Browse Source

Remove hardcoded variants

stockholm
Bob Mottram 5 years ago
parent
commit
16123cb9d7
  1. 12
      src/freedombone
  2. 2
      src/freedombone-app-dlna
  3. 7
      src/freedombone-app-irc
  4. 6
      src/freedombone-app-mumble
  5. 3
      src/freedombone-app-searx
  6. 2
      src/freedombone-app-tox
  7. 37
      src/freedombone-base-email
  8. 105
      src/freedombone-base-tripwire
  9. 30
      src/freedombone-config
  10. 346
      src/freedombone-utils-dns
  11. 4
      src/freedombone-utils-firewall
  12. 4
      src/freedombone-utils-go
  13. 9
      src/freedombone-utils-help
  14. 138
      src/freedombone-utils-interactive
  15. 70
      src/freedombone-utils-login
  16. 12
      src/freedombone-utils-onion
  17. 14
      src/freedombone-utils-selector
  18. 68
      src/freedombone-utils-setup
  19. 140
      src/freedombone-utils-time
  20. 5
      src/freedombone-utils-web
  21. 2
      src/freedombone-utils-wifi

12
src/freedombone

@ -259,7 +259,7 @@ function parse_args {
exit 1
fi
if [ ! "$DEFAULT_DOMAIN_NAME" ]; then
if [[ $SYSTEM_TYPE != "$VARIANT_MESH" ]]; then
if [[ $SYSTEM_TYPE != "mesh"* ]]; then
echo 'No default domain specified'
show_help
exit 2
@ -270,7 +270,7 @@ function parse_args {
show_help
exit 3
fi
if [[ $SYSTEM_TYPE != "$VARIANT_MESH" ]]; then
if [[ $SYSTEM_TYPE != "mesh"* ]]; then
if [[ $ONION_ONLY == "no" ]]; then
if [ ! $DDNS_USERNAME ]; then
echo $'Please provide the username for your dynamic DNS provider with the --ddnsuser option'
@ -282,12 +282,14 @@ function parse_args {
fi
fi
fi
if [ ! $SYSTEM_TYPE ]; then
SYSTEM_TYPE=$VARIANT_FULL
SYSTEM_TYPE=$'full'
fi
if [[ $SYSTEM_TYPE != $VARIANT_WRITER && $SYSTEM_TYPE != $VARIANT_CLOUD && $SYSTEM_TYPE != $VARIANT_CHAT && $SYSTEM_TYPE != $VARIANT_MAILBOX && $SYSTEM_TYPE != $VARIANT_NONMAILBOX && $SYSTEM_TYPE != $VARIANT_SOCIAL && $SYSTEM_TYPE != $VARIANT_MEDIA && $SYSTEM_TYPE != $VARIANT_DEVELOPER && $SYSTEM_TYPE != $VARIANT_MESH && $SYSTEM_TYPE != $VARIANT_FULL ]]; then
if [[ $(is_valid_variant) == "0" ]]; then
echo $"'$SYSTEM_TYPE' is an unrecognised ${PROJECT_NAME} variant."
exit 30
exit 367245
fi
}

2
src/freedombone-app-dlna

@ -198,7 +198,7 @@ function install_dlna_main {
echo "media_dir=V,$USB_MOUNT/Videos" >> /etc/minidlna.conf
fi
sed -i 's/#root_container=./root_container=B/g' /etc/minidlna.conf
if [[ $SYSTEM_TYPE != "$VARIANT_MESH" ]]; then
if [[ $SYSTEM_TYPE != "mesh"* ]]; then
sed -i 's/#network_interface=/network_interface=eth0/g' /etc/minidlna.conf
else
sed -i 's/#network_interface=/network_interface=$WIFI_INTERFACE/g' /etc/minidlna.conf

7
src/freedombone-app-irc

@ -295,9 +295,6 @@ function install_irc_server {
fi
DEFAULTDOMAIN=${DEFAULT_DOMAIN_NAME}
if [[ ${SYSTEM_TYPE} == "$VARIANT_MESH" ]]; then
DEFAULTDOMAIN="${DEFAULT_DOMAIN_NAME}.local"
fi
# create a login password if needed
if [ ! ${IRC_PASSWORD} ]; then
@ -340,10 +337,6 @@ function install_irc_server {
if [ ${IRC_PASSWORD} ]; then
sed -i "0,/RE/s/Password =.*/Password =$IRC_PASSWORD/" /etc/ngircd/ngircd.conf
fi
# If we are on a mesh then DNS is not available
if [[ ${SYSTEM_TYPE} == "$VARIANT_MESH" ]]; then
sed -i "s/;DNS =.*/DNS = no/g" /etc/ngircd/ngircd.conf
fi
# upgrade a cypher
sed -i 's|SECURE128|SECURE256|g' /etc/ngircd/ngircd.conf
mkdir /var/run/ircd

6
src/freedombone-app-mumble

@ -236,7 +236,7 @@ function install_mumble {
sed -i "s|welcometext=.*|welcometext=\"<br />Welcome to $DEFAULT_DOMAIN_NAME <b>mumble</b>.<br />Chat freely!<br />\"|g" /etc/mumble-server.ini
if [[ $MUMBLE_SERVER_PASSWORD && $SYSTEM_TYPE != "$VARIANT_MESH" ]]; then
if [[ $MUMBLE_SERVER_PASSWORD ]]; then
sed -i "s|serverpassword=.*|serverpassword=$MUMBLE_SERVER_PASSWORD|g" /etc/mumble-server.ini
fi
@ -272,9 +272,7 @@ function install_mumble {
echo '=============' >> /home/$MY_USERNAME/README
echo $"Mumble onion domain:$MUMBLE_ONION_HOSTNAME" >> /home/$MY_USERNAME/README
echo $'Mumble server username: mumble-server' >> /home/$MY_USERNAME/README
if [[ $SYSTEM_TYPE != "VARIANT_MESH" ]]; then
echo $"Mumble server password: $MUMBLE_SERVER_PASSWORD" >> /home/$MY_USERNAME/README
fi
echo $"Mumble server password: $MUMBLE_SERVER_PASSWORD" >> /home/$MY_USERNAME/README
echo '' >> /home/$MY_USERNAME/README
echo $'To connect to the Mumble server use your username and the server password shown above.' >> /home/$MY_USERNAME/README
chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README

3
src/freedombone-app-searx

@ -117,9 +117,6 @@ function remove_searx {
function install_searx {
# Note: currently socks5 outgoing proxies to other search engines does not work
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
return
fi
if [ ! -d /etc/nginx ]; then
echo $'Webserver is not installed'
exit 62429

2
src/freedombone-app-tox

@ -336,7 +336,7 @@ function tox_avahi {
fi
make install
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [[ $SYSTEM_TYPE == "mesh"* ]]; then
toxavahi
# publish regularly

