WebSVN – ALCASAR – Diff – /alcasar.sh



#!/bin/bash
#  $Id: alcasar.sh 1740 2016-01-03 23:10:30Z richard $ 
 
# alcasar.sh
 
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...] 
# Ce programme est un logiciel libre ; This software is free and open source

	else
		PRIVATE_IP_MASK=`grep PRIVATE_IP conf/etc/alcasar.conf|cut -d"=" -f2` 
		rm -rf conf/etc/alcasar.conf
	fi
# Define LAN side global parameters
	hostnamectl set-hostname $HOSTNAME.$DOMAIN
 
	PRIVATE_NETWORK=`/bin/ipcalc -n $PRIVATE_IP_MASK | cut -d"=" -f2`				# private network address (ie.: 192.168.182.0)
	private_network_ending=`echo $PRIVATE_NETWORK | cut -d"." -f4`					# last octet of LAN address
	PRIVATE_NETMASK=`/bin/ipcalc -m $PRIVATE_IP_MASK | cut -d"=" -f2`				# private network mask (ie.: 255.255.255.0)
	PRIVATE_PREFIX=`/bin/ipcalc -p $PRIVATE_IP_MASK |cut -d"=" -f2`					# network prefix (ie. 24)
	PRIVATE_IP=`echo $PRIVATE_IP_MASK | cut -d"/" -f1`						# ALCASAR private ip address (consultation LAN side)

	echo "INT_DNS_ACTIVE=off" >> $CONF_FILE
# network default
	[ -e /etc/sysconfig/network.default ] || cp /etc/sysconfig/network /etc/sysconfig/network.default
	cat <<EOF > /etc/sysconfig/network
NETWORKING=yes
 
FORWARD_IPV4=true
EOF
# /etc/hosts config
	[ -e /etc/hosts.default ] || cp /etc/hosts /etc/hosts.default
	cat <<EOF > /etc/hosts

	AllowOverride None
	Order deny,allow
	Deny from all
	Allow from 127.0.0.1
	Allow from $PRIVATE_NETWORK_MASK
 
	require valid-user
	AuthType digest
	AuthName $HOSTNAME.$DOMAIN
	BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
	AuthUserFile $DIR_DEST_ETC/digest/key_all

	AllowOverride None
	Order deny,allow
	Deny from all
	Allow from 127.0.0.1
	Allow from $PRIVATE_NETWORK_MASK
 
	require valid-user
	AuthType digest
	AuthName $HOSTNAME.$DOMAIN
	BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
	AuthUserFile $DIR_DEST_ETC/digest/key_admin

	AllowOverride None
	Order deny,allow
	Deny from all
	Allow from 127.0.0.1
	Allow from $PRIVATE_NETWORK_MASK
 
	require valid-user
	AuthType digest
	AuthName $HOSTNAME.$DOMAIN
	BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
	AuthUserFile $DIR_DEST_ETC/digest/key_manager

	AllowOverride None
	Order deny,allow
	Deny from all
	Allow from 127.0.0.1
	Allow from $PRIVATE_NETWORK_MASK
 
	require valid-user
	AuthType digest
	AuthName $HOSTNAME.$DOMAIN
	BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
	AuthUserFile $DIR_DEST_ETC/digest/key_backup

	Options Indexes
	Order deny,allow
	Deny from all
	Allow from 127.0.0.1
	Allow from $PRIVATE_NETWORK_MASK
 
	require valid-user
	AuthType digest
	AuthName $HOSTNAME.$DOMAIN
	AuthUserFile $DIR_DEST_ETC/digest/key_backup
	ErrorDocument 404 https://$HOSTNAME.$DOMAIN/

