmlinuz=vmlinuz-$version
@ -213,7 +207,7 @@ EOF
# Copy all DTBs
mkdir -p /boot/dtbs
cp /usr/lib/$kernelVersion/* /boot/dtbs
cp "/usr/lib/$kernelVersion/*" /boot/dtbs
# extra boot modules
echo "rtc_sunxi" >> /etc/initramfs-tools/modules
@ -224,7 +218,7 @@ setup_flash_kernel() {
if [ ! -d /etc/flash-kernel ] ; then
mkdir /etc/flash-kernel
fi
echo -n "$1" > /etc/flash-kernel/machine
echo "$1" > /etc/flash-kernel/machine
command_line=""
if [ -n "$2" ] ; then

104
src/freedombone-image-make
View File

@ -35,11 +35,11 @@ export TEXTDOMAIN=${PROJECT_NAME}-image-make
export TEXTDOMAINDIR="/usr/share/locale"
PROJECT_INSTALL_DIR=/usr/local/bin
if [ -f /usr/bin/${PROJECT_NAME} ]; then
if [ -f "/usr/bin/${PROJECT_NAME}" ]; then
PROJECT_INSTALL_DIR=/usr/bin
fi
source /usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-setup
source "/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-setup"
#set -x # Enable debugging
@ -103,7 +103,7 @@ a20_pkgs="linux-image-armmp-lpae u-boot-tools u-boot u-boot-sunxi"
# Packages needed for self-hosted development
dev_pkgs="build-essential devscripts make man-db emacs org-mode git mercurial"
echo Building $MACHINE $PROJECT_NAME for $ARCHITECTURE.
echo Building "$MACHINE" "$PROJECT_NAME" for "$ARCHITECTURE".
case "$MACHINE" in
beaglebone)
@ -164,7 +164,7 @@ for p in $base_pkgs $extra_pkgs; do
done
# Make sure file is owned by current user, not root
touch $(dirname $IMAGE)/${PROJECT_NAME}.log
touch "$(dirname "$IMAGE")/${PROJECT_NAME}.log"
if [ -x vendor/vmdebootstrap/vmdebootstrap ] ; then
VMDEBOOTSTRAP=vendor/vmdebootstrap/vmdebootstrap
@ -173,15 +173,15 @@ else
fi
PROJECT_INSTALL_DIR=/usr/local/bin
if [ -f /usr/bin/${PROJECT_NAME} ]; then
if [ -f "/usr/bin/${PROJECT_NAME}" ]; then
PROJECT_INSTALL_DIR=/usr/bin
fi
echo $'Making customised customisation script'
TEMP_CUSTOMISE=/etc/${PROJECT_NAME}/image-customise
TEMP_CUSTOMISE2=/tmp/${PROJECT_NAME}-image-customise2
TEMP_CUSTOMISE3=/tmp/${PROJECT_NAME}-image-customise3
TEMP_CUSTOMISE4=/tmp/${PROJECT_NAME}-image-customise4
TEMP_CUSTOMISE="/etc/${PROJECT_NAME}/image-customise"
TEMP_CUSTOMISE2="/tmp/${PROJECT_NAME}-image-customise2"
TEMP_CUSTOMISE3="/tmp/${PROJECT_NAME}-image-customise3"
TEMP_CUSTOMISE4="/tmp/${PROJECT_NAME}-image-customise4"
# cat all the things together
combine_all_scripts $TEMP_CUSTOMISE2
@ -191,43 +191,43 @@ if [ ! -f $TEMP_CUSTOMISE2 ]; then
fi
echo $'Changing values within customised customisation script'
cp $PROJECT_INSTALL_DIR/${PROJECT_NAME}-image-customise $TEMP_CUSTOMISE3
if [ $MYUSERNAME ]; then
sed -i "s|MY_USERNAME=.*|MY_USERNAME=${MYUSERNAME}|g" $TEMP_CUSTOMISE3
cp "$PROJECT_INSTALL_DIR/${PROJECT_NAME}-image-customise" "$TEMP_CUSTOMISE3"
if [ "$MYUSERNAME" ]; then
sed -i "s|MY_USERNAME=.*|MY_USERNAME=${MYUSERNAME}|g" "$TEMP_CUSTOMISE3"
fi
if [ $MYPASSWORD ]; then
sed -i "s|MY_PASSWORD=.*|MY_PASSWORD=${MYPASSWORD}|g" $TEMP_CUSTOMISE3
if [ "$MYPASSWORD" ]; then
sed -i "s|MY_PASSWORD=.*|MY_PASSWORD=${MYPASSWORD}|g" "$TEMP_CUSTOMISE3"
fi
sed -i "s|ROUTER_IP_ADDRESS=.*|ROUTER_IP_ADDRESS=${ROUTER_IP_ADDRESS}|g" $TEMP_CUSTOMISE3
sed -i "s|BOX_IP_ADDRESS=.*|BOX_IP_ADDRESS=${BOX_IP_ADDRESS}|g" $TEMP_CUSTOMISE3
sed -i "s|NAMESERVER1=.*|NAMESERVER1=${NAMESERVER1}|g" $TEMP_CUSTOMISE3
sed -i "s|NAMESERVER2=.*|NAMESERVER2=${NAMESERVER2}|g" $TEMP_CUSTOMISE3
sed -i "s|NAMESERVER3=.*|NAMESERVER3=${NAMESERVER3}|g" $TEMP_CUSTOMISE3
sed -i "s|NAMESERVER4=.*|NAMESERVER4=${NAMESERVER4}|g" $TEMP_CUSTOMISE3
sed -i "s|NAMESERVER5=.*|NAMESERVER5=${NAMESERVER5}|g" $TEMP_CUSTOMISE3
sed -i "s|NAMESERVER6=.*|NAMESERVER6=${NAMESERVER6}|g" $TEMP_CUSTOMISE3
sed -i "s|PROJECT_NAME=.*|PROJECT_NAME=${PROJECT_NAME}|g" $TEMP_CUSTOMISE3
sed -i "s|CONFIG_FILENAME=.*|CONFIG_FILENAME=${CONFIG_FILENAME}|g" $TEMP_CUSTOMISE3
sed -i "s|SSH_PUBKEY=.*|SSH_PUBKEY=${SSH_PUBKEY}|g" $TEMP_CUSTOMISE3
sed -i "s|GENERIC_IMAGE=.*|GENERIC_IMAGE=${GENERIC_IMAGE}|g" $TEMP_CUSTOMISE3
sed -i "s|MINIMAL_INSTALL=.*|MINIMAL_INSTALL=\"${MINIMAL_INSTALL}\"|g" $TEMP_CUSTOMISE3
sed -i "s|SSH_PORT=.*|SSH_PORT=\"${SSH_PORT}\"|g" $TEMP_CUSTOMISE3
sed -i "s|ONION_ONLY=.*|ONION_ONLY=\"${ONION_ONLY}\"|g" $TEMP_CUSTOMISE3
sed -i "s|PROJECT_REPO=.*|PROJECT_REPO=\"${PROJECT_REPO}\"|g" $TEMP_CUSTOMISE3
sed -i "s|DEBIAN_INSTALL_ONLY=.*|DEBIAN_INSTALL_ONLY=\"${DEBIAN_INSTALL_ONLY}\"|g" $TEMP_CUSTOMISE3
sed -i "s|WIFI_INTERFACE=.*|WIFI_INTERFACE=\"${WIFI_INTERFACE}\"|g" $TEMP_CUSTOMISE3
sed -i "s|WIFI_SSID=.*|WIFI_SSID=\"${WIFI_SSID}\"|g" $TEMP_CUSTOMISE3
sed -i "s|WIFI_TYPE=.*|WIFI_TYPE=\"${WIFI_TYPE}\"|g" $TEMP_CUSTOMISE3
sed -i "s|WIFI_PASSPHRASE=.*|WIFI_PASSPHRASE=\"${WIFI_PASSPHRASE}\"|g" $TEMP_CUSTOMISE3
sed -i "s|WIFI_HOTSPOT=.*|WIFI_HOTSPOT=\"${WIFI_HOTSPOT}\"|g" $TEMP_CUSTOMISE3
sed -i "s|WIFI_NETWORKS_FILE=.*|WIFI_NETWORKS_FILE=\"${WIFI_NETWORKS_FILE}\"|g" $TEMP_CUSTOMISE3
sed -i "s|VARIANT=.*|VARIANT=\"${VARIANT}\"|g" $TEMP_CUSTOMISE3
sed -i "s|MINIMUM_PASSWORD_LENGTH=.*|MINIMUM_PASSWORD_LENGTH=\"${MINIMUM_PASSWORD_LENGTH}\"|g" $TEMP_CUSTOMISE3
sed -i "s|INSECURE=.*|INSECURE=\"${INSECURE}\"|g" $TEMP_CUSTOMISE3
sed -i "s|AMNESIC=.*|AMNESIC=\"${AMNESIC}\"|g" $TEMP_CUSTOMISE3
sed -i "s|SOCIALINSTANCE=.*|SOCIALINSTANCE=\"${SOCIALINSTANCE}\"|g" $TEMP_CUSTOMISE3
sed -i "s|LOCAL_NAME=.*|LOCAL_NAME=\"${LOCAL_NAME}\"|g" $TEMP_CUSTOMISE3
sed -i 's|#!/bin/bash||g' $TEMP_CUSTOMISE3
sed -i "s|ROUTER_IP_ADDRESS=.*|ROUTER_IP_ADDRESS=${ROUTER_IP_ADDRESS}|g" "$TEMP_CUSTOMISE3"
sed -i "s|BOX_IP_ADDRESS=.*|BOX_IP_ADDRESS=${BOX_IP_ADDRESS}|g" "$TEMP_CUSTOMISE3"
sed -i "s|NAMESERVER1=.*|NAMESERVER1=${NAMESERVER1}|g" "$TEMP_CUSTOMISE3"
sed -i "s|NAMESERVER2=.*|NAMESERVER2=${NAMESERVER2}|g" "$TEMP_CUSTOMISE3"
sed -i "s|NAMESERVER3=.*|NAMESERVER3=${NAMESERVER3}|g" "$TEMP_CUSTOMISE3"
sed -i "s|NAMESERVER4=.*|NAMESERVER4=${NAMESERVER4}|g" "$TEMP_CUSTOMISE3"
sed -i "s|NAMESERVER5=.*|NAMESERVER5=${NAMESERVER5}|g" "$TEMP_CUSTOMISE3"
sed -i "s|NAMESERVER6=.*|NAMESERVER6=${NAMESERVER6}|g" "$TEMP_CUSTOMISE3"
sed -i "s|PROJECT_NAME=.*|PROJECT_NAME=${PROJECT_NAME}|g" "$TEMP_CUSTOMISE3"
sed -i "s|CONFIG_FILENAME=.*|CONFIG_FILENAME=${CONFIG_FILENAME}|g" "$TEMP_CUSTOMISE3"
sed -i "s|SSH_PUBKEY=.*|SSH_PUBKEY=${SSH_PUBKEY}|g" "$TEMP_CUSTOMISE3"
sed -i "s|GENERIC_IMAGE=.*|GENERIC_IMAGE=${GENERIC_IMAGE}|g" "$TEMP_CUSTOMISE3"
sed -i "s|MINIMAL_INSTALL=.*|MINIMAL_INSTALL=\"${MINIMAL_INSTALL}\"|g" "$TEMP_CUSTOMISE3"
sed -i "s|SSH_PORT=.*|SSH_PORT=\"${SSH_PORT}\"|g" "$TEMP_CUSTOMISE3"
sed -i "s|ONION_ONLY=.*|ONION_ONLY=\"${ONION_ONLY}\"|g" "$TEMP_CUSTOMISE3"
sed -i "s|PROJECT_REPO=.*|PROJECT_REPO=\"${PROJECT_REPO}\"|g" "$TEMP_CUSTOMISE3"
sed -i "s|DEBIAN_INSTALL_ONLY=.*|DEBIAN_INSTALL_ONLY=\"${DEBIAN_INSTALL_ONLY}\"|g" "$TEMP_CUSTOMISE3"
sed -i "s|WIFI_INTERFACE=.*|WIFI_INTERFACE=\"${WIFI_INTERFACE}\"|g" "$TEMP_CUSTOMISE3"
sed -i "s|WIFI_SSID=.*|WIFI_SSID=\"${WIFI_SSID}\"|g" "$TEMP_CUSTOMISE3"
sed -i "s|WIFI_TYPE=.*|WIFI_TYPE=\"${WIFI_TYPE}\"|g" "$TEMP_CUSTOMISE3"
sed -i "s|WIFI_PASSPHRASE=.*|WIFI_PASSPHRASE=\"${WIFI_PASSPHRASE}\"|g" "$TEMP_CUSTOMISE3"
sed -i "s|WIFI_HOTSPOT=.*|WIFI_HOTSPOT=\"${WIFI_HOTSPOT}\"|g" "$TEMP_CUSTOMISE3"
sed -i "s|WIFI_NETWORKS_FILE=.*|WIFI_NETWORKS_FILE=\"${WIFI_NETWORKS_FILE}\"|g" "$TEMP_CUSTOMISE3"
sed -i "s|VARIANT=.*|VARIANT=\"${VARIANT}\"|g" "$TEMP_CUSTOMISE3"
sed -i "s|MINIMUM_PASSWORD_LENGTH=.*|MINIMUM_PASSWORD_LENGTH=\"${MINIMUM_PASSWORD_LENGTH}\"|g" "$TEMP_CUSTOMISE3"
sed -i "s|INSECURE=.*|INSECURE=\"${INSECURE}\"|g" "$TEMP_CUSTOMISE3"
sed -i "s|AMNESIC=.*|AMNESIC=\"${AMNESIC}\"|g" "$TEMP_CUSTOMISE3"
sed -i "s|SOCIALINSTANCE=.*|SOCIALINSTANCE=\"${SOCIALINSTANCE}\"|g" "$TEMP_CUSTOMISE3"
sed -i "s|LOCAL_NAME=.*|LOCAL_NAME=\"${LOCAL_NAME}\"|g" "$TEMP_CUSTOMISE3"
sed -i 's|#!/bin/bash||g' "$TEMP_CUSTOMISE3"
cat $TEMP_CUSTOMISE2 $TEMP_CUSTOMISE3 > $TEMP_CUSTOMISE4
if [ -f $TEMP_CUSTOMISE ]; then
@ -256,19 +256,19 @@ sudo -H \
SOURCE="$SOURCE" \
CUSTOM_SETUP="$CUSTOM_SETUP" \
$VMDEBOOTSTRAP \
--log $(dirname $IMAGE)/${PROJECT_NAME}.log \
--log "$(dirname "$IMAGE")/${PROJECT_NAME}.log" \
--log-level debug \
--size $IMAGE_SIZE \
--image $IMAGE.img \
--size "$IMAGE_SIZE" \
--image "$IMAGE.img" \
--hostname ${PROJECT_NAME} \
--verbose \
--mirror $BUILD_MIRROR \
--mirror "$BUILD_MIRROR" \
--customize "$TEMP_CUSTOMISE" \
--lock-root-password \
--arch $ARCHITECTURE \
--distribution $SUITE \
$extra_opts \
$pkgopts
--arch "$ARCHITECTURE" \
--distribution "$SUITE" \
"$extra_opts" \
"$pkgopts"
echo $'Removing customised customisation script'
sudo shred -zu $TEMP_CUSTOMISE

1269
src/freedombone-image-mesh
View File

File diff suppressed because it is too large Load Diff

4
src/freedombone-image-vmdebootstrap
View File

@ -36,7 +36,7 @@ VMDEBOOTSTRAP_BRANCH='bashrc/freedombone'
mkdir -p vendor
if [ -d vendor/vmdebootstrap ] ; then
(cd vendor/vmdebootstrap; git checkout .; git pull)
(cd vendor/vmdebootstrap || exit 246824624; git checkout .; git pull)
else
git clone $VMDEBOOTSTRAP_REPO vendor/vmdebootstrap
fi
@ -103,5 +103,5 @@ EOF
sudo mv /tmp/ubuntu.csv /usr/share/distro-info/
fi
cd vendor/vmdebootstrap
cd vendor/vmdebootstrap || exit 2648726446
git checkout $VMDEBOOTSTRAP_BRANCH

78
src/freedombone-keydrive
View File

@ -87,17 +87,17 @@ do
shift
done
if [ ! $MY_USERNAME ]; then
if [ ! "$MY_USERNAME" ]; then
echo $'No username given'
exit 69350
fi
if [ ! -d /home/$MY_USERNAME ]; then
if [ ! -d "/home/$MY_USERNAME" ]; then
echo $"Home directory for $MY_USERNAME not found. This user may not exist on the system"
exit 72378
fi
if [ ! -b $USB_DRIVE ]; then
if [ ! -b "$USB_DRIVE" ]; then
echo $'Please attach a USB drive'
exit 65743
fi
@ -113,18 +113,15 @@ cryptsetup luksClose encrypted_usb
# optionally format the drive
if [[ $FORMAT == "yes" ]]; then
${PROJECT_NAME}-format ${USB_DRIVE::-1}
if [ ! "$?" = "0" ]; then
if ! "${PROJECT_NAME}-format" "${USB_DRIVE::-1}"; then
exit 36823
fi
fi
cryptsetup luksOpen $USB_DRIVE encrypted_usb
if [ "$?" = "0" ]; then
if cryptsetup luksOpen "$USB_DRIVE" encrypted_usb; then
USB_DRIVE=/dev/mapper/encrypted_usb
fi
mount $USB_DRIVE $USB_MOUNT
if [ ! "$?" = "0" ]; then
if ! mount $USB_DRIVE $USB_MOUNT; then
echo $"There was a problem mounting the USB drive to $USB_MOUNT"
rm -rf $USB_MOUNT
exit 78543
@ -132,7 +129,7 @@ fi
# optionally create a master drive which contains the full GPG keyring
if [[ $MASTER_DRIVE == "yes" || $MASTER_DRIVE == "y" || $MASTER_DRIVE == "1" ]]; then
if [ ! -d /home/$MY_USERNAME/.gnupg ]; then
if [ ! -d "/home/$MY_USERNAME/.gnupg" ]; then
echo $"No .gnupg directory was found for $MY_USERNAME"
umount -f $USB_MOUNT
rm -rf $USB_MOUNT
@ -149,7 +146,7 @@ if [[ $MASTER_DRIVE == "yes" || $MASTER_DRIVE == "y" || $MASTER_DRIVE == "1" ]];
GPG_BACKUP_ID=$(su -m root -c "gpg --list-keys \"(backup key)\" | sed -n '2p' | sed 's/^[ \t]*//'" - $MY_USERNAME)
gpgerrstr=$'error'
gpgkey=$(gpg --homedir=/home/$MY_USERNAME/.gnupg --armor --export $GPG_ID)
gpgkey=$(gpg --homedir="/home/$MY_USERNAME/.gnupg" --armor --export "$GPG_ID")
if [[ "$gpgkey" == *"$gpgerrstr"* ]]; then
echo $'Problem exporting public gpg key'
echo "$gpgkey"
@ -157,7 +154,7 @@ if [[ $MASTER_DRIVE == "yes" || $MASTER_DRIVE == "y" || $MASTER_DRIVE == "1" ]];
fi
echo ''
echo $'Enter your gpg private key passphrase:'
gpgprivkey=$(gpg --homedir=/home/$MY_USERNAME/.gnupg --armor --export-secret-key $GPG_ID)
gpgprivkey=$(gpg --homedir="/home/$MY_USERNAME/.gnupg" --armor --export-secret-key "$GPG_ID")
if [[ "$gpgprivkey" == *"$gpgerrstr"* ]]; then
echo $'Problem exporting private gpg key'
echo "$gpgprivkey"
@ -168,13 +165,13 @@ if [[ $MASTER_DRIVE == "yes" || $MASTER_DRIVE == "y" || $MASTER_DRIVE == "1" ]];
# Dummy password to get around not being able to create a key without passphrase
BACKUP_DUMMY_PASSWORD='backup'
backupgpgkey=$(gpg --homedir=/home/$MY_USERNAME/.gnupg --armor --export $GPG_BACKUP_ID)
backupgpgkey=$(gpg --homedir="/home/$MY_USERNAME/.gnupg" --armor --export "$GPG_BACKUP_ID")
if [[ "$backupgpgkey" == *"$gpgerrstr"* ]]; then
echo $'Problem exporting public gpg backup key'
echo "$backupgpgkey"
exit 735282
fi
backupgpgprivkey=$(echo "$BACKUP_DUMMY_PASSWORD" | gpg --batch --passphrase-fd 0 --homedir=/home/$MY_USERNAME/.gnupg --armor --export-secret-key $GPG_BACKUP_ID)
backupgpgprivkey=$(echo "$BACKUP_DUMMY_PASSWORD" | gpg --batch --passphrase-fd 0 --homedir="/home/$MY_USERNAME/.gnupg" --armor --export-secret-key "$GPG_BACKUP_ID")
if [[ "$backupgpgprivkey" == *"$gpgerrstr"* ]]; then
echo $'Problem exporting private gpg backup key'
echo "$backupgpgprivkey"
@ -187,7 +184,7 @@ if [[ $MASTER_DRIVE == "yes" || $MASTER_DRIVE == "y" || $MASTER_DRIVE == "1" ]];
echo "$backupgpgkey" > $USB_MOUNT/.backupgpgkey
echo "$backupgpgprivkey" >> $USB_MOUNT/.backupgpgkey
cp -rf /home/$MY_USERNAME/.gnupg $USB_MOUNT
cp -rf "/home/$MY_USERNAME/.gnupg" $USB_MOUNT
if [ -d /etc/letsencrypt ]; then
cp -rf /etc/letsencrypt $USB_MOUNT
@ -220,25 +217,25 @@ fi
FRAGMENTS_DIR=$FRAGMENTS_DIR/$MY_USERNAME
# make a directory to contain the fragments
if [ ! -d $FRAGMENTS_DIR ]; then
mkdir -p $FRAGMENTS_DIR
if [ ! -d "$FRAGMENTS_DIR" ]; then
mkdir -p "$FRAGMENTS_DIR"
echo $"Made directory $FRAGMENTS_DIR"
fi
if [ ! -d $FRAGMENTS_DIR ]; then
if [ ! -d "$FRAGMENTS_DIR" ]; then
echo $"There was a problem making the directory $FRAGMENTS_DIR"
umount -f $USB_MOUNT
rm -rf $USB_MOUNT
exit 6843
fi
cd $FRAGMENTS_DIR
no_of_usb_shares=$(ls -afq keyshare.asc.* | wc -l)
if [ ! "$?" = "0" ]; then
cd "$FRAGMENTS_DIR" || exit 13389478368
# shellcheck disable=SC2012
if ! no_of_usb_shares=$(ls -afq keyshare.asc.* | wc -l); then
no_of_usb_shares=0
fi
if (( no_of_usb_shares > 0 )); then
echo $"A key fragment already exists on the drive for the user $MY_USERNAME"
cd ~/
cd ~/ || exit 34678264583
umount -f $USB_MOUNT
rm -rf $USB_MOUNT
exit 58945
@ -247,43 +244,44 @@ fi
# copy a random fragment to the drive
LOCAL_FRAGMENTS_DIR=/home/$MY_USERNAME/.gnupg_fragments
if [ ! -d $LOCAL_FRAGMENTS_DIR ]; then
${PROJECT_NAME}-splitkey -u $MY_USERNAME -n $KEY_FRAGMENTS
if [ ! -d "$LOCAL_FRAGMENTS_DIR" ]; then
"${PROJECT_NAME}-splitkey" -u "$MY_USERNAME" -n "$KEY_FRAGMENTS"
fi
cd $LOCAL_FRAGMENTS_DIR
no_of_local_shares=$(ls -afq keyshare.asc.* | wc -l)
if [ ! "$?" = "0" ]; then
cd "$LOCAL_FRAGMENTS_DIR" || exit 7822452644
# shellcheck disable=SC2012
if ! no_of_local_shares=$(ls -afq keyshare.asc.* | wc -l); then
no_of_local_shares=0
fi
if (( no_of_local_shares < 3 )); then
${PROJECT_NAME}-splitkey -u $MY_USERNAME -n $KEY_FRAGMENTS
cd $LOCAL_FRAGMENTS_DIR
no_of_local_shares=$(ls -afq keyshare.asc.* | wc -l)
if [ ! "$?" = "0" ]; then
"${PROJECT_NAME}-splitkey" -u "$MY_USERNAME" -n "$KEY_FRAGMENTS"
cd "$LOCAL_FRAGMENTS_DIR" || exit 724524242
# shellcheck disable=SC2012
if ! no_of_local_shares=$(ls -afq keyshare.asc.* | wc -l); then
no_of_local_shares=0
fi
fi
if (( no_of_local_shares < 3 )); then
echo $"Not enough key fragments available ${no_of_local_shares}"
cd ~/
cd ~/ || exit 7245267457
umount -f $USB_MOUNT
rm -rf $USB_MOUNT
exit 63386
fi
share_files=($LOCAL_FRAGMENTS_DIR/keyshare.asc.*)
share_files=("$LOCAL_FRAGMENTS_DIR/keyshare.asc.*")
SHARE_FILENAME=${share_files[RANDOM % ${#share_files[@]}]}
cp -f $SHARE_FILENAME $FRAGMENTS_DIR
cd $FRAGMENTS_DIR
cp -f "$SHARE_FILENAME" "$FRAGMENTS_DIR"
cd "$FRAGMENTS_DIR" || exit 2543244726
# shellcheck disable=SC2012
no_of_usb_shares=$(ls -afq keyshare.asc.* | wc -l)
echo $"Number of fragments on the drive: ${no_of_usb_shares}"
if (( no_of_usb_shares > 1 )); then
echo $"Too many key fragments exist in $FRAGMENTS_DIR"
ls $FRAGMENTS_DIR
cd ~/
ls "$FRAGMENTS_DIR"
cd ~/ || 357836582645
umount -f $USB_MOUNT
rm -rf $USB_MOUNT
exit 54292
@ -291,14 +289,14 @@ fi
if (( no_of_usb_shares <= 0 )); then
echo $"There was a problem copying the key fragment to $USB_DRIVE"
echo $"Files found: ${no_of_usb_shares}"
ls $FRAGMENTS_DIR
cd ~/
ls "$FRAGMENTS_DIR"
cd ~/ || exit 743452452
umount -f $USB_MOUNT
rm -rf $USB_MOUNT
exit 54292
fi
cd ~/
cd ~/ || exit 245672457
umount -f $USB_MOUNT
rm -rf $USB_MOUNT
echo $"Key fragment copied to $USB_DRIVE. You may now remove the drive."

