Compare commits
2 Commits
4078468a97
...
0339398fc1
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
0339398fc1 | ||
|
|
2873a92b80 |
@ -14,7 +14,6 @@ checkRequirements()
|
||||
checkConfigRequirement;
|
||||
checkPasswordsRequirement;
|
||||
checkDatabaseRequirement;
|
||||
checkSSHKeysRequirement;
|
||||
checkDockerRequirement;
|
||||
checkDockerComposeRequirement;
|
||||
checkDockerRootlessRequirement;
|
||||
@ -26,12 +25,9 @@ checkRequirements()
|
||||
checkSwapfileRequirement;
|
||||
checkCrontabRequirement;
|
||||
checkWebUISystemdRequirement;
|
||||
checkSSHRemoteRequirement;
|
||||
checkSuggestInstallsRequirement;
|
||||
checkLibrePortalWebUIImageRequirement;
|
||||
checkLibrePortalWebUIAppRequirement;
|
||||
checkSSHDownloadRequirement;
|
||||
checkSSHPasswordRequirement;
|
||||
checkTraefikRequirement;
|
||||
checkDockerSwitcherRequirement;
|
||||
|
||||
|
||||
@ -1,25 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
checkSSHDownloadRequirement()
|
||||
{
|
||||
local sshdownload_status=$(dockerCheckAppInstalled "sshdownload" "docker")
|
||||
if [[ "$sshdownload_status" == "installed" ]]; then
|
||||
while true; do
|
||||
isHeader "SSH SECURITY WARNING"
|
||||
isNotice "The SSH Download download service is currently online."
|
||||
isNotice "This is potentially DANGEROUS as it's accessable via anyone on the VPN"
|
||||
isNotice "We highly recommend uninstalling this service after downloading the SSH keys"
|
||||
isNotice "If you need to access this again, you can install it via the system install option"
|
||||
echo ""
|
||||
isQuestion "Would like to destroy the SSH Download service for security purposes? (y/n): "
|
||||
read -p "" ssh_download_uninstall
|
||||
if [[ -n "$ssh_download_uninstall" ]]; then
|
||||
break
|
||||
fi
|
||||
isNotice "Please provide a valid input."
|
||||
done
|
||||
if [[ "$ssh_download_uninstall" == [yY] ]]; then
|
||||
dockerUninstallApp sshdownload;
|
||||
fi
|
||||
fi
|
||||
}
|
||||
@ -1,35 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
checkSSHKeysRequirement()
|
||||
{
|
||||
# SSH Keys
|
||||
if [[ $CFG_SSHKEY_ROOT_ENABLED == "true" ]]; then
|
||||
if checkSSHSetupKeyPair "root"; then
|
||||
isSuccessful "The SSH Key(s) for root appears to be setup."
|
||||
else
|
||||
isNotice "An SSH Key for root is not setup."
|
||||
SSHKEY_SETUP_NEEDED="true"
|
||||
((preinstallneeded++))
|
||||
fi
|
||||
fi
|
||||
if [[ $CFG_SSHKEY_LIBREPORTAL_ENABLED == "true" ]]; then
|
||||
if checkSSHSetupKeyPair "$sudo_user_name"; then
|
||||
isSuccessful "The SSH Key(s) for $sudo_user_name appears to be setup."
|
||||
else
|
||||
isNotice "An SSH Key for $sudo_user_name is not setup."
|
||||
SSHKEY_SETUP_NEEDED="true"
|
||||
((preinstallneeded++))
|
||||
fi
|
||||
fi
|
||||
if [[ $CFG_SSHKEY_DOCKERINSTALL_ENABLED == "true" ]]; then
|
||||
if [[ "$CFG_DOCKER_INSTALL_TYPE" == "rootless" ]]; then
|
||||
if checkSSHSetupKeyPair "$CFG_DOCKER_INSTALL_USER"; then
|
||||
isSuccessful "The SSH Key(s) for $CFG_DOCKER_INSTALL_USER appears to be setup."
|
||||
else
|
||||
isNotice "An SSH Key for $CFG_DOCKER_INSTALL_USER is not setup."
|
||||
SSHKEY_SETUP_NEEDED="true"
|
||||
((preinstallneeded++))
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
}
|
||||
@ -1,14 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
checkSSHPasswordRequirement()
|
||||
{
|
||||
if [[ $CFG_REQUIREMENT_SSH_DISABLE_PASSWORDS == "true" ]]; then
|
||||
if grep -q "PasswordAuthentication no" $sshd_config; then
|
||||
isSuccessful "SSH Password appears to be disabled."
|
||||
else
|
||||
isNotice "Password Authentication has not been disabled."
