Subversion Repositories ALCASAR

Rev

Rev 1834 | Rev 1839 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 1834 Rev 1837
Line 1... Line 1...
1
#!/bin/bash
1
#!/bin/bash
2
#  $Id: alcasar.sh 1834 2016-04-24 19:01:36Z richard $ 
2
#  $Id: alcasar.sh 1837 2016-04-25 12:35:28Z richard $ 
3
 
3
 
4
# alcasar.sh
4
# alcasar.sh
5
 
5
 
6
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...] 
6
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...] 
7
# Ce programme est un logiciel libre ; This software is free and open source
7
# Ce programme est un logiciel libre ; This software is free and open source
Line 27... Line 27...
27
 
27
 
28
# Functions :
28
# Functions :
29
#	testing			: connectivity tests, free space test and mageia version test
29
#	testing			: connectivity tests, free space test and mageia version test
30
#	init			: Installation of RPM and scripts
30
#	init			: Installation of RPM and scripts
31
#	network			: Network parameters
31
#	network			: Network parameters
32
#	time_server		: NTPd configuration
-
 
33
#	ACC			: ALCASAR Control Center installation
32
#	ACC			: ALCASAR Control Center installation
34
#	CA			: Certification Authority initialization
33
#	CA			: Certification Authority initialization
-
 
34
#	time_server		: NTPd configuration
35
#	init_db			: Initilization of radius database managed with MariaDB
35
#	init_db			: Initilization of radius database managed with MariaDB
36
#	radius			: FreeRadius initialisation
36
#	radius			: FreeRadius initialisation
37
#	chilli			: coovachilli initialisation (+authentication page)
37
#	chilli			: coovachilli initialisation (+authentication page)
38
#	dansguardian		: DansGuardian filtering HTTP proxy configuration
38
#	dansguardian		: DansGuardian filtering HTTP proxy configuration
39
#	antivirus		: HAVP + libclamav configuration
39
#	antivirus		: HAVP + libclamav configuration
Line 612... Line 612...
612
# 
612
# 
613
# the script "$DIR_DEST_BIN/alcasar-iptables.sh" is launched at the end in order to allow update via ssh
613
# the script "$DIR_DEST_BIN/alcasar-iptables.sh" is launched at the end in order to allow update via ssh
614
} # End of network ()
614
} # End of network ()
615
 
615
 
616
##################################################################
616
##################################################################
617
##			Function "time_server"			##
-
 
618
## - Configuring NTP server					##
-
 
619
##################################################################
-
 
620
time_server ()
-
 
621
{
-
 
622
# Set the Internet time server
-
 
623
	[ -e /etc/ntp/step-tickers.default ] || cp /etc/ntp/step-tickers /etc/ntp/step-tickers.default
-
 
