WebSVN – ALCASAR – Diff – /alcasar.sh



#!/bin/bash
#  $Id: alcasar.sh 1748 2016-01-10 10:51:25Z richard $ 
 
# alcasar.sh
 
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...] 
# Ce programme est un logiciel libre ; This software is free and open source

##########################################
 
INSTALL_DATE=$DATE
VERSION=$VERSION
ORGANISM=$ORGANISME
HOSTNAME=$HOSTNAME
DOMAIN=$DOMAIN
EOF
	chmod o-rwx $CONF_FILE
} # End of init ()
 

		[ -d $DIR_DEST_ETC/digest ] && rm -rf $DIR_DEST_ETC/digest
		mkdir -p $DIR_DEST_ETC/digest
		chmod 755 $DIR_DEST_ETC/digest
		until [ -s $DIR_DEST_ETC/digest/key_admin ]
			do
				/usr/bin/htdigest -c $DIR_DEST_ETC/digest/key_admin "ALCASAR Control Center (ACC)" $admin_portal
			done
		$DIR_DEST_SBIN/alcasar-profil.sh --list
	fi
# synchronisation horaire
	ntpd -q -g &

	Deny from all
	Allow from 127.0.0.1
	Allow from $PRIVATE_NETWORK_MASK
	require valid-user
	AuthType digest
	AuthName "ALCASAR Control Center (ACC)" 
	AuthDigestDomain $HOSTNAME.$DOMAIN
	BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
	AuthUserFile $DIR_DEST_ETC/digest/key_all
	ErrorDocument 404 https://$HOSTNAME.$DOMAIN/
</Directory>

	Deny from all
	Allow from 127.0.0.1
	Allow from $PRIVATE_NETWORK_MASK
	require valid-user
	AuthType digest
	AuthName "ALCASAR Control Center (ACC)" 
	AuthDigestDomain $HOSTNAME.$DOMAIN
	BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
	AuthUserFile $DIR_DEST_ETC/digest/key_admin
	ErrorDocument 404 https://$HOSTNAME.$DOMAIN/
</Directory>

	Deny from all
	Allow from 127.0.0.1
	Allow from $PRIVATE_NETWORK_MASK
	require valid-user
	AuthType digest
	AuthName "ALCASAR Control Center (ACC)" 
	AuthDigestDomain $HOSTNAME.$DOMAIN
	BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
	AuthUserFile $DIR_DEST_ETC/digest/key_manager
	ErrorDocument 404 https://$HOSTNAME.$DOMAIN/
</Directory>

	Deny from all
	Allow from 127.0.0.1
	Allow from $PRIVATE_NETWORK_MASK
	require valid-user
	AuthType digest
	AuthName "ALCASAR Control Center (ACC)" 
	AuthDigestDomain $HOSTNAME.$DOMAIN
	BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
	AuthUserFile $DIR_DEST_ETC/digest/key_backup
	ErrorDocument 404 https://$HOSTNAME.$DOMAIN/
</Directory>

	Deny from all
	Allow from 127.0.0.1
	Allow from $PRIVATE_NETWORK_MASK
	require valid-user
	AuthType digest
	AuthName "ALCASAR Control Center (ACC)" 
	AuthDigestDomain $HOSTNAME.$DOMAIN
	AuthUserFile $DIR_DEST_ETC/digest/key_backup
	ErrorDocument 404 https://$HOSTNAME.$DOMAIN/
</Directory>
EOF

# match a ServerName or ServerAlias in any <VirtualHost> block.
 
<VirtualHost _default_:443>
# general configuration
    ServerAdmin root@localhost
    ServerName $HOSTNAME.$DOMAIN
 
# SSL configuration
    SSLEngine on
    SSLCertificateFile /etc/pki/tls/certs/alcasar.crt
    SSLCertificateKeyFile /etc/pki/tls/private/alcasar.key