|
||||
SSHKEY_DISABLE_PASS_NEEDED="true"
|
||||
((preinstallneeded++))
|
||||
fi
|
||||
fi
|
||||
}
|
||||
@ -1,27 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
checkSSHRemoteRequirement()
|
||||
{
|
||||
if [[ $CFG_REQUIREMENT_SSHREMOTE == "true" ]]; then
|
||||
### Custom SSH Remote Install
|
||||
if [[ -n "$CFG_IPS_SSH_SETUP" ]]; then
|
||||
ip_found=0
|
||||
# Split the comma-separated IP addresses into an array
|
||||
IFS=',' read -ra ip_addresses <<< "$CFG_IPS_SSH_SETUP"
|
||||
# Loop through the IP addresses
|
||||
for ip in "${ip_addresses[@]}"; do
|
||||
ip_found=1
|
||||
done
|
||||
|
||||
if [ "$ip_found" -eq 0 ]; then
|
||||
isSuccessful "No Remote SSH Install IP has been found to setup"
|
||||
else
|
||||
isSuccessful "Remote SSH Install IP(s) have been found to setup"
|
||||
setupSSHRemoteKeys=true
|
||||
((preinstallneeded++))
|
||||
fi
|
||||
else
|
||||
isSuccessful "No hosts found in the configuration."
|
||||
fi
|
||||
fi
|
||||
}
|
||||
@ -1,9 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
databaseSSHInsert()
|
||||
{
|
||||
local app_name="$1"
|
||||
local table_name=ssh
|
||||
local result=$(sudo sqlite3 "$docker_dir/$db_file" "INSERT INTO $table_name (ip, date, time) VALUES ('$app_name', '$current_date', '$current_time');")
|
||||
checkSuccess "Adding $app_name to the $table_name table."
|
||||
}
|
||||
@ -1,17 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
databaseSSHKeysInsert()
|
||||
{
|
||||
local key_filename="$1"
|
||||
local key_file=$(basename "$key_filename")
|
||||
local table_name=ssh_keys
|
||||
local key_in_db=$(sudo sqlite3 "$docker_dir/$db_file" "SELECT COUNT(*) FROM $table_name WHERE name = '$key_file';")
|
||||
|
||||
if [ "$key_in_db" -eq 0 ]; then
|
||||
local result=$(sudo sqlite3 "$docker_dir/$db_file" "INSERT INTO $table_name (name, date, time) VALUES ('$key_file', '$current_date', '$current_time');")
|
||||
checkSuccess "Adding $key_file to the $table_name table."
|
||||
else
|
||||
local result=$(sudo sqlite3 "$docker_dir/$db_file" "UPDATE $table_name SET name = '$key_file', date = '$current_date', time = '$current_time' WHERE name = '$key_file';")
|
||||
checkSuccess "$key_file already added to the $table_name table. Updating date/time."
|
||||
fi
|
||||
}
|
||||
@ -7,16 +7,15 @@ toolsMenu()
|
||||
|
||||
while true; do
|
||||
isHeader "Tools Menu"
|
||||
isOption "1. Menu - SSH"
|
||||
isOption "2. Menu - Docker"
|
||||
isOption "3. Menu - Crontab"
|
||||
isOption "1. Menu - Docker"
|
||||
isOption "2. Menu - Crontab"
|
||||
# Only show Git reset option if not a local installation
|
||||
if [[ "$CFG_INSTALL_MODE" != "local" ]]; then
|
||||
isOption "4. Tool - Reset LibrePortal Git Folder"
|
||||
isOption "5. Tool - Force Pre-Installation"
|
||||
isOption "3. Tool - Reset LibrePortal Git Folder"
|
||||
isOption "4. Tool - Force Pre-Installation"
|
||||
isOption "x. Exit to Main Menu"
|
||||
else
|
||||
isOption "4. Tool - Force Pre-Installation"
|
||||
isOption "3. Tool - Force Pre-Installation"
|
||||
isOption "x. Exit to Main Menu"
|
||||
fi
|
||||
echo ""
|
||||
@ -25,15 +24,12 @@ toolsMenu()
|
||||
|
||||
case $tools_menu_choice in
|
||||
1)
|
||||
sshToolsMenu;
|
||||
;;
|
||||
2)
|
||||
dockerToolsMenu;
|
||||
;;
|
||||
3)
|
||||
2)
|
||||
crontabToolsMenu;
|
||||
;;
|
||||
4)
|
||||
3)
|
||||
# Handle different option numbers based on installation mode
|
||||
if [[ "$CFG_INSTALL_MODE" != "local" ]]; then
|
||||
toolsresetgit=y
|
||||
@ -43,13 +39,13 @@ toolsMenu()
|
||||
startOther;
|
||||
fi
|
||||
;;
|
||||
5)
|
||||
4)
|
||||
# Only show this option if not local installation
|
||||
if [[ "$CFG_INSTALL_MODE" != "local" ]]; then
|
||||
toolstartpreinstallation=y
|
||||
startOther;
|
||||
else
|
||||
# For local installation, option 5 doesn't exist
|
||||
# For local installation, option 4 doesn't exist
|
||||
isNotice "Invalid choice. Please select a valid option."
