Remove hardcoded variants

This commit is contained in:
Bob Mottram 2016-10-08 19:32:04 +01:00
parent acd8a706d8
commit 16123cb9d7
21 changed files with 451 additions and 535 deletions

View File

@ -259,7 +259,7 @@ function parse_args {
exit 1 exit 1
fi fi
if [ ! "$DEFAULT_DOMAIN_NAME" ]; then if [ ! "$DEFAULT_DOMAIN_NAME" ]; then
if [[ $SYSTEM_TYPE != "$VARIANT_MESH" ]]; then if [[ $SYSTEM_TYPE != "mesh"* ]]; then
echo 'No default domain specified' echo 'No default domain specified'
show_help show_help
exit 2 exit 2
@ -270,7 +270,7 @@ function parse_args {
show_help show_help
exit 3 exit 3
fi fi
if [[ $SYSTEM_TYPE != "$VARIANT_MESH" ]]; then if [[ $SYSTEM_TYPE != "mesh"* ]]; then
if [[ $ONION_ONLY == "no" ]]; then if [[ $ONION_ONLY == "no" ]]; then
if [ ! $DDNS_USERNAME ]; then if [ ! $DDNS_USERNAME ]; then
echo $'Please provide the username for your dynamic DNS provider with the --ddnsuser option' echo $'Please provide the username for your dynamic DNS provider with the --ddnsuser option'
@ -282,12 +282,14 @@ function parse_args {
fi fi
fi fi
fi fi
if [ ! $SYSTEM_TYPE ]; then if [ ! $SYSTEM_TYPE ]; then
SYSTEM_TYPE=$VARIANT_FULL SYSTEM_TYPE=$'full'
fi fi
if [[ $SYSTEM_TYPE != $VARIANT_WRITER && $SYSTEM_TYPE != $VARIANT_CLOUD && $SYSTEM_TYPE != $VARIANT_CHAT && $SYSTEM_TYPE != $VARIANT_MAILBOX && $SYSTEM_TYPE != $VARIANT_NONMAILBOX && $SYSTEM_TYPE != $VARIANT_SOCIAL && $SYSTEM_TYPE != $VARIANT_MEDIA && $SYSTEM_TYPE != $VARIANT_DEVELOPER && $SYSTEM_TYPE != $VARIANT_MESH && $SYSTEM_TYPE != $VARIANT_FULL ]]; then
if [[ $(is_valid_variant) == "0" ]]; then
echo $"'$SYSTEM_TYPE' is an unrecognised ${PROJECT_NAME} variant." echo $"'$SYSTEM_TYPE' is an unrecognised ${PROJECT_NAME} variant."
exit 30 exit 367245
fi fi
} }

View File

@ -198,7 +198,7 @@ function install_dlna_main {
echo "media_dir=V,$USB_MOUNT/Videos" >> /etc/minidlna.conf echo "media_dir=V,$USB_MOUNT/Videos" >> /etc/minidlna.conf
fi fi
sed -i 's/#root_container=./root_container=B/g' /etc/minidlna.conf sed -i 's/#root_container=./root_container=B/g' /etc/minidlna.conf
if [[ $SYSTEM_TYPE != "$VARIANT_MESH" ]]; then if [[ $SYSTEM_TYPE != "mesh"* ]]; then
sed -i 's/#network_interface=/network_interface=eth0/g' /etc/minidlna.conf sed -i 's/#network_interface=/network_interface=eth0/g' /etc/minidlna.conf
else else
sed -i 's/#network_interface=/network_interface=$WIFI_INTERFACE/g' /etc/minidlna.conf sed -i 's/#network_interface=/network_interface=$WIFI_INTERFACE/g' /etc/minidlna.conf

View File

@ -295,9 +295,6 @@ function install_irc_server {
fi fi
DEFAULTDOMAIN=${DEFAULT_DOMAIN_NAME} DEFAULTDOMAIN=${DEFAULT_DOMAIN_NAME}
if [[ ${SYSTEM_TYPE} == "$VARIANT_MESH" ]]; then
DEFAULTDOMAIN="${DEFAULT_DOMAIN_NAME}.local"
fi
# create a login password if needed # create a login password if needed
if [ ! ${IRC_PASSWORD} ]; then if [ ! ${IRC_PASSWORD} ]; then
@ -340,10 +337,6 @@ function install_irc_server {
if [ ${IRC_PASSWORD} ]; then if [ ${IRC_PASSWORD} ]; then
sed -i "0,/RE/s/Password =.*/Password =$IRC_PASSWORD/" /etc/ngircd/ngircd.conf sed -i "0,/RE/s/Password =.*/Password =$IRC_PASSWORD/" /etc/ngircd/ngircd.conf
fi fi
# If we are on a mesh then DNS is not available
if [[ ${SYSTEM_TYPE} == "$VARIANT_MESH" ]]; then
sed -i "s/;DNS =.*/DNS = no/g" /etc/ngircd/ngircd.conf
fi
# upgrade a cypher # upgrade a cypher
sed -i 's|SECURE128|SECURE256|g' /etc/ngircd/ngircd.conf sed -i 's|SECURE128|SECURE256|g' /etc/ngircd/ngircd.conf
mkdir /var/run/ircd mkdir /var/run/ircd

View File

@ -236,7 +236,7 @@ function install_mumble {
sed -i "s|welcometext=.*|welcometext=\"<br />Welcome to $DEFAULT_DOMAIN_NAME <b>mumble</b>.<br />Chat freely!<br />\"|g" /etc/mumble-server.ini sed -i "s|welcometext=.*|welcometext=\"<br />Welcome to $DEFAULT_DOMAIN_NAME <b>mumble</b>.<br />Chat freely!<br />\"|g" /etc/mumble-server.ini
if [[ $MUMBLE_SERVER_PASSWORD && $SYSTEM_TYPE != "$VARIANT_MESH" ]]; then if [[ $MUMBLE_SERVER_PASSWORD ]]; then
sed -i "s|serverpassword=.*|serverpassword=$MUMBLE_SERVER_PASSWORD|g" /etc/mumble-server.ini sed -i "s|serverpassword=.*|serverpassword=$MUMBLE_SERVER_PASSWORD|g" /etc/mumble-server.ini
fi fi
@ -272,9 +272,7 @@ function install_mumble {
echo '=============' >> /home/$MY_USERNAME/README echo '=============' >> /home/$MY_USERNAME/README
echo $"Mumble onion domain:$MUMBLE_ONION_HOSTNAME" >> /home/$MY_USERNAME/README echo $"Mumble onion domain:$MUMBLE_ONION_HOSTNAME" >> /home/$MY_USERNAME/README
echo $'Mumble server username: mumble-server' >> /home/$MY_USERNAME/README echo $'Mumble server username: mumble-server' >> /home/$MY_USERNAME/README
if [[ $SYSTEM_TYPE != "VARIANT_MESH" ]]; then echo $"Mumble server password: $MUMBLE_SERVER_PASSWORD" >> /home/$MY_USERNAME/README
echo $"Mumble server password: $MUMBLE_SERVER_PASSWORD" >> /home/$MY_USERNAME/README
fi
echo '' >> /home/$MY_USERNAME/README echo '' >> /home/$MY_USERNAME/README
echo $'To connect to the Mumble server use your username and the server password shown above.' >> /home/$MY_USERNAME/README echo $'To connect to the Mumble server use your username and the server password shown above.' >> /home/$MY_USERNAME/README
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README

View File

@ -117,9 +117,6 @@ function remove_searx {
function install_searx { function install_searx {
# Note: currently socks5 outgoing proxies to other search engines does not work # Note: currently socks5 outgoing proxies to other search engines does not work
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
return
fi
if [ ! -d /etc/nginx ]; then if [ ! -d /etc/nginx ]; then
echo $'Webserver is not installed' echo $'Webserver is not installed'
exit 62429 exit 62429

