Revert "Remove tahoelafs site password"

This reverts commit 5bab5cded6.
This commit is contained in:
Bob Mottram 2017-03-09 22:40:46 +00:00
parent be4efcfbf5
commit e2af0792d6
3 changed files with 64 additions and 15 deletions

View File

@ -30,9 +30,9 @@ Using cursor keys, space bar and Enter key select *Administrator controls* and t
Select *Add/Remove Apps* then *tahoelafs*. This system is entirely based upon use of onion addresses and so no other demaon names are needed.
* Initial setup
Go to the *About* screen on the *Administrator control panel* and look for the onion address for *tahoelafs* within the list of domains. Enter that into a Tor compatible browser. You can then use the interface to upload files and obtain URLs for them.
Get the login password for your Tahoe-LAFS system by going to *Passwords* on the *Administrator control panel* and selecting *tahoelafs*.
The URL contains the public key needed to decrypt the file. Make a copy of it and then store it somewhere safe, because it won't be stored anywhere else by default and having the URL is the only way to retrieve your file.
Go to the *About* screen on the *Administrator control panel* and look for the onion address for *tahoelafs* within the list of domains. Enter that into a Tor compatible browser. along with your username and the tahoelafs password. You can then use the interface to upload files and obtain URLs for them. The URL contains the public key needed to decrypt the file.
* Adding more servers
You can add more servers to the system to increase its storage capacity. In a typical Tahoe-LAFS new data storage servers are automatically discovered via an introducer node, but that creates a single centralised point of failure. The installation on Freedombone has no introducer node and so details for the servers of your friends need to be entered manually.

View File

@ -15,7 +15,7 @@
# License
# =======
#
# Copyright (C) 2016-2017 Bob Mottram <bob@freedombone.net>
# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
@ -58,6 +58,40 @@ tahoelafs_variables=(ONION_ONLY
TAHOELAFS_SHARES_HAPPY
TAHOELAFS_SHARES_TOTAL)
function add_user_tahoelafs {
if [[ $(app_is_installed tahoelafs) == "0" ]]; then
echo '0'
return
fi
new_username="$1"
new_user_password="$2"
${PROJECT_NAME}-pass -u $new_username -a tahoelafs -p "$new_user_password"
if grep "${new_username}:" /etc/nginx/.htpasswd-tahoelafs; then
sed -i '/${new_username}:/d' /etc/nginx/.htpasswd-tahoelafs
fi
echo "${new_user_password}" | htpasswd -i -s /etc/nginx/.htpasswd-tahoelafs ${new_username}
echo '0'
}
function remove_user_tahoelafs {
remove_username="$1"
${PROJECT_NAME}-pass -u $remove_username --rmapp tahoelafs
if grep "${remove_username}:" /etc/nginx/.htpasswd-tahoelafs; then
sed -i '/${remove_username}:/d' /etc/nginx/.htpasswd-tahoelafs
fi
}
function change_password_tahoelafs {
change_username="$1"
change_password="$2"
${PROJECT_NAME}-pass -u $change_username -a tahoelafs -p "$change_password"
if grep "${change_username}:" /etc/nginx/.htpasswd-tahoelafs; then
sed -i '/tahoe-${change_username}:/d' /etc/nginx/.htpasswd-tahoelafs
fi
echo "${change_password}" | htpasswd -i -s /etc/nginx/.htpasswd-tahoelafs ${change_username}
}
function add_tahoelafs_storage_node_interactive {
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
@ -350,6 +384,9 @@ function remove_tahoelafs {
rm -rf /home/tahoelafs
fi
remove_app tahoelafs
if [ -f /etc/nginx/.htpasswd-tahoelafs ]; then
shred -zu /etc/nginx/.htpasswd-tahoelafs
fi
systemctl reload tor
}
@ -566,6 +603,8 @@ function create_tahoelafs_web {
echo " root /var/www/tahoelafs/htdocs;" >> $tahoelafs_nginx_site
echo '' >> $tahoelafs_nginx_site
echo ' location / {' >> $tahoelafs_nginx_site
echo " # auth_basic \"${TAHOELAFS_LOGIN_TEXT}\";" >> $tahoelafs_nginx_site
echo ' # auth_basic_user_file /etc/nginx/.htpasswd-tahoelafs;' >> $tahoelafs_nginx_site
function_check nginx_limits
nginx_limits tahoelafs '15m'
echo ' rewrite /(.*) /$1 break;' >> $tahoelafs_nginx_site
@ -578,6 +617,16 @@ function create_tahoelafs_web {
echo ' }' >> $tahoelafs_nginx_site
echo '}' >> $tahoelafs_nginx_site
TAHOELAFS_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
${PROJECT_NAME}-pass -u $MY_USERNAME -a tahoelafs -p "$TAHOELAFS_ADMIN_PASSWORD"
if [ ! -f /etc/nginx/.htpasswd-tahoelafs ]; then
touch /etc/nginx/.htpasswd-tahoelafs
fi
if grep "${MY_USERNAME}:" /etc/nginx/.htpasswd-tahoelafs; then
sed -i '/${MY_USERNAME}:/d' /etc/nginx/.htpasswd-tahoelafs
fi
echo "${TAHOELAFS_ADMIN_PASSWORD}" | htpasswd -i -s /etc/nginx/.htpasswd-tahoelafs ${MY_USERNAME}
function_check nginx_ensite
nginx_ensite tahoelafs
systemctl reload nginx

