WebSVN – ALCASAR – Diff – /alcasar.sh



#!/bin/bash
#  $Id: alcasar.sh 1839 2016-04-25 13:43:22Z richard $ 
 
# alcasar.sh
 
# ALCASAR Install script -  CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...] 
# Ce programme est un logiciel libre ; This software is free and open source

# sshd écoute côté LAN et WAN
	$SED "s?^#ListenAddress 0\.0\.0\.0.*?ListenAddress 0\.0\.0\.0?g" /etc/ssh/sshd_config
# sshd autorise les connections root par certificat
	$SED "s?^PermitRootLogin.*?PermitRootLogin without-password?g" /etc/ssh/sshd_config
	# Put the default values in conf file
	echo "SSH=on" >> $CONF_FILE
	echo "SSH_ADMIN_FROM=0.0.0.0/0.0.0.0" >> $CONF_FILE
	echo "LDAP=off" >> $CONF_FILE
	echo "LDAP_IP=0.0.0.0/0.0.0.0" >> $CONF_FILE
	echo "YOUTUBE_ID=ABCD1234567890abcdef" >> $CONF_FILE
	echo "MULTIWAN=off" >> $CONF_FILE

 
[Install]
WantedBy=multi-user.target
EOF
# processes launched at boot time (Systemctl)
	for i in alcasar-load_balancing mysqld httpd ntpd iptables dnsmasq dnsmasq-blacklist dnsmasq-whitelist dnsmasq-blackhole radiusd nfsen dansguardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban havp tinyproxy vnstat sshd
	do
		/usr/bin/systemctl -q enable $i.service
	done
	
# disable processes at boot time (Systemctl)

		$SED "/^kernel/s/splash quiet //" /boot/grub/menu.lst
		$SED "/^kernel/s/$/ vga=791/" /boot/grub/menu.lst
		$SED "/^kernel/s/BOOT_IMAGE=linux /BOOT_IMAGE=linux-nonfb /" /boot/grub/menu.lst
		$SED "/^gfxmenu/d" /boot/grub/menu.lst
	fi
 
 
 
 
 
# Load and apply the previous conf file
	if [ "$mode" = "update" ]
	then
		$DIR_DEST_BIN/alcasar-archive.sh --now # exports current logs in /var/Save/archive
		$DIR_DEST_BIN/alcasar-conf.sh --load