|
||||
fi
|
||||
;;
|
||||
|
||||
@ -1,38 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
sshToolsMenu()
|
||||
{
|
||||
# Enable input
|
||||
stty echo
|
||||
|
||||
while true; do
|
||||
isHeader "SSH Menu"
|
||||
isOption "1. Regenerate SSH Key - LibrePortal"
|
||||
isOption "2. Regenerate SSH Key - Dockerinstall"
|
||||
isOption "3. Setup SSH Keys for Download"
|
||||
isOption "x. Exit to Main Menu"
|
||||
echo ""
|
||||
isQuestion "What is your choice: "
|
||||
read -rp "" ssh_menu_choice
|
||||
|
||||
case $ssh_menu_choice in
|
||||
1)
|
||||
regenerateSSHSetupKeyPair "libreportal";
|
||||
;;
|
||||
2)
|
||||
regenerateSSHSetupKeyPair "dockerinstall";
|
||||
;;
|
||||
3)
|
||||
toolsetupsshkeys=y
|
||||
startOther;
|
||||
;;
|
||||
x)
|
||||
endStart;
|
||||
|
||||
;;
|
||||
*)
|
||||
isNotice "Invalid choice. Please select a valid option."
|
||||
;;
|
||||
esac
|
||||
done
|
||||
}
|
||||
@ -1,38 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
sshToolsMenu()
|
||||
{
|
||||
# Enable input
|
||||
stty echo
|
||||
|
||||
while true; do
|
||||
isHeader "SSH Menu"
|
||||
isOption "1. Regenerate SSH Key - LibrePortal"
|
||||
isOption "2. Regenerate SSH Key - Dockerinstall"
|
||||
isOption "3. Setup SSH Keys for Download"
|
||||
isOption "x. Exit to Main Menu"
|
||||
echo ""
|
||||
isQuestion "What is your choice: "
|
||||
read -rp "" ssh_menu_choice
|
||||
|
||||
case $ssh_menu_choice in
|
||||
1)
|
||||
regenerateSSHSetupKeyPair "libreportal";
|
||||
;;
|
||||
2)
|
||||
regenerateSSHSetupKeyPair "dockerinstall";
|
||||
;;
|
||||
3)
|
||||
toolsetupsshkeys=y
|
||||
startOther;
|
||||
;;
|
||||
x)
|
||||
endStart;
|
||||
|
||||
;;
|
||||
*)
|
||||
isNotice "Invalid choice. Please select a valid option."
|
||||
;;
|
||||
esac
|
||||
done
|
||||
}
|
||||
@ -23,7 +23,6 @@ files_libreportal_app=(
|
||||
"${restore_scripts[@]}"
|
||||
"${setup_scripts[@]}"
|
||||
"${source_scripts[@]}"
|
||||
"${ssh_scripts[@]}"
|
||||
"${ssl_scripts[@]}"
|
||||
"${start_scripts[@]}"
|
||||
"${swapfile_scripts[@]}"
|
||||
|
||||
@ -1,9 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# This file is auto-generated by generate_arrays.sh
|
||||
# Do not edit manually - run './scripts/source/files/generate_arrays.sh run' to regenerate
|
||||
|
||||
api_scripts=(
|
||||
"api/test_mail_connection.sh"
|
||||
|
||||
)
|
||||
@ -21,10 +21,6 @@ checks_scripts=(
|
||||
"checks/requirements/check_manager.sh"
|
||||
"checks/requirements/check_passwords.sh"
|
||||
"checks/requirements/check_root.sh"
|
||||
"checks/requirements/check_sshdownload.sh"
|
||||
"checks/requirements/check_sshkeys.sh"
|
||||
"checks/requirements/check_sshpassword.sh"
|
||||
"checks/requirements/check_sshremote.sh"
|
||||
"checks/requirements/check_sslcerts.sh"
|
||||
"checks/requirements/check_suggest_installs.sh"
|
||||
"checks/requirements/check_swapfile.sh"
|
||||
|
||||
@ -18,8 +18,6 @@ database_scripts=(
|
||||
"database/insert/db_insert_port_open.sh"
|
||||
"database/insert/db_insert_port_used.sh"
|
||||
"database/insert/db_insert_restore.sh"
|
||||
"database/insert/db_insert_ssh_keys.sh"
|
||||
"database/insert/db_insert_ssh.sh"
|
||||
"database/install_sqlite.sh"
|
||||
"database/tables/db_create_tables.sh"
|
||||
"database/tables/db_display_tables.sh"
|
||||
|
||||
@ -21,8 +21,6 @@ menu_scripts=(
|
||||
"menu/tools/manage_linkding.sh"
|
||||
"menu/tools/manage_main.sh"
|
||||
"menu/tools/manage_mattermost.sh"
|
||||
"menu/tools/manage_ssh.sh"
|
||||
"menu/tools/manage_tools.sh"
|
||||
"menu/tools/manage_wireguard.sh"
|
||||
|
||||
)
|
||||
|
||||
@ -4,7 +4,6 @@
|
||||
# Do not edit manually - run './scripts/source/files/generate_arrays.sh run' to regenerate
|
||||
|
||||
source_scripts=(
|
||||
"source/files/arrays/files_api.sh"
|
||||
