free
/
freedombonee
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

gpg key generation

This commit is contained in:
Bob Mottram 2014-09-23 16:10:46 +01:00
parent bcf920ee6d
commit 245a43c40c
1 changed files with 91 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

179
install-freedombone.sh
View File

@ -88,40 +88,40 @@ export DEBIAN_FRONTEND=noninteractive
# File which keeps track of what has already been installed # File which keeps track of what has already been installed
COMPLETION_FILE=/root/freedombone-completed.txt COMPLETION_FILE=/root/freedombone-completed.txt
if [ ! -f $COMPLETION_FILE ]; then if [ ! -f $COMPLETION_FILE ]; then
touch $COMPLETION_FILE touch $COMPLETION_FILE
fi fi
function argument_checks { function argument_checks {
SYNTAX='./install-freedombone.sh [domain] [username] [subdomain code]' SYNTAX='./install-freedombone.sh [domain] [username] [subdomain code]'
if [ ! -d /home/$MY_USERNAME ]; then if [ ! -d /home/$MY_USERNAME ]; then
echo "There is no user '$MY_USERNAME' on the system. Use 'adduser $MY_USERNAME' to create the user." echo "There is no user '$MY_USERNAME' on the system. Use 'adduser $MY_USERNAME' to create the user."
exit 1 exit 1
fi fi
if [ ! $DOMAIN_NAME ]; then if [ ! $DOMAIN_NAME ]; then
echo '' echo ''
echo $SYNTAX echo $SYNTAX
echo 'Please specify your domain name' echo 'Please specify your domain name'
exit 2 exit 2
fi fi
if [ ! $MY_USERNAME ]; then if [ ! $MY_USERNAME ]; then
echo '' echo ''
echo $SYNTAX echo $SYNTAX
echo 'Please specify your username' echo 'Please specify your username'
exit 3 exit 3
fi fi
if [ ! $FREEDNS_SUBDOMAIN_CODE ]; then if [ ! $FREEDNS_SUBDOMAIN_CODE ]; then
echo '' echo ''
echo $SYNTAX echo $SYNTAX
echo 'Please specify the freedns subdomain code. To find it from ' echo 'Please specify the freedns subdomain code. To find it from '
echo "https://freedns.afraid.org select 'Dynamic DNS', then 'quick " echo "https://freedns.afraid.org select 'Dynamic DNS', then 'quick "
echo "cron example' and copy the code located between '?' and '=='." echo "cron example' and copy the code located between '?' and '=='."
exit 4 exit 4
fi fi
} }
function change_login_message { function change_login_message {
if grep -Fxq "change_login_message" $COMPLETION_FILE; then if grep -Fxq "change_login_message" $COMPLETION_FILE; then
return return
fi fi
echo '' > /etc/motd echo '' > /etc/motd
echo ".---. . . " >> /etc/motd echo ".---. . . " >> /etc/motd
@ -137,7 +137,7 @@ function change_login_message {
function remove_proprietary_repos { function remove_proprietary_repos {
if grep -Fxq "remove_proprietary_repos" $COMPLETION_FILE; then if grep -Fxq "remove_proprietary_repos" $COMPLETION_FILE; then
return return
fi fi
sed -i 's/ non-free//g' /etc/apt/sources.list sed -i 's/ non-free//g' /etc/apt/sources.list
echo 'remove_proprietary_repos' >> $COMPLETION_FILE echo 'remove_proprietary_repos' >> $COMPLETION_FILE
@ -145,7 +145,7 @@ function remove_proprietary_repos {
function change_debian_repos { function change_debian_repos {
if grep -Fxq "change_debian_repos" $COMPLETION_FILE; then if grep -Fxq "change_debian_repos" $COMPLETION_FILE; then
return return
fi fi
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*
apt-get clean apt-get clean
@ -156,12 +156,12 @@ function change_debian_repos {
