From f984d0297dc2be1b041e68139f4926dbbd1dc754 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Wed, 10 Aug 2016 22:16:34 +0100 Subject: [PATCH] Global rate limit for tcp --- src/freedombone-mesh-batman | 11 + src/freedombone-mesh-reset | 26 +- src/freedombone-utils-firewall | 17 +- src/freedombone-utils-setup | 685 +++++++++++++++++---------------- 4 files changed, 383 insertions(+), 356 deletions(-) diff --git a/src/freedombone-mesh-batman b/src/freedombone-mesh-batman index f8c0aee0..3b99417c 100755 --- a/src/freedombone-mesh-batman +++ b/src/freedombone-mesh-batman @@ -89,6 +89,15 @@ if [ -e /etc/default/batctl ]; then . /etc/default/batctl fi +function global_rate_limit { + if ! grep -q "tcp_challenge_ack_limit" /etc/sysctl.conf; then + echo 'net.ipv4.tcp_challenge_ack_limit = 999999999' >> /etc/sysctl.conf + else + sed -i 's|net.ipv4.tcp_challenge_ack_limit.*|net.ipv4.tcp_challenge_ack_limit = 999999999|g' /etc/sysctl.conf + fi + sysctl -p +} + function status { batctl o } @@ -175,6 +184,8 @@ function start { sudo rm /etc/avahi/services/udisks.service fi + global_rate_limit + # Might have to re-enable wifi rfkill unblock $(rfkill list|awk -F: "/phy/ {print $1}") || true diff --git a/src/freedombone-mesh-reset b/src/freedombone-mesh-reset index fbd8dee4..dbbbabeb 100755 --- a/src/freedombone-mesh-reset +++ b/src/freedombone-mesh-reset @@ -32,19 +32,23 @@ export TEXTDOMAIN=${PROJECT_NAME}-mesh-reset export TEXTDOMAINDIR="/usr/share/locale" dialog --title $"New Identity" \ - --backtitle $"Freedombone Mesh" \ - --defaultno \ - --yesno $"\nDo you want to reset your identity? This will reset ALL data for this peer, and you will not be able to recover it." 8 60 + --backtitle $"Freedombone Mesh" \ + --defaultno \ + --yesno $"\nDo you want to reset your identity? This will reset ALL data for this peer, and you will not be able to recover it." 8 60 sel=$? case $sel in - 0) sudo pkill qtox - sudo pkill firefox - sudo pkill iceweasel - sudo ${PROJECT_NAME}-image-mesh $USER new - sudo batman restart - dialog --title $"New Identity" \ - --msgbox $"You now have a new identity" 6 40 - ;; + 0) sudo pkill qtox + sudo pkill firefox + sudo pkill iceweasel + sudo ${PROJECT_NAME}-image-mesh $USER new + sudo batman restart + if [ -f $HOME/mesh-desktop.sh ]; then + $HOME/mesh-desktop.sh + else + dialog --title $"New Identity" \ + --msgbox $"You now have a new identity" 6 40 + fi + ;; esac exit 0 diff --git a/src/freedombone-utils-firewall b/src/freedombone-utils-firewall index 1f994caf..c6dea8c0 100755 --- a/src/freedombone-utils-firewall +++ b/src/freedombone-utils-firewall @@ -37,6 +37,15 @@ function save_firewall_settings { chmod +x /etc/network/if-up.d/iptables } +function global_rate_limit { + if ! grep -q "tcp_challenge_ack_limit" /etc/sysctl.conf; then + echo 'net.ipv4.tcp_challenge_ack_limit = 999999999' >> /etc/sysctl.conf + else + sed -i 's|net.ipv4.tcp_challenge_ack_limit.*|net.ipv4.tcp_challenge_ack_limit = 999999999|g' /etc/sysctl.conf + fi + sysctl -p +} + function enable_ipv6 { # endure that ipv6 is enabled and can route sed -i 's/net.ipv6.conf.all.disable_ipv6.*/net.ipv6.conf.all.disable_ipv6 = 0/g' /etc/sysctl.conf @@ -47,10 +56,10 @@ function enable_ipv6 { } function configure_firewall { - if [ $INSTALLING_MESH ]; then - mesh_firewall - return - fi + if [ $INSTALLING_MESH ]; then + mesh_firewall + return + fi if grep -q "RELATED" /etc/firewall.conf; then # recreate the firewall to remove RELATED sed -i "/firewall/d" $COMPLETION_FILE diff --git a/src/freedombone-utils-setup b/src/freedombone-utils-setup index 2b5db6fe..afa5c741 100755 --- a/src/freedombone-utils-setup +++ b/src/freedombone-utils-setup @@ -87,474 +87,477 @@ CHECK_MESSAGE="Check