| Line 30... |
Line 30... |
| 30 |
$SED 's/\.([a-zA-Z][a-zA-Z0-9-]+(\.[a-z]{2,4})?)/.localdomain/g' /etc/hosts
|
30 |
$SED 's/\.([a-zA-Z][a-zA-Z0-9-]+(\.[a-z]{2,4})?)/.localdomain/g' /etc/hosts
|
| 31 |
$SED 's/alcasar\.([a-zA-Z0-9-]+(\.[a-z]{2,4})?)/alcasar.localdomain/g' /etc/chilli.conf
|
31 |
$SED 's/alcasar\.([a-zA-Z0-9-]+(\.[a-z]{2,4})?)/alcasar.localdomain/g' /etc/chilli.conf
|
| 32 |
$SED 's/^domain.*/domain\t\tlocaldomain/g' /etc/chilli.conf
|
32 |
$SED 's/^domain.*/domain\t\tlocaldomain/g' /etc/chilli.conf
|
| 33 |
$SED 's/^ServerName.*/ServerName alcasar.localdomain/g' /etc/httpd/conf/httpd.conf
|
33 |
$SED 's/^ServerName.*/ServerName alcasar.localdomain/g' /etc/httpd/conf/httpd.conf
|
| 34 |
$SED "s/^domain=.*/domain=localdomain/g" /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf /etc/dnsmasq-blacklist.conf /etc/dnsmasq-whitelist.conf
|
34 |
$SED "s/^domain=.*/domain=localdomain/g" /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf /etc/dnsmasq-blacklist.conf /etc/dnsmasq-whitelist.conf
|
| - |
|
35 |
hostnamectl set-hostname alcasar.localdomain
|
| - |
|
36 |
$SED "s/^\tAuthName.*/\tAuthName alcasar.localdomain/g" /etc/httpd/conf/webapps.d/alcasar.conf
|
| - |
|
37 |
$SED "s/^\tErrorDocument.*/\tErrorDocument 404 https:\/\/alcasar.localdomain\//g" /etc/httpd/conf/webapps.d/alcasar.conf
|
| 35 |
}
|
38 |
}
|
| 36 |
|
39 |
|
| 37 |
function defaultCert()
|
40 |
function defaultCert()
|
| 38 |
{
|
41 |
{
|
| 39 |
cd $DIR_CERT
|
- |
|
| 40 |
rm private/alcasar.key
|
- |
|
| 41 |
rm certs/alcasar.crt
|
- |
|
| 42 |
mv certs/alcasar.crt.old certs/alcasar.crt
|
42 |
mv -f $DIR_CERT/certs/alcasar.crt.old $DIR_CERT/certs/alcasar.crt
|
| 43 |
mv private/alcasar.key.old private/alcasar.key
|
43 |
mv -f $DIR_CERT/private/alcasar.key.old $DIR_CERT/private/alcasar.key
|
| 44 |
if [ -f certs/server-chain.crt.old ]
|
44 |
if [ -f $DIR_CERT/certs/server-chain.crt.old ]
|
| 45 |
then
|
45 |
then
|
| 46 |
rm certs/server-chain.crt
|
46 |
mv $DIR_CERT/certs/server-chain.crt.old $DIR_CERT/certs/server-chain.crt
|
| - |
|
47 |
else
|
| 47 |
mv certs/server-chain.crt.old certs/server-chain.crt
|
48 |
rm -f $DIR_CERT/certs/server-chain.crt
|
| 48 |
fi
|
49 |
fi
|
| 49 |
}
|
50 |
}
|
| 50 |
|
51 |
|
| 51 |
function domainName() # change the domain name in the conf files
|
52 |
function domainName() # change the domain name in the conf files
|
| 52 |
{
|
53 |
{
|
| Line 67... |
Line 68... |
| 67 |
$SED "s/^uamserver.*/uamserver\thttps:\/\/$fqdn\/intercept.php/g" /etc/chilli.conf
|
68 |
$SED "s/^uamserver.*/uamserver\thttps:\/\/$fqdn\/intercept.php/g" /etc/chilli.conf
|
| 68 |
$SED "s/^radiusnasid.*/radiusnasid\t$fqdn/g" /etc/chilli.conf
|
69 |
