From 686181d3f46fc1a1ad9e9246d4a2e1117a825c0d Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Fri, 3 Mar 2017 23:25:38 +0000 Subject: [PATCH] Only install a tahoelafs introducer --- src/freedombone-app-tahoelafs | 216 +++++++++------------------------- 1 file changed, 53 insertions(+), 163 deletions(-) diff --git a/src/freedombone-app-tahoelafs b/src/freedombone-app-tahoelafs index 63668d36..a5d14521 100755 --- a/src/freedombone-app-tahoelafs +++ b/src/freedombone-app-tahoelafs @@ -8,7 +8,8 @@ # # Freedom in the Cloud # -# Distributed storage +# Distributed storage system introducer +# http://tahoe-lafs.readthedocs.io/en/latest/anonymity-configuration.html # # License # ======= @@ -37,86 +38,63 @@ TAHOELAFS_REPO="https://github.com/tahoe-lafs/tahoe-lafs" TAHOELAFS_COMMIT='bb782b0331a60de438136a593bba18338d8d866b' TAHOELAFS_PORT=50213 -TAHOELAFS_WEB_PORT=3456 - -# The amount of reserved space for applications other than tahoelafs -TAHOELAFS_STORAGE_SPACE=3G +TAHOELAFS_ONION_PORT=8096 TAHOELAFS_SHARED_DIR='Shared' TAHOE_COMMAND="cd /var/lib/tahoelafs && venv/bin/tahoe" -tahoelafs_variables=(TAHOELAFS_REPO - TAHOELAFS_COMMIT +tahoelafs_variables=(ONION_ONLY + TAHOELAFS_REPO TAHOELAFS_PORT) +function tahoelafs_setup_config { + config_file=$1 + + if ! grep -q "[node]" $config_file; then + echo '' >> $config_file + echo '[node]' >> $config_file + fi + + if ! grep -q "[connections]" $config_file; then + echo '' >> $config_file + echo '[connections]' >> $config_file + fi + + if ! grep -q "reveal-IP-address" $config_file; then + sed -i '/[node]/a reveal-IP-address = False' $config_file + else + sed -i 's|reveal-IP-address.*|reveal-IP-address = False|g' >> $config_file + fi + + if ! grep -q "tcp =" $config_file; then + sed -i '/[connections]/a tcp = tor' $config_file + else + sed -i 's|tcp =.*|tcp = tor|g' >> $config_file + fi + + if ! grep -q "tub.location =" $config_file; then + sed -i '/[node]/a tub.location = disabled' >> $config_file + fi + if ! grep -q "tub.port =" $config_file; then + sed -i "/[node]/a tub.port = tcp:${TAHOELAFS_ONION_PORT}:interface=127.0.0.1" >> $config_file + fi + sed -i "s|tub.port.*|tub.port = tcp:${TAHOELAFS_ONION_PORT}:interface=127.0.0.1|g" >> $config_file + sed -i "s|tub.location.*|tub.location = tor:${TAHOELAFS_ONION_HOSTNAME}:${TAHOELAFS_PORT}|g" >> $config_file + + sed -i "s|nickname =.*|nickname = $HOSTNAME|g" $config_file + + if ! grep -q "[storage]" $config_file; then + echo '' >> $config_file + echo '[storage]' >> $config_file + echo 'enabled = false' >> $config_file + fi +} + function install_interactive_tahoelafs { echo -n '' APP_INSTALLED=1 } -function reconfigure_tahoelafs { - for d in /home/*/ ; do - USERNAME=$(echo "$d" | awk -F '/' '{print $3}') - if [[ $(is_valid_user "$USERNAME") == "1" ]]; then - if [ -d /home/$USERNAME/.tahoe ]; then - su -c "$TAHOE_COMMAND stop" - $USERNAME - rm -rf /home/$USERNAME/.tahoe - fi - - if [ -d /home/$USERNAME/${TAHOELAFS_SHARED_DIR} ]; then - rm -rf /home/$USERNAME/${TAHOELAFS_SHARED_DIR} - fi - - su -c "cd $TAHOE_COMMAND create-node" - $USERNAME - - if [ ! -d /home/$USERNAME/.tahoe ]; then - exit 63722 - fi - - # create a shared directory - if [ ! -d /home/$USERNAME/${TAHOELAFS_SHARED_DIR} ]; then - mkdir /home/$USERNAME/${TAHOELAFS_SHARED_DIR} - chown -R $USERNAME:$USERNAME /home/$USERNAME/${TAHOELAFS_SHARED_DIR} - fi - - TAHOELAFS_CONFIG=/home/$USERNAME/.tahoe/tahoe.cfg - echo '[node]' > $TAHOELAFS_CONFIG - echo "nickname = $USERNAME" >> $TAHOELAFS_CONFIG - echo "web.port = tcp:$TAHOELAFS_WEB_PORT:interface=127.0.0.1" >> $TAHOELAFS_CONFIG - echo 'web.static = public_html' >> $TAHOELAFS_CONFIG - echo "tub.port = tcp:$TAHOELAFS_PORT" >> $TAHOELAFS_CONFIG - echo "tub.location = tcp:$HOSTNAME:$TAHOELAFS_PORT" >> $TAHOELAFS_CONFIG - echo 'timeout.keepalive = 240' >> $TAHOELAFS_CONFIG - echo 'timeout.disconnect = 1800' >> $TAHOELAFS_CONFIG - echo '' >> $TAHOELAFS_CONFIG - echo '[client]' >> $TAHOELAFS_CONFIG - echo 'introducer.furl = None' >> $TAHOELAFS_CONFIG - echo '#helper.furl =' >> $TAHOELAFS_CONFIG - echo '' >> $TAHOELAFS_CONFIG - echo 'shares.needed = 1' >> $TAHOELAFS_CONFIG - echo 'shares.happy = 1' >> $TAHOELAFS_CONFIG - echo 'shares.total = 1' >> $TAHOELAFS_CONFIG - echo '' >> $TAHOELAFS_CONFIG - echo '[storage]' >> $TAHOELAFS_CONFIG - echo 'enabled = true' >> $TAHOELAFS_CONFIG - echo "reserved_space = $TAHOELAFS_STORAGE_SPACE" >> $TAHOELAFS_CONFIG - echo '#expire.enabled = true' >> $TAHOELAFS_CONFIG - echo '#expire.mode =' >> $TAHOELAFS_CONFIG - echo '' >> $TAHOELAFS_CONFIG - echo '[helper]' >> $TAHOELAFS_CONFIG - echo 'enabled = false' >> $TAHOELAFS_CONFIG - echo '' >> $TAHOELAFS_CONFIG - echo '[magic_folder]' >> $TAHOELAFS_CONFIG - echo 'enabled = true' >> $TAHOELAFS_CONFIG - echo "local.directory = /home/${USERNAME}/${TAHOELAFS_SHARED_DIR}" >> $TAHOELAFS_CONFIG - chown $USERNAME:$USERNAME $TAHOELAFS_CONFIG - - su -c "$TAHOE_COMMAND start" - $USERNAME - su -c "$TAHOE_COMMAND magic-folder create $HOSTNAME" - $USERNAME - fi - done -} - function upgrade_tahoelafs { systemctl stop tahoelafs function_check set_repo_commit @@ -187,19 +165,12 @@ function restore_remote_tahoelafs { function remove_tahoelafs { firewall_remove ${TAHOELAFS_PORT} - - for d in /home/*/ ; do - USERNAME=$(echo "$d" | awk -F '/' '{print $3}') - if [ -f /home/$USERNAME/.tahoe ]; then - su -c "$TAHOE_COMMAND stop" - $USERNAME - rm -rf /home/$USERNAME/.tahoe - fi - done - rm -rf /var/lib/tahoelafs - remove_completion_param install_tahoelafs remove_completion_param configure_firewall_for_tahoelafs + function_check remove_onion_service + remove_onion_service tahoelafs ${TAHOELAFS_ONION_PORT} + deluser tahoelafs } function configure_firewall_for_tahoelafs { @@ -210,83 +181,8 @@ function configure_firewall_for_tahoelafs { mark_completed $FUNCNAME } -function tahoelafs_update_script { - update_script_filename=$1 - - echo '#!/bin/bash' > $update_script_filename - echo 'TOX_USERNAME=$(toxid --showuser)' >> $update_script_filename - echo 'PEERS_FILE=$(mktemp /tmp/tahoelafs-peers.XXXXXX)' >> $update_script_filename - echo -n 'avahi-browse -atl | grep "Workstation" | ' >> $update_script_filename - echo -n "awk -F ' ' '{print \$4}' " >> $update_script_filename - echo '| sort -u > $PEERS_FILE' >> $update_script_filename - echo 'if [ ! "$?" = "0" ]; then' >> $update_script_filename - echo ' exit 1' >> $update_script_filename - echo 'fi' >> $update_script_filename - echo '' >> $update_script_filename - echo 'if [ ! -f $PEERS_FILE ]; then' >> $update_script_filename - echo ' exit 0' >> $update_script_filename - echo 'fi' >> $update_script_filename - echo '' >> $update_script_filename - echo 'furl=""' >> $update_script_filename - echo 'while IFS="" read -r line || [[ -n "$line" ]]; do' >> $update_script_filename - echo ' if [[ $furl != "" ]]; then' >> $update_script_filename - echo -n ' furl="$furl,$line:' >> $update_script_filename - echo -n "$TAHOELAFS_PORT" >> $update_script_filename - echo '"' >> $update_script_filename - echo ' else' >> $update_script_filename - echo -n ' furl="$line:' >> $update_script_filename - echo -n "$TAHOELAFS_PORT" >> $update_script_filename - echo '"' >> $update_script_filename - echo ' fi' >> $update_script_filename - echo 'done < "$PEERS_FILE"' >> $update_script_filename - echo '' >> $update_script_filename - echo 'rm $PEERS_FILE' >> $update_script_filename - echo '' >> $update_script_filename - echo 'for d in /home/*/ ; do' >> $update_script_filename - echo -n ' USERNAME=$(echo "$d" | ' >> $update_script_filename - echo "awk -F '/' '{print \$3}')'" >> $update_script_filename - echo ' if [ -f /home/$USERNAME/.tahoe/tahoe.cfg ]; then' >> $update_script_filename - echo ' if ! grep -q "introducer.furl = ${furl}" /home/$USERNAME/.tahoe/tahoe.cfg; then' >> $update_script_filename - echo ' sed -i "s|introducer.furl =.*|introducer.furl = ${furl}|g" /home/$USERNAME/.tahoe/tahoe.cfg' >> $update_script_filename - echo ' sed -i "s|nickname =.*|nickname = ${TOX_USERNAME}|g" /home/$USERNAME/.tahoe/tahoe.cfg' >> $update_script_filename - echo ' chown $USERNAME:$USERNAME /home/$USERNAME/.tahoe/tahoe.cfg' >> $update_script_filename - echo " su -c '$TAHOE_COMMAND restart' - \$USERNAME" >> $update_script_filename - echo ' fi' >> $update_script_filename - echo ' fi' >> $update_script_filename - echo 'done' >> $update_script_filename - echo '' >> $update_script_filename - - echo 'exit 0' >> $update_script_filename - chmod +x $update_script_filename -} - -function mesh_install_tahoelafs { - chroot "$rootdir" apt-get -yq install build-essential python-pip python-dev - chroot "$rootdir" apt-get -yq install libffi-dev libssl-dev python-virtualenv - - git clone $TAHOELAFS_REPO $rootdir/var/lib/tahoelafs - cd $rootdir/var/lib/tahoelafs - git checkout $TAHOELAFS_COMMIT -b $TAHOELAFS_COMMIT - - cat < $rootdir/root/install_tahoelafs -cd /var/lib/tahoelafs -virtualenv venv -venv/bin/pip install --editable . -EOF - chroot "$rootdir" chmod +x /root/install_tahoelafs - chroot "$rootdir" /root/install_tahoelafs - chroot "$rootdir" rm /root/install_tahoelafs - - tahoelafs_update_script $rootdir/usr/bin/update-tahoelafs - - if ! grep -q "update-tahoelafs" $rootdir/etc/crontab; then - echo "*/1 * * * * root /usr/bin/update-tahoelafs 2> /dev/null" >> $rootdir/etc/crontab - fi -} - function install_tahoelafs { if [ $INSTALLING_MESH ]; then - mesh_install_tahoelafs return fi @@ -319,14 +215,8 @@ function install_tahoelafs { exit 62831 fi - sed -i "s|nickname =.*|nickname = $HOSTNAME|g" $TAHOELAFS_CONFIG - - if ! grep -q "[storage]" $TAHOELAFS_CONFIG; then - echo '' >> $TAHOELAFS_CONFIG - echo '[storage]' >> $TAHOELAFS_CONFIG - echo 'enabled = true' >> $TAHOELAFS_CONFIG - echo "reserved_space = $TAHOELAFS_STORAGE_SPACE" >> $TAHOELAFS_CONFIG - fi + TAHOELAFS_ONION_HOSTNAME=$(add_onion_service tahoelafs ${TAHOELAFS_PORT} ${TAHOELAFS_ONION_PORT}) + tahoelafs_setup_config $TAHOELAFS_CONFIG chown -R tahoelafs:tahoelafs /home/tahoelafs