| Line 1... |
Line 1... |
| 1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
| 2 |
# $Id: alcasar-conf.sh 3231 2024-11-10 23:12:08Z rexy $
|
2 |
# $Id: alcasar-conf.sh 3238 2024-12-02 22:38:59Z rexy $
|
| 3 |
|
3 |
|
| 4 |
# alcasar-conf.sh
|
4 |
# alcasar-conf.sh
|
| 5 |
# by REXY
|
5 |
# by REXY
|
| 6 |
# This script is distributed under the Gnu General Public License (GPL)
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
| 7 |
|
7 |
|
| Line 29... |
Line 29... |
| 29 |
MTU=`grep ^PUBLIC_MTU= $CONF_FILE|cut -d"=" -f2`
|
29 |
MTU=`grep ^PUBLIC_MTU= $CONF_FILE|cut -d"=" -f2`
|
| 30 |
DHCP_mode=`grep ^DHCP= $CONF_FILE|cut -d"=" -f2`
|
30 |
DHCP_mode=`grep ^DHCP= $CONF_FILE|cut -d"=" -f2`
|
| 31 |
INT_DNS_mode=`grep ^INT_DNS_ACTIVE= $CONF_FILE|cut -d"=" -f2`
|
31 |
INT_DNS_mode=`grep ^INT_DNS_ACTIVE= $CONF_FILE|cut -d"=" -f2`
|
| 32 |
HOSTNAME=`grep ^HOSTNAME= $CONF_FILE|cut -d"=" -f2`
|
32 |
HOSTNAME=`grep ^HOSTNAME= $CONF_FILE|cut -d"=" -f2`
|
| 33 |
DOMAIN=`grep ^DOMAIN= $CONF_FILE|cut -d"=" -f2`
|
33 |
DOMAIN=`grep ^DOMAIN= $CONF_FILE|cut -d"=" -f2`
|
| 34 |
DOMAIN=${DOMAIN:=localdomain}
|
34 |
DOMAIN=${DOMAIN:=lan}
|
| 35 |
DNS1=`grep ^DNS1= $CONF_FILE | cut -d'=' -f2` # To configure WL domain names
|
35 |
DNS1=`grep ^DNS1= $CONF_FILE | cut -d'=' -f2` # To configure WL domain names
|
| 36 |
HTTPS_LOGIN=`grep ^HTTPS_LOGIN= $CONF_FILE | cut -d'=' -f2`
|
36 |
HTTPS_LOGIN=`grep ^HTTPS_LOGIN= $CONF_FILE | cut -d'=' -f2`
|
| 37 |
SED="/bin/sed -i"
|
37 |
SED="/bin/sed -i"
|
| 38 |
|
38 |
|
| 39 |
private_network_calc ()
|
39 |
private_network_calc ()
|
| Line 149... |
Line 149... |
| 149 |
cp -f $DIR_UPDATE/alcasar-ca.crt /etc/pki/CA/
|
149 |
cp -f $DIR_UPDATE/alcasar-ca.crt /etc/pki/CA/
|
| 150 |
cp -f $DIR_UPDATE/alcasar-ca.key /etc/pki/CA/private/
|
150 |
cp -f $DIR_UPDATE/alcasar-ca.key /etc/pki/CA/private/
|
| 151 |
cp -f $DIR_UPDATE/alcasar.crt /etc/pki/tls/certs/
|
151 |
cp -f $DIR_UPDATE/alcasar.crt /etc/pki/tls/certs/
|
| 152 |
cp -f $DIR_UPDATE/alcasar.key /etc/pki/tls/private/
|
152 |
cp -f $DIR_UPDATE/alcasar.key /etc/pki/tls/private/
|
| 153 |
cp -f $DIR_UPDATE/alcasar.pem /etc/pki/tls/private/
|
153 |
cp -f $DIR_UPDATE/alcasar.pem /etc/pki/tls/private/
|
| 154 |
[ -e $DIR_UPDATE/server-chain.pem ] && cp -f $DIR_UPDATE/server-chain.pem /etc/pki/tls/certs/ # autosigned and official if exist
|
154 |
[ -e $DIR_UPDATE/server-chain.pem ] && cp -f $DIR_UPDATE/server-chain.pem /etc/pki/tls/certs/
|
| 155 |
chmod 755 /etc/pki/
|
155 |
chmod 755 /etc/pki/
|
| 156 |
chown root:apache /etc/pki/CA; chmod 750 /etc/pki/CA
|
156 |
