diff --git a/scripts/checks/check_requirements.sh b/scripts/checks/check_requirements.sh index c554f20..2187509 100755 --- a/scripts/checks/check_requirements.sh +++ b/scripts/checks/check_requirements.sh @@ -14,7 +14,6 @@ checkRequirements() checkConfigRequirement; checkPasswordsRequirement; checkDatabaseRequirement; - checkSSHKeysRequirement; checkDockerRequirement; checkDockerComposeRequirement; checkDockerRootlessRequirement; @@ -26,12 +25,9 @@ checkRequirements() checkSwapfileRequirement; checkCrontabRequirement; checkWebUISystemdRequirement; - checkSSHRemoteRequirement; checkSuggestInstallsRequirement; checkLibrePortalWebUIImageRequirement; checkLibrePortalWebUIAppRequirement; - checkSSHDownloadRequirement; - checkSSHPasswordRequirement; checkTraefikRequirement; checkDockerSwitcherRequirement; diff --git a/scripts/checks/requirements/check_sshdownload.sh b/scripts/checks/requirements/check_sshdownload.sh deleted file mode 100755 index a1b7563..0000000 --- a/scripts/checks/requirements/check_sshdownload.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash - -checkSSHDownloadRequirement() -{ - local sshdownload_status=$(dockerCheckAppInstalled "sshdownload" "docker") - if [[ "$sshdownload_status" == "installed" ]]; then - while true; do - isHeader "SSH SECURITY WARNING" - isNotice "The SSH Download download service is currently online." - isNotice "This is potentially DANGEROUS as it's accessable via anyone on the VPN" - isNotice "We highly recommend uninstalling this service after downloading the SSH keys" - isNotice "If you need to access this again, you can install it via the system install option" - echo "" - isQuestion "Would like to destroy the SSH Download service for security purposes? (y/n): " - read -p "" ssh_download_uninstall - if [[ -n "$ssh_download_uninstall" ]]; then - break - fi - isNotice "Please provide a valid input." - done - if [[ "$ssh_download_uninstall" == [yY] ]]; then - dockerUninstallApp sshdownload; - fi - fi -} \ No newline at end of file diff --git a/scripts/checks/requirements/check_sshkeys.sh b/scripts/checks/requirements/check_sshkeys.sh deleted file mode 100755 index 63fffdf..0000000 --- a/scripts/checks/requirements/check_sshkeys.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash - -checkSSHKeysRequirement() -{ - # SSH Keys - if [[ $CFG_SSHKEY_ROOT_ENABLED == "true" ]]; then - if checkSSHSetupKeyPair "root"; then - isSuccessful "The SSH Key(s) for root appears to be setup." - else - isNotice "An SSH Key for root is not setup." - SSHKEY_SETUP_NEEDED="true" - ((preinstallneeded++)) - fi - fi - if [[ $CFG_SSHKEY_LIBREPORTAL_ENABLED == "true" ]]; then - if checkSSHSetupKeyPair "$sudo_user_name"; then - isSuccessful "The SSH Key(s) for $sudo_user_name appears to be setup." - else - isNotice "An SSH Key for $sudo_user_name is not setup." - SSHKEY_SETUP_NEEDED="true" - ((preinstallneeded++)) - fi - fi - if [[ $CFG_SSHKEY_DOCKERINSTALL_ENABLED == "true" ]]; then - if [[ "$CFG_DOCKER_INSTALL_TYPE" == "rootless" ]]; then - if checkSSHSetupKeyPair "$CFG_DOCKER_INSTALL_USER"; then - isSuccessful "The SSH Key(s) for $CFG_DOCKER_INSTALL_USER appears to be setup." - else - isNotice "An SSH Key for $CFG_DOCKER_INSTALL_USER is not setup." - SSHKEY_SETUP_NEEDED="true" - ((preinstallneeded++)) - fi - fi - fi -} \ No newline at end of file diff --git a/scripts/checks/requirements/check_sshpassword.sh b/scripts/checks/requirements/check_sshpassword.sh deleted file mode 100755 index facbbac..0000000 --- a/scripts/checks/requirements/check_sshpassword.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash - -checkSSHPasswordRequirement() -{ - if [[ $CFG_REQUIREMENT_SSH_DISABLE_PASSWORDS == "true" ]]; then - if grep -q "PasswordAuthentication no" $sshd_config; then - isSuccessful "SSH Password appears to be disabled." - else - isNotice "Password Authentication has not been disabled." - SSHKEY_DISABLE_PASS_NEEDED="true" - ((preinstallneeded++)) - fi - fi -} \ No newline at end of file diff --git a/scripts/checks/requirements/check_sshremote.sh b/scripts/checks/requirements/check_sshremote.sh deleted file mode 100755 index 11f3721..0000000 --- a/scripts/checks/requirements/check_sshremote.