View File

@ -336,7 +336,7 @@ function tox_avahi {
fi fi
make install make install
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [[ $SYSTEM_TYPE == "mesh"* ]]; then
toxavahi toxavahi
# publish regularly # publish regularly

View File

@ -83,9 +83,6 @@ function backup_email {
} }
function configure_firewall_for_email { function configure_firewall_for_email {
if [[ $SYSTEM_TYPE == "$VARIANT_WRITER" || $SYSTEM_TYPE == "$VARIANT_CLOUD" || $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_SOCIAL" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_DEVELOPER" || $SYSTEM_TYPE == "$VARIANT_MESH" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" ]]; then
return
fi
if grep -Fxq "configure_firewall_for_email" $COMPLETION_FILE; then if grep -Fxq "configure_firewall_for_email" $COMPLETION_FILE; then
return return
fi fi
@ -114,7 +111,7 @@ function encrypt_incoming_email {
# encrypts incoming mail using your GPG public key # encrypts incoming mail using your GPG public key
# so even if an attacker gains access to the data at rest they still need # so even if an attacker gains access to the data at rest they still need
# to know your GPG key password to be able to read anything # to know your GPG key password to be able to read anything
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [ ! -d /etc/exim4 ]; then
return return
fi fi
@ -163,7 +160,7 @@ function encrypt_outgoing_email {
# encrypts outgoing mail using your GPG public key # encrypts outgoing mail using your GPG public key
# so even if an attacker gains access to the data at rest they still need # so even if an attacker gains access to the data at rest they still need
# to know your GPG key password to be able to read sent mail # to know your GPG key password to be able to read sent mail
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [ ! -d /etc/exim4 ]; then
return return
fi fi
if grep -Fxq "encrypt_outgoing_email" $COMPLETION_FILE; then if grep -Fxq "encrypt_outgoing_email" $COMPLETION_FILE; then
@ -210,7 +207,7 @@ function encrypt_outgoing_email {
} }
function encrypt_all_email { function encrypt_all_email {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [ ! -d /etc/exim4 ]; then
return return
fi fi
if [[ $GPG_ENCRYPT_STORED_EMAIL != "yes" ]]; then if [[ $GPG_ENCRYPT_STORED_EMAIL != "yes" ]]; then
@ -252,7 +249,7 @@ function encrypt_all_email {
} }
function email_client { function email_client {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [ ! -d /etc/exim4 ]; then
return return
fi fi
if grep -Fxq "email_client" $COMPLETION_FILE; then if grep -Fxq "email_client" $COMPLETION_FILE; then
@ -406,7 +403,7 @@ function email_client {
} }
function email_archiving { function email_archiving {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [ ! -d /etc/exim4 ]; then
return return
fi fi
@ -469,7 +466,7 @@ function email_from_address {
} }
function create_public_mailing_list { function create_public_mailing_list {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [ ! -d /etc/exim4 ]; then
return return
fi fi
if grep -Fxq "create_public_mailing_list" $COMPLETION_FILE; then if grep -Fxq "create_public_mailing_list" $COMPLETION_FILE; then
@ -566,7 +563,7 @@ function create_public_mailing_list {
} }
function create_private_mailing_list { function create_private_mailing_list {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [ ! -d /etc/exim4 ]; then
return return
fi fi
# This installation doesn't work, results in ruby errors # This installation doesn't work, results in ruby errors
@ -638,7 +635,7 @@ function split_gpg_key_into_fragments {
} }
function import_email { function import_email {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [ ! -d /etc/exim4 ]; then
return return
fi fi
EMAIL_COMPLETE_MSG=$" EMAIL_COMPLETE_MSG=$"
@ -648,7 +645,7 @@ function import_email {
25, 587, 465, 993 and 2222 to the ${PROJECT_NAME} 25, 587, 465, 993 and 2222 to the ${PROJECT_NAME}
" "
if grep -Fxq "import_email" $COMPLETION_FILE; then if grep -Fxq "import_email" $COMPLETION_FILE; then
if [[ $SYSTEM_TYPE == "$VARIANT_MAILBOX" ]]; then if [[ $SYSTEM_TYPE == "mail"* ]]; then
function_check backup_to_friends_servers function_check backup_to_friends_servers
backup_to_friends_servers backup_to_friends_servers
@ -681,7 +678,7 @@ function import_email {
fi fi
fi fi
echo 'import_email' >> $COMPLETION_FILE echo 'import_email' >> $COMPLETION_FILE
if [[ $SYSTEM_TYPE == "$VARIANT_MAILBOX" ]]; then if [[ $SYSTEM_TYPE == "mail"* ]]; then
function_check backup_to_friends_servers function_check backup_to_friends_servers
backup_to_friends_servers backup_to_friends_servers
@ -710,7 +707,7 @@ function remove_email {
} }
function install_email { function install_email {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return return
fi fi
if grep -Fxq "install_email" $COMPLETION_FILE; then if grep -Fxq "install_email" $COMPLETION_FILE; then
@ -940,7 +937,7 @@ function install_email {
} }
function create_procmail { function create_procmail {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [ ! -d /etc/exim4 ]; then
return return
fi fi
if grep -Fxq "create_procmail" $COMPLETION_FILE; then if grep -Fxq "create_procmail" $COMPLETION_FILE; then
@ -983,7 +980,7 @@ function handle_admin_emails {
} }
function spam_filtering { function spam_filtering {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [ ! -d /etc/exim4 ]; then
return return
fi fi
if grep -Fxq "spam_filtering" $COMPLETION_FILE; then if grep -Fxq "spam_filtering" $COMPLETION_FILE; then
@ -1144,7 +1141,7 @@ function spam_filtering {
} }
function configure_imap { function configure_imap {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [ ! -d /etc/exim4 ]; then
return return
fi fi
if grep -Fxq "configure_imap" $COMPLETION_FILE; then if grep -Fxq "configure_imap" $COMPLETION_FILE; then
@ -1230,7 +1227,7 @@ function configure_imap {
} }
function configure_imap_client_certs { function configure_imap_client_certs {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [ ! -d /etc/exim4 ]; then
return return
fi fi
if grep -Fxq "configure_imap_client_certs" $COMPLETION_FILE; then if grep -Fxq "configure_imap_client_certs" $COMPLETION_FILE; then
@ -1312,7 +1309,7 @@ function configure_imap_client_certs {
} }
function create_gpg_subkey { function create_gpg_subkey {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [ ! -d /etc/exim4 ]; then
return return
fi fi
if grep -Fxq "create_gpg_subkey" $COMPLETION_FILE; then if grep -Fxq "create_gpg_subkey" $COMPLETION_FILE; then
@ -1380,7 +1377,7 @@ function gpg_pubkey_from_email {
} }
function configure_gpg { function configure_gpg {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [ ! -d /etc/exim4 ]; then
return return
fi fi
if grep -Fxq "configure_gpg" $COMPLETION_FILE; then if grep -Fxq "configure_gpg" $COMPLETION_FILE; then