32
src/freedombone-logging
View File

@ -42,28 +42,28 @@ REMOVE_FILES_COMMAND='rm -rf'
source /usr/local/bin/${PROJECT_NAME}-vars
UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*
UTILS_FILES="/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*"
for f in $UTILS_FILES
do
source $f
source "$f"
done
APP_FILES=/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*
APP_FILES="/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*"
for f in $APP_FILES
do
source $f
source "$f"
done
APPS_AVAILABLE=()
function logging_get_app_names {
FILES=/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*
FILES="/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*"
for filename in $FILES
do
app_name=$(echo "${filename}" | awk -F '-app-' '{print $2}')
if grep -q "logging_on_" ${filename}; then
if grep -q "logging_off_" ${filename}; then
if grep -q "logging_on_" "${filename}"; then
if grep -q "logging_off_" "${filename}"; then
APPS_AVAILABLE+=("${app_name}")
fi
fi
@ -76,7 +76,7 @@ function turn_logging_on {
for a in "${APPS_AVAILABLE[@]}"
do
echo $"Turning on logging for ${a}"
logging_on_${a}
"logging_on_${a}"
done
}
@ -86,7 +86,7 @@ function turn_logging_off {
for a in "${APPS_AVAILABLE[@]}"
do
echo $"Turning off logging for ${a}"
logging_off_${a}
"logging_off_${a}"
done
}
@ -162,14 +162,14 @@ if [[ "$1" == "on" || "$1" == "On" || "$1" == "ON" ]]; then
fi
for filename in /etc/nginx/sites-available/* ; do
filename_domain=$(echo "$filename" | awk -F '/' '{print $5}')
sed -i "s|access_log.*|access_log /var/log/nginx/$filename_domain.access.log;|g" $filename
sed -i "s|error_log.*|error_log /var/log/nginx/$filename_domain.err.log $WEBSERVER_LOG_LEVEL;|g" $filename
sed -i "s|access_log.*|access_log /var/log/nginx/$filename_domain.access.log;|g" "$filename"
sed -i "s|error_log.*|error_log /var/log/nginx/$filename_domain.err.log $WEBSERVER_LOG_LEVEL;|g" "$filename"
done
sed -i 's|access_log.*|access_log /var/log/nginx/access.log;|g' /etc/nginx/nginx.conf
sed -i 's|error_log.*|error_log /var/log/nginx/error.log;|g' /etc/nginx/nginx.conf
fi
if [ -f /etc/init.d/spamassassin ]; then
sed -i 's|DOPTIONS="-s null -d --pidfile=$PIDFILE"|DOPTIONS="-d --pidfile=$PIDFILE"|g' /etc/init.d/spamassassin
sed -i "s|DOPTIONS=\"-s null -d --pidfile=\$PIDFILE\"|DOPTIONS=\"-d --pidfile=\$PIDFILE\"|g" /etc/init.d/spamassassin
fi
if [ -d /etc/exim4 ]; then
if [ ! -d /var/log/exim4 ]; then
@ -211,16 +211,16 @@ else
fi
if [ -d /etc/nginx ]; then
for filename in /etc/nginx/sites-available/* ; do
sed -i 's|access_log.*|access_log /dev/null;|g' $filename
sed -i 's|warn_log.*|warn_log /dev/null;|g' $filename
sed -i 's|error_log.*|error_log /dev/null;|g' $filename
sed -i 's|access_log.*|access_log /dev/null;|g' "$filename"
sed -i 's|warn_log.*|warn_log /dev/null;|g' "$filename"
sed -i 's|error_log.*|error_log /dev/null;|g' "$filename"
done
sed -i 's|access_log.*|access_log /dev/null;|g' /etc/nginx/nginx.conf
sed -i 's|error_log.*|error_log /dev/null;|g' /etc/nginx/nginx.conf
$REMOVE_FILES_COMMAND /var/log/nginx/*
fi
if [ -f /etc/init.d/spamassassin ]; then
sed -i 's|DOPTIONS="-d --pidfile=$PIDFILE"|DOPTIONS="-s null -d --pidfile=$PIDFILE"|g' /etc/init.d/spamassassin
sed -i "s|DOPTIONS=\"-d --pidfile=\$PIDFILE\"|DOPTIONS=\"-s null -d --pidfile=\$PIDFILE\"|g" /etc/init.d/spamassassin
fi
if [ -d /etc/exim4 ]; then
sed -i 's|MAIN_LOG_SELECTOR = .*|MAIN_LOG_SELECTOR = -all|g' /etc/exim4/conf.d/main/01_exim4-config_listmacrosdefs

147
src/freedombone-mesh-batman
View File

@ -29,7 +29,7 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
PROJECT_NAME='freedombone'
COMPLETION_FILE=/root/${PROJECT_NAME}-completed.txt
COMPLETION_FILE="/root/${PROJECT_NAME}-completed.txt"
# hotspot passphrase must be 5 characters or longer
HOTSPOT_PASSPHRASE="${PROJECT_NAME}"
@ -40,28 +40,29 @@ source /usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-mesh
mesh_protocol_init
update_wifi_adaptors
if [ ! $IFACE ]; then
if [ ! "$IFACE" ]; then
echo $'No wlan adaptor'
exit 0
fi
if [ -e /etc/default/batctl ]; then
# shellcheck disable=SC1091
. /etc/default/batctl
fi
function status {
batctl o
if grep -q "bmx6" $MESH_CURRENT_PROTOCOL; then
if grep -q "bmx6" "$MESH_CURRENT_PROTOCOL"; then
bmx6 -c show=originators
fi
if grep -q "bmx7" $MESH_CURRENT_PROTOCOL; then
if grep -q "bmx7" "$MESH_CURRENT_PROTOCOL"; then
bmx7 -c show=originators
fi
}
function stop {
if [ ! -f $MESH_CURRENT_PROTOCOL ]; then
if [ ! -f "$MESH_CURRENT_PROTOCOL" ]; then
return
fi
@ -82,31 +83,31 @@ function stop {
systemctl disable dnsmasq
if [ "$EIFACE" ]; then
brctl delif $BRIDGE bat0
ifconfig $BRIDGE down || true
ethernet_connected=$(cat /sys/class/net/$EIFACE/carrier)
brctl delif "$BRIDGE" bat0
ifconfig "$BRIDGE" down || true
ethernet_connected=$(cat "/sys/class/net/$EIFACE/carrier")
if [[ "$ethernet_connected" != "0" ]]; then
systemctl stop hostapd
brctl delif $BRIDGE $EIFACE
ifconfig $EIFACE down -promisc
brctl delif "$BRIDGE" "$EIFACE"
ifconfig "$EIFACE" down -promisc
fi
brctl delbr $BRIDGE
brctl delbr "$BRIDGE"
fi
ifconfig bat0 down -promisc
batctl if del $IFACE
ifconfig $IFACE mtu 1500
ifconfig $IFACE down
iwconfig $IFACE mode managed
batctl if del "$IFACE"
ifconfig "$IFACE" mtu 1500
ifconfig "$IFACE" down
iwconfig "$IFACE" mode managed
if [ $IFACE_SECONDARY ]; then
if [ "$IFACE_SECONDARY" ]; then
systemctl stop hostapd
systemctl disable hostapd
batctl if del $IFACE_SECONDARY
ifconfig $IFACE_SECONDARY mtu 1500
ifconfig $IFACE_SECONDARY down
iwconfig $IFACE_SECONDARY mode managed
batctl if del "$IFACE_SECONDARY"
ifconfig "$IFACE_SECONDARY" mtu 1500
ifconfig "$IFACE_SECONDARY" down
iwconfig "$IFACE_SECONDARY" mode managed
fi
rmmod batman-adv
@ -115,53 +116,53 @@ function stop {
systemctl restart network-manager
if [ -f $MESH_CURRENT_PROTOCOL ]; then
rm $MESH_CURRENT_PROTOCOL
if [ -f "$MESH_CURRENT_PROTOCOL" ]; then
rm "$MESH_CURRENT_PROTOCOL"
fi
}
function verify {
tempfile="$(mktemp)"
batctl o > $tempfile
if grep -q "disabled" $tempfile; then
batctl o > "$tempfile"
if grep -q "disabled" "$tempfile"; then
echo $'B.A.T.M.A.N. not enabled'
rm $tempfile
rm "$tempfile"
stop
exit 726835
fi
echo $'B.A.T.M.A.N. is running'
rm $tempfile
rm "$tempfile"
}
function add_wifi_interface {
ifname=$1
ifssid=$WIFI_SSID
if [ $2 ]; then
if [ "$2" ]; then
ifssid=$2
fi
ifmode=ad-hoc
if [ $3 ]; then
if [ "$3" ]; then
ifmode=$3
fi
ifchannel=$CHANNEL
if [ $4 ]; then
if [ "$4" ]; then
ifchannel=$4
fi
ifconfig $ifname down
ifconfig $ifname mtu 1532
ifconfig "$ifname" down
ifconfig "$ifname" mtu 1532
peermac=$(assign_peer_address)
if [ ! $peermac ]; then
if [ ! "$peermac" ]; then
echo $"Unable to obtain MAC address for $peermac on $ifname"
return
fi
ifconfig $ifname hw ether $peermac
ifconfig "$ifname" hw ether "$peermac"
echo $"$ifname assigned MAC address $peermac"
iwconfig $ifname enc off
iwconfig $ifname mode $ifmode essid $ifssid channel $ifchannel
iwconfig "$ifname" enc off
iwconfig "$ifname" mode "$ifmode" essid "$ifssid" channel "$ifchannel"
batctl if add $ifname
ifconfig $ifname up
batctl if add "$ifname"
ifconfig "$ifname" up
}
function start {
@ -188,11 +189,11 @@ function start {
global_rate_limit
# Might have to re-enable wifi
rfkill unblock $(rfkill list|awk -F: "/phy/ {print $1}") || true
rfkill unblock "$(rfkill list|awk -F: "/phy/ {print $1}")" || true
secondary_wifi_available=
if [ $IFACE_SECONDARY ]; then
if [[ $IFACE != $IFACE_SECONDARY ]]; then
if [ "$IFACE_SECONDARY" ]; then
if [[ "$IFACE" != "$IFACE_SECONDARY" ]]; then
if [ -d /etc/hostapd ]; then
if [ ${#HOTSPOT_PASSPHRASE} -gt 4 ]; then
secondary_wifi_available=1
@ -215,23 +216,23 @@ function start {
sed -i "s|ExecStart=.*|ExecStart=/usr/local/bin/babeld ${IFACE}|g" /etc/systemd/system/babel.service
systemctl daemon-reload
add_wifi_interface $IFACE $WIFI_SSID ad-hoc $CHANNEL
add_wifi_interface "$IFACE" "$WIFI_SSID" ad-hoc "$CHANNEL"
# NOTE: Don't connect the secondary wifi device. hostapd will handle that by itself
ifconfig bat0 up promisc
brctl addbr $BRIDGE
brctl addif $BRIDGE bat0
brctl addbr "$BRIDGE"
brctl addif "$BRIDGE" bat0
ifconfig bat0 0.0.0.0
ethernet_connected='0'
if [ "$EIFACE" ] ; then
ethernet_connected=$(cat /sys/class/net/$EIFACE/carrier)
ethernet_connected=$(cat "/sys/class/net/$EIFACE/carrier")
if [[ "$ethernet_connected" != "0" ]]; then
echo $'Trying ethernet bridge to the internet'
brctl addif $BRIDGE $EIFACE
ifconfig $EIFACE 0.0.0.0
ifconfig $EIFACE up promisc
brctl addif "$BRIDGE" "$EIFACE"
ifconfig "$EIFACE" 0.0.0.0
ifconfig "$EIFACE" up promisc
echo $'End of ethernet bridge'
sed -i "s|ExecStart=.*|ExecStart=/usr/sbin/bmx6 dev=${IFACE} dev=${EIFACE}|g" /etc/systemd/system/bmx6.service
@ -243,8 +244,8 @@ function start {
echo $"$EIFACE is not connected"
fi
fi
ifconfig $BRIDGE up
dhclient $BRIDGE
ifconfig "$BRIDGE" up
dhclient "$BRIDGE"
enable_mesh_seconary_wifi
@ -257,34 +258,34 @@ function start {
systemctl restart nginx
if [ ! -f $MESH_DEFAULT_PROTOCOL ]; then
echo 'bmx6' > $MESH_DEFAULT_PROTOCOL
if [ ! -f "$MESH_DEFAULT_PROTOCOL" ]; then
echo 'bmx6' > "$MESH_DEFAULT_PROTOCOL"
fi
if grep -q "bmx6" $MESH_DEFAULT_PROTOCOL; then
if grep -q "bmx6" "$MESH_DEFAULT_PROTOCOL"; then
systemctl enable bmx6
systemctl restart bmx6
sed -i 's|<type>.*|<type>_bmx6._tcp</type>|g' /etc/avahi/services/routing.service
fi
if grep -q "bmx7" $MESH_DEFAULT_PROTOCOL; then
if grep -q "bmx7" "$MESH_DEFAULT_PROTOCOL"; then
systemctl enable bmx7
systemctl restart bmx7
sed -i 's|<type>.*|<type>_bmx7._tcp</type>|g' /etc/avahi/services/routing.service
fi
if grep -q "olsr" $MESH_DEFAULT_PROTOCOL; then
IFACE=$(cat /etc/systemd/system/olsr2.service | grep ExecStart | awk -F ' ' '{print $2}')
mesh_generate_ipv6_address $IFACE
if grep -q "olsr" "$MESH_DEFAULT_PROTOCOL"; then
IFACE=$(grep ExecStart "/etc/systemd/system/olsr2.service" | awk -F ' ' '{print $2}')
mesh_generate_ipv6_address "$IFACE"
systemctl enable olsr2
systemctl restart olsr2
sed -i 's|<type>.*|<type>_olsr2._tcp</type>|g' /etc/avahi/services/routing.service
fi
if grep -q "babel" $MESH_DEFAULT_PROTOCOL; then
IFACE=$(cat /etc/systemd/system/babel.service | grep ExecStart | awk -F ' ' '{print $2}')
mesh_generate_ipv6_address $IFACE
if grep -q "babel" "$MESH_DEFAULT_PROTOCOL"; then
IFACE=$(grep ExecStart /etc/systemd/system/babel.service | awk -F ' ' '{print $2}')
mesh_generate_ipv6_address "$IFACE"
systemctl enable babel
systemctl restart babel
@ -295,7 +296,7 @@ function start {
verify
echo "$(cat $MESH_DEFAULT_PROTOCOL)" > $MESH_CURRENT_PROTOCOL
cat "$MESH_DEFAULT_PROTOCOL" > "$MESH_CURRENT_PROTOCOL"
}
function monitor {
@ -329,21 +330,21 @@ function monitor {
echo ''
# Might have to re-enable wifi
rfkill unblock $(rfkill list|awk -F: "/phy/ {print $1}") || true
rfkill unblock "$(rfkill list|awk -F: "/phy/ {print $1}")" || true
ifconfig $IFACE down
ifconfig $IFACE mtu 1532
ifconfig $IFACE hw ether $(assign_peer_address)
iwconfig $IFACE enc off
iwconfig $IFACE mode monitor channel $CHANNEL
ifconfig "$IFACE" down
ifconfig "$IFACE" mtu 1532
ifconfig "$IFACE" hw ether "$(assign_peer_address)"
iwconfig "$IFACE" enc off
iwconfig "$IFACE" mode monitor channel "$CHANNEL"
sleep 1
iwconfig $IFACE ap $CELLID
iwconfig "$IFACE" ap "$CELLID"
modprobe batman-adv
batctl if add $IFACE
ifconfig $IFACE up
batctl if add "$IFACE"
ifconfig "$IFACE" up
horst -i $IFACE
horst -i "$IFACE"
clear
echo ''
@ -354,7 +355,7 @@ function monitor {
}
if ! grep -q "$IFACE" /proc/net/dev; then
echo 'Interface $IFACE was not found'
echo "Interface \$IFACE was not found"
stop
exit 1
fi
@ -377,7 +378,7 @@ case "$1" in
start
;;
ping)
batctl ping $2
batctl ping "$2"
;;
data)
watch -n1 "batctl s | grep mgmt | grep bytes"
@ -387,7 +388,7 @@ case "$1" in
;;
*)
echo "error: invalid parameter $1"
echo 'usage: $0 {start|stop|restart|status|ping|ls|list}'
echo "usage: \$0 {start|stop|restart|status|ping|ls|list}"
exit 2
;;
esac

95
src/freedombone-mesh-blog
View File

@ -42,17 +42,17 @@ BLOG_EDITOR='pluma'
DEFAULT_BLOG_TITLE=$"Freedombone Blog"
function remove_bad_blog_links {
find ./ -type f -name *.css -exec sed -i -e '/googleapi/d' {} \;
find ./ -type f -name *.scss -exec sed -i -e '/googleapi/d' {} \;
find ./ -type f -name *.html -exec sed -i -e '/googleapi/d' {} \;
find ./ -type f -name *.css -exec sed -i -e '/bootstrapcdn/d' {} \;
find ./ -type f -name *.scss -exec sed -i -e '/bootstrapcdn/d' {} \;
find ./ -type f -name *.html -exec sed -i -e '/bootstrapcdn/d' {} \;
find ./ -type f -name "*.css" -exec sed -i -e '/googleapi/d' {} \;
find ./ -type f -name "*.scss" -exec sed -i -e '/googleapi/d' {} \;
find ./ -type f -name "*.html" -exec sed -i -e '/googleapi/d' {} \;
find ./ -type f -name "*.css" -exec sed -i -e '/bootstrapcdn/d' {} \;
find ./ -type f -name "*.scss" -exec sed -i -e '/bootstrapcdn/d' {} \;
find ./ -type f -name "*.html" -exec sed -i -e '/bootstrapcdn/d' {} \;
}
function ipfs_publish {
DIR_TO_CHECK=/home/$USER/Public
if [ ! -d $DIR_TO_CHECK ]; then
if [ ! -d "$DIR_TO_CHECK" ]; then
return
fi
@ -60,13 +60,13 @@ function ipfs_publish {
echo $'Publishing to IPFS. This may take some time...'
OLD_STAT_FILE=/home/$USER/.old_stat.txt
NEW_STAT=$(stat -t $DIR_TO_CHECK)
echo $($IPFS_COMMAND add -rq /home/$USER/Public | tail -n 1) > $IPFS_PUBLIC
echo "$NEW_STAT" > $OLD_STAT_FILE
NEW_STAT=$(stat -t "$DIR_TO_CHECK")
$IPFS_COMMAND add -rq "/home/$USER/Public" | tail -n 1 > "$IPFS_PUBLIC"
echo "$NEW_STAT" > "$OLD_STAT_FILE"
if [ -f $IPFS_PUBLIC ]; then
IPFS_PUBLIC_ID=$(cat $IPFS_PUBLIC)
$IPFS_COMMAND name publish /ipfs/$IPFS_PUBLIC_ID
if [ -f "$IPFS_PUBLIC" ]; then
IPFS_PUBLIC_ID=$(cat "$IPFS_PUBLIC")
$IPFS_COMMAND name publish "/ipfs/$IPFS_PUBLIC_ID"
fi
}
@ -75,7 +75,7 @@ function regenerate_blog {
echo ''
echo $'Regenerating blog...'
cd $BLOG_PATH
cd $BLOG_PATH || exit 246872648
if grep -q "SITENAME=u'${DEFAULT_BLOG_TITLE}'" $BLOG_PATH/pelicanconf.py; then
TOX_NICK=$(toxid --showuser)
BLOG_TITLE=$"${TOX_NICK}'s Blog"
@ -83,7 +83,7 @@ function regenerate_blog {
fi
make html
cd $BLOG_PATH
cd $BLOG_PATH || exit 23682468
remove_bad_blog_links
ipfs_publish
@ -97,19 +97,19 @@ function view_blog {
function new_blog {
DATESTR=$(date "+%Y-%m-%d %H:%M:%S")
echo $'Title: Blog Post Title' > ~/.new-blog-entry
echo $"Date: ${DATESTR}" >> ~/.new-blog-entry
echo $"Author: $(toxid --showuser)" >> ~/.new-blog-entry
echo $'Category: default' >> ~/.new-blog-entry
echo $'Tags: blog, tag' >> ~/.new-blog-entry
echo '' >> ~/.new-blog-entry
echo $'Add your text here' >> ~/.new-blog-entry
echo '' >> ~/.new-blog-entry
echo -n $'To include an image copy it into the ~/CreateBlog/content/images directory, ' >> ~/.new-blog-entry
echo $'then link to it with:' >> ~/.new-blog-entry
echo '' >> ~/.new-blog-entry
echo $'![My image]({filename}images/myimage.jpg)' >> ~/.new-blog-entry
echo '' >> ~/.new-blog-entry
{ echo $'Title: Blog Post Title';
echo $"Date: ${DATESTR}";
echo $"Author: $(toxid --showuser)";
echo $'Category: default';
echo $'Tags: blog, tag';
echo '';
echo $'Add your text here';
echo '';
echo -n $'To include an image copy it into the ~/CreateBlog/content/images directory, ';
echo $'then link to it with:';
echo '';
echo $'![My image]({filename}images/myimage.jpg)';
echo ''; } > ~/.new-blog-entry
$BLOG_EDITOR ~/.new-blog-entry
@ -119,26 +119,26 @@ function new_blog {
if grep -q $"Blog Post Title" ~/.new-blog-entry; then
return
fi
if [ ! -f $CURRENT_BLOG_INDEX ]; then
echo '0' > $CURRENT_BLOG_INDEX
if [ ! -f "$CURRENT_BLOG_INDEX" ]; then
echo '0' > "$CURRENT_BLOG_INDEX"
fi
# move to the content directory
CURRENT_INDEX=$(cat $CURRENT_BLOG_INDEX)
mv ~/.new-blog-entry $BLOG_CONTENT_PATH/${CURRENT_INDEX}_post.md
CURRENT_INDEX=$(cat "$CURRENT_BLOG_INDEX")
mv ~/.new-blog-entry "$BLOG_CONTENT_PATH/${CURRENT_INDEX}_post.md"
# increment the index
CURRENT_INDEX=$((CURRENT_INDEX + 1))
echo "$CURRENT_INDEX" > $CURRENT_BLOG_INDEX
echo "$CURRENT_INDEX" > "$CURRENT_BLOG_INDEX"
regenerate_blog
}
function edit_blog {
if [ ! -f $CURRENT_BLOG_INDEX ]; then
if [ ! -f "$CURRENT_BLOG_INDEX" ]; then
return
fi
CURRENT_INDEX=$(cat $CURRENT_BLOG_INDEX)
CURRENT_INDEX=$(cat "$CURRENT_BLOG_INDEX")
PREVIOUS_INDEX=$((CURRENT_INDEX - 1))
LAST_BLOG_ENTRY=$BLOG_CONTENT_PATH/${PREVIOUS_INDEX}_post.md
if [ ! -f $LAST_BLOG_ENTRY ]; then
@ -149,23 +149,23 @@ function edit_blog {
}
function delete_blog {
if [ ! -f $CURRENT_BLOG_INDEX ]; then
if [ ! -f "$CURRENT_BLOG_INDEX" ]; then
return
fi
CURRENT_INDEX=$(cat $CURRENT_BLOG_INDEX)
CURRENT_INDEX=$(cat "$CURRENT_BLOG_INDEX")
PREVIOUS_INDEX=$((CURRENT_INDEX - 1))
LAST_BLOG_ENTRY=$BLOG_CONTENT_PATH/${PREVIOUS_INDEX}_post.md
if [ ! -f $LAST_BLOG_ENTRY ]; then
return
fi
if ! zenity --question --title=$'Delete the previous blog entry' --text=$"\nAre you sure that you wish to delete the previous blog entry?" --ok-label=No --cancel-label=Yes --width=300; then
if ! zenity --question --title=$'Delete the previous blog entry' --text=$"\\nAre you sure that you wish to delete the previous blog entry?" --ok-label=No --cancel-label=Yes --width=300; then
rm $LAST_BLOG_ENTRY
if [ $CURRENT_INDEX -gt 0 ]; then
if [ "$CURRENT_INDEX" -gt 0 ]; then
CURRENT_INDEX=$PREVIOUS_INDEX
echo "$CURRENT_INDEX" > $CURRENT_BLOG_INDEX
echo "$CURRENT_INDEX" > "$CURRENT_BLOG_INDEX"
else
rm -f $CURRENT_BLOG_INDEX
rm -f "$CURRENT_BLOG_INDEX"
fi
regenerate_blog
fi
@ -180,8 +180,8 @@ function change_theme {
n=1
curr_theme_index=
if [ -f /home/$USER/.blog-theme-index ]; then
curr_theme_index=$(cat /home/$USER/.blog-theme-index)
if [ -f "/home/$USER/.blog-theme-index" ]; then
curr_theme_index=$(cat "/home/$USER/.blog-theme-index")
fi
if [ -f /tmp/.blog-themes ]; then
rm /tmp/.blog-themes
@ -189,10 +189,11 @@ function change_theme {
for a in "${THEMES[@]}"
do
echo "$n $a" >> /tmp/.blog-themes
n=$[n+1]
n=$((n+1))
done
CHOSEN_THEME_INDEX=$(
# shellcheck disable=SC2002
cat /tmp/.blog-themes | \
awk -F ' ' '{
for(i=1;i<=NF;i++){
@ -204,15 +205,15 @@ function change_theme {
--column=$'Index' --column=$'Theme' \
--print-column=1 --hide-column=1 --width=300 --height=400)
rm /tmp/.blog-themes
if [ ! $CHOSEN_THEME_INDEX ]; then
if [ ! "$CHOSEN_THEME_INDEX" ]; then
exit 1
fi
echo "$CHOSEN_THEME_INDEX" > /home/$USER/.blog-theme-index
echo "$CHOSEN_THEME_INDEX" > "/home/$USER/.blog-theme-index"
CHOSEN_THEME_INDEX=$((CHOSEN_THEME_INDEX - 1))
CHOSEN_THEME=${THEMES[$CHOSEN_THEME_INDEX]}
cd cd $BLOG_PATH/themes/$CHOSEN_THEME
cd "$BLOG_PATH/themes/$CHOSEN_THEME" || exit 346746824
remove_bad_blog_links
if grep -q "THEME=" $BLOG_PATH/pelicanconf.py; then
sed -i "s|THEME=.*|THEME='themes/${CHOSEN_THEME}'|g" $BLOG_PATH/pelicanconf.py

9
src/freedombone-mesh-connect
View File

@ -54,7 +54,8 @@ function vpn_generate_keys {
fi
cp /etc/openvpn/dh2048.pem /etc/openvpn/easy-rsa/keys/dh2048.pem
cd /etc/openvpn/easy-rsa
cd /etc/openvpn/easy-rsa || exit 246872464
# shellcheck disable=SC1091
. ./vars
./clean-all
vpn_openssl_version='1.0.0'
@ -147,12 +148,12 @@ function mesh_setup_vpn {
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/stunnel*
# create an archive of the vpn client files
cd /home/$MY_USERNAME
cd /home/$MY_USERNAME || exit 346825628354
tar -czvf vpn.tar.gz stunnel* client.ovpn
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/vpn.tar.gz
if [ -f vpn.tar.gz ]; then
zenity --info --title $"Generate VPN client keys" --text $"\nNew VPN client keys have been generated in the /home/fbone directory.\n\nYou can find it by selecting \"Places\" then \"Home Directory\" on the top menu bar. Transmit the vpn.tar.gz file to whoever is running the other mesh network so that they can connect to yours.\n\nThey should uncompress vpn.tar.gz to their /home/fbone directory, forward port $VPN_MESH_TLS_PORT then connect using your IP address or domain name." --width 600
zenity --info --title $"Generate VPN client keys" --text $"\\nNew VPN client keys have been generated in the /home/fbone directory.\\n\\nYou can find it by selecting \"Places\" then \"Home Directory\" on the top menu bar. Transmit the vpn.tar.gz file to whoever is running the other mesh network so that they can connect to yours.\\n\\nThey should uncompress vpn.tar.gz to their /home/fbone directory, forward port $VPN_MESH_TLS_PORT then connect using your IP address or domain name." --width 600
fi
}
@ -190,7 +191,7 @@ function connect_to_mesh {
sed -i "s|route .*|route $ip_or_domain 255.255.255.255 net_gateway|g" ~/client.ovpn
clear
cd ~/
cd ~/ || exit 234628422874
sudo stunnel stunnel-client.conf
sudo openvpn client.ovpn
fi

