|
|
@@ -314,6 +314,13 @@ REMOTE_BACKUPS_LOG=/var/log/remotebackups.log
|
|
314
|
314
|
# message if something fails to install
|
|
315
|
315
|
CHECK_MESSAGE="Check your internet connection, /etc/network/interfaces and /etc/resolv.conf, then delete $COMPLETION_FILE, run 'rm -fR /var/lib/apt/lists/* && apt-get update --fix-missing' and run this script again. If hash sum mismatches persist then try setting $DEBIAN_REPO to a different mirror and also change /etc/apt/sources.list."
|
|
316
|
316
|
|
|
|
317
|
+# cjdns settings
|
|
|
318
|
+ENABLE_CJDNS="no"
|
|
|
319
|
+CJDNS_PRIVATE_KEY=
|
|
|
320
|
+CJDNS_PUBLIC_KEY=
|
|
|
321
|
+CJDNS_IPV6=
|
|
|
322
|
+CJDNS_PASSWORD=
|
|
|
323
|
+
|
|
317
|
324
|
function show_help {
|
|
318
|
325
|
echo ''
|
|
319
|
326
|
echo './install-freedombone.sh [domain] [username] [subdomain code] [system type]'
|
|
|
@@ -381,6 +388,18 @@ function read_configuration {
|
|
381
|
388
|
if grep -q "LOCAL_NETWORK_STATIC_IP_ADDRESS" $CONFIGURATION_FILE; then
|
|
382
|
389
|
LOCAL_NETWORK_STATIC_IP_ADDRESS=$(grep "LOCAL_NETWORK_STATIC_IP_ADDRESS" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
|
|
383
|
390
|
fi
|
|
|
391
|
+ if grep -q "ENABLE_CJDNS" $CONFIGURATION_FILE; then
|
|
|
392
|
+ ENABLE_CJDNS=$(grep "ENABLE_CJDNS" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
|
|
|
393
|
+ fi
|
|
|
394
|
+ if grep -q "CJDNS_IPV6" $CONFIGURATION_FILE; then
|
|
|
395
|
+ CJDNS_IPV6=$(grep "CJDNS_IPV6" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
|
|
|
396
|
+ fi
|
|
|
397
|
+ if grep -q "CJDNS_PUBLIC_KEY" $CONFIGURATION_FILE; then
|
|
|
398
|
+ CJDNS_PUBLIC_KEY=$(grep "CJDNS_PUBLIC_KEY" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
|
|
|
399
|
+ fi
|
|
|
400
|
+ if grep -q "CJDNS_PRIVATE_KEY" $CONFIGURATION_FILE; then
|
|
|
401
|
+ CJDNS_PRIVATE_KEY=$(grep "CJDNS_PRIVATE_KEY" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
|
|
|
402
|
+ fi
|
|
384
|
403
|
if grep -q "BACKUP_CERTIFICATE" $CONFIGURATION_FILE; then
|
|
385
|
404
|
BACKUP_CERTIFICATE=$(grep "BACKUP_CERTIFICATE" $CONFIGURATION_FILE | awk -F '=' '{print $2}')
|
|
386
|
405
|
fi
|
|
|
@@ -533,6 +552,181 @@ function install_not_on_BBB {
|
|
533
|
552
|
echo 'install_not_on_BBB' >> $COMPLETION_FILE
|
|
534
|
553
|
}
|
|
535
|
554
|
|
|
|
555
|
+function install_cjdns {
|
|
|
556
|
+ if grep -Fxq "install_cjdns" $COMPLETION_FILE; then
|
|
|
557
|
+ return
|
|
|
558
|
+ fi
|
|
|
559
|
+ if [[ $ENABLE_CJDNS != "yes" ]]; then
|
|
|