View File

@ -37,72 +37,69 @@ function backup_remote_tripwire {
} }
function remove_tripwire { function remove_tripwire {
if ! grep -Fxq "tripwire" $COMPLETION_FILE; then if ! grep -Fxq "tripwire" $COMPLETION_FILE; then
return return
fi fi
apt-get -y remove --purge tripwire apt-get -y remove --purge tripwire
if [ -d /etc/tripwire ]; then if [ -d /etc/tripwire ]; then
rm -rf /etc/tripwire rm -rf /etc/tripwire
fi fi
rm /usr/bin/reset-tripwire rm /usr/bin/reset-tripwire
sed -i '/tripwire/d' $COMPLETION_FILE sed -i '/tripwire/d' $COMPLETION_FILE
} }
function install_tripwire { function install_tripwire {
if grep -Fxq "install_tripwire" $COMPLETION_FILE; then if grep -Fxq "install_tripwire" $COMPLETION_FILE; then
return return
fi fi
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then apt-get -y install tripwire
return apt-get -y autoremove
fi cd /etc/tripwire
apt-get -y install tripwire cp site.key $DEFAULT_DOMAIN_NAME-site.key
apt-get -y autoremove echo '*** Installing intrusion detection ***'
cd /etc/tripwire echo '
cp site.key $DEFAULT_DOMAIN_NAME-site.key
echo '*** Installing intrusion detection ***'
echo '
' | tripwire --init ' | tripwire --init
# make a script for easy resetting of the tripwire # make a script for easy resetting of the tripwire
echo '#!/bin/sh' > /usr/bin/reset-tripwire echo '#!/bin/sh' > /usr/bin/reset-tripwire
echo 'tripwire --update-policy --secure-mode low /etc/tripwire/twpol.txt' >> /usr/bin/reset-tripwire echo 'tripwire --update-policy --secure-mode low /etc/tripwire/twpol.txt' >> /usr/bin/reset-tripwire
chmod +x /usr/bin/reset-tripwire chmod +x /usr/bin/reset-tripwire
sed -i 's/SYSLOGREPORTING.*/SYSLOGREPORTING =false/g' /etc/tripwire/twcfg.txt sed -i 's/SYSLOGREPORTING.*/SYSLOGREPORTING =false/g' /etc/tripwire/twcfg.txt
# only send emails if something has changed # only send emails if something has changed
sed -i 's|MAILNOVIOLATIONS.*|MAILNOVIOLATIONS = false|g' /etc/tripwire/twcfg.txt sed -i 's|MAILNOVIOLATIONS.*|MAILNOVIOLATIONS = false|g' /etc/tripwire/twcfg.txt
sed -i '/# These files change the behavior of the root account/,/}/ s/.*//g' /etc/tripwire/twpol.txt sed -i '/# These files change the behavior of the root account/,/}/ s/.*//g' /etc/tripwire/twpol.txt
sed -i 's|/etc/rc.boot.*||g' /etc/tripwire/twpol.txt sed -i 's|/etc/rc.boot.*||g' /etc/tripwire/twpol.txt
# Don't show any changes to /proc # Don't show any changes to /proc
sed -i 's|/proc.*||g' /etc/tripwire/twpol.txt sed -i 's|/proc.*||g' /etc/tripwire/twpol.txt
# Don't report log changes # Don't report log changes
sed -i 's|/var/log.*||g' /etc/tripwire/twpol.txt sed -i 's|/var/log.*||g' /etc/tripwire/twpol.txt
# Ignore /etc/tripwire # Ignore /etc/tripwire
if ! grep -q '!/etc/tripwire' /etc/tripwire/twpol.txt; then if ! grep -q '!/etc/tripwire' /etc/tripwire/twpol.txt; then
sed -i '\|/etc\t\t->.*|a\ !/etc/tripwire ;' /etc/tripwire/twpol.txt sed -i '\|/etc\t\t->.*|a\ !/etc/tripwire ;' /etc/tripwire/twpol.txt
fi fi
# ignore tt-rss cache # ignore tt-rss cache
if ! grep -q '!/etc/share/tt-rss/cache' /etc/tripwire/twpol.txt; then if ! grep -q '!/etc/share/tt-rss/cache' /etc/tripwire/twpol.txt; then
sed -i '\|/etc\t\t->.*|a\ !/etc/share/tt-rss/cache ;' /etc/tripwire/twpol.txt sed -i '\|/etc\t\t->.*|a\ !/etc/share/tt-rss/cache ;' /etc/tripwire/twpol.txt
fi fi
if ! grep -q '!/etc/share/tt-rss/lock' /etc/tripwire/twpol.txt; then if ! grep -q '!/etc/share/tt-rss/lock' /etc/tripwire/twpol.txt; then
sed -i '\|/etc\t\t->.*|a\ !/etc/share/tt-rss/lock ;' /etc/tripwire/twpol.txt sed -i '\|/etc\t\t->.*|a\ !/etc/share/tt-rss/lock ;' /etc/tripwire/twpol.txt
fi fi
# Avoid logging the changed database # Avoid logging the changed database
sed -i 's|$(TWETC)/tw.pol.*||g' /etc/tripwire/twpol.txt sed -i 's|$(TWETC)/tw.pol.*||g' /etc/tripwire/twpol.txt
# recreate the configuration # recreate the configuration
echo ' echo '
' | twadmin --create-cfgfile -S /etc/tripwire/site.key /etc/tripwire/twcfg.txt ' | twadmin --create-cfgfile -S /etc/tripwire/site.key /etc/tripwire/twcfg.txt
# reset # reset
echo ' echo '
' | reset-tripwire ' | reset-tripwire
echo 'install_tripwire' >> $COMPLETION_FILE echo 'install_tripwire' >> $COMPLETION_FILE
} }
# NOTE: deliberately no exit 0 # NOTE: deliberately no exit 0

View File

@ -48,20 +48,6 @@ MINIMUM_PASSWORD_LENGTH=$(cat /usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-u
# file containing new password # file containing new password
IMAGE_PASSWORD_FILE=/root/login.txt IMAGE_PASSWORD_FILE=/root/login.txt
# Different system variants which may be specified within
# the SYSTEM_TYPE option
VARIANT_FULL="full"
VARIANT_WRITER="writer"
VARIANT_CLOUD="cloud"
VARIANT_CHAT="chat"
VARIANT_MAILBOX="mailbox"
VARIANT_NONMAILBOX="nonmailbox"
VARIANT_SOCIAL="social"
VARIANT_MEDIA="media"
VARIANT_DEVELOPER="developer"
VARIANT_MESH="mesh"
VARIANT_MESH_USER="mesh-user"
MY_USERNAME= MY_USERNAME=
DEFAULT_DOMAIN_NAME= DEFAULT_DOMAIN_NAME=
DEFAULT_DOMAIN_CODE= DEFAULT_DOMAIN_CODE=
@ -291,7 +277,7 @@ function choose_static_ip {
} }
function choose_dynamic_dns { function choose_dynamic_dns {
if [[ $SYSTEM_TYPE != "$VARIANT_MESH" && $ONION_ONLY == "no" ]]; then if [[ $SYSTEM_TYPE != "mesh"* && $ONION_ONLY == "no" ]]; then
data=$(tempfile 2>/dev/null) data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15 trap "rm -f $data" 0 1 2 5 15
@ -731,16 +717,12 @@ function choose_username {
MY_USERNAME=$(ls /home) MY_USERNAME=$(ls /home)
else else
# select one from a number of users # select one from a number of users
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" && $DEFAULT_DOMAIN_NAME && -d /home/$DEFAULT_DOMAIN_NAME ]]; then select_user
MY_USERNAME=$DEFAULT_DOMAIN_NAME if [ ! $SELECTED_USERNAME ]; then
else echo $'No username selected'
select_user exit 72589
if [ ! $SELECTED_USERNAME ]; then
echo $'No username selected'
exit 72589
fi
MY_USERNAME="$SELECTED_USERNAME"
fi fi
MY_USERNAME="$SELECTED_USERNAME"
fi fi
fi fi