$SED "s/^radiusnasid.*/radiusnasid\t$fqdn/g" /etc/chilli.conf
|
| 69 |
$SED "s/^uamallowed.*/uamallowed\t$hostname,$fqdn/g" /etc/chilli.conf
|
70 |
$SED "s/^uamallowed.*/uamallowed\t$hostname,$fqdn/g" /etc/chilli.conf
|
| 70 |
$SED "s/^ServerName.*/ServerName $fqdn/g" /etc/httpd/conf/httpd.conf
|
71 |
$SED "s/^ServerName.*/ServerName $fqdn/g" /etc/httpd/conf/httpd.conf
|
| 71 |
$SED "s/^domain=.*/domain=$domain/g" /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf /etc/dnsmasq-blacklist.conf /etc/dnsmasq-whitelist.conf
|
72 |
$SED "s/^domain=.*/domain=$domain/g" /etc/dnsmasq.conf /etc/dnsmasq-blackhole.conf /etc/dnsmasq-blacklist.conf /etc/dnsmasq-whitelist.conf
|
| - |
|
73 |
hostnamectl set-hostname $fqdn
|
| - |
|
74 |
$SED "s/^\tAuthName.*/\tAuthName $fqdn/g" /etc/httpd/conf/webapps.d/alcasar.conf
|
| - |
|
75 |
$SED "s/^\tErrorDocument.*/\tErrorDocument 404 https:\/\/$fqdn\//g" /etc/httpd/conf/webapps.d/alcasar.conf
|
| 72 |
fi
|
76 |
fi
|
| 73 |
}
|
77 |
}
|
| 74 |
|
78 |
|
| 75 |
function certImport()
|
79 |
function certImport()
|
| 76 |
{
|
80 |
{
|
| 77 |
cd $DIR_CERT
|
- |
|
| 78 |
|
- |
|
| 79 |
if [ ! -f "/etc/pki/tls/certs/alcasar.crt.old" ]
|
81 |
if [ ! -f "$DIR_CERT/certs/alcasar.crt.old" ]
|
| 80 |
then
|
82 |
then
|
| 81 |
echo "Backup of old cert (alcasar.crt)"
|
83 |
echo "Backup of old cert (alcasar.crt)"
|
| 82 |
mv certs/alcasar.crt certs/alcasar.crt.old
|
84 |
mv $DIR_CERT/certs/alcasar.crt $DIR_CERT/certs/alcasar.crt.old
|
| 83 |
fi
|
85 |
fi
|
| 84 |
if [ ! -f "/etc/pki/tls/private/alcasar.key.old" ]
|
86 |
if [ ! -f "$DIR_CERT/private/alcasar.key.old" ]
|
| 85 |
then
|
87 |
then
|
| 86 |
echo "Backup of old private key (alcasar.key)"
|
88 |
echo "Backup of old private key (alcasar.key)"
|
| 87 |
mv private/alcasar.key private/alcasar.key.old
|
89 |
mv $DIR_CERT/private/alcasar.key $DIR_CERT/private/alcasar.key.old
|
| 88 |
fi
|
90 |
fi
|
| - |
|
91 |
cp $cert $DIR_CERT/certs/alcasar.crt
|
| - |
|
92 |
cp $key $DIR_CERT/private/alcasar.key
|
| 89 |
|
93 |
|
| 90 |
cp $cert certs/alcasar.crt
|
- |
|
| 91 |
cp $key private/alcasar.key
|
- |
|
| 92 |
|
- |
|
| 93 |
chown root:apache certs/alcasar.crt
|
94 |
chown root:apache $DIR_CERT/certs/alcasar.crt
|
| 94 |
chown root:apache private/alcasar.key
|
95 |
chown root:apache $DIR_CERT/private/alcasar.key
|
| 95 |
|
- |
|
| 96 |
chmod 750 certs/alcasar.crt
|
- |
|
| 97 |
chmod 750 private/alcasar.key
|
- |
|
| 98 |
|
96 |
|
| - |
|
97 |
chmod 750 $DIR_CERT/certs/alcasar.crt
|
| - |
|
98 |
chmod 750 $DIR_CERT/private/alcasar.key
|
| 99 |
if [ "$sc" != "" ]
|
99 |
if [ "$sc" != "" ]
|
| 100 |
then
|
100 |
then
|
| 101 |
echo "cert-chain exists"
|
101 |
echo "cert-chain exists"