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash - -checkSSHRemoteRequirement() -{ - if [[ $CFG_REQUIREMENT_SSHREMOTE == "true" ]]; then - ### Custom SSH Remote Install - if [[ -n "$CFG_IPS_SSH_SETUP" ]]; then - ip_found=0 - # Split the comma-separated IP addresses into an array - IFS=',' read -ra ip_addresses <<< "$CFG_IPS_SSH_SETUP" - # Loop through the IP addresses - for ip in "${ip_addresses[@]}"; do - ip_found=1 - done - - if [ "$ip_found" -eq 0 ]; then - isSuccessful "No Remote SSH Install IP has been found to setup" - else - isSuccessful "Remote SSH Install IP(s) have been found to setup" - setupSSHRemoteKeys=true - ((preinstallneeded++)) - fi - else - isSuccessful "No hosts found in the configuration." - fi - fi -} \ No newline at end of file diff --git a/scripts/database/insert/db_insert_ssh.sh b/scripts/database/insert/db_insert_ssh.sh deleted file mode 100755 index d9e3050..0000000 --- a/scripts/database/insert/db_insert_ssh.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash - -databaseSSHInsert() -{ - local app_name="$1" - local table_name=ssh - local result=$(sudo sqlite3 "$docker_dir/$db_file" "INSERT INTO $table_name (ip, date, time) VALUES ('$app_name', '$current_date', '$current_time');") - checkSuccess "Adding $app_name to the $table_name table." -} diff --git a/scripts/database/insert/db_insert_ssh_keys.sh b/scripts/database/insert/db_insert_ssh_keys.sh deleted file mode 100755 index 1ecebf9..0000000 --- a/scripts/database/insert/db_insert_ssh_keys.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash - -databaseSSHKeysInsert() -{ - local key_filename="$1" - local key_file=$(basename "$key_filename") - local table_name=ssh_keys - local key_in_db=$(sudo sqlite3 "$docker_dir/$db_file" "SELECT COUNT(*) FROM $table_name WHERE name = '$key_file';") - - if [ "$key_in_db" -eq 0 ]; then - local result=$(sudo sqlite3 "$docker_dir/$db_file" "INSERT INTO $table_name (name, date, time) VALUES ('$key_file', '$current_date', '$current_time');") - checkSuccess "Adding $key_file to the $table_name table." - else - local result=$(sudo sqlite3 "$docker_dir/$db_file" "UPDATE $table_name SET name = '$key_file', date = '$current_date', time = '$current_time' WHERE name = '$key_file';") - checkSuccess "$key_file already added to the $table_name table. Updating date/time." - fi -} diff --git a/scripts/menu/tools/manage_main.sh b/scripts/menu/tools/manage_main.sh index a755a82..ded7c67 100755 --- a/scripts/menu/tools/manage_main.sh +++ b/scripts/menu/tools/manage_main.sh @@ -7,16 +7,15 @@ toolsMenu() while true; do isHeader "Tools Menu" - isOption "1. Menu - SSH" - isOption "2. Menu - Docker" - isOption "3. Menu - Crontab" + isOption "1. Menu - Docker" + isOption "2. Menu - Crontab" # Only show Git reset option if not a local installation if [[ "$CFG_INSTALL_MODE" != "local" ]]; then - isOption "4. Tool - Reset LibrePortal Git Folder" - isOption "5. Tool - Force Pre-Installation" + isOption "3. Tool - Reset LibrePortal Git Folder" + isOption "4. Tool - Force Pre-Installation" isOption "x. Exit to Main Menu" else - isOption "4. Tool - Force Pre-Installation" + isOption "3. Tool - Force Pre-Installation" isOption "x. Exit to Main Menu" fi echo "" @@ -25,15 +24,12 @@ toolsMenu() case $tools_menu_choice in 1) - sshToolsMenu; - ;; - 2) dockerToolsMenu; ;; - 3) + 2) crontabToolsMenu; ;; - 4) + 3) # Handle different option numbers based on installation mode if [[ "$CFG_INSTALL_MODE" != "local" ]]; then toolsresetgit=y @@ -43,13 +39,13 @@ toolsMenu() startOther; fi ;; - 5) + 4) # Only show this option if not local installation if [[ "$CFG_INSTALL_MODE" != "local" ]]; then toolstartpreinstallation=y startOther; else - # For local installation, option 5 doesn't exist + # For local installation, option 4 doesn't exist isNotice "Invalid choice. Please select a valid option." fi ;; diff --git a/scripts/menu/tools/manage_ssh.sh b/scripts/menu/tools/manage_ssh.sh deleted file mode 100755 index af4bd9a..0000000 --- a/scripts/menu/tools/manage_ssh.