View File

@ -45,197 +45,197 @@ GET_IP_ADDRESS_URL="checkip.two-dns.de"
# other possible services to obtain the external IP address # other possible services to obtain the external IP address
EXTERNAL_IP_SERVICES=( \ EXTERNAL_IP_SERVICES=( \
'https://check.torproject.org/' \ 'https://check.torproject.org/' \
'https://www.whatsmydns.net/whats-my-ip-address.html' \ 'https://www.whatsmydns.net/whats-my-ip-address.html' \
'https://www.privateinternetaccess.com/pages/whats-my-ip/' \ 'https://www.privateinternetaccess.com/pages/whats-my-ip/' \
'http://checkip.two-dns.de' \ 'http://checkip.two-dns.de' \
'http://ip.dnsexit.com' \ 'http://ip.dnsexit.com' \
'http://ifconfig.me/ip' \ 'http://ifconfig.me/ip' \
'http://ipecho.net/plain' \ 'http://ipecho.net/plain' \
'http://checkip.dyndns.org/plain' \ 'http://checkip.dyndns.org/plain' \
'http://ipogre.com/linux.php' \ 'http://ipogre.com/linux.php' \
'http://whatismyipaddress.com/' \ 'http://whatismyipaddress.com/' \
'http://ip.my-proxy.com/' \ 'http://ip.my-proxy.com/' \
'http://websiteipaddress.com/WhatIsMyIp' \ 'http://websiteipaddress.com/WhatIsMyIp' \
'http://getmyipaddress.org/' \ 'http://getmyipaddress.org/' \
'http://www.my-ip-address.net/' \ 'http://www.my-ip-address.net/' \
'http://myexternalip.com/raw' \ 'http://myexternalip.com/raw' \
'http://www.canyouseeme.org/' \ 'http://www.canyouseeme.org/' \
'http://www.trackip.net/' \ 'http://www.trackip.net/' \
'http://icanhazip.com/' \ 'http://icanhazip.com/' \
'http://www.iplocation.net/' \ 'http://www.iplocation.net/' \
'http://www.howtofindmyipaddress.com/' \ 'http://www.howtofindmyipaddress.com/' \
'http://www.ipchicken.com/' \ 'http://www.ipchicken.com/' \
'http://whatsmyip.net/' \ 'http://whatsmyip.net/' \
'http://www.ip-adress.com/' \ 'http://www.ip-adress.com/' \
'http://checkmyip.com/' \ 'http://checkmyip.com/' \
'http://www.tracemyip.org/' \ 'http://www.tracemyip.org/' \
'http://checkmyip.net/' \ 'http://checkmyip.net/' \
'http://www.lawrencegoetz.com/programs/ipinfo/' \ 'http://www.lawrencegoetz.com/programs/ipinfo/' \
'http://www.findmyip.co/' \ 'http://www.findmyip.co/' \
'http://ip-lookup.net/' \ 'http://ip-lookup.net/' \
'http://www.dslreports.com/whois' \ 'http://www.dslreports.com/whois' \
'http://www.mon-ip.com/en/my-ip/' \ 'http://www.mon-ip.com/en/my-ip/' \
'http://www.myip.ru' \ 'http://www.myip.ru' \
'http://ipgoat.com/' \ 'http://ipgoat.com/' \
'http://www.myipnumber.com/my-ip-address.asp' \ 'http://www.myipnumber.com/my-ip-address.asp' \
'http://www.whatsmyipaddress.net/' \ 'http://www.whatsmyipaddress.net/' \
'http://formyip.com/' \ 'http://formyip.com/' \
'http://www.displaymyip.com/' \ 'http://www.displaymyip.com/' \
'http://www.bobborst.com/tools/whatsmyip/' \ 'http://www.bobborst.com/tools/whatsmyip/' \
'http://www.geoiptool.com/' \ 'http://www.geoiptool.com/' \
'http://checkip.dyndns.com/' \ 'http://checkip.dyndns.com/' \
'http://myexternalip.com/' \ 'http://myexternalip.com/' \
'http://www.ip-adress.eu/' \ 'http://www.ip-adress.eu/' \
'http://www.infosniper.net/' \ 'http://www.infosniper.net/' \
'http://wtfismyip.com/' \ 'http://wtfismyip.com/' \
'http://ipinfo.io/' \ 'http://ipinfo.io/' \
'http://httpbin.org/ip') 'http://httpbin.org/ip')
function create_freedns_updater { function create_freedns_updater {
if [[ $ONION_ONLY != "no" ]]; then if [[ $ONION_ONLY != "no" ]]; then
return return
fi fi
# currently inadyn doesn't work as expected with freeDNS, so this is a workaround # currently inadyn doesn't work as expected with freeDNS, so this is a workaround
if grep -Fxq "create_freedns_updater" $COMPLETION_FILE; then if grep -Fxq "create_freedns_updater" $COMPLETION_FILE; then
return return
fi fi
if [[ $DDNS_PROVIDER != "default@freedns.afraid.org" ]]; then if [[ $DDNS_PROVIDER != "default@freedns.afraid.org" ]]; then
return return
fi fi
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return return
fi fi
FREEDNS_WGET='wget -q --read-timeout=0.0 --waitretry=5 --tries=4 https://freedns.afraid.org/dynamic/update.php?' FREEDNS_WGET='wget -q --read-timeout=0.0 --waitretry=5 --tries=4 https://freedns.afraid.org/dynamic/update.php?'
echo '#!/bin/bash' > /usr/bin/dynamicdns echo '#!/bin/bash' > /usr/bin/dynamicdns
echo 'cd /tmp' >> /usr/bin/dynamicdns echo 'cd /tmp' >> /usr/bin/dynamicdns
if [ $DEFAULT_DOMAIN_CODE ]; then if [ $DEFAULT_DOMAIN_CODE ]; then
echo "# $DEFAULT_DOMAIN_NAME" >> /usr/bin/dynamicdns echo "# $DEFAULT_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$DEFAULT_DOMAIN_CODE=" >> /usr/bin/dynamicdns echo "$FREEDNS_WGET$DEFAULT_DOMAIN_CODE=" >> /usr/bin/dynamicdns
fi fi
if [ $WIKI_CODE ]; then if [ $WIKI_CODE ]; then
if [[ $WIKI_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then if [[ $WIKI_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
echo "# $WIKI_DOMAIN_NAME" >> /usr/bin/dynamicdns echo "# $WIKI_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$WIKI_CODE=" >> /usr/bin/dynamicdns echo "$FREEDNS_WGET$WIKI_CODE=" >> /usr/bin/dynamicdns
fi fi
fi fi
if [ $FULLBLOG_CODE ]; then if [ $FULLBLOG_CODE ]; then
if [[ $FULLBLOG_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then if [[ $FULLBLOG_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
echo "# $FULLBLOG_DOMAIN_NAME" >> /usr/bin/dynamicdns echo "# $FULLBLOG_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$FULLBLOG_CODE=" >> /usr/bin/dynamicdns echo "$FREEDNS_WGET$FULLBLOG_CODE=" >> /usr/bin/dynamicdns
fi fi
fi fi
if [ $HUBZILLA_CODE ]; then if [ $HUBZILLA_CODE ]; then
if [[ $HUBZILLA_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then if [[ $HUBZILLA_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
