Subversion Repositories ALCASAR

Rev

Rev 2244 | Rev 2274 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2244 Rev 2247
Line 1... Line 1...
1 
#!/bin/bash
 1 
#!/bin/bash
2 
# $Id: alcasar-conf.sh 2244 2017-05-21 00:16:14Z tom.houdayer $
 2 
# $Id: alcasar-conf.sh 2247 2017-05-21 14:17:33Z tom.houdayer $
3 
 
 3 
 
4 
# alcasar-conf.sh
 4 
# alcasar-conf.sh
5 
# by REXY
 5 
# by REXY
6 
# This script is distributed under the Gnu General Public License (GPL)
 6 
# This script is distributed under the Gnu General Public License (GPL)
7 
 
 7 
 
Line 12... Line 12...
12 
# This script allows ALCASAR update
12 
# This script allows ALCASAR update
13 
#	- create the configuration files backup "/tmp/alcasar-conf.tar.gz" (alcasar-conf.sh -create)
 13 
#	- create the configuration files backup "/tmp/alcasar-conf.tar.gz" (alcasar-conf.sh -create)
14 
#	- load the backup of configuration files during the update process (alcasar-conf -load)
 14 
#	- load the backup of configuration files during the update process (alcasar-conf -load)
15 
#	- apply ALCASAR central configuration file "/usr/local/etc/alcasar.conf" when hot modification is needed (alcasar-conf -apply)
 15 
#	- apply ALCASAR central configuration file "/usr/local/etc/alcasar.conf" when hot modification is needed (alcasar-conf -apply)
16 
 
 16 
 
17 
new="$(date +%G%m%d-%Hh%M)"  			# date et heure des fichiers
 17 
new="$(date +%G%m%d-%Hh%M)"  				# date et heure des fichiers
18 
fichier="alcasar-conf-$new.tar.gz"		# nom du fichier de sauvegarde
 18 
fichier="alcasar-conf-$new.tar.gz"			# nom du fichier de sauvegarde
19 
DIR_UPDATE="/tmp/conf"				# répertoire de stockage des fichier de conf pour une mise à jour
 19 
DIR_UPDATE="/tmp/conf"					# répertoire de stockage des fichier de conf pour une mise à jour
20 
DIR_WEB="/var/www/html"				# répertoire du centre de gestion
 20 
DIR_WEB="/var/www/html"					# répertoire du centre de gestion
21 
DIR_BIN="/usr/local/bin"			# scripts directory
 21 
DIR_BIN="/usr/local/bin"				# scripts directory
22 
DIR_ETC="/usr/local/etc"			# conf directory
 22 
DIR_ETC="/usr/local/etc"				# conf directory
23 
DIR_SHARE="/usr/local/share"			# data directory
 23 
DIR_SHARE="/usr/local/share"				# data directory
24 
DIR_BLACKLIST="/etc/dansguardian/lists/blacklists"	# Toulouse BL directory
 24 
DIR_BLACKLIST="/etc/dansguardian/lists/blacklists"	# Toulouse BL directory
25 
CONF_FILE="$DIR_ETC/alcasar.conf"		# main alcasar conf file
 25 
CONF_FILE="$DIR_ETC/alcasar.conf"			# main alcasar conf file
26 
EXTIF=`grep ^EXTIF= $CONF_FILE|cut -d"=" -f2`	# EXTernal InterFace
 26 
EXTIF=`grep ^EXTIF= $CONF_FILE|cut -d"=" -f2`		# EXTernal InterFace
27 
INTIF=`grep ^INTIF= $CONF_FILE|cut -d"=" -f2`	# INTernal InterFace
 27 
INTIF=`grep ^INTIF= $CONF_FILE|cut -d"=" -f2`		# INTernal InterFace
28 
MTU=`grep ^PUBLIC_MTU= $CONF_FILE|cut -d"=" -f2` # INTernal InterFace
 28 
MTU=`grep ^PUBLIC_MTU= $CONF_FILE|cut -d"=" -f2`
29 
DHCP_mode=`grep ^DHCP= $CONF_FILE|cut -d"=" -f2`
 29 
DHCP_mode=`grep ^DHCP= $CONF_FILE|cut -d"=" -f2`
30 
INT_DNS_mode=`grep ^INT_DNS_ACTIVE= $CONF_FILE|cut -d"=" -f2`
 30 
INT_DNS_mode=`grep ^INT_DNS_ACTIVE= $CONF_FILE|cut -d"=" -f2`
31 
LDAP_mode=`grep ^LDAP= $CONF_FILE|cut -d"=" -f2`
 31 
LDAP_mode=`grep ^LDAP= $CONF_FILE|cut -d"=" -f2`
32 
HOSTNAME="alcasar"
 32 
HOSTNAME=`grep ^HOSTNAME= $CONF_FILE|cut -d"=" -f2`
- 
 