"source/files/arrays/files_app.sh"
|
||||
"source/files/arrays/files_backup.sh"
|
||||
"source/files/arrays/files_checks.sh"
|
||||
@ -25,7 +24,6 @@ source_scripts=(
|
||||
"source/files/arrays/files_restore.sh"
|
||||
"source/files/arrays/files_setup.sh"
|
||||
"source/files/arrays/files_source.sh"
|
||||
"source/files/arrays/files_ssh.sh"
|
||||
"source/files/arrays/files_start.sh"
|
||||
"source/files/arrays/files_update.sh"
|
||||
"source/files/arrays/files_webui.sh"
|
||||
|
||||
@ -1,16 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# This file is auto-generated by generate_arrays.sh
|
||||
# Do not edit manually - run './scripts/source/files/generate_arrays.sh run' to regenerate
|
||||
|
||||
ssh_scripts=(
|
||||
"ssh/disable_passwords/disable_ssh_auth.sh"
|
||||
"ssh/disable_passwords/update_ssh_html.sh"
|
||||
"ssh/keys/check_key_pair.sh"
|
||||
"ssh/keys/generate_key_pair.sh"
|
||||
"ssh/keys/install_key_pair.sh"
|
||||
"ssh/keys/regenerate_key_pair.sh"
|
||||
"ssh/keys/setup_auth_key.sh"
|
||||
"ssh/keys/setup_key_pair.sh"
|
||||
|
||||
)
|
||||
@ -46,6 +46,5 @@ webui_scripts=(
|
||||
"webui/webui_install_image.sh"
|
||||
"webui/webui_install_systemd.sh"
|
||||
"webui/webui_updater.sh"
|
||||
"webui/webui_update_ssh.sh"
|
||||
|
||||
)
|
||||
|
||||
@ -23,7 +23,6 @@ files_libreportal_cli=(
|
||||
"${restore_scripts[@]}"
|
||||
"${setup_scripts[@]}"
|
||||
"${source_scripts[@]}"
|
||||
"${ssh_scripts[@]}"
|
||||
"${ssl_scripts[@]}"
|
||||
"${start_scripts[@]}"
|
||||
"${swapfile_scripts[@]}"
|
||||
|
||||
@ -49,6 +49,17 @@ isNotice "Scanning scripts/ for subfolder arrays..."
|
||||
# Create arrays directory if it doesn't exist
|
||||
mkdir -p "$ARRAYS_DIR"
|
||||
|
||||
# Prune arrays whose source folder no longer exists, so a removed area (e.g.
|
||||
# scripts/ssh/) doesn't linger in the sourced set as a stale files_*.sh.
|
||||
for existing in "$ARRAYS_DIR"/files_*.sh; do
|
||||
[ -f "$existing" ] || continue
|
||||
pruned_name=$(basename "$existing"); pruned_name=${pruned_name#files_}; pruned_name=${pruned_name%.sh}
|
||||
if [ ! -d "$SCRIPTS_DIR/$pruned_name" ]; then
|
||||
rm -f "$existing"
|
||||
isNotice "Pruned stale files_${pruned_name}.sh (no scripts/$pruned_name/)"
|
||||
fi
|
||||
done
|
||||
|
||||
# Get all directories in scripts folder
|
||||
for folder in "$SCRIPTS_DIR"/*; do
|
||||
if [ -d "$folder" ]; then
|
||||
|
||||
@ -1,49 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
installDisableSSHPassword()
|
||||
{
|
||||
if [[ $CFG_REQUIREMENT_SSH_DISABLE_PASSWORDS == "true" ]]; then
|
||||
# Check if already disabled
|
||||
if [[ $SSHKEY_DISABLE_PASS_NEEDED == "true" ]]; then
|
||||
while true; do
|
||||
isHeader "SSH Password Disabler"
|
||||
isQuestion "Do you want to disable SSH password logins? (y/n): "
|
||||
read -p "" disable_ssh_passwords
|
||||
case "$disable_ssh_passwords" in
|
||||
[Yy]*)
|
||||
local backup_file="$sshd_config_backup_$current_date-$current_time"
|
||||
result=$(sudo cp $sshd_config "$backup_file")
|
||||
checkSuccess "Backup sshd_config file"
|
||||
|
||||
result=$(sudo sed -i '/^PasswordAuthentication/d' $sshd_config)
|
||||
checkSuccess "Removing existing PasswordAuthentication lines"
|
||||
|
||||
result=$(echo "PasswordAuthentication no" | sudo tee -a $sshd_config)
|
||||
checkSuccess "Add new PasswordAuthentication line at the end of sshd_config"
|
||||
|
||||
result=$(sudo systemctl restart sshd)
|
||||
checkSuccess "Restart SSH service"
|
||||
break
|
||||
;;
|
||||
[Nn]*)
|
||||
while true; do
|
||||
isQuestion "Do you want to stop being asked to disable SSH Password logins? (y/n): "
|
||||
read -rp "" sshdisablepasswordask
|
||||
if [[ "$sshdisablepasswordask" =~ ^[yYnN]$ ]]; then
|
||||
break
|
||||
fi
|
||||
isNotice "Please provide a valid input (y/n)."