echo "# $HUBZILLA_DOMAIN_NAME" >> /usr/bin/dynamicdns echo "# $HUBZILLA_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$HUBZILLA_CODE=" >> /usr/bin/dynamicdns echo "$FREEDNS_WGET$HUBZILLA_CODE=" >> /usr/bin/dynamicdns
fi fi
fi fi
if [ $MICROBLOG_CODE ]; then if [ $MICROBLOG_CODE ]; then
if [[ $MICROBLOG_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then if [[ $MICROBLOG_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
echo "# $MICROBLOG_DOMAIN_NAME" >> /usr/bin/dynamicdns echo "# $MICROBLOG_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$MICROBLOG_CODE=" >> /usr/bin/dynamicdns echo "$FREEDNS_WGET$MICROBLOG_CODE=" >> /usr/bin/dynamicdns
fi fi
fi fi
if [ $GIT_CODE ]; then if [ $GIT_CODE ]; then
if [[ $GIT_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then if [[ $GIT_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
echo "# $GIT_DOMAIN_NAME" >> /usr/bin/dynamicdns echo "# $GIT_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$GIT_CODE=" >> /usr/bin/dynamicdns echo "$FREEDNS_WGET$GIT_CODE=" >> /usr/bin/dynamicdns
fi fi
fi fi
if [ $MEDIAGOBLIN_CODE ]; then if [ $MEDIAGOBLIN_CODE ]; then
if [[ $MEDIAGOBLIN_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then if [[ $MEDIAGOBLIN_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
echo "# $MEDIAGOBLIN_DOMAIN_NAME" >> /usr/bin/dynamicdns echo "# $MEDIAGOBLIN_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$MEDIAGOBLIN_CODE=" >> /usr/bin/dynamicdns echo "$FREEDNS_WGET$MEDIAGOBLIN_CODE=" >> /usr/bin/dynamicdns
fi fi
fi fi
echo 'exit 0' >> /usr/bin/dynamicdns echo 'exit 0' >> /usr/bin/dynamicdns
chmod 600 /usr/bin/dynamicdns chmod 600 /usr/bin/dynamicdns
chmod +x /usr/bin/dynamicdns chmod +x /usr/bin/dynamicdns
if ! grep -q "/usr/bin/dynamicdns" /etc/crontab; then if ! grep -q "/usr/bin/dynamicdns" /etc/crontab; then
function_check cron_add_mins function_check cron_add_mins
cron_add_mins 3 '/usr/bin/dynamicdns' cron_add_mins 3 '/usr/bin/dynamicdns'
systemctl restart cron systemctl restart cron
fi fi
echo 'create_freedns_updater' >> $COMPLETION_FILE echo 'create_freedns_updater' >> $COMPLETION_FILE
} }
function add_ddns_domain { function add_ddns_domain {
if [ ! $1 ]; then if [ ! $1 ]; then
echo $'ddns domain not specified' echo $'ddns domain not specified'
exit 5638 exit 5638
fi fi
CURRENT_DDNS_DOMAIN="$1" CURRENT_DDNS_DOMAIN="$1"
if [[ $ONION_ONLY != "no" ]]; then if [[ $ONION_ONLY != "no" ]]; then
return return
fi fi
if [ ! -f /etc/inadyn.conf ]; then if [ ! -f /etc/inadyn.conf ]; then
echo $'Unable to find inadyn configuration file /etc/inadyn.conf' echo $'Unable to find inadyn configuration file /etc/inadyn.conf'
exit 5745 exit 5745
fi fi
if ! grep -q "$DDNS_PROVIDER" /etc/inadyn.conf; then if ! grep -q "$DDNS_PROVIDER" /etc/inadyn.conf; then
echo '' >> /etc/inadyn.conf echo '' >> /etc/inadyn.conf
echo "system $DDNS_PROVIDER" >> /etc/inadyn.conf echo "system $DDNS_PROVIDER" >> /etc/inadyn.conf
echo ' ssl' >> /etc/inadyn.conf echo ' ssl' >> /etc/inadyn.conf
echo " checkip-url $GET_IP_ADDRESS_URL /" >> /etc/inadyn.conf echo " checkip-url $GET_IP_ADDRESS_URL /" >> /etc/inadyn.conf
if [ $DDNS_USERNAME ]; then if [ $DDNS_USERNAME ]; then
echo " username $DDNS_USERNAME" >> /etc/inadyn.conf echo " username $DDNS_USERNAME" >> /etc/inadyn.conf
fi fi
if [ $DDNS_PASSWORD ]; then if [ $DDNS_PASSWORD ]; then
echo " password $DDNS_PASSWORD" >> /etc/inadyn.conf echo " password $DDNS_PASSWORD" >> /etc/inadyn.conf
fi fi
fi fi
if ! grep -q "$CURRENT_DDNS_DOMAIN" /etc/inadyn.conf; then if ! grep -q "$CURRENT_DDNS_DOMAIN" /etc/inadyn.conf; then
echo " alias $CURRENT_DDNS_DOMAIN" >> /etc/inadyn.conf echo " alias $CURRENT_DDNS_DOMAIN" >> /etc/inadyn.conf
fi fi
chmod 600 /etc/inadyn.conf chmod 600 /etc/inadyn.conf
systemctl restart inadyn systemctl restart inadyn
systemctl daemon-reload systemctl daemon-reload
} }
function configure_dns { function configure_dns {
if grep -Fxq "configure_dns" $COMPLETION_FILE; then if grep -Fxq "configure_dns" $COMPLETION_FILE; then
return return
fi fi
echo 'domain localdomain' > /etc/resolv.conf echo 'domain localdomain' > /etc/resolv.conf
echo 'search localdomain' >> /etc/resolv.conf echo 'search localdomain' >> /etc/resolv.conf
echo "nameserver $NAMESERVER1" >> /etc/resolv.conf echo "nameserver $NAMESERVER1" >> /etc/resolv.conf
echo "nameserver $NAMESERVER2" >> /etc/resolv.conf echo "nameserver $NAMESERVER2" >> /etc/resolv.conf
# prevent resolv.conf from changing # prevent resolv.conf from changing
chattr +i /etc/resolv.conf chattr +i /etc/resolv.conf
echo 'configure_dns' >> $COMPLETION_FILE echo 'configure_dns' >> $COMPLETION_FILE
} }
function set_hostname { function set_hostname {
DEFAULT_DOMAIN_NAME="$1" DEFAULT_DOMAIN_NAME="$1"
echo "$DEFAULT_DOMAIN_NAME" > /etc/hostname echo "$DEFAULT_DOMAIN_NAME" > /etc/hostname
hostname $DEFAULT_DOMAIN_NAME hostname $DEFAULT_DOMAIN_NAME
if grep -q "127.0.1.1" /etc/hosts; then if grep -q "127.0.1.1" /etc/hosts; then
sed -i "s/127.0.1.1.*/127.0.1.1 $DEFAULT_DOMAIN_NAME/g" /etc/hosts sed -i "s/127.0.1.1.*/127.0.1.1 $DEFAULT_DOMAIN_NAME/g" /etc/hosts
else else
echo "127.0.1.1 $DEFAULT_DOMAIN_NAME" >> /etc/hosts echo "127.0.1.1 $DEFAULT_DOMAIN_NAME" >> /etc/hosts
fi fi
} }
function set_your_domain_name { function set_your_domain_name {
if grep -Fxq "set_your_domain_name" $COMPLETION_FILE; then if grep -Fxq "set_your_domain_name" $COMPLETION_FILE; then
return return
fi fi
function_check set_hostname function_check set_hostname
set_hostname $DEFAULT_DOMAIN_NAME set_hostname $DEFAULT_DOMAIN_NAME
echo 'set_your_domain_name' >> $COMPLETION_FILE echo 'set_your_domain_name' >> $COMPLETION_FILE
} }
# NOTE: deliberately no exit 0 # NOTE: deliberately no exit 0

