#!/bin/bash # # .---. . . # | | | # |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-. # | | (.-' (.-' ( | ( )| | | | )( )| | (.-' # ' ' --' --' -' - -' ' ' -' -' -' ' - --' # # Freedom in the Cloud # # scuttlebot pub application. Enables nat traversal for SSB. # https://scuttlebot.io # # License # ======= # # Copyright (C) 2017 Bob Mottram # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Affero General Public License for more details. # # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see . VARIANTS='full full-vim social' IN_DEFAULT_INSTALL=0 SHOW_ON_ABOUT=0 SHOW_ICANN_ADDRESS_ON_ABOUT=0 SCUTTLEBOT_DOMAIN_NAME= SCUTTLEBOT_CODE= SCUTTLEBOT_VERSION='10.4.6' SCUTTLEBOT_PORT=8010 SCUTTLEBOT_ONION_PORT=8623 GIT_SSB_PORT=7718 NGINX_GIT_SSB_PORT=7719 scuttlebot_variables=(MY_USERNAME SCUTTLEBOT_DOMAIN_NAME SCUTTLEBOT_CODE DEFAULT_DOMAIN_NAME SYSTEM_TYPE) function logging_on_scuttlebot { echo -n '' } function logging_off_scuttlebot { echo -n '' } function scuttlebot_create_invite { invite_string=$(su -c "sbot invite.create 1" - scuttlebot | sed 's/"//g') clear echo -e '\n\nYour Scuttlebot invite code is:\n\n'${invite_string}'\n\n' read -n1 -r -p $"Press any key to continue..." key } function configure_interactive_scuttlebot { while true do data=$(tempfile 2>/dev/null) trap "rm -f $data" 0 1 2 5 15 dialog --backtitle $"Freedombone Control Panel" \ --title $"Scuttlebot" \ --radiolist $"Choose an operation:" 10 50 2 \ 1 $"Create an invite" off \ 2 $"Exit" on 2> $data sel=$? case $sel in 1) return;; 255) return;; esac case $(cat $data) in 1) scuttlebot_create_invite;; 2) break;; esac done } function remove_user_scuttlebot { remove_username="$1" } function add_user_scuttlebot { new_username="$1" new_user_password="$2" echo '0' } function install_interactive_scuttlebot { if [[ $ONION_ONLY != "no" ]]; then SCUTTLEBOT_DOMAIN_NAME='scuttlebot.local' write_config_param "SCUTTLEBOT_DOMAIN_NAME" "$SCUTTLEBOT_DOMAIN_NAME" else function_check interactive_site_details interactive_site_details scuttlebot fi APP_INSTALLED=1 } function change_password_scuttlebot { new_username="$1" new_user_password="$2" echo '0' } function reconfigure_scuttlebot { if [ -d /etc/scuttlebot/.ssb ]; then systemctl stop scuttlebot rm -rf /etc/scuttlebot/.ssb systemctl start scuttlebot fi } function upgrade_scuttlebot { if ! grep -q 'scuttlebot version:' $COMPLETION_FILE; then return fi CURR_SCUTTLEBOT_VERSION=$(get_completion_param "scuttlebot version") echo "scuttlebot current version: ${CURR_SCUTTLEBOT_VERSION}" echo "scuttlebot app version: ${SCUTTLEBOT_VERSION}" if [[ "${CURR_SCUTTLEBOT_VERSION}" == "${SCUTTLEBOT_VERSION}" ]]; then return fi npm upgrade -g scuttlebot@${SCUTTLEBOT_VERSION} --save if [ ! "$?" = "0" ]; then return fi sed -i "s|scuttlebot version.*|scuttlebot version:${SCUTTLEBOT_VERSION}|g" ${COMPLETION_FILE} } function backup_local_scuttlebot { if [ -d /etc/scuttlebot/.ssb ]; then systemctl stop scuttlebot function_check backup_directory_to_usb backup_directory_to_usb /etc/scuttlebot/.ssb scuttlebot systemctl start scuttlebot fi } function restore_local_scuttlebot { if [ -d /etc/scuttlebot ]; then systemctl stop scuttlebot temp_restore_dir=/root/tempscuttlebot function_check restore_directory_from_usb restore_directory_from_usb $temp_restore_dir scuttlebot if [ -d $temp_restore_dir/etc/scuttlebot/.ssb ]; then cp -r $temp_restore_dir/etc/scuttlebot/.ssb /etc/scuttlebot/ else cp -r $temp_restore_dir/* /etc/scuttlebot/.ssb/* fi systemctl start