|
@@ -88,40 +88,40 @@ export DEBIAN_FRONTEND=noninteractive
|
88
|
88
|
# File which keeps track of what has already been installed
|
89
|
89
|
COMPLETION_FILE=/root/freedombone-completed.txt
|
90
|
90
|
if [ ! -f $COMPLETION_FILE ]; then
|
91
|
|
- touch $COMPLETION_FILE
|
|
91
|
+ touch $COMPLETION_FILE
|
92
|
92
|
fi
|
93
|
93
|
|
94
|
94
|
function argument_checks {
|
95
|
95
|
SYNTAX='./install-freedombone.sh [domain] [username] [subdomain code]'
|
96
|
96
|
if [ ! -d /home/$MY_USERNAME ]; then
|
97
|
|
- echo "There is no user '$MY_USERNAME' on the system. Use 'adduser $MY_USERNAME' to create the user."
|
98
|
|
- exit 1
|
|
97
|
+ echo "There is no user '$MY_USERNAME' on the system. Use 'adduser $MY_USERNAME' to create the user."
|
|
98
|
+ exit 1
|
99
|
99
|
fi
|
100
|
100
|
if [ ! $DOMAIN_NAME ]; then
|
101
|
101
|
echo ''
|
102
|
|
- echo $SYNTAX
|
103
|
|
- echo 'Please specify your domain name'
|
104
|
|
- exit 2
|
|
102
|
+ echo $SYNTAX
|
|
103
|
+ echo 'Please specify your domain name'
|
|
104
|
+ exit 2
|
105
|
105
|
fi
|
106
|
106
|
if [ ! $MY_USERNAME ]; then
|
107
|
107
|
echo ''
|
108
|
|
- echo $SYNTAX
|
109
|
|
- echo 'Please specify your username'
|
110
|
|
- exit 3
|
|
108
|
+ echo $SYNTAX
|
|
109
|
+ echo 'Please specify your username'
|
|
110
|
+ exit 3
|
111
|
111
|
fi
|
112
|
112
|
if [ ! $FREEDNS_SUBDOMAIN_CODE ]; then
|
113
|
113
|
echo ''
|
114
|
|
- echo $SYNTAX
|
|
114
|
+ echo $SYNTAX
|
115
|
115
|
echo 'Please specify the freedns subdomain code. To find it from '
|
116
|
116
|
echo "https://freedns.afraid.org select 'Dynamic DNS', then 'quick "
|
117
|
117
|
echo "cron example' and copy the code located between '?' and '=='."
|
118
|
|
- exit 4
|
|
118
|
+ exit 4
|
119
|
119
|
fi
|
120
|
120
|
}
|
121
|
121
|
|
122
|
122
|
function change_login_message {
|
123
|
123
|
if grep -Fxq "change_login_message" $COMPLETION_FILE; then
|
124
|
|
- return
|
|
124
|
+ return
|
125
|
125
|
fi
|
126
|
126
|
echo '' > /etc/motd
|
127
|
127
|
echo ".---. . . " >> /etc/motd
|
|
@@ -137,7 +137,7 @@ function change_login_message {
|
137
|
137
|
|
138
|
138
|
function remove_proprietary_repos {
|
139
|
139
|
if grep -Fxq "remove_proprietary_repos" $COMPLETION_FILE; then
|
140
|
|
- return
|
|
140
|
+ return
|
141
|
141
|
fi
|
142
|
142
|
sed -i 's/ non-free//g' /etc/apt/sources.list
|
143
|
143
|
echo 'remove_proprietary_repos' >> $COMPLETION_FILE
|
|
@@ -145,7 +145,7 @@ function remove_proprietary_repos {
|
145
|
145
|
|
146
|
146
|
function change_debian_repos {
|
147
|
147
|
if grep -Fxq "change_debian_repos" $COMPLETION_FILE; then
|
148
|
|
- return
|
|
148
|
+ return
|
149
|
149
|
fi
|
150
|
150
|
rm -rf /var/lib/apt/lists/*
|
151
|
151
|
apt-get clean
|
|
@@ -156,12 +156,12 @@ function change_debian_repos {
|
156
|
156
|
if grep -q "jessie" /etc/apt/sources.list; then
|
157
|
157
|
echo "deb http://security.debian.org/ jessie/updates main contrib" >> /etc/apt/sources.list
|
158
|
158
|
echo "#deb-src http://security.debian.org/ jessie/updates main contrib" >> /etc/apt/sources.list
