Line 1... |
Line 1... |
1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
2 |
# $Id: alcasar.sh 1834 2016-04-24 19:01:36Z richard $
|
2 |
# $Id: alcasar.sh 1837 2016-04-25 12:35:28Z richard $
|
3 |
|
3 |
|
4 |
# alcasar.sh
|
4 |
# alcasar.sh
|
5 |
|
5 |
|
6 |
# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
|
6 |
# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
|
7 |
# Ce programme est un logiciel libre ; This software is free and open source
|
7 |
# Ce programme est un logiciel libre ; This software is free and open source
|
Line 27... |
Line 27... |
27 |
|
27 |
|
28 |
# Functions :
|
28 |
# Functions :
|
29 |
# testing : connectivity tests, free space test and mageia version test
|
29 |
# testing : connectivity tests, free space test and mageia version test
|
30 |
# init : Installation of RPM and scripts
|
30 |
# init : Installation of RPM and scripts
|
31 |
# network : Network parameters
|
31 |
# network : Network parameters
|
32 |
# time_server : NTPd configuration
|
- |
|
33 |
# ACC : ALCASAR Control Center installation
|
32 |
# ACC : ALCASAR Control Center installation
|
34 |
# CA : Certification Authority initialization
|
33 |
# CA : Certification Authority initialization
|
- |
|
34 |
# time_server : NTPd configuration
|
35 |
# init_db : Initilization of radius database managed with MariaDB
|
35 |
# init_db : Initilization of radius database managed with MariaDB
|
36 |
# radius : FreeRadius initialisation
|
36 |
# radius : FreeRadius initialisation
|
37 |
# chilli : coovachilli initialisation (+authentication page)
|
37 |
# chilli : coovachilli initialisation (+authentication page)
|
38 |
# dansguardian : DansGuardian filtering HTTP proxy configuration
|
38 |
# dansguardian : DansGuardian filtering HTTP proxy configuration
|
39 |
# antivirus : HAVP + libclamav configuration
|
39 |
# antivirus : HAVP + libclamav configuration
|
Line 612... |
Line 612... |
612 |
#
|
612 |
#
|
613 |
# the script "$DIR_DEST_BIN/alcasar-iptables.sh" is launched at the end in order to allow update via ssh
|
613 |
# the script "$DIR_DEST_BIN/alcasar-iptables.sh" is launched at the end in order to allow update via ssh
|
614 |
} # End of network ()
|
614 |
} # End of network ()
|
615 |
|
615 |
|
616 |
##################################################################
|
616 |
##################################################################
|
617 |
## Function "time_server" ##
|
- |
|
618 |
## - Configuring NTP server ##
|
- |
|
619 |
##################################################################
|
- |
|
620 |
time_server ()
|
- |
|
621 |
{
|
- |
|
622 |
# Set the Internet time server
|
- |
|
623 |
[ -e /etc/ntp/step-tickers.default ] || cp /etc/ntp/step-tickers /etc/ntp/step-tickers.default
|
- |
|
624 |
cat <<EOF > /etc/ntp/step-tickers
|
- |
|
625 |
0.fr.pool.ntp.org # adapt to your country
|
- |
|
626 |
1.fr.pool.ntp.org
|
- |
|
627 |
2.fr.pool.ntp.org
|
- |
|
628 |
EOF
|
- |
|
629 |
[ -e /etc/ntp.conf.default ] || cp /etc/ntp.conf /etc/ntp.conf.default
|
- |
|
630 |
cat <<EOF > /etc/ntp.conf
|
- |
|
631 |
server 0.fr.pool.ntp.org # adapt to your country
|
- |
|
632 |
server 1.fr.pool.ntp.org
|
- |
|
633 |
server 2.fr.pool.ntp.org
|
- |
|
634 |
server 127.127.1.0 # local clock si NTP internet indisponible ...