View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2017-03-09 Thu 19:21 -->
<!-- 2017-03-09 Thu 22:39 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title>
@ -251,9 +251,9 @@ for the JavaScript code in this tag.
This is a robust system for encrypted file storage on one or more server. Files are accessed via a URL which contains the public key with which it was encrypted.
</p>
<div id="outline-container-org820575c" class="outline-2">
<h2 id="org820575c">Installation</h2>
<div class="outline-text-2" id="text-org820575c">
<div id="outline-container-org852db43" class="outline-2">
<h2 id="org852db43">Installation</h2>
<div class="outline-text-2" id="text-org852db43">
<p>
Log into your system with:
</p>
@ -273,22 +273,22 @@ Select <b>Add/Remove Apps</b> then <b>tahoelafs</b>. This system is entirely bas
</div>
</div>
<div id="outline-container-org4af4c28" class="outline-2">
<h2 id="org4af4c28">Initial setup</h2>
<div class="outline-text-2" id="text-org4af4c28">
<div id="outline-container-org11f3747" class="outline-2">
<h2 id="org11f3747">Initial setup</h2>
<div class="outline-text-2" id="text-org11f3747">
<p>
Go to the <b>About</b> screen on the <b>Administrator control panel</b> and look for the onion address for <b>tahoelafs</b> within the list of domains. Enter that into a Tor compatible browser. You can then use the interface to upload files and obtain URLs for them.
Get the login password for your Tahoe-LAFS system by going to <b>Passwords</b> on the <b>Administrator control panel</b> and selecting <b>tahoelafs</b>.
</p>
<p>
The URL contains the public key needed to decrypt the file. Make a copy of it and then store it somewhere safe, because it won't be stored anywhere else by default and having the URL is the only way to retrieve your file.
Go to the <b>About</b> screen on the <b>Administrator control panel</b> and look for the onion address for <b>tahoelafs</b> within the list of domains. Enter that into a Tor compatible browser. along with your username and the tahoelafs password. You can then use the interface to upload files and obtain URLs for them. The URL contains the public key needed to decrypt the file.
</p>
</div>
</div>
<div id="outline-container-org0225e9a" class="outline-2">
<h2 id="org0225e9a">Adding more servers</h2>
<div class="outline-text-2" id="text-org0225e9a">
<div id="outline-container-org2810eb5" class="outline-2">
<h2 id="org2810eb5">Adding more servers</h2>
<div class="outline-text-2" id="text-org2810eb5">
<p>
You can add more servers to the system to increase its storage capacity. In a typical Tahoe-LAFS new data storage servers are automatically discovered via an introducer node, but that creates a single centralised point of failure. The installation on Freedombone has no introducer node and so details for the servers of your friends need to be entered manually.
</p>