| Line 1... |
Line 1... |
| 1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
| 2 |
# $Id: alcasar.sh 1834 2016-04-24 19:01:36Z richard $
|
2 |
# $Id: alcasar.sh 1837 2016-04-25 12:35:28Z richard $
|
| 3 |
|
3 |
|
| 4 |
# alcasar.sh
|
4 |
# alcasar.sh
|
| 5 |
|
5 |
|
| 6 |
# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
|
6 |
# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]
|
| 7 |
# Ce programme est un logiciel libre ; This software is free and open source
|
7 |
# Ce programme est un logiciel libre ; This software is free and open source
|
| Line 27... |
Line 27... |
| 27 |
|
27 |
|
| 28 |
# Functions :
|
28 |
# Functions :
|
| 29 |
# testing : connectivity tests, free space test and mageia version test
|
29 |
# testing : connectivity tests, free space test and mageia version test
|
| 30 |
# init : Installation of RPM and scripts
|
30 |
# init : Installation of RPM and scripts
|
| 31 |
# network : Network parameters
|
31 |
# network : Network parameters
|
| 32 |
# time_server : NTPd configuration
|
- |
|
| 33 |
# ACC : ALCASAR Control Center installation
|
32 |
# ACC : ALCASAR Control Center installation
|
| 34 |
# CA : Certification Authority initialization
|
33 |
# CA : Certification Authority initialization
|
| - |
|
34 |
# time_server : NTPd configuration
|
| 35 |
# init_db : Initilization of radius database managed with MariaDB
|
35 |
# init_db : Initilization of radius database managed with MariaDB
|
| 36 |
# radius : FreeRadius initialisation
|
36 |
# radius : FreeRadius initialisation
|
| 37 |
# chilli : coovachilli initialisation (+authentication page)
|
37 |
# chilli : coovachilli initialisation (+authentication page)
|
| 38 |
# dansguardian : DansGuardian filtering HTTP proxy configuration
|
38 |
# dansguardian : DansGuardian filtering HTTP proxy configuration
|
| 39 |
# antivirus : HAVP + libclamav configuration
|
39 |
# antivirus : HAVP + libclamav configuration
|
| Line 612... |
Line 612... |
| 612 |
#
|
612 |
#
|
| 613 |
# the script "$DIR_DEST_BIN/alcasar-iptables.sh" is launched at the end in order to allow update via ssh
|
613 |
# the script "$DIR_DEST_BIN/alcasar-iptables.sh" is launched at the end in order to allow update via ssh
|
| 614 |
} # End of network ()
|
614 |
} # End of network ()
|
| 615 |
|
615 |
|
| 616 |
##################################################################
|
616 |
##################################################################
|
| 617 |
## Function "time_server" ##
|
- |
|
| 618 |
## - Configuring NTP server ##
|
- |
|
| 619 |
##################################################################
|
- |
|
| 620 |
time_server ()
|
- |
|
| 621 |
{
|
- |
|
| 622 |
# Set the Internet time server
|
- |
|
| 623 |
[ -e /etc/ntp/step-tickers.default ] || cp /etc/ntp/step-tickers /etc/ntp/step-tickers.default
|
- |
|
| 624 |
cat <<EOF > /etc/ntp/step-tickers
|
- |
|
| 625 |
0.fr.pool.ntp.org # adapt to your country
|
- |
|
| 626 |
1.fr.pool.ntp.org
|
- |
|
| 627 |
2.fr.pool.ntp.org
|
- |
|
| 628 |
EOF
|
- |
|
| 629 |
[ -e /etc/ntp.conf.default ] || cp /etc/ntp.conf /etc/ntp.conf.default
|
- |
|
| 630 |
cat <<EOF > /etc/ntp.conf
|
- |
|
| 631 |
server 0.fr.pool.ntp.org # adapt to your country
|
- |
|
| 632 |
server 1.fr.pool.ntp.org
|
- |
|
| 633 |
server 2.fr.pool.ntp.org
|
- |
|
| 634 |
server 127.127.1.0 # local clock si NTP internet indisponible ...
