Subversion Repositories ALCASAR

Rev

Rev 2591 | Rev 2593 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2591 Rev 2592
Line 1... Line 1...
1
#!/bin/bash
1
#!/bin/bash
2
#  $Id: alcasar.sh 2591 2018-08-17 15:43:41Z rexy $
2
#  $Id: alcasar.sh 2592 2018-08-18 22:09:42Z rexy $
3
 
3
 
4
# alcasar.sh
4
# alcasar.sh
5
# ALCASAR is a Free and open source NAC created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
5
# ALCASAR is a Free and open source NAC created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
6
# This script is distributed under the Gnu General Public License (GPL)
6
# This script is distributed under the Gnu General Public License (GPL)
7
#  team@alcasar.net
7
#  team@alcasar.net
Line 762... Line 762...
762
	$SED "s?^expose_php.*?expose_php = Off?g" /etc/php.ini
762
	$SED "s?^expose_php.*?expose_php = Off?g" /etc/php.ini
763
	$SED "s?^allow_url_fopen.*?allow_url_fopen = Off?" /etc/php.ini
763
	$SED "s?^allow_url_fopen.*?allow_url_fopen = Off?" /etc/php.ini
764
# Configuring & securing Lighttpd
764
# Configuring & securing Lighttpd
765
	rm -rf /var/www/cgi-bin/* /var/www/perl/* /var/www/icons/README* /var/www/error/README*
765
	rm -rf /var/www/cgi-bin/* /var/www/perl/* /var/www/icons/README* /var/www/error/README*
766
	[ -e /etc/lighttpd/lighttpd.conf.default ] || cp /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.default
766
	[ -e /etc/lighttpd/lighttpd.conf.default ] || cp /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.default
767
	[ -e /etc/lighttpd/modules.conf.default ] || cp /etc/lighttpd/modules.conf /etc/lighttpd/modules.conf.default
-
 
768
	[ -e /etc/lighttpd/conf.d/fastcgi.conf.default ] || cp /etc/lighttpd/conf.d/fastcgi.conf /etc/lighttpd/conf.d/fastcgi.conf.default
-
 
769
	[ -e /etc/php-fpm.conf.default ] || cp /etc/php-fpm.conf /etc/php-fpm.conf.default
-
 
770
	[ -d /etc/lighttpd/vhosts.d ] || mkdir /etc/lighttpd/vhosts.d
-
 
771
 
-
 
772
	cp $DIR_CONF/lighttpd/conf.d/fastcgi.conf /etc/lighttpd/conf.d/fastcgi.conf
-
 
773
	cp $DIR_CONF/lighttpd/vhosts.d/alcasar.conf /etc/lighttpd/vhosts.d/alcasar.conf
-
 
774
 
-
 
775
	$SED "s?^;listen\.owner.*?listen\.owner = apache?g" /etc/php-fpm.conf
-
 
776
	$SED "s?^;listen\.group.*?listen\.group = apache?g" /etc/php-fpm.conf
-
 
777
	$SED "s?^;listen\.mode.*?listen\.mode = 0660?g" /etc/php-fpm.conf
-
 
778
	$SED "s?^server\.use-ipv6.*?server\.use-ipv6 = \"disable\"?g" /etc/lighttpd/lighttpd.conf
767
	$SED "s?^server\.use-ipv6.*?server\.use-ipv6 = \"disable\"?g" /etc/lighttpd/lighttpd.conf
779
	$SED "s?^#server\.bind.*?server\.bind = \"$HOSTNAME.$DOMAIN\"?g" /etc/lighttpd/lighttpd.conf
768
	$SED "s?^#server\.bind.*?server\.bind = \"$HOSTNAME.$DOMAIN\"?g" /etc/lighttpd/lighttpd.conf
-
 
769
	$SED "s?^server\.bind.*?server\.bind = \"$HOSTNAME.$DOMAIN\"?g" /etc/lighttpd/lighttpd.conf
780
	$SED "s?^#server\.tag.*?server\.tag = \"\"?g" /etc/lighttpd/lighttpd.conf
770
	$SED "s?^#server\.tag.*?server\.tag = \"\"?g" /etc/lighttpd/lighttpd.conf
781
	echo "include \"vhosts.d/alcasar.conf\"" >> /etc/lighttpd/lighttpd.conf
771
	echo "include \"vhosts.d/alcasar.conf\"" >> /etc/lighttpd/lighttpd.conf
-
 