|
159
|
|
- else
|
|
159
|
+ else
|
160
|
160
|
if grep -q "wheezy" /etc/apt/sources.list; then
|
161
|
161
|
echo "deb http://security.debian.org/ wheezy/updates main contrib" >> /etc/apt/sources.list
|
162
|
162
|
echo "#deb-src http://security.debian.org/ wheezy/updates main contrib" >> /etc/apt/sources.list
|
163
|
|
- fi
|
164
|
|
- fi
|
|
163
|
+ fi
|
|
164
|
+ fi
|
165
|
165
|
fi
|
166
|
166
|
|
167
|
167
|
apt-get update
|
|
@@ -171,7 +171,7 @@ function change_debian_repos {
|
171
|
171
|
|
172
|
172
|
function initial_setup {
|
173
|
173
|
if grep -Fxq "initial_setup" $COMPLETION_FILE; then
|
174
|
|
- return
|
|
174
|
+ return
|
175
|
175
|
fi
|
176
|
176
|
apt-get -y remove --purge apache*
|
177
|
177
|
apt-get -y dist-upgrade
|
|
@@ -181,7 +181,7 @@ function initial_setup {
|
181
|
181
|
|
182
|
182
|
function install_editor {
|
183
|
183
|
if grep -Fxq "install_editor" $COMPLETION_FILE; then
|
184
|
|
- return
|
|
184
|
+ return
|
185
|
185
|
fi
|
186
|
186
|
update-alternatives --set editor /usr/bin/emacs24
|
187
|
187
|
echo 'install_editor' >> $COMPLETION_FILE
|
|
@@ -189,7 +189,7 @@ function install_editor {
|
189
|
189
|
|
190
|
190
|
function enable_backports {
|
191
|
191
|
if grep -Fxq "enable_backports" $COMPLETION_FILE; then
|
192
|
|
- return
|
|
192
|
+ return
|
193
|
193
|
fi
|
194
|
194
|
if ! grep -Fxq "deb http://$DEBIAN_REPO/debian jessie-backports main" /etc/apt/sources.list; then
|
195
|
195
|
echo "deb http://$DEBIAN_REPO/debian jessie-backports main" >> /etc/apt/sources.list
|
|
@@ -199,7 +199,7 @@ function enable_backports {
|
199
|
199
|
|
200
|
200
|
function update_the_kernel {
|
201
|
201
|
if grep -Fxq "update_the_kernel" $COMPLETION_FILE; then
|
202
|
|
- return
|
|
202
|
+ return
|
203
|
203
|
fi
|
204
|
204
|
cd /opt/scripts/tools
|
205
|
205
|
./update_kernel.sh --kernel $KERNEL_VERSION
|
|
@@ -208,7 +208,7 @@ function update_the_kernel {
|
208
|
208
|
|
209
|
209
|
function enable_zram {
|
210
|
210
|
if grep -Fxq "enable_zram" $COMPLETION_FILE; then
|
211
|
|
- return
|
|
211
|
+ return
|
212
|
212
|
fi
|
213
|
213
|
if ! grep -q "options zram num_devices=1" /etc/modprobe.d/zram.conf; then
|
214
|
214
|
echo 'options zram num_devices=1' >> /etc/modprobe.d/zram.conf
|
|
@@ -287,20 +287,20 @@ function enable_zram {
|
287
|
287
|
|
288
|
288
|
function random_number_generator {
|
289
|
289
|
if grep -Fxq "random_number_generator" $COMPLETION_FILE; then
|
290
|
|
- return
|
|
290
|
+ return
|
291
|
291
|
fi
|
292
|
292
|
if [ $USE_HWRNG == "yes" ]; then
|
293
|
293
|
apt-get -y --force-yes install rng-tools
|
294
|
294
|
sed -i 's|#HRNGDEVICE=/dev/hwrng|HRNGDEVICE=/dev/hwrng|g' /etc/default/rng-tools
|
295
|
295
|
else
|
296
|
|
- apt-get -y --force-yes install haveged
|
|
296
|
+ apt-get -y --force-yes install haveged
|
297
|
297
|
fi
|
298
|
298
|
echo 'random_number_generator' >> $COMPLETION_FILE
|
299
|
299
|
}
|
300
|
300
|
|
301
|
301
|
function configure_ssh {
|