Rev 1737	Rev 1740
Line 1...	Line 1...
1	`#!/bin/bash`	1	`#!/bin/bash`
2	`# $Id: alcasar.sh 1737 2015-12-30 08:32:47Z richard $`	2	`# $Id: alcasar.sh 1740 2016-01-03 23:10:30Z richard $`
3		3
4	`# alcasar.sh`	4	`# alcasar.sh`
5		5
6	`# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]`	6	`# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]`
7	`# Ce programme est un logiciel libre ; This software is free and open source`	7	`# Ce programme est un logiciel libre ; This software is free and open source`
Line 450...	Line 450...
450	`else`	450	`else`
451	PRIVATE_IP_MASK=`grep PRIVATE_IP conf/etc/alcasar.conf\|cut -d"=" -f2`	451	PRIVATE_IP_MASK=`grep PRIVATE_IP conf/etc/alcasar.conf\|cut -d"=" -f2`
452	`rm -rf conf/etc/alcasar.conf`	452	`rm -rf conf/etc/alcasar.conf`
453	`fi`	453	`fi`
454	`# Define LAN side global parameters`	454	`# Define LAN side global parameters`
455	`hostname $HOSTNAME.$DOMAIN`	455	`hostnamectl set-hostname $HOSTNAME.$DOMAIN`
456	`echo $HOSTNAME.$DOMAIN > /etc/hostname`	-
457	PRIVATE_NETWORK=`/bin/ipcalc -n $PRIVATE_IP_MASK \| cut -d"=" -f2` # private network address (ie.: 192.168.182.0)	456	PRIVATE_NETWORK=`/bin/ipcalc -n $PRIVATE_IP_MASK \| cut -d"=" -f2` # private network address (ie.: 192.168.182.0)
458	private_network_ending=`echo $PRIVATE_NETWORK \| cut -d"." -f4` # last octet of LAN address	457	private_network_ending=`echo $PRIVATE_NETWORK \| cut -d"." -f4` # last octet of LAN address
459	PRIVATE_NETMASK=`/bin/ipcalc -m $PRIVATE_IP_MASK \| cut -d"=" -f2` # private network mask (ie.: 255.255.255.0)	458	PRIVATE_NETMASK=`/bin/ipcalc -m $PRIVATE_IP_MASK \| cut -d"=" -f2` # private network mask (ie.: 255.255.255.0)
460	PRIVATE_PREFIX=`/bin/ipcalc -p $PRIVATE_IP_MASK \|cut -d"=" -f2` # network prefix (ie. 24)	459	PRIVATE_PREFIX=`/bin/ipcalc -p $PRIVATE_IP_MASK \|cut -d"=" -f2` # network prefix (ie. 24)
461	PRIVATE_IP=`echo $PRIVATE_IP_MASK \| cut -d"/" -f1` # ALCASAR private ip address (consultation LAN side)	460	PRIVATE_IP=`echo $PRIVATE_IP_MASK \| cut -d"/" -f1` # ALCASAR private ip address (consultation LAN side)
Line 512...	Line 511...
512	`echo "INT_DNS_ACTIVE=off" >> $CONF_FILE`	511	`echo "INT_DNS_ACTIVE=off" >> $CONF_FILE`
513	`# network default`	512	`# network default`
514	`[ -e /etc/sysconfig/network.default ] \|\| cp /etc/sysconfig/network /etc/sysconfig/network.default`	513	`[ -e /etc/sysconfig/network.default ] \|\| cp /etc/sysconfig/network /etc/sysconfig/network.default`
515	`cat <<EOF > /etc/sysconfig/network`	514	`cat <<EOF > /etc/sysconfig/network`
516	`NETWORKING=yes`	515	`NETWORKING=yes`
517	`HOSTNAME="$HOSTNAME.$DOMAIN"`	-
518	`FORWARD_IPV4=true`	516	`FORWARD_IPV4=true`
519	`EOF`	517	`EOF`
520	`# /etc/hosts config`	518	`# /etc/hosts config`
521	`[ -e /etc/hosts.default ] \|\| cp /etc/hosts /etc/hosts.default`	519	`[ -e /etc/hosts.default ] \|\| cp /etc/hosts /etc/hosts.default`
522	`cat <<EOF > /etc/hosts`	520	`cat <<EOF > /etc/hosts`
Line 787...	Line 785...
787	`AllowOverride None`	785	`AllowOverride None`
788	`Order deny,allow`	786	`Order deny,allow`
789	`Deny from all`	787	`Deny from all`
790	`Allow from 127.0.0.1`	788	`Allow from 127.0.0.1`
791	`Allow from $PRIVATE_NETWORK_MASK`	789	`Allow from $PRIVATE_NETWORK_MASK`
792	`# Allow from AA.BB.CC.DD/32 # Allow from specific @IP`	-
793	`require valid-user`	790	`require valid-user`