 33 
DOMAIN=`grep ^DOMAIN= $CONF_FILE|cut -d"=" -f2`
33 
DB_USER="radius"
 34 
DB_USER="radius"
34 
radiuspwd=""
 35 
radiuspwd=""
35 
SED="/bin/sed -i"
 36 
SED="/bin/sed -i"
36 
RUNNING_VERSION=`grep ^VERSION /usr/local/etc/alcasar.conf|cut -d'=' -f2`
 37 
RUNNING_VERSION=`grep ^VERSION= $CONF_FILE|cut -d'=' -f2`
37 
MAJ_RUNNING_VERSION=`echo $RUNNING_VERSION|cut -d"." -f1`
 38 
MAJ_RUNNING_VERSION=`echo $RUNNING_VERSION|cut -d"." -f1`
38 
MIN_RUNNING_VERSION=`echo $RUNNING_VERSION|cut -d"." -f2|cut -c1`
 39 
MIN_RUNNING_VERSION=`echo $RUNNING_VERSION|cut -d"." -f2|cut -c1`
39 
UPD_RUNNING_VERSION=`echo $RUNNING_VERSION|cut -d"." -f3`
 40 
UPD_RUNNING_VERSION=`echo $RUNNING_VERSION|cut -d"." -f3`
40 
DOMAIN=`grep DOMAIN $CONF_FILE|cut -d"=" -f2` 2>/dev/null
 - 
 
41 
DNS1=`grep "DNS1" $CONF_FILE | cut -d '=' -f 2` 			# server DNS1 (for WL domain names)
 41 
DNS1=`grep "DNS1" $CONF_FILE | cut -d '=' -f 2` 			# server DNS1 (for WL domain names)
42 
DOMAIN=${DOMAIN:=localdomain}
 42 
DOMAIN=${DOMAIN:=localdomain}
43 
DATE=`date '+%d %B %Y - %Hh%M'`
 43 
DATE=`date '+%d %B %Y - %Hh%M'`
- 
 
 44 
 
44 
private_network_calc ()
 45 
private_network_calc ()
45 
{
 46 
{
46 
	PRIVATE_PREFIX=`/bin/ipcalc -p $PRIVATE_IP $PRIVATE_NETMASK |cut -d"=" -f2`				# prefixe du réseau (ex. 24)
 47 
	PRIVATE_PREFIX=`/bin/ipcalc -p $PRIVATE_IP $PRIVATE_NETMASK |cut -d"=" -f2`				# prefixe du réseau (ex. 24)
47 
	PRIVATE_NETWORK=`/bin/ipcalc -n $PRIVATE_IP $PRIVATE_NETMASK| cut -d"=" -f2`				# @ réseau de consultation (ex.: 192.168.182.0)
 48 
	PRIVATE_NETWORK=`/bin/ipcalc -n $PRIVATE_IP $PRIVATE_NETMASK| cut -d"=" -f2`				# @ réseau de consultation (ex.: 192.168.182.0)
48 
	PRIVATE_NETWORK_MASK=$PRIVATE_NETWORK/$PRIVATE_PREFIX							# @ + masque du réseau de consult (192.168.182.0/24)
 49 
	PRIVATE_NETWORK_MASK=$PRIVATE_NETWORK/$PRIVATE_PREFIX							# @ + masque du réseau de consult (192.168.182.0/24)
Line 217... Line 218...
217 
		PRIVATE_IP=`echo $PRIVATE_IP_MASK | cut -d"/" -f1`
 218 
		PRIVATE_IP=`echo $PRIVATE_IP_MASK | cut -d"/" -f1`
218 
		PRIVATE_NETMASK=`/bin/ipcalc -m $PRIVATE_IP_MASK | cut -d"=" -f2`
 219 
		PRIVATE_NETMASK=`/bin/ipcalc -m $PRIVATE_IP_MASK | cut -d"=" -f2`
219 
		private_network_calc
 220 
		private_network_calc
220 
		INSTALL_DATE=`grep INSTALL_DATE $CONF_FILE|cut -d"=" -f2`
 221 
		INSTALL_DATE=`grep INSTALL_DATE $CONF_FILE|cut -d"=" -f2`
221 
		ORGANISME=`grep ORGANISM $CONF_FILE|cut -d"=" -f2`
 222 
		ORGANISME=`grep ORGANISM $CONF_FILE|cut -d"=" -f2`
222 
 		DOMAIN=`grep DOMAIN $CONF_FILE|cut -d"=" -f2`
 - 
 
