Subversion Repositories ALCASAR

Rev

Rev 3206 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 3206 Rev 3230
Line 1... Line 1...
1
#!/bin/bash
1
#!/bin/bash
2
# $Id: alcasar-conf.sh 3206 2024-06-16 22:31:29Z rexy $
2
# $Id: alcasar-conf.sh 3230 2024-11-06 23:38:15Z rexy $
3
 
3
 
4
# alcasar-conf.sh
4
# alcasar-conf.sh
5
# by REXY
5
# by REXY
6
# This script is distributed under the Gnu General Public License (GPL)
6
# This script is distributed under the Gnu General Public License (GPL)
7
 
7
 
Line 296... Line 296...
296
			$DIR_BIN/alcasar-dns-local.sh --reload
296
			$DIR_BIN/alcasar-dns-local.sh --reload
297
# Logout everybody
297
# Logout everybody
298
			$DIR_BIN/alcasar-logout.sh all
298
			$DIR_BIN/alcasar-logout.sh all
299
# Services stop
299
# Services stop
300
			echo -n "Stop services : "
300
			echo -n "Stop services : "
301
			for i in ntpd e2guardian unbound unbound-whitelist unbound-blacklist unbound-blackhole chilli network lighttpd
301
			for i in ntpd e2guardian unbound unbound-whitelist unbound-blacklist unbound-blackhole chilli network httpd
302
			do
302
			do
303
				/usr/bin/systemctl stop $i && echo -n "$i, "
303
				/usr/bin/systemctl stop $i && echo -n "$i, "
304
			done
304
			done
305
			echo
305
			echo
306
		fi
306
		fi
Line 351... Line 351...
351
				fi
351
				fi
352
		done < /tmp/hosts
352
		done < /tmp/hosts
353
		rm -f /tmp/hosts
353
		rm -f /tmp/hosts
354
# MOTD
354
# MOTD
355
		$SED "s@'https://\(.\+\)/acc'@'https://$HOSTNAME.$DOMAIN/acc'@" /etc/mageia-release
355
		$SED "s@'https://\(.\+\)/acc'@'https://$HOSTNAME.$DOMAIN/acc'@" /etc/mageia-release
356
# Lighttpd
356
# httpd
357
		$SED "s?^server\.bind.*?server\.bind = \"$PRIVATE_IP\"?g" /etc/lighttpd/lighttpd.conf
357
		$SED "s/^ServerName.*/ServerName $HOSTNAME.$DOMAIN/g" /etc/httpd/conf/httpd.conf
358
		$SED 's/^$SERVER\["socket"\] == ".*:443.*/$SERVER\["socket"\] == "'"$PRIVATE_IP"':443" {/g' /etc/lighttpd/vhosts.d/alcasar-with-ssl.conf /etc/lighttpd/vhosts.d/alcasar-without-ssl.conf
358
		$SED "s/^\tErrorDocument.*/\tErrorDocument 404 https:\/\/$HOSTNAME.$DOMAIN\//g" /etc/httpd/conf/webapps.d/alcasar.conf
-
 
359
		$SED "s/^\tAuthDigestDomain.*/\tAuthDigestDomain $HOSTNAME.$DOMAIN/g" /etc/httpd/conf/webapps.d/alcasar.conf
359
		$SED "s/^\([\t ]*\)var.server_name.*/\1var.server_name = \"$PRIVATE_IP\"/g" /etc/lighttpd/vhosts.d/alcasar-with-ssl.conf /etc/lighttpd/vhosts.d/alcasar-without-ssl.conf
360
		$SED "s/^    ServerName.*/    ServerName $HOSTNAME.$DOMAIN/g" /etc/httpd/conf/vhosts.d/00_default_vhosts.conf /etc/httpd/conf/vhosts.d/00_default_ssl_vhost.conf /etc/httpd/conf/vhosts-ssl.default
-
 
