WebSVN – ALCASAR – Diff – /scripts/alcasar-conf.sh/



#!/bin/bash
# $Id: alcasar-conf.sh 2566 2018-07-09 22:19:53Z rexy $
 
# alcasar-conf.sh
# by REXY
# This script is distributed under the Gnu General Public License (GPL)
 

		cp -rf $DIR_ETC/* $DIR_UPDATE/etc/
		cp /etc/hosts $DIR_UPDATE/etc/
# backup of the security certificates (server & CA)
		cp -f /etc/pki/tls/certs/alcasar.crt* $DIR_UPDATE
		cp -f /etc/pki/tls/private/alcasar.key* $DIR_UPDATE
		cp -f /etc/pki/tls/private/alcasar.pem $DIR_UPDATE
		cp -f /etc/pki/CA/alcasar-ca.crt $DIR_UPDATE
		cp -f /etc/pki/CA/private/alcasar-ca.key $DIR_UPDATE
		if [ -e /etc/pki/tls/certs/server-chain.crt ]; then
			cp -f /etc/pki/tls/certs/server-chain.crt* $DIR_UPDATE # autosigned and official if exist
		else

# Retrieve the security certificates (CA and server)
		cp -f $DIR_UPDATE/alcasar-ca.crt* /etc/pki/CA/
		cp -f $DIR_UPDATE/alcasar-ca.key* /etc/pki/CA/private/
		cp -f $DIR_UPDATE/alcasar.crt /etc/pki/tls/certs/
		cp -f $DIR_UPDATE/alcasar.key /etc/pki/tls/private/
		cp -f $DIR_UPDATE/alcasar.pem /etc/pki/tls/private/	
		(cat /etc/pki/tls/private/alcasar.key; echo; cat /etc/pki/tls/certs/alcasar.crt) > /etc/pki/tls/private/alcasar.pem
		[ -e $DIR_UPDATE/server-chain.crt ] && cp -f $DIR_UPDATE/server-chain.crt* /etc/pki/tls/certs/ # autosigned and official if exist
		chown -R root:apache /etc/pki
		chmod -R 750 /etc/pki
# Import of the users database

			# apache & dansguardian are replaced with lighttpd & E²guardian
			rm_rpm="apache apache-mod_php apache-mod_ssl dansguardian"
			/usr/sbin/urpme --auto -a $rm_rpm
			/usr/sbin/urpme --auto --auto-orphans
			rm -rf /etc/httpd/ /var/log/httpd/ /var/dansguardian/ /etc/dansguardian/
			# lighttpd need a .pem certificate (aggregation with server crt & private key)
			(cat /etc/pki/tls/private/alcasar.key; echo; cat /etc/pki/tls/certs/alcasar.crt) > /etc/pki/tls/private/alcasar.pem
		fi
		;;
 
	--apply|-apply)
		PTN="\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/([012]?[0-9]|3[0-2])\b"