37
src/freedombone-base-email

@ -83,9 +83,6 @@ function backup_email {
}
function configure_firewall_for_email {
if [[ $SYSTEM_TYPE == "$VARIANT_WRITER" || $SYSTEM_TYPE == "$VARIANT_CLOUD" || $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_SOCIAL" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_DEVELOPER" || $SYSTEM_TYPE == "$VARIANT_MESH" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" ]]; then
return
fi
if grep -Fxq "configure_firewall_for_email" $COMPLETION_FILE; then
return
fi
@ -114,7 +111,7 @@ function encrypt_incoming_email {
# encrypts incoming mail using your GPG public key
# so even if an attacker gains access to the data at rest they still need
# to know your GPG key password to be able to read anything
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [ ! -d /etc/exim4 ]; then
return
fi
@ -163,7 +160,7 @@ function encrypt_outgoing_email {
# encrypts outgoing mail using your GPG public key
# so even if an attacker gains access to the data at rest they still need
# to know your GPG key password to be able to read sent mail
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [ ! -d /etc/exim4 ]; then
return
fi
if grep -Fxq "encrypt_outgoing_email" $COMPLETION_FILE; then
@ -210,7 +207,7 @@ function encrypt_outgoing_email {
}
function encrypt_all_email {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [ ! -d /etc/exim4 ]; then
return
fi
if [[ $GPG_ENCRYPT_STORED_EMAIL != "yes" ]]; then
@ -252,7 +249,7 @@ function encrypt_all_email {
}
function email_client {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [ ! -d /etc/exim4 ]; then
return
fi
if grep -Fxq "email_client" $COMPLETION_FILE; then
@ -406,7 +403,7 @@ function email_client {
}
function email_archiving {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [ ! -d /etc/exim4 ]; then
return
fi
@ -469,7 +466,7 @@ function email_from_address {
}
function create_public_mailing_list {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [ ! -d /etc/exim4 ]; then
return
fi
if grep -Fxq "create_public_mailing_list" $COMPLETION_FILE; then
@ -566,7 +563,7 @@ function create_public_mailing_list {
}
function create_private_mailing_list {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [ ! -d /etc/exim4 ]; then
return
fi
# This installation doesn't work, results in ruby errors
@ -638,7 +635,7 @@ function split_gpg_key_into_fragments {
}
function import_email {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [ ! -d /etc/exim4 ]; then
return
fi
EMAIL_COMPLETE_MSG=$"
@ -648,7 +645,7 @@ function import_email {
25, 587, 465, 993 and 2222 to the ${PROJECT_NAME}
"
if grep -Fxq "import_email" $COMPLETION_FILE; then
if [[ $SYSTEM_TYPE == "$VARIANT_MAILBOX" ]]; then
if [[ $SYSTEM_TYPE == "mail"* ]]; then
function_check backup_to_friends_servers
backup_to_friends_servers
@ -681,7 +678,7 @@ function import_email {
fi
fi
echo 'import_email' >> $COMPLETION_FILE
if [[ $SYSTEM_TYPE == "$VARIANT_MAILBOX" ]]; then
if [[ $SYSTEM_TYPE == "mail"* ]]; then
function_check backup_to_friends_servers
backup_to_friends_servers
@ -710,7 +707,7 @@ function remove_email {
}
function install_email {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return
fi
if grep -Fxq "install_email" $COMPLETION_FILE; then
@ -940,7 +937,7 @@ function install_email {
}
function create_procmail {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [ ! -d /etc/exim4 ]; then
return
fi
if grep -Fxq "create_procmail" $COMPLETION_FILE; then
@ -983,7 +980,7 @@ function handle_admin_emails {
}
function spam_filtering {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [ ! -d /etc/exim4 ]; then
return
fi
if grep -Fxq "spam_filtering" $COMPLETION_FILE; then
@ -1144,7 +1141,7 @@ function spam_filtering {
}
function configure_imap {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [ ! -d /etc/exim4 ]; then
return
fi
if grep -Fxq "configure_imap" $COMPLETION_FILE; then
@ -1230,7 +1227,7 @@ function configure_imap {
}
function configure_imap_client_certs {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [ ! -d /etc/exim4 ]; then
return
fi
if grep -Fxq "configure_imap_client_certs" $COMPLETION_FILE; then
@ -1312,7 +1309,7 @@ function configure_imap_client_certs {
}
function create_gpg_subkey {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [ ! -d /etc/exim4 ]; then
return
fi
if grep -Fxq "create_gpg_subkey" $COMPLETION_FILE; then
@ -1380,7 +1377,7 @@ function gpg_pubkey_from_email {
}
function configure_gpg {
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [ ! -d /etc/exim4 ]; then
return
fi
if grep -Fxq "configure_gpg" $COMPLETION_FILE; then

