Use global image password if it is available
This commit is contained in:
parent
af1f72a7a4
commit
26a61c49ec
|
@ -69,6 +69,11 @@ CONFIGURATION_FILE="freedombone.cfg"
|
||||||
SSH_PORT=2222
|
SSH_PORT=2222
|
||||||
IRC_PORT=6697
|
IRC_PORT=6697
|
||||||
|
|
||||||
|
# If this file exists it contains a global password used with
|
||||||
|
# disk image installs. This simplifies password management for
|
||||||
|
# deployment at scale
|
||||||
|
IMAGE_PASSWORD_FILE=/root/login.txt
|
||||||
|
|
||||||
# parameters used when adding a new domain
|
# parameters used when adding a new domain
|
||||||
DDNS_PROVIDER="default@freedns.afraid.org"
|
DDNS_PROVIDER="default@freedns.afraid.org"
|
||||||
DDNS_USERNAME=
|
DDNS_USERNAME=
|
||||||
|
@ -8288,7 +8293,11 @@ function install_mariadb {
|
||||||
|
|
||||||
get_mariadb_password
|
get_mariadb_password
|
||||||
if [ ! $MARIADB_PASSWORD ]; then
|
if [ ! $MARIADB_PASSWORD ]; then
|
||||||
MARIADB_PASSWORD="$(openssl rand -base64 32)"
|
if [ -f $IMAGE_PASSWORD_FILE ]; then
|
||||||
|
MARIADB_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
|
||||||
|
else
|
||||||
|
MARIADB_PASSWORD="$(openssl rand -base64 32)"
|
||||||
|
fi
|
||||||
echo "$MARIADB_PASSWORD" > $DATABASE_PASSWORD_FILE
|
echo "$MARIADB_PASSWORD" > $DATABASE_PASSWORD_FILE
|
||||||
chmod 600 $DATABASE_PASSWORD_FILE
|
chmod 600 $DATABASE_PASSWORD_FILE
|
||||||
|
|
||||||
|
@ -8544,7 +8553,11 @@ function install_owncloud {
|
||||||
|
|
||||||
get_mariadb_owncloud_admin_password
|
get_mariadb_owncloud_admin_password
|
||||||
if [ ! $OWNCLOUD_ADMIN_PASSWORD ]; then
|
if [ ! $OWNCLOUD_ADMIN_PASSWORD ]; then
|
||||||
OWNCLOUD_ADMIN_PASSWORD="$(openssl rand -base64 32)"
|
if [ -f $IMAGE_PASSWORD_FILE ]; then
|
||||||
|
OWNCLOUD_ADMIN_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
|
||||||
|
else
|
||||||
|
OWNCLOUD_ADMIN_PASSWORD="$(openssl rand -base64 32)"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if ! grep -q "Owncloud database user" /home/$MY_USERNAME/README; then
|
if ! grep -q "Owncloud database user" /home/$MY_USERNAME/README; then
|
||||||
|
@ -8799,7 +8812,11 @@ function install_gogs {
|
||||||
|
|
||||||
get_mariadb_git_admin_password
|
get_mariadb_git_admin_password
|
||||||
if [ ! $GIT_ADMIN_PASSWORD ]; then
|
if [ ! $GIT_ADMIN_PASSWORD ]; then
|
||||||
GIT_ADMIN_PASSWORD="$(openssl rand -base64 32)"
|
if [ -f $IMAGE_PASSWORD_FILE ]; then
|
||||||
|
GIT_ADMIN_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
|
||||||
|
else
|
||||||
|
GIT_ADMIN_PASSWORD="$(openssl rand -base64 32)"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if ! grep -q "Gogs admin user password" /home/$MY_USERNAME/README; then
|
if ! grep -q "Gogs admin user password" /home/$MY_USERNAME/README; then
|
||||||
|
@ -9237,7 +9254,11 @@ function install_xmpp {
|
||||||
touch /home/$MY_USERNAME/README
|
touch /home/$MY_USERNAME/README
|
||||||
|
|
||||||
if ! grep -q "Your XMPP password is" /home/$MY_USERNAME/README; then
|
if ! grep -q "Your XMPP password is" /home/$MY_USERNAME/README; then
|
||||||
XMPP_PASSWORD="$(openssl rand -base64 8)"
|
if [ -f $IMAGE_PASSWORD_FILE ]; then
|
||||||
|
XMPP_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
|
||||||
|
else
|
||||||
|
XMPP_PASSWORD="$(openssl rand -base64 8)"
|
||||||
