free
/
freedombone
Seguir 1
Destacar 0
Cuchillo 0
Código Incidencias 0 Peticiones pull 0 Lanzamientos 0 Wiki Activity
Explorar el Código

Use global image password if it is available

Bob Mottram hace 9 años
padre
af1f72a7a4
commit
26a61c49ec
Se han modificado 1 ficheros con 63 adiciones y 14 borrados
Dividir vista Mostrar estadísticas de diff
  1. 63
    14
      src/freedombone

+ 63
- 14
src/freedombone Ver fichero 

@@ -69,6 +69,11 @@ CONFIGURATION_FILE="freedombone.cfg"
69 69 
 SSH_PORT=2222
70 70 
 IRC_PORT=6697
71 71
72 
+# If this file exists it contains a global password used with
73 
+# disk image installs. This simplifies password management for
74 
+# deployment at scale
75 
+IMAGE_PASSWORD_FILE=/root/login.txt
76 
+
72 77 
 # parameters used when adding a new domain
73 78 
 DDNS_PROVIDER="default@freedns.afraid.org"
74 79 
 DDNS_USERNAME=
 
@@ -8288,7 +8293,11 @@ function install_mariadb {
8288 8293
8289 8294 
   get_mariadb_password
8290 8295 
   if [ ! $MARIADB_PASSWORD ]; then
8291 
-      MARIADB_PASSWORD="$(openssl rand -base64 32)"
8296 
+      if [ -f $IMAGE_PASSWORD_FILE ]; then
8297 
+          MARIADB_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
8298 
+      else
8299 
+          MARIADB_PASSWORD="$(openssl rand -base64 32)"
8300 
+      fi
8292 8301 
       echo "$MARIADB_PASSWORD" > $DATABASE_PASSWORD_FILE
8293 8302 
       chmod 600 $DATABASE_PASSWORD_FILE
8294 8303 
 
@@ -8544,7 +8553,11 @@ function install_owncloud {
8544 8553
8545 8554 
   get_mariadb_owncloud_admin_password
8546 8555 
   if [ ! $OWNCLOUD_ADMIN_PASSWORD ]; then
8547 
-      OWNCLOUD_ADMIN_PASSWORD="$(openssl rand -base64 32)"
8556 
+      if [ -f $IMAGE_PASSWORD_FILE ]; then
8557 
+          OWNCLOUD_ADMIN_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
8558 
+      else
8559 
+          OWNCLOUD_ADMIN_PASSWORD="$(openssl rand -base64 32)"
8560 
+      fi
8548 8561 
   fi
8549 8562
8550 8563 
   if ! grep -q "Owncloud database user" /home/$MY_USERNAME/README; then
 
@@ -8799,7 +8812,11 @@ function install_gogs {
8799 8812
8800 8813 
   get_mariadb_git_admin_password
8801 8814 
   if [ ! $GIT_ADMIN_PASSWORD ]; then
8802 
-      GIT_ADMIN_PASSWORD="$(openssl rand -base64 32)"
8815 
+      if [ -f $IMAGE_PASSWORD_FILE ]; then
8816 
+          GIT_ADMIN_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
8817 
+      else
8818 
+          GIT_ADMIN_PASSWORD="$(openssl rand -base64 32)"
8819 
+      fi
8803 8820 
   fi
8804 8821
8805 8822 
   if ! grep -q "Gogs admin user password" /home/$MY_USERNAME/README; then
 
@@ -9237,7 +9254,11 @@ function install_xmpp {
9237 9254 
   touch /home/$MY_USERNAME/README
9238 9255
9239 9256 
   if ! grep -q "Your XMPP password is" /home/$MY_USERNAME/README; then
9240 
-      XMPP_PASSWORD="$(openssl rand -base64 8)"
9257 
+      if [ -f $IMAGE_PASSWORD_FILE ]; then
9258 
+          XMPP_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
9259 
+      else
9260 
+          XMPP_PASSWORD="$(openssl rand -base64 8)"
9261 
+      fi
9241 9262 
       prosodyctl register $MY_USERNAME $DEFAULT_DOMAIN_NAME $XMPP_PASSWORD
9242 9263 
       echo '' >> /home/$MY_USERNAME/README
9243 9264 
       echo '' >> /home/$MY_USERNAME/README
 
@@ -9319,7 +9340,11 @@ function install_irc_server {
9319 9340 
   sed -i 's|;KeyFile = /etc/ngircd/#chan.key|KeyFile = /etc/ngircd/#freedombone.key|g' /etc/ngircd/ngircd.conf
9320 9341 
   sed -i 's/;CloakHost = cloaked.host/CloakHost = freedombone/g' /etc/ngircd/ngircd.conf
9321 9342 
   IRC_SALT="$(openssl rand -base64 32)"
9322 
-  IRC_OPERATOR_PASSWORD="$(openssl rand -base64 8)"
9343 
+  if [ -f $IMAGE_PASSWORD_FILE ]; then
9344 
+      IRC_OPERATOR_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
9345 
+  else
9346 
+      IRC_OPERATOR_PASSWORD="$(openssl rand -base64 8)"
9347 
+  fi
9323 9348 
   sed -i "s|;CloakHostSalt = abcdefghijklmnopqrstuvwxyz|CloakHostSalt = $IRC_SALT|g" /etc/ngircd/ngircd.conf
9324 9349 
   sed -i 's/;ConnectIPv4 = yes/ConnectIPv4 = yes/g' /etc/ngircd/ngircd.conf
9325 9350 
   sed -i 's/;MorePrivacy = no/MorePrivacy = yes/g' /etc/ngircd/ngircd.conf
 