223 
		DHCP_mode=`grep DHCP= $CONF_FILE|cut -d"=" -f2`
 223 
		DHCP_mode=`grep DHCP= $CONF_FILE|cut -d"=" -f2`
224 
		if [ "$PARENT_SCRIPT" != "alcasar.sh" ] # don't launch on install stage
 224 
		if [ "$PARENT_SCRIPT" != "alcasar.sh" ] # don't launch on install stage
225 
		then
 225 
		then
226 
			if [ $DHCP_mode = "off" ] || [ $DHCP_mode = "Off" ] || [ $DHCP_mode = "OFF" ]
 226 
			if [ $DHCP_mode = "off" ] || [ $DHCP_mode = "Off" ] || [ $DHCP_mode = "OFF" ]
227 
			then
 227 
			then
Line 253... Line 253...
253 
				/usr/bin/systemctl stop $i && echo -n "$i, "
 253 
				/usr/bin/systemctl stop $i && echo -n "$i, "
254 
			done
 254 
			done
255 
			/usr/bin/kill -s SIGSTOP $(pidof httpd)
 255 
			/usr/bin/kill -s SIGSTOP $(pidof httpd)
256 
			echo
 256 
			echo
257 
		fi
 257 
		fi
258 
 
 - 
 
259 
# /etc/hosts
 258 
# /etc/hosts
- 
 
 259 
		if [ "$HOSTNAME" != "alcasar" ] || [ "$DOMAIN" != "localdomain" ]; then
- 
 
 260 
			$SED "/alcasar/s?.*?$PRIVATE_IP\talcasar alcasar.localdomain $HOSTNAME.$DOMAIN?g" /etc/hosts
- 
 
 261 
		else
260 
		$SED "/alcasar/s?.*?$PRIVATE_IP\talcasar alcasar.localdomain?g" /etc/hosts
 262 
			$SED "/alcasar/s?.*?$PRIVATE_IP\talcasar alcasar.localdomain?g" /etc/hosts
- 
 
 263 
		fi
261 
# EXTIF config
 264 
# EXTIF config
262 
		if [ $PUBLIC_IP_MASK == "dhcp" ]
 265 
		if [ $PUBLIC_IP_MASK == "dhcp" ]
263 
		then
 266 
		then
264 
			cat <<EOF > /etc/sysconfig/network-scripts/ifcfg-$EXTIF
 267 
			cat <<EOF > /etc/sysconfig/network-scripts/ifcfg-$EXTIF
265 
DEVICE=$EXTIF
 268 
DEVICE=$EXTIF
Line 360... Line 363...
360 
			for i in dnsmasq tinyproxy ntpd
 363 
			for i in dnsmasq tinyproxy ntpd
361 
				do
 364 
				do
362 
					sleep 1
 365 
					sleep 1
363 
					/usr/bin/systemctl start $i && echo -n ", $i"
 366 
					/usr/bin/systemctl start $i && echo -n ", $i"
364 
				done
 367 
				done
365 
			$DIR_BIN/alcasar-bl.sh -reload && echo ", dnsmasq-blacklist, dnsmasq-whitelist, iptables,"
 368 
			$DIR_BIN/alcasar-bl.sh -reload && echo -n ", dnsmasq-blacklist, dnsmasq-whitelist, iptables"
366 
			/usr/bin/kill -s SIGCONT $(pidof httpd)
 369 
			/usr/bin/kill -s SIGCONT $(pidof httpd)
367 
			/usr/bin/systemctl reload httpd && echo -n ", httpd"
 370 
			/usr/bin/systemctl reload httpd && echo -n ", httpd"
368 
		fi
 371 
		fi
369 
# Start / Stop SSH Daemon
 372 
# Start / Stop SSH Daemon
370 
		ssh_active=`grep SSH= $CONF_FILE|cut -d"=" -f2`
 373 
		ssh_active=`grep SSH= $CONF_FILE|cut -d"=" -f2`
Line 380... Line 383...
380 
			if [ "$PARENT_SCRIPT" != "alcasar.sh" ] # don't launch on install stage
 383 
			if [ "$PARENT_SCRIPT" != "alcasar.sh" ] # don't launch on install stage
381 
			then
 384 
			then
382 
				/usr/bin/systemctl stop sshd.service
 385 
				/usr/bin/systemctl stop sshd.service
383 
			fi
 386 
			fi
384 
		fi
 387 
		fi
- 
 
 388 
		echo
385 
		;;
 389 
		;;
386 
	*)
 390 
	*)
387 
		echo "Argument inconnu :$1";
 391 
		echo "Argument inconnu :$1";
388 
		echo "$usage"
 392 
		echo "$usage"
389 
		exit 1
 393 
		exit 1
390 
		;;
 394 
		;;
391 
esac
 395 
esac
392 
 
 -