|
| 102 |
if [ ! -f "/etc/pki/tls/certs/server-chain.crt.old" ]
|
102 |
if [ ! -f "$DIR_CERT/certs/server-chain.crt.old" ]
|
| 103 |
then
|
103 |
then
|
| 104 |
echo "Backup of old cert-chain (server-chain.crt)"
|
104 |
echo "Backup of old cert-chain (server-chain.crt)"
|
| 105 |
mv certs/server-chain.crt certs/server-chain.crt.old
|
105 |
mv $DIR_CERT/certs/server-chain.crt $DIR_CERT/certs/server-chain.crt.old
|
| 106 |
fi
|
106 |
fi
|
| 107 |
cp $sc certs/server-chain.crt
|
107 |
cp $sc $DIR_CERT/certs/server-chain.crt
|
| 108 |
chown root:apache certs/server-chain.crt
|
108 |
chown root:apache $DIR_CERT/certs/server-chain.crt
|
| 109 |
chmod 750 certs/server-chain.crt
|
109 |
chmod 750 $DIR_CERT/certs/server-chain.crt
|
| 110 |
fi
|
110 |
fi
|
| 111 |
}
|
111 |
}
|
| 112 |
|
112 |
|
| 113 |
|
113 |
|
| 114 |
if [ $nb_args -eq 0 ]
|
114 |
if [ $nb_args -eq 0 ]
|
| Line 159... |
Line 159... |
| 159 |
echo "Importing certificate $cert with private key $key"
|
159 |
echo "Importing certificate $cert with private key $key"
|
| 160 |
sc=""
|
160 |
sc=""
|
| 161 |
else
|
161 |
else
|
| 162 |
echo "Importing certificate $cert with private key $key and server-chain $sc"
|
162 |
echo "Importing certificate $cert with private key $key and server-chain $sc"
|
| 163 |
fi
|
163 |
fi
|
| 164 |
|
- |
|
| 165 |
domainName $cert
|
164 |
domainName $cert
|
| 166 |
certImport $cert $key $sc
|
165 |
certImport $cert $key $sc
|
| 167 |
for services in chilli httpd dnsmasq dnsmasq-blackhole dnsmasq-blacklist dnsmasq-whitelist
|
166 |
for services in chilli httpd dnsmasq dnsmasq-blackhole dnsmasq-blacklist dnsmasq-whitelist
|
| 168 |
do
|
167 |
do
|
| 169 |
systemctl restart $services
|
168 |
echo "restarting $services"; systemctl restart $services; sleep 1
|
| 170 |
done
|
169 |
done
|
| 171 |
;;
|
170 |
;;
|
| 172 |
-d)
|
171 |
-d)
|
| 173 |
if [ -f "/etc/pki/tls/certs/alcasar.crt.old" -a -f "/etc/pki/tls/private/alcasar.key.old" ]
|
172 |
if [ -f "/etc/pki/tls/certs/alcasar.crt.old" -a -f "/etc/pki/tls/private/alcasar.key.old" ]
|
| 174 |
then
|
173 |
then
|
| 175 |
echo "Restoring default certificate"
|
174 |
echo "Restoring default certificate"
|
| 176 |
defaultCert
|
175 |
defaultCert
|
| 177 |
defaultNdd
|
176 |
defaultNdd
|
| 178 |
systemctl restart chilli.service
|
177 |
for services in chilli httpd dnsmasq dnsmasq-blackhole dnsmasq-blacklist dnsmasq-whitelist
|
| - |
|
178 |
do
|
| 179 |
systemctl restart httpd.service
|
179 |
echo "restarting $services"; systemctl restart $services; sleep 1
|
| - |
|
180 |
done
|
| 180 |
fi
|
181 |
fi
|
| 181 |
;;
|
182 |
;;
|
| 182 |
*)
|
183 |
*)
|
| 183 |
echo "$usage"
|
184 |
echo "$usage"
|
| 184 |
;;
|
185 |
;;
|