| 47,6 → 47,7 |
|---|
| # fail2ban : Fail2ban IDS installation and configuration |
| # gammu_smsd : Autoregister addon via SMS (gammu-smsd) |
| # msec : Mandriva security package configuration |
| # letsencrypt : Let's Encrypt client |
| # post_install : Security, log rotation, etc. |
| |
| DATE=`date '+%d %B %Y - %Hh%M'` |
| 1848,6 → 1849,12 |
|---|
| 0 */12 * * * root $DIR_DEST_BIN/alcasar-bl.sh --update_cat > /dev/null 2>&1 |
| EOF |
| |
| # Renew the Let's Encrypt certificate |
| cat <<EOF > /etc/cron.d/alcasar-letsencrypt |
| # Automatic renew of the Let's Encrypt certificate |
| @daily root $DIR_DEST_BIN/alcasar-letsencrypt.sh --cron > /dev/null 2>&1 |
| EOF |
| |
| # removing the users crons |
| rm -f /var/spool/cron/* |
| } # End cron |
| 1981,7 → 1988,57 |
|---|
| |
| } # END msec() |
| |
| |
| ################################################################## |
| ## Fonction "letsencrypt" ## |
| ## - Install Let's Encrypt client ## |
| ## - Prepare Let's Encrypt ALCASAR configuration file ## |
| ################################################################## |
| letsencrypt() |
| { |
| echo "Installing Let's Encrypt client..." |
| |
| # Extract acme.sh |
| tar xzf ./conf/letsencrypt-client/acme.sh-*.tar.gz -C /tmp/ |
| |
| pwdInstall=$(pwd) |
| cd /tmp/acme.sh-* |
| |
| acmesh_installDir="/opt/acme.sh" |
| acmesh_confDir="/usr/local/etc/letsencrypt" |
| acmesh_userAgent="ALCASAR/$VERSION" |
| |
| # Install acme.sh |
| ./acme.sh --install \ |
| --home $acmesh_installDir \ |
| --config-home $acmesh_confDir/data \ |
| --certhome $acmesh_confDir/certs \ |
| --accountkey $acmesh_confDir/ca/account.key \ |
| --accountconf $acmesh_confDir/data/account.conf \ |
| --useragent $acmesh_userAgent \ |
| --nocron |
| |
| if [ $? -ne 0 ]; then |
| echo "Error during installation of Let's Encrypt client (acme.sh)." |
| fi |
| |
| # Create configuration file |
| cat <<EOF > /usr/local/etc/alcasar-letsencrypt |
| email= |
| dateIssueRequest= |
| domainRequest= |
| challenge= |
| dateIssued= |
| dnsapi= |
| dateNextRenewal= |
| EOF |
| |
| cd $pwdInstall |
| rm -rf /tmp/acme.sh-* |
| |
| } # END letsencrypt() |
| |
| ################################################################## |
| ## Fonction "post_install" ## |
| ## - Modifying banners (locals et ssh) & prompts ## |
| ## - SSH config ## |
| 2268,7 → 2325,7 |
|---|
| UPD_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f3` |
| mode="update" |
| fi |
| for func in init network ACC CA time_server init_db radius chilli dansguardian antivirus tinyproxy ulogd nfsen vnstat dnsmasq BL cron fail2ban gammu_smsd msec post_install |
| for func in init network ACC CA time_server init_db radius chilli dansguardian antivirus tinyproxy ulogd nfsen vnstat dnsmasq BL cron fail2ban gammu_smsd msec letsencrypt post_install |
| do |
| $func |
| # echo "*** 'debug' : end of function $func ***"; read a |