Rev 1747	Rev 1748
Line 1...	Line 1...
1	`#!/bin/bash`	1	`#!/bin/bash`
2	`# $Id: alcasar.sh 1747 2016-01-09 18:13:04Z richard $`	2	`# $Id: alcasar.sh 1748 2016-01-10 10:51:25Z richard $`
3		3
4	`# alcasar.sh`	4	`# alcasar.sh`
5		5
6	`# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]`	6	`# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]`
7	`# Ce programme est un logiciel libre ; This software is free and open source`	7	`# Ce programme est un logiciel libre ; This software is free and open source`
Line 397...	Line 397...
397	`##########################################`	397	`##########################################`
398		398
399	`INSTALL_DATE=$DATE`	399	`INSTALL_DATE=$DATE`
400	`VERSION=$VERSION`	400	`VERSION=$VERSION`
401	`ORGANISM=$ORGANISME`	401	`ORGANISM=$ORGANISME`
-		402	`HOSTNAME=$HOSTNAME`
402	`DOMAIN=$DOMAIN`	403	`DOMAIN=$DOMAIN`
403	`EOF`	404	`EOF`
404	`chmod o-rwx $CONF_FILE`	405	`chmod o-rwx $CONF_FILE`
405	`} # End of init ()`	406	`} # End of init ()`
406		407
Line 769...	Line 770...
769	`[ -d $DIR_DEST_ETC/digest ] && rm -rf $DIR_DEST_ETC/digest`	770	`[ -d $DIR_DEST_ETC/digest ] && rm -rf $DIR_DEST_ETC/digest`
770	`mkdir -p $DIR_DEST_ETC/digest`	771	`mkdir -p $DIR_DEST_ETC/digest`
771	`chmod 755 $DIR_DEST_ETC/digest`	772	`chmod 755 $DIR_DEST_ETC/digest`
772	`until [ -s $DIR_DEST_ETC/digest/key_admin ]`	773	`until [ -s $DIR_DEST_ETC/digest/key_admin ]`
773	`do`	774	`do`
774	`/usr/bin/htdigest -c $DIR_DEST_ETC/digest/key_admin "Alcasar Control Center" $admin_portal`	775	`/usr/bin/htdigest -c $DIR_DEST_ETC/digest/key_admin "ALCASAR Control Center (ACC)" $admin_portal`
775	`done`	776	`done`
776	`$DIR_DEST_SBIN/alcasar-profil.sh --list`	777	`$DIR_DEST_SBIN/alcasar-profil.sh --list`
777	`fi`	778	`fi`
778	`# synchronisation horaire`	779	`# synchronisation horaire`
779	`ntpd -q -g &`	780	`ntpd -q -g &`
Line 787...	Line 788...
787	`Deny from all`	788	`Deny from all`
788	`Allow from 127.0.0.1`	789	`Allow from 127.0.0.1`
789	`Allow from $PRIVATE_NETWORK_MASK`	790	`Allow from $PRIVATE_NETWORK_MASK`
790	`require valid-user`	791	`require valid-user`
791	`AuthType digest`	792	`AuthType digest`
792	`AuthName "ALCASAR Control Center - ACC"`	793	`AuthName "ALCASAR Control Center (ACC)"`
793	`AuthDigestDomain $HOSTNAME.$DOMAIN`	794	`AuthDigestDomain $HOSTNAME.$DOMAIN`
794	`BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On`	795	`BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On`
795	`AuthUserFile $DIR_DEST_ETC/digest/key_all`	796	`AuthUserFile $DIR_DEST_ETC/digest/key_all`
796	`ErrorDocument 404 https://$HOSTNAME.$DOMAIN/`	797	`ErrorDocument 404 https://$HOSTNAME.$DOMAIN/`
797	`</Directory>`	798	`</Directory>`
Line 802...	Line 803...
802	`Deny from all`	803	`Deny from all`
803	`Allow from 127.0.0.1`	804	`Allow from 127.0.0.1`
804	`Allow from $PRIVATE_NETWORK_MASK`	805	`Allow from $PRIVATE_NETWORK_MASK`
805	`require valid-user`	806	`require valid-user`
806	`AuthType digest`	807	`AuthType digest`
807	`AuthName "ALCASAR Control Center - ACC"`	808	`AuthName "ALCASAR Control Center (ACC)"`
808	`AuthDigestDomain $HOSTNAME.$DOMAIN`	809	`AuthDigestDomain $HOSTNAME.$DOMAIN`
809	`BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On`	810	`BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On`
810	`AuthUserFile $DIR_DEST_ETC/digest/key_admin`	811	`AuthUserFile $DIR_DEST_ETC/digest/key_admin`