206
src/freedombone-mesh-install
View File

@ -108,26 +108,26 @@ function mesh_avahi {
fi
# Add a mesh routing protocol service
echo '<?xml version="1.0" standalone="no"?><!--*-nxml-*-->' > $rootdir/etc/avahi/services/routing.service
echo '<!DOCTYPE service-group SYSTEM "avahi-service.dtd">' >> $rootdir/etc/avahi/services/routing.service
echo '<service-group>' >> $rootdir/etc/avahi/services/routing.service
echo ' <name replace-wildcards="yes">%h routing</name>' >> $rootdir/etc/avahi/services/routing.service
echo ' <service>' >> $rootdir/etc/avahi/services/routing.service
echo ' <type>_bmx6._tcp</type>' >> $rootdir/etc/avahi/services/routing.service
echo ' </service>' >> $rootdir/etc/avahi/services/routing.service
echo '</service-group>' >> $rootdir/etc/avahi/services/routing.service
{ echo '<?xml version="1.0" standalone="no"?><!--*-nxml-*-->';
echo '<!DOCTYPE service-group SYSTEM "avahi-service.dtd">';
echo '<service-group>';
echo ' <name replace-wildcards="yes">%h routing</name>';
echo ' <service>';
echo ' <type>_bmx6._tcp</type>';
echo ' </service>';
echo '</service-group>'; } > "$rootdir/etc/avahi/services/routing.service"
# keep the daemon running
WATCHDOG_SCRIPT_NAME="keepon"
echo '' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
echo '# keep avahi daemon running' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
echo 'AVAHI_RUNNING=$(pgrep avahi-daemon > /dev/null && echo Running)' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
echo 'if [ ! $AVAHI_RUNNING ]; then' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
echo ' systemctl start avahi-daemon' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
echo ' echo -n $CURRENT_DATE >> $LOGFILE' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
echo ' echo " Avahi daemon restarted" >> $LOGFILE' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
echo 'fi' >> $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
chmod +x $rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME
{ echo '';
echo '# keep avahi daemon running';
echo "AVAHI_RUNNING=\$(pgrep avahi-daemon > /dev/null && echo Running)";
echo "if [ ! \$AVAHI_RUNNING ]; then";
echo ' systemctl start avahi-daemon';
echo " echo -n \$CURRENT_DATE >> \$LOGFILE";
echo " echo \" Avahi daemon restarted\" >> \$LOGFILE";
echo 'fi'; } >> "$rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME"
chmod +x "$rootdir/usr/bin/$WATCHDOG_SCRIPT_NAME"
}
function install_batman_remove {
@ -154,23 +154,23 @@ function install_batman {
fi
BATMAN_DAEMON=$rootdir/etc/systemd/system/batman.service
echo '[Unit]' > $BATMAN_DAEMON
echo 'Description=B.A.T.M.A.N. Advanced' >> $BATMAN_DAEMON
echo 'After=network.target' >> $BATMAN_DAEMON
echo '' >> $BATMAN_DAEMON
echo '[Service]' >> $BATMAN_DAEMON
echo 'RemainAfterExit=yes' >> $BATMAN_DAEMON
echo "ExecStart=/var/lib/batman start" >> $BATMAN_DAEMON
echo "ExecStop=/var/lib/batman stop" >> $BATMAN_DAEMON
echo 'Restart=on-failure' >> $BATMAN_DAEMON
echo 'SuccessExitStatus=3 4' >> $BATMAN_DAEMON
echo 'RestartForceExitStatus=3 4' >> $BATMAN_DAEMON
echo '' >> $BATMAN_DAEMON
echo '# Allow time for the server to start/stop' >> $BATMAN_DAEMON
echo 'TimeoutSec=300' >> $BATMAN_DAEMON
echo '' >> $BATMAN_DAEMON
echo '[Install]' >> $BATMAN_DAEMON
echo 'WantedBy=multi-user.target' >> $BATMAN_DAEMON
{ echo '[Unit]';
echo 'Description=B.A.T.M.A.N. Advanced';
echo 'After=network.target';
echo '';
echo '[Service]';
echo 'RemainAfterExit=yes';
echo "ExecStart=/var/lib/batman start";
echo "ExecStop=/var/lib/batman stop";
echo 'Restart=on-failure';
echo 'SuccessExitStatus=3 4';
echo 'RestartForceExitStatus=3 4';
echo '';
echo '# Allow time for the server to start/stop';
echo 'TimeoutSec=300';
echo '';
echo '[Install]';
echo 'WantedBy=multi-user.target'; } > "$BATMAN_DAEMON"
$CHROOT_PREFIX systemctl enable batman
}
@ -178,79 +178,79 @@ function mesh_firewall {
FIREWALL_FILENAME=${rootdir}/etc/systemd/system/meshfirewall.service
MESH_FIREWALL_SCRIPT=${rootdir}/usr/bin/mesh-firewall
echo '#!/bin/bash' > $MESH_FIREWALL_SCRIPT
echo 'iptables -P INPUT ACCEPT' >> $MESH_FIREWALL_SCRIPT
echo 'ip6tables -P INPUT ACCEPT' >> $MESH_FIREWALL_SCRIPT
echo 'iptables -F' >> $MESH_FIREWALL_SCRIPT
echo 'ip6tables -F' >> $MESH_FIREWALL_SCRIPT
echo 'iptables -t nat -F' >> $MESH_FIREWALL_SCRIPT
echo 'ip6tables -t nat -F' >> $MESH_FIREWALL_SCRIPT
echo 'iptables -X' >> $MESH_FIREWALL_SCRIPT
echo 'ip6tables -X' >> $MESH_FIREWALL_SCRIPT
echo 'iptables -P INPUT DROP' >> $MESH_FIREWALL_SCRIPT
echo 'ip6tables -P INPUT DROP' >> $MESH_FIREWALL_SCRIPT
echo 'iptables -A INPUT -i lo -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
echo 'ip6tables -A INPUT -i lo -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
echo 'iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
echo 'ip6tables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
echo '' >> $MESH_FIREWALL_SCRIPT
echo '# Make sure incoming tcp connections are SYN packets' >> $MESH_FIREWALL_SCRIPT
echo 'iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP' >> $MESH_FIREWALL_SCRIPT
echo 'ip6tables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP' >> $MESH_FIREWALL_SCRIPT
echo '' >> $MESH_FIREWALL_SCRIPT
echo '# Drop packets with incoming fragments' >> $MESH_FIREWALL_SCRIPT
echo 'iptables -A INPUT -f -j DROP' >> $MESH_FIREWALL_SCRIPT
echo 'ip6tables -A INPUT -f -j DROP' >> $MESH_FIREWALL_SCRIPT
echo '' >> $MESH_FIREWALL_SCRIPT
echo '# Drop bogons' >> $MESH_FIREWALL_SCRIPT
echo 'iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP' >> $MESH_FIREWALL_SCRIPT
echo 'ip6tables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP' >> $MESH_FIREWALL_SCRIPT
echo 'iptables -A INPUT -p tcp --tcp-flags ALL FIN,PSH,URG -j DROP' >> $MESH_FIREWALL_SCRIPT
echo 'ip6tables -A INPUT -p tcp --tcp-flags ALL FIN,PSH,URG -j DROP' >> $MESH_FIREWALL_SCRIPT
echo 'iptables -A INPUT -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP' >> $MESH_FIREWALL_SCRIPT
echo 'ip6tables -A INPUT -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP' >> $MESH_FIREWALL_SCRIPT
echo '' >> $MESH_FIREWALL_SCRIPT
echo '# Incoming malformed NULL packets:' >> $MESH_FIREWALL_SCRIPT
echo 'iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP' >> $MESH_FIREWALL_SCRIPT
echo 'ip6tables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP' >> $MESH_FIREWALL_SCRIPT
echo '' >> $MESH_FIREWALL_SCRIPT
echo "iptables -A INPUT -p tcp --dport $TOX_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
echo "ip6tables -A INPUT -p tcp --dport $TOX_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
{ echo '#!/bin/bash';
echo 'iptables -P INPUT ACCEPT';
echo 'ip6tables -P INPUT ACCEPT';
echo 'iptables -F';
echo 'ip6tables -F';
echo 'iptables -t nat -F';
echo 'ip6tables -t nat -F';
echo 'iptables -X';
echo 'ip6tables -X';
echo 'iptables -P INPUT DROP';
echo 'ip6tables -P INPUT DROP';
echo 'iptables -A INPUT -i lo -j ACCEPT';
echo 'ip6tables -A INPUT -i lo -j ACCEPT';
echo 'iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT';
echo 'ip6tables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT';
echo '';
echo '# Make sure incoming tcp connections are SYN packets';
echo 'iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP';
echo 'ip6tables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP';
echo '';
echo '# Drop packets with incoming fragments';
echo 'iptables -A INPUT -f -j DROP';
echo 'ip6tables -A INPUT -f -j DROP';
echo '';
echo '# Drop bogons';
echo 'iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP';
echo 'ip6tables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP';
echo 'iptables -A INPUT -p tcp --tcp-flags ALL FIN,PSH,URG -j DROP';
echo 'ip6tables -A INPUT -p tcp --tcp-flags ALL FIN,PSH,URG -j DROP';
echo 'iptables -A INPUT -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP';
echo 'ip6tables -A INPUT -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP';
echo '';
echo '# Incoming malformed NULL packets:';
echo 'iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP';
echo 'ip6tables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP';
echo '';
echo "iptables -A INPUT -p tcp --dport $TOX_PORT -j ACCEPT";
echo "ip6tables -A INPUT -p tcp --dport $TOX_PORT -j ACCEPT";
echo "iptables -A INPUT -p udp --dport $ZERONET_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
echo "ip6tables -A INPUT -p udp --dport $ZERONET_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
echo "iptables -A INPUT -p tcp --dport $ZERONET_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
echo "ip6tables -A INPUT -p tcp --dport $ZERONET_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
echo "iptables -A INPUT -p udp --dport $TRACKER_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
echo "ip6tables -A INPUT -p udp --dport $TRACKER_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
echo "iptables -A INPUT -p tcp --dport $TRACKER_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
echo "ip6tables -A INPUT -p tcp --dport $TRACKER_PORT -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
echo "iptables -A INPUT -p udp --dport 1900 -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
echo "ip6tables -A INPUT -p udp --dport 1900 -j ACCEPT" >> $MESH_FIREWALL_SCRIPT
echo "iptables -A INPUT -p udp --dport $ZERONET_PORT -j ACCEPT";
echo "ip6tables -A INPUT -p udp --dport $ZERONET_PORT -j ACCEPT";
echo "iptables -A INPUT -p tcp --dport $ZERONET_PORT -j ACCEPT";
echo "ip6tables -A INPUT -p tcp --dport $ZERONET_PORT -j ACCEPT";
echo "iptables -A INPUT -p udp --dport $TRACKER_PORT -j ACCEPT";
echo "ip6tables -A INPUT -p udp --dport $TRACKER_PORT -j ACCEPT";
echo "iptables -A INPUT -p tcp --dport $TRACKER_PORT -j ACCEPT";
echo "ip6tables -A INPUT -p tcp --dport $TRACKER_PORT -j ACCEPT";
echo "iptables -A INPUT -p udp --dport 1900 -j ACCEPT";
echo "ip6tables -A INPUT -p udp --dport 1900 -j ACCEPT";
echo '# OLSR2/MANET' >> $MESH_FIREWALL_SCRIPT
echo 'iptables -A INPUT -p udp --dport 269 -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
echo 'ip6tables -A INPUT -p udp --dport 269 -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
echo 'iptables -A INPUT -p tcp --dport 138 -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
echo 'ip6tables -A INPUT -p tcp --dport 138 -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
echo '# OLSR2/MANET';
echo 'iptables -A INPUT -p udp --dport 269 -j ACCEPT';
echo 'ip6tables -A INPUT -p udp --dport 269 -j ACCEPT';
echo 'iptables -A INPUT -p tcp --dport 138 -j ACCEPT';
echo 'ip6tables -A INPUT -p tcp --dport 138 -j ACCEPT';
echo '# Babel' >> $MESH_FIREWALL_SCRIPT
echo 'iptables -A INPUT -p udp --dport 6696 -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
echo 'ip6tables -A INPUT -p udp --dport 6696 -j ACCEPT' >> $MESH_FIREWALL_SCRIPT
echo '# Babel';
echo 'iptables -A INPUT -p udp --dport 6696 -j ACCEPT';
echo 'ip6tables -A INPUT -p udp --dport 6696 -j ACCEPT'; } > "$MESH_FIREWALL_SCRIPT"
chmod +x $MESH_FIREWALL_SCRIPT
echo '[Unit]' > $FIREWALL_FILENAME
echo 'Description=Mesh Firewall' >> $FIREWALL_FILENAME
echo '' >> $FIREWALL_FILENAME
echo '[Service]' >> $FIREWALL_FILENAME
echo 'Type=oneshot' >> $FIREWALL_FILENAME
echo 'ExecStart=/usr/bin/mesh-firewall' >> $FIREWALL_FILENAME
echo 'RemainAfterExit=no' >> $FIREWALL_FILENAME
echo '' >> $FIREWALL_FILENAME
echo 'TimeoutSec=30' >> $FIREWALL_FILENAME
echo '' >> $FIREWALL_FILENAME
echo '[Install]' >> $FIREWALL_FILENAME
echo 'WantedBy=multi-user.target' >> $FIREWALL_FILENAME
{ echo '[Unit]';
echo 'Description=Mesh Firewall';
echo '';
echo '[Service]';
echo 'Type=oneshot';
echo 'ExecStart=/usr/bin/mesh-firewall';
echo 'RemainAfterExit=no';
echo '';
echo 'TimeoutSec=30';
echo '';
echo '[Install]';
echo 'WantedBy=multi-user.target'; } > $FIREWALL_FILENAME
chmod +x $FIREWALL_FILENAME
$CHROOT_PREFIX systemctl enable meshfirewall
}
@ -290,7 +290,7 @@ do
-r|--rootdir)
shift
rootdir="$1"
CHROOT_PREFIX='chroot "${rootdir}"'
CHROOT_PREFIX="chroot \"\${rootdir}\""
;;
-w|--wifi|--interface)
shift

4
src/freedombone-mesh-invite
View File

@ -35,13 +35,13 @@ invite=$(sudo -- bash -c 'su -c "sbot invite.create 1" - scuttlebot' | awk -F '"
if [ ${#invite} -lt 10 ]; then
dialog --title $"Create Invite" \
--msgbox $"\nThe invite could not be created" 7 70
--msgbox $"\\nThe invite could not be created" 7 70
exit 1
fi
echo "$invite" | xclip -selection c
dialog --title $"Create Invite" \
--msgbox $"\nThe invite has been copied to the clipboard.\n\nYou can paste it with CTRL+v" 9 70
--msgbox $"\\nThe invite has been copied to the clipboard.\\n\\nYou can paste it with CTRL+v" 9 70
exit 0

6
src/freedombone-mesh-reset
View File

@ -43,12 +43,12 @@ if ! zenity --question --title=$'New Identity' --text=$"Do you want to reset you
sudo pkill midori
sudo pkill patchwork
sudo rm -f $MESH_INSTALL_COMPLETED
sudo ${PROJECT_NAME}-image-mesh $USER new
sudo "${PROJECT_NAME}-image-mesh" "$USER" new
sudo batman start
if [ -f $HOME/mesh-desktop.sh ]; then
$HOME/mesh-desktop.sh
if [ -f "$HOME/mesh-desktop.sh" ]; then
"$HOME/mesh-desktop.sh"
else
zenity --info --title=$"New Identity" --text=$"You now have a new identity" --width=200
fi

70
src/freedombone-mesh-routing
View File

@ -31,34 +31,34 @@ PROJECT_NAME='freedombone'
export TEXTDOMAIN=${PROJECT_NAME}-mesh-routing
export TEXTDOMAINDIR="/usr/share/locale"
source /usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-wifi
source /usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-mesh
source "/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-wifi"
source "/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-mesh"
function mesh_stop_daemon {
daemon_name=$1
clear
echo ''
echo $"Stopping $1..."
sudo systemctl stop $1
echo $"Disabling $1..."
sudo systemctl disable $1
echo $"Stopping ${daemon_name}..."
sudo systemctl stop "${daemon_name}"
echo $"Disabling ${daemon_name}..."
sudo systemctl disable "${daemon_name}"
}
clear
echo ''
echo $'Scanning for BMX6 protocol...'
bmx6_peers=$(avahi-browse -at | grep routing | grep bmx6 | wc -l)
bmx6_peers=$(avahi-browse -at | grep routing | grep -c bmx6)
clear
echo ''
echo $'Scanning for OLSR2 protocol...'
olsr2_peers=$(avahi-browse -at | grep routing | grep olsr2 | wc -l)
olsr2_peers=$(avahi-browse -at | grep routing | grep -c olsr2)
clear
echo ''
echo $'Scanning for Babel protocol...'
babel_peers=$(avahi-browse -at | grep routing | grep babel | wc -l)
babel_peers=$(avahi-browse -at | grep routing | grep -c babel)
clear
@ -71,28 +71,28 @@ case $sel in
esac
temp_script=$HOME/.change_routing
echo '#!/bin/bash' > $temp_script
echo "echo \"\$1\" > $MESH_DEFAULT_PROTOCOL" >> $temp_script
echo "echo \"\$1\" > $MESH_CURRENT_PROTOCOL" >> $temp_script
echo "sed -i \"s|<type>.*|<type>_\${1}._tcp</type>|g\" /etc/avahi/services/routing.service" >> $temp_script
echo 'systemctl restart avahi-daemon' >> $temp_script
echo "IFACE=\$(cat /etc/systemd/system/\${1}.service | grep ExecStart | awk -F ' ' '{print \$2}')" >> $temp_script
echo 'network=fd66:66:66' >> $temp_script
echo 'search_ipv6=$(ifconfig $1 | grep $network)' >> $temp_script
echo 'if [ $search_ipv6 ]; then' >> $temp_script
echo " result=\$(ifconfig \$1 | grep \$network | awk -F ' ' '{print \$2}')" >> $temp_script
echo ' ip -6 addr add ${result}/128 dev $1' >> $temp_script
echo 'else' >> $temp_script
echo ' ipv6_array=( 1 2 3 4 5 6 7 8 9 0 a b c d e f )' >> $temp_script
echo ' a=${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}' >> $temp_script
echo ' b=${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}' >> $temp_script
echo ' c=${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}' >> $temp_script
echo ' d=${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}' >> $temp_script
echo ' e=${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}' >> $temp_script
echo ' result=$network:$a:$b:$c:$d:$e' >> $temp_script
echo ' ip -6 addr add ${result}/128 dev $1' >> $temp_script
echo 'fi' >> $temp_script
chmod +x $temp_script
{ echo '#!/bin/bash';
echo "echo \"\$1\" > $MESH_DEFAULT_PROTOCOL";
echo "echo \"\$1\" > $MESH_CURRENT_PROTOCOL";
echo "sed -i \"s|<type>.*|<type>_\${1}._tcp</type>|g\" /etc/avahi/services/routing.service";
echo 'systemctl restart avahi-daemon';
echo "IFACE=\$(cat /etc/systemd/system/\${1}.service | grep ExecStart | awk -F ' ' '{print \$2}')";
echo 'network=fd66:66:66';
echo "search_ipv6=\$(ifconfig \$1 | grep \$network)";
echo "if [ \$search_ipv6 ]; then";
echo " result=\$(ifconfig \$1 | grep \$network | awk -F ' ' '{print \$2}')";
echo " ip -6 addr add \${result}/128 dev \$1";
echo 'else';
echo ' ipv6_array=( 1 2 3 4 5 6 7 8 9 0 a b c d e f )';
echo " a=\${ipv6_array[\$RANDOM%16]}\${ipv6_array[\$RANDOM%16]}\${ipv6_array[\$RANDOM%16]}\${ipv6_array[\$RANDOM%16]}";
echo " b=\${ipv6_array[\$RANDOM%16]}\${ipv6_array[\$RANDOM%16]}\${ipv6_array[\$RANDOM%16]}\${ipv6_array[\$RANDOM%16]}";
echo " c=\${ipv6_array[\$RANDOM%16]}\${ipv6_array[\$RANDOM%16]}\${ipv6_array[\$RANDOM%16]}\${ipv6_array[\$RANDOM%16]}";
echo " d=\${ipv6_array[\$RANDOM%16]}\${ipv6_array[\$RANDOM%16]}\${ipv6_array[\$RANDOM%16]}\${ipv6_array[\$RANDOM%16]}";
echo " e=\${ipv6_array[\$RANDOM%16]}\${ipv6_array[\$RANDOM%16]}\${ipv6_array[\$RANDOM%16]}\${ipv6_array[\$RANDOM%16]}";
echo " result=\$network:\$a:\$b:\$c:\$d:\$e";
echo " ip -6 addr add \${result}/128 dev \$1";
echo 'fi'; } > "$temp_script"
chmod +x "$temp_script"
clear
echo ''
@ -100,7 +100,7 @@ echo $'Authentication to change mesh protocol'
echo ''
case $data in
1) sudo $temp_script 'bmx6'
1) sudo "$temp_script" 'bmx6'
mesh_stop_daemon 'bmx7'
mesh_stop_daemon 'olsr2'
mesh_stop_daemon 'babel'
@ -111,7 +111,7 @@ case $data in
echo $'Starting BMX6...'
sudo systemctl start bmx6
;;
2) sudo $temp_script 'olsr2'
2) sudo "$temp_script" 'olsr2'
mesh_stop_daemon 'bmx6'
mesh_stop_daemon 'bmx7'
mesh_stop_daemon 'babel'
@ -122,7 +122,7 @@ case $data in
echo $'Starting OLSR2...'
sudo systemctl start olsr2
;;
3) sudo $temp_script 'babel'
3) sudo "$temp_script" 'babel'
mesh_stop_daemon 'bmx6'
mesh_stop_daemon 'bmx7'
mesh_stop_daemon 'olsr2'
@ -135,6 +135,6 @@ case $data in
;;
esac
rm $temp_script
rm "$temp_script"
exit 0

13
src/freedombone-mesh-visit-site
View File

@ -51,7 +51,7 @@ fi
USERS_FILE_LINES=$(wc -l $USERS_FILE | awk -F ' ' '{print $1}')
if [ $USERS_FILE_LINES -gt 200 ]; then
if [ "$USERS_FILE_LINES" -gt 200 ]; then
# If there are more than a Dunbar number of peers then ask for the peer name or ID
data=$(zenity --entry --title="Visit IPFS site" --text="Enter the username or Tox ID for the site you wish to visit")
sel=$?
@ -62,7 +62,7 @@ if [ $USERS_FILE_LINES -gt 200 ]; then
if ! grep -q "$TOX_USERNAME_OR_ID" $USERS_FILE; then
TOX_ID="$TOX_USERNAME_OR_ID"
else
TOX_ID=$(cat "$USERS_FILE" | grep "$TOX_USERNAME_OR_ID" | head -n 1 | sed "s|$TOX_USERNAME_OR_ID ||g" | sed -e 's/^[[:space:]]*//')
TOX_ID=$(grep "$TOX_USERNAME_OR_ID" "$USERS_FILE" | head -n 1 | sed "s|$TOX_USERNAME_OR_ID ||g" | sed -e 's/^[[:space:]]*//')
fi
if [ ${#TOX_ID} -gt 5 ]; then
@ -70,7 +70,7 @@ if [ $USERS_FILE_LINES -gt 200 ]; then
zenity --info --title $"Visit a site" --text $"An IPFS site was not found for the user '$TOX_USERNAME_OR_ID'" --width 500
exit 3
fi
IPFS_FULL_URL=${IPFS_URL}/$(cat "$IPFS_USERS_FILE" | grep $TOX_ID | head -n 1 | awk -F ':' '{print $2}')
IPFS_FULL_URL=${IPFS_URL}/$(grep "$TOX_ID" "$IPFS_USERS_FILE" | head -n 1 | awk -F ':' '{print $2}')
pkill $BROWSER
setsid sh -c "$BROWSER $BROWSER_OPTIONS $IPFS_FULL_URL$SUFFIX" > /dev/null 2>&1 < /dev/null &
@ -85,7 +85,8 @@ if [ $USERS_FILE_LINES -gt 200 ]; then
else
# If there are a relatively small number of users then choose from a list
TOX_ID=$(
cat $USERS_FILE | \
# shellcheck disable=SC2002
cat "$USERS_FILE" | \
awk -F ' ' '{
for(i=1;i<=NF;i++){
print $i;
@ -95,10 +96,10 @@ else
--title='Visit the site of another user' \
--column='Username' --column='Tox ID' \
--print-column=2 --hide-column=2 --width=300 --height=400)
if [ ! $TOX_ID ]; then
if [ ! "$TOX_ID" ]; then
exit 0
fi
IPFS_FULL_URL=${IPFS_URL}/$(cat "$IPFS_USERS_FILE" | grep $TOX_ID | head -n 1 | awk -F ':' '{print $2}')
IPFS_FULL_URL=${IPFS_URL}/$(grep "$TOX_ID" "$IPFS_USERS_FILE" | head -n 1 | awk -F ':' '{print $2}')
pkill $BROWSER
setsid sh -c "$BROWSER $BROWSER_OPTIONS $IPFS_FULL_URL$SUFFIX" > /dev/null 2>&1 < /dev/null &

87
src/freedombone-pass
View File

@ -60,7 +60,7 @@ function get_backup_key_id {
MY_BACKUP_KEY_ID=$(gpg --list-keys "(backup key)" | sed -n '2p' | sed 's/^[ \t]*//')
if [ ${#MY_BACKUP_KEY_ID} -lt 4 ]; then
echo $"Error: gpg backup key was not found"
return 58213
exit 58213
fi
}
@ -99,7 +99,7 @@ function pad_string {
pass_string="$1"
str_length=${#pass_string}
total_padding=$((128 - str_length))
leading_padding=$((1 + RANDOM % $total_padding))
leading_padding=$((1 + RANDOM % total_padding))
trailing_padding=$((total_padding - leading_padding))
leading=$(printf "%-${leading_padding}s")
trailing=$(printf "%-${trailing_padding}s")
@ -118,8 +118,7 @@ function run_tests {
echo $'Incorrect padded length'
exit 78352
fi
${PROJECT_NAME}-pass -u root -a tests -p "$pass"
if [ ! "$?" = "0" ]; then
if ! "${PROJECT_NAME}-pass" -u root -a tests -p "$pass"; then
echo $'Unable to encrypt password'
exit 72725
fi
@ -142,8 +141,8 @@ function clear_passwords {
for d in /root/.passwords/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $4}')
if [[ "$USERNAME" != 'root' ]]; then
shred -zu /root/.passwords/$USERNAME/*
rm -rf /root/.passwords/$USERNAME
shred -zu "/root/.passwords/$USERNAME/*"
rm -rf "/root/.passwords/$USERNAME"
fi
done
if [ ! -f $NO_PASSWORD_STORE_FILE ]; then
@ -156,34 +155,34 @@ function clear_passwords {
function export_to_keepass {
filename="$1"
echo '<database>' > $filename
echo ' <group>' >> $filename
echo " <title>${PROJECT_NAME}</title>" >> $filename
echo ' <icon>48</icon>' >> $filename
{ echo '<database>';
echo ' <group>';
echo " <title>${PROJECT_NAME}</title>";
echo ' <icon>48</icon>'; } > "$filename"
for d in /root/.passwords/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $4}')
echo ' <group>' >> $filename
echo " <title>$USERNAME</title>" >> $filename
echo ' <icon>0</icon>' >> $filename
{ echo ' <group>';
echo " <title>$USERNAME</title>";
echo ' <icon>0</icon>'; } >> "$filename"
for a in /root/.passwords/$USERNAME/* ; do
APP_NAME=$(basename $a)
app_password=$(${PROJECT_NAME}-pass -u $USERNAME -a $APP_NAME)
echo ' <entry>' >> $filename
echo " <title>$APP_NAME</title>" >> $filename
echo " <username>$USERNAME</username>" >> $filename
echo " <password>$app_password</password>" >> $filename
echo ' <url/>' >> $filename
echo ' <comment/>' >> $filename
echo ' <icon>0</icon>' >> $filename
echo ' <expire>Never</expire>' >> $filename
echo ' </entry>' >> $filename
APP_NAME=$(basename "$a")
app_password=$("${PROJECT_NAME}-pass" -u "$USERNAME" -a "$APP_NAME")
{ echo ' <entry>';
echo " <title>$APP_NAME</title>";
echo " <username>$USERNAME</username>";
echo " <password>$app_password</password>";
echo ' <url/>';
echo ' <comment/>';
echo ' <icon>0</icon>';
echo ' <expire>Never</expire>';
echo ' </entry>'; } >> "$filename"
done
echo ' </group>' >> $filename
echo ' </group>' >> "$filename"
done
echo ' </group>' >> $filename
echo '</database>' >> $filename
echo ' </group>' >> "$filename"
echo '</database>' >> "$filename"
echo $"Exported $filename"
}
@ -245,9 +244,9 @@ do
shift
done
if [ ${REMOVE_USERNAME} ]; then
if [ -d ~/.passwords/${REMOVE_USERNAME} ]; then
rm -rf ~/.passwords/${REMOVE_USERNAME}
if [ "${REMOVE_USERNAME}" ]; then
if [ -d "${HOME}/.passwords/${REMOVE_USERNAME}" ]; then
rm -rf "${HOME}/.passwords/${REMOVE_USERNAME}"
fi
exit 0
fi
@ -271,43 +270,43 @@ if [ $TESTS ]; then
exit 0
fi
if [ $EXPORT_FILENAME ]; then
export_to_keepass $EXPORT_FILENAME
if [ "$EXPORT_FILENAME" ]; then
export_to_keepass "$EXPORT_FILENAME"
exit 0
fi
if [ ! $CURR_USERNAME ]; then
if [ ! "$CURR_USERNAME" ]; then
echo $'Error: No username given'
exit 1
fi
if [ ! -d /home/$CURR_USERNAME ]; then
if [ ! -d "/home/$CURR_USERNAME" ]; then
if [[ "$CURR_USERNAME" != "root" ]]; then
echo $"Error: User $CURR_USERNAME does not exist"
exit 2
fi
fi
if [ ${REMOVE_APP} ]; then
if [ -d ~/.passwords/${CURR_USERNAME}/${REMOVE_APP} ]; then
shred -zu ~/.passwords/${CURR_USERNAME}/${REMOVE_APP}
if [ "${REMOVE_APP}" ]; then
if [ -d "${HOME}/.passwords/${CURR_USERNAME}/${REMOVE_APP}" ]; then
shred -zu "${HOME}/.passwords/${CURR_USERNAME}/${REMOVE_APP}"
fi
exit 0
fi
if [ ! $CURR_APP ]; then
if [ ! "$CURR_APP" ]; then
echo $'Error: No app name given'
exit 3
fi
if [ ${#CURR_PASSWORD} -eq 0 ]; then
# retrieve password
if [ ! -f ~/.passwords/$CURR_USERNAME/$CURR_APP ]; then
if [ ! -f "${HOME}/.passwords/$CURR_USERNAME/$CURR_APP" ]; then
MASTER_PASSWORD=
echo ""
exit 4
else
pass=$(gpg --batch -dq --passphrase "$MASTER_PASSWORD" ~/.passwords/$CURR_USERNAME/$CURR_APP)
pass=$(gpg --batch -dq --passphrase "$MASTER_PASSWORD" "${HOME}/.passwords/$CURR_USERNAME/$CURR_APP")
remove_padding "${pass}"
fi
else
@ -318,12 +317,12 @@ else
exit 0
fi
fi
if [ ! -d ~/.passwords/$CURR_USERNAME ]; then
mkdir -p ~/.passwords/$CURR_USERNAME
if [ ! -d "${HOME}/.passwords/$CURR_USERNAME" ]; then
mkdir -p "${HOME}/.passwords/$CURR_USERNAME"
fi
# padding helps to ensure than nothing can be learned from the length of the cyphertext
pad_string "${CURR_PASSWORD}" | gpg --batch -ca --cipher-algo AES256 --passphrase "$MASTER_PASSWORD" > ~/.passwords/$CURR_USERNAME/$CURR_APP
if [ ! -f ~/.passwords/$CURR_USERNAME/$CURR_APP ]; then
pad_string "${CURR_PASSWORD}" | gpg --batch -ca --cipher-algo AES256 --passphrase "$MASTER_PASSWORD" > "${HOME}/.passwords/$CURR_USERNAME/$CURR_APP"
if [ ! -f "${HOME}/.passwords/$CURR_USERNAME/$CURR_APP" ]; then
MASTER_PASSWORD=
exit 5
fi

