#!/bin/bash # # .---. . . # | | | # |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-. # | | (.-' (.-' ( | ( )| | | | )( )| | (.-' # ' ' --' --' -' - -' ' ' -' -' -' ' - --' # # Freedom in the Cloud # # IRC server application # # License # ======= # # Copyright (C) 2014-2016 Bob Mottram # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Affero General Public License for more details. # # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . VARIANTS='full full-vim chat' IN_DEFAULT_INSTALL=1 SHOW_ON_ABOUT=1 IRC_PORT=6697 IRC_ONION_PORT=6697 # An optional password to log into IRC. This applies to all users IRC_PASSWORD= irc_variables=(MY_USERNAME MY_NAME IRC_PORT IRC_PASSWORD DEFAULT_DOMAIN_NAME INSTALLED_WITHIN_DOCKER ONION_ONLY) function remove_user_irc { remove_username="$1" if [ -d /home/${remove_username}/.irssi ]; then rm -rf /home/${remove_username}/.irssi fi if [ -d /home/${remove_username}/irclogs ]; then rm -rf /home/${remove_username}/irclogs fi } function add_user_irc { new_username="$1" new_user_password="$2" IRC_PASSWORD=$(cat /etc/ngircd/ngircd.conf | grep "Password =" | head -n 1 | awk -F '=' '{print $2}') if [ ${#IRC_PASSWORD} -lt 2 ]; then IRC_PASSWORD= fi if [ ! -d /home/${new_username}/.irssi ]; then mkdir /home/${new_username}/.irssi fi echo 'servers = (' > /home/${new_username}/.irssi/config echo ' {' >> /home/${new_username}/.irssi/config echo ' address = "chat.freenode.net";' >> /home/${new_username}/.irssi/config echo ' chatnet = "Freenode";' >> /home/${new_username}/.irssi/config echo ' port = "6667";' >> /home/${new_username}/.irssi/config echo ' autoconnect = "no";' >> /home/${new_username}/.irssi/config echo ' },' >> /home/${new_username}/.irssi/config echo ' {' >> /home/${new_username}/.irssi/config echo ' address = "irc.oftc.net";' >> /home/${new_username}/.irssi/config echo ' chatnet = "OFTC";' >> /home/${new_username}/.irssi/config echo ' port = "6667";' >> /home/${new_username}/.irssi/config echo ' autoconnect = "yes";' >> /home/${new_username}/.irssi/config echo ' },' >> /home/${new_username}/.irssi/config echo ' {' >> /home/${new_username}/.irssi/config echo " address = \"${HOSTNAME}\";" >> /home/${new_username}/.irssi/config echo ' chatnet = "Freedombone";' >> /home/${new_username}/.irssi/config echo " port = \"${IRC_PORT}\";" >> /home/${new_username}/.irssi/config echo ' use_ssl = "yes";' >> /home/${new_username}/.irssi/config echo ' ssl_verify = "no";' >> /home/${new_username}/.irssi/config echo ' autoconnect = "yes";' >> /home/${new_username}/.irssi/config echo ' }' >> /home/${new_username}/.irssi/config echo ');' >> /home/${new_username}/.irssi/config echo '' >> /home/${new_username}/.irssi/config echo 'chatnets = {' >> /home/${new_username}/.irssi/config echo ' Freedombone = {' >> /home/${new_username}/.irssi/config echo ' type = "IRC";' >> /home/${new_username}/.irssi/config echo ' max_kicks = "1";' >> /home/${new_username}/.irssi/config echo ' max_msgs = "4";' >> /home/${new_username}/.irssi/config echo ' max_whois = "1";' >> /home/${new_username}/.irssi/config echo ' };' >> /home/${new_username}/.irssi/config echo ' Freenode = {' >> /home/${new_username}/.irssi/config echo ' type = "IRC";' >> /home/${new_username}/.irssi/config echo ' max_kicks = "1";' >> /home/${new_username}/.irssi/config echo ' max_msgs = "4";' >> /home/${new_username}/.irssi/config echo ' max_whois = "1";' >> /home/${new_username}/.irssi/config echo ' };' >> /home/${new_username}/.irssi/config echo ' OFTC = {' >> /home/${new_username}/.irssi/config echo ' type = "IRC";' >> /home/${new_username}/.irssi/config echo ' max_kicks = "1";' >> /home/${new_username}/.irssi/config echo ' max_msgs = "1";' >> /home/${new_username}/.irssi/config echo ' max_whois = "1";' >> /home/${new_username}/.irssi/config echo ' };' >> /home/${new_username}/.irssi/config echo '};' >> /home/${new_username}/.irssi/config echo '' >> /home/${new_username}/.irssi/config echo 'channels = (' >> /home/${new_username}/.irssi/config echo ' { name = "#freedombone"; chatnet = "Freedombone"; autojoin = "Yes"; },' >> /home/${new_username}/.irssi/config echo ');' >> /home/${new_username}/.irssi/config echo '' >> /home/${new_username}/.irssi/config echo 'settings = {' >> /home/${new_username}/.irssi/config echo " core = { real_name = \"$MY_NAME\"; user_name = \"$new_username\"; nick = \"$new_username\"; };" >> /home/${new_username}/.irssi/config echo ' "fe-text" = { actlist_sort = "refnum"; };' >> /home/${new_username}/.irssi/config echo '};' >> /home/$new_username/.irssi/config echo 'ignores = ( { level = "CTCPS"; } );' >> /home/${new_username}/.irssi/config chown -R ${new_username}:${new_username} /home/${new_username}/.irssi echo '0' } function run_client_irc { irssi } function irc_show_password { IRC_PASSWORD=$(cat /etc/ngircd/ngircd.conf | grep "Password =" | head -n 1 | awk -F '=' '{print $2}') dialog --title $"IRC Password" \ --msgbox "$IRC_PASSWORD" 6 40 } function irc_set_global_password { dialog --title $"IRC Password" \ --clear \ --backtitle $"Freedombone Control Panel" \ --passwordbox $"Password for all IRC users, or press Enter for no password" 10 50 2> $data sel=$? case $sel in 0) EXISTING_IRC_PASSWORD=$(cat /etc/ngircd/ngircd.conf | grep "Password =" | head -n 1 | awk -F '=' '{print $2}') NEW_IRC_PASSWORD=$(<$data) sed -i "0,/RE/s/Password =.*/Password =$NEW_IRC_PASSWORD/" /etc/ngircd/ngircd.conf # replace the password for all users for d in /home/*/ ; do IRC_USERNAME=$(echo "$d" | awk -F '/' '{print $3}') if [[ $(is_valid_user "$IRC_USERNAME") == "1" ]]; then if [ -f /home/${IRC_USERNAME}/.irssi/config ]; then sed -i "s|$EXISTING_IRC_PASSWORD|$NEW_IRC_PASSWORD|g" /home/${IRC_USERNAME}/.irssi/config chown -R ${IRC_USERNAME}:${IRC_USERNAME} /home/${IRC_USERNAME}/.irssi fi fi done # restart the daemon for the new password to take effect systemctl restart ngircd dialog --title $"IRC Password" \ --msgbox $"The IRC password was changed" 6 40 ;; esac } function configure_interactive_irc { if [ ! -d /etc/ngircd ]; then dialog --title $"IRC Menu" \ --msgbox $"No IRC server is installed" 6 70 return fi while true do data=$(tempfile 2>/dev/null) trap "rm -f $data" 0 1 2 5 15 dialog --backtitle $"Freedombone Control Panel" \ --title $"IRC Menu" \ --radiolist $"Choose an operation:" 14 70 4 \ 1 $"Set a password for all IRC users" off \ 2 $"Show current IRC login password" off \ 3 $"Exit" on 2> $data sel=$? case $sel in 1) break;; 255) break;; esac case $(cat $data) in 1) irc_set_global_password;; 2) irc_show_password;; 3) break;; esac done } function install_interactive_irc { echo -n '' APP_INSTALLED=1 } function change_password_irc { echo -n '' } function