811	`ErrorDocument 404 https://$HOSTNAME.$DOMAIN/`	812	`ErrorDocument 404 https://$HOSTNAME.$DOMAIN/`
812	`</Directory>`	813	`</Directory>`
Line 817...	Line 818...
817	`Deny from all`	818	`Deny from all`
818	`Allow from 127.0.0.1`	819	`Allow from 127.0.0.1`
819	`Allow from $PRIVATE_NETWORK_MASK`	820	`Allow from $PRIVATE_NETWORK_MASK`
820	`require valid-user`	821	`require valid-user`
821	`AuthType digest`	822	`AuthType digest`
822	`AuthName "ALCASAR Control Center - ACC"`	823	`AuthName "ALCASAR Control Center (ACC)"`
823	`AuthDigestDomain $HOSTNAME.$DOMAIN`	824	`AuthDigestDomain $HOSTNAME.$DOMAIN`
824	`BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On`	825	`BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On`
825	`AuthUserFile $DIR_DEST_ETC/digest/key_manager`	826	`AuthUserFile $DIR_DEST_ETC/digest/key_manager`
826	`ErrorDocument 404 https://$HOSTNAME.$DOMAIN/`	827	`ErrorDocument 404 https://$HOSTNAME.$DOMAIN/`
827	`</Directory>`	828	`</Directory>`
Line 832...	Line 833...
832	`Deny from all`	833	`Deny from all`
833	`Allow from 127.0.0.1`	834	`Allow from 127.0.0.1`
834	`Allow from $PRIVATE_NETWORK_MASK`	835	`Allow from $PRIVATE_NETWORK_MASK`
835	`require valid-user`	836	`require valid-user`
836	`AuthType digest`	837	`AuthType digest`
837	`AuthName "ALCASAR Control Center - ACC"`	838	`AuthName "ALCASAR Control Center (ACC)"`
838	`AuthDigestDomain $HOSTNAME.$DOMAIN`	839	`AuthDigestDomain $HOSTNAME.$DOMAIN`
839	`BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On`	840	`BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On`
840	`AuthUserFile $DIR_DEST_ETC/digest/key_backup`	841	`AuthUserFile $DIR_DEST_ETC/digest/key_backup`
841	`ErrorDocument 404 https://$HOSTNAME.$DOMAIN/`	842	`ErrorDocument 404 https://$HOSTNAME.$DOMAIN/`
842	`</Directory>`	843	`</Directory>`
Line 848...	Line 849...
848	`Deny from all`	849	`Deny from all`
849	`Allow from 127.0.0.1`	850	`Allow from 127.0.0.1`
850	`Allow from $PRIVATE_NETWORK_MASK`	851	`Allow from $PRIVATE_NETWORK_MASK`
851	`require valid-user`	852	`require valid-user`
852	`AuthType digest`	853	`AuthType digest`
853	`AuthName "ALCASAR Control Center - ACC"`	854	`AuthName "ALCASAR Control Center (ACC)"`
854	`AuthDigestDomain $HOSTNAME.$DOMAIN`	855	`AuthDigestDomain $HOSTNAME.$DOMAIN`
855	`AuthUserFile $DIR_DEST_ETC/digest/key_backup`	856	`AuthUserFile $DIR_DEST_ETC/digest/key_backup`
856	`ErrorDocument 404 https://$HOSTNAME.$DOMAIN/`	857	`ErrorDocument 404 https://$HOSTNAME.$DOMAIN/`
857	`</Directory>`	858	`</Directory>`
858	`EOF`	859	`EOF`
Line 874...	Line 875...
874	`# match a ServerName or ServerAlias in any <VirtualHost> block.`	875	`# match a ServerName or ServerAlias in any <VirtualHost> block.`
875		876
876	`<VirtualHost _default_:443>`	877	`<VirtualHost _default_:443>`
877	`# general configuration`	878	`# general configuration`
878	`ServerAdmin root@localhost`	879	`ServerAdmin root@localhost`
879	`ServerName localhost`	880	`ServerName $HOSTNAME.$DOMAIN`
880		881
881	`# SSL configuration`	882	`# SSL configuration`
882	`SSLEngine on`	883	`SSLEngine on`
883	`SSLCertificateFile /etc/pki/tls/certs/alcasar.crt`	884	`SSLCertificateFile /etc/pki/tls/certs/alcasar.crt`
884	`SSLCertificateKeyFile /etc/pki/tls/private/alcasar.key`	885	`SSLCertificateKeyFile /etc/pki/tls/private/alcasar.key`

Subversion Repositories ALCASAR

(root)/alcasar.sh @ 2681 – Rev 1747 → 1748