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash - -sshToolsMenu() -{ - # Enable input - stty echo - - while true; do - isHeader "SSH Menu" - isOption "1. Regenerate SSH Key - LibrePortal" - isOption "2. Regenerate SSH Key - Dockerinstall" - isOption "3. Setup SSH Keys for Download" - isOption "x. Exit to Main Menu" - echo "" - isQuestion "What is your choice: " - read -rp "" ssh_menu_choice - - case $ssh_menu_choice in - 1) - regenerateSSHSetupKeyPair "libreportal"; - ;; - 2) - regenerateSSHSetupKeyPair "dockerinstall"; - ;; - 3) - toolsetupsshkeys=y - startOther; - ;; - x) - endStart; - - ;; - *) - isNotice "Invalid choice. Please select a valid option." - ;; - esac - done -} diff --git a/scripts/menu/tools/manage_tools.sh b/scripts/menu/tools/manage_tools.sh deleted file mode 100755 index af4bd9a..0000000 --- a/scripts/menu/tools/manage_tools.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash - -sshToolsMenu() -{ - # Enable input - stty echo - - while true; do - isHeader "SSH Menu" - isOption "1. Regenerate SSH Key - LibrePortal" - isOption "2. Regenerate SSH Key - Dockerinstall" - isOption "3. Setup SSH Keys for Download" - isOption "x. Exit to Main Menu" - echo "" - isQuestion "What is your choice: " - read -rp "" ssh_menu_choice - - case $ssh_menu_choice in - 1) - regenerateSSHSetupKeyPair "libreportal"; - ;; - 2) - regenerateSSHSetupKeyPair "dockerinstall"; - ;; - 3) - toolsetupsshkeys=y - startOther; - ;; - x) - endStart; - - ;; - *) - isNotice "Invalid choice. Please select a valid option." - ;; - esac - done -} diff --git a/scripts/source/files/app_files.sh b/scripts/source/files/app_files.sh index 1d4c72a..b423ac1 100755 --- a/scripts/source/files/app_files.sh +++ b/scripts/source/files/app_files.sh @@ -23,7 +23,6 @@ files_libreportal_app=( "${restore_scripts[@]}" "${setup_scripts[@]}" "${source_scripts[@]}" - "${ssh_scripts[@]}" "${ssl_scripts[@]}" "${start_scripts[@]}" "${swapfile_scripts[@]}" diff --git a/scripts/source/files/arrays/files_api.sh b/scripts/source/files/arrays/files_api.sh deleted file mode 100755 index e83d8d2..0000000 --- a/scripts/source/files/arrays/files_api.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash - -# This file is auto-generated by generate_arrays.sh -# Do not edit manually - run './scripts/source/files/generate_arrays.sh run' to regenerate - -api_scripts=( - "api/test_mail_connection.sh" - -) diff --git a/scripts/source/files/arrays/files_checks.sh b/scripts/source/files/arrays/files_checks.sh index 0ffe006..230dd14 100755 --- a/scripts/source/files/arrays/files_checks.sh +++ b/scripts/source/files/arrays/files_checks.sh @@ -21,10 +21,6 @@ checks_scripts=( "checks/requirements/check_manager.sh" "checks/requirements/check_passwords.sh" "checks/requirements/check_root.sh" - "checks/requirements/check_sshdownload.sh" - "checks/requirements/check_sshkeys.sh" - "checks/requirements/check_sshpassword.sh" - "checks/requirements/check_sshremote.sh" "checks/requirements/check_sslcerts.sh" "checks/requirements/check_suggest_installs.sh" "checks/requirements/check_swapfile.sh" diff --git a/scripts/source/files/arrays/files_database.sh b/scripts/source/files/arrays/files_database.sh index 899bf0b..a17152e 100755 --- a/scripts/source/files/arrays/files_database.sh +++ b/scripts/source/files/arrays/files_database.sh @@ -18,8 +18,6 @@ database_scripts=( "database/insert/db_insert_port_open.sh" "database/insert/db_insert_port_used.sh" "database/insert/db_insert_restore.sh" - "database/insert/db_insert_ssh_keys.sh" - "database/insert/db_insert_ssh.sh" "database/install_sqlite.sh" "database/tables/db_create_tables.sh" "database/tables/db_display_tables.sh" diff --git a/scripts/source/files/arrays/files_menu.sh b/scripts/source/files/arrays/files_menu.sh index 3e7650a..e690158 100755 --- a/scripts/source/files/arrays/files_menu.sh +++ b/scripts/source/files/arrays/files_menu.sh @@ -21,8 +21,6 @@ menu_scripts=( "menu/tools/manage_linkding.sh" "menu/tools/manage_main.sh" "menu/tools/manage_mattermost.sh" - "menu/tools/manage_ssh.sh" - "menu/tools/manage_tools.sh" "menu/tools/manage_wireguard.sh" ) diff --git a/scripts/source/files/arrays/files_source.sh b/scripts/source/files/arrays/files_source.sh index 5494088..1e2d5c4 100755 --- a/scripts/source/files/arrays/files_source.sh +++ b/scripts/source/files/arrays/files_source.sh @@ -4,7 +4,6 @@ # Do not edit manually - run './scripts/source/files/generate_arrays.sh run' to regenerate source_scripts=( - "source/files/arrays/files_api.sh" "source/files/arrays/files_app.sh" "source/files/arrays/files_backup.sh" "source/files/arrays/files_checks.sh" @@ -25,7 +24,6 @@ source_scripts=( "source/files/arrays/files_restore.sh" "source/files/arrays/files_setup.sh" "source/files/arrays/files_source.sh" - "source/files/arrays/files_ssh.sh" "source/files/arrays/files_start.sh" "source/files/arrays/files_update.sh" "source/files/arrays/files_webui.sh" diff --git a/scripts/source/files/arrays/files_ssh.sh b/scripts/source/files/arrays/files_ssh.sh deleted file mode 100755 index d40aae9..0000000 --- a/scripts/source/files/arrays/files_ssh.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash - -# This file is auto-generated by generate_arrays.sh -# Do not edit manually - run './scripts/source/files/generate_arrays.sh run' to regenerate - -ssh_scripts=( - "ssh/disable_passwords/disable_ssh_auth.sh" - "ssh/disable_passwords/update_ssh_html.sh" - "ssh/keys/check_key_pair.sh" - "ssh/keys/generate_key_pair.sh" - "ssh/keys/install_key_pair.sh" - "ssh/keys/regenerate_key_pair.sh" - "ssh/keys/setup_auth_key.sh" - "ssh/keys/setup_key_pair.sh" - -) diff --git a/scripts/source/files/arrays/files_webui.sh b/scripts/source/files/arrays/files_webui.sh index 4415ec1..7302a15 100755 --- a/scripts/source/files/arrays/files_webui.sh +++ b/scripts/source/files/arrays/files_webui.sh @@ -46,6 +46,5 @@ webui_scripts=( "webui/webui_install_image.sh" "webui/webui_install_systemd.sh" "webui/webui_updater.sh" - "webui/webui_update_ssh.sh" ) diff --git a/scripts/source/files/cli_files.sh b/scripts/source/files/cli_files.sh index 82f6c46..e24fb1a 100755 --- a/scripts/source/files/cli_files.sh +++ b/scripts/source/files/cli_files.sh @@ -23,7 +23,6 @@ files_libreportal_cli=( "${restore_scripts[@]}" "${setup_scripts[@]}" "${source_scripts[@]}" - "${ssh_scripts[@]}" "${ssl_scripts[@]}" "${start_scripts[@]}" "${swapfile_scripts[@]}" diff --git a/scripts/source/files/generate_arrays.sh b/scripts/source/files/generate_arrays.sh index c2899be..cd513ef 100755 --- a/scripts/source/files/generate_arrays.sh +++ b/scripts/source/files/generate_arrays.sh @@ -49,6 +49,17 @@ isNotice "Scanning scripts/ for subfolder arrays..." # Create arrays directory if it doesn't exist mkdir -p "$ARRAYS_DIR" +# Prune arrays whose source folder no longer exists, so a removed area (e.g. +# scripts/ssh/) doesn't linger in the sourced set as a stale files_*.sh. +for existing in "$ARRAYS_DIR"/files_*.sh; do + [ -f "$existing" ] || continue + pruned_name=$(basename "$existing"); pruned_name=${pruned_name#files_}; pruned_name=${pruned_name%.sh} + if [ ! -d "$SCRIPTS_DIR/$pruned_name" ]; then + rm -f "$existing" + isNotice "Pruned stale files_${pruned_name}.sh (no scripts/$pruned_name/)" + fi +done + # Get all directories in scripts folder for folder in "$SCRIPTS_DIR"/*; do if [ -d "$folder" ]; then diff --git a/scripts/ssh/disable_passwords/disable_ssh_auth.sh b/scripts/ssh/disable_passwords/disable_ssh_auth.sh deleted file mode 100755 index 617af7b..0000000 --- a/scripts/ssh/disable_passwords/disable_ssh_auth.sh +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/bash - -installDisableSSHPassword() -{ - if [[ $CFG_REQUIREMENT_SSH_DISABLE_PASSWORDS == "true" ]]; then - # Check if already disabled - if [[ $SSHKEY_DISABLE_PASS_NEEDED == "true" ]]; then - while true; do - isHeader "SSH Password Disabler" - isQuestion "Do you want to disable SSH password logins? (y/n): " - read -p "" disable_ssh_passwords - case "$disable_ssh_passwords" in - [Yy]*) - local backup_file="$sshd_config_backup_$current_date-$current_time" - result=$(sudo cp $sshd_config "$backup_file") - checkSuccess "Backup sshd_config file" - - result=$(sudo sed -i '/^PasswordAuthentication/d' $sshd_config) - checkSuccess "Removing existing PasswordAuthentication lines" - - result=$(echo "PasswordAuthentication no" | sudo tee -a $sshd_config) - checkSuccess "Add new PasswordAuthentication line at the end of sshd_config" - - result=$(sudo systemctl restart sshd) - checkSuccess "Restart SSH service" - break - ;; - [Nn]*) - while true; do - isQuestion "Do you want to stop being asked to disable SSH Password logins? (y/n): " - read -rp "" sshdisablepasswordask - if [[ "$sshdisablepasswordask" =~ ^[yYnN]$ ]]; then - break - fi - isNotice "Please provide a valid input (y/n)." - done - if [[ "$sshdisablepasswordask" == [yY] ]]; then - updateConfigOption "CFG_REQUIREMENT_SSH_DISABLE_PASSWORDS" "false" - fi - break - ;; - *) - echo "Please enter 'y' or 'n'." - ;; - esac - done - fi - fi -} diff --git a/scripts/ssh/disable_passwords/update_ssh_html.sh b/scripts/ssh/disable_passwords/update_ssh_html.sh deleted file mode 100755 index e6b0ca6..0000000 --- a/scripts/ssh/disable_passwords/update_ssh_html.sh +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash - -updateSSHHTMLSSHKeyLinks() -{ - local index_file="index.html" - local private_path="${ssh_dir}private/" - - local root_user_key="${CFG_INSTALL_NAME}_sshkey_root" - local sudo_user_key="${CFG_INSTALL_NAME}_sshkey_${sudo_user_name}" - local install_user_key="${CFG_INSTALL_NAME}_sshkey_${CFG_DOCKER_INSTALL_USER}" - - if [ -f "$private_path$index_file" ]; then - # Reset all links to placeholders - result=$(sudo sed -i "s|User - Root's SSH Key||" $private_path$index_file) - checkSuccess "Resetting Root URL to empty." - - result=$(sudo sed -i "s|User - LibrePortal's SSH Key||" $private_path$index_file) - checkSuccess "Resetting LibrePortal URL to empty." - - result=$(sudo sed -i "s|User - Dockerinstall's SSH Key||" $private_path$index_file) - checkSuccess "Resetting Dockerinstall URL to empty." - - # Check and update links based on the presence of key files - if [ -f "$private_path$root_user_key" ]; then - result=$(sudo sed -i "s||Download Root's SSH Key|" $private_path$index_file) - checkSuccess "Root SSH Key found, updating the index.html for download link." - fi - - if [ -f "$private_path$sudo_user_key" ]; then - result=$(sudo sed -i "s||Download LibrePortal's SSH Key|" $private_path$index_file) - checkSuccess "LibrePortal SSH Key found, updating the index.html for download link." - fi - - if [ -f "$private_path$install_user_key" ]; then - result=$(sudo sed -i "s||Download Dockerinstall's SSH Key|" $private_path$index_file) - checkSuccess "Dockerinstall SSH Key found, updating the index.html for download link." - fi - fi -} diff --git a/scripts/ssh/keys/check_key_pair.sh b/scripts/ssh/keys/check_key_pair.sh deleted file mode 100755 index aef91c6..0000000 --- a/scripts/ssh/keys/check_key_pair.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash - -checkSSHSetupKeyPair() -{ - local username="$1" - - local private_key_file="${CFG_INSTALL_NAME}_sshkey_$username" - local private_key_path="${ssh_dir}private" - local private_key_full="$private_key_path/$private_key_file" - - local public_key_file="$private_key_file.pub" - local public_key_path="${ssh_dir}public" - local public_key_full="$public_key_path/$public_key_file" - - # Check if both private and public key files exist - if [ -f "$private_key_full" ] && [ -f "$public_key_full" ]; then - : - else - : - fi -} diff --git a/scripts/ssh/keys/generate_key_pair.sh b/scripts/ssh/keys/generate_key_pair.sh deleted file mode 100755 index a5d6d96..0000000 --- a/scripts/ssh/keys/generate_key_pair.sh +++ /dev/null @@ -1,89 +0,0 @@ -#!