36
src/freedombone-pin-cert
View File

@ -43,20 +43,20 @@ function pin_all_certs {
return
fi
cd $WEBSITES_DIRECTORY
for file in `dir -d *` ; do
if grep -q "Public-Key-Pins" $file; then
cd $WEBSITES_DIRECTORY || exit 2468724684
for file in $(dir -d "*") ; do
if grep -q "Public-Key-Pins" "$file"; then
DOMAIN_NAME=$file
KEY_FILENAME=/etc/ssl/private/${DOMAIN_NAME}.key
if [ -f $KEY_FILENAME ]; then
if [ -f "$KEY_FILENAME" ]; then
BACKUP_KEY_FILENAME=/etc/ssl/certs/${DOMAIN_NAME}.pem
if [ -f $BACKUP_KEY_FILENAME ]; then
KEY_HASH=$(openssl rsa -in $KEY_FILENAME -outform der -pubout | openssl dgst -sha256 -binary | openssl enc -base64)
BACKUP_KEY_HASH=$(openssl rsa -in $BACKUP_KEY_FILENAME -outform der -pubout | openssl dgst -sha256 -binary | openssl enc -base64)
if [ -f "$BACKUP_KEY_FILENAME" ]; then
KEY_HASH=$(openssl rsa -in "$KEY_FILENAME" -outform der -pubout | openssl dgst -sha256 -binary | openssl enc -base64)
BACKUP_KEY_HASH=$(openssl rsa -in "$BACKUP_KEY_FILENAME" -outform der -pubout | openssl dgst -sha256 -binary | openssl enc -base64)
if [ ${#BACKUP_KEY_HASH} -gt 5 ]; then
PIN_HEADER="Public-Key-Pins 'pin-sha256=\"${KEY_HASH}\"; pin-sha256=\"${BACKUP_KEY_HASH}\"; max-age=${PIN_MAX_AGE}; includeSubDomains';"
sed -i "s|Public-Key-Pins.*|${PIN_HEADER}|g" $file
sed -i "s|Public-Key-Pins.*|${PIN_HEADER}|g" "$file"
echo $"Pinned $DOMAIN_NAME with keys $KEY_HASH $BACKUP_KEY_HASH"
fi
fi
@ -65,7 +65,7 @@ function pin_all_certs {
done
}
if [[ $1 == "all" ]]; then
if [[ "$1" == "all" ]]; then
pin_all_certs
systemctl restart nginx
exit 0
@ -77,7 +77,7 @@ KEY_FILENAME=/etc/ssl/private/${DOMAIN_NAME}.key
BACKUP_KEY_FILENAME=/etc/ssl/certs/${DOMAIN_NAME}.pem
SITE_FILENAME=$WEBSITES_DIRECTORY/${DOMAIN_NAME}
if [ ! ${DOMAIN_NAME} ]; then
if [ ! "${DOMAIN_NAME}" ]; then
exit 0
fi
@ -86,8 +86,8 @@ if [ ! -f "$SITE_FILENAME" ]; then
fi
if [[ $REMOVE == "remove" ]]; then
if grep -q "Public-Key-Pins" $SITE_FILENAME; then
sed -i "/Public-Key-Pins/d" $SITE_FILENAME
if grep -q "Public-Key-Pins" "$SITE_FILENAME"; then
sed -i "/Public-Key-Pins/d" "$SITE_FILENAME"
echo $"Removed pinning for ${DOMAIN_NAME}"
systemctl restart nginx
fi
@ -104,8 +104,8 @@ if [ ! -f "$BACKUP_KEY_FILENAME" ]; then
exit 2
fi
KEY_HASH=$(openssl rsa -in $KEY_FILENAME -outform der -pubout | openssl dgst -sha256 -binary | openssl enc -base64)
BACKUP_KEY_HASH=$(openssl rsa -in $BACKUP_KEY_FILENAME -outform der -pubout | openssl dgst -sha256 -binary | openssl enc -base64)
KEY_HASH=$(openssl rsa -in "$KEY_FILENAME" -outform der -pubout | openssl dgst -sha256 -binary | openssl enc -base64)
BACKUP_KEY_HASH=$(openssl rsa -in "$BACKUP_KEY_FILENAME" -outform der -pubout | openssl dgst -sha256 -binary | openssl enc -base64)
if [ ${#KEY_HASH} -lt 5 ]; then
echo 'Pin hash unexpectedly short'
@ -118,15 +118,15 @@ if [ ${#BACKUP_KEY_HASH} -lt 5 ]; then
fi
PIN_HEADER="Public-Key-Pins 'pin-sha256=\"${KEY_HASH}\"; pin-sha256=\"${BACKUP_KEY_HASH}\"; max-age=5184000; includeSubDomains';"
if ! grep -q "Public-Key-Pins" $SITE_FILENAME; then
sed -i "/ssl_ciphers.*/a add_header ${PIN_HEADER}" $SITE_FILENAME
if ! grep -q "Public-Key-Pins" "$SITE_FILENAME"; then
sed -i "/ssl_ciphers.*/a add_header ${PIN_HEADER}" "$SITE_FILENAME"
else
sed -i "s|Public-Key-Pins.*|${PIN_HEADER}|g" $SITE_FILENAME
sed -i "s|Public-Key-Pins.*|${PIN_HEADER}|g" "$SITE_FILENAME"
fi
systemctl restart nginx
if ! grep -q "add_header Public-Key-Pins" $SITE_FILENAME; then
if ! grep -q "add_header Public-Key-Pins" "$SITE_FILENAME"; then
echo $'Pinning failed'
fi

16
src/freedombone-powerline
View File

@ -56,23 +56,23 @@ __powerline() {
readonly WHITE_BRIGHT=15
# Font effects
readonly DIM="\[$(tput dim)\]"
readonly REVERSE="\[$(tput rev)\]"
readonly RESET="\[$(tput sgr0)\]"
readonly BOLD="\[$(tput bold)\]"
readonly DIM="\\[$(tput dim)\\]"
readonly REVERSE="\\[$(tput rev)\\]"
readonly RESET="\\[$(tput sgr0)\\]"
readonly BOLD="\\[$(tput bold)\\]"
# Generate terminal colour codes
# $1 is an int (a colour) and $2 must be 'fg' or 'bg'
__colour() {
case "$2" in
'fg'*)
echo "\[$(tput setaf "$1")\]"
echo "\\[$(tput setaf "$1")\\]"
;;
'bg'*)
echo "\[$(tput setab "$1")\]"
echo "\\[$(tput setab "$1")\\]"
;;
*)
echo "\[$(tput setab "$1")\]"
echo "\\[$(tput setab "$1")\\]"
;;
esac
}
@ -288,7 +288,7 @@ __powerline() {
if [ ! -z "${text+x}" ]; then
text+="@"
fi
text+="\h"
text+="\\h"
fi
if [ ! -z ${text+x} ]; then

57
src/freedombone-recoverkey
View File

@ -36,10 +36,10 @@ export TEXTDOMAINDIR="/usr/share/locale"
source $PROJECT_INSTALL_DIR/${PROJECT_NAME}-vars
# include utils which allow function_check, go and drive mount
UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*
UTILS_FILES="/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*"
for f in $UTILS_FILES
do
source $f
source "$f"
done
FRIENDS_SERVERS_LIST=
@ -78,69 +78,71 @@ do
shift
done
if [ ! $MY_USERNAME ]; then
if [ ! "$MY_USERNAME" ]; then
show_help
fi
if [ ! -d /home/$MY_USERNAME ]; then
if [ ! -d "/home/$MY_USERNAME" ]; then
echo $"User $MY_USERNAME does not exist on the system"
exit 7270
fi
if [ ! $MY_USERNAME ]; then
if [ ! "$MY_USERNAME" ]; then
echo $'No username given'
exit 3578
fi
if [ ! -d /home/$MY_USERNAME ]; then
if [ ! -d "/home/$MY_USERNAME" ]; then
echo $"User $MY_USERNAME does not exist on the system"
exit 7270
fi
FRAGMENTS_DIR=/home/$MY_USERNAME/.gnupg_fragments
FRAGMENTS_DIR="/home/$MY_USERNAME/.gnupg_fragments"
# if no remote backup list was given then assume recover from USB
if [ ! $FRIENDS_SERVERS_LIST ]; then
if [ ! "$FRIENDS_SERVERS_LIST" ]; then
interactive_gpg_from_usb
exit 0
fi
# obtain shares/fragments from remote locations
if [ $FRIENDS_SERVERS_LIST ]; then
if [ "$FRIENDS_SERVERS_LIST" ]; then
# For each remote server
while read remote_server
while read -r remote_server
do
# Get the server and its password
# Format is:
# username@domain:/home/username <port number> <ssh password>
REMOTE_SERVER=$(echo "${remote_server}" | awk -F ' ' '{print $1}')
if [ $REMOTE_SERVER ]; then
if [ "$REMOTE_SERVER" ]; then
REMOTE_SSH_PORT=$(echo "${remote_server}" | awk -F ' ' '{print $2}')
REMOTE_PASSWORD=$(echo "${remote_server}" | awk -F ' ' '{print $3}')
# create a directory if it doesn't exist
if [ ! -d /home/$MY_USERNAME/.gnupg_fragments ]; then
mkdir -p /home/$MY_USERNAME/.gnupg_fragments
if [ ! -d "/home/$MY_USERNAME/.gnupg_fragments" ]; then
mkdir -p "/home/$MY_USERNAME/.gnupg_fragments"
fi
echo -n $"Starting key retrieval from $REMOTE_SERVER..."
/usr/bin/sshpass -p $REMOTE_PASSWORD \
scp -r -P $REMOTE_SSH_PORT $REMOTE_SERVER/.gnupg_fragments/* /home/$MY_USERNAME/.gnupg_fragments
/usr/bin/sshpass -p "$REMOTE_PASSWORD" \
scp -r -P "$REMOTE_SSH_PORT" "$REMOTE_SERVER/.gnupg_fragments/*" "/home/$MY_USERNAME/.gnupg_fragments"
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
echo $'FAILED'
else
echo $'Ok'
fi
fi
done < $FRIENDS_SERVERS_LIST
done < "$FRIENDS_SERVERS_LIST"
fi
# was a directory created?
if [ ! -d $FRAGMENTS_DIR ]; then
if [ ! -d "$FRAGMENTS_DIR" ]; then
echo $'No fragments have been recovered, so the key cannot be recovered'
exit 7483
fi
# was anything downloaded?
cd $FRAGMENTS_DIR
cd "$FRAGMENTS_DIR" || exit 24682468
# shellcheck disable=SC2012
no_of_shares=$(ls -afq keyshare.asc.* | wc -l)
if (( no_of_shares == 0 )); then
echo $'No key fragments were retrieved'
@ -148,14 +150,14 @@ if (( no_of_shares == 0 )); then
fi
# set permissions on the fragments
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg_fragments
chown -R "$MY_USERNAME":"$MY_USERNAME" "/home/$MY_USERNAME/.gnupg_fragments"
# decrypt the file
KEYS_FILE=$FRAGMENTS_DIR/keyshare.asc
cd $FRAGMENTS_DIR
gfcombine $KEYS_FILE.*
cd "$FRAGMENTS_DIR" || exit 482746874624
gfcombine "$KEYS_FILE.*"
if [ ! -f $KEYS_FILE ]; then
if [ ! -f "$KEYS_FILE" ]; then
echo $'Unable to decrypt key. This may mean that not enough fragments are available'
exit 6283
fi
@ -163,15 +165,14 @@ fi
echo $'Key fragments recombined'
# import the gpg key
gpg --homedir=/home/$MY_USERNAME/.gnupg --allow-secret-key-import --import $KEYS_FILE
if [ ! "$?" = "0" ]; then
if ! gpg --homedir="/home/$MY_USERNAME/.gnupg" --allow-secret-key-import --import "$KEYS_FILE"; then
echo $'Unable to import gpg key'
shred -zu $KEYS_FILE
shred -zu "$KEYS_FILE"
exit 3682
fi
shred -zu $KEYS_FILE
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg
chmod -R 600 /home/$MY_USERNAME/.gnupg
shred -zu "$KEYS_FILE"
chown -R "$MY_USERNAME":"$MY_USERNAME" "/home/$MY_USERNAME/.gnupg"
chmod -R 600 "/home/$MY_USERNAME/.gnupg"
echo $'GPG key was recovered'

64
src/freedombone-remote
View File

@ -35,7 +35,7 @@ PROJECT_NAME='freedombone'
export TEXTDOMAIN=${PROJECT_NAME}-remote
export TEXTDOMAINDIR="/usr/share/locale"
CONFIG_FILE=$HOME/${PROJECT_NAME}.cfg
CONFIG_FILE="$HOME/${PROJECT_NAME}.cfg"
# User to create the list for
MY_USERNAME=$USER
@ -44,7 +44,7 @@ MY_USERNAME=$USER
FRIENDS_SERVERS_LIST=
# Minimum password length in characters
MINIMUM_PASSWORD_LENGTH=$(cat /usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-passwords | grep 'MINIMUM_PASSWORD_LENGTH=' | head -n 1 | awk -F '=' '{print $2}')
MINIMUM_PASSWORD_LENGTH=$(grep 'MINIMUM_PASSWORD_LENGTH=' "/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-passwords" | head -n 1 | awk -F '=' '{print $2}')
# How many remote locations were specified
entering_remote_backups_ctr=0
@ -117,24 +117,24 @@ do
done
function interactive_config_remote_backups {
if [ ! $MY_USERNAME ]; then
if [ ! "$MY_USERNAME" ]; then
echo $'Please specify a username with the -u option'
exit 7356
fi
if [ ! /home/$MY_USERNAME ]; then
if [ ! -d "/home/$MY_USERNAME" ]; then
echo $"The user /home/$MY_USERNAME does not exist on the system"
exit 3689
fi
if [ ! $FRIENDS_SERVERS_LIST ]; then
if [ ! "$FRIENDS_SERVERS_LIST" ]; then
FRIENDS_SERVERS_LIST=/home/$MY_USERNAME/backup.list
fi
# clear any existing list
if [ -f $FRIENDS_SERVERS_LIST ]; then
rm -f $FRIENDS_SERVERS_LIST
touch $FRIENDS_SERVERS_LIST
if [ -f "$FRIENDS_SERVERS_LIST" ]; then
rm -f "$FRIENDS_SERVERS_LIST"
touch "$FRIENDS_SERVERS_LIST"
fi
# number of entries made
entering_remote_backups_ctr=1
@ -148,57 +148,57 @@ function interactive_config_remote_backups {
remote_ssh_reciprocal_password=""
while [[ $entering_remote_backups_done == "no" ]]
do
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
data=$(mktemp 2>/dev/null)
if [[ $RECIPROCAL == "yes" ]]; then
dialog --backtitle "Freedombone Configuration" \
--title "$TITLE ${entering_remote_backups_ctr}" \
--form "\nPlease specify the SSH login details for the remote server\n\nThe reciprocal entries are optional, and can be used if you wish to set up a user account on this system for whoever runs the remote server to also use for backups" 20 50 8 \
--form "\\nPlease specify the SSH login details for the remote server\\n\\nThe reciprocal entries are optional, and can be used if you wish to set up a user account on this system for whoever runs the remote server to also use for backups" 20 50 8 \
"Username:" 1 1 "$remote_ssh_username" 1 23 16 15 \
"Domain:" 2 1 "$remote_ssh_domain" 2 23 16 15 \
"SSH port:" 3 1 "2222" 3 23 5 4 \
"Password:" 4 1 "$remote_ssh_password" 4 23 20 100 \
"Reciprocal Username:" 5 1 "$remote_ssh_reciprocal_username" 5 23 20 100 \
"Reciprocal Password:" 6 1 "$remote_ssh_reciprocal_password" 6 23 20 100 \
2> $data
2> "$data"
else
dialog --backtitle "Freedombone Configuration" \
--title "$TITLE ${entering_remote_backups_ctr}" \
--form "\nPlease specify the SSH login details for the remote server" 15 50 4 \
--form "\\nPlease specify the SSH login details for the remote server" 15 50 4 \
"Username:" 1 1 "$remote_ssh_username" 1 23 16 15 \
"Domain:" 2 1 "$remote_ssh_domain" 2 23 16 15 \
"SSH port:" 3 1 "2222" 3 23 5 4 \
"Password:" 4 1 "$remote_ssh_password" 4 23 20 100 \
2> $data
2> "$data"
fi
sel=$?
case $sel in
1) entering_remote_backups_done="yes";;
255) entering_remote_backups_done="yes";;
esac
remote_ssh_username=$(cat $data | sed -n 1p)
remote_ssh_domain=$(cat $data | sed -n 2p)
remote_ssh_port=$(cat $data | sed -n 3p)
remote_ssh_password=$(cat $data | sed -n 4p)
remote_ssh_reciprocal_username=$(cat $data | sed -n 5p)
remote_ssh_reciprocal_password=$(cat $data | sed -n 6p)
remote_ssh_username=$(sed -n 1p < "$data")
remote_ssh_domain=$(sed -n 2p < "$data")
remote_ssh_port=$(sed -n 3p < "$data")
remote_ssh_password=$(sed -n 4p < "$data")
remote_ssh_reciprocal_username=$(sed -n 5p < "$data")
remote_ssh_reciprocal_password=$(sed -n 6p < "$data")
rm -f "$data"
if [[ $remote_ssh_username != "" && \
$remote_ssh_domain != "" && \
$remote_ssh_port != "" && \
$remote_ssh_password != "" ]]; then
if [ ${#remote_ssh_password} -lt $MINIMUM_PASSWORD_LENGTH ]; then
if [ ${#remote_ssh_password} -lt "$MINIMUM_PASSWORD_LENGTH" ]; then
dialog --title "Password quality check" --msgbox "The password given was too short. It must be at least $MINIMUM_PASSWORD_LENGTH characters" 6 40
else
if [[ $RECIPROCAL == "yes" ]]; then
if [[ $remote_ssh_reciprocal_username != "" && \
$remote_ssh_reciprocal_password != "" ]]; then
if [ ${#remote_ssh_reciprocal_password} -lt $MINIMUM_PASSWORD_LENGTH ]; then
if [ ${#remote_ssh_reciprocal_password} -lt "$MINIMUM_PASSWORD_LENGTH" ]; then
dialog --title "Password quality check" --msgbox "The reciprocal password given was too short. It must be at least $MINIMUM_PASSWORD_LENGTH characters" 6 40
else
echo ${remote_ssh_reciprocal_username}:${remote_ssh_reciprocal_password}::::/home/${remote_ssh_reciprocal_username}:bash | newusers
echo "$remote_ssh_username@$remote_ssh_domain $remote_ssh_port /home/$remote_ssh_username $remote_ssh_password" >> $FRIENDS_SERVERS_LIST
echo "${remote_ssh_reciprocal_username}:${remote_ssh_reciprocal_password}::::/home/${remote_ssh_reciprocal_username}:bash" | newusers
echo "$remote_ssh_username@$remote_ssh_domain $remote_ssh_port /home/$remote_ssh_username $remote_ssh_password" >> "$FRIENDS_SERVERS_LIST"
remote_ssh_username=""
remote_ssh_domain=""
remote_ssh_port=""
@ -208,7 +208,7 @@ function interactive_config_remote_backups {
entering_remote_backups_ctr=$((entering_remote_backups_ctr + 1))
fi
else
echo "$remote_ssh_username@$remote_ssh_domain $remote_ssh_port /home/$remote_ssh_username $remote_ssh_password" >> $FRIENDS_SERVERS_LIST
echo "$remote_ssh_username@$remote_ssh_domain $remote_ssh_port /home/$remote_ssh_username $remote_ssh_password" >> "$FRIENDS_SERVERS_LIST"
remote_ssh_username=""
remote_ssh_domain=""
remote_ssh_port=""
@ -218,7 +218,7 @@ function interactive_config_remote_backups {
entering_remote_backups_ctr=$((entering_remote_backups_ctr + 1))
fi
else
echo "$remote_ssh_username@$remote_ssh_domain $remote_ssh_port /home/$remote_ssh_username $remote_ssh_password" >> $FRIENDS_SERVERS_LIST
echo "$remote_ssh_username@$remote_ssh_domain $remote_ssh_port /home/$remote_ssh_username $remote_ssh_password" >> "$FRIENDS_SERVERS_LIST"
remote_ssh_username=""
remote_ssh_domain=""
remote_ssh_port=""
@ -231,18 +231,18 @@ function interactive_config_remote_backups {
entering_remote_backups_done="yes"
fi
done
if [ -f $FRIENDS_SERVERS_LIST ]; then
chown $MY_USERNAME:$MY_USERNAME $FRIENDS_SERVERS_LIST
if [ -f "$FRIENDS_SERVERS_LIST" ]; then
chown "$MY_USERNAME":"$MY_USERNAME" "$FRIENDS_SERVERS_LIST"
fi
}
function show_result {
clear
if (( $entering_remote_backups_ctr < 2 )); then
if (( "$entering_remote_backups_ctr" < 2 )); then
echo $'No remote backup locations were specified'
exit 0
fi
if [ ! -f $FRIENDS_SERVERS_LIST ]; then
if [ ! -f "$FRIENDS_SERVERS_LIST" ]; then
echo $"No remote backups list found: $FRIENDS_SERVERS_LIST"
exit 7358
fi
@ -251,11 +251,11 @@ function show_result {
echo ''
echo $'Contents:'
echo ''
cat $FRIENDS_SERVERS_LIST
cat "$FRIENDS_SERVERS_LIST"
echo ''
}
if [ ! $FRIENDS_SERVERS_LIST ]; then
if [ ! "$FRIENDS_SERVERS_LIST" ]; then
FRIENDS_SERVERS_LIST=/home/$MY_USERNAME/backup.list
fi

7
src/freedombone-renew-cert
View File

@ -59,8 +59,7 @@ function renew_letsencrypt {
echo $"Renewing Let's Encrypt certificate"
fi
${PROJECT_NAME}-addcert -e $HOSTNAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH
if [ ! "$?" = "0" ]; then
if ! ${PROJECT_NAME}-addcert -e $HOSTNAME -s $LETSENCRYPT_SERVER --dhkey $DH_KEYLENGTH; then
echo $"Unable to add Let's encrypt certificate"
exit 6328
fi
@ -195,7 +194,7 @@ esac
shift
done
if [ ! $HOSTNAME ]; then
if [ ! "$HOSTNAME" ]; then
echo $'No hostname specified'
exit 5748
fi
@ -206,7 +205,7 @@ if ! which openssl > /dev/null ;then
fi
# check that the web site exists
if [ ! -f /etc/nginx/sites-available/$HOSTNAME ]; then
if [ ! -f "/etc/nginx/sites-available/$HOSTNAME" ]; then
echo $"/etc/nginx/sites-available/$HOSTNAME does not exist"
exit 7598
fi

30
src/freedombone-repair-database
View File

@ -29,16 +29,16 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
PROJECT_NAME='freedombone'
COMPLETION_FILE=$HOME/${PROJECT_NAME}-completed.txt
CONFIG_FILE=$HOME/${PROJECT_NAME}.cfg
COMPLETION_FILE="$HOME/${PROJECT_NAME}-completed.txt"
CONFIG_FILE="$HOME/${PROJECT_NAME}.cfg"
export TEXTDOMAIN=${PROJECT_NAME}-repair-databases
export TEXTDOMAINDIR="/usr/share/locale"
# The database to be repaired
DATABASE=$1
DATABASE="$1"
ADMIN_USERNAME=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}')
ADMIN_USERNAME=$(grep "Admin user" "$COMPLETION_FILE" | awk -F ':' '{print $2}')
ADMIN_EMAIL_ADDRESS=${ADMIN_USERNAME}@${HOSTNAME}
# Frequency - daily/weekly
@ -62,36 +62,36 @@ TEMPFILE=/root/repair-database-$DATABASE
umask 0077
if [ $2 ]; then
BACKUP_TYPE=$2
if [ "$2" ]; then
BACKUP_TYPE="$2"
fi
# check the database
mysqlcheck -c -u root --password="$MYSQL_ROOT_PASSWORD" $DATABASE > $TEMPFILE
mysqlcheck -c -u root --password="$MYSQL_ROOT_PASSWORD" "$DATABASE" > "$TEMPFILE"
# Attempt to repair the database if it contains errors
if grep -q "Error" "$TEMPFILE"; then
mysqlcheck -u root --password="$MYSQL_ROOT_PASSWORD" --auto-repair $DATABASE
mysqlcheck -u root --password="$MYSQL_ROOT_PASSWORD" --auto-repair "$DATABASE"
else
# No errors were found, so exit
rm -f $TEMPFILE
rm -f "$TEMPFILE"
exit 0
fi
rm -f $TEMPFILE
rm -f "$TEMPFILE"
# Check the database again
mysqlcheck -c -u root --password="$MYSQL_ROOT_PASSWORD" $DATABASE > $TEMPFILE
mysqlcheck -c -u root --password="$MYSQL_ROOT_PASSWORD" "$DATABASE" > "$TEMPFILE"
# If it still contains errors then restore from backup
if grep -q "Error" "$TEMPFILE"; then
mysql -u root --password="$MYSQL_ROOT_PASSWORD" $DATABASE -o < /var/backups/${DATABASE}_${BACKUP_TYPE}.sql
mysql -u root --password="$MYSQL_ROOT_PASSWORD" "$DATABASE" -o < "/var/backups/${DATABASE}_${BACKUP_TYPE}.sql"
# Send a warning email
echo $"$DATABASE database corruption could not be repaired. Restored from backup." | mail -s $"${PROJECT_NAME} database maintenance" $ADMIN_EMAIL_ADDRESS
rm -f $TEMPFILE
echo $"$DATABASE database corruption could not be repaired. Restored from backup." | mail -s $"${PROJECT_NAME} database maintenance" "$ADMIN_EMAIL_ADDRESS"
rm -f "$TEMPFILE"
exit 1
fi
rm -f $TEMPFILE
rm -f "$TEMPFILE"
exit 0