|
- |
|
| 635 |
fudge 127.127.1.0 stratum 10
|
- |
|
| 636 |
restrict $PRIVATE_NETWORK mask $PRIVATE_NETMASK nomodify notrap
|
- |
|
| 637 |
restrict 127.0.0.1
|
- |
|
| 638 |
driftfile /var/lib/ntp/drift
|
- |
|
| 639 |
logfile /var/log/ntp.log
|
- |
|
| 640 |
disable monitor
|
- |
|
| 641 |
EOF
|
- |
|
| 642 |
chown -R ntp:ntp /var/lib/ntp
|
- |
|
| 643 |
# Synchronize now
|
- |
|
| 644 |
ntpd -q -g &
|
- |
|
| 645 |
} # End of time_server ()
|
- |
|
| 646 |
##################################################################
|
- |
|
| 647 |
## Function "ACC" ##
|
617 |
## Function "ACC" ##
|
| 648 |
## - installation du centre de gestion (ALCASAR Control Center) ##
|
618 |
## - installation du centre de gestion (ALCASAR Control Center) ##
|
| 649 |
## - configuration du serveur web (Apache) ##
|
619 |
## - configuration du serveur web (Apache) ##
|
| 650 |
## - définition du 1er comptes de gestion ##
|
620 |
## - définition du 1er comptes de gestion ##
|
| 651 |
## - sécurisation des accès ##
|
621 |
## - sécurisation des accès ##
|
| Line 915... |
Line 885... |
| 915 |
EOF
|
885 |
EOF
|
| 916 |
chown -R root:apache /etc/pki
|
886 |
chown -R root:apache /etc/pki
|
| 917 |
chmod -R 750 /etc/pki
|
887 |
chmod -R 750 /etc/pki
|
| 918 |
} # End of CA ()
|
888 |
} # End of CA ()
|
| 919 |
|
889 |
|
| - |
|
890 |
##################################################################
|
| - |
|
891 |
## Function "time_server" ##
|
| - |
|
892 |
## - Configuring NTP server ##
|
| - |
|
893 |
##################################################################
|
| - |
|
894 |
time_server ()
|
| - |
|
895 |
{
|
| - |
|
896 |
# Set the Internet time server
|
| - |
|
897 |
[ -e /etc/ntp/step-tickers.default ] || cp /etc/ntp/step-tickers /etc/ntp/step-tickers.default
|
| - |
|
898 |
cat <<EOF > /etc/ntp/step-tickers
|
| - |
|
899 |
0.fr.pool.ntp.org # adapt to your country
|
| - |
|
900 |
1.fr.pool.ntp.org
|
| - |
|
901 |
2.fr.pool.ntp.org
|
| - |
|
902 |
EOF
|
| - |
|
903 |
[ -e /etc/ntp.conf.default ] || cp /etc/ntp.conf /etc/ntp.conf.default
|
| - |
|
904 |
cat <<EOF > /etc/ntp.conf
|
| - |
|
905 |
server 0.fr.pool.ntp.org # adapt to your country
|
| - |
|
906 |
server 1.fr.pool.ntp.org
|
| - |
|
907 |
server 2.fr.pool.ntp.org
|
| - |
|
908 |
server 127.127.1.0 # local clock si NTP internet indisponible ...
|
| - |
|
909 |
fudge 127.127.1.0 stratum 10
|
| - |
|
910 |
restrict $PRIVATE_NETWORK mask $PRIVATE_NETMASK nomodify notrap
|
| - |
|
911 |
restrict 127.0.0.1
|
| - |
|
912 |
driftfile /var/lib/ntp/drift
|
| - |
|
913 |
logfile /var/log/ntp.log
|
| - |
|
914 |
disable monitor
|
| - |
|
915 |
EOF
|
| - |
|
916 |
chown -R ntp:ntp /var/lib/ntp
|
| - |
|
917 |
# Synchronize now
|
| - |
|
918 |
ntpd -q -g &
|
| - |
|
919 |
} # End of time_server ()
|
| - |
|
920 |
|
| 920 |
##########################################################################################
|
921 |
##########################################################################################
|
| 921 |
## Fonction "init_db" ##
|
922 |
## Fonction "init_db" ##
|
| 922 |
## - Initialisation de la base Mysql ##
|
923 |
## - Initialisation de la base Mysql ##
|
| 923 |
## - Affectation du mot de passe de l'administrateur (root) ##
|
924 |
## - Affectation du mot de passe de l'administrateur (root) ##
|
| 924 |
## - Suppression des bases et des utilisateurs superflus ##
|
925 |
## - Suppression des bases et des utilisateurs superflus ##
|
| Line 2069... |
Line 2070... |
| 2069 |
MAJ_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f1`
|
2070 |
MAJ_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f1`
|
| 2070 |
MIN_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f2|cut -c1`
|
2071 |
MIN_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f2|cut -c1`
|
| 2071 |
UPD_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f3`
|
2072 |
UPD_PREVIOUS_VERSION=`echo $PREVIOUS_VERSION|cut -d"." -f3`
|
| 2072 |
mode="update"
|
2073 |
mode="update"
|
| 2073 |
fi
|
2074 |
fi
|
| 2074 |
for func in init network time_server ACC CA init_db radius chilli dansguardian antivirus tinyproxy ulogd nfsen vnstat dnsmasq BL cron fail2ban gammu_smsd post_install
|
2075 |
for func in init network ACC CA time_server init_db radius chilli dansguardian antivirus tinyproxy ulogd nfsen vnstat dnsmasq BL cron fail2ban gammu_smsd post_install
|
| 2075 |
do
|
2076 |
do
|
| 2076 |
$func
|
2077 |
$func
|
| 2077 |
# echo "*** 'debug' : end of function $func ***"; read a
|
2078 |
# echo "*** 'debug' : end of function $func ***"; read a
|
| 2078 |
done
|
2079 |
done
|
| 2079 |
;;
|
2080 |
;;
|