|
fi
|
||||||
prosodyctl register $MY_USERNAME $DEFAULT_DOMAIN_NAME $XMPP_PASSWORD
|
prosodyctl register $MY_USERNAME $DEFAULT_DOMAIN_NAME $XMPP_PASSWORD
|
||||||
echo '' >> /home/$MY_USERNAME/README
|
echo '' >> /home/$MY_USERNAME/README
|
||||||
echo '' >> /home/$MY_USERNAME/README
|
echo '' >> /home/$MY_USERNAME/README
|
||||||
|
@ -9319,7 +9340,11 @@ function install_irc_server {
|
||||||
sed -i 's|;KeyFile = /etc/ngircd/#chan.key|KeyFile = /etc/ngircd/#freedombone.key|g' /etc/ngircd/ngircd.conf
|
sed -i 's|;KeyFile = /etc/ngircd/#chan.key|KeyFile = /etc/ngircd/#freedombone.key|g' /etc/ngircd/ngircd.conf
|
||||||
sed -i 's/;CloakHost = cloaked.host/CloakHost = freedombone/g' /etc/ngircd/ngircd.conf
|
sed -i 's/;CloakHost = cloaked.host/CloakHost = freedombone/g' /etc/ngircd/ngircd.conf
|
||||||
IRC_SALT="$(openssl rand -base64 32)"
|
IRC_SALT="$(openssl rand -base64 32)"
|
||||||
IRC_OPERATOR_PASSWORD="$(openssl rand -base64 8)"
|
if [ -f $IMAGE_PASSWORD_FILE ]; then
|
||||||
|
IRC_OPERATOR_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
|
||||||
|
else
|
||||||
|
IRC_OPERATOR_PASSWORD="$(openssl rand -base64 8)"
|
||||||
|
fi
|
||||||
sed -i "s|;CloakHostSalt = abcdefghijklmnopqrstuvwxyz|CloakHostSalt = $IRC_SALT|g" /etc/ngircd/ngircd.conf
|
sed -i "s|;CloakHostSalt = abcdefghijklmnopqrstuvwxyz|CloakHostSalt = $IRC_SALT|g" /etc/ngircd/ngircd.conf
|
||||||
sed -i 's/;ConnectIPv4 = yes/ConnectIPv4 = yes/g' /etc/ngircd/ngircd.conf
|
sed -i 's/;ConnectIPv4 = yes/ConnectIPv4 = yes/g' /etc/ngircd/ngircd.conf
|
||||||
sed -i 's/;MorePrivacy = no/MorePrivacy = yes/g' /etc/ngircd/ngircd.conf
|
sed -i 's/;MorePrivacy = no/MorePrivacy = yes/g' /etc/ngircd/ngircd.conf
|
||||||
|
@ -9442,7 +9467,11 @@ function install_wiki {
|
||||||
|
|
||||||
get_wiki_admin_password
|
get_wiki_admin_password
|
||||||
if [ ! $WIKI_ADMIN_PASSWORD ]; then
|
if [ ! $WIKI_ADMIN_PASSWORD ]; then
|
||||||
WIKI_ADMIN_PASSWORD="$(openssl rand -base64 16)"
|
if [ -f $IMAGE_PASSWORD_FILE ]; then
|
||||||
|
WIKI_ADMIN_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
|
||||||
|
else
|
||||||
|
WIKI_ADMIN_PASSWORD="$(openssl rand -base64 16)"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
HASHED_WIKI_PASSWORD=$(echo -n "$WIKI_ADMIN_PASSWORD" | md5sum | awk -F ' ' '{print $1}')
|
HASHED_WIKI_PASSWORD=$(echo -n "$WIKI_ADMIN_PASSWORD" | md5sum | awk -F ' ' '{print $1}')
|
||||||
echo -n "$MY_USERNAME:$HASHED_WIKI_PASSWORD:$MY_NAME:$MY_EMAIL:admin,user,upload" > /var/lib/dokuwiki/acl/users.auth.php
|
echo -n "$MY_USERNAME:$HASHED_WIKI_PASSWORD:$MY_NAME:$MY_EMAIL:admin,user,upload" > /var/lib/dokuwiki/acl/users.auth.php
|
||||||
|
@ -9878,7 +9907,11 @@ function install_blog {
|
||||||
# create a user password
|
# create a user password
|
||||||
get_blog_admin_password
|
get_blog_admin_password
|
||||||
if [ ! $FULLBLOG_ADMIN_PASSWORD ]; then
|
if [ ! $FULLBLOG_ADMIN_PASSWORD ]; then
|
||||||
FULLBLOG_ADMIN_PASSWORD="$(openssl rand -base64 16)"
|
if [ -f $IMAGE_PASSWORD_FILE ]; then
|
||||||
|
FULLBLOG_ADMIN_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
|
||||||
|
else
|
||||||
|
FULLBLOG_ADMIN_PASSWORD="$(openssl rand -base64 16)"
|
||||||
|
fi
|
||||||
echo '' >> /home/$MY_USERNAME/README
|
echo '' >> /home/$MY_USERNAME/README
|
||||||