if grep -q "jessie" /etc/apt/sources.list; then if grep -q "jessie" /etc/apt/sources.list; then
echo "deb http://security.debian.org/ jessie/updates main contrib" >> /etc/apt/sources.list echo "deb http://security.debian.org/ jessie/updates main contrib" >> /etc/apt/sources.list
echo "#deb-src http://security.debian.org/ jessie/updates main contrib" >> /etc/apt/sources.list echo "#deb-src http://security.debian.org/ jessie/updates main contrib" >> /etc/apt/sources.list
else else
if grep -q "wheezy" /etc/apt/sources.list; then if grep -q "wheezy" /etc/apt/sources.list; then
echo "deb http://security.debian.org/ wheezy/updates main contrib" >> /etc/apt/sources.list echo "deb http://security.debian.org/ wheezy/updates main contrib" >> /etc/apt/sources.list
echo "#deb-src http://security.debian.org/ wheezy/updates main contrib" >> /etc/apt/sources.list echo "#deb-src http://security.debian.org/ wheezy/updates main contrib" >> /etc/apt/sources.list
fi fi
fi fi
fi fi
apt-get update apt-get update
@ -171,7 +171,7 @@ function change_debian_repos {
function initial_setup { function initial_setup {
if grep -Fxq "initial_setup" $COMPLETION_FILE; then if grep -Fxq "initial_setup" $COMPLETION_FILE; then
return return
fi fi
apt-get -y remove --purge apache* apt-get -y remove --purge apache*
apt-get -y dist-upgrade apt-get -y dist-upgrade
@ -181,7 +181,7 @@ function initial_setup {
function install_editor { function install_editor {
if grep -Fxq "install_editor" $COMPLETION_FILE; then if grep -Fxq "install_editor" $COMPLETION_FILE; then
return return
fi fi
update-alternatives --set editor /usr/bin/emacs24 update-alternatives --set editor /usr/bin/emacs24
echo 'install_editor' >> $COMPLETION_FILE echo 'install_editor' >> $COMPLETION_FILE
@ -189,7 +189,7 @@ function install_editor {
function enable_backports { function enable_backports {
if grep -Fxq "enable_backports" $COMPLETION_FILE; then if grep -Fxq "enable_backports" $COMPLETION_FILE; then
return return
fi fi
if ! grep -Fxq "deb http://$DEBIAN_REPO/debian jessie-backports main" /etc/apt/sources.list; then if ! grep -Fxq "deb http://$DEBIAN_REPO/debian jessie-backports main" /etc/apt/sources.list; then
echo "deb http://$DEBIAN_REPO/debian jessie-backports main" >> /etc/apt/sources.list echo "deb http://$DEBIAN_REPO/debian jessie-backports main" >> /etc/apt/sources.list
@ -199,7 +199,7 @@ function enable_backports {
function update_the_kernel { function update_the_kernel {
if grep -Fxq "update_the_kernel" $COMPLETION_FILE; then if grep -Fxq "update_the_kernel" $COMPLETION_FILE; then
return return
fi fi
cd /opt/scripts/tools cd /opt/scripts/tools
./update_kernel.sh --kernel $KERNEL_VERSION ./update_kernel.sh --kernel $KERNEL_VERSION
@ -208,7 +208,7 @@ function update_the_kernel {
function enable_zram { function enable_zram {
if grep -Fxq "enable_zram" $COMPLETION_FILE; then if grep -Fxq "enable_zram" $COMPLETION_FILE; then
return return
fi fi
if ! grep -q "options zram num_devices=1" /etc/modprobe.d/zram.conf; then if ! grep -q "options zram num_devices=1" /etc/modprobe.d/zram.conf; then
echo 'options zram num_devices=1' >> /etc/modprobe.d/zram.conf echo 'options zram num_devices=1' >> /etc/modprobe.d/zram.conf
@ -287,20 +287,20 @@ function enable_zram {
function random_number_generator { function random_number_generator {