361
		$SED "s?^Listen.*?Listen $PRIVATE_IP:80?g" /etc/httpd/conf/httpd.conf
-
 
362
		FIC_MOD_SSL=`find /etc/httpd/conf/ -type f -name ssl.conf`
-
 
363
		$SED "s?^Listen.*?Listen $PRIVATE_IP:443?g" $FIC_MOD_SSL
-
 
364
		$SED "/127.0.0.1/!s?Allow from .*?Allow from $PRIVATE_NETWORK_MASK?g" /etc/httpd/conf/webapps.d/alcasar.conf
360
# FreeRADIUS
365
# FreeRADIUS
361
		$SED "s?^nas1_name:.*?nas1_name: alcasar-$ORGANISME?g" /etc/freeradius-web/naslist.conf
366
		$SED "s?^nas1_name:.*?nas1_name: alcasar-$ORGANISME?g" /etc/freeradius-web/naslist.conf
362
		$SED "s?^nas1_ip:.*?nas1_ip: $PRIVATE_IP?g" /etc/freeradius-web/naslist.conf
367
		$SED "s?^nas1_ip:.*?nas1_ip: $PRIVATE_IP?g" /etc/freeradius-web/naslist.conf
363
# CoovaChilli
368
# CoovaChilli
364
		$SED "s/^uamallowed.*/uamallowed\t$HOSTNAME,$HOSTNAME.$DOMAIN/g" /etc/chilli.conf
369
		$SED "s/^uamallowed.*/uamallowed\t$HOSTNAME,$HOSTNAME.$DOMAIN/g" /etc/chilli.conf
Line 466... Line 471...
466
			$SED "s?^HTTPS_LOGIN=.*?HTTPS_LOGIN=on?" $CONF_FILE
471
			$SED "s?^HTTPS_LOGIN=.*?HTTPS_LOGIN=on?" $CONF_FILE
467
			$SED "s?^HTTPS_CHILLI=.*?HTTPS_CHILLI=on?" $CONF_FILE
472
			$SED "s?^HTTPS_CHILLI=.*?HTTPS_CHILLI=on?" $CONF_FILE
468
			$SED "s?^uamserver.*?uamserver\thttps://$HOSTNAME.$DOMAIN/intercept.php?" /etc/chilli.conf
473
			$SED "s?^uamserver.*?uamserver\thttps://$HOSTNAME.$DOMAIN/intercept.php?" /etc/chilli.conf
469
			$SED "s?^#redirssl.*?redirssl?" /etc/chilli.conf
474
			$SED "s?^#redirssl.*?redirssl?" /etc/chilli.conf
470
			$SED "s?^#uamuissl.*?uamuissl?" /etc/chilli.conf
475
			$SED "s?^#uamuissl.*?uamuissl?" /etc/chilli.conf
471
			rm -f /etc/lighttpd/vhosts.d/alcasar.conf
-
 
472
			ln -s /etc/lighttpd/vhosts.d/alcasar-with-ssl.conf /etc/lighttpd/vhosts.d/alcasar.conf
-
 
473
		else
476
		else
474
			$SED "s?^HTTPS_LOGIN=.*?HTTPS_LOGIN=off?" $CONF_FILE
477
			$SED "s?^HTTPS_LOGIN=.*?HTTPS_LOGIN=off?" $CONF_FILE
475
			$SED "s?^HTTPS_CHILLI=.*?HTTPS_CHILLI=off?" $CONF_FILE
478
			$SED "s?^HTTPS_CHILLI=.*?HTTPS_CHILLI=off?" $CONF_FILE
476
			$SED "s?^uamserver.*?uamserver\thttp://$HOSTNAME.$DOMAIN/intercept.php?" /etc/chilli.conf
479
			$SED "s?^uamserver.*?uamserver\thttp://$HOSTNAME.$DOMAIN/intercept.php?" /etc/chilli.conf
477
			$SED "s?^redirssl.*?#&?" /etc/chilli.conf
480
			$SED "s?^redirssl.*?#&?" /etc/chilli.conf
478
			$SED "s?^uamuissl.*?#&?" /etc/chilli.conf
481
			$SED "s?^uamuissl.*?#&?" /etc/chilli.conf
479
			rm -f /etc/lighttpd/vhosts.d/alcasar.conf
-
 
480
			ln -s /etc/lighttpd/vhosts.d/alcasar-without-ssl.conf /etc/lighttpd/vhosts.d/alcasar.conf
-
 
481
		fi
482
		fi
482
# Services start
483
# Services start
483
		if [ "$PARENT_SCRIPT" != "alcasar.sh" ] # don't launch on install stage
484
		if [ "$PARENT_SCRIPT" != "alcasar.sh" ] # don't launch on install stage
484
		then
485
		then
485
			/usr/bin/systemctl start network && echo -n "Start service : network" && sleep 1
486
			/usr/bin/systemctl start network && echo -n "Start service : network" && sleep 1
Line 488... Line 489...
488
			do
489
			do
489
				sleep 1
490
				sleep 1
490
				/usr/bin/systemctl start $i && echo -n ", $i"
491
				/usr/bin/systemctl start $i && echo -n ", $i"
491
			done
492
			done
492
			$DIR_BIN/alcasar-bl.sh -reload && echo -n ", unbound-blacklist, unbound-whitelist, e2guardian, iptables"
493
			$DIR_BIN/alcasar-bl.sh -reload && echo -n ", unbound-blacklist, unbound-whitelist, e2guardian, iptables"
493
			/usr/bin/systemctl restart lighttpd && echo -n ", lighttpd"
494
			/usr/bin/systemctl restart httpd && echo -n ", httpd"
494
		fi
495
		fi
495
# Email user registration
496
# Email user registration
496
		$DIR_BIN/alcasar-mail-install.sh
497
		$DIR_BIN/alcasar-mail-install.sh
497
# Start / Stop LDAP authentification
498
# Start / Stop LDAP authentification
498
		if [ "$PARENT_SCRIPT" != "alcasar.sh" ] # don't launch on install stage
499
		if [ "$PARENT_SCRIPT" != "alcasar.sh" ] # don't launch on install stage