echo '' >> /home/$MY_USERNAME/README
|
echo '' >> /home/$MY_USERNAME/README
|
||||||
echo 'HTMLy Blog' >> /home/$MY_USERNAME/README
|
echo 'HTMLy Blog' >> /home/$MY_USERNAME/README
|
||||||
|
@ -9950,7 +9983,11 @@ function install_gnu_social {
|
||||||
|
|
||||||
get_mariadb_gnusocial_admin_password
|
get_mariadb_gnusocial_admin_password
|
||||||
if [ ! $MICROBLOG_ADMIN_PASSWORD ]; then
|
if [ ! $MICROBLOG_ADMIN_PASSWORD ]; then
|
||||||
MICROBLOG_ADMIN_PASSWORD="$(openssl rand -base64 32)"
|
if [ -f $IMAGE_PASSWORD_FILE ]; then
|
||||||
|
MICROBLOG_ADMIN_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
|
||||||
|
else
|
||||||
|
MICROBLOG_ADMIN_PASSWORD="$(openssl rand -base64 32)"
|
||||||
|
fi
|
||||||
echo '' >> /home/$MY_USERNAME/README
|
echo '' >> /home/$MY_USERNAME/README
|
||||||
echo '' >> /home/$MY_USERNAME/README
|
echo '' >> /home/$MY_USERNAME/README
|
||||||
echo 'GNU Social' >> /home/$MY_USERNAME/README
|
echo 'GNU Social' >> /home/$MY_USERNAME/README
|
||||||
|
@ -10225,7 +10262,11 @@ function install_hubzilla {
|
||||||
|
|
||||||
get_mariadb_hubzilla_admin_password
|
get_mariadb_hubzilla_admin_password
|
||||||
if [ ! $HUBZILLA_ADMIN_PASSWORD ]; then
|
if [ ! $HUBZILLA_ADMIN_PASSWORD ]; then
|
||||||
HUBZILLA_ADMIN_PASSWORD="$(openssl rand -base64 32)"
|
if [ -f $IMAGE_PASSWORD_FILE ]; then
|
||||||
|
HUBZILLA_ADMIN_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
|
||||||
|
else
|
||||||
|
HUBZILLA_ADMIN_PASSWORD="$(openssl rand -base64 32)"
|
||||||
|
fi
|
||||||
echo '' >> /home/$MY_USERNAME/README
|
echo '' >> /home/$MY_USERNAME/README
|
||||||
echo '' >> /home/$MY_USERNAME/README
|
echo '' >> /home/$MY_USERNAME/README
|
||||||
echo 'Hubzilla' >> /home/$MY_USERNAME/README
|
echo 'Hubzilla' >> /home/$MY_USERNAME/README
|
||||||
|
@ -11270,10 +11311,14 @@ function install_voip {
|
||||||
|
|
||||||
get_voip_server_password
|
get_voip_server_password
|
||||||
if [ ! $VOIP_SERVER_PASSWORD ]; then
|
if [ ! $VOIP_SERVER_PASSWORD ]; then
|
||||||
VOIP_SERVER_PASSWORD="$(openssl rand -base64 16)"
|
if [ -f $IMAGE_PASSWORD_FILE ]; then
|
||||||
fi
|
VOIP_SERVER_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
|
||||||
if [ ${#VOIP_SERVER_PASSWORD} -lt $MINIMUM_PASSWORD_LENGTH ]; then
|
else
|
||||||
VOIP_SERVER_PASSWORD="$(openssl rand -base64 16)"
|
VOIP_SERVER_PASSWORD="$(openssl rand -base64 16)"
|
||||||
|
if [ ${#VOIP_SERVER_PASSWORD} -lt $MINIMUM_PASSWORD_LENGTH ]; then
|
||||||
|
VOIP_SERVER_PASSWORD="$(openssl rand -base64 16)"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Make an ssl cert for the server
|
# Make an ssl cert for the server
|
||||||
|
@ -11357,7 +11402,11 @@ function install_sip {
|
||||||
|
|
||||||
get_sip_server_password
|
get_sip_server_password
|
||||||
if [ ! $SIP_SERVER_PASSWORD ]; then
|
if [ ! $SIP_SERVER_PASSWORD ]; then
|
||||||
SIP_SERVER_PASSWORD="$(openssl rand -base64 10)"
|
if [ -f $IMAGE_PASSWORD_FILE ]; then
|
||||||
|
SIP_SERVER_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
|
||||||
|
else
|
||||||
|
SIP_SERVER_PASSWORD="$(openssl rand -base64 10)"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo '<?xml version="1.0"?>' > /etc/sipwitch.conf
|
echo '<?xml version="1.0"?>' > /etc/sipwitch.conf
|
||||||
|
|
Loading…
Reference in New Issue