if grep -Fxq "random_number_generator" $COMPLETION_FILE; then if grep -Fxq "random_number_generator" $COMPLETION_FILE; then
return return
fi fi
if [ $USE_HWRNG == "yes" ]; then if [ $USE_HWRNG == "yes" ]; then
apt-get -y --force-yes install rng-tools apt-get -y --force-yes install rng-tools
sed -i 's|#HRNGDEVICE=/dev/hwrng|HRNGDEVICE=/dev/hwrng|g' /etc/default/rng-tools sed -i 's|#HRNGDEVICE=/dev/hwrng|HRNGDEVICE=/dev/hwrng|g' /etc/default/rng-tools
else else
apt-get -y --force-yes install haveged apt-get -y --force-yes install haveged
fi fi
echo 'random_number_generator' >> $COMPLETION_FILE echo 'random_number_generator' >> $COMPLETION_FILE
} }
function configure_ssh { function configure_ssh {
if grep -Fxq "configure_ssh" $COMPLETION_FILE; then if grep -Fxq "configure_ssh" $COMPLETION_FILE; then
return return
fi fi
sed -i "s/Port 22/Port $SSH_PORT/g" /etc/ssh/sshd_config sed -i "s/Port 22/Port $SSH_PORT/g" /etc/ssh/sshd_config
sed -i 's/PermitRootLogin without-password/PermitRootLogin no/g' /etc/ssh/sshd_config sed -i 's/PermitRootLogin without-password/PermitRootLogin no/g' /etc/ssh/sshd_config
@ -327,7 +327,7 @@ function configure_ssh {
function regenerate_ssh_keys { function regenerate_ssh_keys {
if grep -Fxq "regenerate_ssh_keys" $COMPLETION_FILE; then if grep -Fxq "regenerate_ssh_keys" $COMPLETION_FILE; then
return return
fi fi
rm -f /etc/ssh/ssh_host_* rm -f /etc/ssh/ssh_host_*
dpkg-reconfigure openssh-server dpkg-reconfigure openssh-server
@ -337,7 +337,7 @@ function regenerate_ssh_keys {
function configure_dns { function configure_dns {
if grep -Fxq "configure_dns" $COMPLETION_FILE; then if grep -Fxq "configure_dns" $COMPLETION_FILE; then
return return
fi fi
echo 'domain localdomain' > /etc/resolv.conf echo 'domain localdomain' > /etc/resolv.conf
echo 'search localdomain' >> /etc/resolv.conf echo 'search localdomain' >> /etc/resolv.conf
@ -348,7 +348,7 @@ function configure_dns {
function set_your_domain_name { function set_your_domain_name {
if grep -Fxq "set_your_domain_name" $COMPLETION_FILE; then if grep -Fxq "set_your_domain_name" $COMPLETION_FILE; then
return return
fi fi
echo "$DOMAIN_NAME" > /etc/hostname echo "$DOMAIN_NAME" > /etc/hostname
hostname $DOMAIN_NAME hostname $DOMAIN_NAME
@ -359,7 +359,7 @@ function set_your_domain_name {
function time_synchronisation { function time_synchronisation {
if grep -Fxq "time_synchronisation" $COMPLETION_FILE; then if grep -Fxq "time_synchronisation" $COMPLETION_FILE; then
return return
fi fi
apt-get -y --force-yes install tlsdate apt-get -y --force-yes install tlsdate
apt-get -y remove ntpdate apt-get -y remove ntpdate
@ -474,7 +474,7 @@ function time_synchronisation {
function configure_firewall { function configure_firewall {
if grep -Fxq "configure_firewall" $COMPLETION_FILE; then if grep -Fxq "configure_firewall" $COMPLETION_FILE; then
return return
fi fi
iptables -P INPUT ACCEPT iptables -P INPUT ACCEPT
ip6tables -P INPUT ACCEPT ip6tables -P INPUT ACCEPT
@ -500,7 +500,7 @@ function save_firewall_settings {
function configure_firewall_for_dns { function configure_firewall_for_dns {
if grep -Fxq "configure_firewall_for_dns" $COMPLETION_FILE; then if grep -Fxq "configure_firewall_for_dns" $COMPLETION_FILE; then
return return
fi fi
iptables -A INPUT -i eth0 -p udp -m udp --dport 1024:65535 --sport 53 -j ACCEPT iptables -A INPUT -i eth0 -p udp -m udp --dport 1024:65535 --sport 53 -j ACCEPT