560
|
+ return
|
|
|
561
|
+ fi
|
|
|
562
|
+ apt-get -y install nodejs git build-essential
|
|
|
563
|
+
|
|
|
564
|
+ if [ ! -d /etc/cjdns ]; then
|
|
|
565
|
+ git clone https://github.com/cjdelisle/cjdns.git /etc/cjdns
|
|
|
566
|
+ cd /etc/cjdns
|
|
|
567
|
+ # create a configuration
|
|
|
568
|
+ if [ ! -f /etc/cjdns/cjdroute.conf ]; then
|
|
|
569
|
+ ./cjdroute --genconf > /etc/cjdns/cjdroute.conf
|
|
|
570
|
+ fi
|
|
|
571
|
+ ./do
|
|
|
572
|
+ # create a user to run as
|
|
|
573
|
+ useradd cjdns
|
|
|
574
|
+ else
|
|
|
575
|
+ cd /etc/cjdns
|
|
|
576
|
+ git pull
|
|
|
577
|
+ ./do
|
|
|
578
|
+ fi
|
|
|
579
|
+
|
|
|
580
|
+ # set permissions
|
|
|
581
|
+ chown -R cjdns:cjdns /etc/cjdns
|
|
|
582
|
+ chmod 600 /etc/cjdns/cjdroute.conf
|
|
|
583
|
+
|
|
|
584
|
+ /sbin/ip tuntap add mode tun user cjdns dev cjdroute0
|
|
|
585
|
+
|
|
|
586
|
+ # insert values into the configuration file
|
|
|
587
|
+ if [ $CJDNS_PRIVATE_KEY ]; then
|
|
|
588
|
+ sed -i "s/\"privateKey\":.*/\"privateKey\": \"$CJDNS_PRIVATE_KEY\",/g" /etc/cjdns/cjdroute.conf
|
|
|
589
|
+ else
|
|
|
590
|
+ CJDNS_PRIVATE_KEY=$(cat /etc/cjdns/cjdroute.conf | grep '"privateKey"' | awk -F '"' '{print $4}')
|
|
|
591
|
+ fi
|
|
|
592
|
+ if [ $CJDNS_PUBLIC_KEY ]; then
|
|
|
593
|
+ sed -i "s/\"publicKey\":.*/\"publicKey\": \"$CJDNS_PUBLIC_KEY\",/g" /etc/cjdns/cjdroute.conf
|
|
|
594
|
+ else
|
|
|
595
|
+ CJDNS_PUBLIC_KEY=$(cat /etc/cjdns/cjdroute.conf | grep '"publicKey"' | awk -F '"' '{print $4}')
|
|
|
596
|
+ fi
|
|
|
597
|
+ if [ $CJDNS_IPV6 ]; then
|
|
|
598
|
+ sed -i "s/\"ipv6\":.*/\"ipv6\": \"$CJDNS_IPV6\",/g" /etc/cjdns/cjdroute.conf
|
|
|
599
|
+ else
|
|
|
600
|
+ CJDNS_IPV6=$(cat /etc/cjdns/cjdroute.conf | grep '"ipv6"' | awk -F '"' '{print $4}')
|
|
|
601
|
+ fi
|
|
|
602
|
+ if [ $CJDNS_PASSWORD ]; then
|
|
|
603
|
+ sed -i "0,/{\"password\":.*/s//{\"password\": \"$CJDNS_PASSWORD\"}/g" /etc/cjdns/cjdroute.conf
|
|
|
604
|
+ else
|
|
|
605
|
+ CJDNS_PASSWORD=$(cat /etc/cjdns/cjdroute.conf | grep '"password"' | awk -F '"' '{print $4}' | sed -n 1p)
|
|
|
606
|
+ fi
|
|
|
607
|
+
|
|
|
608
|
+ # endure that ipv6 is enabled and can route
|
|
|
609
|
+ sed -i 's/net.ipv6.conf.all.disable_ipv6.*/net.ipv6.conf.all.disable_ipv6 = 0/g' /etc/sysctl.conf
|
|
|
610
|
+ #sed -i "s/net.ipv6.conf.all.accept_redirects.*/net.ipv6.conf.all.accept_redirects = 1/g" /etc/sysctl.conf
|
|
|
611
|
+ #sed -i "s/net.ipv6.conf.all.accept_source_route.*/net.ipv6.conf.all.accept_source_route = 1/g" /etc/sysctl.conf