275
src/freedombone-restore-local
View File

@ -31,7 +31,7 @@
PROJECT_NAME='freedombone'
COMPLETION_FILE=$HOME/${PROJECT_NAME}-completed.txt
MONGODB_APPS_FILE=$HOME/.mongodbapps
CONFIGURATION_FILE=$HOME/${PROJECT_NAME}.cfg
CONFIGURATION_FILE="$HOME/${PROJECT_NAME}.cfg"
BACKUP_EXTRA_DIRECTORIES=/root/backup-extra-dirs.csv
# whether to restore everything or just a specific application
@ -67,10 +67,10 @@ please_wait
source $PROJECT_INSTALL_DIR/${PROJECT_NAME}-vars
# include utils which allow function_check, go and drive mount
UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*
UTILS_FILES="/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*"
for f in $UTILS_FILES
do
source $f
source "$f"
done
clear
@ -83,7 +83,7 @@ ADMIN_NAME=
read_config_param USB_DRIVE
if [ -f $COMPLETION_FILE ]; then
if [ -f "$COMPLETION_FILE" ]; then
ADMIN_USERNAME=$(get_completion_param "Admin user")
fi
@ -98,7 +98,7 @@ function check_backup_exists {
function check_admin_user {
echo $"Checking that admin user exists"
if [ ! -d /home/$ADMIN_USERNAME ]; then
if [ ! -d "/home/$ADMIN_USERNAME" ]; then
echo $"Username $ADMIN_USERNAME not found. Reinstall ${PROJECT_NAME} with this username."
set_user_permissions
backup_unmount_drive
@ -108,7 +108,7 @@ function check_admin_user {
function copy_gpg_keys {
echo $"Copying GPG keys from admin user to root"
cp -r /home/$ADMIN_USERNAME/.gnupg /root
cp -r "/home/$ADMIN_USERNAME/.gnupg" /root
gpg_set_permissions root
}
@ -185,12 +185,11 @@ function restore_configfiles {
# fi
#fi
if [ -f $temp_restore_dir$MONGODB_APPS_FILE ]; then
cp -f $temp_restore_dir$MONGODB_APPS_FILE $MONGODB_APPS_FILE
if [ ! "$?" = "0" ]; then
if [ -f "$temp_restore_dir$MONGODB_APPS_FILE" ]; then
if ! cp -f "$temp_restore_dir$MONGODB_APPS_FILE" "$MONGODB_APPS_FILE"; then
set_user_permissions
backup_unmount_drive
rm -rf $temp_restore_dir
rm -rf "$temp_restore_dir"
exit 859034853
fi
fi
@ -210,12 +209,11 @@ function restore_configfiles {
# fi
#fi
if [ -f ${temp_restore_dir}${BACKUP_EXTRA_DIRECTORIES} ]; then
cp -f ${temp_restore_dir}${BACKUP_EXTRA_DIRECTORIES} ${BACKUP_EXTRA_DIRECTORIES}
if [ ! "$?" = "0" ]; then
if [ -f "${temp_restore_dir}${BACKUP_EXTRA_DIRECTORIES}" ]; then
if ! cp -f "${temp_restore_dir}${BACKUP_EXTRA_DIRECTORIES}" "${BACKUP_EXTRA_DIRECTORIES}"; then
set_user_permissions
backup_unmount_drive
rm -rf $temp_restore_dir
rm -rf "$temp_restore_dir"
exit 62121
fi
fi
@ -274,6 +272,7 @@ function restore_mariadb {
else
mysqlsuccess=$(mysql -u root --password="$db_pass" mysql -o < ${temp_restore_dir}/mysql.sql)
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
echo $"Try again using the password obtained from backup"
db_pass=$(${PROJECT_NAME}-pass -u root -a mariadb)
@ -283,6 +282,7 @@ function restore_mariadb {
mysqlsuccess=$(mysql -u root --password="$db_pass" mysql -o < ${temp_restore_dir}/mysql.sql)
fi
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
echo "$mysqlsuccess"
set_user_permissions
@ -292,9 +292,9 @@ function restore_mariadb {
echo $"Restarting database"
systemctl restart mariadb
echo $"Ensure MariaDB handles authentication"
MARIADB_PASSWORD=$(${PROJECT_NAME}-pass -u root -a mariadb)
MARIADB_PASSWORD=$("${PROJECT_NAME}-pass" -u root -a mariadb)
mariadb_fix_authentication
DATABASE_PASSWORD=$(${PROJECT_NAME}-pass -u root -a mariadb)
DATABASE_PASSWORD=$("${PROJECT_NAME}-pass" -u root -a mariadb)
fi
rm -rf $temp_restore_dir
fi
@ -328,6 +328,7 @@ function restore_postgresql {
else
mysqlsuccess=$(sudo -u postgres pg_restore ${temp_restore_dir}/postgresql.sql)
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
echo $"Try again using the password obtained from backup"
db_pass=$(${PROJECT_NAME}-pass -u root -a postgresql)
@ -337,6 +338,7 @@ function restore_postgresql {
mysqlsuccess=$(sudo -u postgres pg_restore ${temp_restore_dir}/postgresql.sql)
fi
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
echo "$mysqlsuccess"
set_user_permissions
@ -346,8 +348,8 @@ function restore_postgresql {
echo $"Restarting database"
systemctl restart postgresql
echo $"Ensure postgresql handles authentication"
POSTGRESQL_PASSWORD=$(${PROJECT_NAME}-pass -u root -a postgresql)
DATABASE_PASSWORD=$(${PROJECT_NAME}-pass -u root -a postgresql)
POSTGRESQL_PASSWORD=$("${PROJECT_NAME}-pass" -u root -a postgresql)
DATABASE_PASSWORD=$("${PROJECT_NAME}-pass" -u root -a postgresql)
fi
rm -rf $temp_restore_dir
fi
@ -411,30 +413,30 @@ function restore_mutt_settings {
fi
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ ! -d "/home/$USERNAME" ]; then
"${PROJECT_NAME}-adduser" "$USERNAME"
fi
echo $"Restoring Mutt configurations for $USERNAME"
restore_directory_from_usb /home/$USERNAME/.mutt mutt/${USERNAME}configs
restore_directory_from_usb "/home/$USERNAME/.mutt" "mutt/${USERNAME}configs"
echo $"Restoring Mutt settings for $USERNAME"
temp_restore_dir=/root/tempmutt
restore_directory_from_usb $temp_restore_dir mutt/$USERNAME
if [ -d $temp_restore_dir/home/$USERNAME/tempbackup ]; then
if [ -f $temp_restore_dir/home/$USERNAME/tempbackup/.muttrc ]; then
cp -f $temp_restore_dir/home/$USERNAME/tempbackup/.muttrc /home/$USERNAME/.muttrc
sed -i '/set sidebar_delim/d' /home/$USERNAME/.muttrc
sed -i '/set sidebar_sort/d' /home/$USERNAME/.muttrc
restore_directory_from_usb "$temp_restore_dir" "mutt/$USERNAME"
if [ -d "$temp_restore_dir/home/$USERNAME/tempbackup" ]; then
if [ -f "$temp_restore_dir/home/$USERNAME/tempbackup/.muttrc" ]; then
cp -f "$temp_restore_dir/home/$USERNAME/tempbackup/.muttrc" "/home/$USERNAME/.muttrc"
sed -i '/set sidebar_delim/d' "/home/$USERNAME/.muttrc"
sed -i '/set sidebar_sort/d' "/home/$USERNAME/.muttrc"
fi
if [ -f $temp_restore_dir/home/$USERNAME/tempbackup/Muttrc ]; then
cp -f $temp_restore_dir/home/$USERNAME/tempbackup/Muttrc /etc/Muttrc
if [ -f "$temp_restore_dir/home/$USERNAME/tempbackup/Muttrc" ]; then
cp -f "$temp_restore_dir/home/$USERNAME/tempbackup/Muttrc" /etc/Muttrc
sed -i '/set sidebar_delim/d' /etc/Muttrc
sed -i '/set sidebar_sort/d' /etc/Muttrc
fi
else
if [ -f $temp_restore_dir/.muttrc ]; then
cp -f $temp_restore_dir/.muttrc /home/$USERNAME/.muttrc
sed -i '/set sidebar_delim/d' /home/$USERNAME/.muttrc
sed -i '/set sidebar_sort/d' /home/$USERNAME/.muttrc
cp -f "$temp_restore_dir/.muttrc" "/home/$USERNAME/.muttrc"
sed -i '/set sidebar_delim/d' "/home/$USERNAME/.muttrc"
sed -i '/set sidebar_sort/d' "/home/$USERNAME/.muttrc"
fi
if [ -f $temp_restore_dir/Muttrc ]; then
cp -f $temp_restore_dir/Muttrc /etc/Muttrc
@ -442,6 +444,7 @@ function restore_mutt_settings {
sed -i '/set sidebar_sort/d' /etc/Muttrc
fi
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
rm -rf $temp_restore_dir
set_user_permissions
@ -463,20 +466,21 @@ function restore_gpg {
for d in $USB_MOUNT/backup/gnupg/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ ! -d "/home/$USERNAME" ]; then
"${PROJECT_NAME}-adduser" "$USERNAME"
fi
echo $"Restoring gnupg settings for $USERNAME"
temp_restore_dir=/root/tempgnupg
restore_directory_from_usb $temp_restore_dir gnupg/$USERNAME
if [ -d $temp_restore_dir/home/$USERNAME/.gnupg ]; then
cp -r $temp_restore_dir/home/$USERNAME/.gnupg /home/$USERNAME/
restore_directory_from_usb $temp_restore_dir "gnupg/$USERNAME"
if [ -d "$temp_restore_dir/home/$USERNAME/.gnupg" ]; then
cp -r "$temp_restore_dir/home/$USERNAME/.gnupg" "/home/$USERNAME/"
else
if [ ! -d /home/$USERNAME/.gnupg ]; then
mkdir /home/$USERNAME/.gnupg
if [ ! -d "/home/$USERNAME/.gnupg" ]; then
mkdir "/home/$USERNAME/.gnupg"
fi
cp -r $temp_restore_dir/* /home/$USERNAME/.gnupg/
cp -r $temp_restore_dir/* "/home/$USERNAME/.gnupg/"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
rm -rf $temp_restore_dir
set_user_permissions
@ -484,10 +488,9 @@ function restore_gpg {
exit 276
fi
rm -rf $temp_restore_dir
gpg_set_permissions $USERNAME
gpg_set_permissions "$USERNAME"
if [[ "$USERNAME" == "$ADMIN_USERNAME" ]]; then
cp -r /home/$USERNAME/.gnupg /root
if [ ! "$?" = "0" ]; then
if ! cp -r "/home/$USERNAME/.gnupg" /root; then
set_user_permissions
backup_unmount_drive
exit 283
@ -509,18 +512,19 @@ function restore_procmail {
for d in $USB_MOUNT/backup/procmail/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ ! -d "/home/$USERNAME" ]; then
${PROJECT_NAME}-adduser "$USERNAME"
fi
echo $"Restoring procmail settings for $USERNAME"
temp_restore_dir=/root/tempprocmail
restore_directory_from_usb $temp_restore_dir procmail/$USERNAME
restore_directory_from_usb $temp_restore_dir "procmail/$USERNAME"
if [ -d $temp_restore_dir ]; then
if [ -d $temp_restore_dir/home/$USERNAME/tempbackup ]; then
cp -f $temp_restore_dir/home/$USERNAME/tempbackup/.procmailrc /home/$USERNAME/
if [ -d "$temp_restore_dir/home/$USERNAME/tempbackup" ]; then
cp -f "$temp_restore_dir/home/$USERNAME/tempbackup/.procmailrc" "/home/$USERNAME/"
else
cp -f $temp_restore_dir/.procmailrc /home/$USERNAME/.procmailrc
cp -f "$temp_restore_dir/.procmailrc" "/home/$USERNAME/.procmailrc"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
rm -rf $temp_restore_dir
set_user_permissions
@ -544,21 +548,22 @@ function restore_spamassassin {
for d in $USB_MOUNT/backup/spamassassin/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ -d $USB_MOUNT/backup/spamassassin/$USERNAME ]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ -d "$USB_MOUNT/backup/spamassassin/$USERNAME" ]; then
if [ ! -d "/home/$USERNAME" ]; then
${PROJECT_NAME}-adduser "$USERNAME"
fi
echo $"Restoring spamassassin settings for $USERNAME"
temp_restore_dir=/root/tempspamassassin
restore_directory_from_usb $temp_restore_dir spamassassin/$USERNAME
if [ -d $temp_restore_dir/home/$USERNAME ]; then
cp -rf $temp_restore_dir/home/$USERNAME/.spamassassin /home/$USERNAME/
restore_directory_from_usb $temp_restore_dir "spamassassin/$USERNAME"
if [ -d "$temp_restore_dir/home/$USERNAME" ]; then
cp -rf "$temp_restore_dir/home/$USERNAME/.spamassassin" "/home/$USERNAME/"
else
if [ ! -d /home/$USERNAME/.spamassassin ]; then
mkdir /home/$USERNAME/.spamassassin
if [ ! -d "/home/$USERNAME/.spamassassin" ]; then
mkdir "/home/$USERNAME/.spamassassin"
fi
cp -rf $temp_restore_dir/* /home/$USERNAME/.spamassassin/
cp -rf "$temp_restore_dir/*" "/home/$USERNAME/.spamassassin/"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
rm -rf $temp_restore_dir
set_user_permissions
@ -583,19 +588,20 @@ function restore_admin_readme {
# Make a backup of the original README file
# incase old passwords need to be used
if [ -f /home/$ADMIN_USERNAME/README ]; then
if [ ! -f /home/$ADMIN_USERNAME/README_original ]; then
cp /home/$ADMIN_USERNAME/README /home/$ADMIN_USERNAME/README_original
if [ -f "/home/$ADMIN_USERNAME/README" ]; then
if [ ! -f "/home/$ADMIN_USERNAME/README_original" ]; then
cp "/home/$ADMIN_USERNAME/README" "/home/$ADMIN_USERNAME/README_original"
fi
fi
temp_restore_dir=/root/tempreadme
restore_directory_from_usb $temp_restore_dir readme
if [ -d $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup ]; then
cp -f $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/README /home/$ADMIN_USERNAME/
if [ -d "$temp_restore_dir/home/$ADMIN_USERNAME/tempbackup" ]; then
cp -f "$temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/README" "/home/$ADMIN_USERNAME/"
else
cp -f $temp_restore_dir/README /home/$ADMIN_USERNAME/README
cp -f "$temp_restore_dir/README" "/home/$ADMIN_USERNAME/README"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
rm -rf $temp_restore_dir
set_user_permissions
@ -616,20 +622,21 @@ function restore_user_ssh_keys {
for d in $USB_MOUNT/backup/ssh/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ ! -d "/home/$USERNAME" ]; then
${PROJECT_NAME}-adduser "$USERNAME"
fi
echo $"Restoring ssh keys for $USERNAME"
temp_restore_dir=/root/tempssh
restore_directory_from_usb $temp_restore_dir ssh/$USERNAME
if [ -d $temp_restore_dir/home/$USERNAME/.ssh ]; then
cp -r $temp_restore_dir/home/$USERNAME/.ssh /home/$USERNAME/
restore_directory_from_usb $temp_restore_dir "ssh/$USERNAME"
if [ -d "$temp_restore_dir/home/$USERNAME/.ssh" ]; then
cp -r "$temp_restore_dir/home/$USERNAME/.ssh" "/home/$USERNAME/"
else
if [ ! -d /home/$USERNAME/.ssh ]; then
mkdir /home/$USERNAME/.ssh
if [ ! -d "/home/$USERNAME/.ssh" ]; then
mkdir "/home/$USERNAME/.ssh"
fi
cp -r $temp_restore_dir/* /home/$USERNAME/.ssh/
cp -r "$temp_restore_dir/*" "/home/$USERNAME/.ssh/"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
rm -rf $temp_restore_dir
set_user_permissions
@ -652,20 +659,21 @@ function restore_user_config {
for d in $USB_MOUNT/backup/config/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ ! -d "/home/$USERNAME" ]; then
${PROJECT_NAME}-adduser "$USERNAME"
fi
echo $"Restoring config files for $USERNAME"
temp_restore_dir=/root/tempconfig
restore_directory_from_usb $temp_restore_dir config/$USERNAME
if [ -d $temp_restore_dir/home/$USERNAME/.config ]; then
cp -r $temp_restore_dir/home/$USERNAME/.config /home/$USERNAME/
restore_directory_from_usb $temp_restore_dir "config/$USERNAME"
if [ -d "$temp_restore_dir/home/$USERNAME/.config" ]; then
cp -r "$temp_restore_dir/home/$USERNAME/.config" "/home/$USERNAME/"
else
if [ ! -d /home/$USERNAME/.config ]; then
mkdir /home/$USERNAME/.config
if [ ! -d "/home/$USERNAME/.config" ]; then
mkdir "/home/$USERNAME/.config"
fi
cp -r $temp_restore_dir/* /home/$USERNAME/.config/
cp -r $temp_restore_dir/* "/home/$USERNAME/.config/"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
rm -rf $temp_restore_dir
set_user_permissions
@ -688,20 +696,21 @@ function restore_user_monkeysphere {
for d in $USB_MOUNT/backup/monkeysphere/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ ! -d "/home/$USERNAME" ]; then
${PROJECT_NAME}-adduser "$USERNAME"
fi
echo $"Restoring monkeysphere ids for $USERNAME"
temp_restore_dir=/root/tempmonkeysphere
restore_directory_from_usb $temp_restore_dir monkeysphere/$USERNAME
if [ -d $temp_restore_dir/home/$USERNAME/.monkeysphere ]; then
cp -r $temp_restore_dir/home/$USERNAME/.monkeysphere /home/$USERNAME/
restore_directory_from_usb $temp_restore_dir "monkeysphere/$USERNAME"
if [ -d "$temp_restore_dir/home/$USERNAME/.monkeysphere" ]; then
cp -r "$temp_restore_dir/home/$USERNAME/.monkeysphere" "/home/$USERNAME/"
else
if [ ! -d /home/$USERNAME/.monkeysphere ]; then
mkdir /home/$USERNAME/.monkeysphere
if [ ! -d "/home/$USERNAME/.monkeysphere" ]; then
mkdir "/home/$USERNAME/.monkeysphere"
fi
cp -r $temp_restore_dir/* /home/$USERNAME/.monkeysphere
cp -r $temp_restore_dir/* "/home/$USERNAME/.monkeysphere"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
rm -rf $temp_restore_dir
set_user_permissions
@ -716,8 +725,8 @@ function restore_user_monkeysphere {
MY_EMAIL_ADDRESS="${ADMIN_USERNAME}@${HOSTNAME}"
read_config_param MY_EMAIL_ADDRESS
MY_GPG_PUBLIC_KEY_ID=$(gpg_pubkey_from_email "$ADMIN_USERNAME" "$MY_EMAIL_ADDRESS")
fpr=$(gpg --with-colons --fingerprint $MY_GPG_PUBLIC_KEY_ID | grep fpr | head -n 1 | awk -F ':' '{print $10}')
monkeysphere-authentication add-identity-certifier $fpr
fpr=$(gpg --with-colons --fingerprint "$MY_GPG_PUBLIC_KEY_ID" | grep fpr | head -n 1 | awk -F ':' '{print $10}')
monkeysphere-authentication add-identity-certifier "$fpr"
monkeysphere-authentication update-users
fi
}
@ -732,20 +741,21 @@ function restore_user_fin {
for d in $USB_MOUNT/backup/fin/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ ! -d "/home/$USERNAME" ]; then
${PROJECT_NAME}-adduser "$USERNAME"
fi
echo $"Restoring fin files for $USERNAME"
temp_restore_dir=/root/tempfin
restore_directory_from_usb $temp_restore_dir fin/$USERNAME
if [ -d $temp_restore_dir/home/$USERNAME/.fin ]; then
cp -r $temp_restore_dir/home/$USERNAME/.fin /home/$USERNAME/
restore_directory_from_usb $temp_restore_dir "fin/$USERNAME"
if [ -d "$temp_restore_dir/home/$USERNAME/.fin" ]; then
cp -r "$temp_restore_dir/home/$USERNAME/.fin" "/home/$USERNAME/"
else
if [ ! -d /home/$USERNAME/.fin ]; then
mkdir /home/$USERNAME/.fin
if [ ! -d "/home/$USERNAME/.fin" ]; then
mkdir "/home/$USERNAME/.fin"
fi
cp -r $temp_restore_dir/* /home/$USERNAME/.fin/
cp -r "$temp_restore_dir/*" "/home/$USERNAME/.fin/"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
rm -rf $temp_restore_dir
set_user_permissions
@ -768,20 +778,21 @@ function restore_user_local {
for d in $USB_MOUNT/backup/local/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ ! -d "/home/$USERNAME" ]; then
${PROJECT_NAME}-adduser "$USERNAME"
fi
echo $"Restoring local files for $USERNAME"
temp_restore_dir=/root/templocal
restore_directory_from_usb $temp_restore_dir local/$USERNAME
if [ -d $temp_restore_dir/home/$USERNAME/.local ]; then
cp -r $temp_restore_dir/home/$USERNAME/.local /home/$USERNAME/
restore_directory_from_usb $temp_restore_dir "local/$USERNAME"
if [ -d "$temp_restore_dir/home/$USERNAME/.local" ]; then
cp -r "$temp_restore_dir/home/$USERNAME/.local" "/home/$USERNAME/"
else
if [ ! -d /home/$USERNAME/.local ]; then
mkdir /home/$USERNAME/.local
if [ ! -d "/home/$USERNAME/.local" ]; then
mkdir "/home/$USERNAME/.local"
fi
cp -r $temp_restore_dir/* /home/$USERNAME/.local/
cp -r $temp_restore_dir/* "/home/$USERNAME/.local/"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
rm -rf $temp_restore_dir
set_user_permissions
@ -809,6 +820,7 @@ function restore_certs {
else
cp -r /root/tempssl/* /etc/ssl/
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
set_user_permissions
backup_unmount_drive
@ -853,24 +865,25 @@ function restore_personal_settings {
for d in $USB_MOUNT/backup/personal/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ -d $USB_MOUNT/backup/personal/$USERNAME ]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ -d "$USB_MOUNT/backup/personal/$USERNAME" ]; then
if [ ! -d "/home/$USERNAME" ]; then
${PROJECT_NAME}-adduser "$USERNAME"
fi
echo $"Restoring personal settings for $USERNAME"
temp_restore_dir=/root/temppersonal
restore_directory_from_usb $temp_restore_dir personal/$USERNAME
if [ -d /home/$USERNAME/personal ]; then
rm -rf /home/$USERNAME/personal
restore_directory_from_usb $temp_restore_dir "personal/$USERNAME"
if [ -d "/home/$USERNAME/personal" ]; then
rm -rf "/home/$USERNAME/personal"
fi
if [ -d $temp_restore_dir/home/$USERNAME/personal ]; then
mv $temp_restore_dir/home/$USERNAME/personal /home/$USERNAME
if [ -d "$temp_restore_dir/home/$USERNAME/personal" ]; then
mv "$temp_restore_dir/home/$USERNAME/personal" "/home/$USERNAME"
else
if [ ! -d /home/$USERNAME/personal ]; then
mkdir /home/$USERNAME/personal
if [ ! -d "/home/$USERNAME/personal" ]; then
mkdir "/home/$USERNAME/personal"
fi
cp -r $temp_restore_dir/* /home/$USERNAME/personal/
cp -r $temp_restore_dir/* "/home/$USERNAME/personal/"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
set_user_permissions
backup_unmount_drive
@ -898,6 +911,7 @@ function restore_mailing_list {
else
cp -r $temp_restore_dir/* /var/spool/mlmmj/
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
set_user_permissions
backup_unmount_drive
@ -917,20 +931,21 @@ function restore_email {
for d in $USB_MOUNT/backup/mail/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ ! -d "/home/$USERNAME" ]; then
${PROJECT_NAME}-adduser "$USERNAME"
fi
echo $"Restoring emails for $USERNAME"
temp_restore_dir=/root/tempmail
restore_directory_from_usb $temp_restore_dir mail/$USERNAME
if [ ! -d /home/$USERNAME/Maildir ]; then
mkdir /home/$USERNAME/Maildir
restore_directory_from_usb $temp_restore_dir "mail/$USERNAME"
if [ ! -d "/home/$USERNAME/Maildir" ]; then
mkdir "/home/$USERNAME/Maildir"
fi
if [ -d $temp_restore_dir/root/tempbackupemail/$USERNAME ]; then
tar -xzvf $temp_restore_dir/root/tempbackupemail/$USERNAME/maildir.tar.gz -C /
if [ -d "$temp_restore_dir/root/tempbackupemail/$USERNAME" ]; then
tar -xzvf "$temp_restore_dir/root/tempbackupemail/$USERNAME/maildir.tar.gz" -C /
else
tar -xzvf $temp_restore_dir/maildir.tar.gz -C /
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
set_user_permissions
backup_unmount_drive
@ -943,16 +958,16 @@ function restore_email {
}
function get_restore_app {
if [ ${1} ]; then
if [ ! -d /home/${1} ]; then
RESTORE_APP=${1}
if [ "${1}" ]; then
if [ ! -d "/home/${1}" ]; then
RESTORE_APP="${1}"
echo $"Restore $RESTORE_APP"
fi
fi
}
get_restore_app ${2}
backup_mount_drive ${1} ${ADMIN_USERNAME} ${2}
get_restore_app "${2}"
backup_mount_drive "${1}" "${ADMIN_USERNAME}" "${2}"
check_backup_exists
check_admin_user
copy_gpg_keys
@ -979,7 +994,7 @@ restore_certs
restore_personal_settings
restore_mailing_list
restore_email
restore_apps local $RESTORE_APP
restore_apps local "$RESTORE_APP"
set_user_permissions
update_default_domain
backup_unmount_drive