save_firewall_settings save_firewall_settings
@ -509,7 +509,7 @@ function configure_firewall_for_dns {
function configure_firewall_for_ftp { function configure_firewall_for_ftp {
if grep -Fxq "configure_firewall_for_ftp" $COMPLETION_FILE; then if grep -Fxq "configure_firewall_for_ftp" $COMPLETION_FILE; then
return return
fi fi
iptables -I INPUT -i eth0 -p tcp --dport 1024:65535 --sport 20:21 -j ACCEPT iptables -I INPUT -i eth0 -p tcp --dport 1024:65535 --sport 20:21 -j ACCEPT
save_firewall_settings save_firewall_settings
@ -518,7 +518,7 @@ function configure_firewall_for_ftp {
function configure_firewall_for_web { function configure_firewall_for_web {
if grep -Fxq "configure_firewall_for_web" $COMPLETION_FILE; then if grep -Fxq "configure_firewall_for_web" $COMPLETION_FILE; then
return return
fi fi
iptables -A INPUT -i eth0 -p tcp --dport 32768:61000 --sport 80 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 32768:61000 --sport 80 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 32768:61000 --sport 443 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 32768:61000 --sport 443 -j ACCEPT
@ -528,7 +528,7 @@ function configure_firewall_for_web {
function configure_firewall_for_ssh { function configure_firewall_for_ssh {
if grep -Fxq "configure_firewall_for_ssh" $COMPLETION_FILE; then if grep -Fxq "configure_firewall_for_ssh" $COMPLETION_FILE; then
return return
fi fi
iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport $SSH_PORT -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport $SSH_PORT -j ACCEPT
@ -538,7 +538,7 @@ function configure_firewall_for_ssh {
function configure_firewall_for_git { function configure_firewall_for_git {
if grep -Fxq "configure_firewall_for_git" $COMPLETION_FILE; then if grep -Fxq "configure_firewall_for_git" $COMPLETION_FILE; then
return return
fi fi
iptables -A INPUT -i eth0 -p tcp --dport 9418 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 9418 -j ACCEPT
save_firewall_settings save_firewall_settings
@ -547,7 +547,7 @@ function configure_firewall_for_git {
function configure_firewall_for_email { function configure_firewall_for_email {
if grep -Fxq "configure_firewall_for_email" $COMPLETION_FILE; then if grep -Fxq "configure_firewall_for_email" $COMPLETION_FILE; then
return return
fi fi
iptables -A INPUT -i eth0 -p tcp --dport 25 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 25 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 587 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 587 -j ACCEPT
@ -559,7 +559,7 @@ function configure_firewall_for_email {
function configure_internet_protocol { function configure_internet_protocol {
if grep -Fxq "configure_internet_protocol" $COMPLETION_FILE; then if grep -Fxq "configure_internet_protocol" $COMPLETION_FILE; then
return return
fi fi
sed -i "s/#net.ipv4.tcp_syncookies=1/net.ipv4.tcp_syncookies=1/g" /etc/sysctl.conf sed -i "s/#net.ipv4.tcp_syncookies=1/net.ipv4.tcp_syncookies=1/g" /etc/sysctl.conf
sed -i "s/#net.ipv4.conf.all.accept_redirects = 0/net.ipv4.conf.all.accept_redirects = 0/g" /etc/sysctl.conf sed -i "s/#net.ipv4.conf.all.accept_redirects = 0/net.ipv4.conf.all.accept_redirects = 0/g" /etc/sysctl.conf
@ -587,7 +587,7 @@ function configure_internet_protocol {
function script_to_make_self_signed_certificates { function script_to_make_self_signed_certificates {
