Subversion Repositories ALCASAR

Rev

Rev 2290 | Rev 2304 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2290 Rev 2293
Line 1... Line 1...
1 
#!/bin/bash
 1 
#!/bin/bash
2 
#  $Id: alcasar.sh 2290 2017-06-20 10:00:17Z richard $
2 
#  $Id: alcasar.sh 2293 2017-06-20 15:31:12Z tom.houdayer $
3 
 
 3 
 
4 
# alcasar.sh
 4 
# alcasar.sh
5 
 
 5 
 
6 
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
6 
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
7 
# Ce programme est un logiciel libre ; This software is free and open source
 7 
# Ce programme est un logiciel libre ; This software is free and open source
Line 798... Line 798...
798 
	cat <<EOF > /usr/share/httpd/error/include/bottom.html
 798 
	cat <<EOF > /usr/share/httpd/error/include/bottom.html
799 
</body>
 799 
</body>
800 
</html>
 800 
</html>
801 
EOF
 801 
EOF
802 
# Définition du premier compte lié au profil 'admin'
 802 
# Définition du premier compte lié au profil 'admin'
803 
if [ "$mode" = "install" ]
 803 
	if [ "$mode" = "install" ]
804 
	then
 804 
		then
805 
		header_install
 - 
 
806 
		admin_portal=!
 - 
 
807 
		PTN='^[a-zA-Z0-9-]*$'
 - 
 
808 
		until [[ $(expr $admin_portal : $PTN) -gt 0 ]]
 - 
 
809 
                	do
 - 
 
810 
			header_install
 805 
			header_install
- 
 
 806 
			admin_portal=!
- 
 
 807 
			PTN='^[a-zA-Z0-9-]*$'
- 
 
 808 
			until [[ $(expr $admin_portal : $PTN) -gt 0 ]]
- 
 
 809 
				do
- 
 
 810 
				header_install
811 
			if [ $Lang == "fr" ]
 811 
				if [ $Lang == "fr" ]
812 
			then
812 
				then
813 
				echo ""
 813 
					echo ""
814 
				echo "Définissez un premier compte d'administration d'ALCASAR :"
 814 
					echo "Définissez un premier compte d'administration d'ALCASAR :"
815 
				echo
 815 
					echo
816 
				echo -n "Nom : "
 816 
					echo -n "Nom : "
817 
			else
 817 
				else
818 
				echo ""
 818 
					echo ""
819 
				echo "Define the first account allow to administrate ALCASAR :"
 819 
					echo "Define the first account allow to administrate ALCASAR :"
820 
				echo
 820 
					echo
821 
				echo -n "Account : "
 821 
					echo -n "Account : "
822 
			fi
 822 
				fi
823 
			read admin_portal
 823 
				read admin_portal
824 
			if [ "$admin_portal" == "" ]
 824 
				if [ "$admin_portal" == "" ]
825 
				then
 825 
					then
826 
				admin_portal=!
 826 
					admin_portal=!
827 
			fi
 827 
				fi
828 
			done
 828 
				done
829 
# Creation of keys file for the admin account ("admin")
 829 
# Creation of keys file for the admin account ("admin")
830 
		[ -d $DIR_DEST_ETC/digest ] && rm -rf $DIR_DEST_ETC/digest
 830 
			[ -d $DIR_DEST_ETC/digest ] && rm -rf $DIR_DEST_ETC/digest
831 
		mkdir -p $DIR_DEST_ETC/digest
 831 
			mkdir -p $DIR_DEST_ETC/digest
832 
		chmod 755 $DIR_DEST_ETC/digest
 832 
			chmod 755 $DIR_DEST_ETC/digest
833 
		until [ -s $DIR_DEST_ETC/digest/key_admin ]
 833 
			until [ -s $DIR_DEST_ETC/digest/key_admin ]
834 
			do
 834 
				do
835 
				/usr/bin/htdigest -c $DIR_DEST_ETC/digest/key_admin "ALCASAR Control Center (ACC)" $admin_portal
 835 
					/usr/bin/htdigest -c $DIR_DEST_ETC/digest/key_admin "ALCASAR Control Center (ACC)" $admin_portal
836 
			done
 836 
				done
837 
		$DIR_DEST_BIN/alcasar-profil.sh --list
 837 
			$DIR_DEST_BIN/alcasar-profil.sh --list
838 
fi
 838 
	fi
839 
# ACC partitioning
 839 
# ACC partitioning
840 
	rm -f /etc/httpd/conf/webapps.d/alcasar*
 840 
	rm -f /etc/httpd/conf/webapps.d/alcasar*
841 
	cat <<EOF > /etc/httpd/conf/webapps.d/alcasar.conf
 841 
	cat <<EOF > /etc/httpd/conf/webapps.d/alcasar.conf
- 
 