292
src/freedombone-restore-remote
View File

@ -37,19 +37,19 @@ BACKUP_EXTRA_DIRECTORIES=/root/backup-extra-dirs.csv
export TEXTDOMAIN=${PROJECT_NAME}-restore-remote
export TEXTDOMAINDIR="/usr/share/locale"
UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*
UTILS_FILES="/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*"
for f in $UTILS_FILES
do
source $f
source "$f"
done
SERVER_NAME=$1
SERVER_NAME="$1"
# whether to restore everything or just a specific application
RESTORE_APP='all'
if [ ${2} ]; then
RESTORE_APP=${2}
if [ "${2}" ]; then
RESTORE_APP="${2}"
fi
ADMIN_USERNAME=$(get_completion_param "Admin user")
@ -60,46 +60,45 @@ SERVER_DIRECTORY=/root/remoterestore
BACKUP_LIST=/home/${ADMIN_USERNAME}/backup.list
if [ ! $SERVER_NAME ]; then
if [ ! "$SERVER_NAME" ]; then
echo $'restorefromfriend [server]'
exit 1
fi
if [ ! -f $BACKUP_LIST ]; then
if [ ! -f "$BACKUP_LIST" ]; then
echo $"No friends list found at $BACKUP_LIST"
exit 2
fi
if ! grep -q "$SERVER_NAME" $BACKUP_LIST; then
if ! grep -q "$SERVER_NAME" "$BACKUP_LIST"; then
echo $"Server not found within the friends list"
exit 3
fi
REMOTE_SERVER=$(grep -i "$SERVER_NAME" $BACKUP_LIST | awk -F ' ' '{print $1}')
REMOTE_SSH_PORT=$(grep -i "$SERVER_NAME" $BACKUP_LIST | awk -F ' ' '{print $2}')
REMOTE_DIRECTORY=$(grep -i "$SERVER_NAME" $BACKUP_LIST | awk -F ' ' '{print $3}')
REMOTE_PASSWORD=$(grep -i "$SERVER_NAME" $BACKUP_LIST | awk -F ' ' '{print $4}')
REMOTE_SERVER=$(grep -i "$SERVER_NAME" "$BACKUP_LIST" | awk -F ' ' '{print $1}')
REMOTE_SSH_PORT=$(grep -i "$SERVER_NAME" "$BACKUP_LIST" | awk -F ' ' '{print $2}')
REMOTE_DIRECTORY=$(grep -i "$SERVER_NAME" "$BACKUP_LIST" | awk -F ' ' '{print $3}')
REMOTE_PASSWORD=$(grep -i "$SERVER_NAME" "$BACKUP_LIST" | awk -F ' ' '{print $4}')
REMOTE_SERVER=$REMOTE_SERVER:$REMOTE_DIRECTORY
NOW=$(date +"%Y-%m-%d %H:%M:%S")
echo "$NOW Starting restore from $REMOTE_SERVER" >> /var/log/remotebackups.log
rsync -ratlzv --rsh="/usr/bin/sshpass -p $REMOTE_PASSWORD ssh -p $REMOTE_SSH_PORT -o StrictHostKeyChecking=no" $REMOTE_SERVER/backup $SERVER_DIRECTORY
if [ ! "$?" = "0" ]; then
if ! rsync -ratlzv --rsh="/usr/bin/sshpass -p $REMOTE_PASSWORD ssh -p $REMOTE_SSH_PORT -o StrictHostKeyChecking=no" "$REMOTE_SERVER/backup" "$SERVER_DIRECTORY"; then
echo "$NOW Restore from $REMOTE_SERVER failed" >> /var/log/remotebackups.log
# Send a warning email
echo "Restore from $REMOTE_SERVER failed" | mail -s "${PROJECT_NAME} restore from friend" $ADMIN_EMAIL_ADDRESS
echo "Restore from $REMOTE_SERVER failed" | mail -s "${PROJECT_NAME} restore from friend" "$ADMIN_EMAIL_ADDRESS"
exit 790
else
echo "$NOW Restored encrypted data from $REMOTE_SERVER" >> /var/log/remotebackups.log
fi
# MariaDB password
DATABASE_PASSWORD=$(${PROJECT_NAME}-pass -u root -a mariadb)
DATABASE_PASSWORD=$("${PROJECT_NAME}-pass" -u root -a mariadb)
function copy_gpg_keys {
echo $"Copying GPG keys from admin user to root"
cp -r /home/$ADMIN_USERNAME/.gnupg /root
cp -r "/home/$ADMIN_USERNAME/.gnupg" /root
gpg_set_permissions root
}
@ -110,7 +109,7 @@ function restore_blocklist {
fi
fi
if [ -d $USB_MOUNT/backup/blocklist ]; then
if [ -d "$USB_MOUNT/backup/blocklist" ]; then
echo $"Restoring blocklist"
temp_restore_dir=/root/tempblocklist
restore_directory_from_friend $temp_restore_dir blocklist
@ -173,9 +172,8 @@ function restore_configfiles {
# fi
#fi
if [ -f $temp_restore_dir$MONGODB_APPS_FILE ]; then
cp -f $temp_restore_dir$MONGODB_APPS_FILE $MONGODB_APPS_FILE
if [ ! "$?" = "0" ]; then
if [ -f "$temp_restore_dir$MONGODB_APPS_FILE" ]; then
if ! cp -f "$temp_restore_dir$MONGODB_APPS_FILE" "$MONGODB_APPS_FILE"; then
unmount_drive
rm -rf $temp_restore_dir
exit 7835335
@ -196,9 +194,8 @@ function restore_configfiles {
# fi
#fi
if [ -f ${temp_restore_dir}${BACKUP_EXTRA_DIRECTORIES} ]; then
cp -f ${temp_restore_dir}${BACKUP_EXTRA_DIRECTORIES} ${BACKUP_EXTRA_DIRECTORIES}
if [ ! "$?" = "0" ]; then
if [ -f "${temp_restore_dir}${BACKUP_EXTRA_DIRECTORIES}" ]; then
if ! cp -f "${temp_restore_dir}${BACKUP_EXTRA_DIRECTORIES}" "${BACKUP_EXTRA_DIRECTORIES}"; then
unmount_drive
rm -rf $temp_restore_dir
exit 62121
@ -242,6 +239,7 @@ function restore_mariadb {
else
mysqlsuccess=$(mysql -u root --password="$db_pass" mysql -o < ${temp_restore_dir}/mysql.sql)
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
echo $"Try again using the password obtained from backup"
db_pass=$(${PROJECT_NAME}-pass -u root -a mariadb)
@ -251,6 +249,7 @@ function restore_mariadb {
mysqlsuccess=$(mysql -u root --password="$db_pass" mysql -o < ${temp_restore_dir}/mysql.sql)
fi
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
echo "$mysqlsuccess"
exit 962
@ -258,7 +257,7 @@ function restore_mariadb {
echo $"Restarting database"
systemctl restart mariadb
echo $"Ensure MariaDB handles authentication"
MARIADB_PASSWORD=$(${PROJECT_NAME}-pass -u root -a mariadb)
MARIADB_PASSWORD=$("${PROJECT_NAME}-pass" -u root -a mariadb)
mariadb_fix_authentication
fi
rm -rf ${temp_restore_dir}
@ -293,15 +292,17 @@ function restore_postgresql {
else
mysqlsuccess=$(sudo -u postgres pg_restore ${temp_restore_dir}/postgresql.sql)
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
echo $"Try again using the password obtained from backup"
db_pass=$(${PROJECT_NAME}-pass -u root -a postgresql)
db_pass=$("${PROJECT_NAME}-pass" -u root -a postgresql)
if [ -d ${temp_restore_dir}${temp_restore_dir} ]; then
mysqlsuccess=$(sudo -u postgres pg_restore ${temp_restore_dir}${temp_restore_dir}/postgresql.sql)
else
mysqlsuccess=$(sudo -u postgres pg_restore ${temp_restore_dir}/postgresql.sql)
fi
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
echo "$mysqlsuccess"
exit 962
@ -309,7 +310,7 @@ function restore_postgresql {
echo $"Restarting database"
systemctl restart postgresql
echo $"Ensure postgresql handles authentication"
POSTGRESQL_PASSWORD=$(${PROJECT_NAME}-pass -u root -a postgresql)
POSTGRESQL_PASSWORD=$("${PROJECT_NAME}-pass" -u root -a postgresql)
fi
rm -rf ${temp_restore_dir}
fi
@ -367,31 +368,31 @@ function restore_mutt_settings {
fi
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ -d $SERVER_DIRECTORY/backup/mutt/$USERNAME ]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ -d "$SERVER_DIRECTORY/backup/mutt/$USERNAME" ]; then
if [ ! -d "/home/$USERNAME" ]; then
${PROJECT_NAME}-adduser "$USERNAME"
fi
echo $"Restoring Mutt configurations for $USERNAME"
restore_directory_from_friend /home/$USERNAME/.mutt mutt/${USERNAME}configs
restore_directory_from_friend "/home/$USERNAME/.mutt" "mutt/${USERNAME}configs"
echo $"Restoring Mutt settings for $USERNAME"
temp_restore_dir=/root/tempmutt
restore_directory_from_friend ${temp_restore_dir} mutt/$USERNAME
if [ -d ${temp_restore_dir}/home/$USERNAME/tempbackup ]; then
if [ -f ${temp_restore_dir}/home/$USERNAME/tempbackup/.muttrc ]; then
cp -f ${temp_restore_dir}/home/$USERNAME/tempbackup/.muttrc /home/$USERNAME/.muttrc
sed -i '/set sidebar_delim/d' /home/$USERNAME/.muttrc
sed -i '/set sidebar_sort/d' /home/$USERNAME/.muttrc
restore_directory_from_friend ${temp_restore_dir} "mutt/$USERNAME"
if [ -d "${temp_restore_dir}/home/$USERNAME/tempbackup" ]; then
if [ -f "${temp_restore_dir}/home/$USERNAME/tempbackup/.muttrc" ]; then
cp -f "${temp_restore_dir}/home/$USERNAME/tempbackup/.muttrc" "/home/$USERNAME/.muttrc"
sed -i '/set sidebar_delim/d' "/home/$USERNAME/.muttrc"
sed -i '/set sidebar_sort/d' "/home/$USERNAME/.muttrc"
fi
if [ -f ${temp_restore_dir}/home/$USERNAME/tempbackup/Muttrc ]; then
cp -f ${temp_restore_dir}/home/$USERNAME/tempbackup/Muttrc /etc/Muttrc
if [ -f "${temp_restore_dir}/home/$USERNAME/tempbackup/Muttrc" ]; then
cp -f "${temp_restore_dir}/home/$USERNAME/tempbackup/Muttrc" /etc/Muttrc
sed -i '/set sidebar_delim/d' /etc/Muttrc
sed -i '/set sidebar_sort/d' /etc/Muttrc
fi
else
if [ -f ${temp_restore_dir}/.muttrc ]; then
cp -f ${temp_restore_dir}/.muttrc /home/$USERNAME/.muttrc
sed -i '/set sidebar_delim/d' /home/$USERNAME/.muttrc
sed -i '/set sidebar_sort/d' /home/$USERNAME/.muttrc
cp -f "${temp_restore_dir}/.muttrc" "/home/$USERNAME/.muttrc"
sed -i '/set sidebar_delim/d' "/home/$USERNAME/.muttrc"
sed -i '/set sidebar_sort/d' "/home/$USERNAME/.muttrc"
fi
if [ -f ${temp_restore_dir}/Muttrc ]; then
cp -f ${temp_restore_dir}/Muttrc /etc/Muttrc
@ -399,6 +400,7 @@ function restore_mutt_settings {
sed -i '/set sidebar_sort/d' /etc/Muttrc
fi
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
rm -rf ${temp_restore_dir}
exit 276
@ -417,29 +419,29 @@ function restore_gpg {
for d in $SERVER_DIRECTORY/backup/gnupg/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ -d $SERVER_DIRECTORY/backup/gnupg/$USERNAME ]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ -d "$SERVER_DIRECTORY/backup/gnupg/$USERNAME" ]; then
if [ ! -d "/home/$USERNAME" ]; then
${PROJECT_NAME}-adduser "$USERNAME"
fi
echo $"Restoring gnupg settings for $USERNAME"
temp_restore_dir=/root/tempgnupg
restore_directory_from_friend ${temp_restore_dir} gnupg/$USERNAME
if [ -d ${temp_restore_dir}/home/$USERNAME/.gnupg ]; then
cp -r ${temp_restore_dir}/home/$USERNAME/.gnupg /home/$USERNAME/
restore_directory_from_friend ${temp_restore_dir} "gnupg/$USERNAME"
if [ -d "${temp_restore_dir}/home/$USERNAME/.gnupg" ]; then
cp -r "${temp_restore_dir}/home/$USERNAME/.gnupg" "/home/$USERNAME/"
else
if [ ! -d /home/$USERNAME/.gnupg ]; then
mkdir /home/$USERNAME/.gnupg
if [ ! -d "/home/$USERNAME/.gnupg" ]; then
mkdir "/home/$USERNAME/.gnupg"
fi
cp -r ${temp_restore_dir}/* /home/$USERNAME/.gnupg/
cp -r "${temp_restore_dir}/*" "/home/$USERNAME/.gnupg/"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
rm -rf ${temp_restore_dir}
exit 276
fi
rm -rf ${temp_restore_dir}
if [[ "$USERNAME" == "$ADMIN_USERNAME" ]]; then
cp -r /home/$USERNAME/.gnupg /root
if [ ! "$?" = "0" ]; then
if ! cp -r "/home/$USERNAME/.gnupg" /root; then
exit 283
fi
gpg_set_permissions root
@ -458,18 +460,19 @@ function restore_procmail {
for d in $SERVER_DIRECTORY/backup/procmail/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ -d $SERVER_DIRECTORY/backup/procmail/$USERNAME ]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ -d "$SERVER_DIRECTORY/backup/procmail/$USERNAME" ]; then
if [ ! -d "/home/$USERNAME" ]; then
${PROJECT_NAME}-adduser "$USERNAME"
fi
echo $"Restoring procmail settings for $USERNAME"
temp_restore_dir=/root/tempprocmail
restore_directory_from_friend ${temp_restore_dir} procmail/$USERNAME
if [ -d ${temp_restore_dir}/home/$USERNAME/tempbackup ]; then
cp -f ${temp_restore_dir}/home/$USERNAME/tempbackup/.procmailrc /home/$USERNAME/
restore_directory_from_friend ${temp_restore_dir} "procmail/$USERNAME"
if [ -d "${temp_restore_dir}/home/$USERNAME/tempbackup" ]; then
cp -f "${temp_restore_dir}/home/$USERNAME/tempbackup/.procmailrc" "/home/$USERNAME/"
else
cp -f ${temp_restore_dir}/.procmailrc /home/$USERNAME/.procmailrc
cp -f "${temp_restore_dir}/.procmailrc" "/home/$USERNAME/.procmailrc"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
rm -rf ${temp_restore_dir}
exit 276
@ -489,21 +492,22 @@ function restore_spamassassin {
for d in $SERVER_DIRECTORY/backup/spamassassin/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ -d $SERVER_DIRECTORY/backup/spamassassin/$USERNAME ]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ -d "$SERVER_DIRECTORY/backup/spamassassin/$USERNAME" ]; then
if [ ! -d "/home/$USERNAME" ]; then
${PROJECT_NAME}-adduser "$USERNAME"
fi
echo $"Restoring spamassassin settings for $USERNAME"
temp_restore_dir=/root/tempspamassassin
restore_directory_from_friend $temp_restore_dir spamassassin/$USERNAME
if [ -d $temp_restore_dir/home/$USERNAME ]; then
cp -rf $temp_restore_dir/home/$USERNAME/.spamassassin /home/$USERNAME/
restore_directory_from_friend $temp_restore_dir "spamassassin/$USERNAME"
if [ -d "$temp_restore_dir/home/$USERNAME" ]; then
cp -rf "$temp_restore_dir/home/$USERNAME/.spamassassin" "/home/$USERNAME/"
else
if [ ! -d /home/$USERNAME/.spamassassin ]; then
mkdir /home/$USERNAME/.spamassassin
if [ ! -d "/home/$USERNAME/.spamassassin" ]; then
mkdir "/home/$USERNAME/.spamassassin"
fi
cp -rf $temp_restore_dir/* /home/$USERNAME/.spamassassin/
cp -rf $temp_restore_dir/* "/home/$USERNAME/.spamassassin/"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
rm -rf $temp_restore_dir
exit 276
@ -524,11 +528,12 @@ function restore_admin_readme {
echo $"Restoring README"
temp_restore_dir=/root/tempreadme
restore_directory_from_friend $temp_restore_dir readme
if [ -d $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup ]; then
cp -f $temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/README /home/$ADMIN_USERNAME/
if [ -d "$temp_restore_dir/home/$ADMIN_USERNAME/tempbackup" ]; then
cp -f "$temp_restore_dir/home/$ADMIN_USERNAME/tempbackup/README" "/home/$ADMIN_USERNAME/"
else
cp -f $temp_restore_dir/README /home/$ADMIN_USERNAME/README
cp -f "$temp_restore_dir/README" "/home/$ADMIN_USERNAME/README"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
rm -rf $temp_restore_dir
exit 276
@ -546,21 +551,22 @@ function restore_ssh_keys {
for d in $SERVER_DIRECTORY/backup/ssh/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ -d $SERVER_DIRECTORY/backup/ssh/$USERNAME ]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ -d "$SERVER_DIRECTORY/backup/ssh/$USERNAME" ]; then
if [ ! -d "/home/$USERNAME" ]; then
${PROJECT_NAME}-adduser "$USERNAME"
fi
echo $"Restoring ssh keys for $USERNAME"
temp_restore_dir=/root/tempssh
restore_directory_from_friend $temp_restore_dir ssh/$USERNAME
if [ -d $temp_restore_dir/home/$USERNAME/.ssh ]; then
cp -r $temp_restore_dir/home/$USERNAME/.ssh /home/$USERNAME/
restore_directory_from_friend $temp_restore_dir "ssh/$USERNAME"
if [ -d "$temp_restore_dir/home/$USERNAME/.ssh" ]; then
cp -r "$temp_restore_dir/home/$USERNAME/.ssh" "/home/$USERNAME/"
else
if [ ! -d /home/$USERNAME/.ssh ]; then
mkdir /home/$USERNAME/.ssh
if [ ! -d "/home/$USERNAME/.ssh" ]; then
mkdir "/home/$USERNAME/.ssh"
fi
cp -r $temp_restore_dir/* /home/$USERNAME/.ssh/
cp -r $temp_restore_dir/* "/home/$USERNAME/.ssh/"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
rm -rf $temp_restore_dir
exit 664
@ -580,21 +586,22 @@ function restore_user_config {
for d in $SERVER_DIRECTORY/backup/config/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ -d $SERVER_DIRECTORY/backup/config/$USERNAME ]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ -d "$SERVER_DIRECTORY/backup/config/$USERNAME" ]; then
if [ ! -d "/home/$USERNAME" ]; then
${PROJECT_NAME}-adduser "$USERNAME"
fi
echo $"Restoring config files for $USERNAME"
temp_restore_dir=/root/tempconfig
restore_directory_from_friend $temp_restore_dir config/$USERNAME
if [ -d $temp_restore_dir/home/$USERNAME ]; then
cp -r $temp_restore_dir/home/$USERNAME/.config /home/$USERNAME/
restore_directory_from_friend $temp_restore_dir "config/$USERNAME"
if [ -d "$temp_restore_dir/home/$USERNAME" ]; then
cp -r "$temp_restore_dir/home/$USERNAME/.config" "/home/$USERNAME/"
else
if [ ! -d /home/$USERNAME/.config ]; then
mkdir /home/$USERNAME/.config
if [ ! -d "/home/$USERNAME/.config" ]; then
mkdir "/home/$USERNAME/.config"
fi
cp -r $temp_restore_dir/* /home/$USERNAME/.config/
cp -r "$temp_restore_dir/*" "/home/$USERNAME/.config/"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
rm -rf $temp_restore_dir
exit 664
@ -614,21 +621,22 @@ function restore_user_monkeysphere {
for d in $SERVER_DIRECTORY/backup/monkeysphere/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ -d $SERVER_DIRECTORY/backup/monkeysphere/$USERNAME ]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ -d "$SERVER_DIRECTORY/backup/monkeysphere/$USERNAME" ]; then
if [ ! -d "/home/$USERNAME" ]; then
${PROJECT_NAME}-adduser "$USERNAME"
fi
echo $"Restoring monkeysphere ids for $USERNAME"
temp_restore_dir=/root/tempmonkeysphere
restore_directory_from_friend $temp_restore_dir monkeysphere/$USERNAME
if [ -d $temp_restore_dir/home/$USERNAME/.monkeysphere ]; then
cp -r $temp_restore_dir/home/$USERNAME/.monkeysphere /home/$USERNAME/
restore_directory_from_friend $temp_restore_dir "monkeysphere/$USERNAME"
if [ -d "$temp_restore_dir/home/$USERNAME/.monkeysphere" ]; then
cp -r "$temp_restore_dir/home/$USERNAME/.monkeysphere" "/home/$USERNAME/"
else
if [ ! -d /home/$USERNAME/.monkeysphere ]; then
mkdir /home/$USERNAME/.monkeysphere
if [ ! -d "/home/$USERNAME/.monkeysphere" ]; then
mkdir "/home/$USERNAME/.monkeysphere"
fi
cp -r $temp_restore_dir/* /home/$USERNAME/.monkeysphere/
cp -r $temp_restore_dir/* "/home/$USERNAME/.monkeysphere/"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
rm -rf $temp_restore_dir
exit 664
@ -641,8 +649,8 @@ function restore_user_monkeysphere {
MY_EMAIL_ADDRESS="${ADMIN_USERNAME}@${HOSTNAME}"
read_config_param MY_EMAIL_ADDRESS
MY_GPG_PUBLIC_KEY_ID=$(gpg_pubkey_from_email "$ADMIN_USERNAME" "$MY_EMAIL_ADDRESS")
fpr=$(gpg --with-colons --fingerprint $MY_GPG_PUBLIC_KEY_ID | grep fpr | head -n 1 | awk -F ':' '{print $10}')
monkeysphere-authentication add-identity-certifier $fpr
fpr=$(gpg --with-colons --fingerprint "$MY_GPG_PUBLIC_KEY_ID" | grep fpr | head -n 1 | awk -F ':' '{print $10}')
monkeysphere-authentication add-identity-certifier "$fpr"
monkeysphere-authentication update-users
done
}
@ -656,21 +664,22 @@ function restore_user_fin {
for d in $SERVER_DIRECTORY/backup/fin/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ -d $SERVER_DIRECTORY/backup/fin/$USERNAME ]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ -d "$SERVER_DIRECTORY/backup/fin/$USERNAME" ]; then
if [ ! -d "/home/$USERNAME" ]; then
${PROJECT_NAME}-adduser "$USERNAME"
fi
echo $"Restoring fin files for $USERNAME"
temp_restore_dir=/root/tempfin
restore_directory_from_friend $temp_restore_dir fin/$USERNAME
if [ -d $temp_restore_dir/home/$USERNAME/.fin ]; then
cp -r $temp_restore_dir/home/$USERNAME/.fin /home/$USERNAME/
restore_directory_from_friend $temp_restore_dir "fin/$USERNAME"
if [ -d "$temp_restore_dir/home/$USERNAME/.fin" ]; then
cp -r "$temp_restore_dir/home/$USERNAME/.fin" "/home/$USERNAME/"
else
if [ ! -d /home/$USERNAME/.fin ]; then
mkdir /home/$USERNAME/.fin
if [ ! -d "/home/$USERNAME/.fin" ]; then
mkdir "/home/$USERNAME/.fin"
fi
cp -r $temp_restore_dir/* /home/$USERNAME/.fin/
cp -r $temp_restore_dir/* "/home/$USERNAME/.fin/"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
rm -rf $temp_restore_dir
exit 664
@ -690,21 +699,22 @@ function restore_user_local {
for d in $SERVER_DIRECTORY/backup/local/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ -d $SERVER_DIRECTORY/backup/local/$USERNAME ]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ -d "$SERVER_DIRECTORY/backup/local/$USERNAME" ]; then
if [ ! -d "/home/$USERNAME" ]; then
${PROJECT_NAME}-adduser "$USERNAME"
fi
echo $"Restoring local files for $USERNAME"
temp_restore_dir=/root/templocal
restore_directory_from_friend $temp_restore_dir local/$USERNAME
if [ -d $temp_restore_dir/home/$USERNAME/.local ]; then
cp -r $temp_restore_dir/home/$USERNAME/.local /home/$USERNAME/
restore_directory_from_friend $temp_restore_dir "local/$USERNAME"
if [ -d "$temp_restore_dir/home/$USERNAME/.local" ]; then
cp -r "$temp_restore_dir/home/$USERNAME/.local" "/home/$USERNAME/"
else
if [ ! -d /home/$USERNAME/.local ]; then
mkdir /home/$USERNAME/.local
if [ ! -d "/home/$USERNAME/.local" ]; then
mkdir "/home/$USERNAME/.local"
fi
cp -r $temp_restore_dir/* /home/$USERNAME/.local/
cp -r $temp_restore_dir/* "/home/$USERNAME/.local/"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
rm -rf $temp_restore_dir
exit 664
@ -729,6 +739,7 @@ function restore_certs {
else
cp -r /root/tempssl/* /etc/ssl/
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
exit 276
fi
@ -770,24 +781,25 @@ function restore_personal_settings {
for d in $SERVER_DIRECTORY/backup/personal/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ -d $SERVER_DIRECTORY/backup/personal/$USERNAME ]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ -d "$SERVER_DIRECTORY/backup/personal/$USERNAME" ]; then
if [ ! -d "/home/$USERNAME" ]; then
${PROJECT_NAME}-adduser "$USERNAME"
fi
echo $"Restoring personal settings for $USERNAME"
temp_restore_dir=/root/temppersonal
restore_directory_from_friend $temp_restore_dir personal/$USERNAME
if [ -d $temp_restore_dir/home/$USERNAME/personal ]; then
if [ -d /home/$USERNAME/personal ]; then
rm -rf /home/$USERNAME/personal
restore_directory_from_friend $temp_restore_dir "personal/$USERNAME"
if [ -d "$temp_restore_dir/home/$USERNAME/personal" ]; then
if [ -d "/home/$USERNAME/personal" ]; then
rm -rf "/home/$USERNAME/personal"
fi
mv $temp_restore_dir/home/$USERNAME/personal /home/$USERNAME
mv "$temp_restore_dir/home/$USERNAME/personal" "/home/$USERNAME"
else
if [ ! -d /home/$USERNAME/personal ]; then
mkdir /home/$USERNAME/personal
if [ ! -d "/home/$USERNAME/personal" ]; then
mkdir "/home/$USERNAME/personal"
fi
cp -r $temp_restore_dir/* /home/$USERNAME/personal/
cp -r $temp_restore_dir/* "/home/$USERNAME/personal/"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
exit 18437643
fi
@ -812,6 +824,7 @@ function restore_mailing_list {
else
cp -r $temp_restore_dir/* /var/spool/mlmmj/
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
exit 526
fi
@ -828,21 +841,22 @@ function restore_email {
for d in $SERVER_DIRECTORY/backup/mail/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ -d $SERVER_DIRECTORY/backup/mail/$USERNAME ]; then
if [ ! -d /home/$USERNAME ]; then
${PROJECT_NAME}-adduser $USERNAME
if [ -d "$SERVER_DIRECTORY/backup/mail/$USERNAME" ]; then
if [ ! -d "/home/$USERNAME" ]; then
${PROJECT_NAME}-adduser "$USERNAME"
fi
echo $"Restoring emails for $USERNAME"
temp_restore_dir=/root/tempmail
restore_directory_from_friend $temp_restore_dir mail/$USERNAME
if [ ! -d /home/$USERNAME/Maildir ]; then
mkdir /home/$USERNAME/Maildir
restore_directory_from_friend $temp_restore_dir "mail/$USERNAME"
if [ ! -d "/home/$USERNAME/Maildir" ]; then
mkdir "/home/$USERNAME/Maildir"
fi
if [ -d $temp_restore_dir/root/tempbackupemail/$USERNAME ]; then
tar -xzvf $temp_restore_dir/root/tempbackupemail/$USERNAME/maildir.tar.gz -C /
if [ -d "$temp_restore_dir/root/tempbackupemail/$USERNAME" ]; then
tar -xzvf "$temp_restore_dir/root/tempbackupemail/$USERNAME/maildir.tar.gz" -C /
else
tar -xzvf $temp_restore_dir/maildir.tar.gz -C /
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
exit 927
fi
@ -854,7 +868,7 @@ function restore_email {
# Social key management
# Recover any key fragments and reconstruct the gpg key
${PROJECT_NAME}-recoverkey -u ${ADMIN_USERNAME} -l $BACKUP_LIST
${PROJECT_NAME}-recoverkey -u "${ADMIN_USERNAME}" -l "$BACKUP_LIST"
copy_gpg_keys
gpg_agent_setup root

6
src/freedombone-rmemail
View File

@ -70,11 +70,11 @@ if ! [[ $MYUSERNAME && $EMAILADDRESS ]]; then
show_help
fi
MUTTRC=/home/$MYUSERNAME/.muttrc
MUTTRC="/home/$MYUSERNAME/.muttrc"
PM=/home/$MYUSERNAME/.procmailrc
if grep -q "Email rule for $EMAILADDRESS ->" $PM; then
sed -i "/# Email rule for $EMAILADDRESS ->.*/,/# End of rule/d" $PM
if grep -q "Email rule for $EMAILADDRESS ->" "$PM"; then
sed -i "/# Email rule for $EMAILADDRESS ->.*/,/# End of rule/d" "$PM"
fi
exit 0

12
src/freedombone-rmlist
View File

@ -77,15 +77,15 @@ if ! [[ $MYUSERNAME && $MAILINGLIST ]]; then
fi
MUTTRC=/home/$MYUSERNAME/.muttrc
MUTT_MAILBOXES=$(grep "mailboxes =" $MUTTRC)
MUTT_MAILBOXES=$(grep "mailboxes =" "$MUTTRC")
if [[ $MUTT_MAILBOXES == *$MAILINGLIST* ]]; then
sed -i "s| =$MAILINGLIST||g" $MUTTRC
chown $MYUSERNAME:$MYUSERNAME $MUTTRC
sed -i "s| =$MAILINGLIST||g" "$MUTTRC"
chown "$MYUSERNAME":"$MYUSERNAME" "$MUTTRC"
fi
if [ $LIST_ADDRESS ]; then
if ! grep -q "unsubscribe $LIST_ADDRESS" $MUTTRC; then
sed -i "s|subscribe $LIST_ADDRESS|unsubscribe $LIST_ADDRESS|g" $MUTTRC
if [ "$LIST_ADDRESS" ]; then
if ! grep -q "unsubscribe $LIST_ADDRESS" "$MUTTRC"; then
sed -i "s|subscribe $LIST_ADDRESS|unsubscribe $LIST_ADDRESS|g" "$MUTTRC"
fi
fi

50
src/freedombone-rmuser
View File

@ -36,16 +36,16 @@ export TEXTDOMAINDIR="/usr/share/locale"
COMPLETION_FILE=$HOME/${PROJECT_NAME}-completed.txt
UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*
UTILS_FILES="/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*"
for f in $UTILS_FILES
do
source $f
source "$f"
done
APP_FILES=/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*
APP_FILES="/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*"
for f in $APP_FILES
do
source $f
source "$f"
done
read_config_param MY_USERNAME
@ -53,7 +53,7 @@ read_config_param MY_USERNAME
REMOVE_USERNAME=$1
REMOVE_OPTIONS="$2"
if [ ! $REMOVE_USERNAME ]; then
if [ ! "$REMOVE_USERNAME" ]; then
echo $'Please specify a username to remove'
exit 1
fi
@ -68,35 +68,35 @@ if [[ $(is_valid_user "$REMOVE_USERNAME") == "0" ]]; then
exit 3
fi
if [ ! -d /home/$REMOVE_USERNAME ]; then
if [ ! -d "/home/$REMOVE_USERNAME" ]; then
echo $"Home directory does not exist for $REMOVE_USERNAME"
exit 4
fi
if [ ! -f $COMPLETION_FILE ]; then
if [ ! -f "$COMPLETION_FILE" ]; then
echo $"$COMPLETION_FILE not found"
exit 5
fi
if ! grep -q "Admin user" $COMPLETION_FILE; then
if ! grep -q "Admin user" "$COMPLETION_FILE"; then
echo $"No admin user specified in $COMPLETION_FILE"
exit 6
fi
ADMIN_USERNAME=$(get_completion_param "Admin user")
if [ ! $ADMIN_USERNAME ]; then
if [ ! "$ADMIN_USERNAME" ]; then
echo $"No admin username specified in $COMPLETION_FILE"
exit 7
fi
if [[ $REMOVE_USERNAME == $ADMIN_USERNAME ]]; then
if [[ "$REMOVE_USERNAME" == "$ADMIN_USERNAME" ]]; then
echo $"The administrator user cannot be removed"
exit 8
fi
if [[ "$REMOVE_OPTIONS" != '-f' && "$REMOVE_OPTIONS" != '-y' && "$REMOVE_OPTIONS" != '--force' ]]; then
echo $'>>> REMOVE USER <<<'
read -p $"Do you really wish to remove the user '$REMOVE_USERNAME' (y/n) ?" yn
read -r -p $"Do you really wish to remove the user '$REMOVE_USERNAME' (y/n) ?" yn
if [[ $yn != 'y' && $yn != 'Y' && $yn != 'yes' && $yn != 'Yes' && $yn != 'YES' ]]; then
echo $"User $REMOVE_USERNAME was not removed"
exit 9
@ -107,18 +107,18 @@ fi
if [ -f /etc/nginx/.htpasswd ]; then
if grep -q "${REMOVE_USERNAME}:" /etc/nginx/.htpasswd; then
htpasswd -D /etc/nginx/.htpasswd $REMOVE_USERNAME
htpasswd -D /etc/nginx/.htpasswd "$REMOVE_USERNAME"
fi
fi
# remove gpg keys
if [ -d /home/$REMOVE_USERNAME/.gnupg ]; then
shred -zu /home/$REMOVE_USERNAME/.gnupg/*
if [ -d "/home/$REMOVE_USERNAME/.gnupg" ]; then
shred -zu "/home/$REMOVE_USERNAME/.gnupg/*"
fi
# remove ssh keys
if [ -d /home/$REMOVE_USERNAME/.ssh ]; then
shred -zu /home/$REMOVE_USERNAME/.ssh/*
if [ -d "/home/$REMOVE_USERNAME/.ssh" ]; then
shred -zu "/home/$REMOVE_USERNAME/.ssh/*"
fi
echo $'Detecting installed apps...'
@ -126,25 +126,25 @@ detect_apps
get_apps_installed_names
for app_name in "${APPS_INSTALLED_NAMES[@]}"
do
if [[ $(function_exists remove_user_${app_name}) == "1" ]]; then
if [[ $(function_exists "remove_user_${app_name}") == "1" ]]; then
echo $"Removing user from ${app_name}"
app_load_variables ${app_name}
remove_user_${app_name} "$REMOVE_USERNAME"
if grep -q "${app_name}_${REMOVE_USERNAME}" $APP_USERS_FILE; then
sed -i "/${app_name}_${REMOVE_USERNAME}/d" $APP_USERS_FILE
app_load_variables "${app_name}"
"remove_user_${app_name}" "$REMOVE_USERNAME"
if grep -q "${app_name}_${REMOVE_USERNAME}" "$APP_USERS_FILE"; then
sed -i "/${app_name}_${REMOVE_USERNAME}/d" "$APP_USERS_FILE"
fi
fi
done
chmod 600 /etc/shadow
chmod 600 /etc/gshadow
userdel -r $REMOVE_USERNAME
groupdel $REMOVE_USERNAME
userdel -r "$REMOVE_USERNAME"
groupdel "$REMOVE_USERNAME"
chmod 0000 /etc/shadow
chmod 0000 /etc/gshadow
if [ -d /home/$REMOVE_USERNAME ]; then
rm -rf /home/$REMOVE_USERNAME
if [ -d "/home/$REMOVE_USERNAME" ]; then
rm -rf "/home/${REMOVE_USERNAME:?}"
fi
echo $"User $REMOVE_USERNAME was removed"

