| Line 1... |
Line 1... |
| 1 |
#!/bin/bash
|
1 |
#!/bin/bash
|
| 2 |
# $Id: alcasar-conf.sh 2871 2020-10-28 18:17:44Z rexy $
|
2 |
# $Id: alcasar-conf.sh 2874 2020-10-31 13:54:28Z rexy $
|
| 3 |
|
3 |
|
| 4 |
# alcasar-conf.sh
|
4 |
# alcasar-conf.sh
|
| 5 |
# by REXY
|
5 |
# by REXY
|
| 6 |
# This script is distributed under the Gnu General Public License (GPL)
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
| 7 |
|
7 |
|
| Line 59... |
Line 59... |
| 59 |
case $args in
|
59 |
case $args in
|
| 60 |
-\? | -h* | --h*)
|
60 |
-\? | -h* | --h*)
|
| 61 |
echo "$usage"
|
61 |
echo "$usage"
|
| 62 |
exit 0
|
62 |
exit 0
|
| 63 |
;;
|
63 |
;;
|
| - |
|
64 |
###################################################
|
| - |
|
65 |
## Create an archive conf file ##
|
| - |
|
66 |
###################################################
|
| 64 |
--create|-create)
|
67 |
--create|-create)
|
| 65 |
[ -d $DIR_UPDATE ] && rm -rf $DIR_UPDATE
|
68 |
[ -d $DIR_UPDATE ] && rm -rf $DIR_UPDATE
|
| 66 |
mkdir $DIR_UPDATE
|
69 |
mkdir $DIR_UPDATE
|
| 67 |
# backup the users database (test to delete in future version)
|
70 |
# backup the users database (test to delete in future version)
|
| 68 |
$DIR_BIN/alcasar-mysql.sh --dump
|
71 |
$DIR_BIN/alcasar-mysql.sh --dump
|
| 69 |
cp /var/Save/base/"$(ls -1t /var/Save/base|head -1)" $DIR_UPDATE
|
72 |
cp /var/Save/base/"$(ls -1t /var/Save/base|head -1)" $DIR_UPDATE
|
| Line 103... |
Line 106... |
| 103 |
cp alcasar-conf.tar.gz /var/www/html/acc/backup/alcasar-conf.tar.gz
|
106 |
cp alcasar-conf.tar.gz /var/www/html/acc/backup/alcasar-conf.tar.gz
|
| 104 |
chown apache:apache /var/www/html/acc/backup/alcasar-conf.tar.gz
|
107 |
chown apache:apache /var/www/html/acc/backup/alcasar-conf.tar.gz
|
| 105 |
rm -rf $DIR_UPDATE
|
108 |
rm -rf $DIR_UPDATE
|
| 106 |
;;
|
109 |
;;
|
| 107 |
|
110 |
|
| - |
|
111 |
###################################################
|
| - |
|
112 |
## Load an archive conf file ##
|
| - |
|
113 |
###################################################
|
| 108 |
--load|-load)
|
114 |
--load|-load)
|
| 109 |
cd /var/tmp || { echo "Unable to find /var/tmp directory"; }
|
115 |
cd /var/tmp || { echo "Unable to find /var/tmp directory"; }
|
| 110 |
tar -xf alcasar-conf.tar.gz
|
116 |
tar -xf alcasar-conf.tar.gz
|
| 111 |
# copy alcasar.conf parameters
|
117 |
# copy alcasar.conf parameters
|
| 112 |
PREVIOUS_VERSION=`grep ^VERSION= $DIR_UPDATE/etc/alcasar.conf|cut -d"=" -f2`
|
118 |
PREVIOUS_VERSION=`grep ^VERSION= $DIR_UPDATE/etc/alcasar.conf|cut -d"=" -f2`
|
| Line 121... |
Line 127... |
| 121 |
if [ "$value" != "" ]
|
127 |
if [ "$value" != "" ]
|
| 122 |
then
|
128 |
then
|
| 123 |
sed -i "s?^$key.*?$key$value?g" /usr/local/etc/alcasar.conf
|
129 |
sed -i "s?^$key.*?$key$value?g" /usr/local/etc/alcasar.conf
|
| 124 |
fi
|
130 |
fi
|
| 125 |
done
|
131 |
done
|
| 126 |
## lighttpd need a .pem certificate (aggregation with private key & server crt)
|
132 |
# lighttpd need a .pem certificate (aggregation with private key & server crt)
|
| 127 |
[ ! -f $DIR_UPDATE/alcasar.pem ] && (cat $DIR_UPDATE/alcasar.key; echo; cat $DIR_UPDATE/alcasar.crt) > $DIR_UPDATE/alcasar.pem
|
133 |
[ ! -f $DIR_UPDATE/alcasar.pem ] && (cat $DIR_UPDATE/alcasar.key; echo; cat $DIR_UPDATE/alcasar.crt) > $DIR_UPDATE/alcasar.pem
|
| 128 |
# Retrieve organism logo
|
134 |
# Retrieve organism logo
|
| 129 |
[ -e $DIR_UPDATE/organisme.png ] && cp -f $DIR_UPDATE/organisme.png $DIR_WEB/images/
|
135 |