 842 
<Directory $DIR_WEB>
- 
 
 843 
	AllowOverride None
- 
 
 844 
	Order deny,allow
- 
 
 845 
	Deny from all
- 
 
 846 
	Allow from 127.0.0.1
- 
 
 847 
	Allow from $PRIVATE_NETWORK_MASK
- 
 
 848 
	ErrorDocument 404 https://$HOSTNAME.$DOMAIN/
- 
 
 849 
</Directory>
- 
 
 850 
<Directory $DIR_WEB/certs>
- 
 
 851 
	AddType application/x-x509-ca-cert crt
- 
 
 852 
</Directory>
842 
<Directory $DIR_ACC>
 853 
<Directory $DIR_ACC>
843 
	SSLRequireSSL
 854 
	SSLRequireSSL
844 
	AllowOverride None
 855 
	AllowOverride None
845 
	Order deny,allow
 856 
	Order deny,allow
846 
	Deny from all
 857 
	Deny from all
Line 913... Line 924...
913 
	AuthDigestDomain $HOSTNAME.$DOMAIN
 924 
	AuthDigestDomain $HOSTNAME.$DOMAIN
914 
	AuthUserFile $DIR_DEST_ETC/digest/key_backup
 925 
	AuthUserFile $DIR_DEST_ETC/digest/key_backup
915 
	ErrorDocument 404 https://$HOSTNAME.$DOMAIN/
 926 
	ErrorDocument 404 https://$HOSTNAME.$DOMAIN/
916 
</Directory>
 927 
</Directory>
917 
EOF
 928 
EOF
918 
# Replacement of the extension .cer by .der in MIME type
 - 
 
919 
$SED "s?^application/pkix-cert.*?application/pkix-cert		der?g" /etc/mime.types
 - 
 
920 
# Launch after coova (in order to wait tun0 to be up)
 929 
	# Launch after coova (in order to wait tun0 to be up)
921 
$SED "s?^After=.*?After=network.target remote-fs.target nss-lookup.target chilli.service?g" /lib/systemd/system/httpd.service
 930 
	$SED "s?^After=.*?After=network.target remote-fs.target nss-lookup.target chilli.service?g" /lib/systemd/system/httpd.service
922 
# Log file for ACC access imputability
 931 
	# Log file for ACC access imputability
923 
[ -e /var/Save/security/acc_access.log ] || touch /var/Save/security/acc_access.log
 932 
	[ -e /var/Save/security/acc_access.log ] || touch /var/Save/security/acc_access.log
924 
chown root:apache /var/Save/security/acc_access.log
 933 
	chown root:apache /var/Save/security/acc_access.log
925 
chmod 664 /var/Save/security/acc_access.log
 934 
	chmod 664 /var/Save/security/acc_access.log
926 
} # End of ACC ()
 935 
} # End of ACC ()
927 
 
 936 
 
928 
##########################################################################
 937 
##########################################################################
929 
##				Fonction "CA"				##
 938 
##				Fonction "CA"				##
930 
## - Creating the CA and the server certificate (apache)	 	##
 939 
## - Creating the CA and the server certificate (apache)	 	##