105
src/freedombone-base-tripwire

@ -37,72 +37,69 @@ function backup_remote_tripwire {
}
function remove_tripwire {
if ! grep -Fxq "tripwire" $COMPLETION_FILE; then
return
fi
apt-get -y remove --purge tripwire
if [ -d /etc/tripwire ]; then
rm -rf /etc/tripwire
fi
rm /usr/bin/reset-tripwire
sed -i '/tripwire/d' $COMPLETION_FILE
if ! grep -Fxq "tripwire" $COMPLETION_FILE; then
return
fi
apt-get -y remove --purge tripwire
if [ -d /etc/tripwire ]; then
rm -rf /etc/tripwire
fi
rm /usr/bin/reset-tripwire
sed -i '/tripwire/d' $COMPLETION_FILE
}
function install_tripwire {
if grep -Fxq "install_tripwire" $COMPLETION_FILE; then
return
fi
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
return
fi
apt-get -y install tripwire
apt-get -y autoremove
cd /etc/tripwire
cp site.key $DEFAULT_DOMAIN_NAME-site.key
echo '*** Installing intrusion detection ***'
echo '
if grep -Fxq "install_tripwire" $COMPLETION_FILE; then
return
fi
apt-get -y install tripwire
apt-get -y autoremove
cd /etc/tripwire
cp site.key $DEFAULT_DOMAIN_NAME-site.key
echo '*** Installing intrusion detection ***'
echo '
' | tripwire --init
# make a script for easy resetting of the tripwire
echo '#!/bin/sh' > /usr/bin/reset-tripwire
echo 'tripwire --update-policy --secure-mode low /etc/tripwire/twpol.txt' >> /usr/bin/reset-tripwire
chmod +x /usr/bin/reset-tripwire
# make a script for easy resetting of the tripwire
echo '#!/bin/sh' > /usr/bin/reset-tripwire
echo 'tripwire --update-policy --secure-mode low /etc/tripwire/twpol.txt' >> /usr/bin/reset-tripwire
chmod +x /usr/bin/reset-tripwire
sed -i 's/SYSLOGREPORTING.*/SYSLOGREPORTING =false/g' /etc/tripwire/twcfg.txt
# only send emails if something has changed
sed -i 's|MAILNOVIOLATIONS.*|MAILNOVIOLATIONS = false|g' /etc/tripwire/twcfg.txt
sed -i '/# These files change the behavior of the root account/,/}/ s/.*//g' /etc/tripwire/twpol.txt
sed -i 's|/etc/rc.boot.*||g' /etc/tripwire/twpol.txt
# Don't show any changes to /proc
sed -i 's|/proc.*||g' /etc/tripwire/twpol.txt
# Don't report log changes
sed -i 's|/var/log.*||g' /etc/tripwire/twpol.txt
# Ignore /etc/tripwire
if ! grep -q '!/etc/tripwire' /etc/tripwire/twpol.txt; then
sed -i '\|/etc\t\t->.*|a\ !/etc/tripwire ;' /etc/tripwire/twpol.txt
fi
# ignore tt-rss cache
if ! grep -q '!/etc/share/tt-rss/cache' /etc/tripwire/twpol.txt; then
sed -i '\|/etc\t\t->.*|a\ !/etc/share/tt-rss/cache ;' /etc/tripwire/twpol.txt
fi
if ! grep -q '!/etc/share/tt-rss/lock' /etc/tripwire/twpol.txt; then
sed -i '\|/etc\t\t->.*|a\ !/etc/share/tt-rss/lock ;' /etc/tripwire/twpol.txt
fi
# Avoid logging the changed database
sed -i 's|$(TWETC)/tw.pol.*||g' /etc/tripwire/twpol.txt
# recreate the configuration
echo '
sed -i 's/SYSLOGREPORTING.*/SYSLOGREPORTING =false/g' /etc/tripwire/twcfg.txt
# only send emails if something has changed
sed -i 's|MAILNOVIOLATIONS.*|MAILNOVIOLATIONS = false|g' /etc/tripwire/twcfg.txt
sed -i '/# These files change the behavior of the root account/,/}/ s/.*//g' /etc/tripwire/twpol.txt
sed -i 's|/etc/rc.boot.*||g' /etc/tripwire/twpol.txt
# Don't show any changes to /proc
sed -i 's|/proc.*||g' /etc/tripwire/twpol.txt
# Don't report log changes
sed -i 's|/var/log.*||g' /etc/tripwire/twpol.txt
# Ignore /etc/tripwire
if ! grep -q '!/etc/tripwire' /etc/tripwire/twpol.txt; then
sed -i '\|/etc\t\t->.*|a\ !/etc/tripwire ;' /etc/tripwire/twpol.txt
fi
# ignore tt-rss cache
if ! grep -q '!/etc/share/tt-rss/cache' /etc/tripwire/twpol.txt; then
sed -i '\|/etc\t\t->.*|a\ !/etc/share/tt-rss/cache ;' /etc/tripwire/twpol.txt
fi
if ! grep -q '!/etc/share/tt-rss/lock' /etc/tripwire/twpol.txt; then
sed -i '\|/etc\t\t->.*|a\ !/etc/share/tt-rss/lock ;' /etc/tripwire/twpol.txt
fi
# Avoid logging the changed database
sed -i 's|$(TWETC)/tw.pol.*||g' /etc/tripwire/twpol.txt
# recreate the configuration
echo '
' | twadmin --create-cfgfile -S /etc/tripwire/site.key /etc/tripwire/twcfg.txt
# reset
echo '
' | twadmin --create-cfgfile -S /etc/tripwire/site.key /etc/tripwire/twcfg.txt
# reset
echo '
' | reset-tripwire
' | reset-tripwire
echo 'install_tripwire' >> $COMPLETION_FILE
echo 'install_tripwire' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0

30
src/freedombone-config

@ -48,20 +48,6 @@ MINIMUM_PASSWORD_LENGTH=$(cat /usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-u
# file containing new password
IMAGE_PASSWORD_FILE=/root/login.txt
# Different system variants which may be specified within
# the SYSTEM_TYPE option
VARIANT_FULL="full"
VARIANT_WRITER="writer"
VARIANT_CLOUD="cloud"
VARIANT_CHAT="chat"
VARIANT_MAILBOX="mailbox"
VARIANT_NONMAILBOX="nonmailbox"
VARIANT_SOCIAL="social"
VARIANT_MEDIA="media"
VARIANT_DEVELOPER="developer"
VARIANT_MESH="mesh"
VARIANT_MESH_USER="mesh-user"
MY_USERNAME=
DEFAULT_DOMAIN_NAME=
DEFAULT_DOMAIN_CODE=
@ -291,7 +277,7 @@ function choose_static_ip {
}
function choose_dynamic_dns {
if [[ $SYSTEM_TYPE != "$VARIANT_MESH" && $ONION_ONLY == "no" ]]; then
if [[ $SYSTEM_TYPE != "mesh"* && $ONION_ONLY == "no" ]]; then
data=$(tempfile 2>/dev/null)
trap "rm -f $data" 0 1 2 5 15
@ -731,16 +717,12 @@ function choose_username {
MY_USERNAME=$(ls /home)
else
# select one from a number of users
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" && $DEFAULT_DOMAIN_NAME && -d /home/$DEFAULT_DOMAIN_NAME ]]; then
MY_USERNAME=$DEFAULT_DOMAIN_NAME
else
select_user
if [ ! $SELECTED_USERNAME ]; then
echo $'No username selected'
exit 72589
fi
MY_USERNAME="$SELECTED_USERNAME"
select_user
if [ ! $SELECTED_USERNAME ]; then
echo $'No username selected'
exit 72589
fi
MY_USERNAME="$SELECTED_USERNAME"
fi
fi