chown root:apache /etc/pki/CA; chmod 750 /etc/pki/CA
|
| 157 |
chown root:apache /etc/pki/CA/alcasar-ca.crt; chmod 640 /etc/pki/CA/alcasar-ca.crt
|
157 |
chown root:apache /etc/pki/CA/alcasar-ca.crt; chmod 640 /etc/pki/CA/alcasar-ca.crt
|
| 158 |
chown root:root /etc/pki/CA/private; chmod 700 /etc/pki/CA/private
|
158 |
chown root:root /etc/pki/CA/private; chmod 700 /etc/pki/CA/private
|
| 159 |
chmod 600 /etc/pki/CA/private/*
|
159 |
chmod 600 /etc/pki/CA/private/*
|
| Line 190... |
Line 190... |
| 190 |
$DIR_BIN/alcasar-bl.sh -cat_choice
|
190 |
$DIR_BIN/alcasar-bl.sh -cat_choice
|
| 191 |
$DIR_BIN/alcasar-bl.sh -reload
|
191 |
$DIR_BIN/alcasar-bl.sh -reload
|
| 192 |
# admin profile update (admin + manager + backup)
|
192 |
# admin profile update (admin + manager + backup)
|
| 193 |
$DIR_BIN/alcasar-profil.sh --list
|
193 |
$DIR_BIN/alcasar-profil.sh --list
|
| 194 |
# Apply changes between versions
|
194 |
# Apply changes between versions
|
| 195 |
## V3.5 --> V3.6
|
195 |
## V3.5 --> V3.6
|
| 196 |
## remove dnsmasq service
|
196 |
## remove dnsmasq service
|
| 197 |
[ -e /etc/dnsmasq-whitelist.conf ] && rm -f /etc/dnsmasq*
|
197 |
[ -e /etc/dnsmasq-whitelist.conf ] && rm -f /etc/dnsmasq*
|
| 198 |
[ -e /etc/systemd/system/dnsmasq-whitelist.service ] && rm -f /etc/systemd/system/dnsmasq* && urpme dnsmasq
|
198 |
[ -e /etc/systemd/system/dnsmasq-whitelist.service ] && rm -f /etc/systemd/system/dnsmasq* && urpme dnsmasq
|
| - |
|
199 |
## V3.6 --> V3.7
|
| - |
|
200 |
## if domain name is .localdomain, change it with .lan (see RFC 6762) and adapt certificates.
|
| - |
|
201 |
DOMAIN=`grep ^DOMAIN= $CONF_FILE|cut -d"=" -f2`
|
| - |
|
202 |
if [[ $DOMAIN == "localdomain" ]] then
|
| - |
|
203 |
$SED "s/^DOMAIN=.*/DOMAIN=lan/g" $CONF_FILE
|
| - |
|
204 |
$DIR_BIN/alcasar-CA.sh
|
| - |
|
205 |
chown root:apache /etc/pki/CA; chmod 750 /etc/pki/CA
|
| - |
|
206 |
chown root:apache /etc/pki/CA/alcasar-ca.crt; chmod 640 /etc/pki/CA/alcasar-ca.crt
|
| - |
|
207 |
chown root:root /etc/pki/CA/private; chmod 700 /etc/pki/CA/private
|
| - |
|
208 |
chmod 600 /etc/pki/CA/private/*
|
| - |
|
209 |
chown -R root:apache /etc/pki/tls/private; chmod 750 /etc/pki/tls/private
|
| - |
|
210 |
chmod 640 /etc/pki/tls/private/*
|
| - |
|
211 |
chmod 644 /etc/pki/tls/certs/*
|
| - |
|
212 |
fi
|
| 199 |
# Remove the update folder
|
213 |
# Remove the update folder
|
| 200 |
rm -rf $DIR_UPDATE
|
214 |
rm -rf $DIR_UPDATE
|
| 201 |
;;
|
215 |
;;
|
| 202 |
|
216 |
|
| 203 |
####################################################
|
217 |
####################################################
|