/bin/bash - -generateSSHKeyPair() -{ - local username="$1" - local private_key_path="$2" - local private_key_full="$3" - local public_key_full="$4" - local flag="$5" - - echo "" - isHeader "SSH Key Generation for $username" - - if [[ "$flag" == "reinstall" ]]; then - if [ -f "$private_key_full" ]; then - result=$(sudo rm $private_key_full) - checkSuccess "Deleted old private SSH key $(basename "$private_key_full")" - fi - if [ -f "$public_key_full" ]; then - result=$(sudo rm $public_key_full) - checkSuccess "Deleted old public SSH key $(basename "$public_key_full")" - fi - fi - - #if [[ "$username" == "root" ]]; then - #local ssh_passphrase=$CFG_SSHKEY_PASSPHRASE_ROOT - #elif [[ "$username" == "$sudo_user_name" ]]; then - #local ssh_passphrase=$CFG_SSHKEY_PASSPHRASE_ROOT - #elif [[ "$username" == "$CFG_DOCKER_INSTALL_USER" ]]; then - #local ssh_passphrase=$CFG_SSHKEY_PASSPHRASE_DOCKERINSTALL - #fi - - # Supply $CFG_DOCKER_INSTALL_USER password for sudo usage - #if [[ "$username" == "$CFG_DOCKER_INSTALL_USER" ]]; then - #result=$(echo -e "$CFG_DOCKER_INSTALL_PASS\n$ssh_passphrase\n$ssh_passphrase" | sudo -u $username ssh-keygen -t ed25519 -f "$ssh_dir/$(basename "$private_key_full")" -C "$CFG_EMAIL" -N "" && sudo -u $username cat "$ssh_dir/$(basename "$private_key_full").pub" | sudo -u $username tee -a "$ssh_dir/$(basename "$private_key_full")" > /dev/null) - #checkSuccess "New ED25519 key pair generated for $username" - #else - #result=$(echo -e "$ssh_passphrase\n$ssh_passphrase" | sudo -u $username sudo ssh-keygen -t ed25519 -f "$ssh_dir/$(basename "$private_key_full")" -C "$CFG_EMAIL" -N "" && sudo -u $username cat "$ssh_dir/$(basename "$private_key_full").pub" | sudo tee -a "$ssh_dir/$(basename "$private_key_full")" > /dev/null) - #checkSuccess "New ED25519 key pair generated for $username" - #fi - - # Simplified key generation without passwords - result=$(sudo -u "$username" ssh-keygen -t ed25519 \ - -f "$ssh_dir/$(basename "$private_key_full")" \ - -C "${CFG_INSTALL_NAME,,}@libreportal.local" \ - -N "" \ - && sudo -u "$username" cat "$ssh_dir/$(basename "$private_key_full").pub" \ - | sudo -u "$username" tee -a "$ssh_dir/$(basename "$private_key_full")" > /dev/null) - - checkSuccess "New ED25519 key pair generated for $username" - - if [ -f "$ssh_dir/$(basename $private_key_full)" ]; then - updateFileOwnership $ssh_dir/$(basename $private_key_full) $username $username - result=$(sudo mv "$ssh_dir/$(basename "$private_key_full")" "$private_key_full") - checkSuccess "Private key moved to $private_key_full" - fi - - if [ -f "$ssh_dir/$(basename $public_key_full)" ]; then - updateFileOwnership $ssh_dir/$(basename $public_key_full) $username $username - result=$(sudo mv "$ssh_dir/$(basename "$public_key_full")" "$public_key_full") - checkSuccess "Public key moved to $public_key_full" - fi - - result=$(createTouch "$ssh_dir/public/$(basename $private_key_full)" $username) - checkSuccess "Creating the passphrase txt to private folder." - - result=$(echo "$ssh_passphrase" | sudo tee -a "$ssh_dir/public/$(basename $private_key_full)" > /dev/null) - checkSuccess "Adding the ssh_passphrase to the $(basename "$private_key_full").txt file." - - result=$(sudo chmod 644 $ssh_dir/private/$(basename $private_key_full)) - checkSuccess "Updating permissions for $(basename $private_key_full)" - - setupSSHAuthorizedKeys $username $public_key_full; - - updateSSHHTMLSSHKeyLinks; - - # Select preexisting docker_type - if [ -f "$docker_dir/$db_file" ]; then - local ssh_new_key=$(sudo sqlite3 "$docker_dir/$db_file" 'SELECT content FROM options WHERE option = "ssh_new_key";') - # Insert into DB if something doesnt exist - if [[ $docker_type == "" ]]; then - databaseOptionInsert "ssh_new_key" "true"; - local ssh_new_key=$(sudo sqlite3 "$docker_dir/$db_file" 'SELECT content FROM options WHERE option = "ssh_new_key";') - fi - else - : - fi - -} diff --git a/scripts/ssh/keys/install_key_pair.sh b/scripts/ssh/keys/install_key_pair.sh deleted file mode 100755 index 57d7fff..0000000 --- a/scripts/ssh/keys/install_key_pair.