47,6 → 47,7 |
# fail2ban : Fail2ban IDS installation and configuration |
# gammu_smsd : Autoregister addon via SMS (gammu-smsd) |
# msec : Mandriva security package configuration |
# letsencrypt : Let's Encrypt client |
# post_install : Security, log rotation, etc. |
|
DATE=`date '+%d %B %Y - %Hh%M'` |
1848,6 → 1849,12 |
0 */12 * * * root $DIR_DEST_BIN/alcasar-bl.sh --update_cat > /dev/null 2>&1 |
EOF |
|
# Renew the Let's Encrypt certificate |
cat <<EOF > /etc/cron.d/alcasar-letsencrypt |
# Automatic renew of the Let's Encrypt certificate |
@daily root $DIR_DEST_BIN/alcasar-letsencrypt.sh --cron > /dev/null 2>&1 |
EOF |
|
# removing the users crons |
rm -f /var/spool/cron/* |
} # End cron |
1981,7 → 1988,57 |
|
} # END msec() |
|
|
################################################################## |
## Fonction "letsencrypt" ## |
## - Install Let's Encrypt client ## |
## - Prepare Let's Encrypt ALCASAR configuration file ## |
################################################################## |
letsencrypt() |
{ |
echo "Installing Let's Encrypt client..." |
|
# Extract acme.sh |
tar xzf ./conf/letsencrypt-client/acme.sh-*.tar.gz -C /tmp/ |
|
pwdInstall=$(pwd) |
cd /tmp/acme.sh-* |
|
acmesh_installDir="/opt/acme.sh" |
acmesh_confDir="/usr/local/etc/letsencrypt" |
acmesh_userAgent="ALCASAR/$VERSION" |
|
# Install acme.sh |
./acme.sh --install \ |
--home $acmesh_installDir \ |
--config-home $acmesh_confDir/data \ |
--certhome $acmesh_confDir/certs \ |
--accountkey $acmesh_confDir/ca/account.key \ |
--accountconf $acmesh_confDir/data/account.conf \ |
--useragent $acmesh_userAgent \ |
--nocron |
|
if [ $? -ne 0 ]; then |
echo "Error during installation of Let's Encrypt client (acme.sh)." |
fi |
|
# Create configuration file |
cat <<EOF > /usr/local/etc/alcasar-letsencrypt |
email= |
dateIssueRequest= |
domainRequest= |
challenge= |
dateIssued= |
dnsapi= |
dateNextRenewal= |
EOF |
|
cd $pwdInstall |
rm -rf /tmp/acme.sh-* |
|
} # END letsencrypt() |
|
################################################################## |
## Fonction "post_install" ## |
## - Modifying banners (locals et ssh) & prompts ## |
## - SSH config ## |
2268,7 → 2325,7 |
UPD_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f3` |
mode="update" |
fi |
for func in init network ACC CA time_server init_db radius chilli dansguardian antivirus tinyproxy ulogd nfsen vnstat dnsmasq BL cron fail2ban gammu_smsd msec post_install |
for func in init network ACC CA time_server init_db radius chilli dansguardian antivirus tinyproxy ulogd nfsen vnstat dnsmasq BL cron fail2ban gammu_smsd msec letsencrypt post_install |
do |
$func |
# echo "*** 'debug' : end of function $func ***"; read a |