346
src/freedombone-utils-dns

@ -45,197 +45,197 @@ GET_IP_ADDRESS_URL="checkip.two-dns.de"
# other possible services to obtain the external IP address
EXTERNAL_IP_SERVICES=( \
'https://check.torproject.org/' \
'https://www.whatsmydns.net/whats-my-ip-address.html' \
'https://www.privateinternetaccess.com/pages/whats-my-ip/' \
'http://checkip.two-dns.de' \
'http://ip.dnsexit.com' \
'http://ifconfig.me/ip' \
'http://ipecho.net/plain' \
'http://checkip.dyndns.org/plain' \
'http://ipogre.com/linux.php' \
'http://whatismyipaddress.com/' \
'http://ip.my-proxy.com/' \
'http://websiteipaddress.com/WhatIsMyIp' \
'http://getmyipaddress.org/' \
'http://www.my-ip-address.net/' \
'http://myexternalip.com/raw' \
'http://www.canyouseeme.org/' \
'http://www.trackip.net/' \
'http://icanhazip.com/' \
'http://www.iplocation.net/' \
'http://www.howtofindmyipaddress.com/' \
'http://www.ipchicken.com/' \
'http://whatsmyip.net/' \
'http://www.ip-adress.com/' \
'http://checkmyip.com/' \
'http://www.tracemyip.org/' \
'http://checkmyip.net/' \
'http://www.lawrencegoetz.com/programs/ipinfo/' \
'http://www.findmyip.co/' \
'http://ip-lookup.net/' \
'http://www.dslreports.com/whois' \
'http://www.mon-ip.com/en/my-ip/' \
'http://www.myip.ru' \
'http://ipgoat.com/' \
'http://www.myipnumber.com/my-ip-address.asp' \
'http://www.whatsmyipaddress.net/' \
'http://formyip.com/' \
'http://www.displaymyip.com/' \
'http://www.bobborst.com/tools/whatsmyip/' \
'http://www.geoiptool.com/' \
'http://checkip.dyndns.com/' \
'http://myexternalip.com/' \
'http://www.ip-adress.eu/' \
'http://www.infosniper.net/' \
'http://wtfismyip.com/' \
'http://ipinfo.io/' \
'http://httpbin.org/ip')
'https://check.torproject.org/' \
'https://www.whatsmydns.net/whats-my-ip-address.html' \
'https://www.privateinternetaccess.com/pages/whats-my-ip/' \
'http://checkip.two-dns.de' \
'http://ip.dnsexit.com' \
'http://ifconfig.me/ip' \
'http://ipecho.net/plain' \
'http://checkip.dyndns.org/plain' \
'http://ipogre.com/linux.php' \
'http://whatismyipaddress.com/' \
'http://ip.my-proxy.com/' \
'http://websiteipaddress.com/WhatIsMyIp' \
'http://getmyipaddress.org/' \
'http://www.my-ip-address.net/' \
'http://myexternalip.com/raw' \
'http://www.canyouseeme.org/' \
'http://www.trackip.net/' \
'http://icanhazip.com/' \
'http://www.iplocation.net/' \
'http://www.howtofindmyipaddress.com/' \
'http://www.ipchicken.com/' \
'http://whatsmyip.net/' \
'http://www.ip-adress.com/' \
'http://checkmyip.com/' \
'http://www.tracemyip.org/' \
'http://checkmyip.net/' \
'http://www.lawrencegoetz.com/programs/ipinfo/' \
'http://www.findmyip.co/' \
'http://ip-lookup.net/' \
'http://www.dslreports.com/whois' \
'http://www.mon-ip.com/en/my-ip/' \
'http://www.myip.ru' \
'http://ipgoat.com/' \
'http://www.myipnumber.com/my-ip-address.asp' \
'http://www.whatsmyipaddress.net/' \
'http://formyip.com/' \
'http://www.displaymyip.com/' \
'http://www.bobborst.com/tools/whatsmyip/' \
'http://www.geoiptool.com/' \
'http://checkip.dyndns.com/' \
'http://myexternalip.com/' \
'http://www.ip-adress.eu/' \
'http://www.infosniper.net/' \
'http://wtfismyip.com/' \
'http://ipinfo.io/' \
'http://httpbin.org/ip')
function create_freedns_updater {
if [[ $ONION_ONLY != "no" ]]; then
return
fi
# currently inadyn doesn't work as expected with freeDNS, so this is a workaround
if grep -Fxq "create_freedns_updater" $COMPLETION_FILE; then
return
fi
if [[ $DDNS_PROVIDER != "default@freedns.afraid.org" ]]; then
return
fi
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
return
fi
FREEDNS_WGET='wget -q --read-timeout=0.0 --waitretry=5 --tries=4 https://freedns.afraid.org/dynamic/update.php?'
echo '#!/bin/bash' > /usr/bin/dynamicdns
echo 'cd /tmp' >> /usr/bin/dynamicdns
if [ $DEFAULT_DOMAIN_CODE ]; then
echo "# $DEFAULT_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$DEFAULT_DOMAIN_CODE=" >> /usr/bin/dynamicdns
fi
if [ $WIKI_CODE ]; then
if [[ $WIKI_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
echo "# $WIKI_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$WIKI_CODE=" >> /usr/bin/dynamicdns
fi
fi
if [ $FULLBLOG_CODE ]; then
if [[ $FULLBLOG_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
echo "# $FULLBLOG_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$FULLBLOG_CODE=" >> /usr/bin/dynamicdns
fi
fi
if [ $HUBZILLA_CODE ]; then
if [[ $HUBZILLA_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
echo "# $HUBZILLA_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$HUBZILLA_CODE=" >> /usr/bin/dynamicdns
fi
fi
if [ $MICROBLOG_CODE ]; then
if [[ $MICROBLOG_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
echo "# $MICROBLOG_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$MICROBLOG_CODE=" >> /usr/bin/dynamicdns
fi
fi
if [ $GIT_CODE ]; then
if [[ $GIT_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
echo "# $GIT_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$GIT_CODE=" >> /usr/bin/dynamicdns
fi
fi
if [ $MEDIAGOBLIN_CODE ]; then
if [[ $MEDIAGOBLIN_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
echo "# $MEDIAGOBLIN_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$MEDIAGOBLIN_CODE=" >> /usr/bin/dynamicdns
fi
fi
echo 'exit 0' >> /usr/bin/dynamicdns
chmod 600 /usr/bin/dynamicdns
chmod +x /usr/bin/dynamicdns
if ! grep -q "/usr/bin/dynamicdns" /etc/crontab; then
function_check cron_add_mins
cron_add_mins 3 '/usr/bin/dynamicdns'
systemctl restart cron
fi
echo 'create_freedns_updater' >> $COMPLETION_FILE
if [[ $ONION_ONLY != "no" ]]; then
return
fi