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash - -installSSHKeysForDownload() -{ - local flag="$1" - - if [[ "$SSHKEY_SETUP_NEEDED" == "true" ]]; then - isHeader "SSH Key Install" - - # Fix permissions for SSH Directory - local result=$(sudo chmod 0775 "$ssh_dir" > /dev/null 2>&1) - checkSuccess "Updating $ssh_dir with 0775 permissions." - - local result=$(sudo chown $docker_install_user:$docker_install_user "$ssh_dir" > /dev/null 2>&1) - checkSuccess "Updating $ssh_dir with $docker_install_user ownership." - - # Check if SSH Keys are enabled - if [[ "$CFG_SSHKEY_ROOT_ENABLED" == "true" ]]; then - generateSSHSetupKeyPair "root" $flag - fi - if [[ "$CFG_SSHKEY_LIBREPORTAL_ENABLED" == "true" ]]; then - generateSSHSetupKeyPair "$sudo_user_name" $flag - fi - if [[ "$CFG_SSHKEY_DOCKERINSTALL_ENABLED" == "true" ]]; then - if [[ "$CFG_DOCKER_INSTALL_TYPE" == "rootless" ]]; then - generateSSHSetupKeyPair "$CFG_DOCKER_INSTALL_USER" $flag - fi - fi - fi -} diff --git a/scripts/ssh/keys/regenerate_key_pair.sh b/scripts/ssh/keys/regenerate_key_pair.sh deleted file mode 100755 index 1ad69b7..0000000 --- a/scripts/ssh/keys/regenerate_key_pair.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash - -regenerateSSHSetupKeyPair() -{ - local username="$1" - - while true; do - isQuestion "Are you sure you want to generate new SSH Key(s) for the $username user? (y/n): " - read -p "" key_regenerate_accept - case "$key_regenerate_accept" in - [Yy]*) - generateSSHKeyPair "$username" "$private_key_path" "$private_key_full" "$public_key_full" reinstall; - break - ;; - [Nn]*) - # No action needed - break - ;; - *) - echo "Please enter 'y' or 'n'." - ;; - esac - done -} diff --git a/scripts/ssh/keys/setup_auth_key.sh b/scripts/ssh/keys/setup_auth_key.sh deleted file mode 100755 index 250bb41..0000000 --- a/scripts/ssh/keys/setup_auth_key.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash - -setupSSHAuthorizedKeys() -{ - local username="$1" - local public_key_full="$2" - - if [[ "$username" == "root" ]]; then - local ssh_path="/root/.ssh" - else - local ssh_path="/home/$username/.ssh" - fi - - # Check if the directory exists; if not, create it - if [ ! -d "$ssh_path" ]; then - local result=$(createFolders "loud" $username $ssh_path) - checkSuccess "Creating $(basename "$private_key_path") folder" - result=$(sudo chmod 700 $ssh_path) - checkSuccess "Updating permissions for $ssh_path" - else - result=$(sudo chmod 700 $ssh_path) - checkSuccess "Updating permissions for $ssh_path" - fi - - if [ -f "${ssh_path}/authorized_keys" ]; then - result=$(sudo rm ${ssh_path}/authorized_keys) - checkSuccess "Deleted old authorized_keys file for user $username" - fi - - result=$(sudo cp "$public_key_full" "${ssh_path}/authorized_keys") - checkSuccess "Adding $(basename $public_key_full) to the Authorized_keys file for user $username" - - result=$(sudo chmod 600 ${ssh_path}/authorized_keys) - checkSuccess "Updating permissions for ${username}'s authorized_keys file." - - updateFileOwnership "${ssh_path}/authorized_keys" $username $username - - result=$(sudo systemctl reload ssh) - checkSuccess "Reloading SSH service" -} diff --git a/scripts/ssh/keys/setup_key_pair.sh b/scripts/ssh/keys/setup_key_pair.sh deleted file mode 100755 index eb4de47..0000000 --- a/scripts/ssh/keys/setup_key_pair.sh +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash - -generateSSHSetupKeyPair() -{ - local username="$1" - local flag="$2" - - local private_key_file="${CFG_INSTALL_NAME}_sshkey_$username" - local private_key_path="${ssh_dir}private" - local