|
||||
done
|
||||
if [[ "$sshdisablepasswordask" == [yY] ]]; then
|
||||
updateConfigOption "CFG_REQUIREMENT_SSH_DISABLE_PASSWORDS" "false"
|
||||
fi
|
||||
break
|
||||
;;
|
||||
*)
|
||||
echo "Please enter 'y' or 'n'."
|
||||
;;
|
||||
esac
|
||||
done
|
||||
fi
|
||||
fi
|
||||
}
|
||||
@ -1,39 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
updateSSHHTMLSSHKeyLinks()
|
||||
{
|
||||
local index_file="index.html"
|
||||
local private_path="${ssh_dir}private/"
|
||||
|
||||
local root_user_key="${CFG_INSTALL_NAME}_sshkey_root"
|
||||
local sudo_user_key="${CFG_INSTALL_NAME}_sshkey_${sudo_user_name}"
|
||||
local install_user_key="${CFG_INSTALL_NAME}_sshkey_${CFG_DOCKER_INSTALL_USER}"
|
||||
|
||||
if [ -f "$private_path$index_file" ]; then
|
||||
# Reset all links to placeholders
|
||||
result=$(sudo sed -i "s|<a href=\"$root_user_key\">User - Root's SSH Key</a>|<!--LINK1-->|" $private_path$index_file)
|
||||
checkSuccess "Resetting Root URL to empty."
|
||||
|
||||
result=$(sudo sed -i "s|<a href=\"$sudo_user_key\">User - LibrePortal's SSH Key</a>|<!--LINK2-->|" $private_path$index_file)
|
||||
checkSuccess "Resetting LibrePortal URL to empty."
|
||||
|
||||
result=$(sudo sed -i "s|<a href=\"$install_user_key\">User - Dockerinstall's SSH Key</a>|<!--LINK3-->|" $private_path$index_file)
|
||||
checkSuccess "Resetting Dockerinstall URL to empty."
|
||||
|
||||
# Check and update links based on the presence of key files
|
||||
if [ -f "$private_path$root_user_key" ]; then
|
||||
result=$(sudo sed -i "s|<!--LINK1-->|<a href=\"$root_user_key\" download>Download Root's SSH Key</a>|" $private_path$index_file)
|
||||
checkSuccess "Root SSH Key found, updating the index.html for download link."
|
||||
fi
|
||||
|
||||
if [ -f "$private_path$sudo_user_key" ]; then
|
||||
result=$(sudo sed -i "s|<!--LINK2-->|<a href=\"$sudo_user_key\" download>Download LibrePortal's SSH Key</a>|" $private_path$index_file)
|
||||
checkSuccess "LibrePortal SSH Key found, updating the index.html for download link."
|
||||
fi
|
||||
|
||||
if [ -f "$private_path$install_user_key" ]; then
|
||||
result=$(sudo sed -i "s|<!--LINK3-->|<a href=\"$install_user_key\" download>Download Dockerinstall's SSH Key</a>|" $private_path$index_file)
|
||||
checkSuccess "Dockerinstall SSH Key found, updating the index.html for download link."
|
||||
fi
|
||||
fi
|
||||
}
|
||||
@ -1,21 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
checkSSHSetupKeyPair()
|
||||
{
|
||||
local username="$1"
|
||||
|
||||
local private_key_file="${CFG_INSTALL_NAME}_sshkey_$username"
|
||||
local private_key_path="${ssh_dir}private"
|
||||
local private_key_full="$private_key_path/$private_key_file"
|
||||
|
||||
local public_key_file="$private_key_file.pub"
|
||||
local public_key_path="${ssh_dir}public"
|
||||
local public_key_full="$public_key_path/$public_key_file"
|
||||
|
||||
# Check if both private and public key files exist
|
||||
if [ -f "$private_key_full" ] && [ -f "$public_key_full" ]; then
|
||||
:
|
||||
else
|
||||
:
|
||||
fi
|
||||
}
|
||||
@ -1,89 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
generateSSHKeyPair()
|
||||
{
|
||||
local username="$1"
|
||||
local private_key_path="$2"
|
||||
local private_key_full="$3"
|
||||
local public_key_full="$4"
|
||||
local flag="$5"
|
||||
|
||||
echo ""
|
||||
isHeader "SSH Key Generation for $username"
|
||||
|
||||
if [[ "$flag" == "reinstall" ]]; then
|
||||
if [ -f "$private_key_full" ]; then
|
||||
result=$(sudo rm $private_key_full)
|
||||
checkSuccess "Deleted old private SSH key $(basename "$private_key_full")"
|
||||
fi
|
||||
if [ -f "$public_key_full" ]; then
|
||||
result=$(sudo rm $public_key_full)
|
||||
checkSuccess "Deleted old public SSH key $(basename "$public_key_full")"
|
||||
fi
|
||||
fi
|
||||
|
||||
#if [[ "$username" == "root" ]]; then
|
||||
#local ssh_passphrase=$CFG_SSHKEY_PASSPHRASE_ROOT
|
||||
