Revert "Remove tahoelafs site password"

This reverts commit 5bab5cded6.
This commit is contained in:
Bob Mottram 2017-03-09 22:40:46 +00:00
parent be4efcfbf5
commit e2af0792d6
3 changed files with 64 additions and 15 deletions

View File

@ -30,9 +30,9 @@ Using cursor keys, space bar and Enter key select *Administrator controls* and t
Select *Add/Remove Apps* then *tahoelafs*. This system is entirely based upon use of onion addresses and so no other demaon names are needed. Select *Add/Remove Apps* then *tahoelafs*. This system is entirely based upon use of onion addresses and so no other demaon names are needed.
* Initial setup * Initial setup
Go to the *About* screen on the *Administrator control panel* and look for the onion address for *tahoelafs* within the list of domains. Enter that into a Tor compatible browser. You can then use the interface to upload files and obtain URLs for them. Get the login password for your Tahoe-LAFS system by going to *Passwords* on the *Administrator control panel* and selecting *tahoelafs*.
The URL contains the public key needed to decrypt the file. Make a copy of it and then store it somewhere safe, because it won't be stored anywhere else by default and having the URL is the only way to retrieve your file. Go to the *About* screen on the *Administrator control panel* and look for the onion address for *tahoelafs* within the list of domains. Enter that into a Tor compatible browser. along with your username and the tahoelafs password. You can then use the interface to upload files and obtain URLs for them. The URL contains the public key needed to decrypt the file.
* Adding more servers * Adding more servers
You can add more servers to the system to increase its storage capacity. In a typical Tahoe-LAFS new data storage servers are automatically discovered via an introducer node, but that creates a single centralised point of failure. The installation on Freedombone has no introducer node and so details for the servers of your friends need to be entered manually. You can add more servers to the system to increase its storage capacity. In a typical Tahoe-LAFS new data storage servers are automatically discovered via an introducer node, but that creates a single centralised point of failure. The installation on Freedombone has no introducer node and so details for the servers of your friends need to be entered manually.

View File

@ -15,7 +15,7 @@
# License # License
# ======= # =======
# #
# Copyright (C) 2016-2017 Bob Mottram <bob@freedombone.net> # Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
# #
# This program is free software: you can redistribute it and/or modify # This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by # it under the terms of the GNU Affero General Public License as published by
@ -58,6 +58,40 @@ tahoelafs_variables=(ONION_ONLY
TAHOELAFS_SHARES_HAPPY TAHOELAFS_SHARES_HAPPY
TAHOELAFS_SHARES_TOTAL) TAHOELAFS_SHARES_TOTAL)
function add_user_tahoelafs {
if [[ $(app_is_installed tahoelafs) == "0" ]]; then
echo '0'
return
fi
new_username="$1"
new_user_password="$2"
${PROJECT_NAME}-pass -u $new_username -a tahoelafs -p "$new_user_password"
if grep "${new_username}:" /etc/nginx/.htpasswd-tahoelafs; then
sed -i '/${new_username}:/d' /etc/nginx/.htpasswd-tahoelafs
fi
echo "${new_user_password}" | htpasswd -i -s /etc/nginx/.htpasswd-tahoelafs ${new_username}
echo '0'
}
function remove_user_tahoelafs {
remove_username="$1"
${PROJECT_NAME}-pass -u $remove_username --rmapp tahoelafs
if grep "${remove_username}:" /etc/nginx/.htpasswd-tahoelafs; then
sed -i '/${remove_username}:/d' /etc/nginx/.htpasswd-tahoelafs
fi
}
function change_password_tahoelafs {
change_username="$1"
change_password="$2"
${PROJECT_NAME}-pass -u $change_username -a tahoelafs -p "$change_password"
if grep "${change_username}:" /etc/nginx/.htpasswd-tahoelafs; then
sed -i '/tahoe-${change_username}:/d' /etc/nginx/.htpasswd-tahoelafs
fi
echo "${change_password}" | htpasswd -i -s /etc/nginx/.htpasswd-tahoelafs ${change_username}
}
function add_tahoelafs_storage_node_interactive { function add_tahoelafs_storage_node_interactive {
data=$(tempfile 2>/dev/null) data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15 trap "rm -f $data" 0 1 2 5 15
@ -350,6 +384,9 @@ function remove_tahoelafs {
rm -rf /home/tahoelafs rm -rf /home/tahoelafs
fi fi
remove_app tahoelafs remove_app tahoelafs
if [ -f /etc/nginx/.htpasswd-tahoelafs ]; then
shred -zu /etc/nginx/.htpasswd-tahoelafs
fi
systemctl reload tor systemctl reload tor
} }
@ -566,6 +603,8 @@ function create_tahoelafs_web {
echo " root /var/www/tahoelafs/htdocs;" >> $tahoelafs_nginx_site echo " root /var/www/tahoelafs/htdocs;" >> $tahoelafs_nginx_site
echo '' >> $tahoelafs_nginx_site echo '' >> $tahoelafs_nginx_site
echo ' location / {' >> $tahoelafs_nginx_site echo ' location / {' >> $tahoelafs_nginx_site
echo " # auth_basic \"${TAHOELAFS_LOGIN_TEXT}\";" >> $tahoelafs_nginx_site
echo ' # auth_basic_user_file /etc/nginx/.htpasswd-tahoelafs;' >> $tahoelafs_nginx_site
function_check nginx_limits function_check nginx_limits
nginx_limits tahoelafs '15m' nginx_limits tahoelafs '15m'
echo ' rewrite /(.*) /$1 break;' >> $tahoelafs_nginx_site echo ' rewrite /(.*) /$1 break;' >> $tahoelafs_nginx_site
@ -578,6 +617,16 @@ function create_tahoelafs_web {
echo ' }' >> $tahoelafs_nginx_site echo ' }' >> $tahoelafs_nginx_site
echo '}' >> $tahoelafs_nginx_site echo '}' >> $tahoelafs_nginx_site
TAHOELAFS_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
${PROJECT_NAME}-pass -u $MY_USERNAME -a tahoelafs -p "$TAHOELAFS_ADMIN_PASSWORD"
if [ ! -f /etc/nginx/.htpasswd-tahoelafs ]; then
touch /etc/nginx/.htpasswd-tahoelafs
fi
if grep "${MY_USERNAME}:" /etc/nginx/.htpasswd-tahoelafs; then
sed -i '/${MY_USERNAME}:/d' /etc/nginx/.htpasswd-tahoelafs
fi
echo "${TAHOELAFS_ADMIN_PASSWORD}" | htpasswd -i -s /etc/nginx/.htpasswd-tahoelafs ${MY_USERNAME}
function_check nginx_ensite function_check nginx_ensite
nginx_ensite tahoelafs nginx_ensite tahoelafs
systemctl reload nginx systemctl reload nginx