433
src/freedombone-sec
View File

File diff suppressed because it is too large Load Diff

88
src/freedombone-splitkey
View File

@ -90,37 +90,37 @@ esac
shift
done
if [ ! $MY_USERNAME ]; then
if [ ! "$MY_USERNAME" ]; then
show_help
fi
if [ ! -d /home/$MY_USERNAME ]; then
if [ ! -d "/home/$MY_USERNAME" ]; then
echo $"User $MY_USERNAME does not exist on the system"
exit 7270
fi
if [ ! -d /home/$MY_USERNAME/.gnupg ]; then
if [ ! -d "/home/$MY_USERNAME/.gnupg" ]; then
echo $'No gpg key found'
exit 5393
fi
if [ $PASSWORD_FILE ]; then
if [ ! -f $PASSWORD_FILE ]; then
if [ "$PASSWORD_FILE" ]; then
if [ ! -f "$PASSWORD_FILE" ]; then
echo $'Password file not found'
exit 62952
fi
fi
FRAGMENTS_DIR=/home/$MY_USERNAME/.gnupg_fragments
if [ -d $FRAGMENTS_DIR ]; then
if [ -d "$FRAGMENTS_DIR" ]; then
exit 0
fi
# get the gpg key ID
if [ ! $MY_EMAIL_ADDRESS ]; then
if [ ! "$MY_EMAIL_ADDRESS" ]; then
MY_EMAIL_ADDRESS=$MY_USERNAME@$HOSTNAME
fi
KEYID=$(su -c "gpg --list-keys $MY_EMAIL_ADDRESS" - $MY_USERNAME | sed -n '2p' | sed 's/^[ \t]*//')
KEYID=$(su -c "gpg --list-keys $MY_EMAIL_ADDRESS" - "$MY_USERNAME" | sed -n '2p' | sed 's/^[ \t]*//')
if [ ${#KEYID} -lt 4 ]; then
echo $"gpg key for $MY_EMAIL_ADDRESS was not found"
exit 3682
@ -133,72 +133,70 @@ if [ ${#MY_BACKUP_KEY_ID} -lt 4 ]; then
fi
# create the key file
mkdir -p $FRAGMENTS_DIR
chown $MY_USERNAME:$MY_USERNAME $FRAGMENTS_DIR
KEYS_FILE=$FRAGMENTS_DIR/keyshare.asc
gpg --output $FRAGMENTS_DIR/pubkey.txt --armor --export $KEYID
if [ ! "$?" = "0" ]; then
mkdir -p "$FRAGMENTS_DIR"
chown "$MY_USERNAME":"$MY_USERNAME" "$FRAGMENTS_DIR"
KEYS_FILE="$FRAGMENTS_DIR/keyshare.asc"
if ! gpg --output "$FRAGMENTS_DIR/pubkey.txt" --armor --export "$KEYID"; then
echo $"Unable to extract public key for $KEYID"
exit 7835
fi
if [ ! $PASSWORD_FILE ]; then
gpg --output $FRAGMENTS_DIR/privkey.txt \
--armor --export-secret-key $KEYID
if [ ! "$PASSWORD_FILE" ]; then
gpg --output "$FRAGMENTS_DIR/privkey.txt" \
--armor --export-secret-key "$KEYID"
else
echo "$(printf `cat $PASSWORD_FILE`)" | \
# shellcheck disable=SC2005
echo "$(printf "%s" "$(cat "$PASSWORD_FILE")")" | \
gpg --batch --passphrase-fd 0 \
--output $FRAGMENTS_DIR/privkey.txt \
--armor --export-secret-key $KEYID
--output "$FRAGMENTS_DIR/privkey.txt" \
--armor --export-secret-key "$KEYID"
fi
# shellcheck disable=SC2181
if [ ! "$?" = "0" ]; then
echo $"Unable to extract private key for $KEYID"
exit 7823
fi
gpg --output $FRAGMENTS_DIR/backup_pubkey.txt \
--armor --export $MY_BACKUP_KEY_ID
if [ ! "$?" = "0" ]; then
shred -zu $FRAGMENTS_DIR/privkey.txt
if ! gpg --output "$FRAGMENTS_DIR/backup_pubkey.txt" \
--armor --export "$MY_BACKUP_KEY_ID"; then
shred -zu "$FRAGMENTS_DIR/privkey.txt"
echo $"Unable to extract backup public key for $MY_BACKUP_KEY_ID"
exit 62928
fi
echo "$BACKUP_DUMMY_PASSWORD" | \
gpg --output $FRAGMENTS_DIR/backup_privkey.txt \
if ! gpg --output "$FRAGMENTS_DIR/backup_privkey.txt" \
--batch --passphrase-fd 0 \
--armor --export-secret-key $MY_BACKUP_KEY_ID
if [ ! "$?" = "0" ]; then
shred -zu $FRAGMENTS_DIR/privkey.txt
--armor --export-secret-key "$MY_BACKUP_KEY_ID"; then
shred -zu "$FRAGMENTS_DIR/privkey.txt"
echo $"Unable to extract backup private key for $MY_BACKUP_KEY_ID"
exit 13783
fi
# Ensure there aren't any permissions problems when running cat
chmod +r $FRAGMENTS_DIR/privkey.txt
chmod +r $FRAGMENTS_DIR/backup_privkey.txt
chmod +r "$FRAGMENTS_DIR/privkey.txt"
chmod +r "$FRAGMENTS_DIR/backup_privkey.txt"
cat $FRAGMENTS_DIR/pubkey.txt \
$FRAGMENTS_DIR/privkey.txt \
$FRAGMENTS_DIR/backup_pubkey.txt \
$FRAGMENTS_DIR/backup_privkey.txt > $KEYS_FILE
shred -zu $FRAGMENTS_DIR/privkey.txt
shred -zu $FRAGMENTS_DIR/pubkey.txt
shred -zu $FRAGMENTS_DIR/backup_privkey.txt
shred -zu $FRAGMENTS_DIR/backup_pubkey.txt
cat "$FRAGMENTS_DIR/pubkey.txt" \
"$FRAGMENTS_DIR/privkey.txt" \
"$FRAGMENTS_DIR/backup_pubkey.txt" \
"$FRAGMENTS_DIR/backup_privkey.txt" > "$KEYS_FILE"
shred -zu "$FRAGMENTS_DIR/privkey.txt"
shred -zu "$FRAGMENTS_DIR/pubkey.txt"
shred -zu "$FRAGMENTS_DIR/backup_privkey.txt"
shred -zu "$FRAGMENTS_DIR/backup_pubkey.txt"
KEY_SHARES=$((KEY_FRAGMENTS * 2))
gfsplit -n $KEY_FRAGMENTS -m $KEY_SHARES $KEYS_FILE
if [ ! "$?" = "0" ]; then
if ! gfsplit -n "$KEY_FRAGMENTS" -m "$KEY_SHARES $KEYS_FILE"; then
echo $"Unable to split the gpg key"
rm -rf $FRAGMENTS_DIR
if [ -f $KEYS_FILE ]; then
shred -zu $KEYS_FILE
rm -rf "$FRAGMENTS_DIR"
if [ -f "$KEYS_FILE" ]; then
shred -zu "$KEYS_FILE"
fi
exit 63028
fi
shred -zu $KEYS_FILE
shred -zu "$KEYS_FILE"
# set permissions
chown -R $MY_USERNAME:$MY_USERNAME $FRAGMENTS_DIR
chmod -R 600 $FRAGMENTS_DIR
chown -R "$MY_USERNAME":"$MY_USERNAME" "$FRAGMENTS_DIR"
chmod -R 600 "$FRAGMENTS_DIR"
echo $"$KEY_SHARES key shares created"

186
src/freedombone-syncthing
View File

@ -36,10 +36,10 @@ PROJECT_NAME='freedombone'
export TEXTDOMAIN=$PROJECT_NAME-syncthing
export TEXTDOMAINDIR="/usr/share/locale"
UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*
UTILS_FILES="/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*"
for f in $UTILS_FILES
do
source $f
source "$f"
done
# File which keeps track of what has already been installed
@ -68,13 +68,14 @@ function new_syncthing_id {
for i in {1..8}
do
v=""
# shellcheck disable=SC2034
for j in {1..2}
do
v2=`echo "obase=16;$RANDOM" | bc`
v2=$(echo "obase=16;$RANDOM" | bc)
v=$v$v2
done
v=$(echo "$v" | cut -c1-7)
if [[ ${i} < 8 ]]; then
if [ "${i}" -lt 8 ]; then
v=$v"-"
fi
echo -n "$v"
@ -83,11 +84,11 @@ function new_syncthing_id {
}
function create_syncthing_config {
if grep -q "syncthing ID" $COMPLETION_FILE; then
if grep -q "syncthing ID" "$COMPLETION_FILE"; then
SYNCTHING_ID=$(get_completion_param "syncthing ID")
else
if [ -f $SYNCTHING_CONFIG_FILE ]; then
SYNCTHING_ID=$(cat $SYNCTHING_CONFIG_FILE | grep "device id=" | head -n 1 | awk -F '"' '{print $2}')
SYNCTHING_ID=$(grep "device id=" "$SYNCTHING_CONFIG_FILE" | head -n 1 | awk -F '"' '{print $2}')
else
SYNCTHING_ID=$(new_syncthing_id)
fi
@ -109,7 +110,7 @@ function create_syncthing_config {
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
echo " <folder id=\"$USERNAME\" path=\"/home/$USERNAME/Sync/\" ro=\"false\" rescanIntervalS=\"60\" ignorePerms=\"false\" autoNormalize=\"true\">" >> $SYNCTHING_CONFIG_FILE
# include any specified device IDs for this user
if [ -f /home/$USERNAME/$SYNCTHING_USER_IDS_FILE ]; then
if [ -f "/home/$USERNAME/$SYNCTHING_USER_IDS_FILE" ]; then
echo "" > $TEMP_IDS_FILE
while read -r line || [[ -n "$line" ]]; do
line2="$(echo -e "${line}" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')"
@ -121,23 +122,23 @@ function create_syncthing_config {
fi
fi
fi
done < /home/$USERNAME/$SYNCTHING_USER_IDS_FILE
done < "/home/$USERNAME/$SYNCTHING_USER_IDS_FILE"
rm $TEMP_IDS_FILE
fi
echo " <device id=\"$SYNCTHING_ID\"></device>" >> $SYNCTHING_CONFIG_FILE
echo ' <minDiskFreePct>1</minDiskFreePct>' >> $SYNCTHING_CONFIG_FILE
echo ' <versioning></versioning>' >> $SYNCTHING_CONFIG_FILE
echo ' <copiers>0</copiers>' >> $SYNCTHING_CONFIG_FILE
echo ' <pullers>0</pullers>' >> $SYNCTHING_CONFIG_FILE
echo ' <hashers>0</hashers>' >> $SYNCTHING_CONFIG_FILE
echo ' <order>random</order>' >> $SYNCTHING_CONFIG_FILE
echo ' <ignoreDelete>false</ignoreDelete>' >> $SYNCTHING_CONFIG_FILE
echo ' <scanProgressIntervalS>0</scanProgressIntervalS>' >> $SYNCTHING_CONFIG_FILE
echo ' <pullerSleepS>0</pullerSleepS>' >> $SYNCTHING_CONFIG_FILE
echo ' <pullerPauseS>0</pullerPauseS>' >> $SYNCTHING_CONFIG_FILE
echo ' <maxConflicts>10</maxConflicts>' >> $SYNCTHING_CONFIG_FILE
echo ' <disableSparseFiles>false</disableSparseFiles>' >> $SYNCTHING_CONFIG_FILE
echo ' </folder>' >> $SYNCTHING_CONFIG_FILE
{ echo " <device id=\"$SYNCTHING_ID\"></device>";
echo ' <minDiskFreePct>1</minDiskFreePct>';
echo ' <versioning></versioning>';
echo ' <copiers>0</copiers>';
echo ' <pullers>0</pullers>';
echo ' <hashers>0</hashers>';
echo ' <order>random</order>';
echo ' <ignoreDelete>false</ignoreDelete>';
echo ' <scanProgressIntervalS>0</scanProgressIntervalS>';
echo ' <pullerSleepS>0</pullerSleepS>';
echo ' <pullerPauseS>0</pullerPauseS>';
echo ' <maxConflicts>10</maxConflicts>';
echo ' <disableSparseFiles>false</disableSparseFiles>';
echo ' </folder>'; } >> "$SYNCTHING_CONFIG_FILE"
fi
done
@ -147,7 +148,7 @@ function create_syncthing_config {
for d in /home/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ -f /home/$USERNAME/$SYNCTHING_USER_IDS_FILE ]; then
if [ -f "/home/$USERNAME/$SYNCTHING_USER_IDS_FILE" ]; then
while read -r line || [[ -n "$line" ]]; do
line2="$(echo -e "${line}" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')"
if [[ $line2 != *"#"* && $line2 != *"*"* && $line2 != *'/'* && $line2 == *"-"* ]]; then
@ -158,96 +159,95 @@ function create_syncthing_config {
fi
fi
fi
done < /home/$USERNAME/$SYNCTHING_USER_IDS_FILE
done < "/home/$USERNAME/$SYNCTHING_USER_IDS_FILE"
fi
fi
done
rm $TEMP_IDS_FILE
echo " <device id=\"$SYNCTHING_ID\"></device>" >> $SYNCTHING_CONFIG_FILE
echo ' <minDiskFreePct>1</minDiskFreePct>' >> $SYNCTHING_CONFIG_FILE
echo ' <versioning></versioning>' >> $SYNCTHING_CONFIG_FILE
echo ' <copiers>0</copiers>' >> $SYNCTHING_CONFIG_FILE
echo ' <pullers>0</pullers>' >> $SYNCTHING_CONFIG_FILE
echo ' <hashers>0</hashers>' >> $SYNCTHING_CONFIG_FILE
echo ' <order>random</order>' >> $SYNCTHING_CONFIG_FILE
echo ' <ignoreDelete>false</ignoreDelete>' >> $SYNCTHING_CONFIG_FILE
echo ' <scanProgressIntervalS>0</scanProgressIntervalS>' >> $SYNCTHING_CONFIG_FILE
echo ' <pullerSleepS>0</pullerSleepS>' >> $SYNCTHING_CONFIG_FILE
echo ' <pullerPauseS>0</pullerPauseS>' >> $SYNCTHING_CONFIG_FILE
echo ' <maxConflicts>10</maxConflicts>' >> $SYNCTHING_CONFIG_FILE
echo ' <disableSparseFiles>false</disableSparseFiles>' >> $SYNCTHING_CONFIG_FILE
echo ' </folder>' >> $SYNCTHING_CONFIG_FILE
{ echo " <device id=\"$SYNCTHING_ID\"></device>";
echo ' <minDiskFreePct>1</minDiskFreePct>';
echo ' <versioning></versioning>';
echo ' <copiers>0</copiers>';
echo ' <pullers>0</pullers>';
echo ' <hashers>0</hashers>';
echo ' <order>random</order>';
echo ' <ignoreDelete>false</ignoreDelete>';
echo ' <scanProgressIntervalS>0</scanProgressIntervalS>';
echo ' <pullerSleepS>0</pullerSleepS>';
echo ' <pullerPauseS>0</pullerPauseS>';
echo ' <maxConflicts>10</maxConflicts>';
echo ' <disableSparseFiles>false</disableSparseFiles>';
echo ' </folder>';
echo " <device id=\"$SYNCTHING_ID\" name=\"${PROJECT_NAME}\" compression=\"metadata\" introducer=\"false\">" >> $SYNCTHING_CONFIG_FILE
echo ' <address>dynamic</address>' >> $SYNCTHING_CONFIG_FILE
echo ' </device>' >> $SYNCTHING_CONFIG_FILE
echo " <device id=\"$SYNCTHING_ID\" name=\"${PROJECT_NAME}\" compression=\"metadata\" introducer=\"false\">";
echo ' <address>dynamic</address>';
echo ' </device>'; } >> "$SYNCTHING_CONFIG_FILE"
echo "" > $TEMP_IDS_FILE
for d in /home/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ -f /home/$USERNAME/$SYNCTHING_USER_IDS_FILE ]; then
if [ -f "/home/$USERNAME/$SYNCTHING_USER_IDS_FILE" ]; then
while read -r line || [[ -n "$line" ]]; do
line2="$(echo -e "${line}" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')"
if [[ $line2 != *"#"* && $line2 != *"*"* && $line2 != *'/'* && $line2 == *"-"* ]]; then
if [ ${#line2} -gt 10 ]; then
if ! grep -q "$line2" $TEMP_IDS_FILE; then
echo " <device id=\"$line2\" name=\"${USERNAME}\" compression=\"metadata\" introducer=\"false\">" >> $SYNCTHING_CONFIG_FILE
echo " <device id=\"$line2\" name=\"${USERNAME}\" compression=\"metadata\" introducer=\"false\">" >> "$SYNCTHING_CONFIG_FILE"
echo ' <address>dynamic</address>' >> $SYNCTHING_CONFIG_FILE
echo ' </device>' >> $SYNCTHING_CONFIG_FILE
echo "$line2" >> $TEMP_IDS_FILE
fi
fi
fi
done < /home/$USERNAME/$SYNCTHING_USER_IDS_FILE
done < "/home/$USERNAME/$SYNCTHING_USER_IDS_FILE"
fi
fi
done
rm $TEMP_IDS_FILE
echo ' <options>' >> $SYNCTHING_CONFIG_FILE
echo " <listenAddress>tcp://0.0.0.0:$SYNCTHING_PORT</listenAddress>" >> $SYNCTHING_CONFIG_FILE
echo ' <globalAnnounceServer>default</globalAnnounceServer>' >> $SYNCTHING_CONFIG_FILE
echo ' <globalAnnounceEnabled>true</globalAnnounceEnabled>' >> $SYNCTHING_CONFIG_FILE
echo ' <localAnnounceEnabled>true</localAnnounceEnabled>' >> $SYNCTHING_CONFIG_FILE
echo ' <localAnnouncePort>21027</localAnnouncePort>' >> $SYNCTHING_CONFIG_FILE
echo ' <localAnnounceMCAddr>[ff12::8384]:21027</localAnnounceMCAddr>' >> $SYNCTHING_CONFIG_FILE
echo " <relayServer>dynamic+$SYNCTHING_RELAY_SERVER</relayServer>" >> $SYNCTHING_CONFIG_FILE
echo ' <maxSendKbps>0</maxSendKbps>' >> $SYNCTHING_CONFIG_FILE
echo ' <maxRecvKbps>0</maxRecvKbps>' >> $SYNCTHING_CONFIG_FILE
echo ' <reconnectionIntervalS>60</reconnectionIntervalS>' >> $SYNCTHING_CONFIG_FILE
echo ' <relaysEnabled>true</relaysEnabled>' >> $SYNCTHING_CONFIG_FILE
echo ' <relayReconnectIntervalM>10</relayReconnectIntervalM>' >> $SYNCTHING_CONFIG_FILE
echo ' <startBrowser>true</startBrowser>' >> $SYNCTHING_CONFIG_FILE
echo ' <upnpEnabled>true</upnpEnabled>' >> $SYNCTHING_CONFIG_FILE
echo ' <upnpLeaseMinutes>60</upnpLeaseMinutes>' >> $SYNCTHING_CONFIG_FILE
echo ' <upnpRenewalMinutes>30</upnpRenewalMinutes>' >> $SYNCTHING_CONFIG_FILE
echo ' <upnpTimeoutSeconds>10</upnpTimeoutSeconds>' >> $SYNCTHING_CONFIG_FILE
echo ' <urAccepted>-1</urAccepted>' >> $SYNCTHING_CONFIG_FILE
echo ' <urUniqueID></urUniqueID>' >> $SYNCTHING_CONFIG_FILE
echo ' <urURL>https://data.syncthing.net/newdata</urURL>' >> $SYNCTHING_CONFIG_FILE
echo ' <urPostInsecurely>false</urPostInsecurely>' >> $SYNCTHING_CONFIG_FILE
echo ' <urInitialDelayS>1800</urInitialDelayS>' >> $SYNCTHING_CONFIG_FILE
echo ' <restartOnWakeup>true</restartOnWakeup>' >> $SYNCTHING_CONFIG_FILE
echo ' <autoUpgradeIntervalH>12</autoUpgradeIntervalH>' >> $SYNCTHING_CONFIG_FILE
echo ' <keepTemporariesH>24</keepTemporariesH>' >> $SYNCTHING_CONFIG_FILE
echo ' <cacheIgnoredFiles>true</cacheIgnoredFiles>' >> $SYNCTHING_CONFIG_FILE
echo ' <progressUpdateIntervalS>5</progressUpdateIntervalS>' >> $SYNCTHING_CONFIG_FILE
echo ' <symlinksEnabled>true</symlinksEnabled>' >> $SYNCTHING_CONFIG_FILE
echo ' <limitBandwidthInLan>false</limitBandwidthInLan>' >> $SYNCTHING_CONFIG_FILE
echo ' <minHomeDiskFreePct>1</minHomeDiskFreePct>' >> $SYNCTHING_CONFIG_FILE
echo " <releasesURL>$SYNCTHING_RELEASES</releasesURL>" >> $SYNCTHING_CONFIG_FILE
echo ' </options>' >> $SYNCTHING_CONFIG_FILE
echo '</configuration>' >> $SYNCTHING_CONFIG_FILE
{ echo ' <options>';
echo " <listenAddress>tcp://0.0.0.0:$SYNCTHING_PORT</listenAddress>";
echo ' <globalAnnounceServer>default</globalAnnounceServer>';
echo ' <globalAnnounceEnabled>true</globalAnnounceEnabled>';
echo ' <localAnnounceEnabled>true</localAnnounceEnabled>';
echo ' <localAnnouncePort>21027</localAnnouncePort>';
echo ' <localAnnounceMCAddr>[ff12::8384]:21027</localAnnounceMCAddr>';
echo " <relayServer>dynamic+$SYNCTHING_RELAY_SERVER</relayServer>";
echo ' <maxSendKbps>0</maxSendKbps>';
echo ' <maxRecvKbps>0</maxRecvKbps>';
echo ' <reconnectionIntervalS>60</reconnectionIntervalS>';
echo ' <relaysEnabled>true</relaysEnabled>';
echo ' <relayReconnectIntervalM>10</relayReconnectIntervalM>';
echo ' <startBrowser>true</startBrowser>';
echo ' <upnpEnabled>true</upnpEnabled>';
echo ' <upnpLeaseMinutes>60</upnpLeaseMinutes>';
echo ' <upnpRenewalMinutes>30</upnpRenewalMinutes>';
echo ' <upnpTimeoutSeconds>10</upnpTimeoutSeconds>';
echo ' <urAccepted>-1</urAccepted>';
echo ' <urUniqueID></urUniqueID>';
echo ' <urURL>https://data.syncthing.net/newdata</urURL>';
echo ' <urPostInsecurely>false</urPostInsecurely>';
echo ' <urInitialDelayS>1800</urInitialDelayS>';
echo ' <restartOnWakeup>true</restartOnWakeup>';
echo ' <autoUpgradeIntervalH>12</autoUpgradeIntervalH>';
echo ' <keepTemporariesH>24</keepTemporariesH>';
echo ' <cacheIgnoredFiles>true</cacheIgnoredFiles>';
echo ' <progressUpdateIntervalS>5</progressUpdateIntervalS>';
echo ' <symlinksEnabled>true</symlinksEnabled>';
echo ' <limitBandwidthInLan>false</limitBandwidthInLan>';
echo ' <minHomeDiskFreePct>1</minHomeDiskFreePct>';
echo " <releasesURL>$SYNCTHING_RELEASES</releasesURL>";
echo ' </options>';
echo '</configuration>'; } >> "$SYNCTHING_CONFIG_FILE"
# give each user account a file containing the device id for this server
# This allows it to appear within the user control panel
for d in /home/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
echo "$SYNCTHING_ID" > /home/$USERNAME/.syncthing-server-id
chown $USERNAME:$USERNAME /home/$USERNAME/.syncthing-server-id
echo "$SYNCTHING_ID" > "/home/$USERNAME/.syncthing-server-id"
chown "$USERNAME":"$USERNAME" "/home/$USERNAME/.syncthing-server-id"
fi
done
}
@ -266,7 +266,7 @@ function user_devices_changed {
for d in /home/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
if [ ! -f /home/$USERNAME/.syncthing-server-id ]; then
if [ ! -f "/home/$USERNAME/.syncthing-server-id" ]; then
CHANGED=1
return
fi
@ -275,11 +275,11 @@ function user_devices_changed {
for d in /home/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
if [ -f /home/$USERNAME/$SYNCTHING_UPDATE_FILE ]; then
if [ -f "/home/$USERNAME/$SYNCTHING_UPDATE_FILE" ]; then
CHANGED=1
fi
if [ -f /home/$USERNAME/$SYNCTHING_USER_IDS_FILE ]; then
if [ -f "/home/$USERNAME/$SYNCTHING_USER_IDS_FILE" ]; then
while read -r line || [[ -n "$line" ]]; do
if [[ $line != *"#"* && $line != *"*"* && $line != *'/'* && $line == *"-"* ]]; then
if [ ${#line} -gt 10 ]; then
@ -288,15 +288,15 @@ function user_devices_changed {
fi
fi
fi
done < /home/$USERNAME/$SYNCTHING_USER_IDS_FILE
done < "/home/$USERNAME/$SYNCTHING_USER_IDS_FILE"
fi
# Permissions on user Sync directories
if [ -d /home/$USERNAME/Sync ]; then
chown $USERNAME:$USERNAME /home/$USERNAME /home/$USERNAME/Sync
if [ -d "/home/$USERNAME/Sync" ]; then
chown "$USERNAME":"$USERNAME" "/home/$USERNAME" "/home/$USERNAME/Sync"
fi
if [ -d /home/$USERNAME/SyncShared ]; then
chown $USERNAME:$USERNAME /home/$USERNAME /home/$USERNAME/SyncShared
if [ -d "/home/$USERNAME/SyncShared" ]; then
chown "$USERNAME":"$USERNAME" "/home/$USERNAME" "/home/$USERNAME/SyncShared"
fi
fi
done
@ -305,11 +305,11 @@ function user_devices_changed {
function syncthing_set_permissions {
for d in /home/*/ ; do
USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
if [ -d /home/$USERNAME/Sync ]; then
chown $USERNAME:$USERNAME /home/$USERNAME /home/$USERNAME/Sync
if [ -d "/home/$USERNAME/Sync" ]; then
chown "$USERNAME":"$USERNAME" "/home/$USERNAME" "/home/$USERNAME/Sync"
fi
if [ -d /home/$USERNAME/SyncShared ]; then
chown $USERNAME:$USERNAME /home/$USERNAME /home/$USERNAME/SyncShared
if [ -d "/home/$USERNAME/SyncShared" ]; then
chown "$USERNAME":"$USERNAME" "/home/$USERNAME" "/home/$USERNAME/SyncShared"
fi
done
}