# currently inadyn doesn't work as expected with freeDNS, so this is a workaround
if grep -Fxq "create_freedns_updater" $COMPLETION_FILE; then
return
fi
if [[ $DDNS_PROVIDER != "default@freedns.afraid.org" ]]; then
return
fi
if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return
fi
FREEDNS_WGET='wget -q --read-timeout=0.0 --waitretry=5 --tries=4 https://freedns.afraid.org/dynamic/update.php?'
echo '#!/bin/bash' > /usr/bin/dynamicdns
echo 'cd /tmp' >> /usr/bin/dynamicdns
if [ $DEFAULT_DOMAIN_CODE ]; then
echo "# $DEFAULT_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$DEFAULT_DOMAIN_CODE=" >> /usr/bin/dynamicdns
fi
if [ $WIKI_CODE ]; then
if [[ $WIKI_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
echo "# $WIKI_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$WIKI_CODE=" >> /usr/bin/dynamicdns
fi
fi
if [ $FULLBLOG_CODE ]; then
if [[ $FULLBLOG_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
echo "# $FULLBLOG_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$FULLBLOG_CODE=" >> /usr/bin/dynamicdns
fi
fi
if [ $HUBZILLA_CODE ]; then
if [[ $HUBZILLA_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
echo "# $HUBZILLA_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$HUBZILLA_CODE=" >> /usr/bin/dynamicdns
fi
fi
if [ $MICROBLOG_CODE ]; then
if [[ $MICROBLOG_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
echo "# $MICROBLOG_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$MICROBLOG_CODE=" >> /usr/bin/dynamicdns
fi
fi
if [ $GIT_CODE ]; then
if [[ $GIT_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
echo "# $GIT_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$GIT_CODE=" >> /usr/bin/dynamicdns
fi
fi
if [ $MEDIAGOBLIN_CODE ]; then
if [[ $MEDIAGOBLIN_CODE != "$DEFAULT_DOMAIN_CODE" ]]; then
echo "# $MEDIAGOBLIN_DOMAIN_NAME" >> /usr/bin/dynamicdns
echo "$FREEDNS_WGET$MEDIAGOBLIN_CODE=" >> /usr/bin/dynamicdns
fi
fi
echo 'exit 0' >> /usr/bin/dynamicdns
chmod 600 /usr/bin/dynamicdns
chmod +x /usr/bin/dynamicdns
if ! grep -q "/usr/bin/dynamicdns" /etc/crontab; then
function_check cron_add_mins
cron_add_mins 3 '/usr/bin/dynamicdns'
systemctl restart cron
fi
echo 'create_freedns_updater' >> $COMPLETION_FILE
}
function add_ddns_domain {
if [ ! $1 ]; then
echo $'ddns domain not specified'
exit 5638
fi
CURRENT_DDNS_DOMAIN="$1"
if [[ $ONION_ONLY != "no" ]]; then
return
fi
if [ ! -f /etc/inadyn.conf ]; then
echo $'Unable to find inadyn configuration file /etc/inadyn.conf'
exit 5745
fi
if ! grep -q "$DDNS_PROVIDER" /etc/inadyn.conf; then
echo '' >> /etc/inadyn.conf
echo "system $DDNS_PROVIDER" >> /etc/inadyn.conf
echo ' ssl' >> /etc/inadyn.conf
echo " checkip-url $GET_IP_ADDRESS_URL /" >> /etc/inadyn.conf
if [ $DDNS_USERNAME ]; then
echo " username $DDNS_USERNAME" >> /etc/inadyn.conf
fi
if [ $DDNS_PASSWORD ]; then
echo " password $DDNS_PASSWORD" >> /etc/inadyn.conf
fi
fi
if ! grep -q "$CURRENT_DDNS_DOMAIN" /etc/inadyn.conf; then
echo " alias $CURRENT_DDNS_DOMAIN" >> /etc/inadyn.conf
fi
chmod 600 /etc/inadyn.conf
systemctl restart inadyn
systemctl daemon-reload
if [ ! $1 ]; then
echo $'ddns domain not specified'
exit 5638
fi
CURRENT_DDNS_DOMAIN="$1"
if [[ $ONION_ONLY != "no" ]]; then
return
fi
if [ ! -f /etc/inadyn.conf ]; then
echo $'Unable to find inadyn configuration file /etc/inadyn.conf'
exit 5745
fi
if ! grep -q "$DDNS_PROVIDER" /etc/inadyn.conf; then
echo '' >> /etc/inadyn.conf
echo "system $DDNS_PROVIDER" >> /etc/inadyn.conf
echo ' ssl' >> /etc/inadyn.conf
echo " checkip-url $GET_IP_ADDRESS_URL /" >> /etc/inadyn.conf
if [ $DDNS_USERNAME ]; then
echo " username $DDNS_USERNAME" >> /etc/inadyn.conf
fi
if [ $DDNS_PASSWORD ]; then
echo " password $DDNS_PASSWORD" >> /etc/inadyn.conf
fi
fi
if ! grep -q "$CURRENT_DDNS_DOMAIN" /etc/inadyn.conf; then
echo " alias $CURRENT_DDNS_DOMAIN" >> /etc/inadyn.conf
fi
chmod 600 /etc/inadyn.conf
systemctl restart inadyn
systemctl daemon-reload
}
function configure_dns {
if grep -Fxq "configure_dns" $COMPLETION_FILE; then
return
fi
echo 'domain localdomain' > /etc/resolv.conf
echo 'search localdomain' >> /etc/resolv.conf
echo "nameserver $NAMESERVER1" >> /etc/resolv.conf
echo "nameserver $NAMESERVER2" >> /etc/resolv.conf
# prevent resolv.conf from changing
chattr +i /etc/resolv.conf
echo 'configure_dns' >> $COMPLETION_FILE
if grep -Fxq "configure_dns" $COMPLETION_FILE; then
return
fi
echo 'domain localdomain' > /etc/resolv.conf
echo 'search localdomain' >> /etc/resolv.conf
echo "nameserver $NAMESERVER1" >> /etc/resolv.conf
echo "nameserver $NAMESERVER2" >> /etc/resolv.conf
# prevent resolv.conf from changing
chattr +i /etc/resolv.conf
echo 'configure_dns' >> $COMPLETION_FILE
}
function set_hostname {
DEFAULT_DOMAIN_NAME="$1"
DEFAULT_DOMAIN_NAME="$1"
echo "$DEFAULT_DOMAIN_NAME" > /etc/hostname
hostname $DEFAULT_DOMAIN_NAME
echo "$DEFAULT_DOMAIN_NAME" > /etc/hostname
hostname $DEFAULT_DOMAIN_NAME
if grep -q "127.0.1.1" /etc/hosts; then
sed -i "s/127.0.1.1.*/127.0.1.1 $DEFAULT_DOMAIN_NAME/g" /etc/hosts
else
echo "127.0.1.1 $DEFAULT_DOMAIN_NAME" >> /etc/hosts
fi
if grep -q "127.0.1.1" /etc/hosts; then
sed -i "s/127.0.1.1.*/127.0.1.1 $DEFAULT_DOMAIN_NAME/g" /etc/hosts
else
echo "127.0.1.1 $DEFAULT_DOMAIN_NAME" >> /etc/hosts
fi
}
function set_your_domain_name {
if grep -Fxq "set_your_domain_name" $COMPLETION_FILE; then
return
fi
if grep -Fxq "set_your_domain_name" $COMPLETION_FILE; then
return
fi
function_check set_hostname
set_hostname $DEFAULT_DOMAIN_NAME
function_check set_hostname
set_hostname $DEFAULT_DOMAIN_NAME
echo 'set_your_domain_name' >> $COMPLETION_FILE
echo 'set_your_domain_name' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0