if grep -Fxq "script_to_make_self_signed_certificates" $COMPLETION_FILE; then if grep -Fxq "script_to_make_self_signed_certificates" $COMPLETION_FILE; then
return return
fi fi
echo '#!/bin/bash' > /usr/bin/makecert echo '#!/bin/bash' > /usr/bin/makecert
echo 'HOSTNAME=$1' >> /usr/bin/makecert echo 'HOSTNAME=$1' >> /usr/bin/makecert
@ -623,7 +623,7 @@ function script_to_make_self_signed_certificates {
function configure_email { function configure_email {
if grep -Fxq "configure_email" $COMPLETION_FILE; then if grep -Fxq "configure_email" $COMPLETION_FILE; then
return return
fi fi
apt-get -y remove postfix apt-get -y remove postfix
apt-get -y --force-yes install exim4 sasl2-bin swaks libnet-ssleay-perl procmail apt-get -y --force-yes install exim4 sasl2-bin swaks libnet-ssleay-perl procmail
@ -687,19 +687,19 @@ function configure_email {
mkdir -m 700 /home/$MY_USERNAME/Maildir/new mkdir -m 700 /home/$MY_USERNAME/Maildir/new
mkdir -m 700 /home/$MY_USERNAME/Maildir/Sent mkdir -m 700 /home/$MY_USERNAME/Maildir/Sent
mkdir -m 700 /home/$MY_USERNAME/Maildir/Sent/cur mkdir -m 700 /home/$MY_USERNAME/Maildir/Sent/cur
mkdir -m 700 /home/$MY_USERNAME/Maildir/Sent/tmp mkdir -m 700 /home/$MY_USERNAME/Maildir/Sent/tmp
mkdir -m 700 /home/$MY_USERNAME/Maildir/Sent/new mkdir -m 700 /home/$MY_USERNAME/Maildir/Sent/new
mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-spam mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-spam
mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-spam/cur mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-spam/cur
mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-spam/new mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-spam/new
mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-spam/tmp mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-spam/tmp
mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-ham mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-ham
mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-ham/cur mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-ham/cur
mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-ham/new mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-ham/new
mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-ham/tmp mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-ham/tmp
ln -s /home/$MY_USERNAME/Maildir/.learn-spam /home/$MY_USERNAME/Maildir/spam ln -s /home/$MY_USERNAME/Maildir/.learn-spam /home/$MY_USERNAME/Maildir/spam
ln -s /home/$MY_USERNAME/Maildir/.learn-ham /home/$MY_USERNAME/Maildir/ham ln -s /home/$MY_USERNAME/Maildir/.learn-ham /home/$MY_USERNAME/Maildir/ham
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/Maildir chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/Maildir
fi fi
echo 'configure_email' >> $COMPLETION_FILE echo 'configure_email' >> $COMPLETION_FILE
} }
@ -707,7 +707,7 @@ function configure_email {
function spam_filtering { function spam_filtering {
# NOTE: spamassassin installation currently doesn't work, sa-compile fails with a make error 23/09/2014 # NOTE: spamassassin installation currently doesn't work, sa-compile fails with a make error 23/09/2014
if grep -Fxq "spam_filtering" $COMPLETION_FILE; then if grep -Fxq "spam_filtering" $COMPLETION_FILE; then
return return
fi fi
apt-get -y --force-yes install exim4-daemon-heavy apt-get -y --force-yes install exim4-daemon-heavy