|
- |
|
635 |
fudge 127.127.1.0 stratum 10
|
- |
|
636 |
restrict $PRIVATE_NETWORK mask $PRIVATE_NETMASK nomodify notrap
|
- |
|
637 |
restrict 127.0.0.1
|
- |
|
638 |
driftfile /var/lib/ntp/drift
|
- |
|
639 |
logfile /var/log/ntp.log
|
- |
|
640 |
disable monitor
|
- |
|
641 |
EOF
|
- |
|
642 |
chown -R ntp:ntp /var/lib/ntp
|
- |
|
643 |
# Synchronize now
|
- |
|
644 |
ntpd -q -g &
|
- |
|
645 |
} # End of time_server ()
|
- |
|
646 |
##################################################################
|
- |
|
647 |
## Function "ACC" ##
|
617 |
## Function "ACC" ##
|
648 |
## - installation du centre de gestion (ALCASAR Control Center) ##
|
618 |
## - installation du centre de gestion (ALCASAR Control Center) ##
|
649 |
## - configuration du serveur web (Apache) ##
|
619 |
## - configuration du serveur web (Apache) ##
|
650 |
## - définition du 1er comptes de gestion ##
|
620 |
## - définition du 1er comptes de gestion ##
|
651 |
## - sécurisation des accès ##
|
621 |
## - sécurisation des accès ##
|
Line 915... |
Line 885... |
915 |
EOF
|
885 |
EOF
|
916 |
chown -R root:apache /etc/pki
|
886 |
chown -R root:apache /etc/pki
|
917 |
chmod -R 750 /etc/pki
|
887 |
chmod -R 750 /etc/pki
|
918 |
} # End of CA ()
|
888 |
} # End of CA ()
|
919 |
|
889 |
|
- |
|
890 |
##################################################################
|
- |
|
891 |
## Function "time_server" ##
|
- |
|
892 |
## - Configuring NTP server ##
|
- |
|
893 |
##################################################################
|
- |
|
894 |
time_server ()
|
- |
|
895 |
{
|
- |
|
896 |
# Set the Internet time server
|
- |
|
897 |
[ -e /etc/ntp/step-tickers.default ] || cp /etc/ntp/step-tickers /etc/ntp/step-tickers.default
|
- |
|
898 |
cat <<EOF > /etc/ntp/step-tickers
|
- |
|
899 |
0.fr.pool.ntp.org # adapt to your country
|
- |
|
900 |
1.fr.pool.ntp.org
|
- |
|
901 |
2.fr.pool.ntp.org
|
- |
|
902 |
EOF
|
- |
|
903 |
[ -e /etc/ntp.conf.default ] || cp /etc/ntp.conf /etc/ntp.conf.default
|
- |
|
904 |
cat <<EOF > /etc/ntp.conf
|
- |
|
905 |
server 0.fr.pool.ntp.org # adapt to your country
|
- |
|
906 |
server 1.fr.pool.ntp.org
|
- |
|
907 |
server 2.fr.pool.ntp.org
|
- |
|
908 |
server 127.127.1.0 # local clock si NTP internet indisponible ...
|
- |
|
909 |
fudge 127.127.1.0 stratum 10
|
- |
|
910 |
restrict $PRIVATE_NETWORK mask $PRIVATE_NETMASK nomodify notrap
|
- |
|
911 |
restrict 127.0.0.1
|
- |
|
912 |
driftfile /var/lib/ntp/drift
|
- |
|
913 |
logfile /var/log/ntp.log
|
- |
|
914 |
disable monitor
|
- |
|
915 |
EOF
|
- |
|
916 |
chown -R ntp:ntp /var/lib/ntp
|
- |
|
917 |
# Synchronize now
|
- |
|
918 |
ntpd -q -g &
|
- |
|
919 |
} # End of time_server ()
|
- |
|
920 |
|
920 |
##########################################################################################
|
921 |
##########################################################################################
|
921 |
## Fonction "init_db" ##
|
922 |
## Fonction "init_db" ##
|
922 |
## - Initialisation de la base Mysql ##
|
923 |
## - Initialisation de la base Mysql ##
|
923 |
## - Affectation du mot de passe de l'administrateur (root) ##
|
924 |
## - Affectation du mot de passe de l'administrateur (root) ##
|
924 |
## - Suppression des bases et des utilisateurs superflus ##
|
925 |
## - Suppression des bases et des utilisateurs superflus ##
|
Line 2069... |
Line 2070... |
2069 |
MAJ_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f1`
|
2070 |
MAJ_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f1`
|
2070 |
MIN_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f2|cut -c1`
|
2071 |
MIN_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f2|cut -c1`
|
2071 |
UPD_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f3`
|
2072 |
UPD_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f3`
|
2072 |
mode="update"
|
2073 |
mode="update"
|
2073 |
fi
|
2074 |
fi
|
2074 |
for func in init network time_server ACC CA init_db radius chilli dansguardian antivirus tinyproxy ulogd nfsen vnstat dnsmasq BL cron fail2ban gammu_smsd post_install
|
2075 |
for func in init network ACC CA time_server init_db radius chilli dansguardian antivirus tinyproxy ulogd nfsen vnstat dnsmasq BL cron fail2ban gammu_smsd post_install
|
2075 |
do
|
2076 |
do
|
2076 |
$func
|
2077 |
$func
|
2077 |
# echo "*** 'debug' : end of function $func ***"; read a
|
2078 |
# echo "*** 'debug' : end of function $func ***"; read a
|
2078 |
done
|
2079 |
done
|
2079 |
;;
|
2080 |
;;
|