302
|
302
|
if grep -Fxq "configure_ssh" $COMPLETION_FILE; then
|
303
|
|
- return
|
|
303
|
+ return
|
304
|
304
|
fi
|
305
|
305
|
sed -i "s/Port 22/Port $SSH_PORT/g" /etc/ssh/sshd_config
|
306
|
306
|
sed -i 's/PermitRootLogin without-password/PermitRootLogin no/g' /etc/ssh/sshd_config
|
|
@@ -327,7 +327,7 @@ function configure_ssh {
|
327
|
327
|
|
328
|
328
|
function regenerate_ssh_keys {
|
329
|
329
|
if grep -Fxq "regenerate_ssh_keys" $COMPLETION_FILE; then
|
330
|
|
- return
|
|
330
|
+ return
|
331
|
331
|
fi
|
332
|
332
|
rm -f /etc/ssh/ssh_host_*
|
333
|
333
|
dpkg-reconfigure openssh-server
|
|
@@ -337,7 +337,7 @@ function regenerate_ssh_keys {
|
337
|
337
|
|
338
|
338
|
function configure_dns {
|
339
|
339
|
if grep -Fxq "configure_dns" $COMPLETION_FILE; then
|
340
|
|
- return
|
|
340
|
+ return
|
341
|
341
|
fi
|
342
|
342
|
echo 'domain localdomain' > /etc/resolv.conf
|
343
|
343
|
echo 'search localdomain' >> /etc/resolv.conf
|
|
@@ -348,7 +348,7 @@ function configure_dns {
|
348
|
348
|
|
349
|
349
|
function set_your_domain_name {
|
350
|
350
|
if grep -Fxq "set_your_domain_name" $COMPLETION_FILE; then
|
351
|
|
- return
|
|
351
|
+ return
|
352
|
352
|
fi
|
353
|
353
|
echo "$DOMAIN_NAME" > /etc/hostname
|
354
|
354
|
hostname $DOMAIN_NAME
|
|
@@ -359,7 +359,7 @@ function set_your_domain_name {
|
359
|
359
|
|
360
|
360
|
function time_synchronisation {
|
361
|
361
|
if grep -Fxq "time_synchronisation" $COMPLETION_FILE; then
|
362
|
|
- return
|
|
362
|
+ return
|
363
|
363
|
fi
|
364
|
364
|
apt-get -y --force-yes install tlsdate
|
365
|
365
|
apt-get -y remove ntpdate
|
|
@@ -474,7 +474,7 @@ function time_synchronisation {
|
474
|
474
|
|
475
|
475
|
function configure_firewall {
|
476
|
476
|
if grep -Fxq "configure_firewall" $COMPLETION_FILE; then
|
477
|
|
- return
|
|
477
|
+ return
|
478
|
478
|
fi
|
479
|
479
|
iptables -P INPUT ACCEPT
|
480
|
480
|
ip6tables -P INPUT ACCEPT
|
|
@@ -500,7 +500,7 @@ function save_firewall_settings {
|
500
|
500
|
|
501
|
501
|
function configure_firewall_for_dns {
|
502
|
502
|
if grep -Fxq "configure_firewall_for_dns" $COMPLETION_FILE; then
|
503
|
|
- return
|
|
503
|
+ return
|
504
|
504
|
fi
|
505
|
505
|
iptables -A INPUT -i eth0 -p udp -m udp --dport 1024:65535 --sport 53 -j ACCEPT
|
506
|
506
|
save_firewall_settings
|
|
@@ -509,7 +509,7 @@ function configure_firewall_for_dns {
|
509
|
509
|
|
510
|
510
|
function configure_firewall_for_ftp {
|
511
|
511
|
if grep -Fxq "configure_firewall_for_ftp" $COMPLETION_FILE; then
|
512
|
|
- return
|
|
512
|
+ return
|
513
|
513
|
fi
|
514
|
514
|
iptables -I INPUT -i eth0 -p tcp --dport 1024:65535 --sport 20:21 -j ACCEPT
|
515
|
515
|
save_firewall_settings
|
|
@@ -518,7 +518,7 @@ function configure_firewall_for_ftp {
|
518
|
518
|
|
519
|
519
|
function configure_firewall_for_web {
|
520
|
520
|
if grep -Fxq "configure_firewall_for_web" $COMPLETION_FILE; then
|
521
|
|
- return
|
|
521
|
+ return
|
522
|
522
|
fi
|
523
|
523
|