4
src/freedombone-utils-firewall

@ -106,7 +106,7 @@ function configure_firewall_ping {
return
fi
# Only allow ping for mesh installs
if [[ $SYSTEM_TYPE != "$VARIANT_MESH" ]]; then
if [[ $SYSTEM_TYPE != "mesh"* ]]; then
return
fi
iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
@ -225,7 +225,7 @@ function configure_internet_protocol {
if grep -Fxq "configure_internet_protocol" $COMPLETION_FILE; then
return
fi
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return
fi
sed -i "s/#net.ipv4.tcp_syncookies=1/net.ipv4.tcp_syncookies=1/g" /etc/sysctl.conf

4
src/freedombone-utils-go

@ -193,10 +193,6 @@ function mesh_upgrade_golang {
}
function upgrade_golang {
if [[ $SYSTEM_TYPE == "$VARIANT_WRITER" || $SYSTEM_TYPE == "$VARIANT_MAILBOX" || $SYSTEM_TYPE == "$VARIANT_CLOUD" || $SYSTEM_TYPE == "$VARIANT_SOCIAL" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
return
fi
if grep -Fxq "upgrade_golang:$GO_VERSION" $COMPLETION_FILE; then
return
fi

9
src/freedombone-utils-help

@ -66,15 +66,6 @@ function show_help {
echo $' --ns2 Second DNS nameserver'
echo $' --repo Debian repository'
echo ''
echo $'system types'
echo '------------'
echo $'This can either be blank if you wish to install the full system,'
echo $"or for more specialised variants you can specify '$VARIANT_MAILBOX', '$VARIANT_CLOUD',"
echo $"'$VARIANT_CHAT', '$VARIANT_SOCIAL', '$VARIANT_MEDIA', '$VARIANT_WRITER', '$VARIANT_DEVELOPER'"
echo $"or '$VARIANT_MESH'."
echo ''
echo $"If you wish to install everything except email then use the '$VARIANT_NONMAILBOX' variaint."
echo ''
exit 0
}

138
src/freedombone-utils-interactive

@ -29,81 +29,81 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
function interactive_configuration_remote_backups {
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
return
fi
if [ ! -f /usr/local/bin/${PROJECT_NAME}-remote ]; then
if [ ! -f /usr/bin/${PROJECT_NAME}-remote ]; then
echo $"The command ${PROJECT_NAME}-remote was not found"
exit 87354
fi
fi
${PROJECT_NAME}-remote -u $MY_USERNAME -l $FRIENDS_SERVERS_LIST -m $MINIMUM_PASSWORD_LENGTH -r yes
if [ ! "$?" = "0" ]; then
echo $'Command failed:'
echo ''
echo $" ${PROJECT_NAME}-remote -u $MY_USERNAME -l $FRIENDS_SERVERS_LIST -m $MINIMUM_PASSWORD_LENGTH -r yes"
echo ''
exit 65892
fi
if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return
fi
if [ ! -f /usr/local/bin/${PROJECT_NAME}-remote ]; then
if [ ! -f /usr/bin/${PROJECT_NAME}-remote ]; then
echo $"The command ${PROJECT_NAME}-remote was not found"
exit 87354
fi
fi
${PROJECT_NAME}-remote -u $MY_USERNAME -l $FRIENDS_SERVERS_LIST -m $MINIMUM_PASSWORD_LENGTH -r yes
if [ ! "$?" = "0" ]; then
echo $'Command failed:'
echo ''
echo $" ${PROJECT_NAME}-remote -u $MY_USERNAME -l $FRIENDS_SERVERS_LIST -m $MINIMUM_PASSWORD_LENGTH -r yes"
echo ''
exit 65892
fi
}
function interactive_configuration {
if [ ! -f /usr/local/bin/${PROJECT_NAME}-config ]; then
if [ ! -f /usr/bin/${PROJECT_NAME}-config ]; then
echo $"The command ${PROJECT_NAME}-config was not found"
exit 63935
fi
fi
if [ -f /tmp/meshuserdevice ]; then
rm -f /tmp/meshuserdevice
fi
if [ ! -f /usr/local/bin/${PROJECT_NAME}-config ]; then
if [ ! -f /usr/bin/${PROJECT_NAME}-config ]; then
echo $"The command ${PROJECT_NAME}-config was not found"
exit 63935
fi
fi
if [ -f /tmp/meshuserdevice ]; then
rm -f /tmp/meshuserdevice
fi
if [[ $ONION_ONLY == "no" ]]; then
if [[ $MINIMAL_INSTALL == "no" ]]; then
${PROJECT_NAME}-config \
-f $CONFIGURATION_FILE \
-w $PROJECT_WEBSITE \
-m $MINIMUM_PASSWORD_LENGTH
else
${PROJECT_NAME}-config \
-f $CONFIGURATION_FILE \
-w $PROJECT_WEBSITE \
-m $MINIMUM_PASSWORD_LENGTH \
--minimal "yes"
fi
else
${PROJECT_NAME}-config \
-f $CONFIGURATION_FILE \
-w $PROJECT_WEBSITE \
-m $MINIMUM_PASSWORD_LENGTH \
--onion "yes"
fi
if [ -f /tmp/meshuserdevice ]; then
# mesh network user device installation
rm -f /tmp/meshuserdevice
exit 0
fi
if [ ! "$?" = "0" ]; then
echo $'Command failed:'
echo ''
echo $" ${PROJECT_NAME}-config -u $MY_USERNAME -f $CONFIGURATION_FILE -w $PROJECT_WEBSITE -b $PROJECT_BITMESSAGE -m $MINIMUM_PASSWORD_LENGTH --minimal [yes|no]"
echo ''
exit 73594
fi
if [[ $ONION_ONLY == "no" ]]; then
if [[ $MINIMAL_INSTALL == "no" ]]; then
${PROJECT_NAME}-config \
-f $CONFIGURATION_FILE \
-w $PROJECT_WEBSITE \
-m $MINIMUM_PASSWORD_LENGTH
else
${PROJECT_NAME}-config \
-f $CONFIGURATION_FILE \
-w $PROJECT_WEBSITE \
-m $MINIMUM_PASSWORD_LENGTH \
--minimal "yes"
fi
else
${PROJECT_NAME}-config \
-f $CONFIGURATION_FILE \
-w $PROJECT_WEBSITE \
-m $MINIMUM_PASSWORD_LENGTH \
--onion "yes"
fi
if [ -f /tmp/meshuserdevice ]; then
# mesh network user device installation
rm -f /tmp/meshuserdevice
exit 0
fi
if [ ! "$?" = "0" ]; then
echo $'Command failed:'
echo ''
echo $" ${PROJECT_NAME}-config -u $MY_USERNAME -f $CONFIGURATION_FILE -w $PROJECT_WEBSITE -b $PROJECT_BITMESSAGE -m $MINIMUM_PASSWORD_LENGTH --minimal [yes|no]"
echo ''
exit 73594
fi
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
FRIENDS_SERVERS_LIST=/home/$MY_USERNAME/backup.list
if [[ $SYSTEM_TYPE == "mesh"* ]]; then
FRIENDS_SERVERS_LIST=/home/$MY_USERNAME/backup.list
dialog --title $"Encrypted backup to other servers" \
--backtitle $"${PROJECT_NAME} Configuration" \
--defaultno \
--yesno $"\nDo you wish to configure some remote backup locations?" 7 60
sel=$?
case $sel in
0) interactive_configuration_remote_backups;;
esac
fi
dialog --title $"Encrypted backup to other servers" \
--backtitle $"${PROJECT_NAME} Configuration" \
--defaultno \
--yesno $"\nDo you wish to configure some remote backup locations?" 7 60
sel=$?
case $sel in
0) interactive_configuration_remote_backups;;
esac
fi
}
# NOTE: deliberately no exit 0