your internet connection, /etc/network/interfaces and /etc/ DH_KEYLENGTH=2048 function initial_setup { - if grep -Fxq "initial_setup" $COMPLETION_FILE; then - return - fi + if grep -Fxq "initial_setup" $COMPLETION_FILE; then + return + fi - apt-get -y remove --purge apache* - apt-get -y dist-upgrade - apt-get -y install ca-certificates emacs24 cpulimit - apt-get -y install cryptsetup libgfshare-bin obnam sshpass wget - apt-get -y install avahi-daemon avahi-utils avahi-discover - apt-get -y install connect-proxy + apt-get -y remove --purge apache* + apt-get -y dist-upgrade + apt-get -y install ca-certificates emacs24 cpulimit + apt-get -y install cryptsetup libgfshare-bin obnam sshpass wget + apt-get -y install avahi-daemon avahi-utils avahi-discover + apt-get -y install connect-proxy - if [ ! -d $INSTALL_DIR ]; then - mkdir -p $INSTALL_DIR - fi + if [ ! -d $INSTALL_DIR ]; then + mkdir -p $INSTALL_DIR + fi - echo 'initial_setup' >> $COMPLETION_FILE + echo 'initial_setup' >> $COMPLETION_FILE } function search_for_attached_usb_drive { - # If a USB drive is attached then search for email, - # gpg, ssh keys and emacs configuration - if grep -Fxq "search_for_attached_usb_drive" $COMPLETION_FILE; then - return - fi - if [ -b $USB_DRIVE ]; then - if [ ! -d $USB_MOUNT ]; then - echo $'Mounting USB drive' - mkdir $USB_MOUNT - mount $USB_DRIVE $USB_MOUNT - fi - if ! [[ $SYSTEM_TYPE == "$VARIANT_WRITER" || $SYSTEM_TYPE == "$VARIANT_CLOUD" || $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_SOCIAL" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_DEVELOPER" || $SYSTEM_TYPE == "$VARIANT_MESH" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" ]]; then - if [ -d $USB_MOUNT/Maildir ]; then - echo $'Maildir found on USB drive' - IMPORT_MAILDIR=$USB_MOUNT/Maildir - fi - if [ -d $USB_MOUNT/.gnupg ]; then - echo $'Importing GPG keyring' - cp -r $USB_MOUNT/.gnupg /home/$MY_USERNAME - chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg - GPG_KEYS_IMPORTED="yes" - if [ ! -f /home/$MY_USERNAME/.gnupg/secring.gpg ]; then - echo $'GPG files did not copy' - exit 73529 - fi - fi + # If a USB drive is attached then search for email, + # gpg, ssh keys and emacs configuration + if grep -Fxq "search_for_attached_usb_drive" $COMPLETION_FILE; then + return + fi + if [ -b $USB_DRIVE ]; then + if [ ! -d $USB_MOUNT ]; then + echo $'Mounting USB drive' + mkdir $USB_MOUNT + mount $USB_DRIVE $USB_MOUNT + fi + if ! [[ $SYSTEM_TYPE == "$VARIANT_WRITER" || $SYSTEM_TYPE == "$VARIANT_CLOUD" || $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_SOCIAL" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_DEVELOPER" || $SYSTEM_TYPE == "$VARIANT_MESH" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" ]]; then + if [ -d $USB_MOUNT/Maildir ]; then + echo $'Maildir found on USB drive' + IMPORT_MAILDIR=$USB_MOUNT/Maildir + fi + if [ -d $USB_MOUNT/.gnupg ]; then + echo $'Importing GPG keyring' + cp -r $USB_MOUNT/.gnupg /home/$MY_USERNAME + chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg + GPG_KEYS_IMPORTED="yes" + if [ ! -f /home/$MY_USERNAME/.gnupg/secring.gpg ]; then + echo $'GPG files did not copy' + exit 73529 + fi + fi - if [ -f $USB_MOUNT/.procmailrc ]; then - echo $'Importing procmail settings' - cp $USB_MOUNT/.procmailrc /home/$MY_USERNAME - chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.procmailrc - fi + if [ -f $USB_MOUNT/.procmailrc ]; then + echo $'Importing procmail settings' + cp $USB_MOUNT/.procmailrc /home/$MY_USERNAME + chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.procmailrc + fi - if [ -f $USB_MOUNT/private_key.gpg ]; then - echo $'GPG private key found on USB drive' - MY_GPG_PRIVATE_KEY=$USB_MOUNT/private_key.gpg - fi - if [ -f $USB_MOUNT/public_key.gpg ]; then - echo $'GPG public key found on USB drive' - MY_GPG_PUBLIC_KEY=$USB_MOUNT/public_key.gpg - fi - fi - if [ -d $USB_MOUNT/prosody ]; then - if [ ! -d $XMPP_DIRECTORY ]; then - mkdir $XMPP_DIRECTORY - fi - cp -r $USB_MOUNT/prosody/* $XMPP_DIRECTORY - chown -R prosody:prosody $XMPP_DIRECTORY - fi - if [ -d $USB_MOUNT/.ssh ]; then - echo $'Importing ssh keys' - cp -r $USB_MOUNT/.ssh /home/$MY_USERNAME - chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh - # for security delete the ssh keys from the usb drive - if [ ! -f /home/$MY_USERNAME/.ssh/id_rsa ]; then - echo $'ssh files did not copy' - exit 8 - fi - fi - if [ -f $USB_MOUNT/.emacs ]; then - echo $'Importing .emacs file' - cp -f $USB_MOUNT/.emacs /home/$MY_USERNAME/.emacs - chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.emacs - fi - if [ -d $USB_MOUNT/.emacs.d ]; then - echo $'Importing .emacs.d directory' - cp -r $USB_MOUNT/.emacs.d /home/$MY_USERNAME - chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.emacs.d - fi - if [ -d $USB_MOUNT/ssl ]; then - echo $'Importing SSL certificates' - cp -r $USB_MOUNT/ssl/* /etc/ssl - chmod 640 /etc/ssl/certs/* - chmod 400 /etc/ssl/private/* - # change ownership of some certificates - if [ -d /etc/prosody ]; then - chown prosody:prosody /etc/ssl/private/xmpp.* - chown prosody:prosody /etc/ssl/certs/xmpp.* - fi - if [ -d /etc/dovecot ]; then - chown root:dovecot /etc/ssl/certs/dovecot.* - chown root:dovecot /etc/ssl/private/dovecot.* - fi - if [ -f /etc/ssl/private/exim.key ]; then - cp /etc/ssl/private/exim.key /etc/exim4 - cp /etc/ssl/certs/exim.crt /etc/exim4 - cp /etc/ssl/certs/exim.dhparam /etc/exim4 - chown root:Debian-exim /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam - chmod 640 /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam - fi - fi - if [ -d $USB_MOUNT/personal ]; then - echo $'Importing personal directory' - cp -r $USB_MOUNT/personal /home/$MY_USERNAME - chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/personal - fi - else - if [ -d $USB_MOUNT ]; then - umount $USB_MOUNT - rm -rf $USB_MOUNT - fi - echo $'No USB drive attached' - fi - echo 'search_for_attached_usb_drive' >> $COMPLETION_FILE + if [ -f $USB_MOUNT/private_key.gpg ]; then + echo $'GPG private key found on USB drive' + MY_GPG_PRIVATE_KEY=$USB_MOUNT/private_key.gpg + fi + if [ -f $USB_MOUNT/public_key.gpg ]; then + echo $'GPG public key found on USB drive' + MY_GPG_PUBLIC_KEY=$USB_MOUNT/public_key.gpg + fi + fi + if [ -d $USB_MOUNT/prosody ]; then + if [ ! -d $XMPP_DIRECTORY ]; then + mkdir $XMPP_DIRECTORY + fi + cp -r $USB_MOUNT/prosody/* $XMPP_DIRECTORY + chown -R prosody:prosody $XMPP_DIRECTORY + fi + if [ -d $USB_MOUNT/.ssh ]; then + echo $'Importing ssh keys' + cp -r $USB_MOUNT/.ssh /home/$MY_USERNAME + chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.ssh + # for security delete the ssh keys from the usb drive + if [ ! -f /home/$MY_USERNAME/.ssh/id_rsa ]; then + echo $'ssh files did not copy' + exit 8 + fi + fi + if [ -f $USB_MOUNT/.emacs ]; then + echo $'Importing .emacs file' + cp -f $USB_MOUNT/.emacs /home/$MY_USERNAME/.emacs + chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.emacs + fi + if [ -d $USB_MOUNT/.emacs.d ]; then + echo $'Importing .emacs.d directory' + cp -r $USB_MOUNT/.emacs.d /home/$MY_USERNAME + chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.emacs.d + fi + if [ -d $USB_MOUNT/ssl ]; then + echo $'Importing SSL certificates' + cp -r $USB_MOUNT/ssl/* /etc/ssl + chmod 640 /etc/ssl/certs/* + chmod 400 /etc/ssl/private/* + # change ownership of some certificates + if [ -d /etc/prosody ]; then + chown prosody:prosody /etc/ssl/private/xmpp.