apt-get -y --force-yes install spamassassin apt-get -y --force-yes install spamassassin
@ -803,7 +803,7 @@ function spam_filtering {
function configure_imap { function configure_imap {
if grep -Fxq "configure_imap" $COMPLETION_FILE; then if grep -Fxq "configure_imap" $COMPLETION_FILE; then
return return
fi fi
apt-get -y --force-yes install dovecot-common dovecot-imapd apt-get -y --force-yes install dovecot-common dovecot-imapd
makecert dovecot makecert dovecot
@ -828,14 +828,14 @@ function configure_imap {
function configure_gpg { function configure_gpg {
if grep -Fxq "configure_gpg" $COMPLETION_FILE; then if grep -Fxq "configure_gpg" $COMPLETION_FILE; then
return return
fi fi
apt-get -y --force-yes install gnupg apt-get -y --force-yes install gnupg
if [ ! -d /home/$MY_USERNAME/.gnupg ]; then if [ ! -d /home/$MY_USERNAME/.gnupg ]; then
mkdir /home/$MY_USERNAME/.gnupg mkdir /home/$MY_USERNAME/.gnupg
echo 'keyserver hkp://keys.gnupg.net' >> /home/$MY_USERNAME/.gnupg/gpg.conf echo 'keyserver hkp://keys.gnupg.net' >> /home/$MY_USERNAME/.gnupg/gpg.conf
echo 'keyserver-options auto-key-retrieve' >> /home/$MY_USERNAME/.gnupg/gpg.conf echo 'keyserver-options auto-key-retrieve' >> /home/$MY_USERNAME/.gnupg/gpg.conf
fi fi
sed -i "s|keyserver hkp://keys.gnupg.net|keyserver $GPG_KEYSERVER|g" /home/$MY_USERNAME/.gnupg/gpg.conf sed -i "s|keyserver hkp://keys.gnupg.net|keyserver $GPG_KEYSERVER|g" /home/$MY_USERNAME/.gnupg/gpg.conf
@ -851,34 +851,37 @@ function configure_gpg {
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg
if [[ $MY_GPG_PUBLIC_KEY && $MY_GPG_PRIVATE_KEY ]]; then if [[ $MY_GPG_PUBLIC_KEY && $MY_GPG_PRIVATE_KEY ]]; then
# use your existing GPG keys which were exported # use your existing GPG keys which were exported
if [ ! -f $MY_GPG_PUBLIC_KEY ]; then if [ ! -f $MY_GPG_PUBLIC_KEY ]; then
echo "GPG public key file $MY_GPG_PUBLIC_KEY was not found" echo "GPG public key file $MY_GPG_PUBLIC_KEY was not found"
exit 5 exit 5
fi fi
if [ ! -f $MY_GPG_PRIVATE_KEY ]; then if [ ! -f $MY_GPG_PRIVATE_KEY ]; then
echo "GPG private key file $MY_GPG_PRIVATE_KEY was not found" echo "GPG private key file $MY_GPG_PRIVATE_KEY was not found"
exit 6 exit 6
fi fi
su - $MY_USERNAME gpg --import $MY_GPG_PUBLIC_KEY su - $MY_USERNAME gpg --import $MY_GPG_PUBLIC_KEY
su - $MY_USERNAME gpg --allow-secret-key-import --import $MY_GPG_PRIVATE_KEY su - $MY_USERNAME gpg --allow-secret-key-import --import $MY_GPG_PRIVATE_KEY
# for security ensure that the private key file doesn't linger around # for security ensure that the private key file doesn't linger around
shred -zu $MY_GPG_PRIVATE_KEY shred -zu $MY_GPG_PRIVATE_KEY
else else
# Generate a GPG key # Generate a GPG key
echo "%echo Generating a GPG key for `hostname --fqdn`" > /home/$MY_USERNAME/gpg-genkey.conf umask 0277
echo 'Key-Type: RSA' >> /home/$MY_USERNAME/gpg-genkey.conf cat << EOF > /tmp/$MY_USERNAME-gpg-genkey.conf
echo 'Key-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf %echo Generating a GPG key
echo 'Subkey-Type: ELG-E' >> /home/$MY_USERNAME/gpg-genkey.conf Key-Type: RSA
echo 'Subkey-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf Key-Length: 4096
echo 'Name-Real: `hostname --fqdn`' >> /home/$MY_USERNAME/gpg-genkey.conf Subkey-Type: ELG-E