#elif [[ "$username" == "$sudo_user_name" ]]; then
|
||||
#local ssh_passphrase=$CFG_SSHKEY_PASSPHRASE_ROOT
|
||||
#elif [[ "$username" == "$CFG_DOCKER_INSTALL_USER" ]]; then
|
||||
#local ssh_passphrase=$CFG_SSHKEY_PASSPHRASE_DOCKERINSTALL
|
||||
#fi
|
||||
|
||||
# Supply $CFG_DOCKER_INSTALL_USER password for sudo usage
|
||||
#if [[ "$username" == "$CFG_DOCKER_INSTALL_USER" ]]; then
|
||||
#result=$(echo -e "$CFG_DOCKER_INSTALL_PASS\n$ssh_passphrase\n$ssh_passphrase" | sudo -u $username ssh-keygen -t ed25519 -f "$ssh_dir/$(basename "$private_key_full")" -C "$CFG_EMAIL" -N "" && sudo -u $username cat "$ssh_dir/$(basename "$private_key_full").pub" | sudo -u $username tee -a "$ssh_dir/$(basename "$private_key_full")" > /dev/null)
|
||||
#checkSuccess "New ED25519 key pair generated for $username"
|
||||
#else
|
||||
#result=$(echo -e "$ssh_passphrase\n$ssh_passphrase" | sudo -u $username sudo ssh-keygen -t ed25519 -f "$ssh_dir/$(basename "$private_key_full")" -C "$CFG_EMAIL" -N "" && sudo -u $username cat "$ssh_dir/$(basename "$private_key_full").pub" | sudo tee -a "$ssh_dir/$(basename "$private_key_full")" > /dev/null)
|
||||
#checkSuccess "New ED25519 key pair generated for $username"
|
||||
#fi
|
||||
|
||||
# Simplified key generation without passwords
|
||||
result=$(sudo -u "$username" ssh-keygen -t ed25519 \
|
||||
-f "$ssh_dir/$(basename "$private_key_full")" \
|
||||
-C "${CFG_INSTALL_NAME,,}@libreportal.local" \
|
||||
-N "" \
|
||||
&& sudo -u "$username" cat "$ssh_dir/$(basename "$private_key_full").pub" \
|
||||
| sudo -u "$username" tee -a "$ssh_dir/$(basename "$private_key_full")" > /dev/null)
|
||||
|
||||
checkSuccess "New ED25519 key pair generated for $username"
|
||||
|
||||
if [ -f "$ssh_dir/$(basename $private_key_full)" ]; then
|
||||
updateFileOwnership $ssh_dir/$(basename $private_key_full) $username $username
|
||||
result=$(sudo mv "$ssh_dir/$(basename "$private_key_full")" "$private_key_full")
|
||||
checkSuccess "Private key moved to $private_key_full"
|
||||
fi
|
||||
|
||||
if [ -f "$ssh_dir/$(basename $public_key_full)" ]; then
|
||||
updateFileOwnership $ssh_dir/$(basename $public_key_full) $username $username
|
||||
result=$(sudo mv "$ssh_dir/$(basename "$public_key_full")" "$public_key_full")
|
||||
checkSuccess "Public key moved to $public_key_full"
|
||||
fi
|
||||
|
||||
result=$(createTouch "$ssh_dir/public/$(basename $private_key_full)" $username)
|
||||
checkSuccess "Creating the passphrase txt to private folder."
|
||||
|
||||
result=$(echo "$ssh_passphrase" | sudo tee -a "$ssh_dir/public/$(basename $private_key_full)" > /dev/null)
|
||||
checkSuccess "Adding the ssh_passphrase to the $(basename "$private_key_full").txt file."
|
||||
|
||||
result=$(sudo chmod 644 $ssh_dir/private/$(basename $private_key_full))
|
||||
checkSuccess "Updating permissions for $(basename $private_key_full)"
|
||||
|
||||
setupSSHAuthorizedKeys $username $public_key_full;
|
||||
|
||||
updateSSHHTMLSSHKeyLinks;
|
||||
|
||||
# Select preexisting docker_type
|
||||
if [ -f "$docker_dir/$db_file" ]; then
|
||||
local ssh_new_key=$(sudo sqlite3 "$docker_dir/$db_file" 'SELECT content FROM options WHERE option = "ssh_new_key";')
|
||||
# Insert into DB if something doesnt exist
|
||||
if [[ $docker_type == "" ]]; then
|
||||
databaseOptionInsert "ssh_new_key" "true";
|
||||
local ssh_new_key=$(sudo sqlite3 "$docker_dir/$db_file" 'SELECT content FROM options WHERE option = "ssh_new_key";')
|
||||
fi
|
||||
else
|
||||
:
|
||||
fi
|
||||
|
||||
}
|
||||
@ -1,30 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
installSSHKeysForDownload()
|
||||
{
|
||||
local flag="$1"
|
||||
|
||||
if [[ "$SSHKEY_SETUP_NEEDED" == "true" ]]; then
|
||||
isHeader "SSH Key Install"
|
||||
|
||||
# Fix permissions for SSH Directory
|
||||
local result=$(sudo chmod 0775 "$ssh_dir" > /dev/null 2>&1)
|
||||
checkSuccess "Updating $ssh_dir with 0775 permissions."