scuttlebot rm -rf $temp_restore_dir fi } function backup_remote_scuttlebot { if [ -d /etc/scuttlebot/.ssb ]; then systemctl stop scuttlebot function_check backup_directory_to_friend backup_directory_to_friend /etc/scuttlebot/.ssb scuttlebot systemctl start scuttlebot fi } function restore_remote_scuttlebot { if [ -d /etc/scuttlebot ]; then systemctl stop scuttlebot temp_restore_dir=/root/tempscuttlebot function_check restore_directory_from_friend restore_directory_from_friend $temp_restore_dir scuttlebot if [ -d $temp_restore_dir/etc/scuttlebot/.ssb ]; then cp -r $temp_restore_dir/etc/scuttlebot/.ssb /etc/scuttlebot/ else cp -r $temp_restore_dir/* /etc/scuttlebot/.ssb/* fi systemctl start scuttlebot rm -rf $temp_restore_dir fi } function remove_scuttlebot { firewall_remove ${SCUTTLEBOT_PORT} firewall_remove ${GIT_SSB_PORT} if [ $SCUTTLEBOT_DOMAIN_NAME ]; then nginx_dissite ${SCUTTLEBOT_DOMAIN_NAME} rm /etc/nginx/sites-available/${SCUTTLEBOT_DOMAIN_NAME} fi systemctl stop git_ssb systemctl stop scuttlebot systemctl disable git_ssb systemctl disable scuttlebot rm /etc/systemd/system/git_ssb.service rm /etc/systemd/system/scuttlebot.service systemctl daemon-reload userdel -r scuttlebot if [ -d /etc/scuttlebot ]; then rm -rf /etc/scuttlebot fi if [ -f /usr/bin/git-ssb-create ]; then rm /usr/bin/git-ssb-create fi remove_completion_param install_scuttlebot sed -i '/scuttlebot /d' $COMPLETION_FILE } function git_ssb_script { if [[ "$1" == "mesh" ]]; then git_ssb_script_name=$rootdir/usr/bin/git-ssb-create git_ssb_daemon_filename=$rootdir/etc/systemd/system/git_ssb.service else git_ssb_script_name=/usr/bin/git-ssb-create git_ssb_daemon_filename=/etc/systemd/system/git_ssb.service fi echo '#!/bin/bash' > $git_ssb_script_name echo 'reponame="$1"' >> $git_ssb_script_name echo '' >> $git_ssb_script_name echo 'if [[ "$reponame" != "" ]]; then' >> $git_ssb_script_name echo ' mkdir $reponame' >> $git_ssb_script_name echo ' cd $reponame' >> $git_ssb_script_name echo ' git init' >> $git_ssb_script_name echo ' git ssb create ssb $reponame' >> $git_ssb_script_name echo ' git push --tags ssb master' >> $git_ssb_script_name echo 'fi' >> $git_ssb_script_name echo 'exit 0' >> $git_ssb_script_name chmod +x $git_ssb_script_name echo '[Unit]' > $git_ssb_daemon_filename echo 'Description=Git SSB (SSB git web interface)' >> $git_ssb_daemon_filename echo 'After=syslog.target' >> $git_ssb_daemon_filename echo 'After=network.target' >> $git_ssb_daemon_filename echo 'After=scuttlebot.target' >> $git_ssb_daemon_filename echo '' >> $git_ssb_daemon_filename echo '[Service]' >> $git_ssb_daemon_filename echo 'Type=simple' >> $git_ssb_daemon_filename echo 'User=scuttlebot' >> $git_ssb_daemon_filename echo 'Group=scuttlebot' >> $git_ssb_daemon_filename echo "WorkingDirectory=/etc/scuttlebot" >> $git_ssb_daemon_filename echo "ExecStart=/usr/bin/git ssb web --public localhost:$GIT_SSB_PORT" >> $git_ssb_daemon_filename echo 'Restart=always' >> $git_ssb_daemon_filename echo 'Environment="USER=scuttlebot"' >> $git_ssb_daemon_filename echo '' >> $git_ssb_daemon_filename echo '[Install]' >> $git_ssb_daemon_filename echo 'WantedBy=multi-user.target' >> $git_ssb_daemon_filename } function scuttlebot_git_setup { if [[ "$1" == "mesh" ]]; then if [ ! -d $rootdir/usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight ]; then mkdir $rootdir/usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight fi if [ ! -f $rootdir/usr/local/lib/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css ]; then echo $'Could not find foundation.css' exit 347687245 fi cp $rootdir/usr/local/lib/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css $rootdir/usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight/foundation.css git_ssb_nginx_site=$rootdir/etc/nginx/sites-available/git_ssb echo 'server {' > $git_ssb_nginx_site echo " listen $NGINX_GIT_SSB_PORT default_server;" >> $git_ssb_nginx_site echo " server_name P${PEER_ID}.local;" >> $git_ssb_nginx_site echo '' >> $git_ssb_nginx_site echo ' access_log /dev/null;' >> $git_ssb_nginx_site echo ' error_log /dev/null;' >> $git_ssb_nginx_site echo '' >> $git_ssb_nginx_site echo ' add_header X-XSS-Protection "1; mode=block";' >> $git_ssb_nginx_site echo ' add_header X-Content-Type-Options nosniff;' >> $git_ssb_nginx_site echo ' add_header X-Frame-Options SAMEORIGIN;' >> $git_ssb_nginx_site else if [ ! $SCUTTLEBOT_DOMAIN_NAME ]; then exit 7357225 fi if [ ! -d /usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight ]; then mkdir /usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight fi if [ ! -f /usr/local/lib/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css ]; then echo $'Could not find foundation.css' exit 347687245 fi cp /usr/local/lib/node_modules/git-ssb/node_modules/highlight.js/styles/foundation.css /usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web/highlight/foundation.css git_ssb_nginx_site=/etc/nginx/sites-available/${SCUTTLEBOT_DOMAIN_NAME} function_check nginx_http_redirect nginx_http_redirect $SCUTTLEBOT_DOMAIN_NAME "index index.html" echo 'server {' >> $git_ssb_nginx_site echo ' listen 443 ssl;' >> $git_ssb_nginx_site echo ' listen [::]:443 ssl;' >> $git_ssb_nginx_site echo " server_name $SCUTTLEBOT_DOMAIN_NAME;" >> $git_ssb_nginx_site echo '' >> $git_ssb_nginx_site function_check nginx_compress nginx_compress $SCUTTLEBOT_DOMAIN_NAME echo '' >> $git_ssb_nginx_site echo ' # Security' >> $git_ssb_nginx_site function_check nginx_ssl nginx_ssl $SCUTTLEBOT_DOMAIN_NAME function_check nginx_disable_sniffing nginx_disable_sniffing $SCUTTLEBOT_DOMAIN_NAME fi echo '' >> $git_ssb_nginx_site echo ' root /usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web;' >> $git_ssb_nginx_site echo '' >> $git_ssb_nginx_site echo ' location = / {' >> $git_ssb_nginx_site echo " proxy_pass http://localhost:${GIT_SSB_PORT};" >> $git_ssb_nginx_site echo ' proxy_set_header X-Real-IP $remote_addr;' >> $git_ssb_nginx_site echo ' proxy_set_header Host $host;' >> $git_ssb_nginx_site echo ' proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> $git_ssb_nginx_site echo ' proxy_http_version 1.1;' >> $git_ssb_nginx_site echo ' proxy_set_header Upgrade $http_upgrade;' >> $git_ssb_nginx_site echo ' proxy_set_header Connection upgrade;' >> $git_ssb_nginx_site echo ' }' >> $git_ssb_nginx_site echo '}' >> $git_ssb_nginx_site if [ $SCUTTLEBOT_ONION_HOSTNAME ]; then echo '' >> $git_ssb_nginx_site echo 'server {' >> $git_ssb_nginx_site echo " listen 127.0.0.1:${SCUTTLEBOT_ONION_PORT} default_server;" >> $git_ssb_nginx_site echo " server_name ${SCUTTLEBOT_ONION_HOSTNAME};" >> $git_ssb_nginx_site echo '' >> $git_ssb_nginx_site echo ' access_log /dev/null;' >> $git_ssb_nginx_site echo ' error_log /dev/null;' >> $git_ssb_nginx_site echo '' >> $git_ssb_nginx_site echo ' add_header X-XSS-Protection "1; mode=block";' >> $git_ssb_nginx_site echo ' add_header X-Content-Type-Options nosniff;' >> $git_ssb_nginx_site echo ' add_header X-Frame-Options SAMEORIGIN;' >> $git_ssb_nginx_site