Subversion Repositories ALCASAR

(root)/scripts/alcasar-conf.sh/ – Rev 2561 → 2566

Rev 2561		Rev 2566
Line 1...		Line 1...
1	`#!/bin/bash`	1	`#!/bin/bash`
2	`# $Id: alcasar-conf.sh 2561 2018-06-20 22:03:06Z rexy $`	2	`# $Id: alcasar-conf.sh 2566 2018-07-09 22:19:53Z rexy $`
3		3
4	`# alcasar-conf.sh`	4	`# alcasar-conf.sh`
5	`# by REXY`	5	`# by REXY`
6	`# This script is distributed under the Gnu General Public License (GPL)`	6	`# This script is distributed under the Gnu General Public License (GPL)`
7		7
Line 97...		Line 97...
97	`cp -rf $DIR_ETC/* $DIR_UPDATE/etc/`	97	`cp -rf $DIR_ETC/* $DIR_UPDATE/etc/`
98	`cp /etc/hosts $DIR_UPDATE/etc/`	98	`cp /etc/hosts $DIR_UPDATE/etc/`
99	`# backup of the security certificates (server & CA)`	99	`# backup of the security certificates (server & CA)`
100	`cp -f /etc/pki/tls/certs/alcasar.crt* $DIR_UPDATE`	100	`cp -f /etc/pki/tls/certs/alcasar.crt* $DIR_UPDATE`
101	`cp -f /etc/pki/tls/private/alcasar.key* $DIR_UPDATE`	101	`cp -f /etc/pki/tls/private/alcasar.key* $DIR_UPDATE`
-		102	`cp -f /etc/pki/tls/private/alcasar.pem $DIR_UPDATE`
102	`cp -f /etc/pki/CA/alcasar-ca.crt $DIR_UPDATE`	103	`cp -f /etc/pki/CA/alcasar-ca.crt $DIR_UPDATE`
103	`cp -f /etc/pki/CA/private/alcasar-ca.key $DIR_UPDATE`	104	`cp -f /etc/pki/CA/private/alcasar-ca.key $DIR_UPDATE`
104	`if [ -e /etc/pki/tls/certs/server-chain.crt ]; then`	105	`if [ -e /etc/pki/tls/certs/server-chain.crt ]; then`
105	`cp -f /etc/pki/tls/certs/server-chain.crt* $DIR_UPDATE # autosigned and official if exist`	106	`cp -f /etc/pki/tls/certs/server-chain.crt* $DIR_UPDATE # autosigned and official if exist`
106	`else`	107	`else`
Line 127...		Line 128...
127	`# Retrieve the security certificates (CA and server)`	128	`# Retrieve the security certificates (CA and server)`
128	`cp -f $DIR_UPDATE/alcasar-ca.crt* /etc/pki/CA/`	129	`cp -f $DIR_UPDATE/alcasar-ca.crt* /etc/pki/CA/`
129	`cp -f $DIR_UPDATE/alcasar-ca.key* /etc/pki/CA/private/`	130	`cp -f $DIR_UPDATE/alcasar-ca.key* /etc/pki/CA/private/`
130	`cp -f $DIR_UPDATE/alcasar.crt /etc/pki/tls/certs/`	131	`cp -f $DIR_UPDATE/alcasar.crt /etc/pki/tls/certs/`
131	`cp -f $DIR_UPDATE/alcasar.key /etc/pki/tls/private/`	132	`cp -f $DIR_UPDATE/alcasar.key /etc/pki/tls/private/`
-		133	`cp -f $DIR_UPDATE/alcasar.pem /etc/pki/tls/private/`
132	`(cat /etc/pki/tls/private/alcasar.key; echo; cat /etc/pki/tls/certs/alcasar.crt) > /etc/pki/tls/private/alcasar.pem`	134	`(cat /etc/pki/tls/private/alcasar.key; echo; cat /etc/pki/tls/certs/alcasar.crt) > /etc/pki/tls/private/alcasar.pem`
133	`[ -e $DIR_UPDATE/server-chain.crt ] && cp -f $DIR_UPDATE/server-chain.crt* /etc/pki/tls/certs/ # autosigned and official if exist`	135	`[ -e $DIR_UPDATE/server-chain.crt ] && cp -f $DIR_UPDATE/server-chain.crt* /etc/pki/tls/certs/ # autosigned and official if exist`
134	`chown -R root:apache /etc/pki`	136	`chown -R root:apache /etc/pki`
135	`chmod -R 750 /etc/pki`	137	`chmod -R 750 /etc/pki`
136	`# Import of the users database`	138	`# Import of the users database`
Line 194...		Line 196...
194	`# apache & dansguardian are replaced with lighttpd & E²guardian`	196	`# apache & dansguardian are replaced with lighttpd & E²guardian`
195	`rm_rpm="apache apache-mod_php apache-mod_ssl dansguardian"`	197	`rm_rpm="apache apache-mod_php apache-mod_ssl dansguardian"`
196	`/usr/sbin/urpme --auto -a $rm_rpm`	198	`/usr/sbin/urpme --auto -a $rm_rpm`
197	`/usr/sbin/urpme --auto --auto-orphans`	199	`/usr/sbin/urpme --auto --auto-orphans`
198	`rm -rf /etc/httpd/ /var/log/httpd/ /var/dansguardian/ /etc/dansguardian/`	200	`rm -rf /etc/httpd/ /var/log/httpd/ /var/dansguardian/ /etc/dansguardian/`
-		201	`# lighttpd need a .pem certificate (aggregation with server crt & private key)`
-		202	`(cat /etc/pki/tls/private/alcasar.key; echo; cat /etc/pki/tls/certs/alcasar.crt) > /etc/pki/tls/private/alcasar.pem`
199	`fi`	203	`fi`
200	`;;`	204	`;;`
201		205
202	`--apply\|-apply)`	206	`--apply\|-apply)`
203	`PTN="\b(25[0-5]\|2[0-4][0-9]\|[01]?[0-9][0-9]?)\.(25[0-5]\|2[0-4][0-9]\|[01]?[0-9][0-9]?)\.(25[0-5]\|2[0-4][0-9]\|[01]?[0-9][0-9]?)\.(25[0-5]\|2[0-4][0-9]\|[01]?[0-9][0-9]?)\/([012]?[0-9]\|3[0-2])\b"`	207	`PTN="\b(25[0-5]\|2[0-4][0-9]\|[01]?[0-9][0-9]?)\.(25[0-5]\|2[0-4][0-9]\|[01]?[0-9][0-9]?)\.(25[0-5]\|2[0-4][0-9]\|[01]?[0-9][0-9]?)\.(25[0-5]\|2[0-4][0-9]\|[01]?[0-9][0-9]?)\/([012]?[0-9]\|3[0-2])\b"`