iptables -A INPUT -i eth0 -p tcp --dport 32768:61000 --sport 80 -j ACCEPT
|
524
|
524
|
iptables -A INPUT -i eth0 -p tcp --dport 32768:61000 --sport 443 -j ACCEPT
|
|
@@ -528,7 +528,7 @@ function configure_firewall_for_web {
|
528
|
528
|
|
529
|
529
|
function configure_firewall_for_ssh {
|
530
|
530
|
if grep -Fxq "configure_firewall_for_ssh" $COMPLETION_FILE; then
|
531
|
|
- return
|
|
531
|
+ return
|
532
|
532
|
fi
|
533
|
533
|
iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT
|
534
|
534
|
iptables -A INPUT -i eth0 -p tcp --dport $SSH_PORT -j ACCEPT
|
|
@@ -538,7 +538,7 @@ function configure_firewall_for_ssh {
|
538
|
538
|
|
539
|
539
|
function configure_firewall_for_git {
|
540
|
540
|
if grep -Fxq "configure_firewall_for_git" $COMPLETION_FILE; then
|
541
|
|
- return
|
|
541
|
+ return
|
542
|
542
|
fi
|
543
|
543
|
iptables -A INPUT -i eth0 -p tcp --dport 9418 -j ACCEPT
|
544
|
544
|
save_firewall_settings
|
|
@@ -547,7 +547,7 @@ function configure_firewall_for_git {
|
547
|
547
|
|
548
|
548
|
function configure_firewall_for_email {
|
549
|
549
|
if grep -Fxq "configure_firewall_for_email" $COMPLETION_FILE; then
|
550
|
|
- return
|
|
550
|
+ return
|
551
|
551
|
fi
|
552
|
552
|
iptables -A INPUT -i eth0 -p tcp --dport 25 -j ACCEPT
|
553
|
553
|
iptables -A INPUT -i eth0 -p tcp --dport 587 -j ACCEPT
|
|
@@ -559,7 +559,7 @@ function configure_firewall_for_email {
|
559
|
559
|
|
560
|
560
|
function configure_internet_protocol {
|
561
|
561
|
if grep -Fxq "configure_internet_protocol" $COMPLETION_FILE; then
|
562
|
|
- return
|
|
562
|
+ return
|
563
|
563
|
fi
|
564
|
564
|
sed -i "s/#net.ipv4.tcp_syncookies=1/net.ipv4.tcp_syncookies=1/g" /etc/sysctl.conf
|
565
|
565
|
sed -i "s/#net.ipv4.conf.all.accept_redirects = 0/net.ipv4.conf.all.accept_redirects = 0/g" /etc/sysctl.conf
|
|
@@ -587,7 +587,7 @@ function configure_internet_protocol {
|
587
|
587
|
|
588
|
588
|
function script_to_make_self_signed_certificates {
|
589
|
589
|
if grep -Fxq "script_to_make_self_signed_certificates" $COMPLETION_FILE; then
|
590
|
|
- return
|
|
590
|
+ return
|
591
|
591
|
fi
|
592
|
592
|
echo '#!/bin/bash' > /usr/bin/makecert
|
593
|
593
|
echo 'HOSTNAME=$1' >> /usr/bin/makecert
|
|
@@ -623,7 +623,7 @@ function script_to_make_self_signed_certificates {
|
623
|
623
|
|
624
|
624
|
function configure_email {
|
625
|
625
|
if grep -Fxq "configure_email" $COMPLETION_FILE; then
|
626
|
|
- return
|
|
626
|
+ return
|
627
|
627
|
fi
|
628
|
628
|
apt-get -y remove postfix
|
629
|
629
|
apt-get -y --force-yes install exim4 sasl2-bin swaks libnet-ssleay-perl procmail
|
|
@@ -687,19 +687,19 @@ function configure_email {
|
687
|
687
|
mkdir -m 700 /home/$MY_USERNAME/Maildir/new
|
688
|
688
|
mkdir -m 700 /home/$MY_USERNAME/Maildir/Sent
|
689
|
689
|
mkdir -m 700 /home/$MY_USERNAME/Maildir/Sent/cur
|
690
|
|
- mkdir -m 700 /home/$MY_USERNAME/Maildir/Sent/tmp
|
691
|
|
- mkdir -m 700 /home/$MY_USERNAME/Maildir/Sent/new
|
692
|
|
- mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-spam