echo '' >> $git_ssb_nginx_site echo ' root /usr/local/lib/node_modules/git-ssb/node_modules/git-ssb-web;' >> $git_ssb_nginx_site echo '' >> $git_ssb_nginx_site echo ' location = / {' >> $git_ssb_nginx_site echo " proxy_pass http://localhost:${GIT_SSB_PORT};" >> $git_ssb_nginx_site echo ' proxy_set_header X-Real-IP $remote_addr;' >> $git_ssb_nginx_site echo ' proxy_set_header Host $host;' >> $git_ssb_nginx_site echo ' proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> $git_ssb_nginx_site echo ' proxy_http_version 1.1;' >> $git_ssb_nginx_site echo ' proxy_set_header Upgrade $http_upgrade;' >> $git_ssb_nginx_site echo ' proxy_set_header Connection upgrade;' >> $git_ssb_nginx_site echo ' }' >> $git_ssb_nginx_site echo '}' >> $git_ssb_nginx_site fi if [[ "$1" != "mesh" ]]; then nginx_ensite git_ssb fi } function mesh_install_dat { get_npm_arch cat < $rootdir/usr/bin/install_dat #!/bin/bash npm install --arch=$NPM_ARCH -g dat npm install --arch=$NPM_ARCH -g @garbados/dat-boi npm install --arch=$NPM_ARCH -g add-to-systemd add-to-systemd dat-boi --user $(whoami) `which dat-boi` EOF chroot "$rootdir" /bin/chmod +x /usr/bin/install_dat chroot "$rootdir" /usr/bin/install_dat rm $rootdir/usr/bin/install_dat } function install_dat { npm install -g dat npm install -g @garbados/dat-boi npm install -g add-to-systemd add-to-systemd dat-boi --user $(whoami) `which dat-boi` } function mesh_install_scuttlebot { SCUTTLEBOT_ONION_HOSTNAME= mesh_install_dat get_npm_arch cat < $rootdir/usr/bin/install_scuttlebot #!/bin/bash npm install --arch=$NPM_ARCH -g scuttlebot@${SCUTTLEBOT_VERSION} npm install --arch=$NPM_ARCH -g git-ssb npm install --arch=$NPM_ARCH -g git-remote-ssb EOF chroot "$rootdir" /bin/chmod +x /usr/bin/install_scuttlebot chroot "$rootdir" /usr/bin/install_scuttlebot rm $rootdir/usr/bin/install_scuttlebot if [ ! -f $rootdir/usr/local/bin/sbot ]; then echo $'Scuttlebot was not installed' exit 528253 fi if [ ! -d $rootdir/etc/scuttlebot ]; then mkdir -p $rootdir/etc/scuttlebot fi # an unprivileged user to run as chroot "$rootdir" useradd -d /etc/scuttlebot/ scuttlebot # daemon echo '[Unit]' > $rootdir/etc/systemd/system/scuttlebot.service echo 'Description=Scuttlebot (messaging system)' >> $rootdir/etc/systemd/system/scuttlebot.service echo 'After=syslog.target' >> $rootdir/etc/systemd/system/scuttlebot.service echo 'After=network.target' >> $rootdir/etc/systemd/system/scuttlebot.service echo '' >> $rootdir/etc/systemd/system/scuttlebot.service echo '[Service]' >> $rootdir/etc/systemd/system/scuttlebot.service echo 'Type=simple' >> $rootdir/etc/systemd/system/scuttlebot.service echo 'User=scuttlebot' >> $rootdir/etc/systemd/system/scuttlebot.service echo 'Group=scuttlebot' >> $rootdir/etc/systemd/system/scuttlebot.service echo "WorkingDirectory=/etc/scuttlebot" >> $rootdir/etc/systemd/system/scuttlebot.service echo 'ExecStart=/usr/local/bin/sbot server' >> $rootdir/etc/systemd/system/scuttlebot.service echo 'Restart=always' >> $rootdir/etc/systemd/system/scuttlebot.service echo 'Environment="USER=scuttlebot"' >> $rootdir/etc/systemd/system/scuttlebot.service echo '' >> $rootdir/etc/systemd/system/scuttlebot.service echo '[Install]' >> $rootdir/etc/systemd/system/scuttlebot.service echo 'WantedBy=multi-user.target' >> $rootdir/etc/systemd/system/scuttlebot.service scuttlebot_git_setup mesh git_ssb_script mesh } function install_scuttlebot { function_check install_nodejs install_nodejs scuttlebot npm install -g