[ -e $DIR_UPDATE/organisme.png ] && cp -f $DIR_UPDATE/organisme.png $DIR_WEB/images/
|
| 130 |
chown apache:apache $DIR_WEB/images/organisme.png $DIR_WEB/intercept.php
|
136 |
chown apache:apache $DIR_WEB/images/organisme.png $DIR_WEB/intercept.php
|
| 131 |
# Retrieve the security certificates (CA and server)
|
137 |
# Retrieve the security certificates (CA and server)
|
| Line 152... |
Line 158... |
| 152 |
[ -e $DIR_UPDATE/etc/alcasar-uamdomain ] && cp -f $DIR_UPDATE/etc/alcasar-uamdomain $DIR_ETC/ # exception domain names
|
158 |
[ -e $DIR_UPDATE/etc/alcasar-uamdomain ] && cp -f $DIR_UPDATE/etc/alcasar-uamdomain $DIR_ETC/ # exception domain names
|
| 153 |
[ -e $DIR_UPDATE/etc/alcasar-uamallowed ] && cp -f $DIR_UPDATE/etc/alcasar-uamallowed $DIR_ETC/ # exception IP_addresses or network_IP_addresses
|
159 |
[ -e $DIR_UPDATE/etc/alcasar-uamallowed ] && cp -f $DIR_UPDATE/etc/alcasar-uamallowed $DIR_ETC/ # exception IP_addresses or network_IP_addresses
|
| 154 |
[ -e $DIR_UPDATE/etc/alcasar-ethers ] && cp -f $DIR_UPDATE/etc/alcasar-ethers $DIR_ETC/ # DHCP static hosts
|
160 |
[ -e $DIR_UPDATE/etc/alcasar-ethers ] && cp -f $DIR_UPDATE/etc/alcasar-ethers $DIR_ETC/ # DHCP static hosts
|
| 155 |
[ -e $DIR_UPDATE/etc/alcasar-ethers-info ] && cp -f $DIR_UPDATE/etc/alcasar-ethers-info $DIR_ETC/ # DHCP static hosts information
|
161 |
[ -e $DIR_UPDATE/etc/alcasar-ethers-info ] && cp -f $DIR_UPDATE/etc/alcasar-ethers-info $DIR_ETC/ # DHCP static hosts information
|
| 156 |
[ -e $DIR_UPDATE/etc/hosts ] && cp -f $DIR_UPDATE/etc/hosts /etc/ # local host name resolution
|
162 |
[ -e $DIR_UPDATE/etc/hosts ] && cp -f $DIR_UPDATE/etc/hosts /etc/ # local host name resolution
|
| - |
|
163 |
[ -e $DIR_UPDATE/etc/alcasar-letsencrypt ] && cp -f $DIR_UPDATE/etc/alcasar-letsencrypt $DIR_ETC/ # Letsencrypt local conf
|
| - |
|
164 |
[ -d $DIR_UPDATE/etc/letsencrypt ] && cp -rf $DIR_UPDATE/etc/letsencrypt $DIR_ETC/ # Letsencrypt local conf files
|
| 157 |
# Retrieve BL/WL custom files
|
165 |
# Retrieve BL/WL custom files
|
| 158 |
cp -f $DIR_UPDATE/custom_bl/exceptioniplist $DIR_E2G/
|
166 |
cp -f $DIR_UPDATE/custom_bl/exceptioniplist $DIR_E2G/
|
| 159 |
cp -f $DIR_UPDATE/custom_bl/exceptionsitelist $DIR_E2G/
|
167 |
cp -f $DIR_UPDATE/custom_bl/exceptionsitelist $DIR_E2G/
|
| 160 |
cp -f $DIR_UPDATE/custom_bl/urlregexplist $DIR_E2G/
|
168 |
cp -f $DIR_UPDATE/custom_bl/urlregexplist $DIR_E2G/
|
| 161 |
cp -f $DIR_UPDATE/custom_bl/bannedsitelist $DIR_E2G/
|
169 |
cp -f $DIR_UPDATE/custom_bl/bannedsitelist $DIR_E2G/
|
| Line 181... |
Line 189... |
| 181 |
fi
|
189 |
fi
|
| 182 |
# Remove the update folder
|
190 |
# Remove the update folder
|
| 183 |
rm -rf $DIR_UPDATE
|
191 |
rm -rf $DIR_UPDATE
|
| 184 |
;;
|
192 |
;;
|
| 185 |
|
193 |
|
| - |
|
194 |
####################################################
|
| - |
|
195 |
## Configure ALCASAR according to alcasar.conf ##
|
| - |
|
196 |
####################################################
|
| 186 |
--apply|-apply)
|
197 |
--apply|-apply)
|
| 187 |
PTN="\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/([012]?[0-9]|3[0-2])\b"
|
198 |
PTN="\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\/([012]?[0-9]|3[0-2])\b"
|
| 188 |
PRIVATE_IP_MASK=`grep ^PRIVATE_IP= $CONF_FILE|cut -d"=" -f2`
|
199 |
PRIVATE_IP_MASK=`grep ^PRIVATE_IP= $CONF_FILE|cut -d"=" -f2`
|
| 189 |
if ! echo $PRIVATE_IP_MASK | egrep -q $PTN
|
200 |
if ! echo $PRIVATE_IP_MASK | egrep -q $PTN
|
| 190 |
then
|
201 |
then
|