|
||||
|
||||
local result=$(sudo chown $docker_install_user:$docker_install_user "$ssh_dir" > /dev/null 2>&1)
|
||||
checkSuccess "Updating $ssh_dir with $docker_install_user ownership."
|
||||
|
||||
# Check if SSH Keys are enabled
|
||||
if [[ "$CFG_SSHKEY_ROOT_ENABLED" == "true" ]]; then
|
||||
generateSSHSetupKeyPair "root" $flag
|
||||
fi
|
||||
if [[ "$CFG_SSHKEY_LIBREPORTAL_ENABLED" == "true" ]]; then
|
||||
generateSSHSetupKeyPair "$sudo_user_name" $flag
|
||||
fi
|
||||
if [[ "$CFG_SSHKEY_DOCKERINSTALL_ENABLED" == "true" ]]; then
|
||||
if [[ "$CFG_DOCKER_INSTALL_TYPE" == "rootless" ]]; then
|
||||
generateSSHSetupKeyPair "$CFG_DOCKER_INSTALL_USER" $flag
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
}
|
||||
@ -1,24 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
regenerateSSHSetupKeyPair()
|
||||
{
|
||||
local username="$1"
|
||||
|
||||
while true; do
|
||||
isQuestion "Are you sure you want to generate new SSH Key(s) for the $username user? (y/n): "
|
||||
read -p "" key_regenerate_accept
|
||||
case "$key_regenerate_accept" in
|
||||
[Yy]*)
|
||||
generateSSHKeyPair "$username" "$private_key_path" "$private_key_full" "$public_key_full" reinstall;
|
||||
break
|
||||
;;
|
||||
[Nn]*)
|
||||
# No action needed
|
||||
break
|
||||
;;
|
||||
*)
|
||||
echo "Please enter 'y' or 'n'."
|
||||
;;
|
||||
esac
|
||||
done
|
||||
}
|
||||
@ -1,40 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
setupSSHAuthorizedKeys()
|
||||
{
|
||||
local username="$1"
|
||||
local public_key_full="$2"
|
||||
|
||||
if [[ "$username" == "root" ]]; then
|
||||
local ssh_path="/root/.ssh"
|
||||
else
|
||||
local ssh_path="/home/$username/.ssh"
|
||||
fi
|
||||
|
||||
# Check if the directory exists; if not, create it
|
||||
if [ ! -d "$ssh_path" ]; then
|
||||
local result=$(createFolders "loud" $username $ssh_path)
|
||||
checkSuccess "Creating $(basename "$private_key_path") folder"
|
||||
result=$(sudo chmod 700 $ssh_path)
|
||||
checkSuccess "Updating permissions for $ssh_path"
|
||||
else
|
||||
result=$(sudo chmod 700 $ssh_path)
|
||||
checkSuccess "Updating permissions for $ssh_path"
|
||||
fi
|
||||
|
||||
if [ -f "${ssh_path}/authorized_keys" ]; then
|
||||
result=$(sudo rm ${ssh_path}/authorized_keys)
|
||||
checkSuccess "Deleted old authorized_keys file for user $username"
|
||||
fi
|
||||
|
||||
result=$(sudo cp "$public_key_full" "${ssh_path}/authorized_keys")
|
||||
checkSuccess "Adding $(basename $public_key_full) to the Authorized_keys file for user $username"
|
||||
|
||||
result=$(sudo chmod 600 ${ssh_path}/authorized_keys)
|
||||
checkSuccess "Updating permissions for ${username}'s authorized_keys file."