70
src/freedombone-utils-login

@ -29,58 +29,24 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
function change_login_message {
if grep -Fxq "change_login_message" $COMPLETION_FILE; then
return
fi
# remove automatic motd creator if it exists
if [ -f /etc/init.d/motd ]; then
rm -f /etc/init.d/motd
fi
echo '' > /etc/motd
echo ".---. . . " >> /etc/motd
echo "| | | " >> /etc/motd
echo "|--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-. " >> /etc/motd
echo "| | (.-' (.-' ( | ( )| | | | )( )| | (.-' " >> /etc/motd
echo "' ' --' --' -' - -' ' ' -' -' -' ' - --'" >> /etc/motd
if [[ $SYSTEM_TYPE == "$VARIANT_MAILBOX" ]]; then
echo $' M A I L B O X E D I T I O N' >> /etc/motd
fi
if [[ $SYSTEM_TYPE == "$VARIANT_SOCIAL" ]]; then
echo $' S O C I A L E D I T I O N' >> /etc/motd
fi
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" ]]; then
echo $' C H A T E D I T I O N' >> /etc/motd
fi
if [[ $SYSTEM_TYPE == "$VARIANT_CLOUD" ]]; then
echo $' C L O U D E D I T I O N' >> /etc/motd
fi
if [[ $SYSTEM_TYPE == "$VARIANT_WRITER" ]]; then
echo $' W R I T E R E D I T I O N ' >> /etc/motd
fi
if [[ $SYSTEM_TYPE == "$VARIANT_MEDIA" ]]; then
echo $' M E D I A E D I T I O N' >> /etc/motd
fi
if [[ $SYSTEM_TYPE == "$VARIANT_DEVELOPER" ]]; then
echo $' D E V E L O P E R E D I T I O N' >> /etc/motd
fi
echo '' >> /etc/motd
if [[ $SYSTEM_TYPE != "$VARIANT_MESH" ]]; then
echo $' Freedom in the Cloud' >> /etc/motd
else
echo $' Freedom in the Mesh' >> /etc/motd
fi
echo '' >> /etc/motd
echo 'change_login_message' >> $COMPLETION_FILE
if grep -Fxq "change_login_message" $COMPLETION_FILE; then
return
fi
# remove automatic motd creator if it exists
if [ -f /etc/init.d/motd ]; then
rm -f /etc/init.d/motd
fi
echo '' > /etc/motd
echo ".---. . . " >> /etc/motd
echo "| | | " >> /etc/motd
echo "|--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-. " >> /etc/motd
echo "| | (.-' (.-' ( | ( )| | | | )( )| | (.-' " >> /etc/motd
echo "' ' --' --' -' - -' ' ' -' -' -' ' - --'" >> /etc/motd
echo $' Freedom in the Cloud' >> /etc/motd
echo '' >> /etc/motd
echo 'change_login_message' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0

12
src/freedombone-utils-onion

@ -134,7 +134,7 @@ function set_default_onion_domains {
}
function create_avahi_onion_domains {
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return
fi
if [ ! -d /etc/avahi/services ]; then
@ -159,7 +159,7 @@ function create_avahi_onion_domains {
}
function allow_ssh_to_onion_address {
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return
fi
if [ ! -d /home/$MY_USERNAME/.ssh ]; then
@ -176,7 +176,7 @@ function allow_ssh_to_onion_address {
}
function enable_ssh_via_onion {
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return
fi
if grep -Fxq "enable_ssh_via_onion" $COMPLETION_FILE; then
@ -206,7 +206,7 @@ function configure_ssh_onion {
if grep -Fxq "configure_ssh_onion" $COMPLETION_FILE; then
return
fi
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return
fi
@ -222,7 +222,7 @@ function configure_ssh_onion {
}
function install_tor {
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [[ $SYSTEM_TYPE == "mesh*" ]]; then
return
fi
if grep -Fxq "install_tor" $COMPLETION_FILE; then
@ -237,7 +237,7 @@ function install_tor {
}
function resolve_dns_via_tor {
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return
fi
if grep -Fxq "resolve_dns_via_tor" $COMPLETION_FILE; then

14
src/freedombone-utils-selector

@ -110,6 +110,20 @@ function available_system_variants {
done
}
function is_valid_variant {
sys_type="$1"
available_variants_list=()
available_system_variants
for variant_str in "${available_variants_list[@]}"
do
if [[ "$sys_type" == "$variant_str" ]]; then
return "1"
fi
done
return "0"
}
# mark a given app as having been removed so that it doesn't get reinstalled on updates
function remove_app {
app_name=$1

68
src/freedombone-utils-setup

@ -32,23 +32,10 @@ if [ ! $PROJECT_NAME ]; then
PROJECT_NAME='freedombone'
fi
# Different system variants which may be specified within
# the SYSTEM_TYPE option
VARIANT_FULL="full"
VARIANT_WRITER="writer"
VARIANT_CLOUD="cloud"
VARIANT_CHAT="chat"
VARIANT_MAILBOX="mailbox"
VARIANT_NONMAILBOX="nonmailbox"
VARIANT_SOCIAL="social"
VARIANT_MEDIA="media"
VARIANT_DEVELOPER="developer"
VARIANT_MESH="mesh"
DEFAULT_DOMAIN_NAME=
DEFAULT_DOMAIN_CODE=
MY_USERNAME=
SYSTEM_TYPE=$VARIANT_FULL
SYSTEM_TYPE="full"
# An optional configuration file which overrides some of these variables
CONFIGURATION_FILE="${PROJECT_NAME}.cfg"
@ -121,37 +108,36 @@ function search_for_attached_usb_drive {
mkdir $USB_MOUNT
mount $USB_DRIVE $USB_MOUNT
fi
if ! [[ $SYSTEM_TYPE == "$VARIANT_WRITER" || $SYSTEM_TYPE == "$VARIANT_CLOUD" || $SYSTEM_TYPE == "$VARIANT_CHAT" || $SYSTEM_TYPE == "$VARIANT_SOCIAL" || $SYSTEM_TYPE == "$VARIANT_MEDIA" || $SYSTEM_TYPE == "$VARIANT_DEVELOPER" || $SYSTEM_TYPE == "$VARIANT_MESH" || $SYSTEM_TYPE == "$VARIANT_NONMAILBOX" ]]; then
if [ -d $USB_MOUNT/Maildir ]; then
echo $'Maildir found on USB drive'
IMPORT_MAILDIR=$USB_MOUNT/Maildir
fi
if [ -d $USB_MOUNT/.gnupg ]; then
echo $'Importing GPG keyring'
cp -r $USB_MOUNT/.gnupg /home/$MY_USERNAME
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg
GPG_KEYS_IMPORTED="yes"
if [ ! -f /home/$MY_USERNAME/.gnupg/secring.gpg ]; then
echo $'GPG files did not copy'
exit 73529
fi
if [ -d $USB_MOUNT/Maildir ]; then
echo $'Maildir found on USB drive'
IMPORT_MAILDIR=$USB_MOUNT/Maildir
fi
if [ -d $USB_MOUNT/.gnupg ]; then
echo $'Importing GPG keyring'
cp -r $USB_MOUNT/.gnupg /home/$MY_USERNAME
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg
GPG_KEYS_IMPORTED="yes"
if [ ! -f /home/$MY_USERNAME/.gnupg/secring.gpg ]; then
echo $'GPG files did not copy'
exit 73529
fi
fi
if [ -f $USB_MOUNT/.procmailrc ]; then
echo $'Importing procmail settings'
cp $USB_MOUNT/.procmailrc /home/$MY_USERNAME
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.procmailrc
fi
if [ -f $USB_MOUNT/.procmailrc ]; then
echo $'Importing procmail settings'
cp $USB_MOUNT/.procmailrc /home/$MY_USERNAME
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.procmailrc
fi
if [ -f $USB_MOUNT/private_key.gpg ]; then
echo $'GPG private key found on USB drive'
MY_GPG_PRIVATE_KEY=$USB_MOUNT/private_key.gpg
fi
if [ -f $USB_MOUNT/public_key.gpg ]; then
echo $'GPG public key found on USB drive'
MY_GPG_PUBLIC_KEY=$USB_MOUNT/public_key.gpg
fi
if [ -f $USB_MOUNT/private_key.gpg ]; then
echo $'GPG private key found on USB drive'
MY_GPG_PRIVATE_KEY=$USB_MOUNT/private_key.gpg
fi
if [ -f $USB_MOUNT/public_key.gpg ]; then
echo $'GPG public key found on USB drive'
MY_GPG_PUBLIC_KEY=$USB_MOUNT/public_key.gpg
fi
if [ -d $USB_MOUNT/prosody ]; then
if [ ! -d $XMPP_DIRECTORY ]; then
mkdir $XMPP_DIRECTORY

