Line 1... |
Line 1... |
1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
2 |
# $Id: alcasar.sh 2488 2018-02-25 14:53:54Z lucas.echard $
|
2 |
# $Id: alcasar.sh 2499 2018-02-26 02:23:03Z tom.houdayer $
|
3 |
|
3 |
|
4 |
# alcasar.sh
|
4 |
# alcasar.sh
|
5 |
# ALCASAR is a Free and open source NAC created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
|
5 |
# ALCASAR is a Free and open source NAC created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
7 |
# team@alcasar.net
|
7 |
# team@alcasar.net
|
Line 47... |
Line 47... |
47 |
# gammu_smsd : Autoregister addon via SMS (gammu-smsd)
|
47 |
# gammu_smsd : Autoregister addon via SMS (gammu-smsd)
|
48 |
# msec : Mandriva security package configuration
|
48 |
# msec : Mandriva security package configuration
|
49 |
# letsencrypt : Let's Encrypt client
|
49 |
# letsencrypt : Let's Encrypt client
|
50 |
# post_install : Security, log rotation, etc.
|
50 |
# post_install : Security, log rotation, etc.
|
51 |
|
51 |
|
52 |
DEBUG_ALCASAR=off; export DEBUG_ALCASAR # Debug mode = wait (hit key) after each function
|
52 |
DEBUG_ALCASAR='off'; export DEBUG_ALCASAR # Debug mode = wait (hit key) after each function
|
53 |
DATE=`date '+%d %B %Y - %Hh%M'`
|
53 |
DATE=`date '+%d %B %Y - %Hh%M'`
|
54 |
DATE_SHORT=`date '+%d/%m/%Y'`
|
54 |
DATE_SHORT=`date '+%d/%m/%Y'`
|
55 |
Lang=`echo $LANG|cut -c 1-2`
|
55 |
Lang=`echo $LANG|cut -c 1-2`
|
56 |
mode="install"
|
56 |
mode="install"
|
57 |
# ******* Files parameters - paramètres fichiers *********
|
57 |
# ******* Files parameters - paramètres fichiers *********
|
Line 174... |
Line 174... |
174 |
if [ $Lang == "fr" ]
|
174 |
if [ $Lang == "fr" ]
|
175 |
then
|
175 |
then
|
176 |
echo -n "Tapez '1' pour une mise à jour; Tapez '2' pour une réinstallation : "
|
176 |
echo -n "Tapez '1' pour une mise à jour; Tapez '2' pour une réinstallation : "
|
177 |
else
|
177 |
else
|
178 |
echo -n "Hit '1' for an update; Hit '2' for a reinstallation : "
|
178 |
echo -n "Hit '1' for an update; Hit '2' for a reinstallation : "
|
179 |
fi
|
179 |
fi
|
180 |
read response
|
180 |
read response
|
181 |
done
|
181 |
done
|
182 |
if [ "$response" = "2" ]
|
182 |
if [ "$response" = "2" ]
|
183 |
then
|
183 |
then
|
184 |
rm -f /tmp/alcasar-conf*
|
184 |
rm -f /tmp/alcasar-conf*
|
Line 792... |
Line 792... |
792 |
$SED "s?^server\.bind.*?server\.bind = \"$HOSTNAME.$DOMAIN\"?g" /etc/lighttpd/lighttpd.conf
|
792 |
$SED "s?^server\.bind.*?server\.bind = \"$HOSTNAME.$DOMAIN\"?g" /etc/lighttpd/lighttpd.conf
|
793 |
$SED 's/^$SERVER\["socket"\] == ".*:443.*/$SERVER\["socket"\] == "'"$HOSTNAME.$DOMAIN"':443" {/g' /etc/lighttpd/vhosts.d/alcasar.conf
|
793 |
$SED 's/^$SERVER\["socket"\] == ".*:443.*/$SERVER\["socket"\] == "'"$HOSTNAME.$DOMAIN"':443" {/g' /etc/lighttpd/vhosts.d/alcasar.conf
|
794 |
$SED "s/^\([\t ]*\)var.server_name.*/\1var.server_name = \"$HOSTNAME.$DOMAIN\"/g" /etc/lighttpd/vhosts.d/alcasar.conf
|
794 |
$SED "s/^\([\t ]*\)var.server_name.*/\1var.server_name = \"$HOSTNAME.$DOMAIN\"/g" /etc/lighttpd/vhosts.d/alcasar.conf
|
795 |
|
795 |
|
796 |
/usr/bin/systemctl start lighttpd
|
796 |
/usr/bin/systemctl start lighttpd
|
- |
|
797 |
/usr/bin/systemctl start php-fpm
|
797 |
|
798 |
|
798 |
# Définition du premier compte lié au profil 'admin'
|
799 |
# Définition du premier compte lié au profil 'admin'
|
799 |
if [ "$mode" = "install" ]
|
800 |
if [ "$mode" = "install" ]
|
800 |
then
|
801 |
then
|
801 |
header_install
|
802 |
header_install
|
Line 2010... |
Line 2011... |
2010 |
|
2011 |
|
2011 |
[Install]
|
2012 |
[Install]
|
2012 |
WantedBy=multi-user.target
|
2013 |
WantedBy=multi-user.target
|
2013 |
EOF
|
2014 |
EOF
|
2014 |
# processes launched at boot time (Systemctl)
|
2015 |
# processes launched at boot time (Systemctl)
|
2015 |
for i in alcasar-load_balancing mysqld lighttpd ntpd iptables dnsmasq dnsmasq-blacklist dnsmasq-whitelist dnsmasq-blackhole radiusd nfsen dansguardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban havp tinyproxy vnstat sshd
|
2016 |
for i in alcasar-load_balancing mysqld lighttpd php-fpm ntpd iptables dnsmasq dnsmasq-blacklist dnsmasq-whitelist dnsmasq-blackhole radiusd nfsen dansguardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban havp tinyproxy vnstat sshd
|
2016 |
do
|
2017 |
do
|
2017 |
/usr/bin/systemctl -q enable $i.service
|
2018 |
/usr/bin/systemctl -q enable $i.service
|
2018 |
done
|
2019 |
done
|
2019 |
|
2020 |
|
2020 |
# disable processes at boot time (Systemctl)
|
2021 |
# disable processes at boot time (Systemctl)
|