794	`AuthType digest`	791	`AuthType digest`
795	`AuthName $HOSTNAME.$DOMAIN`	792	`AuthName $HOSTNAME.$DOMAIN`
796	`BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On`	793	`BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On`
797	`AuthUserFile $DIR_DEST_ETC/digest/key_all`	794	`AuthUserFile $DIR_DEST_ETC/digest/key_all`
Line 802...	Line 799...
802	`AllowOverride None`	799	`AllowOverride None`
803	`Order deny,allow`	800	`Order deny,allow`
804	`Deny from all`	801	`Deny from all`
805	`Allow from 127.0.0.1`	802	`Allow from 127.0.0.1`
806	`Allow from $PRIVATE_NETWORK_MASK`	803	`Allow from $PRIVATE_NETWORK_MASK`
807	`# Allow from AA.BB.CC.DD/32 # Allow from specific @IP`	-
808	`require valid-user`	804	`require valid-user`
809	`AuthType digest`	805	`AuthType digest`
810	`AuthName $HOSTNAME.$DOMAIN`	806	`AuthName $HOSTNAME.$DOMAIN`
811	`BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On`	807	`BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On`
812	`AuthUserFile $DIR_DEST_ETC/digest/key_admin`	808	`AuthUserFile $DIR_DEST_ETC/digest/key_admin`
Line 817...	Line 813...
817	`AllowOverride None`	813	`AllowOverride None`
818	`Order deny,allow`	814	`Order deny,allow`
819	`Deny from all`	815	`Deny from all`
820	`Allow from 127.0.0.1`	816	`Allow from 127.0.0.1`
821	`Allow from $PRIVATE_NETWORK_MASK`	817	`Allow from $PRIVATE_NETWORK_MASK`
822	`# Allow from AA.BB.CC.DD/32 # Allow from specific @IP`	-
823	`require valid-user`	818	`require valid-user`
824	`AuthType digest`	819	`AuthType digest`
825	`AuthName $HOSTNAME.$DOMAIN`	820	`AuthName $HOSTNAME.$DOMAIN`
826	`BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On`	821	`BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On`
827	`AuthUserFile $DIR_DEST_ETC/digest/key_manager`	822	`AuthUserFile $DIR_DEST_ETC/digest/key_manager`
Line 832...	Line 827...
832	`AllowOverride None`	827	`AllowOverride None`
833	`Order deny,allow`	828	`Order deny,allow`
834	`Deny from all`	829	`Deny from all`
835	`Allow from 127.0.0.1`	830	`Allow from 127.0.0.1`
836	`Allow from $PRIVATE_NETWORK_MASK`	831	`Allow from $PRIVATE_NETWORK_MASK`
837	`# Allow from AA.BB.CC.DD/32 # Allow from specific @IP`	-
838	`require valid-user`	832	`require valid-user`
839	`AuthType digest`	833	`AuthType digest`
840	`AuthName $HOSTNAME.$DOMAIN`	834	`AuthName $HOSTNAME.$DOMAIN`
841	`BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On`	835	`BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On`
842	`AuthUserFile $DIR_DEST_ETC/digest/key_backup`	836	`AuthUserFile $DIR_DEST_ETC/digest/key_backup`
Line 848...	Line 842...
848	`Options Indexes`	842	`Options Indexes`
849	`Order deny,allow`	843	`Order deny,allow`
850	`Deny from all`	844	`Deny from all`
851	`Allow from 127.0.0.1`	845	`Allow from 127.0.0.1`
852	`Allow from $PRIVATE_NETWORK_MASK`	846	`Allow from $PRIVATE_NETWORK_MASK`
853	`# Allow from AA.BB.CC.DD/32 # Allow from specific @IP`	-
854	`require valid-user`	847	`require valid-user`
855	`AuthType digest`	848	`AuthType digest`
856	`AuthName $HOSTNAME.$DOMAIN`	849	`AuthName $HOSTNAME.$DOMAIN`
857	`AuthUserFile $DIR_DEST_ETC/digest/key_backup`	850	`AuthUserFile $DIR_DEST_ETC/digest/key_backup`
858	`ErrorDocument 404 https://$HOSTNAME.$DOMAIN/`	851	`ErrorDocument 404 https://$HOSTNAME.$DOMAIN/`

Subversion Repositories ALCASAR

(root)/alcasar.sh – Rev 1737 → 1740