|
|
|
612
|
+ #sed -i "s/net.ipv6.conf.all.forwarding.*/net.ipv6.conf.all.forwarding=1/g" /etc/sysctl.conf
|
|
|
613
|
+
|
|
|
614
|
+ echo '#!/bin/sh -e' > /etc/init.d/cjdns
|
|
|
615
|
+ echo '### BEGIN INIT INFO' >> /etc/init.d/cjdns
|
|
|
616
|
+ echo '# hyperboria.sh - An init script (/etc/init.d/) for cjdns' >> /etc/init.d/cjdns
|
|
|
617
|
+ echo '# Provides: cjdroute' >> /etc/init.d/cjdns
|
|
|
618
|
+ echo '# Required-Start: $remote_fs $network' >> /etc/init.d/cjdns
|
|
|
619
|
+ echo '# Required-Stop: $remote_fs $network' >> /etc/init.d/cjdns
|
|
|
620
|
+ echo '# Default-Start: 2 3 4 5' >> /etc/init.d/cjdns
|
|
|
621
|
+ echo '# Default-Stop: 0 1 6' >> /etc/init.d/cjdns
|
|
|
622
|
+ echo '# Short-Description: Cjdns router' >> /etc/init.d/cjdns
|
|
|
623
|
+ echo '# Description: A routing engine designed for security, scalability, speed and ease of use.' >> /etc/init.d/cjdns
|
|
|
624
|
+ echo '# cjdns git repo: https://github.com/cjdelisle/cjdns/' >> /etc/init.d/cjdns
|
|
|
625
|
+ echo '### END INIT INFO' >> /etc/init.d/cjdns
|
|
|
626
|
+ echo '' >> /etc/init.d/cjdns
|
|
|
627
|
+ echo 'PROG="cjdroute"' >> /etc/init.d/cjdns
|
|
|
628
|
+ echo 'GIT_PATH="/etc/cjdns"' >> /etc/init.d/cjdns
|
|
|
629
|
+ echo 'PROG_PATH="/etc/cjdns"' >> /etc/init.d/cjdns
|
|
|
630
|
+ echo 'CJDNS_CONFIG="cjdroute.conf"' >> /etc/init.d/cjdns
|
|
|
631
|
+ echo 'CJDNS_USER="cjdns"' >> /etc/init.d/cjdns
|
|
|
632
|
+ echo "CJDNS_IP='$CJDNS_IPV6'" >> /etc/init.d/cjdns
|
|
|
633
|
+ echo '' >> /etc/init.d/cjdns
|
|
|
634
|
+ echo 'start() {' >> /etc/init.d/cjdns
|
|
|
635
|
+ echo ' # Start it up with the user cjdns' >> /etc/init.d/cjdns
|
|
|
636
|
+ echo ' if [ $(pgrep cjdroute | wc -l) != 0 ];' >> /etc/init.d/cjdns
|
|
|
637
|
+ echo ' then' >> /etc/init.d/cjdns
|
|
|
638
|
+ echo ' echo "cjdroute is already running. Doing nothing..."' >> /etc/init.d/cjdns
|
|
|
639
|
+ echo ' else' >> /etc/init.d/cjdns
|
|
|
640
|
+ echo ' echo " * Starting cjdroute"' >> /etc/init.d/cjdns
|
|
|
641
|
+ echo ' /sbin/ip addr add $CJDNS_IP/8 dev cjdroute0' >> /etc/init.d/cjdns
|
|
|
642
|
+ echo ' /sbin/ip link set mtu 1312 dev cjdroute0' >> /etc/init.d/cjdns
|
|
|
643
|
+ echo ' /sbin/ip link set cjdroute0 up' >> /etc/init.d/cjdns
|
|
|
644
|
+ echo ' sudo -u $CJDNS_USER $PROG_PATH/$PROG < $PROG_PATH/$CJDNS_CONFIG' >> /etc/init.d/cjdns
|
|
|
645
|
+ echo ' fi' >> /etc/init.d/cjdns
|
|
|
646
|
+ echo '}' >> /etc/init.d/cjdns