|
693
|
|
- mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-spam/cur
|
694
|
|
- mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-spam/new
|
695
|
|
- mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-spam/tmp
|
696
|
|
- mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-ham
|
697
|
|
- mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-ham/cur
|
698
|
|
- mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-ham/new
|
699
|
|
- mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-ham/tmp
|
700
|
|
- ln -s /home/$MY_USERNAME/Maildir/.learn-spam /home/$MY_USERNAME/Maildir/spam
|
701
|
|
- ln -s /home/$MY_USERNAME/Maildir/.learn-ham /home/$MY_USERNAME/Maildir/ham
|
702
|
|
- chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/Maildir
|
|
690
|
+ mkdir -m 700 /home/$MY_USERNAME/Maildir/Sent/tmp
|
|
691
|
+ mkdir -m 700 /home/$MY_USERNAME/Maildir/Sent/new
|
|
692
|
+ mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-spam
|
|
693
|
+ mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-spam/cur
|
|
694
|
+ mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-spam/new
|
|
695
|
+ mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-spam/tmp
|
|
696
|
+ mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-ham
|
|
697
|
+ mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-ham/cur
|
|
698
|
+ mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-ham/new
|
|
699
|
+ mkdir -m 700 /home/$MY_USERNAME/Maildir/.learn-ham/tmp
|
|
700
|
+ ln -s /home/$MY_USERNAME/Maildir/.learn-spam /home/$MY_USERNAME/Maildir/spam
|
|
701
|
+ ln -s /home/$MY_USERNAME/Maildir/.learn-ham /home/$MY_USERNAME/Maildir/ham
|
|
702
|
+ chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/Maildir
|
703
|
703
|
fi
|
704
|
704
|
echo 'configure_email' >> $COMPLETION_FILE
|
705
|
705
|
}
|
|
@@ -707,7 +707,7 @@ function configure_email {
|
707
|
707
|
function spam_filtering {
|
708
|
708
|
# NOTE: spamassassin installation currently doesn't work, sa-compile fails with a make error 23/09/2014
|
709
|
709
|
if grep -Fxq "spam_filtering" $COMPLETION_FILE; then
|
710
|
|
- return
|
|
710
|
+ return
|
711
|
711
|
fi
|
712
|
712
|
apt-get -y --force-yes install exim4-daemon-heavy
|
713
|
713
|
apt-get -y --force-yes install spamassassin
|
|
@@ -803,7 +803,7 @@ function spam_filtering {
|
803
|
803
|
|
804
|
804
|
function configure_imap {
|
805
|
805
|
if grep -Fxq "configure_imap" $COMPLETION_FILE; then
|
806
|
|
- return
|
|
806
|
+ return
|
807
|
807
|
fi
|
808
|
808
|
apt-get -y --force-yes install dovecot-common dovecot-imapd
|
809
|
809
|
makecert dovecot
|
|
@@ -828,14 +828,14 @@ function configure_imap {
|
828
|
828
|
|
829
|
829
|
function configure_gpg {
|
830
|
830
|
if grep -Fxq "configure_gpg" $COMPLETION_FILE; then
|
831
|
|
- return
|
|
831
|
+ return
|
832
|
832
|
fi
|
833
|
833
|
apt-get -y --force-yes install gnupg
|
834
|
834
|
|
835
|
835
|
if [ ! -d /home/$MY_USERNAME/.gnupg ]; then
|
836
|
|
- mkdir /home/$MY_USERNAME/.gnupg