109
src/freedombone-template
View File

@ -85,9 +85,9 @@ do
-a|--app|--appname)
shift
app_name="$1"
app_name_lower=$(echo ${app_name} | tr '[:upper:]' '[:lower:]')
app_name_lower=$(echo "${app_name}" | tr '[:upper:]' '[:lower:]')
app_name=$app_name_lower
app_name_upper=$(echo ${app_name} | tr '[:lower:]' '[:upper:]')
app_name_upper=$(echo "${app_name}" | tr '[:lower:]' '[:upper:]')
;;
-r|--repo)
shift
@ -226,14 +226,14 @@ fi
echo ''
echo "${app_name_upper}_DOMAIN_NAME="
echo "${app_name_upper}_CODE="
if [ $app_port ]; then
if [ "$app_port" ]; then
echo "${app_name_upper}_PORT=$app_port"
fi
echo "${app_name_upper}_ONION_PORT=$(( ( RANDOM % 1000 ) + 9010 ))"
echo "${app_name_upper}_REPO=\"${app_repo}\""
echo "${app_name_upper}_COMMIT='${app_repo_commit}'"
if [ $app_daemon ]; then
if [ ! $app_port_internal ]; then
if [ ! "$app_port_internal" ]; then
echo "${app_name_upper}_PORT_INTERNAL=TODO"
else
echo "${app_name_upper}_PORT_INTERNAL=$app_port_internal"
@ -255,14 +255,14 @@ echo " echo -n ''"
echo '}'
echo ''
echo "function remove_user_${app_name} {"
echo ' remove_username="$1"'
echo " remove_username=\"\$1\""
echo ''
echo " \${PROJECT_NAME}-pass -u \$remove_username --rmapp ${app_name}"
echo '}'
echo ''
echo "function add_user_${app_name} {"
echo ' new_username="$1"'
echo ' new_user_password="$2"'
echo " new_username=\"\$1\""
echo " new_user_password=\"\$2\""
echo ''
echo " \${PROJECT_NAME}-pass -u \$new_username -a ${app_name} -p \"\$new_user_password\""
echo " echo '0'"
@ -270,11 +270,11 @@ echo '}'
echo ''
echo "function install_interactive_${app_name} {"
if [ ! $app_onion_only ]; then
echo ' if [ ! $ONION_ONLY ]; then'
echo " if [ ! \$ONION_ONLY ]; then"
echo " ONION_ONLY='no'"
echo ' fi'
echo ''
echo ' if [[ $ONION_ONLY != "no" ]]; then'
echo " if [[ \$ONION_ONLY != \"no\" ]]; then"
echo " ${app_name_upper}_DOMAIN_NAME='${app_name}.local'"
echo " write_config_param \"${app_name_upper}_DOMAIN_NAME\" \"\$${app_name_upper}_DOMAIN_NAME\""
echo ' else'
@ -287,8 +287,8 @@ echo ' APP_INSTALLED=1'
echo '}'
echo ''
echo "function change_password_${app_name} {"
echo ' curr_username="$1"'
echo ' new_user_password="$2"'
echo " curr_username=\"\$1\""
echo " new_user_password=\"\$2\""
echo ''
echo " read_config_param '${app_name_upper}_DOMAIN_NAME'"
echo ''
@ -298,8 +298,8 @@ echo '}'
if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" || "$database_type" == "postgres"* ]]; then
echo ''
echo "function ${app_name}_create_database {"
echo ' if [ -f $IMAGE_PASSWORD_FILE ]; then'
echo " ${app_name_upper}_ADMIN_PASSWORD=\"\$(printf `cat $IMAGE_PASSWORD_FILE`)\""
echo " if [ -f \$IMAGE_PASSWORD_FILE ]; then"
echo " ${app_name_upper}_ADMIN_PASSWORD=\"\$(printf \"%d\" \"\$(cat \"$IMAGE_PASSWORD_FILE\")\")\""
echo ' else'
echo " if [ ! \$${app_name_upper}_ADMIN_PASSWORD ]; then"
echo " ${app_name_upper}_ADMIN_PASSWORD=\"\$(create_password \${MINIMUM_PASSWORD_LENGTH})\""
@ -329,26 +329,29 @@ echo ''
echo "function configure_interactive_${app_name} {"
echo ' while true'
echo ' do'
echo ' data=$(tempfile 2>/dev/null)'
echo ' trap "rm -f $data" 0 1 2 5 15'
echo " data=\$(mktemp 2>/dev/null)"
echo " dialog --backtitle \$\"Freedombone Control Panel\" \\"
echo " --title \$\"${app_name}\" \\"
echo " --radiolist \$\"Choose an operation:\" 16 70 3 \\"
echo ' 1 $"Option 1" off \'
echo ' 2 $"Option 2" off \'
echo ' 3 $"Exit" on 2> $data'
echo " 1 \$\"Option 1\" off \\"
echo " 2 \$\"Option 2\" off \\"
echo " 3 \$\"Exit\" on 2> \"\$data\""
echo ' sel=$?'
echo ' case $sel in'
echo ' 1) return;;'
echo ' 255) return;;'
echo " case \$sel in"
echo " 1) rm -f \"\$data\""
echo ' return;;'
echo " 255) rm -f \"\$data\""
echo ' return;;'
echo ' esac'
echo ' case $(cat $data) in'
echo " case \$(cat \"\$data\") in"
echo ' 1) # call some function for option 1'
echo ' ;;'
echo ' 2) # call some function for option 2'
echo ' ;;'
echo ' 3) break;;'
echo " 3) rm -f \"\$data\""
echo ' break;;'
echo ' esac'
echo " rm -f \"\$data\""
echo ' done'
echo '}'
echo ''
@ -363,7 +366,7 @@ echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name
echo ' fi'
echo ''
echo ' # update to the next commit'
if [ ! $app_dir ]; then
if [ ! "$app_dir" ]; then
echo " set_repo_commit /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs \"${app_name} commit\" \"\$${app_name_upper}_COMMIT\" \$${app_name_upper}_REPO"
echo " chown -R www-data:www-data /var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs"
else
@ -378,7 +381,7 @@ echo " if grep -q \"${app_name} domain\" \$COMPLETION_FILE; then"
echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")"
echo ' fi'
echo ''
if [ ! $app_dir ]; then
if [ ! "$app_dir" ]; then
echo " source_directory=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs"
else
echo " source_directory=${app_dir}"
@ -387,7 +390,7 @@ echo ''
echo " suspend_site \${${app_name_upper}_DOMAIN_NAME}"
echo ''
echo " dest_directory=${app_name}"
echo ' backup_directory_to_usb $source_directory $dest_directory'
echo " backup_directory_to_usb \$source_directory \$dest_directory"
echo ''
if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" ]]; then
echo " backup_database_to_usb ${app_name}"
@ -408,7 +411,7 @@ echo ' fi'
echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")"
echo " if [ \$${app_name_upper}_DOMAIN_NAME ]; then"
echo " temp_restore_dir=/root/temp${app_name}"
if [ ! $app_dir ]; then
if [ ! "$app_dir" ]; then
echo " ${app_name}_dir=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs"
else
echo " ${app_name}_dir=${app_dir}"
@ -418,8 +421,8 @@ if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" ]]; then
echo " ${app_name}_create_database"
echo ''
echo " restore_database ${app_name}"
echo ' if [ -d $temp_restore_dir ]; then'
echo ' rm -rf $temp_restore_dir'
echo " if [ -d \$temp_restore_dir ]; then"
echo " rm -rf \$temp_restore_dir"
echo ' fi'
echo ''
fi
@ -428,13 +431,13 @@ if [[ "$database_type" == "postgres"* ]]; then
echo ''
echo ' USE_POSTGRESQL=1'
echo " restore_database ${app_name}"
echo ' if [ -d $temp_restore_dir ]; then'
echo ' rm -rf $temp_restore_dir'
echo " if [ -d \$temp_restore_dir ]; then"
echo " rm -rf \$temp_restore_dir"
echo ' fi'
echo ''
fi
echo " restore_directory_from_usb \$temp_restore_dir ${app_name}"
echo ' if [ -d $temp_restore_dir ]; then'
echo " if [ -d \$temp_restore_dir ]; then"
echo " if [ -d cp \$temp_restore_dir\$${app_name}_dir ]; then"
echo " cp -rp \$temp_restore_dir\$${app_name}_dir/* \$${app_name}_dir/"
echo ' else'
@ -444,7 +447,7 @@ echo ' fi'
echo " cp -rp \$temp_restore_dir/* \$${app_name}_dir/"
echo ' fi'
echo " chown -R www-data:www-data \$${app_name}_dir"
echo ' rm -rf $temp_restore_dir'
echo " rm -rf \$temp_restore_dir"
echo ' fi'
echo ''
echo ' fi'
@ -456,7 +459,7 @@ echo " if grep -q \"${app_name} domain\" \$COMPLETION_FILE; then"
echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")"
echo ' fi'
echo ''
if [ ! $app_dir ]; then
if [ ! "$app_dir" ]; then
echo " source_directory=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs"
else
echo " source_directory=${app_dir}"
@ -465,7 +468,7 @@ echo ''
echo " suspend_site \${${app_name_upper}_DOMAIN_NAME}"
echo ''
echo " dest_directory=${app_name}"
echo ' backup_directory_to_friend $source_directory $dest_directory'
echo " backup_directory_to_friend \$source_directory \$dest_directory"
echo ''
if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" ]]; then
echo " backup_database_to_friend ${app_name}"
@ -486,7 +489,7 @@ echo ' fi'
echo " ${app_name_upper}_DOMAIN_NAME=\$(get_completion_param \"${app_name} domain\")"
echo " if [ \$${app_name_upper}_DOMAIN_NAME ]; then"
echo " temp_restore_dir=/root/temp${app_name}"
if [ ! $app_dir ]; then
if [ ! "$app_dir" ]; then
echo " ${app_name}_dir=/var/www/\${${app_name_upper}_DOMAIN_NAME}/htdocs"
else
echo " ${app_name}_dir=${app_dir}"
@ -496,8 +499,8 @@ if [[ "$database_type" == "mariadb" || "$database_type" == "mysql" ]]; then
echo " ${app_name}_create_database"
echo ''
echo " restore_database_from_friend ${app_name}"
echo ' if [ -d $temp_restore_dir ]; then'
echo ' rm -rf $temp_restore_dir'
echo " if [ -d \$temp_restore_dir ]; then"
echo " rm -rf \$temp_restore_dir"
echo ' fi'
echo ''
fi
@ -506,13 +509,13 @@ if [[ "$database_type" == "postgres"* ]]; then
echo ''
echo ' USE_POSTGRESQL=1'
echo " restore_database_from_friend ${app_name}"
echo ' if [ -d $temp_restore_dir ]; then'
echo ' rm -rf $temp_restore_dir'
echo " if [ -d \$temp_restore_dir ]; then"
echo " rm -rf \$temp_restore_dir"
echo ' fi'
echo ''
fi
echo " restore_directory_from_friend \$temp_restore_dir ${app_name}"
echo ' if [ -d $temp_restore_dir ]; then'
echo " if [ -d \$temp_restore_dir ]; then"
echo " if [ -d cp \$temp_restore_dir\$${app_name}_dir ]; then"
echo " cp -rp \$temp_restore_dir\$${app_name}_dir/* \$${app_name}_dir/"
echo ' else'
@ -522,7 +525,7 @@ echo ' fi'
echo " cp -rp \$temp_restore_dir/* \$${app_name}_dir/"
echo ' fi'
echo " chown -R www-data:www-data \$${app_name}_dir"
echo ' rm -rf $temp_restore_dir'
echo " rm -rf \$temp_restore_dir"
echo ' fi'
echo ''
echo ' fi'
@ -564,7 +567,7 @@ echo ' fi'
echo " remove_app ${app_name}"
echo " remove_completion_param install_${app_name}"
echo " sed -i '/${app_name}/d' \$COMPLETION_FILE"
if [ $app_port ]; then
if [ "$app_port" ]; then
echo ''
echo " firewall_remove ${app_port} tcp"
fi
@ -597,7 +600,7 @@ echo ' fi'
echo " if [ ! -d /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs ]; then"
echo " if [ -d /repos/${app_name} ]; then"
echo " mkdir /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs"
if [ ! $app_dir ]; then
if [ ! "$app_dir" ]; then
echo " cp -r -p /repos/${app_name}/. /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs"
echo " cd /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs"
else
@ -606,14 +609,14 @@ else
fi
echo ' git pull'
echo ' else'
if [ ! $app_dir ]; then
if [ ! "$app_dir" ]; then
echo " git_clone \$${app_name_upper}_REPO /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs"
else
echo " git_clone \$${app_name_upper}_REPO ${app_dir}"
fi
echo ' fi'
echo ''
if [ ! $app_dir ]; then
if [ ! "$app_dir" ]; then
echo " if [ ! -d /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs ]; then"
else
echo " if [ ! -d ${app_dir} ]; then"
@ -623,7 +626,7 @@ echo ' exit 87525'
echo ' fi'
echo ' fi'
echo ''
if [ ! $app_dir ]; then
if [ ! "$app_dir" ]; then
echo " cd /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs"
else
echo " cd ${app_dir}"
@ -646,7 +649,7 @@ echo ''
echo " ${app_name}_nginx_site=/etc/nginx/sites-available/\$${app_name_upper}_DOMAIN_NAME"
if [ $app_onion_only ]; then
echo ' if [[ $ONION_ONLY == "no" ]]; then'
echo " if [[ \"\$ONION_ONLY\" == \"no\" ]]; then"
if [[ "$app_php" == 'yes' ]]; then
echo " nginx_http_redirect \$${app_name_upper}_DOMAIN_NAME \"index index.php\""
else
@ -675,7 +678,7 @@ if [ $app_onion_only ]; then
echo " echo '' >> \$${app_name}_nginx_site"
if [[ "$app_php" == 'yes' ]]; then
echo " echo ' index index.php;' >> \$${app_name}_nginx_site"
echo " echo ' location ~ \.php {' >> \$${app_name}_nginx_site"
echo " echo ' location ~ \\.php {' >> \$${app_name}_nginx_site"
echo " echo ' include snippets/fastcgi-php.conf;' >> \$${app_name}_nginx_site"
echo " echo ' fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;' >> \$${app_name}_nginx_site"
echo " echo ' fastcgi_read_timeout 30;' >> \$${app_name}_nginx_site"
@ -717,7 +720,7 @@ echo " echo \" root /var/www/\$${app_name_upper}_DOMAIN_NAME/htdocs;\" >> \$
echo " echo '' >> \$${app_name}_nginx_site"
if [[ "$app_php" == 'yes' ]]; then
echo " echo ' index index.php;' >> \$${app_name}_nginx_site"
echo " echo ' location ~ \.php {' >> \$${app_name}_nginx_site"
echo " echo ' location ~ \\.php {' >> \$${app_name}_nginx_site"
echo " echo ' include snippets/fastcgi-php.conf;' >> \$${app_name}_nginx_site"
echo " echo ' fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;' >> \$${app_name}_nginx_site"
echo " echo ' fastcgi_read_timeout 30;' >> \$${app_name}_nginx_site"
@ -753,7 +756,7 @@ if [ $app_daemon ]; then
echo " echo 'Type=simple' >> /etc/systemd/system/${app_name}.service"
echo " echo 'User=${app_name}' >> /etc/systemd/system/${app_name}.service"
echo " echo 'Group=${app_name}' >> /etc/systemd/system/${app_name}.service"
if [ ! $app_dir ]; then
if [ ! "$app_dir" ]; then
echo " echo 'WorkingDirectory=TODO' >> /etc/systemd/system/${app_name}.service"
else
echo " echo 'WorkingDirectory=${app_dir}' >> /etc/systemd/system/${app_name}.service"
@ -765,7 +768,7 @@ if [ $app_daemon ]; then
echo " echo '[Install]' >> /etc/systemd/system/${app_name}.service"
echo " echo 'WantedBy=multi-user.target' >> /etc/systemd/system/${app_name}.service"
echo " systemctl enable ${app_name}"
if [ $app_dir ]; then
if [ "$app_dir" ]; then
echo " chown -R ${app_name}:${app_name} ${app_dir}"
fi
echo " systemctl start ${app_name}"
@ -785,7 +788,7 @@ echo ' systemctl restart nginx'
echo ''
echo " \${PROJECT_NAME}-pass -u \$MY_USERNAME -a ${app_name} -p \"\$${app_name_upper}_ADMIN_PASSWORD\""
echo " set_completion_param \"${app_name} domain\" \"\$${app_name_upper}_DOMAIN_NAME\""
if [ $app_port ]; then
if [ "$app_port" ]; then
echo ''
echo " firewall_add ${app_name} ${app_port} tcp"
fi

43
src/freedombone-tests
View File

@ -56,8 +56,8 @@ function test_app_function_type {
filename=$1
fn_type=$2
app_name=$(echo "${filename}" | awk -F '-app-' '{print $2}')
app_function=$(cat "${filename}" | grep "function ${fn_type}_${app_name} {" | awk -F "${fn_type}_" '{print $2}' | awk -F ' ' '{print $1}')
if [ ! ${app_function} ]; then
app_function=$(grep "function ${fn_type}_${app_name} {" "${filename}" | awk -F "${fn_type}_" '{print $2}' | awk -F ' ' '{print $1}')
if [ ! "${app_function}" ]; then
echo $"Application ${app_name} does not contain a function called '${fn_type}_${app_name}'"
echo ''
echo "See ${filename}"
@ -69,7 +69,7 @@ function test_app_functions {
if [ $RUN_STIG ]; then
return
fi
FILES=/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*
FILES="/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*"
# check that these functions exist
interface_functions=( install remove backup_local backup_remote restore_local restore_remote upgrade reconfigure )
@ -80,7 +80,7 @@ function test_app_functions {
# for each expected interface function
for f in "${interface_functions[@]}"
do
test_app_function_type ${filename} $f
test_app_function_type ${filename} "$f"
done
done
}
@ -91,12 +91,12 @@ function test_unique_onion_ports {
fi
# test that some services are not assigned the same onion port
FILES=src/${PROJECT_NAME}-app-*
ports=$(grep -r "_ONION_PORT=" $FILES | awk -F ':' '{print $2}' | uniq | awk -F '=' '{print $2}')
unique_ports=$(grep -r "_ONION_PORT=" $FILES | awk -F ':' '{print $2}' | uniq | awk -F '=' '{print $2}' | uniq)
FILES="src/${PROJECT_NAME}-app-*"
ports=$(grep -r "_ONION_PORT=" "$FILES" | awk -F ':' '{print $2}' | uniq | awk -F '=' '{print $2}')
unique_ports=$(grep -r "_ONION_PORT=" "$FILES" | awk -F ':' '{print $2}' | uniq | awk -F '=' '{print $2}' | uniq)
if [[ "$ports" != "$unique_ports" ]]; then
echo $'Some onion ports are clashing'
grep -r "_ONION_PORT=" $FILES | awk -F ':' '{print $2}' | uniq
grep -r "_ONION_PORT=" "$FILES" | awk -F ':' '{print $2}' | uniq
exit 637252
fi
}
@ -110,7 +110,7 @@ function stig_log_msg {
NORMAL=$(tput sgr0)
MSG="$2"
if [ $ESTATUS -eq 0 ];then
if [ "$ESTATUS" -eq 0 ];then
printf "%s %s" "$GREEN$BOLD[ PASS ]$NORMAL" "$MSG"
echo
else
@ -123,19 +123,20 @@ function stig_spinner {
local pid=$1
local delay=0.1
# shellcheck disable=SC2143
while [ "$(ps -a | awk '{print $1}' | grep "$pid")" ];
do
sleep $delay
done
printf " \b"
wait $1
printf " \\b"
wait "$1"
}
function disallow_package {
package_name=$1
if service --status-all | grep "+.*${package_name}";then
apt-get -yq remove --purge ${package_name}
apt-get -yq remove --purge "${package_name}"
apt -yq autoremove
fi
}
@ -164,7 +165,7 @@ function test_stig {
CATCOLOR=1
SETLANG="en"
source $STIG_TESTS_DIR/output.sh
source "$STIG_TESTS_DIR/output.sh"
##RHEL-06-000001
##The system must use a separate file system for /tmp.
@ -249,6 +250,7 @@ function test_stig {
##RHEL-06-000033
##The /etc/shadow file must be owned by root.
# shellcheck disable=SC2012
ls -l /etc/shadow | awk '{print $3}' | grep "^root$" > /dev/null 2>&1 &
stig_spinner $!
@ -258,6 +260,7 @@ function test_stig {
##RHEL-06-000034
##The /etc/shadow file must be group-owned by root.
# shellcheck disable=SC2012
ls -l /etc/shadow | awk '{print $4}' | grep "^root$" > /dev/null 2>&1 &
stig_spinner $!
@ -267,6 +270,7 @@ function test_stig {
##RHEL-06-000035
##The /etc/shadow file must have mode 0000.
# shellcheck disable=SC2012
ls -l /etc/shadow | awk '{print $1}' | grep "^----------$" > /dev/null 2>&1 &
stig_spinner $!
@ -276,6 +280,7 @@ function test_stig {
##RHEL-06-000036
##The /etc/gshadow file must be owned by root.
# shellcheck disable=SC2012
ls -l /etc/gshadow | awk '{print $3}' | grep "^root$" > /dev/null 2>&1 &
stig_spinner $!
@ -285,6 +290,7 @@ function test_stig {
##RHEL-06-000037
##The /etc/gshadow file must be group-owned by root.
# shellcheck disable=SC2012
ls -l /etc/gshadow | awk '{print $4}' | grep "^root$" > /dev/null 2>&1 &
stig_spinner $!
@ -294,6 +300,7 @@ function test_stig {
##RHEL-06-000038
##The /etc/gshadow file must have mode 0000.
# shellcheck disable=SC2012
ls -l /etc/gshadow | awk '{print $1}' | grep "^----------$" > /dev/null 2>&1 &
stig_spinner $!
@ -303,6 +310,7 @@ function test_stig {
##RHEL-06-000039
##The /etc/passwd file must be owned by root.
# shellcheck disable=SC2012
ls -l /etc/passwd | awk '{print $3}' | grep "^root$" > /dev/null 2>&1 &
stig_spinner $!
@ -312,6 +320,7 @@ function test_stig {
##RHEL-06-000040
##The /etc/passwd file must be group-owned by root.
# shellcheck disable=SC2012
ls -l /etc/passwd | awk '{print $4}' | grep "^root$" > /dev/null 2>&1 &
stig_spinner $!
@ -330,6 +339,7 @@ function test_stig {
##RHEL-06-000042
##The /etc/group file must be owned by root.
# shellcheck disable=SC2012
ls -l /etc/group | awk '{print $3}' | grep "^root$" > /dev/null 2>&1 &
stig_spinner $!
@ -339,6 +349,7 @@ function test_stig {
##RHEL-06-000043
##The /etc/group file must be group-owned by root.
# shellcheck disable=SC2012
ls -l /etc/group | awk '{print $4}' | grep "^root$" > /dev/null 2>&1 &
stig_spinner $!
@ -1202,7 +1213,7 @@ function test_stig {
if [ $SHOW_ALL_TESTS ]; then
show_passes_fails=1
else
if [ $FAILS -gt 0 ]; then
if [ "$FAILS" -gt 0 ]; then
show_passes_fails=1
fi
fi
@ -1211,7 +1222,7 @@ function test_stig {
echo ''
echo $"Passes: $PASSES"
echo $"Fails: $FAILS"
if [ $FAILS -gt 0 ]; then
if [ "$FAILS" -gt 0 ]; then
exit 792353
fi
fi
@ -1239,7 +1250,7 @@ do
shift
done
if [ ! $RUN_STIG ]; then
if [ ! "$RUN_STIG" ]; then
echo $'Running tests'
fi

14
src/freedombone-unignore
View File

@ -79,20 +79,20 @@ if ! [[ $MYUSERNAME && $EMAIL_ADDRESS ]]; then
fi
fi
MUTTRC=/home/$MYUSERNAME/.muttrc
MUTTRC="/home/$MYUSERNAME/.muttrc"
PM=/home/$MYUSERNAME/.procmailrc
# unignore if subject line contains text
if [ $SUBJECT_TEXT ]; then
if grep -q "Ignore rule for $SUBJECT_TEXT" $PM; then
sed -i "/# Ignore rule for $SUBJECT_TEXT/,/# End of ignore rule/d" $PM
if [ "$SUBJECT_TEXT" ]; then
if grep -q "Ignore rule for $SUBJECT_TEXT" "$PM"; then
sed -i "/# Ignore rule for $SUBJECT_TEXT/,/# End of ignore rule/d" "$PM"
fi
fi
# unignore an email address
if [ $EMAIL_ADDRESS ]; then
if grep -q "Ignore rule for $EMAIL_ADDRESS" $PM; then
sed -i "/# Ignore rule for $EMAIL_ADDRESS/,/# End of ignore rule/d" $PM
if [ "$EMAIL_ADDRESS" ]; then
if grep -q "Ignore rule for $EMAIL_ADDRESS" "$PM"; then
sed -i "/# Ignore rule for $EMAIL_ADDRESS/,/# End of ignore rule/d" "$PM"
fi
fi

19
src/freedombone-upgrade
View File

@ -42,10 +42,10 @@ CURRENT_BRANCH=master
# clear temporary files
rm -rf /tmp/*
UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*
UTILS_FILES="/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*"
for f in $UTILS_FILES
do
source $f
source "$f"
done
read_config_param PROJECT_REPO
@ -68,14 +68,14 @@ fi
#update-ca-certificates
if [ ! -d $PROJECT_DIR ]; then
git_clone $PROJECT_REPO $PROJECT_DIR
if [ ! -d "$PROJECT_DIR" ]; then
git_clone "$PROJECT_REPO" "$PROJECT_DIR"
fi
if [ -d $PROJECT_DIR ]; then
if [ -f $CONFIGURATION_FILE ]; then
cd $PROJECT_DIR
rm -rf $PROJECT_DIR/locale/*
if [ -d "$PROJECT_DIR" ]; then
if [ -f "$CONFIGURATION_FILE" ]; then
cd "$PROJECT_DIR" || exit 246823484
rm -rf "$PROJECT_DIR/locale/*"
if [[ "$CURRENT_BRANCH" == *"master" ]]; then
git_pull $PROJECT_REPO
else
@ -88,8 +88,7 @@ if [ -d $PROJECT_DIR ]; then
chmod -R +r /usr/share/${PROJECT_NAME}
fi
${PROJECT_NAME} -c $CONFIGURATION_FILE
if [ ! "$?" = "0" ]; then
if ! ${PROJECT_NAME} -c "$CONFIGURATION_FILE"; then
exit 453536
fi

10
src/freedombone-usb-canary
View File

@ -30,12 +30,12 @@
PROJECT_NAME=freedombone
UPTIME=$(cat /proc/uptime | awk -F '.' '{print $1}')
if [ $UPTIME -gt 120 ]; then
ADMIN_USER=$(cat /root/${PROJECT_NAME}-completed.txt | grep 'Admin user' | awk -F ':' '{print $2}')
UPTIME=$(awk -F '.' '{print $1}' < "/proc/uptime")
if [ "$UPTIME" -gt 120 ]; then
ADMIN_USER=$(grep 'Admin user' /root/${PROJECT_NAME}-completed.txt | awk -F ':' '{print $2}')
MY_EMAIL_ADDRESS=${ADMIN_USER}@$(cat /etc/hostname)
echo "USB device connected on ${DEVPATH}" | mail -s "${PROJECT_NAME} USB canary" ${MY_EMAIL_ADDRESS}
echo "USB device connected on ${DEVPATH}" | mail -s "${PROJECT_NAME} USB canary" "${MY_EMAIL_ADDRESS}"
echo "${ACTION}" > /tmp/usb-canary
echo "${MY_EMAIL_ADDRESS}" >> /tmp/usb-canary
echo "$(date)" >> /tmp/usb-canary
date >> /tmp/usb-canary
fi

37
src/meshavahi
View File

@ -71,17 +71,17 @@ function ipfs_publish {
# include some subdirectories
for dir in $DIR_TO_CHECK/*/
do
REALLY_NEW_STAT="$NEW_STAT$(stat -t $dir)"
REALLY_NEW_STAT="$NEW_STAT$(stat -t "$dir")"
NEW_STAT="$REALLY_NEW_STAT"
for dir2 in "$dir"/*/
do
REALLY_NEW_STAT="$NEW_STAT$(stat -t $dir2)"
REALLY_NEW_STAT="$NEW_STAT$(stat -t "$dir2")"
NEW_STAT="$REALLY_NEW_STAT"
for dir3 in "$dir2"/*/
do
REALLY_NEW_STAT="$NEW_STAT$(stat -t $dir3)"
REALLY_NEW_STAT="$NEW_STAT$(stat -t "$dir3")"
NEW_STAT="$REALLY_NEW_STAT"
done
done
@ -101,7 +101,7 @@ function ipfs_publish {
function ipfs_bootstrap {
# TODO switch to ipv6
cat $TEMPFILE_BASE | grep "ipfs_id\|hostname =\|address =\|port =\|txt =" > $TEMPFILE
grep "ipfs_id\\|hostname =\\|address =\\|port =\\|txt =" "$TEMPFILE_BASE" > "$TEMPFILE"
state=0
address=""
@ -126,13 +126,13 @@ function ipfs_bootstrap {
fi
if [ ${state} -eq "2" ]; then
if [[ $line == *"address ="* ]]; then
address=$(echo $line | awk -F '[' '{print $2}' | awk -F ']' '{print $1}')
address=$(echo "$line" | awk -F '[' '{print $2}' | awk -F ']' '{print $1}')
state=3
fi
fi
if [ ${state} -eq "1" ]; then
if [[ $line == *"hostname ="* ]]; then
peer=$(echo $line | awk -F '[' '{print $2}' | awk -F ']' '{print $1}')
peer=$(echo "$line" | awk -F '[' '{print $2}' | awk -F ']' '{print $1}')
state=2
fi
fi
@ -144,7 +144,7 @@ function ipfs_bootstrap {
# Create a list of user sites, in alphabetical order by Tox nick
if [ -d /home/$MY_USERNAME/Desktop ]; then
if [ -f ${IPFS_USERS_FILE}.new ]; then
sites_list=$(cat ${IPFS_USERS_FILE}.new | sort -d)
sites_list=$(sort -d < "${IPFS_USERS_FILE}.new")
echo "${sites_list}" > ${IPFS_USERS_FILE}
chown $MY_USERNAME:$MY_USERNAME ${IPFS_USERS_FILE}
rm ${IPFS_USERS_FILE}.new
@ -155,7 +155,7 @@ function ipfs_bootstrap {
function detect_new_tox_users {
CURRENT_USERS_FILE=$1
if [ ! -f $CURRENT_USERS_FILE ]; then
if [ ! -f "$CURRENT_USERS_FILE" ]; then
return
fi
@ -170,10 +170,11 @@ function detect_new_tox_users {
if [[ $line != "Failed*" && $line != "data "* && $line != "Anon "* && $line != "anon "* && $line != "anonymous "* && $line != "Anonymous "* ]]; then
if ! grep -q "$line" $PREV_TOX_USERS_FILE; then
# get the nick of the user
toxidstr=$(echo "$line" | awk -F ' ' '{print $(NF)}')
toxuser=$(echo "$line" | sed "s| $toxidstr||g")
toxidstr=$(awk -F ' ' '{print $(NF)}' < "$line")
toxuser=$(sed "s| $toxidstr||g" < "$line")
if [ -r "/home/$MESH_USERNAME/.dbus/Xdbus" ]; then
# shellcheck disable=SC1090
. "/home/$MESH_USERNAME/.dbus/Xdbus"
fi
export DISPLAY=:0.0
@ -186,28 +187,28 @@ function detect_new_tox_users {
fi
# Store the previous tox users list
cp -f $CURRENT_USERS_FILE $PREV_TOX_USERS_FILE
cp -f "$CURRENT_USERS_FILE" "$PREV_TOX_USERS_FILE"
}
function detect_tox_users {
# don't show the first peer field
lstox | awk -F ' ' '{$1=""; print $0}' | sed -e 's/^[[:space:]]*//' | sort -d > $TEMPFILE
lstox | awk -F ' ' '{$1=""; print $0}' | sed -e 's/^[[:space:]]*//' | sort -d > "$TEMPFILE"
detect_new_tox_users $TEMPFILE
detect_new_tox_users "$TEMPFILE"
}
function avahi_extract_info {
# Create a list of bootstrap nodes
avahi-browse -atr > $TEMPFILE_BASE
cat $TEMPFILE_BASE | grep "hostname =\|address =\|port =" > $TEMPFILE
if [ ! -f $TEMPFILE ]; then
avahi-browse -atr > "$TEMPFILE_BASE"
grep "hostname =\\|address =\\|port =" "$TEMPFILE_BASE" > "$TEMPFILE"
if [ ! -f "$TEMPFILE" ]; then
exit 1
fi
}
function avahi_remove_info {
rm -f $TEMPFILE_BASE
rm -f $TEMPFILE
rm -f "$TEMPFILE_BASE"
rm -f "$TEMPFILE"
}
if [ ! -d /etc/avahi ]; then