@@ -9442,7 +9467,11 @@ function install_wiki {
9442 9467
9443 9468 
   get_wiki_admin_password
9444 9469 
   if [ ! $WIKI_ADMIN_PASSWORD ]; then
9445 
-      WIKI_ADMIN_PASSWORD="$(openssl rand -base64 16)"
9470 
+      if [ -f $IMAGE_PASSWORD_FILE ]; then
9471 
+          WIKI_ADMIN_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
9472 
+      else
9473 
+          WIKI_ADMIN_PASSWORD="$(openssl rand -base64 16)"
9474 
+      fi
9446 9475 
   fi
9447 9476 
   HASHED_WIKI_PASSWORD=$(echo -n "$WIKI_ADMIN_PASSWORD" | md5sum | awk -F ' ' '{print $1}')
9448 9477 
   echo -n "$MY_USERNAME:$HASHED_WIKI_PASSWORD:$MY_NAME:$MY_EMAIL:admin,user,upload" > /var/lib/dokuwiki/acl/users.auth.php
 
@@ -9878,7 +9907,11 @@ function install_blog {
9878 9907 
   # create a user password
9879 9908 
   get_blog_admin_password
9880 9909 
   if [ ! $FULLBLOG_ADMIN_PASSWORD ]; then
9881 
-      FULLBLOG_ADMIN_PASSWORD="$(openssl rand -base64 16)"
9910 
+      if [ -f $IMAGE_PASSWORD_FILE ]; then
9911 
+          FULLBLOG_ADMIN_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
9912 
+      else
9913 
+          FULLBLOG_ADMIN_PASSWORD="$(openssl rand -base64 16)"
9914 
+      fi
9882 9915 
       echo '' >> /home/$MY_USERNAME/README
9883 9916 
       echo '' >> /home/$MY_USERNAME/README
9884 9917 
       echo 'HTMLy Blog' >> /home/$MY_USERNAME/README
 
@@ -9950,7 +9983,11 @@ function install_gnu_social {
9950 9983
9951 9984 
   get_mariadb_gnusocial_admin_password
9952 9985 
   if [ ! $MICROBLOG_ADMIN_PASSWORD ]; then
9953 
-      MICROBLOG_ADMIN_PASSWORD="$(openssl rand -base64 32)"
9986 
+      if [ -f $IMAGE_PASSWORD_FILE ]; then
9987 
+          MICROBLOG_ADMIN_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
9988 
+      else
9989 
+          MICROBLOG_ADMIN_PASSWORD="$(openssl rand -base64 32)"
9990 
+      fi
9954 9991 
       echo '' >> /home/$MY_USERNAME/README
9955 9992 
       echo '' >> /home/$MY_USERNAME/README
9956 9993 
       echo 'GNU Social' >> /home/$MY_USERNAME/README
 
@@ -10225,7 +10262,11 @@ function install_hubzilla {
10225 10262
10226 10263 
   get_mariadb_hubzilla_admin_password
10227 10264 
   if [ ! $HUBZILLA_ADMIN_PASSWORD ]; then
10228 
-      HUBZILLA_ADMIN_PASSWORD="$(openssl rand -base64 32)"
10265 
+      if [ -f $IMAGE_PASSWORD_FILE ]; then
10266 
+          HUBZILLA_ADMIN_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
10267 
+      else
10268 
+          HUBZILLA_ADMIN_PASSWORD="$(openssl rand -base64 32)"
10269 
+      fi
10229 10270 
       echo '' >> /home/$MY_USERNAME/README
10230 10271 
       echo '' >> /home/$MY_USERNAME/README
10231 10272 
       echo 'Hubzilla' >> /home/$MY_USERNAME/README
 
@@ -11270,10 +11311,14 @@ function install_voip {
11270 11311
11271 11312 
   get_voip_server_password
11272 11313 
   if [ ! $VOIP_SERVER_PASSWORD ]; then
11273 
-      VOIP_SERVER_PASSWORD="$(openssl rand -base64 16)"
11274 
-  fi
11275 
-  if [ ${#VOIP_SERVER_PASSWORD} -lt $MINIMUM_PASSWORD_LENGTH ]; then
11276 
-      VOIP_SERVER_PASSWORD="$(openssl rand -base64 16)"
11314 
+      if [ -f $IMAGE_PASSWORD_FILE ]; then
11315 
+          VOIP_SERVER_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
11316 
+      else
11317 
+          VOIP_SERVER_PASSWORD="$(openssl rand -base64 16)"
11318 
+          if [ ${#VOIP_SERVER_PASSWORD} -lt $MINIMUM_PASSWORD_LENGTH ]; then
11319 
+              VOIP_SERVER_PASSWORD="$(openssl rand -base64 16)"
11320 
+          fi
11321 
+      fi
11277 11322 
   fi
11278 11323
11279 11324 
   # Make an ssl cert for the server
 
@@ -11357,7 +11402,11 @@ function install_sip {
11357 11402
11358 11403 
   get_sip_server_password
11359 11404 
   if [ ! $SIP_SERVER_PASSWORD ]; then
11360 
-      SIP_SERVER_PASSWORD="$(openssl rand -base64 10)"
11405 
+      if [ -f $IMAGE_PASSWORD_FILE ]; then
11406 
+          SIP_SERVER_PASSWORD="$(cat $IMAGE_PASSWORD_FILE)"
11407 
+      else
11408 
+          SIP_SERVER_PASSWORD="$(openssl rand -base64 10)"
11409 
+      fi
11361 11410 
   fi
11362 11411
11363 11412 
   echo '<?xml version="1.0"?>' > /etc/sipwitch.conf