|
837
|
|
- echo 'keyserver hkp://keys.gnupg.net' >> /home/$MY_USERNAME/.gnupg/gpg.conf
|
838
|
|
- echo 'keyserver-options auto-key-retrieve' >> /home/$MY_USERNAME/.gnupg/gpg.conf
|
|
836
|
+ mkdir /home/$MY_USERNAME/.gnupg
|
|
837
|
+ echo 'keyserver hkp://keys.gnupg.net' >> /home/$MY_USERNAME/.gnupg/gpg.conf
|
|
838
|
+ echo 'keyserver-options auto-key-retrieve' >> /home/$MY_USERNAME/.gnupg/gpg.conf
|
839
|
839
|
fi
|
840
|
840
|
|
841
|
841
|
sed -i "s|keyserver hkp://keys.gnupg.net|keyserver $GPG_KEYSERVER|g" /home/$MY_USERNAME/.gnupg/gpg.conf
|
|
@@ -851,34 +851,37 @@ function configure_gpg {
|
851
|
851
|
chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.gnupg
|
852
|
852
|
|
853
|
853
|
if [[ $MY_GPG_PUBLIC_KEY && $MY_GPG_PRIVATE_KEY ]]; then
|
854
|
|
- # use your existing GPG keys which were exported
|
855
|
|
- if [ ! -f $MY_GPG_PUBLIC_KEY ]; then
|
856
|
|
- echo "GPG public key file $MY_GPG_PUBLIC_KEY was not found"
|
857
|
|
- exit 5
|
858
|
|
- fi
|
859
|
|
- if [ ! -f $MY_GPG_PRIVATE_KEY ]; then
|
860
|
|
- echo "GPG private key file $MY_GPG_PRIVATE_KEY was not found"
|
861
|
|
- exit 6
|
862
|
|
- fi
|
|
854
|
+ # use your existing GPG keys which were exported
|
|
855
|
+ if [ ! -f $MY_GPG_PUBLIC_KEY ]; then
|
|
856
|
+ echo "GPG public key file $MY_GPG_PUBLIC_KEY was not found"
|
|
857
|
+ exit 5
|
|
858
|
+ fi
|
|
859
|
+ if [ ! -f $MY_GPG_PRIVATE_KEY ]; then
|
|
860
|
+ echo "GPG private key file $MY_GPG_PRIVATE_KEY was not found"
|
|
861
|
+ exit 6
|
|
862
|
+ fi
|
863
|
863
|
su - $MY_USERNAME gpg --import $MY_GPG_PUBLIC_KEY
|
864
|
864
|
su - $MY_USERNAME gpg --allow-secret-key-import --import $MY_GPG_PRIVATE_KEY
|
865
|
|
- # for security ensure that the private key file doesn't linger around
|
866
|
|
- shred -zu $MY_GPG_PRIVATE_KEY
|
|
865
|
+ # for security ensure that the private key file doesn't linger around
|
|
866
|
+ shred -zu $MY_GPG_PRIVATE_KEY
|
867
|
867
|
else
|
868
|
868
|
# Generate a GPG key
|
869
|
|
- echo "%echo Generating a GPG key for `hostname --fqdn`" > /home/$MY_USERNAME/gpg-genkey.conf
|
870
|
|
- echo 'Key-Type: RSA' >> /home/$MY_USERNAME/gpg-genkey.conf
|
871
|
|
- echo 'Key-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf
|
872
|
|
- echo 'Subkey-Type: ELG-E' >> /home/$MY_USERNAME/gpg-genkey.conf
|
873
|
|
- echo 'Subkey-Length: 4096' >> /home/$MY_USERNAME/gpg-genkey.conf
|
874
|
|
- echo 'Name-Real: `hostname --fqdn`' >> /home/$MY_USERNAME/gpg-genkey.conf
|
875
|
|
- echo "Name-Email: $MY_USERNAME@$DOMAIN_NAME" >> /home/$MY_USERNAME/gpg-genkey.conf
|
876
|
|
- echo 'Expire-Date: 0' >> /home/$MY_USERNAME/gpg-genkey.conf
|
877
|
|
- echo '%commit' >> /home/$MY_USERNAME/gpg-genkey.conf
|
878
|
|
- echo '%echo Done' >> /home/$MY_USERNAME/gpg-genkey.conf
|
879
|
|
- chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/gpg-genkey.conf
|
880
|
|
- su - $MY_USERNAME gpg --batch --gen-key /home/$MY_USERNAME/gpg-genkey.conf
|
881
|
|
- shred -zu /home/$MY_USERNAME/gpg-genkey.conf
|
|
869
|