private_key_full="$private_key_path/$private_key_file" - - local public_key_file="$private_key_file.pub" - local public_key_path="${ssh_dir}public" - local public_key_full="$public_key_path/$public_key_file" - - # Check if the directory exists; if not, create it - if [ ! -d "$private_key_path" ]; then - local result=$(createFolders "loud" $docker_install_user $private_key_path) - checkSuccess "Creating $(basename "$private_key_path") folder" - fi - if [ ! -d "$public_key_path" ]; then - local result=$(createFolders "loud" $docker_install_user $public_key_path) - checkSuccess "Creating $(basename "$public_key_path") folder" - fi - - # Check if the private key does not exist - if [ ! -f "$private_key_full" ]; then - generateSSHKeyPair "$username" "$private_key_path" "$private_key_full" "$public_key_full" install; - fi - - # Check if the public key does not exist - if [ ! -f "$public_key_full" ]; then - generateSSHKeyPair "$username" "$private_key_path" "$private_key_full" "$public_key_full" install; - fi -} diff --git a/scripts/start/start_other.sh b/scripts/start/start_other.sh index 6b3ef6a..45f2c81 100755 --- a/scripts/start/start_other.sh +++ b/scripts/start/start_other.sh @@ -12,10 +12,6 @@ startOther() ### Tools ### ####################################################### - if [[ "$toolsetupsshkeys" == [yY] ]]; then - installSSHKeysForDownload tool; - fi - if [[ "$toolsresetgit" == [yY] ]]; then gitFolderResetAndBackup; fi diff --git a/scripts/start/start_preinstall.sh b/scripts/start/start_preinstall.sh index 13d8216..750085f 100755 --- a/scripts/start/start_preinstall.sh +++ b/scripts/start/start_preinstall.sh @@ -23,8 +23,6 @@ startPreInstall() installDockerRootlessUser; installDockerRootlessStartSetup; - installSSHKeysForDownload install; - # Rooted installDockerRooted; installDockerRootedCompose; @@ -63,7 +61,6 @@ startPreInstall() installRecommendedApps; installOptionalMetricsApps; - installDisableSSHPassword; if [[ "$initial_command2" == "terminal" ]]; then resetToMenu; diff --git a/scripts/webui/webui_update_ssh.sh b/scripts/webui/webui_update_ssh.sh deleted file mode 100755 index 878ac66..0000000 --- a/scripts/webui/webui_update_ssh.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/bash - -updateWebUISSHDetails() -{ - isNotice "Updating WebUI SSH configuration..." - - local made_updates=false - - # Update SSH_HOST from default to actual public IP - if [[ "$CFG_SSH_HOST" == "webui-remote-server.com" ]] || [[ -z "$CFG_SSH_HOST" ]]; then - updateConfigOption "CFG_SSH_HOST" "$public_ip_v4" - checkSuccess "Updated CFG_SSH_HOST to $public_ip_v4" - made_updates=true - fi - - # Update SSH_PORT from default to actual SSH port - if [[ "$CFG_SSH_PORT" == "22" ]] || [[ -z "$CFG_SSH_PORT" ]]; then - local SSH_CONFIG="/etc/ssh/sshd_config" - local ssh_port=$(grep "^Port" "$SSH_CONFIG" 2>/dev/null | awk '{print $2}' | head -n1) - local ssh_port=${ssh_port:-22} # Default to 22 if not found - - if [[ "$ssh_port" != "22" ]] && [[ -n "$ssh_port" ]]; then - updateConfigOption "CFG_SSH_PORT" "$ssh_port" - checkSuccess "Updated CFG_SSH_PORT to $ssh_port" - made_updates=true - fi - fi - - # Update SSH_USERNAME from default to actual sudo user - if [[ "$CFG_SSH_USERNAME" == "webui-your-username" ]] || [[ -z "$CFG_SSH_USERNAME" ]]; then - updateConfigOption "CFG_SSH_USERNAME" "$sudo_user_name" - checkSuccess "Updated CFG_SSH_USERNAME to $sudo_user_name" - made_updates=true - fi - - # Update SSH_PASSWORD from default to actual LibrePortal user password - if [[ "$CFG_SSH_PASSWORD" == "webui-your-password" ]] || [[ -z "$CFG_SSH_PASSWORD" ]]; then - updateConfigOption "CFG_SSH_PASSWORD" "$CFG_LIBREPORTAL_USER_PASS" - checkSuccess "Updated CFG_SSH_PASSWORD to $CFG_LIBREPORTAL_USER_PASS" - made_updates=true - fi - - if [[ "$made_updates" == "true" ]]; then - isSuccessful "WebUI SSH configuration updated successfully" - else - isNotice "WebUI SSH configuration already up to date" - fi -} \ No newline at end of file