View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2017-03-09 Thu 19:21 --> <!-- 2017-03-09 Thu 22:39 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title> <title></title>
@ -251,9 +251,9 @@ for the JavaScript code in this tag.
This is a robust system for encrypted file storage on one or more server. Files are accessed via a URL which contains the public key with which it was encrypted. This is a robust system for encrypted file storage on one or more server. Files are accessed via a URL which contains the public key with which it was encrypted.
</p> </p>
<div id="outline-container-org820575c" class="outline-2"> <div id="outline-container-org852db43" class="outline-2">
<h2 id="org820575c">Installation</h2> <h2 id="org852db43">Installation</h2>
<div class="outline-text-2" id="text-org820575c"> <div class="outline-text-2" id="text-org852db43">
<p> <p>
Log into your system with: Log into your system with:
</p> </p>
@ -273,22 +273,22 @@ Select <b>Add/Remove Apps</b> then <b>tahoelafs</b>. This system is entirely bas
</div> </div>
</div> </div>
<div id="outline-container-org4af4c28" class="outline-2"> <div id="outline-container-org11f3747" class="outline-2">
<h2 id="org4af4c28">Initial setup</h2> <h2 id="org11f3747">Initial setup</h2>
<div class="outline-text-2" id="text-org4af4c28"> <div class="outline-text-2" id="text-org11f3747">
<p> <p>
Go to the <b>About</b> screen on the <b>Administrator control panel</b> and look for the onion address for <b>tahoelafs</b> within the list of domains. Enter that into a Tor compatible browser. You can then use the interface to upload files and obtain URLs for them. Get the login password for your Tahoe-LAFS system by going to <b>Passwords</b> on the <b>Administrator control panel</b> and selecting <b>tahoelafs</b>.
</p> </p>
<p> <p>
The URL contains the public key needed to decrypt the file. Make a copy of it and then store it somewhere safe, because it won't be stored anywhere else by default and having the URL is the only way to retrieve your file. Go to the <b>About</b> screen on the <b>Administrator control panel</b> and look for the onion address for <b>tahoelafs</b> within the list of domains. Enter that into a Tor compatible browser. along with your username and the tahoelafs password. You can then use the interface to upload files and obtain URLs for them. The URL contains the public key needed to decrypt the file.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org0225e9a" class="outline-2"> <div id="outline-container-org2810eb5" class="outline-2">
<h2 id="org0225e9a">Adding more servers</h2> <h2 id="org2810eb5">Adding more servers</h2>
<div class="outline-text-2" id="text-org0225e9a"> <div class="outline-text-2" id="text-org2810eb5">
<p> <p>
You can add more servers to the system to increase its storage capacity. In a typical Tahoe-LAFS new data storage servers are automatically discovered via an introducer node, but that creates a single centralised point of failure. The installation on Freedombone has no introducer node and so details for the servers of your friends need to be entered manually. You can add more servers to the system to increase its storage capacity. In a typical Tahoe-LAFS new data storage servers are automatically discovered via an introducer node, but that creates a single centralised point of failure. The installation on Freedombone has no introducer node and so details for the servers of your friends need to be entered manually.
</p> </p>