reconfigure_irc { echo -n '' } function upgrade_irc { echo -n '' } function backup_local_irc { echo -n '' } function restore_local_irc { echo -n '' } function backup_remote_irc { echo -n '' } function restore_remote_irc { echo -n '' } function remove_irc { remove_watchdog_daemon ngircd systemctl stop ngircd apt-get -y remove --purge ngircd apt-get -y remove --purge irssi if [ -d /etc/ngircd ]; then rm -rf /etc/ngircd fi iptables -D INPUT -p tcp --dport 1024:65535 --sport ${IRC_PORT} -j ACCEPT function_check save_firewall_settings save_firewall_settings firewall_remove ${IRC_PORT} tcp function_check remove_onion_service remove_onion_service irc ${IRC_ONION_PORT} remove_completion_param install_irc remove_completion_param configure_firewall_for_irc sed -i '/IRC /d' ${COMPLETION_FILE} } function configure_firewall_for_irc { if [ ! -d /etc/ngircd ]; then return fi if [[ $(is_completed $FUNCNAME) == "1" ]]; then return fi if [[ ${INSTALLED_WITHIN_DOCKER} == "yes" ]]; then # docker does its own firewalling return fi if [[ ${ONION_ONLY} != "no" ]]; then return fi iptables -I INPUT -p tcp --dport 1024:65535 --sport ${IRC_PORT} -j ACCEPT function_check save_firewall_settings save_firewall_settings firewall_add IRC ${IRC_PORT} tcp echo 'configure_firewall_for_irc' >> ${COMPLETION_FILE} } function install_irc_server { if [[ $(app_is_installed irc_server) == "1" ]]; then return fi apt-get -y install ngircd if [ ! -d /etc/ngircd ]; then echo $"ERROR: ngircd does not appear to have installed. $CHECK_MESSAGE" exit 53 fi if [ ! -f /etc/ssl/certs/ngircd.dhparam ]; then ${PROJECT_NAME}-addcert -h ngircd --dhkey ${DH_KEYLENGTH} function_check check_certificates check_certificates ngircd fi DEFAULTDOMAIN=${DEFAULT_DOMAIN_NAME} # create a login password if needed if [ ! ${IRC_PASSWORD} ]; then IRC_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})" fi echo '**************************************************' > /etc/ngircd/motd echo $'* F R E E D O M B O N E I R C *' >> /etc/ngircd/motd echo '* *' >> /etc/ngircd/motd echo $'* Freedom in the Cloud *' >> /etc/ngircd/motd echo '**************************************************' >> /etc/ngircd/motd sed -i 's|MotdFile = /etc/ngircd/ngircd.motd|MotdFile = /etc/ngircd/motd|g' /etc/ngircd/ngircd.conf sed -i "s/irc@irc.example.com/$MY_EMAIL_ADDRESS/g" /etc/ngircd/ngircd.conf sed -i "s/irc.example.net/$DEFAULTDOMAIN/g" /etc/ngircd/ngircd.conf sed -i "s|Yet another IRC Server running on Debian GNU/Linux|IRC Server of $DEFAULTDOMAIN|g" /etc/ngircd/ngircd.conf sed -i 's/;Password = wealllikedebian/Password =/g' /etc/ngircd/ngircd.conf sed -i 's|;CertFile = /etc/ssl/certs/server.crt|CertFile = /etc/ssl/certs/ngircd.crt|g' /etc/ngircd/ngircd.conf sed -i 's|;DHFile = /etc/ngircd/dhparams.pem|DHFile = /etc/ssl/certs/ngircd.dhparam|g' /etc/ngircd/ngircd.conf sed -i 's|;KeyFile = /etc/ssl/private/server.key|KeyFile = /etc/ssl/private/ngircd.key|g' /etc/ngircd/ngircd.conf sed -i "s/;Ports =.*/Ports = ${IRC_PORT}/1" /etc/ngircd/ngircd.conf sed -i "s/;Ports =.