|
|
|
647
|
+ echo '' >> /etc/init.d/cjdns
|
|
|
648
|
+ echo 'stop() {' >> /etc/init.d/cjdns
|
|
|
649
|
+ echo '' >> /etc/init.d/cjdns
|
|
|
650
|
+ echo ' if [ $(pgrep cjdroute | wc -l) != 2 ];' >> /etc/init.d/cjdns
|
|
|
651
|
+ echo ' then' >> /etc/init.d/cjdns
|
|
|
652
|
+ echo ' echo "cjdns isnt running."' >> /etc/init.d/cjdns
|
|
|
653
|
+ echo ' else' >> /etc/init.d/cjdns
|
|
|
654
|
+ echo ' echo "Killing cjdroute"' >> /etc/init.d/cjdns
|
|
|
655
|
+ echo ' killall cjdroute' >> /etc/init.d/cjdns
|
|
|
656
|
+ echo ' fi' >> /etc/init.d/cjdns
|
|
|
657
|
+ echo '}' >> /etc/init.d/cjdns
|
|
|
658
|
+ echo '' >> /etc/init.d/cjdns
|
|
|
659
|
+ echo 'status() {' >> /etc/init.d/cjdns
|
|
|
660
|
+ echo ' if [ $(pgrep cjdroute | wc -l) != 0 ];' >> /etc/init.d/cjdns
|
|
|
661
|
+ echo ' then' >> /etc/init.d/cjdns
|
|
|
662
|
+ echo ' echo "Cjdns is running"' >> /etc/init.d/cjdns
|
|
|
663
|
+ echo ' else' >> /etc/init.d/cjdns
|
|
|
664
|
+ echo ' echo "Cjdns is not running"' >> /etc/init.d/cjdns
|
|
|
665
|
+ echo ' fi' >> /etc/init.d/cjdns
|
|
|
666
|
+ echo '}' >> /etc/init.d/cjdns
|
|
|
667
|
+ echo '' >> /etc/init.d/cjdns
|
|
|
668
|
+ echo ' update() {' >> /etc/init.d/cjdns
|
|
|
669
|
+ echo ' cd $GIT_PATH' >> /etc/init.d/cjdns
|
|
|
670
|
+ echo ' echo "Updating..."' >> /etc/init.d/cjdns
|
|
|
671
|
+ echo ' git pull' >> /etc/init.d/cjdns
|
|
|
672
|
+ echo ' ./do' >> /etc/init.d/cjdns
|
|
|
673
|
+ echo '}' >> /etc/init.d/cjdns
|
|
|
674
|
+ echo '' >> /etc/init.d/cjdns
|
|
|
675
|
+ echo '## Check to see if we are running as root first.' >> /etc/init.d/cjdns
|
|
|
676
|
+ echo 'if [ "$(id -u)" != "0" ]; then' >> /etc/init.d/cjdns
|
|
|
677
|
+ echo ' echo "This script must be run as root" 1>&2' >> /etc/init.d/cjdns
|
|
|
678
|
+ echo ' exit 1' >> /etc/init.d/cjdns
|
|
|
679
|
+ echo 'fi' >> /etc/init.d/cjdns
|
|
|
680
|
+ echo '' >> /etc/init.d/cjdns
|
|
|
681
|
+ echo 'case $1 in' >> /etc/init.d/cjdns
|
|
|
682
|
+ echo ' start)' >> /etc/init.d/cjdns
|
|
|
683
|
+ echo ' start' >> /etc/init.d/cjdns
|
|
|
684
|
+ echo ' exit 0' >> /etc/init.d/cjdns
|
|
|
685
|
+ echo ' ;;' >> /etc/init.d/cjdns
|
|
|
686
|
+ echo ' stop)' >> /etc/init.d/cjdns
|
|
|
687
|
+ echo ' stop' >> /etc/init.d/cjdns
|
|
|
688
|
+ echo ' exit 0' >> /etc/init.d/cjdns
|
|
|
689
|
+ echo ' ;;' >> /etc/init.d/cjdns
|
|
|
690
|
+ echo ' reload|restart|force-reload)' >> /etc/init.d/cjdns
|
|
|
691
|
+ echo ' stop' >> /etc/init.d/cjdns
|
|
|