View File

@ -106,7 +106,7 @@ function configure_firewall_ping {
return return
fi fi
# Only allow ping for mesh installs # Only allow ping for mesh installs
if [[ $SYSTEM_TYPE != "$VARIANT_MESH" ]]; then if [[ $SYSTEM_TYPE != "mesh"* ]]; then
return return
fi fi
iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
@ -225,7 +225,7 @@ function configure_internet_protocol {
if grep -Fxq "configure_internet_protocol" $COMPLETION_FILE; then if grep -Fxq "configure_internet_protocol" $COMPLETION_FILE; then
return return
fi fi
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return return
fi fi
sed -i "s/#net.ipv4.tcp_syncookies=1/net.ipv4.tcp_syncookies=1/g" /etc/sysctl.conf sed -i "s/#net.ipv4.tcp_syncookies=1/net.ipv4.tcp_syncookies=1/g" /etc/sysctl.conf

View File

@ -193,10 +193,6 @@ function mesh_upgrade_golang {
} }
function upgrade_golang { function upgrade_golang {
if [[ $SYSTEM_TYPE == "$VARIANT_WRITER" || $SYSTEM_TYPE == "$VARIANT_MAILBOX" || $SYSTEM_TYPE == "$VARIANT_CLOUD" || $SYSTEM_TYPE == "$VARIANT_SOCIAL" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
return
fi
if grep -Fxq "upgrade_golang:$GO_VERSION" $COMPLETION_FILE; then if grep -Fxq "upgrade_golang:$GO_VERSION" $COMPLETION_FILE; then
return return
fi fi

View File

@ -66,15 +66,6 @@ function show_help {
echo $' --ns2 Second DNS nameserver' echo $' --ns2 Second DNS nameserver'
echo $' --repo Debian repository' echo $' --repo Debian repository'
echo '' echo ''
echo $'system types'
echo '------------'
echo $'This can either be blank if you wish to install the full system,'
echo $"or for more specialised variants you can specify '$VARIANT_MAILBOX', '$VARIANT_CLOUD',"
echo $"'$VARIANT_CHAT', '$VARIANT_SOCIAL', '$VARIANT_MEDIA', '$VARIANT_WRITER', '$VARIANT_DEVELOPER'"
echo $"or '$VARIANT_MESH'."
echo ''
echo $"If you wish to install everything except email then use the '$VARIANT_NONMAILBOX' variaint."
echo ''
exit 0 exit 0
} }

View File

@ -29,81 +29,81 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
function interactive_configuration_remote_backups { function interactive_configuration_remote_backups {
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return return
fi fi
if [ ! -f /usr/local/bin/${PROJECT_NAME}-remote ]; then if [ ! -f /usr/local/bin/${PROJECT_NAME}-remote ]; then
if [ ! -f /usr/bin/${PROJECT_NAME}-remote ]; then if [ ! -f /usr/bin/${PROJECT_NAME}-remote ]; then
echo $"The command ${PROJECT_NAME}-remote was not found" echo $"The command ${PROJECT_NAME}-remote was not found"
exit 87354 exit 87354
fi fi
fi fi
${PROJECT_NAME}-remote -u $MY_USERNAME -l $FRIENDS_SERVERS_LIST -m $MINIMUM_PASSWORD_LENGTH -r yes ${PROJECT_NAME}-remote -u $MY_USERNAME -l $FRIENDS_SERVERS_LIST -m $MINIMUM_PASSWORD_LENGTH -r yes
if [ ! "$?" = "0" ]; then if [ ! "$?" = "0" ]; then
echo $'Command failed:' echo $'Command failed:'
echo '' echo ''
echo $" ${PROJECT_NAME}-remote -u $MY_USERNAME -l $FRIENDS_SERVERS_LIST -m $MINIMUM_PASSWORD_LENGTH -r yes" echo $" ${PROJECT_NAME}-remote -u $MY_USERNAME -l $FRIENDS_SERVERS_LIST -m $MINIMUM_PASSWORD_LENGTH -r yes"
echo '' echo ''
exit 65892 exit 65892
fi fi
} }
function interactive_configuration { function interactive_configuration {
if [ ! -f /usr/local/bin/${PROJECT_NAME}-config ]; then if [ ! -f /usr/local/bin/${PROJECT_NAME}-config ]; then
if [ ! -f /usr/bin/${PROJECT_NAME}-config ]; then if [ ! -f /usr/bin/${PROJECT_NAME}-config ]; then
echo $"The command ${PROJECT_NAME}-config was not found" echo $"The command ${PROJECT_NAME}-config was not found"
exit 63935 exit 63935
fi fi
fi fi
if [ -f /tmp/meshuserdevice ]; then if [ -f /tmp/meshuserdevice ]; then
rm -f /tmp/meshuserdevice rm -f /tmp/meshuserdevice
fi fi
if [[ $ONION_ONLY == "no" ]]; then if [[ $ONION_ONLY == "no" ]]; then
if [[ $MINIMAL_INSTALL == "no" ]]; then if [[ $MINIMAL_INSTALL == "no" ]]; then
${PROJECT_NAME}-config \ ${PROJECT_NAME}-config \
-f $CONFIGURATION_FILE \ -f $CONFIGURATION_FILE \
-w $PROJECT_WEBSITE \ -w $PROJECT_WEBSITE \
-m $MINIMUM_PASSWORD_LENGTH -m $MINIMUM_PASSWORD_LENGTH
else else
${PROJECT_NAME}-config \ ${PROJECT_NAME}-config \
-f $CONFIGURATION_FILE \ -f $CONFIGURATION_FILE \
-w $PROJECT_WEBSITE \ -w $PROJECT_WEBSITE \
-m $MINIMUM_PASSWORD_LENGTH \ -m $MINIMUM_PASSWORD_LENGTH \
--minimal "yes" --minimal "yes"
fi fi
else else
${PROJECT_NAME}-config \ ${PROJECT_NAME}-config \
-f $CONFIGURATION_FILE \ -f $CONFIGURATION_FILE \
-w $PROJECT_WEBSITE \ -w $PROJECT_WEBSITE \
-m $MINIMUM_PASSWORD_LENGTH \ -m $MINIMUM_PASSWORD_LENGTH \
--onion "yes" --onion "yes"
fi fi
if [ -f /tmp/meshuserdevice ]; then if [ -f /tmp/meshuserdevice ]; then
# mesh network user device installation # mesh network user device installation
rm -f /tmp/meshuserdevice rm -f /tmp/meshuserdevice
exit 0 exit 0
fi fi
if [ ! "$?" = "0" ]; then if [ ! "$?" = "0" ]; then
echo $'Command failed:' echo $'Command failed:'
echo '' echo ''
echo $" ${PROJECT_NAME}-config -u $MY_USERNAME -f $CONFIGURATION_FILE -w $PROJECT_WEBSITE -b $PROJECT_BITMESSAGE -m $MINIMUM_PASSWORD_LENGTH --minimal [yes|no]" echo $" ${PROJECT_NAME}-config -u $MY_USERNAME -f $CONFIGURATION_FILE -w $PROJECT_WEBSITE -b $PROJECT_BITMESSAGE -m $MINIMUM_PASSWORD_LENGTH --minimal [yes|no]"
echo '' echo ''
exit 73594 exit 73594
fi fi
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [[ $SYSTEM_TYPE == "mesh"* ]]; then
FRIENDS_SERVERS_LIST=/home/$MY_USERNAME/backup.list FRIENDS_SERVERS_LIST=/home/$MY_USERNAME/backup.list
dialog --title $"Encrypted backup to other servers" \ dialog --title $"Encrypted backup to other servers" \
--backtitle $"${PROJECT_NAME} Configuration" \ --backtitle $"${PROJECT_NAME} Configuration" \
--defaultno \ --defaultno \
--yesno $"\nDo you wish to configure some remote backup locations?" 7 60 --yesno $"\nDo you wish to configure some remote backup locations?" 7 60
sel=$? sel=$?
case $sel in case $sel in
0) interactive_configuration_remote_backups;; 0) interactive_configuration_remote_backups;;
esac esac
fi fi
} }
# NOTE: deliberately no exit 0 # NOTE: deliberately no exit 0

