850,7 → 850,7 |
$SED 's/^$SERVER\["socket"\] == ".*:443.*/$SERVER\["socket"\] == "'"$PRIVATE_IP"':443" {/g' /etc/lighttpd/vhosts.d/alcasar-without-ssl.conf |
$SED "s/^\([\t ]*\)var.server_name.*/\1var.server_name = \"$PRIVATE_IP\"/g" /etc/lighttpd/vhosts.d/alcasar-with-ssl.conf |
$SED "s/^\([\t ]*\)var.server_name.*/\1var.server_name = \"$PRIVATE_IP\"/g" /etc/lighttpd/vhosts.d/alcasar-without-ssl.conf |
ln -s /etc/lighttpd/vhosts.d/alcasar-without-ssl.conf /etc/lighttpd/vhosts.d/alcasar.conf |
ln -s /etc/lighttpd/vhosts.d/alcasar-with-ssl.conf /etc/lighttpd/vhosts.d/alcasar.conf |
|
[ -d /var/log/lighttpd ] || mkdir /var/log/lighttpd |
[ -e /var/log/lighttpd/access.log ] || touch /var/log/lighttpd/access.log |
875,10 → 875,8 |
$DIR_DEST_BIN/alcasar-profil.sh --add admin |
done |
fi |
# Creation of ACC certs links |
[ -d /var/www/html/certs ] || mkdir /var/www/html/certs |
ln -s /etc/pki/CA/alcasar-ca.crt /var/www/html/certs/certificat_alcasar_ca.crt |
# Run lighttpd after coova (in order waiting tun0 to be up) |
|
# Run lighttpd after coova (in order waiting tun0 to be up) |
$SED "s?^After=.*?After=network.target remote-fs.target nss-lookup.target chilli.service?g" /lib/systemd/system/lighttpd.service |
# Log file for ACC access imputability |
[ -e /var/Save/security/acc_access.log ] || touch /var/Save/security/acc_access.log |
1217,7 → 1215,7 |
radiussecret $secretradius |
radiusauthport 1812 |
radiusacctport 1813 |
uamserver http://$HOSTNAME.$DOMAIN/intercept.php |
uamserver https://$HOSTNAME.$DOMAIN/intercept.php |
redirurl |
radiusnasid $HOSTNAME.$DOMAIN |
uamsecret $secretuam |
1234,8 → 1232,8 |
#dhcpgatewayport none |
sslkeyfile /etc/pki/tls/private/alcasar.key |
sslcertfile /etc/pki/tls/certs/alcasar.crt |
#redirssl |
#uamuissl |
redirssl |
uamuissl |
EOF |
# create files for "DHCP static ip" and "DHCP static ip info". Reserve the second IP address for INTIF (the first one is for tun0) |
echo "$PRIVATE_MAC $PRIVATE_SECOND_IP" > $DIR_DEST_ETC/alcasar-ethers |
2137,7 → 2135,7 |
# sshd authorized certificate for root login |
$SED "s?^PermitRootLogin.*?PermitRootLogin without-password?g" /etc/ssh/sshd_config |
# ALCASAR conf file |
echo "HTTPS_LOGIN=off" >> $CONF_FILE |
echo "HTTPS_LOGIN=on" >> $CONF_FILE |
echo "HTTPS_CHILLI=off" >> $CONF_FILE |
echo "SSH=on" >> $CONF_FILE |
echo "SSH_ADMIN_FROM=0.0.0.0/0.0.0.0" >> $CONF_FILE |