| Line 1... |
Line 1... |
| 1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
| 2 |
# $Id: alcasar.sh 2993 2022-03-06 23:02:08Z rexy $
|
2 |
# $Id: alcasar.sh 2994 2022-03-08 23:02:14Z rexy $
|
| 3 |
|
3 |
|
| 4 |
# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
|
4 |
# ALCASAR is a Free and open source NAC (Network Access Controler) created by Franck BOUIJOUX (3abtux), Pascal LEVANT and Richard REY (Rexy)
|
| 5 |
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, lighttpd, php, netfilter, e2guardian, ntpd, openssl, dnsmasq, unbound, gammu, clamav, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
|
5 |
# ALCASAR is based on a stripped Mageia (LSB) with the following open source softwares Coovachilli, freeradius, mariaDB, lighttpd, php, netfilter, e2guardian, ntpd, openssl, dnsmasq, unbound, gammu, clamav, Ulog, fail2ban, vnstat, wkhtml2pdf, ipt_NETFLOW, NFsen and NFdump
|
| 6 |
# contact : info@alcasar.net
|
6 |
# contact : info@alcasar.net
|
| 7 |
|
7 |
|
| Line 2128... |
Line 2128... |
| 2128 |
rm -rf /tmp/acme.sh-*
|
2128 |
rm -rf /tmp/acme.sh-*
|
| 2129 |
} # End of letsencrypt()
|
2129 |
} # End of letsencrypt()
|
| 2130 |
|
2130 |
|
| 2131 |
##################################################################
|
2131 |
##################################################################
|
| 2132 |
## "mail_service" ##
|
2132 |
## "mail_service" ##
|
| 2133 |
## - Install mail service for email registration method ##
|
2133 |
## - Install Postfix conf for email registration method ##
|
| 2134 |
##################################################################
|
2134 |
##################################################################
|
| 2135 |
mail_service()
|
2135 |
mail_service()
|
| 2136 |
{
|
2136 |
{
|
| 2137 |
[ -e /etc/postfix/main.cf.default ] || cp /etc/postfix/main.cf /etc/postfix/main.cf.default
|
2137 |
[ -e /etc/postfix/main.cf.default ] || cp /etc/postfix/main.cf /etc/postfix/main.cf.default
|
| 2138 |
cat << EOT >> /etc/postfix/main.cf
|
2138 |
cat << EOT >> /etc/postfix/main.cf
|
| 2139 |
myhostname = $HOSTNAME.$DOMAIN
|
2139 |
myhostname = $HOSTNAME.$DOMAIN
|
| - |
|
2140 |
EOT
|
| 2140 |
# Enable SASL authentication
|
2141 |
# Enable SASL authentication
|
| 2141 |
smtp_sasl_auth_enable = yes
|
2142 |
$SED "s?^smtp_sasl_auth_enable =.*?smtp_sasl_auth_enable = yes?g" /etc/postfix/main.cf
|
| 2142 |
# Disallow methods that allow anonymous authentication
|
2143 |
# Disallow methods that allow anonymous authentication
|
| 2143 |
smtp_sasl_security_options = noanonymous
|
2144 |
$SED "s?^smtp_sasl_security_options =.*?smtp_sasl_security_options = noanonymous?g" /etc/postfix/main.cf
|
| 2144 |
# Location of sasl_passwd
|
2145 |
# Location of sasl_passwd
|
| 2145 |
smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd
|
2146 |
$SED "s?^smtp_sasl_password_maps =.*?smtp_sasl_password_maps = hash:/etc/postfix/sasl/sasl_passwd?g" /etc/postfix/main.cf
|
| 2146 |
EOT
|
- |
|
| 2147 |
# postfix banner anonymisation
|
2147 |
# Banner anonymisation
|
| 2148 |
$SED "s?^smtpd_banner =.*?smtpd_banner = \$myhostname ESMTP?g" /etc/postfix/main.cf
|
2148 |
$SED "s?^smtpd_banner =.*?smtpd_banner = \$myhostname ESMTP?g" /etc/postfix/main.cf
|
| 2149 |
chown -R postfix:postfix /var/lib/postfix
|
2149 |
chown -R postfix:postfix /var/lib/postfix
|
| 2150 |
} # end of mail_service
|
2150 |
} # end of mail_service
|
| 2151 |
|
2151 |
|
| 2152 |
##################################################################
|
2152 |
##################################################################
|