View File

@ -29,58 +29,24 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
function change_login_message { function change_login_message {
if grep -Fxq "change_login_message" $COMPLETION_FILE; then if grep -Fxq "change_login_message" $COMPLETION_FILE; then
return return
fi fi
# remove automatic motd creator if it exists # remove automatic motd creator if it exists
if [ -f /etc/init.d/motd ]; then if [ -f /etc/init.d/motd ]; then
rm -f /etc/init.d/motd rm -f /etc/init.d/motd
fi fi
echo '' > /etc/motd echo '' > /etc/motd
echo ".---. . . " >> /etc/motd echo ".---. . . " >> /etc/motd
echo "| | | " >> /etc/motd echo "| | | " >> /etc/motd
echo "|--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-. " >> /etc/motd echo "|--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-. " >> /etc/motd
echo "| | (.-' (.-' ( | ( )| | | | )( )| | (.-' " >> /etc/motd echo "| | (.-' (.-' ( | ( )| | | | )( )| | (.-' " >> /etc/motd
echo "' ' --' --' -' - -' ' ' -' -' -' ' - --'" >> /etc/motd echo "' ' --' --' -' - -' ' ' -' -' -' ' - --'" >> /etc/motd
echo $' Freedom in the Cloud' >> /etc/motd
if [[ $SYSTEM_TYPE == "$VARIANT_MAILBOX" ]]; then echo '' >> /etc/motd
echo $' M A I L B O X E D I T I O N' >> /etc/motd echo 'change_login_message' >> $COMPLETION_FILE
fi
if [[ $SYSTEM_TYPE == "$VARIANT_SOCIAL" ]]; then
echo $' S O C I A L E D I T I O N' >> /etc/motd
fi
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" ]]; then
echo $' C H A T E D I T I O N' >> /etc/motd
fi
if [[ $SYSTEM_TYPE == "$VARIANT_CLOUD" ]]; then
echo $' C L O U D E D I T I O N' >> /etc/motd
fi
if [[ $SYSTEM_TYPE == "$VARIANT_WRITER" ]]; then
echo $' W R I T E R E D I T I O N ' >> /etc/motd
fi
if [[ $SYSTEM_TYPE == "$VARIANT_MEDIA" ]]; then
echo $' M E D I A E D I T I O N' >> /etc/motd
fi
if [[ $SYSTEM_TYPE == "$VARIANT_DEVELOPER" ]]; then
echo $' D E V E L O P E R E D I T I O N' >> /etc/motd
fi
echo '' >> /etc/motd
if [[ $SYSTEM_TYPE != "$VARIANT_MESH" ]]; then
echo $' Freedom in the Cloud' >> /etc/motd
else
echo $' Freedom in the Mesh' >> /etc/motd
fi
echo '' >> /etc/motd
echo 'change_login_message' >> $COMPLETION_FILE
} }
# NOTE: deliberately no exit 0 # NOTE: deliberately no exit 0

View File

@ -134,7 +134,7 @@ function set_default_onion_domains {
} }
function create_avahi_onion_domains { function create_avahi_onion_domains {
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return return
fi fi
if [ ! -d /etc/avahi/services ]; then if [ ! -d /etc/avahi/services ]; then
@ -159,7 +159,7 @@ function create_avahi_onion_domains {
} }
function allow_ssh_to_onion_address { function allow_ssh_to_onion_address {
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return return
fi fi
if [ ! -d /home/$MY_USERNAME/.ssh ]; then if [ ! -d /home/$MY_USERNAME/.ssh ]; then
@ -176,7 +176,7 @@ function allow_ssh_to_onion_address {
} }
function enable_ssh_via_onion { function enable_ssh_via_onion {
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return return
fi fi
if grep -Fxq "enable_ssh_via_onion" $COMPLETION_FILE; then if grep -Fxq "enable_ssh_via_onion" $COMPLETION_FILE; then
@ -206,7 +206,7 @@ function configure_ssh_onion {
if grep -Fxq "configure_ssh_onion" $COMPLETION_FILE; then if grep -Fxq "configure_ssh_onion" $COMPLETION_FILE; then
return return
fi fi
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return return
fi fi
@ -222,7 +222,7 @@ function configure_ssh_onion {
} }
function install_tor { function install_tor {
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [[ $SYSTEM_TYPE == "mesh*" ]]; then
return return
fi fi
if grep -Fxq "install_tor" $COMPLETION_FILE; then if grep -Fxq "install_tor" $COMPLETION_FILE; then
@ -237,7 +237,7 @@ function install_tor {
} }
function resolve_dns_via_tor { function resolve_dns_via_tor {
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return return
fi fi
if grep -Fxq "resolve_dns_via_tor" $COMPLETION_FILE; then if grep -Fxq "resolve_dns_via_tor" $COMPLETION_FILE; then

View File

@ -110,6 +110,20 @@ function available_system_variants {
done done
} }
function is_valid_variant {
sys_type="$1"
available_variants_list=()
available_system_variants
for variant_str in "${available_variants_list[@]}"
do
if [[ "$sys_type" == "$variant_str" ]]; then
return "1"
fi
done
return "0"
}
# mark a given app as having been removed so that it doesn't get reinstalled on updates # mark a given app as having been removed so that it doesn't get reinstalled on updates
function remove_app { function remove_app {
app_name=$1 app_name=$1

View File

@ -32,23 +32,10 @@ if [ ! $PROJECT_NAME ]; then
PROJECT_NAME='freedombone' PROJECT_NAME='freedombone'
fi fi
# Different system variants which may be specified within
# the SYSTEM_TYPE option
VARIANT_FULL="full"
VARIANT_WRITER="writer"
VARIANT_CLOUD="cloud"
VARIANT_CHAT="chat"
VARIANT_MAILBOX="mailbox"
VARIANT_NONMAILBOX="nonmailbox"
VARIANT_SOCIAL="social"
VARIANT_MEDIA="media"
VARIANT_DEVELOPER="developer"
VARIANT_MESH="mesh"
DEFAULT_DOMAIN_NAME= DEFAULT_DOMAIN_NAME=
DEFAULT_DOMAIN_CODE= DEFAULT_DOMAIN_CODE=
MY_USERNAME= MY_USERNAME=
SYSTEM_TYPE=$VARIANT_FULL SYSTEM_TYPE="full"
# An optional configuration file which overrides some of these variables # An optional configuration file which overrides some of these variables
CONFIGURATION_FILE="${PROJECT_NAME}.cfg" CONFIGURATION_FILE="${PROJECT_NAME}.cfg"
@ -121,37 +108,36 @@ function search_for_attached_usb_drive {
mkdir $USB_MOUNT mkdir $USB_MOUNT
mount $USB_DRIVE $USB_MOUNT mount $USB_DRIVE $USB_MOUNT
fi fi
if ! [[ $SYSTEM_TYPE == "$VARIANT_WRITER" || $SYSTEM_TYPE == "$VARIANT_CLOUD" || $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_SOCIAL" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_DEVELOPER" || $SYSTEM_TYPE == "$VARIANT_MESH" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" ]]; then if [ -d $USB_MOUNT/Maildir ]; then
if [ -d $USB_MOUNT/Maildir ]; then echo $'Maildir found on USB drive'
echo $'Maildir found on USB drive' IMPORT_MAILDIR=$USB_MOUNT/Maildir
IMPORT_MAILDIR=$USB_MOUNT/Maildir fi
fi if [ -d $USB_MOUNT/.gnupg ]; then
if [ -d $USB_MOUNT/.gnupg ]; then echo $'Importing GPG keyring'
echo $'Importing GPG keyring' cp -r $USB_MOUNT/.gnupg /home/$MY_USERNAME
cp -r $USB_MOUNT/.gnupg /home/$MY_USERNAME chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg GPG_KEYS_IMPORTED="yes"
GPG_KEYS_IMPORTED="yes" if [ ! -f /home/$MY_USERNAME/.gnupg/secring.gpg ]; then
if [ ! -f /home/$MY_USERNAME/.gnupg/secring.gpg ]; then echo $'GPG files did not copy'
echo $'GPG files did not copy' exit 73529
exit 73529
fi
fi
if [ -f $USB_MOUNT/.procmailrc ]; then
echo $'Importing procmail settings'
cp $USB_MOUNT/.procmailrc /home/$MY_USERNAME
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.procmailrc
fi
if [ -f $USB_MOUNT/private_key.gpg ]; then
echo $'GPG private key found on USB drive'
MY_GPG_PRIVATE_KEY=$USB_MOUNT/private_key.gpg
fi
if [ -f $USB_MOUNT/public_key.gpg ]; then
echo $'GPG public key found on USB drive'
MY_GPG_PUBLIC_KEY=$USB_MOUNT/public_key.gpg
fi fi
fi fi
if [ -f $USB_MOUNT/.procmailrc ]; then
echo $'Importing procmail settings'
cp $USB_MOUNT/.procmailrc /home/$MY_USERNAME
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.procmailrc
fi
if [ -f $USB_MOUNT/private_key.gpg ]; then
echo $'GPG private key found on USB drive'
MY_GPG_PRIVATE_KEY=$USB_MOUNT/private_key.gpg
fi
if [ -f $USB_MOUNT/public_key.gpg ]; then
echo $'GPG public key found on USB drive'
MY_GPG_PUBLIC_KEY=$USB_MOUNT/public_key.gpg
fi
if [ -d $USB_MOUNT/prosody ]; then if [ -d $USB_MOUNT/prosody ]; then
if [ ! -d $XMPP_DIRECTORY ]; then if [ ! -d $XMPP_DIRECTORY ]; then
mkdir $XMPP_DIRECTORY mkdir $XMPP_DIRECTORY