+ umask 0277
|
|
870
|
+ cat << EOF > /tmp/$MY_USERNAME-gpg-genkey.conf
|
|
871
|
+ %echo Generating a GPG key
|
|
872
|
+ Key-Type: RSA
|
|
873
|
+ Key-Length: 4096
|
|
874
|
+ Subkey-Type: ELG-E
|
|
875
|
+ Subkey-Length: 4096
|
|
876
|
+ Name-Real: `hostname --fqdn`
|
|
877
|
+ Name-Email: $MY_USERNAME@`hostname --fqdn`
|
|
878
|
+ Expire-Date: 0
|
|
879
|
+ %commit
|
|
880
|
+ %echo Done
|
|
881
|
+ EOF
|
|
882
|
+ umask 0002
|
|
883
|
+ su $MY_USERNAME gpg --batch --gen-key /tmp/$MY_USERNAME-gpg-genkey.conf > gpg-keygen.log 2> gpg-keygen_error.log
|
|
884
|
+ shred -zu /tmp/$MY_USERNAME-gpg-genkey.conf
|
882
|
885
|
fi
|
883
|
886
|
|
884
|
887
|
echo 'configure_gpg' >> $COMPLETION_FILE
|
|
@@ -886,7 +889,7 @@ function configure_gpg {
|
886
|
889
|
|
887
|
890
|
function email_client {
|
888
|
891
|
if grep -Fxq "email_client" $COMPLETION_FILE; then
|
889
|
|
- return
|
|
892
|
+ return
|
890
|
893
|
fi
|
891
|
894
|
apt-get -y --force-yes install mutt-patched lynx abook
|
892
|
895
|
if [ ! -d /home/$MY_USERNAME/.mutt ]; then
|
|
@@ -987,7 +990,7 @@ function email_client {
|
987
|
990
|
|
988
|
991
|
function folders_for_mailing_lists {
|
989
|
992
|
if grep -Fxq "folders_for_mailing_lists" $COMPLETION_FILE; then
|
990
|
|
- return
|
|
993
|
+ return
|
991
|
994
|
fi
|
992
|
995
|
echo '#!/bin/bash' > /usr/bin/mailinglistrule
|
993
|
996
|
echo 'MYUSERNAME=$1' >> /usr/bin/mailinglistrule
|
|
@@ -1023,7 +1026,7 @@ function folders_for_mailing_lists {
|
1023
|
1026
|
|
1024
|
1027
|
function folders_for_email_addresses {
|
1025
|
1028
|
if grep -Fxq "folders_for_email_addresses" $COMPLETION_FILE; then
|
1026
|
|
- return
|
|
1029
|
+ return
|
1027
|
1030
|
fi
|
1028
|
1031
|
echo '#!/bin/bash' > /usr/bin/emailrule
|
1029
|
1032
|
echo 'MYUSERNAME=$1' >> /usr/bin/emailrule
|
|
@@ -1059,7 +1062,7 @@ function folders_for_email_addresses {
|
1059
|
1062
|
|
1060
|
1063
|
function dynamic_dns_freedns {
|
1061
|
1064
|
if grep -Fxq "dynamic_dns_freedns" $COMPLETION_FILE; then
|
1062
|
|
- return
|
|
1065
|
+ return
|
1063
|
1066
|
fi
|
1064
|
1067
|
|
1065
|
1068
|
echo '#!/bin/bash' > /usr/bin/dynamicdns
|
|
@@ -1070,7 +1073,7 @@ function dynamic_dns_freedns {
|
1070
|
1073
|
chmod +x /usr/bin/dynamicdns
|
1071
|
1074
|
|
1072
|
1075
|
if ! grep -q "dynamicdns" /etc/crontab; then
|
1073
|
|
- sed -i '/# m h dom mon dow user command/a\*/5 * * * * root /usr/bin/timeout 240 /usr/bin/dynamicdns' /etc/crontab
|
|
1076
|
+ sed -i '/# m h dom mon dow user command/a\*/5 * * * * root /usr/bin/timeout 240 /usr/bin/dynamicdns' /etc/crontab
|
1074
|
1077
|
fi
|
1075
|
1078
|
service cron restart
|
1076
|
1079
|
echo 'dynamic_dns_freedns' >> $COMPLETION_FILE
|
|
@@ -1078,7 +1081,7 @@ function dynamic_dns_freedns {
|
1078
|
1081
|
|
1079
|
1082
|
function install_final {
|
1080
|
1083
|
if grep -Fxq "install_final" $COMPLETION_FILE; then
|
1081
|
|
- return
|
|
1084
|
+ return
|
1082
|
1085
|
fi
|
1083
|
1086
|
echo 'install_final' >> $COMPLETION_FILE
|
1084
|
1087
|
echo ''
|