echo "Name-Email: $MY_USERNAME@$DOMAIN_NAME" >> /home/$MY_USERNAME/gpg-genkey.conf Subkey-Length: 4096
echo 'Expire-Date: 0' >> /home/$MY_USERNAME/gpg-genkey.conf Name-Real: `hostname --fqdn`
echo '%commit' >> /home/$MY_USERNAME/gpg-genkey.conf Name-Email: $MY_USERNAME@`hostname --fqdn`
echo '%echo Done' >> /home/$MY_USERNAME/gpg-genkey.conf Expire-Date: 0
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/gpg-genkey.conf %commit
su - $MY_USERNAME gpg --batch --gen-key /home/$MY_USERNAME/gpg-genkey.conf %echo Done
shred -zu /home/$MY_USERNAME/gpg-genkey.conf EOF
umask 0002
su $MY_USERNAME gpg --batch --gen-key /tmp/$MY_USERNAME-gpg-genkey.conf > gpg-keygen.log 2> gpg-keygen_error.log
shred -zu /tmp/$MY_USERNAME-gpg-genkey.conf
fi fi
echo 'configure_gpg' >> $COMPLETION_FILE echo 'configure_gpg' >> $COMPLETION_FILE
@ -886,7 +889,7 @@ function configure_gpg {
function email_client { function email_client {
if grep -Fxq "email_client" $COMPLETION_FILE; then if grep -Fxq "email_client" $COMPLETION_FILE; then
return return
fi fi
apt-get -y --force-yes install mutt-patched lynx abook apt-get -y --force-yes install mutt-patched lynx abook
if [ ! -d /home/$MY_USERNAME/.mutt ]; then if [ ! -d /home/$MY_USERNAME/.mutt ]; then
@ -987,7 +990,7 @@ function email_client {
function folders_for_mailing_lists { function folders_for_mailing_lists {
if grep -Fxq "folders_for_mailing_lists" $COMPLETION_FILE; then if grep -Fxq "folders_for_mailing_lists" $COMPLETION_FILE; then
return return
fi fi
echo '#!/bin/bash' > /usr/bin/mailinglistrule echo '#!/bin/bash' > /usr/bin/mailinglistrule
echo 'MYUSERNAME=$1' >> /usr/bin/mailinglistrule echo 'MYUSERNAME=$1' >> /usr/bin/mailinglistrule
@ -1023,7 +1026,7 @@ function folders_for_mailing_lists {
function folders_for_email_addresses { function folders_for_email_addresses {
if grep -Fxq "folders_for_email_addresses" $COMPLETION_FILE; then if grep -Fxq "folders_for_email_addresses" $COMPLETION_FILE; then
return return
fi fi
echo '#!/bin/bash' > /usr/bin/emailrule echo '#!/bin/bash' > /usr/bin/emailrule
echo 'MYUSERNAME=$1' >> /usr/bin/emailrule echo 'MYUSERNAME=$1' >> /usr/bin/emailrule
@ -1059,7 +1062,7 @@ function folders_for_email_addresses {
function dynamic_dns_freedns { function dynamic_dns_freedns {
if grep -Fxq "dynamic_dns_freedns" $COMPLETION_FILE; then if grep -Fxq "dynamic_dns_freedns" $COMPLETION_FILE; then
return return
fi fi
echo '#!/bin/bash' > /usr/bin/dynamicdns echo '#!/bin/bash' > /usr/bin/dynamicdns
@ -1070,7 +1073,7 @@ function dynamic_dns_freedns {
chmod +x /usr/bin/dynamicdns chmod +x /usr/bin/dynamicdns
if ! grep -q "dynamicdns" /etc/crontab; then if ! grep -q "dynamicdns" /etc/crontab; then
sed -i '/# m h dom mon dow user command/a\*/5 * * * * root /usr/bin/timeout 240 /usr/bin/dynamicdns' /etc/crontab sed -i '/# m h dom mon dow user command/a\*/5 * * * * root /usr/bin/timeout 240 /usr/bin/dynamicdns' /etc/crontab
fi fi
service cron restart service cron restart
echo 'dynamic_dns_freedns' >> $COMPLETION_FILE echo 'dynamic_dns_freedns' >> $COMPLETION_FILE
@ -1078,7 +1081,7 @@ function dynamic_dns_freedns {
function install_final { function install_final {
if grep -Fxq "install_final" $COMPLETION_FILE; then if grep -Fxq "install_final" $COMPLETION_FILE; then
return return
fi fi
echo 'install_final' >> $COMPLETION_FILE echo 'install_final' >> $COMPLETION_FILE
echo '' echo ''