* + chown prosody:prosody /etc/ssl/certs/xmpp.* + fi + if [ -d /etc/dovecot ]; then + chown root:dovecot /etc/ssl/certs/dovecot.* + chown root:dovecot /etc/ssl/private/dovecot.* + fi + if [ -f /etc/ssl/private/exim.key ]; then + cp /etc/ssl/private/exim.key /etc/exim4 + cp /etc/ssl/certs/exim.crt /etc/exim4 + cp /etc/ssl/certs/exim.dhparam /etc/exim4 + chown root:Debian-exim /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam + chmod 640 /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam + fi + fi + if [ -d $USB_MOUNT/personal ]; then + echo $'Importing personal directory' + cp -r $USB_MOUNT/personal /home/$MY_USERNAME + chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/personal + fi + else + if [ -d $USB_MOUNT ]; then + umount $USB_MOUNT + rm -rf $USB_MOUNT + fi + echo $'No USB drive attached' + fi + echo 'search_for_attached_usb_drive' >> $COMPLETION_FILE } function mark_admin_user_account { - if ! grep -q "Admin user:" $COMPLETION_FILE; then - echo "Admin user:$MY_USERNAME" >> $COMPLETION_FILE - fi + if ! grep -q "Admin user:" $COMPLETION_FILE; then + echo "Admin user:$MY_USERNAME" >> $COMPLETION_FILE + fi } function remove_instructions_from_motd { - sed -i '/## /d' /etc/motd + sed -i '/## /d' /etc/motd } function remove_default_user { - # make sure you don't use the default user account - if [[ $MY_USERNAME == "debian" ]]; then - echo 'Do not use the default debian user account. Create a different user with: adduser [username]' - exit 68 - fi - # remove the default debian user to prevent it from becoming an attack vector - if [ -d /home/debian ]; then - userdel -r debian - echo 'Default debian user account removed' - fi + # make sure you don't use the default user account + if [[ $MY_USERNAME == "debian" ]]; then + echo 'Do not use the default debian user account. Create a different user with: adduser [username]' + exit 68 + fi + # remove the default debian user to prevent it from becoming an attack vector + if [ -d /home/debian ]; then + userdel -r debian + echo 'Default debian user account removed' + fi } function create_completion_file { - if [ ! -f $COMPLETION_FILE ]; then - touch $COMPLETION_FILE - fi + if [ ! -f $COMPLETION_FILE ]; then + touch $COMPLETION_FILE + fi } function upgrade_installation { - # TODO - echo '' + # TODO + echo '' } function setup_firewall { - function_check create_completion_file - create_completion_file + function_check create_completion_file + create_completion_file - function_check configure_firewall - configure_firewall + function_check configure_firewall + configure_firewall - function_check configure_firewall_ping - configure_firewall_ping + function_check configure_firewall_ping + configure_firewall_ping - function_check configure_firewall_for_dns - configure_firewall_for_dns + function_check configure_firewall_for_dns + configure_firewall_for_dns - function_check configure_firewall_for_avahi - configure_firewall_for_avahi + function_check configure_firewall_for_avahi + configure_firewall_for_avahi + + function_check global_rate_limit + global_rate_limit } function setup_utils { - function_check create_completion_file - create_completion_file + function_check create_completion_file + create_completion_file - function_check read_configuration - read_configuration + function_check read_configuration + read_configuration - function_check upgrade_installation - upgrade_installation + function_check upgrade_installation + upgrade_installation - function_check set_default_onion_domains - set_default_onion_domains + function_check set_default_onion_domains + set_default_onion_domains - function_check locale_setup - locale_setup + function_check locale_setup + locale_setup - function_check parse_args - parse_args + function_check parse_args + parse_args - function_check check_domains - check_domains + function_check check_domains + check_domains - function_check install_static_network - install_static_network + function_check install_static_network + install_static_network - function_check remove_default_user - remove_default_user + function_check remove_default_user + remove_default_user - function_check setup_firewall - setup_firewall + function_check setup_firewall + setup_firewall - function_check create_repo_sources - create_repo_sources + function_check create_repo_sources + create_repo_sources - function_check configure_dns - configure_dns + function_check configure_dns + configure_dns - function_check initial_setup - initial_setup + function_check initial_setup + initial_setup - function_check install_tor - install_tor + function_check install_tor + install_tor - #function_check resolve_dns_via_tor - #resolve_dns_via_tor + #function_check resolve_dns_via_tor + #resolve_dns_via_tor - function_check install_command_line_browser - install_command_line_browser + function_check install_command_line_browser + install_command_line_browser - function_check enable_ssh_via_onion - enable_ssh_via_onion + function_check enable_ssh_via_onion + enable_ssh_via_onion - function_check check_date - check_date + function_check check_date + check_date - function_check install_dynamicdns - install_dynamicdns + function_check install_dynamicdns + install_dynamicdns - function_check randomize_cron - randomize_cron + function_check randomize_cron + randomize_cron - function_check create_freedns_updater - create_freedns_updater + function_check create_freedns_updater + create_freedns_updater - function_check mark_admin_user_account - mark_admin_user_account + function_check mark_admin_user_account + mark_admin_user_account - function_check enforce_good_passwords - enforce_good_passwords + function_check enforce_good_passwords + enforce_good_passwords - function_check install_editor - install_editor + function_check install_editor + install_editor - function_check change_login_message - change_login_message + function_check change_login_message + change_login_message - function_check enable_zram - enable_zram + function_check enable_zram + enable_zram - function_check random_number_generator - random_number_generator + function_check random_number_generator + random_number_generator - function_check set_your_domain_name - set_your_domain_name + function_check set_your_domain_name + set_your_domain_name - function_check time_synchronisation_tlsdate - time_synchronisation_tlsdate + function_check time_synchronisation_tlsdate + time_synchronisation_tlsdate - function_check configure_internet_protocol - configure_internet_protocol + function_check configure_internet_protocol + configure_internet_protocol - function_check create_git_project - create_git_project + function_check create_git_project + create_git_project - function_check setup_wifi - setup_wifi + function_check setup_wifi + setup_wifi - function_check configure_ssh - configure_ssh + function_check configure_ssh + configure_ssh - function_check configure_ssh_onion - configure_ssh_onion + function_check configure_ssh_onion + configure_ssh_onion - function_check allow_ssh_to_onion_address - allow_ssh_to_onion_address + function_check allow_ssh_to_onion_address + allow_ssh_to_onion_address - function_check remove_instructions_from_motd - remove_instructions_from_motd + function_check remove_instructions_from_motd + remove_instructions_from_motd - function_check check_hwrng - check_hwrng + function_check check_hwrng + check_hwrng - function_check search_for_attached_usb_drive - search_for_attached_usb_drive + function_check