*/Ports = ${IRC_PORT}/2" /etc/ngircd/ngircd.conf sed -i "s/;Name = #ngircd/Name = #${PROJECT_NAME}/g" /etc/ngircd/ngircd.conf sed -i "s/;Topic = Our ngircd testing channel/Topic = ${PROJECT_NAME} chat channel/g" /etc/ngircd/ngircd.conf sed -i 's/;MaxUsers = 23/MaxUsers = 23/g' /etc/ngircd/ngircd.conf sed -i "s|;KeyFile = /etc/ngircd/#chan.key|KeyFile = /etc/ngircd/#${PROJECT_NAME}.key|g" /etc/ngircd/ngircd.conf sed -i "s/;CloakHost = cloaked.host/CloakHost = ${PROJECT_NAME}/g" /etc/ngircd/ngircd.conf IRC_SALT="$(create_password 30)" if [ -f ${IMAGE_PASSWORD_FILE} ]; then IRC_OPERATOR_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)" else IRC_OPERATOR_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})" fi sed -i "s|;CloakHostSalt = abcdefghijklmnopqrstuvwxyz|CloakHostSalt = $IRC_SALT|g" /etc/ngircd/ngircd.conf sed -i 's/;ConnectIPv4 = yes/ConnectIPv4 = yes/g' /etc/ngircd/ngircd.conf sed -i 's/;MorePrivacy = no/MorePrivacy = yes/g' /etc/ngircd/ngircd.conf sed -i 's/;RequireAuthPing = no/RequireAuthPing = no/g' /etc/ngircd/ngircd.conf sed -i "s/;Name = TheOper/Name = $MY_USERNAME/g" /etc/ngircd/ngircd.conf sed -i "s/;Password = ThePwd/Password = $IRC_OPERATOR_PASSWORD/g" /etc/ngircd/ngircd.conf sed -i 's|;Listen =.*|Listen = 0.0.0.0,0.0.0.0:9050,127.0.0.1,127.0.0.1:9050|g' /etc/ngircd/ngircd.conf if [ ${IRC_PASSWORD} ]; then sed -i "0,/RE/s/Password =.*/Password =$IRC_PASSWORD/" /etc/ngircd/ngircd.conf fi # upgrade a cypher sed -i 's|SECURE128|SECURE256|g' /etc/ngircd/ngircd.conf mkdir /var/run/ircd chown -R irc:irc /var/run/ircd mkdir /var/run/ngircd touch /var/run/ngircd/ngircd.pid chown -R irc:irc /var/run/ngircd IRC_ONION_HOSTNAME=$(add_onion_service irc ${IRC_PORT} ${IRC_ONION_PORT}) systemctl restart ngircd add_watchdog_daemon ngircd if ! grep -q $"IRC Server" /home/${MY_USERNAME}/README; then echo '' >> /home/${MY_USERNAME}/README echo '' >> /home/${MY_USERNAME}/README echo $'IRC Server' >> /home/${MY_USERNAME}/README echo '==========' >> /home/${MY_USERNAME}/README echo $'To connect to your IRC server in irssi:' >> /home/${MY_USERNAME}/README echo '' >> /home/${MY_USERNAME}/README if [[ ${ONION_ONLY} != 'yes' ]]; then echo " irssi" >> /home/${MY_USERNAME}/README echo " /server add -auto -ssl $DEFAULTDOMAIN $IRC_PORT" >> /home/${MY_USERNAME}/README echo " /connect $DEFAULT_DOMAIN_NAME" >> /home/${MY_USERNAME}/README else echo " usetorwith irssi" >> /home/${MY_USERNAME}/README echo " /server add -auto $IRC_ONION_HOSTNAME $IRC_PORT" >> /home/${MY_USERNAME}/README echo " /connect $IRC_ONION_HOSTNAME" >> /home/${MY_USERNAME}/README fi echo " /join #${PROJECT_NAME}" >> /home/${MY_USERNAME}/README chown ${MY_USERNAME}:${MY_USERNAME} /home/${MY_USERNAME}/README chmod 600 /home/${MY_USERNAME}/README fi function_check configure_firewall_for_irc configure_firewall_for_irc install_completed irc_server } function install_irc_client { if [[ $(app_is_installed irc_client) == "1" ]]; then return fi apt-get -y install irssi if [ ! -d /home/${MY_USERNAME}/.irssi ]; then mkdir /home/${MY_USERNAME}/.irssi fi echo 'servers = (' > /home/${MY_USERNAME}/.irssi/config echo ' {' >> /home/${MY_USERNAME}/.irssi/config echo ' address = "chat.freenode.net";' >> /home/${MY_USERNAME}/.irssi/config echo ' chatnet = "Freenode";' >> /home/${MY_USERNAME}/.irssi/config echo ' port = "6667";' >> /home/${MY_USERNAME}/.irssi/config echo ' autoconnect = "no";' >> /home/${MY_USERNAME}/.irssi/config echo ' },' >> /home/${MY_USERNAME}/.irssi/config echo ' {' >> /home/${MY_USERNAME}/.irssi/config echo ' address = "irc.oftc.net";' >> /home/${MY_USERNAME}/.irssi/config echo ' chatnet = "OFTC";' >> /home/${MY_USERNAME}/.irssi/config echo ' port = "6667";' >> /home/${MY_USERNAME}/.irssi/config echo ' autoconnect = "yes";' >> /home/${MY_USERNAME}/.irssi/config echo ' },' >> /home/${MY_USERNAME}/.irssi/config echo ' {' >> /home/${MY_USERNAME}/.irssi/config echo " address = \"127.0.0.1\";" >> /home/${MY_USERNAME}/.irssi/config if [[ ${ONION_ONLY} == 'no' ]]; then echo " port = \"${IRC_PORT}\";" >> /home/${MY_USERNAME}/.irssi/config echo ' use_ssl = "yes";' >> /home/${MY_USERNAME}/.irssi/config else IRC_ONION_HOSTNAME=$(cat ${COMPLETION_FILE} | grep "irc onion domain" | head -n 1 | awk -F ':' '{print $2}') echo " port = \"${IRC_ONION_PORT}\";" >> /home/${MY_USERNAME}/.irssi/config echo ' use_ssl = "no";' >> /home/${MY_USERNAME}/.irssi/config fi echo ' chatnet = "Freedombone";' >> /home/${MY_USERNAME}/.irssi/config echo ' ssl_verify = "no";' >> /home/${MY_USERNAME}/.irssi/config echo ' autoconnect = "yes";' >> /home/${MY_USERNAME}/.irssi/config if [ ${IRC_PASSWORD} ]; then echo " password = \"${IRC_PASSWORD}\";" >> /home/${MY_USERNAME}/.irssi/config fi echo ' }' >> /home/${MY_USERNAME}/.irssi/config echo ');' >> /home/${MY_USERNAME}/.irssi/config echo '' >> /home/${MY_USERNAME}/.irssi/config echo 'chatnets = {' >> /home/${MY_USERNAME}/.irssi/config echo ' Freedombone = {' >> /home/${MY_USERNAME}/.irssi/config echo ' type = "IRC";' >> /home/${MY_USERNAME}/.irssi/config echo ' max_kicks = "1";' >> /home/${MY_USERNAME}/.irssi/config echo ' max_msgs = "4";' >> /home/${MY_USERNAME}/.irssi/config echo ' max_whois = "1";' >> /home/${MY_USERNAME}/.irssi/config echo ' };' >> /home/${MY_USERNAME}/.irssi/config echo ' Freenode = {' >> /home/${MY_USERNAME}/.irssi/config echo ' type = "IRC";' >> /home/${MY_USERNAME}/.irssi/config echo ' max_kicks = "1";' >> /home/${MY_USERNAME}/.irssi/config echo ' max_msgs = "4";' >> /home/${MY_USERNAME}/.irssi/config echo ' max_whois = "1";' >> /home/${MY_USERNAME}/.irssi/config echo ' };' >> /home/${MY_USERNAME}/.irssi/config echo ' OFTC = {' >> /home/${MY_USERNAME}/.irssi/config echo ' type = "IRC";' >> /home/${MY_USERNAME}/.irssi/config echo ' max_kicks = "1";' >> /home/${MY_USERNAME}/.irssi/config echo ' max_msgs = "1";' >> /home/${MY_USERNAME}/.irssi/config echo ' max_whois = "1";' >> /home/${MY_USERNAME}/.irssi/config echo ' };' >> /home/${MY_USERNAME}/.irssi/config echo '};' >> /home/${MY_USERNAME}/.irssi/config echo '' >> /home/${MY_USERNAME}/.irssi/config echo 'channels = (' >> /home/${MY_USERNAME}/.irssi/config echo ' { name = "#freedombone"; chatnet = "Freedombone"; autojoin = "Yes"; },' >> /home/${MY_USERNAME}/.irssi/config echo ');' >> /home/${MY_USERNAME}/.irssi/config echo '' >> /home/${MY_USERNAME}/.irssi/config echo 'settings = {' >> /home/${MY_USERNAME}/.irssi/config echo " core = { real_name = \"$MY_NAME\"; user_name = \"$MY_USERNAME\"; nick = \"$MY_USERNAME\"; };" >> /home/${MY_USERNAME}/.irssi/config echo ' "fe-text" = { actlist_sort = "refnum"; };' >> /home/${MY_USERNAME}/.irssi/config echo '};' >> /home/${MY_USERNAME}/.irssi/config echo 'ignores = ( { level = "CTCPS"; } );' >> /home/${MY_USERNAME}/.irssi/config chown -R ${MY_USERNAME}:${MY_USERNAME} /home/${MY_USERNAME}/.irssi install_completed irc_client } function install_irc { install_irc_server install_irc_client APP_INSTALLED=1 } # NOTE: deliberately no exit 0