140
src/freedombone-utils-time

@ -43,88 +43,88 @@ TLSDATE_REPO="https://github.com/bashrc/tlsdate"
TLSDATE_COMMIT='505e31540eebde8074e7dc93b29be0d848def06a'
function check_date {
curr_date=$(date)
if [[ $curr_date == *"1970"* ]]; then
apt-get -y install ntp
fi
curr_date=$(date)
if [[ $curr_date == *"1970"* ]]; then
apt-get -y install ntp
fi
}
function time_synchronisation {
# mesh peers typically don't sync over the internet
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
return
fi
# mesh peers typically don't sync over the internet
if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return
fi
if [ -f /usr/local/bin/${PROJECT_NAME}-update-date ]; then
cp /usr/local/bin/${PROJECT_NAME}-update-date /usr/bin/updatedate
else
cp /usr/bin/${PROJECT_NAME}-update-date /usr/bin/updatedate
fi
chmod +x /usr/bin/updatedate
if [ -f /usr/local/bin/${PROJECT_NAME}-update-date ]; then
cp /usr/local/bin/${PROJECT_NAME}-update-date /usr/bin/updatedate
else
cp /usr/bin/${PROJECT_NAME}-update-date /usr/bin/updatedate
fi
chmod +x /usr/bin/updatedate
if grep -Fxq "time_synchronisation" $COMPLETION_FILE; then
return
fi
if grep -Fxq "time_synchronisation" $COMPLETION_FILE; then
return
fi
apt-get -y install tlsdate
apt-get -y remove ntpdate
apt-get -y install tlsdate
apt-get -y remove ntpdate
function_check cron_add_mins
cron_add_mins 15 '/usr/bin/updatedate'
function_check cron_add_mins
cron_add_mins 15 '/usr/bin/updatedate'
systemctl restart cron
systemctl restart cron
echo 'time_synchronisation' >> $COMPLETION_FILE
echo 'time_synchronisation' >> $COMPLETION_FILE
}
function time_synchronisation_tlsdate {
# mesh peers typically don't sync over the internet
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
return
fi
if [ -f /usr/local/bin/${PROJECT_NAME}-update-date ]; then
cp /usr/local/bin/${PROJECT_NAME}-update-date /usr/bin/updatedate
else
cp /usr/bin/${PROJECT_NAME}-update-date /usr/bin/updatedate
fi
chmod +x /usr/bin/updatedate
if [ ! -d $INSTALL_DIR ]; then
mkdir -p $INSTALL_DIR
fi
set_repo_commit $INSTALL_DIR/tlsdate "tlsdate commit" "$TLSDATE_COMMIT" $TLSDATE_REPO
if grep -Fxq "time_synchronisation_tlsdate" $COMPLETION_FILE; then
return
fi
apt-get -y remove tlsdate ntpdate
apt-get -y install build-essential autoconf libevent-dev
apt-get -y install pkg-config libtool libssl-dev
cd $INSTALL_DIR
function_check git_clone
git_clone $TLSDATE_REPO $INSTALL_DIR/tlsdate
cd $INSTALL_DIR/tlsdate
git checkout $TLSDATE_COMMIT -b $TLSDATE_COMMIT
./autogen.sh
./configure
if [ ! "$?" = "0" ]; then
echo $'Unable to configure tlsdate'
exit 6825277
fi
make
if [ ! "$?" = "0" ]; then
echo $'Unable to build tlsdate'
exit 3792726
fi
make install
function_check cron_add_mins
cron_add_mins 15 '/usr/bin/updatedate'
echo 'time_synchronisation_tlsdate' >> $COMPLETION_FILE
# mesh peers typically don't sync over the internet
if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return
fi
if [ -f /usr/local/bin/${PROJECT_NAME}-update-date ]; then
cp /usr/local/bin/${PROJECT_NAME}-update-date /usr/bin/updatedate
else
cp /usr/bin/${PROJECT_NAME}-update-date /usr/bin/updatedate
fi
chmod +x /usr/bin/updatedate
if [ ! -d $INSTALL_DIR ]; then
mkdir -p $INSTALL_DIR
fi
set_repo_commit $INSTALL_DIR/tlsdate "tlsdate commit" "$TLSDATE_COMMIT" $TLSDATE_REPO
if grep -Fxq "time_synchronisation_tlsdate" $COMPLETION_FILE; then
return
fi
apt-get -y remove tlsdate ntpdate
apt-get -y install build-essential autoconf libevent-dev
apt-get -y install pkg-config libtool libssl-dev
cd $INSTALL_DIR
function_check git_clone
git_clone $TLSDATE_REPO $INSTALL_DIR/tlsdate
cd $INSTALL_DIR/tlsdate
git checkout $TLSDATE_COMMIT -b $TLSDATE_COMMIT
./autogen.sh
./configure
if [ ! "$?" = "0" ]; then
echo $'Unable to configure tlsdate'
exit 6825277
fi
make
if [ ! "$?" = "0" ]; then
echo $'Unable to build tlsdate'
exit 3792726
fi
make install
function_check cron_add_mins
cron_add_mins 15 '/usr/bin/updatedate'
echo 'time_synchronisation_tlsdate' >> $COMPLETION_FILE
}
# NOTE: deliberately no exit 0

5
src/freedombone-utils-web

@ -321,7 +321,7 @@ function install_web_server_access_control {
}
function install_dynamicdns {
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return
fi
if [[ $ONION_ONLY != "no" ]]; then
@ -439,9 +439,6 @@ function install_web_server {
mesh_web_server
return
fi
if [[ $SYSTEM_TYPE == "$VARIANT_CHAT" ]]; then
return
fi
# update to the next commit
function_check set_repo_commit

2
src/freedombone-utils-wifi

@ -40,7 +40,7 @@ WIFI_NETWORKS_FILE=~/${PROJECT_NAME}-wifi.cfg
ATHEROS_WIFI_REPO="https://github.com/qca/open-ath9k-htc-firmware.git"
function setup_wifi {
if [[ $SYSTEM_TYPE == "$VARIANT_MESH" ]]; then
if [[ $SYSTEM_TYPE == "mesh"* ]]; then
return
fi
if [ ! $WIFI_SSID ]; then

Loading…
Cancel
Save