Rev 1837	Rev 1839
Line 1...	Line 1...
1	`#!/bin/bash`	1	`#!/bin/bash`
2	`# $Id: alcasar.sh 1837 2016-04-25 12:35:28Z richard $`	2	`# $Id: alcasar.sh 1839 2016-04-25 13:43:22Z richard $`
3		3
4	`# alcasar.sh`	4	`# alcasar.sh`
5		5
6	`# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]`	6	`# ALCASAR Install script - CopyLeft ALCASAR Team [Rexy + 3abtux + Steweb + Crox + ...]`
7	`# Ce programme est un logiciel libre ; This software is free and open source`	7	`# Ce programme est un logiciel libre ; This software is free and open source`
Line 1822...	Line 1822...
1822	`# sshd écoute côté LAN et WAN`	1822	`# sshd écoute côté LAN et WAN`
1823	`$SED "s?^#ListenAddress 0\.0\.0\.0.*?ListenAddress 0\.0\.0\.0?g" /etc/ssh/sshd_config`	1823	`$SED "s?^#ListenAddress 0\.0\.0\.0.*?ListenAddress 0\.0\.0\.0?g" /etc/ssh/sshd_config`
1824	`# sshd autorise les connections root par certificat`	1824	`# sshd autorise les connections root par certificat`
1825	`$SED "s?^PermitRootLogin.*?PermitRootLogin without-password?g" /etc/ssh/sshd_config`	1825	`$SED "s?^PermitRootLogin.*?PermitRootLogin without-password?g" /etc/ssh/sshd_config`
1826	`# Put the default values in conf file`	1826	`# Put the default values in conf file`
1827	`echo "SSH=off" >> $CONF_FILE`	1827	`echo "SSH=on" >> $CONF_FILE`
1828	`echo "SSH_ADMIN_FROM=0.0.0.0/0.0.0.0" >> $CONF_FILE`	1828	`echo "SSH_ADMIN_FROM=0.0.0.0/0.0.0.0" >> $CONF_FILE`
1829	`echo "LDAP=off" >> $CONF_FILE`	1829	`echo "LDAP=off" >> $CONF_FILE`
1830	`echo "LDAP_IP=0.0.0.0/0.0.0.0" >> $CONF_FILE`	1830	`echo "LDAP_IP=0.0.0.0/0.0.0.0" >> $CONF_FILE`
1831	`echo "YOUTUBE_ID=ABCD1234567890abcdef" >> $CONF_FILE`	1831	`echo "YOUTUBE_ID=ABCD1234567890abcdef" >> $CONF_FILE`
1832	`echo "MULTIWAN=off" >> $CONF_FILE`	1832	`echo "MULTIWAN=off" >> $CONF_FILE`
Line 1876...	Line 1876...
1876		1876
1877	`[Install]`	1877	`[Install]`
1878	`WantedBy=multi-user.target`	1878	`WantedBy=multi-user.target`
1879	`EOF`	1879	`EOF`
1880	`# processes launched at boot time (Systemctl)`	1880	`# processes launched at boot time (Systemctl)`
1881	`for i in alcasar-load_balancing mysqld httpd ntpd iptables dnsmasq dnsmasq-blacklist dnsmasq-whitelist dnsmasq-blackhole radiusd nfsen dansguardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban havp tinyproxy vnstat`	1881	`for i in alcasar-load_balancing mysqld httpd ntpd iptables dnsmasq dnsmasq-blacklist dnsmasq-whitelist dnsmasq-blackhole radiusd nfsen dansguardian freshclam ulogd-ssh ulogd-traceability ulogd-ext-access chilli fail2ban havp tinyproxy vnstat sshd`
1882	`do`	1882	`do`
1883	`/usr/bin/systemctl -q enable $i.service`	1883	`/usr/bin/systemctl -q enable $i.service`
1884	`done`	1884	`done`
1885		1885
1886	`# disable processes at boot time (Systemctl)`	1886	`# disable processes at boot time (Systemctl)`
Line 1927...	Line 1927...
1927	`$SED "/^kernel/s/splash quiet //" /boot/grub/menu.lst`	1927	`$SED "/^kernel/s/splash quiet //" /boot/grub/menu.lst`
1928	`$SED "/^kernel/s/$/ vga=791/" /boot/grub/menu.lst`	1928	`$SED "/^kernel/s/$/ vga=791/" /boot/grub/menu.lst`
1929	`$SED "/^kernel/s/BOOT_IMAGE=linux /BOOT_IMAGE=linux-nonfb /" /boot/grub/menu.lst`	1929	`$SED "/^kernel/s/BOOT_IMAGE=linux /BOOT_IMAGE=linux-nonfb /" /boot/grub/menu.lst`
1930	`$SED "/^gfxmenu/d" /boot/grub/menu.lst`	1930	`$SED "/^gfxmenu/d" /boot/grub/menu.lst`
1931	`fi`	1931	`fi`
1932	`# Remove unused services and users`	-
1933	`for svc in sshd`	-
1934	`do`	-
1935	`/usr/bin/systemctl -q enable $svc.service`	-
1936	`done`	-
1937	`# Load and apply the previous conf file`	1932	`# Load and apply the previous conf file`
1938	`if [ "$mode" = "update" ]`	1933	`if [ "$mode" = "update" ]`
1939	`then`	1934	`then`
1940	`$DIR_DEST_BIN/alcasar-archive.sh --now # exports current logs in /var/Save/archive`	1935	`$DIR_DEST_BIN/alcasar-archive.sh --now # exports current logs in /var/Save/archive`
1941	`$DIR_DEST_BIN/alcasar-conf.sh --load`	1936	`$DIR_DEST_BIN/alcasar-conf.sh --load`

Subversion Repositories ALCASAR

(root)/alcasar.sh – Rev 1837 → 1839