| Line 1... |
Line 1... |
| 1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
| 2 |
# $Id: alcasar.sh 2488 2018-02-25 14:53:54Z lucas.echard $
|
2 |
# $Id: alcasar.sh 2499 2018-02-26 02:23:03Z tom.houdayer $
|
| 3 |
|
3 |
|
| 4 |
# alcasar.sh
|
4 |
# alcasar.sh
|
| 5 |
# ALCASAR is a Free and open source NAC created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
|
5 |
# ALCASAR is a Free and open source NAC created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
|
| 6 |
# This script is distributed under the Gnu General Public License (GPL)
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
| 7 |
# team@alcasar.net
|
7 |
# team@alcasar.net
|
| Line 47... |
Line 47... |
| 47 |
# gammu_smsd : Autoregister addon via SMS (gammu-smsd)
|
47 |
# gammu_smsd : Autoregister addon via SMS (gammu-smsd)
|
| 48 |
# msec : Mandriva security package configuration
|
48 |
# msec : Mandriva security package configuration
|
| 49 |
# letsencrypt : Let's Encrypt client
|
49 |
# letsencrypt : Let's Encrypt client
|
| 50 |
# post_install : Security, log rotation, etc.
|
50 |
# post_install : Security, log rotation, etc.
|
| 51 |
|
51 |
|
| 52 |
DEBUG_ALCASAR=off; export DEBUG_ALCASAR # Debug mode = wait (hit key) after each function
|
52 |
DEBUG_ALCASAR='off'; export DEBUG_ALCASAR # Debug mode = wait (hit key) after each function
|
| 53 |
DATE=`date '+%d %B %Y - %Hh%M'`
|
53 |
DATE=`date '+%d %B %Y - %Hh%M'`
|
| 54 |
DATE_SHORT=`date '+%d/%m/%Y'`
|
54 |
DATE_SHORT=`date '+%d/%m/%Y'`
|
| 55 |
Lang=`echo $LANG|cut -c 1-2`
|
55 |
Lang=`echo $LANG|cut -c 1-2`
|
| 56 |
mode="install"
|
56 |
mode="install"
|
| 57 |
# ******* Files parameters - paramètres fichiers *********
|
57 |
# ******* Files parameters - paramètres fichiers *********
|
| Line 174... |
Line 174... |
| 174 |
if [ $Lang == "fr" ]
|
174 |
if [ $Lang == "fr" ]
|
| 175 |
then
|
175 |
then
|
| 176 |
echo -n "Tapez '1' pour une mise à jour; Tapez '2' pour une réinstallation : "
|
176 |
echo -n "Tapez '1' pour une mise à jour; Tapez '2' pour une réinstallation : "
|
| 177 |
else
|
177 |
else
|
| 178 |
echo -n "Hit '1' for an update; Hit '2' for a reinstallation : "
|
178 |
echo -n "Hit '1' for an update; Hit '2' for a reinstallation : "
|
| 179 |
fi
|
179 |
fi
|
| 180 |
read response
|
180 |
read response
|
| 181 |
done
|
181 |
done
|
| 182 |
if [ "$response" = "2" ]
|
182 |
if [ "$response" = "2" ]
|
| 183 |
then
|
183 |
then
|
| 184 |
rm -f /tmp/alcasar-conf*
|
184 |
rm -f /tmp/alcasar-conf*
|
| Line 792... |
Line 792... |
| 792 |
$SED "s?^server\.bind.*?server\.bind = \"$HOSTNAME.$DOMAIN\"?g" /etc/lighttpd/lighttpd.conf
|
792 |
$SED "s?^server\.bind.*?server\.bind = \"$HOSTNAME.$DOMAIN\"?g" /etc/lighttpd/lighttpd.conf
|
| 793 |
$SED 's/^$SERVER\["socket"\] == ".*:443.*/$SERVER\["socket"\] == "'"$HOSTNAME.$DOMAIN"':443" {/g' /etc/lighttpd/vhosts.d/alcasar.conf
|
793 |
$SED 's/^$SERVER\["socket"\] == ".*:443.*/$SERVER\["socket"\] == "'"$HOSTNAME.$DOMAIN"':443" {/g' /etc/lighttpd/vhosts.d/alcasar.conf
|
| 794 |
$SED "s/^\([\t ]*\)var.server_name.*/\1var.server_name = \"$HOSTNAME.$DOMAIN\"/g" /etc/lighttpd/vhosts.d/alcasar.conf
|
794 |
$SED "s/^\([\t ]*\)var.server_name.*/\1var.server_name = \"$HOSTNAME.$DOMAIN\"/g" /etc/lighttpd/vhosts.d/alcasar.conf
|
| 795 |
|
795 |
|
| 796 |
/usr/bin/systemctl start lighttpd
|
796 |
/usr/bin/systemctl start lighttpd
|
| - |
|
797 |
/usr/bin/systemctl start php-fpm
|
| 797 |
|
798 |
|
| 798 |
# Définition du premier compte lié au profil 'admin'
|
799 |
# Définition du premier compte lié au profil 'admin'
|
| 799 |
if [ "$mode" = "install" ]
|
800 |
if [ "$mode" = "install" ]
|
| 800 |
then
|
801 |
then
|
| 801 |
header_install
|
802 |
header_install
|
| Line 2010... |
Line 2011... |
| 2010 |
|
2011 |
|
| 2011 |
[Install]
|
2012 |
[Install]
|
| 2012 |
WantedBy=multi-user.target
|
2013 |
WantedBy=multi-user.target
|
| 2013 |
EOF
|
2014 |
EOF
|
| 2014 |
# processes launched at boot time (Systemctl)
|
2015 |
# processes launched at boot time (Systemctl)
|
| 2015 |
for i in alcasar-load_balancing mysqld lighttpd ntpd iptables dnsmasq dnsmasq-blacklist dnsmasq-whitelist dnsmasq-blackhole radiusd nfsen dansguardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban havp tinyproxy vnstat sshd
|
2016 |
for i in alcasar-load_balancing mysqld lighttpd php-fpm ntpd iptables dnsmasq dnsmasq-blacklist dnsmasq-whitelist dnsmasq-blackhole radiusd nfsen dansguardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban havp tinyproxy vnstat sshd
|
| 2016 |
do
|
2017 |
do
|
| 2017 |
/usr/bin/systemctl -q enable $i.service
|
2018 |
/usr/bin/systemctl -q enable $i.service
|
| 2018 |
done
|
2019 |
done
|
| 2019 |
|
2020 |
|
| 2020 |
# disable processes at boot time (Systemctl)
|
2021 |
# disable processes at boot time (Systemctl)
|