search_for_attached_usb_drive + search_for_attached_usb_drive - function_check regenerate_ssh_keys - regenerate_ssh_keys + function_check regenerate_ssh_keys + regenerate_ssh_keys - function_check create_mirrors - create_mirrors + function_check create_mirrors + create_mirrors - function_check create_upgrade_script - create_upgrade_script + function_check create_upgrade_script + create_upgrade_script - function_check letsencrypt_renewals - letsencrypt_renewals + function_check letsencrypt_renewals + letsencrypt_renewals - function_check install_watchdog_script - install_watchdog_script + function_check install_watchdog_script + install_watchdog_script - function_check install_avahi - install_avahi + function_check install_avahi + install_avahi - function_check create_avahi_onion_domains - create_avahi_onion_domains + function_check create_avahi_onion_domains + create_avahi_onion_domains - #function_check install_atheros_wifi - #install_atheros_wifi + #function_check install_atheros_wifi + #install_atheros_wifi - function_check route_outgoing_traffic_through_tor - route_outgoing_traffic_through_tor + function_check route_outgoing_traffic_through_tor + route_outgoing_traffic_through_tor - function_check upgrade_golang - upgrade_golang + function_check upgrade_golang + upgrade_golang - function_check install_tomb - install_tomb + function_check install_tomb + install_tomb } function setup_email { - function_check create_completion_file - create_completion_file + function_check create_completion_file + create_completion_file - function_check install_email - install_email + function_check install_email + install_email - function_check create_procmail - create_procmail + function_check create_procmail + create_procmail - function_check handle_admin_emails - handle_admin_emails + function_check handle_admin_emails + handle_admin_emails - function_check spam_filtering - spam_filtering + function_check spam_filtering + spam_filtering - function_check configure_imap - configure_imap + function_check configure_imap + configure_imap - #function_check configure_imap_client_certs - #configure_imap_client_certs + #function_check configure_imap_client_certs + #configure_imap_client_certs - function_check configure_gpg - configure_gpg + function_check configure_gpg + configure_gpg - function_check refresh_gpg_keys - refresh_gpg_keys + function_check refresh_gpg_keys + refresh_gpg_keys - function_check configure_backup_key - configure_backup_key + function_check configure_backup_key + configure_backup_key - function_check install_monkeysphere - install_monkeysphere + function_check install_monkeysphere + install_monkeysphere - function_check encrypt_incoming_email - encrypt_incoming_email + function_check encrypt_incoming_email + encrypt_incoming_email - function_check encrypt_outgoing_email - encrypt_outgoing_email + function_check encrypt_outgoing_email + encrypt_outgoing_email - function_check email_client - email_client + function_check email_client + email_client - function_check email_archiving - email_archiving + function_check email_archiving + email_archiving - function_check email_from_address - email_from_address + function_check email_from_address + email_from_address - function_check create_public_mailing_list - create_public_mailing_list + function_check create_public_mailing_list + create_public_mailing_list - #function check create_private_mailing_list - #create_private_mailing_list + #function check create_private_mailing_list + #create_private_mailing_list - function_check encrypt_all_email - encrypt_all_email + function_check encrypt_all_email + encrypt_all_email - function_check import_email - import_email + function_check import_email + import_email } function setup_web { - function_check create_completion_file - create_completion_file + function_check create_completion_file + create_completion_file - function_check install_web_server - install_web_server + function_check install_web_server + install_web_server - function_check install_web_server_access_control - install_web_server_access_control + function_check install_web_server_access_control + install_web_server_access_control } function upgrade_apps { - function_check create_completion_file - create_completion_file + function_check create_completion_file + create_completion_file - APPS_COMPLETED=() - FILES=/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-* + APPS_COMPLETED=() + FILES=/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-* - # for all the app scripts - for filename in $FILES - do - app_name=$(echo "${filename}" | awk -F '-app-' '{print $2}') - if [[ $(item_in_array ${app_name} ${APPS_COMPLETED[@]}) != 0 ]]; then - function_check app_is_installed - if [[ "$(app_is_installed $a)" == "1" ]]; then - APPS_COMPLETED+=("${app_name}") - function_check upgrade_${app_name} - upgrade_${app_name} - fi - fi - done + # for all the app scripts + for filename in $FILES + do + app_name=$(echo "${filename}" | awk -F '-app-' '{print $2}') + if [[ $(item_in_array ${app_name} ${APPS_COMPLETED[@]}) != 0 ]]; then + function_check app_is_installed + if [[ "$(app_is_installed $a)" == "1" ]]; then + APPS_COMPLETED+=("${app_name}") + function_check upgrade_${app_name} + upgrade_${app_name} + fi + fi + done } function setup_apps { - function_check create_completion_file - create_completion_file + function_check create_completion_file + create_completion_file - function_check choose_apps_for_variant - choose_apps_for_variant "$SYSTEM_TYPE" + function_check choose_apps_for_variant + choose_apps_for_variant "$SYSTEM_TYPE" - echo $"System variant: $SYSTEM_TYPE" - echo $'The following apps have been selected' - echo '' - function_check list_chosen_apps - list_chosen_apps - echo '' + echo $"System variant: $SYSTEM_TYPE" + echo $'The following apps have been selected' + echo '' + function_check list_chosen_apps + list_chosen_apps + echo '' - function_check upgrade_apps - upgrade_apps + function_check upgrade_apps + upgrade_apps - function_check install_apps - install_apps + function_check install_apps + install_apps } function combine_all_scripts { - combined_filename=$1 + combined_filename=$1 - # initial variables - cp $PROJECT_INSTALL_DIR/${PROJECT_NAME}-vars $combined_filename + # initial variables + cp $PROJECT_INSTALL_DIR/${PROJECT_NAME}-vars $combined_filename - # utilities - UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-* - for f in $UTILS_FILES - do - # this removes the first line, which is #!/bin/bash - tail -n +2 "$f" >> $combined_filename - done + # utilities + UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-* + for f in $UTILS_FILES + do + # this removes the first line, which is #!/bin/bash + tail -n +2 "$f" >> $combined_filename + done - # base system - BASE_SYSTEM_FILES=/usr/share/${PROJECT_NAME}/base/${PROJECT_NAME}-base-* - for f in $BASE_SYSTEM_FILES - do - tail -n +2 "$f" >> $combined_filename - done + # base system + BASE_SYSTEM_FILES=/usr/share/${PROJECT_NAME}/base/${PROJECT_NAME}-base-* + for f in $BASE_SYSTEM_FILES + do + tail -n +2 "$f" >> $combined_filename + done - # apps - APP_FILES=/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-* - for f in $APP_FILES - do - tail -n +2 "$f" >> $combined_filename - done + # apps + APP_FILES=/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-* + for f in $APP_FILES + do + tail -n +2 "$f" >> $combined_filename + done } # NOTE: deliberately no exit 0