692
|
+ echo ' sleep 1' >> /etc/init.d/cjdns
|
|
|
693
|
+ echo ' start' >> /etc/init.d/cjdns
|
|
|
694
|
+ echo ' exit 0' >> /etc/init.d/cjdns
|
|
|
695
|
+ echo ' ;;' >> /etc/init.d/cjdns
|
|
|
696
|
+ echo ' status)' >> /etc/init.d/cjdns
|
|
|
697
|
+ echo ' status' >> /etc/init.d/cjdns
|
|
|
698
|
+ echo ' exit 0' >> /etc/init.d/cjdns
|
|
|
699
|
+ echo ' ;;' >> /etc/init.d/cjdns
|
|
|
700
|
+ echo ' update|upgrade)' >> /etc/init.d/cjdns
|
|
|
701
|
+ echo ' update' >> /etc/init.d/cjdns
|
|
|
702
|
+ echo ' stop' >> /etc/init.d/cjdns
|
|
|
703
|
+ echo ' sleep 2' >> /etc/init.d/cjdns
|
|
|
704
|
+ echo ' start' >> /etc/init.d/cjdns
|
|
|
705
|
+ echo ' exit 0' >> /etc/init.d/cjdns
|
|
|
706
|
+ echo ' ;;' >> /etc/init.d/cjdns
|
|
|
707
|
+ echo ' **)' >> /etc/init.d/cjdns
|
|
|
708
|
+ echo ' echo "Usage: $0 (start|stop|restart|status|update)" 1>&2' >> /etc/init.d/cjdns
|
|
|
709
|
+ echo ' exit 1' >> /etc/init.d/cjdns
|
|
|
710
|
+ echo ' ;;' >> /etc/init.d/cjdns
|
|
|
711
|
+ echo 'esac' >> /etc/init.d/cjdns
|
|
|
712
|
+ chmod +x /etc/init.d/cjdns
|
|
|
713
|
+ update-rc.d cjdns defaults
|
|
|
714
|
+ service cjdns start
|
|
|
715
|
+
|
|
|
716
|
+ if ! grep -q "Mesh Networking" /home/$MY_USERNAME/README; then
|
|
|
717
|
+ echo '' >> /home/$MY_USERNAME/README
|
|
|
718
|
+ echo '' >> /home/$MY_USERNAME/README
|
|
|
719
|
+ echo 'Mesh Networking' >> /home/$MY_USERNAME/README
|
|
|
720
|
+ echo '===============' >> /home/$MY_USERNAME/README
|
|
|
721
|
+ echo "IPv6 Address: $CJDNS_IPV6" >> /home/$MY_USERNAME/README
|
|
|
722
|
+ echo "Public key: $CJDNS_PUBLIC_KEY" >> /home/$MY_USERNAME/README
|
|
|
723
|
+ echo "Private key: $CJDNS_PRIVATE_KEY" >> /home/$MY_USERNAME/README
|
|
|
724
|
+ chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/README
|
|
|
725
|
+ fi
|
|
|
726
|
+
|
|
|
727
|
+ echo 'install_cjdns' >> $COMPLETION_FILE
|
|
|
728
|
+}
|
|
|
729
|
+
|
|
536
|
730
|
function check_hwrng {
|
|
537
|
731
|
# If hardware random number generation was enabled then make sure that the device exists.
|
|
538
|
732
|
# if /dev/hwrng is not found then any subsequent cryptographic key generation would
|
|
|
@@ -7136,6 +7330,7 @@ set_your_domain_name
|
|
7136
|
7330
|
time_synchronisation
|
|
7137
|
7331
|
configure_internet_protocol
|
|
7138
|
7332
|
create_git_project
|
|
|
7333
|
+install_cjdns
|
|
7139
|
7334
|
backup_github_projects
|
|
7140
|
7335
|
configure_ssh
|
|
7141
|
7336
|
check_hwrng
|
Bob Mottram
vor 10 Jahren