scuttlebot@${SCUTTLEBOT_VERSION} if [ ! -f /usr/local/bin/sbot ]; then exit 528253 fi install_dat npm install -g git-ssb npm install -g git-remote-ssb if [ ! -d /etc/scuttlebot ]; then mkdir -p /etc/scuttlebot fi # an unprivileged user to run as useradd -d /etc/scuttlebot/ scuttlebot # daemon echo '[Unit]' > /etc/systemd/system/scuttlebot.service echo 'Description=Scuttlebot (messaging system)' >> /etc/systemd/system/scuttlebot.service echo 'After=syslog.target' >> /etc/systemd/system/scuttlebot.service echo 'After=network.target' >> /etc/systemd/system/scuttlebot.service echo '' >> /etc/systemd/system/scuttlebot.service echo '[Service]' >> /etc/systemd/system/scuttlebot.service echo 'Type=simple' >> /etc/systemd/system/scuttlebot.service echo 'User=scuttlebot' >> /etc/systemd/system/scuttlebot.service echo 'Group=scuttlebot' >> /etc/systemd/system/scuttlebot.service echo "WorkingDirectory=/etc/scuttlebot" >> /etc/systemd/system/scuttlebot.service echo 'ExecStart=/usr/local/bin/sbot server' >> /etc/systemd/system/scuttlebot.service echo 'Restart=always' >> /etc/systemd/system/scuttlebot.service echo 'Environment="USER=scuttlebot"' >> /etc/systemd/system/scuttlebot.service echo '' >> /etc/systemd/system/scuttlebot.service echo '[Install]' >> /etc/systemd/system/scuttlebot.service echo 'WantedBy=multi-user.target' >> /etc/systemd/system/scuttlebot.service chown -R scuttlebot:scuttlebot /etc/scuttlebot # files gw_name myhostname mdns4_minimal [NOTFOUND=return] dns sed -i "s|hosts:.*|hosts: files mdns4_minimal dns mdns4 mdns|g" /etc/nsswitch.conf # start the daemon systemctl enable scuttlebot.service systemctl daemon-reload systemctl start scuttlebot.service sleep 3 if [ ! -d /etc/scuttlebot/.ssb ]; then echo $'Scuttlebot config not generated' exit 73528 fi echo '{' > /etc/scuttlebot/.ssb/config echo " \"host\": \"${DEFAULT_DOMAIN_NAME}\"," >> /etc/scuttlebot/.ssb/config echo " \"port\": ${SCUTTLEBOT_PORT}," >> /etc/scuttlebot/.ssb/config echo ' "timeout": 30000,' >> /etc/scuttlebot/.ssb/config echo ' "pub": true,' >> /etc/scuttlebot/.ssb/config echo ' "local": true,' >> /etc/scuttlebot/.ssb/config echo ' "friends": {' >> /etc/scuttlebot/.ssb/config echo ' "dunbar": 150,' >> /etc/scuttlebot/.ssb/config echo ' "hops": 3' >> /etc/scuttlebot/.ssb/config echo ' },' >> /etc/scuttlebot/.ssb/config echo ' "gossip": {' >> /etc/scuttlebot/.ssb/config echo ' "connections": 2' >> /etc/scuttlebot/.ssb/config echo ' },' >> /etc/scuttlebot/.ssb/config echo ' "master": [],' >> /etc/scuttlebot/.ssb/config echo ' "logging": {' >> /etc/scuttlebot/.ssb/config echo ' "level": "error"' >> /etc/scuttlebot/.ssb/config echo ' }' >> /etc/scuttlebot/.ssb/config echo '}' >> /etc/scuttlebot/.ssb/config chown scuttlebot:scuttlebot /etc/scuttlebot/.ssb/config systemctl restart scuttlebot.service firewall_add scuttlebot ${SCUTTLEBOT_PORT} firewall_add git_ssb ${GIT_SSB_PORT} SCUTTLEBOT_ONION_HOSTNAME=$(add_onion_service scuttlebot 80 ${SCUTTLEBOT_ONION_PORT}) scuttlebot_git_setup git_ssb_script systemctl enable git_ssb.service systemctl daemon-reload systemctl start git_ssb.service function_check create_site_certificate create_site_certificate ${SCUTTLEBOT_DOMAIN_NAME} 'yes' systemctl restart nginx if ! grep -q "scuttlebot version:" ${COMPLETION_FILE}; then echo "scuttlebot version:${SCUTTLEBOT_VERSION}" >> ${COMPLETION_FILE} else sed -i "s|scuttlebot version.*|scuttlebot version:${SCUTTLEBOT_VERSION}|g" ${COMPLETION_FILE} fi APP_INSTALLED=1 } # NOTE: deliberately no exit 0