624
	cat <<EOF > /etc/ntp/step-tickers
-
 
625
0.fr.pool.ntp.org	# adapt to your country
-
 
626
1.fr.pool.ntp.org
-
 
627
2.fr.pool.ntp.org
-
 
628
EOF
-
 
629
	[ -e /etc/ntp.conf.default ] || cp /etc/ntp.conf /etc/ntp.conf.default
-
 
630
	cat <<EOF > /etc/ntp.conf
-
 
631
server 0.fr.pool.ntp.org	# adapt to your country
-
 
632
server 1.fr.pool.ntp.org
-
 
633
server 2.fr.pool.ntp.org
-
 
634
server 127.127.1.0   		# local clock si NTP internet indisponible ...
-
 
635
fudge 127.127.1.0 stratum 10
-
 
636
restrict $PRIVATE_NETWORK mask $PRIVATE_NETMASK nomodify notrap
-
 
637
restrict 127.0.0.1
-
 
638
driftfile /var/lib/ntp/drift
-
 
639
logfile /var/log/ntp.log
-
 
640
disable monitor
-
 
641
EOF
-
 
642
	chown -R ntp:ntp /var/lib/ntp
-
 
643
# Synchronize now
-
 
644
	ntpd -q -g &
-
 
645
} # End of time_server ()
-
 
646
##################################################################
-
 
647
##			Function "ACC"				##
617
##			Function "ACC"				##
648
## - installation du centre de gestion (ALCASAR Control Center)	##
618
## - installation du centre de gestion (ALCASAR Control Center)	##
649
## - configuration du serveur web (Apache)			##
619
## - configuration du serveur web (Apache)			##
650
## - définition du 1er comptes de gestion 			##
620
## - définition du 1er comptes de gestion 			##
651
## - sécurisation des accès					##
621
## - sécurisation des accès					##
Line 915... Line 885...
915
EOF
885
EOF
916
	chown -R root:apache /etc/pki
886
	chown -R root:apache /etc/pki
917
	chmod -R 750 /etc/pki
887
	chmod -R 750 /etc/pki
918
} # End of CA ()
888
} # End of CA ()
919
 
889
 
-
 
890
##################################################################
-
 
891
##			Function "time_server"			##
-
 
892
## - Configuring NTP server					##
-
 
893
##################################################################
-
 
894
time_server ()
-
 
895
{
-
 
896
# Set the Internet time server
-
 
897
	[ -e /etc/ntp/step-tickers.default ] || cp /etc/ntp/step-tickers /etc/ntp/step-tickers.default
-
 
898
	cat <<EOF > /etc/ntp/step-tickers
-
 
899
0.fr.pool.ntp.org	# adapt to your country
-
 
900
1.fr.pool.ntp.org
-
 
901
2.fr.pool.ntp.org
-
 
902
EOF
-
 
903
	[ -e /etc/ntp.conf.default ] || cp /etc/ntp.conf /etc/ntp.conf.default
-
 
904
	cat <<EOF > /etc/ntp.conf
-
 
905
server 0.fr.pool.ntp.org	# adapt to your country
-
 
906
server 1.fr.pool.ntp.org
-
 
907
server 2.fr.pool.ntp.org
-
 
908
server 127.127.1.0   		# local clock si NTP internet indisponible ...
-
 
909
fudge 127.127.1.0 stratum 10
-
 
910
restrict $PRIVATE_NETWORK mask $PRIVATE_NETMASK nomodify notrap
-
 
911
restrict 127.0.0.1
-
 
912
driftfile /var/lib/ntp/drift
-
 
913
logfile /var/log/ntp.log
-
 
914
disable monitor
-
 
915
EOF
-
 
916
	chown -R ntp:ntp /var/lib/ntp
-
 
917
# Synchronize now
-
 
918
	ntpd -q -g &
-
 
919
} # End of time_server ()
-
 
920
 
920
##########################################################################################
921
##########################################################################################
921
##			Fonction "init_db"						##
922
##			Fonction "init_db"						##
922
## - Initialisation de la base Mysql							##
923
## - Initialisation de la base Mysql							##
923
## - Affectation du mot de passe de l'administrateur (root)				##
924
## - Affectation du mot de passe de l'administrateur (root)				##
924
## - Suppression des bases et des utilisateurs superflus				##
925
## - Suppression des bases et des utilisateurs superflus				##
Line 2069... Line 2070...
2069
			MAJ_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f1`
2070
			MAJ_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f1`
2070
			MIN_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f2|cut -c1`
2071
			MIN_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f2|cut -c1`
2071
			UPD_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f3`
2072
			UPD_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f3`
2072
			mode="update"
2073
			mode="update"
2073
		fi
2074
		fi
2074
		for func in init network time_server ACC CA init_db radius chilli dansguardian antivirus tinyproxy ulogd nfsen vnstat dnsmasq BL cron fail2ban gammu_smsd post_install
2075
		for func in init network ACC CA time_server init_db radius chilli dansguardian antivirus tinyproxy ulogd nfsen vnstat dnsmasq BL cron fail2ban gammu_smsd post_install
2075
		do
2076
		do
2076
			$func
2077
			$func
2077
# echo "*** 'debug' : end of function $func ***"; read a
2078
# echo "*** 'debug' : end of function $func ***"; read a
2078
		done
2079
		done
2079
		;;
2080
		;;