772
 
-
 
773
	[ -e /etc/lighttpd/modules.conf.default ] || cp /etc/lighttpd/modules.conf /etc/lighttpd/modules.conf.default
782
	$SED "s?^#[ ]*\"mod_auth\",.*? \"mod_auth\",?g" /etc/lighttpd/modules.conf
774
	$SED "s?^#[ ]*\"mod_auth\",.*? \"mod_auth\",?g" /etc/lighttpd/modules.conf
783
	$SED "s?^#[ ]*\"mod_alias\",.*? \"mod_alias\",?g" /etc/lighttpd/modules.conf
775
	$SED "s?^#[ ]*\"mod_alias\",.*? \"mod_alias\",?g" /etc/lighttpd/modules.conf
784
	$SED "s?^#[ ]*\"mod_redirect\",.*? \"mod_redirect\",?g" /etc/lighttpd/modules.conf
776
	$SED "s?^#[ ]*\"mod_redirect\",.*? \"mod_redirect\",?g" /etc/lighttpd/modules.conf
785
	$SED "s?^#include \"conf.d/fastcgi.conf\".*?include \"conf.d/fastcgi.conf\"?g" /etc/lighttpd/modules.conf
777
	$SED "s?^#include \"conf.d/fastcgi.conf\".*?include \"conf.d/fastcgi.conf\"?g" /etc/lighttpd/modules.conf
-
 
778
 
-
 
779
	[ -e /etc/lighttpd/conf.d/fastcgi.conf.default ] || cp /etc/lighttpd/conf.d/fastcgi.conf /etc/lighttpd/conf.d/fastcgi.conf.default
-
 
780
 
-
 
781
	[ -e /etc/php-fpm.conf.default ] || cp /etc/php-fpm.conf /etc/php-fpm.conf.default
786
	$SED "s?^server\.bind.*?server\.bind = \"$HOSTNAME.$DOMAIN\"?g" /etc/lighttpd/lighttpd.conf
782
	$SED "s?^;listen\.owner.*?listen\.owner = apache?g" /etc/php-fpm.conf
-
 
783
	$SED "s?^;listen\.group.*?listen\.group = apache?g" /etc/php-fpm.conf
-
 
784
	$SED "s?^;listen\.mode.*?listen\.mode = 0660?g" /etc/php-fpm.conf
-
 
785
 
-
 
786
	cp $DIR_CONF/lighttpd/conf.d/fastcgi.conf /etc/lighttpd/conf.d/fastcgi.conf
-
 
787
 
-
 
788
	[ -d /etc/lighttpd/vhosts.d ] || mkdir /etc/lighttpd/vhosts.d
-
 
789
	cp $DIR_CONF/lighttpd/vhosts.d/* /etc/lighttpd/vhosts.d/
787
	$SED 's/^$SERVER\["socket"\] == ".*:443.*/$SERVER\["socket"\] == "'"$HOSTNAME.$DOMAIN"':443" {/g' /etc/lighttpd/vhosts.d/alcasar.conf
790
	$SED 's/^$SERVER\["socket"\] == ".*:443.*/$SERVER\["socket"\] == "'"$HOSTNAME.$DOMAIN"':443" {/g' /etc/lighttpd/vhosts.d/alcasar-with-ssl.conf
-
 
791
	$SED 's/^$SERVER\["socket"\] == ".*:443.*/$SERVER\["socket"\] == "'"$HOSTNAME.$DOMAIN"':443" {/g' /etc/lighttpd/vhosts.d/alcasar-without-ssl.conf
788
	$SED "s/^\([\t ]*\)var.server_name.*/\1var.server_name = \"$HOSTNAME.$DOMAIN\"/g" /etc/lighttpd/vhosts.d/alcasar.conf
792
	$SED "s/^\([\t ]*\)var.server_name.*/\1var.server_name = \"$HOSTNAME.$DOMAIN\"/g" /etc/lighttpd/vhosts.d/alcasar-with-ssl.conf
-
 
793
	$SED "s/^\([\t ]*\)var.server_name.*/\1var.server_name = \"$HOSTNAME.$DOMAIN\"/g" /etc/lighttpd/vhosts.d/alcasar-without-ssl.conf
-
 
794
	ln -s /etc/lighttpd/vhosts.d/alcasar-with-ssl.conf /etc/lighttpd/vhosts.d/alcasar
789
 
795
 
790
	[ -d /var/log/lighttpd ] || mkdir /var/log/lighttpd
796
	[ -d /var/log/lighttpd ] || mkdir /var/log/lighttpd
791
	[ -e /var/log/lighttpd/access.log ] || touch /var/log/lighttpd/access.log
797
	[ -e /var/log/lighttpd/access.log ] || touch /var/log/lighttpd/access.log
792
	[ -e /var/log/lighttpd/error.log ] || touch /var/log/lighttpd/error.log
798
	[ -e /var/log/lighttpd/error.log ] || touch /var/log/lighttpd/error.log
793
	chown -R apache:apache /var/log/lighttpd
799
	chown -R apache:apache /var/log/lighttpd
794
	
-
 
795
	/usr/bin/systemctl start lighttpd
800
	/usr/bin/systemctl start lighttpd
796
	/usr/bin/systemctl start php-fpm
801
	/usr/bin/systemctl start php-fpm
797
 
802
 
798
# Creation of the first account (in 'admin' profile)
803
# Creation of the first account (in 'admin' profile)
799
	if [ "$mode" = "install" ]
804
	if [ "$mode" = "install" ]