View File

@ -43,88 +43,88 @@ TLSDATE_REPO="https://github.com/bashrc/tlsdate"
TLSDATE_COMMIT='505e31540eebde8074e7dc93b29be0d848def06a' TLSDATE_COMMIT='505e31540eebde8074e7dc93b29be0d848def06a'
function check_date { function check_date {
curr_date=$(date) curr_date=$(date)
if [[ $curr_date == *"1970"* ]]; then if [[ $curr_date == *"1970"* ]]; then
apt-get -y install ntp apt-get -y install ntp
fi fi
} }
function time_synchronisation { function time_synchronisation {
# mesh peers typically don't sync over the internet # mesh peers typically don't sync over the internet
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return return
fi fi
if [ -f /usr/local/bin/${PROJECT_NAME}-update-date ]; then if [ -f /usr/local/bin/${PROJECT_NAME}-update-date ]; then
cp /usr/local/bin/${PROJECT_NAME}-update-date /usr/bin/updatedate cp /usr/local/bin/${PROJECT_NAME}-update-date /usr/bin/updatedate
else else
cp /usr/bin/${PROJECT_NAME}-update-date /usr/bin/updatedate cp /usr/bin/${PROJECT_NAME}-update-date /usr/bin/updatedate
fi fi
chmod +x /usr/bin/updatedate chmod +x /usr/bin/updatedate
if grep -Fxq "time_synchronisation" $COMPLETION_FILE; then if grep -Fxq "time_synchronisation" $COMPLETION_FILE; then
return return
fi fi
apt-get -y install tlsdate apt-get -y install tlsdate
apt-get -y remove ntpdate apt-get -y remove ntpdate
function_check cron_add_mins function_check cron_add_mins
cron_add_mins 15 '/usr/bin/updatedate' cron_add_mins 15 '/usr/bin/updatedate'
systemctl restart cron systemctl restart cron
echo 'time_synchronisation' >> $COMPLETION_FILE echo 'time_synchronisation' >> $COMPLETION_FILE
} }
function time_synchronisation_tlsdate { function time_synchronisation_tlsdate {
# mesh peers typically don't sync over the internet # mesh peers typically don't sync over the internet
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return return
fi fi
if [ -f /usr/local/bin/${PROJECT_NAME}-update-date ]; then if [ -f /usr/local/bin/${PROJECT_NAME}-update-date ]; then
cp /usr/local/bin/${PROJECT_NAME}-update-date /usr/bin/updatedate cp /usr/local/bin/${PROJECT_NAME}-update-date /usr/bin/updatedate
else else
cp /usr/bin/${PROJECT_NAME}-update-date /usr/bin/updatedate cp /usr/bin/${PROJECT_NAME}-update-date /usr/bin/updatedate
fi fi
chmod +x /usr/bin/updatedate chmod +x /usr/bin/updatedate
if [ ! -d $INSTALL_DIR ]; then if [ ! -d $INSTALL_DIR ]; then
mkdir -p $INSTALL_DIR mkdir -p $INSTALL_DIR
fi fi
set_repo_commit $INSTALL_DIR/tlsdate "tlsdate commit" "$TLSDATE_COMMIT" $TLSDATE_REPO set_repo_commit $INSTALL_DIR/tlsdate "tlsdate commit" "$TLSDATE_COMMIT" $TLSDATE_REPO
if grep -Fxq "time_synchronisation_tlsdate" $COMPLETION_FILE; then if grep -Fxq "time_synchronisation_tlsdate" $COMPLETION_FILE; then
return return
fi fi
apt-get -y remove tlsdate ntpdate apt-get -y remove tlsdate ntpdate
apt-get -y install build-essential autoconf libevent-dev apt-get -y install build-essential autoconf libevent-dev
apt-get -y install pkg-config libtool libssl-dev apt-get -y install pkg-config libtool libssl-dev
cd $INSTALL_DIR cd $INSTALL_DIR
function_check git_clone function_check git_clone
git_clone $TLSDATE_REPO $INSTALL_DIR/tlsdate git_clone $TLSDATE_REPO $INSTALL_DIR/tlsdate
cd $INSTALL_DIR/tlsdate cd $INSTALL_DIR/tlsdate
git checkout $TLSDATE_COMMIT -b $TLSDATE_COMMIT git checkout $TLSDATE_COMMIT -b $TLSDATE_COMMIT
./autogen.sh ./autogen.sh
./configure ./configure
if [ ! "$?" = "0" ]; then if [ ! "$?" = "0" ]; then
echo $'Unable to configure tlsdate' echo $'Unable to configure tlsdate'
exit 6825277 exit 6825277
fi fi
make make
if [ ! "$?" = "0" ]; then if [ ! "$?" = "0" ]; then
echo $'Unable to build tlsdate' echo $'Unable to build tlsdate'
exit 3792726 exit 3792726
fi fi
make install make install
function_check cron_add_mins function_check cron_add_mins
cron_add_mins 15 '/usr/bin/updatedate' cron_add_mins 15 '/usr/bin/updatedate'
echo 'time_synchronisation_tlsdate' >> $COMPLETION_FILE echo 'time_synchronisation_tlsdate' >> $COMPLETION_FILE
} }
# NOTE: deliberately no exit 0 # NOTE: deliberately no exit 0

View File

@ -321,7 +321,7 @@ function install_web_server_access_control {
} }
function install_dynamicdns { function install_dynamicdns {
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return return
fi fi
if [[ $ONION_ONLY != "no" ]]; then if [[ $ONION_ONLY != "no" ]]; then
@ -439,9 +439,6 @@ function install_web_server {
mesh_web_server mesh_web_server
return return
fi fi
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" ]]; then
return
fi
# update to the next commit # update to the next commit
function_check set_repo_commit function_check set_repo_commit

View File

@ -40,7 +40,7 @@ WIFI_NETWORKS_FILE=~/${PROJECT_NAME}-wifi.cfg
ATHEROS_WIFI_REPO="https://github.com/qca/open-ath9k-htc-firmware.git" ATHEROS_WIFI_REPO="https://github.com/qca/open-ath9k-htc-firmware.git"
function setup_wifi { function setup_wifi {
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return return
fi fi
if [ ! $WIFI_SSID ]; then if [ ! $WIFI_SSID ]; then