|
||||
|
||||
updateFileOwnership "${ssh_path}/authorized_keys" $username $username
|
||||
|
||||
result=$(sudo systemctl reload ssh)
|
||||
checkSuccess "Reloading SSH service"
|
||||
}
|
||||
@ -1,35 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
generateSSHSetupKeyPair()
|
||||
{
|
||||
local username="$1"
|
||||
local flag="$2"
|
||||
|
||||
local private_key_file="${CFG_INSTALL_NAME}_sshkey_$username"
|
||||
local private_key_path="${ssh_dir}private"
|
||||
local private_key_full="$private_key_path/$private_key_file"
|
||||
|
||||
local public_key_file="$private_key_file.pub"
|
||||
local public_key_path="${ssh_dir}public"
|
||||
local public_key_full="$public_key_path/$public_key_file"
|
||||
|
||||
# Check if the directory exists; if not, create it
|
||||
if [ ! -d "$private_key_path" ]; then
|
||||
local result=$(createFolders "loud" $docker_install_user $private_key_path)
|
||||
checkSuccess "Creating $(basename "$private_key_path") folder"
|
||||
fi
|
||||
if [ ! -d "$public_key_path" ]; then
|
||||
local result=$(createFolders "loud" $docker_install_user $public_key_path)
|
||||
checkSuccess "Creating $(basename "$public_key_path") folder"
|
||||
fi
|
||||
|
||||
# Check if the private key does not exist
|
||||
if [ ! -f "$private_key_full" ]; then
|
||||
generateSSHKeyPair "$username" "$private_key_path" "$private_key_full" "$public_key_full" install;
|
||||
fi
|
||||
|
||||
# Check if the public key does not exist
|
||||
if [ ! -f "$public_key_full" ]; then
|
||||
generateSSHKeyPair "$username" "$private_key_path" "$private_key_full" "$public_key_full" install;
|
||||
fi
|
||||
}
|
||||
@ -12,10 +12,6 @@ startOther()
|
||||
### Tools ###
|
||||
#######################################################
|
||||
|
||||
if [[ "$toolsetupsshkeys" == [yY] ]]; then
|
||||
installSSHKeysForDownload tool;
|
||||
fi
|
||||
|
||||
if [[ "$toolsresetgit" == [yY] ]]; then
|
||||
gitFolderResetAndBackup;
|
||||
fi
|
||||
|
||||
@ -23,8 +23,6 @@ startPreInstall()
|
||||
installDockerRootlessUser;
|
||||
installDockerRootlessStartSetup;
|
||||
|
||||
installSSHKeysForDownload install;
|
||||
|
||||
# Rooted
|
||||
installDockerRooted;
|
||||
installDockerRootedCompose;
|
||||
@ -63,7 +61,6 @@ startPreInstall()
|
||||
|
||||
installRecommendedApps;
|
||||
installOptionalMetricsApps;
|
||||
installDisableSSHPassword;
|
||||
|
||||
if [[ "$initial_command2" == "terminal" ]]; then
|
||||
resetToMenu;
|
||||
|
||||
@ -1,48 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
updateWebUISSHDetails()
|
||||
{
|
||||
isNotice "Updating WebUI SSH configuration..."
|
||||
|
||||
local made_updates=false
|
||||
|
||||
# Update SSH_HOST from default to actual public IP
|
||||
if [[ "$CFG_SSH_HOST" == "webui-remote-server.com" ]] || [[ -z "$CFG_SSH_HOST" ]]; then
|
||||
updateConfigOption "CFG_SSH_HOST" "$public_ip_v4"
|
||||
checkSuccess "Updated CFG_SSH_HOST to $public_ip_v4"
|
||||
made_updates=true
|
||||
fi
|
||||
|
||||
# Update SSH_PORT from default to actual SSH port
|
||||
if [[ "$CFG_SSH_PORT" == "22" ]] || [[ -z "$CFG_SSH_PORT" ]]; then
|
||||
local SSH_CONFIG="/etc/ssh/sshd_config"
|
||||
local ssh_port=$(grep "^Port" "$SSH_CONFIG" 2>/dev/null | awk '{print $2}' | head -n1)
|
||||
local ssh_port=${ssh_port:-22} # Default to 22 if not found
|
||||
|
||||
if [[ "$ssh_port" != "22" ]] && [[ -n "$ssh_port" ]]; then
|
||||
updateConfigOption "CFG_SSH_PORT" "$ssh_port"
|
||||
checkSuccess "Updated CFG_SSH_PORT to $ssh_port"
|
||||
made_updates=true
|
||||
fi
|
||||
fi
|
||||
|
||||
# Update SSH_USERNAME from default to actual sudo user
|
||||
if [[ "$CFG_SSH_USERNAME" == "webui-your-username" ]] || [[ -z "$CFG_SSH_USERNAME" ]]; then
|
||||
updateConfigOption "CFG_SSH_USERNAME" "$sudo_user_name"
|
||||
checkSuccess "Updated CFG_SSH_USERNAME to $sudo_user_name"
|
||||
made_updates=true
|
||||
fi
|
||||
|
||||
# Update SSH_PASSWORD from default to actual LibrePortal user password
|
||||
if [[ "$CFG_SSH_PASSWORD" == "webui-your-password" ]] || [[ -z "$CFG_SSH_PASSWORD" ]]; then
|
||||
updateConfigOption "CFG_SSH_PASSWORD" "$CFG_LIBREPORTAL_USER_PASS"
|
||||
checkSuccess "Updated CFG_SSH_PASSWORD to $CFG_LIBREPORTAL_USER_PASS"
|
||||
made_updates=true
|
||||
fi
|
||||
|
||||
if [[ "$made_updates" == "true" ]]; then
|
||||
isSuccessful "WebUI SSH configuration updated successfully"
|
||||
else
|
||||
isNotice "WebUI SSH configuration already up to date"
|
||||
fi
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user