Bob Mottram před 7 roky
rodič
revize
8848ea40ef

+ 4
- 4
src/cronic Zobrazit soubor

@@ -12,14 +12,14 @@ ERR=$TMP/cronic.err
12 12
 TRACE=$TMP/cronic.trace
13 13
 
14 14
 set +e
15
-"$@" >$OUT 2>$TRACE
15
+"$@" >"$OUT" 2>"$TRACE"
16 16
 RESULT=$?
17 17
 set -e
18 18
 
19 19
 PATTERN="^${PS4:0:1}\\+${PS4:1}"
20
-if grep -aq "$PATTERN" $TRACE
20
+if grep -aq "$PATTERN" "$TRACE"
21 21
 then
22
-    ! grep -av "$PATTERN" $TRACE > $ERR
22
+    ! grep -av "$PATTERN" "$TRACE" > "$ERR"
23 23
 else
24 24
     ERR=$TRACE
25 25
 fi
@@ -33,7 +33,7 @@ if [ $RESULT -ne 0 ]
33 33
     echo
34 34
     echo "STANDARD OUTPUT:"
35 35
     cat "$OUT"
36
-    if [ $TRACE != $ERR ]
36
+    if [ "$TRACE" != "$ERR" ]
37 37
     then
38 38
         echo
39 39
         echo "TRACE-ERROR OUTPUT:"

+ 48
- 49
src/freedombone Zobrazit soubor

@@ -42,61 +42,61 @@ fi
42 42
 
43 43
 source $PROJECT_INSTALL_DIR/${PROJECT_NAME}-vars
44 44
 
45
-UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*
45
+UTILS_FILES="/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*"
46 46
 for f in $UTILS_FILES
47 47
 do
48
-    source $f
48
+    source "$f"
49 49
 done
50 50
 
51
-APP_FILES=/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*
51
+APP_FILES="/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*"
52 52
 for f in $APP_FILES
53 53
 do
54
-    source $f
54
+    source "$f"
55 55
 done
56 56
 
57
-command_options=$1
57
+command_options="$1"
58 58
 
59
-if [[ $command_options == "menuconfig-full" ]]; then
59
+if [[ "$command_options" == "menuconfig-full" ]]; then
60 60
     MINIMAL_INSTALL="no"
61 61
 fi
62 62
 
63
-if [[ $command_options == "menuconfig-onion" ]]; then
63
+if [[ "$command_options" == "menuconfig-onion" ]]; then
64 64
     MINIMAL_INSTALL="yes"
65 65
     ONION_ONLY="yes"
66 66
 fi
67 67
 
68
-if [[ $command_options == "menuconfig-gnusocial" ]]; then
68
+if [[ "$command_options" == "menuconfig-gnusocial" ]]; then
69 69
     MINIMAL_INSTALL="yes"
70 70
     ONION_ONLY="no"
71 71
     SOCIALINSTANCE='gnusocial'
72 72
 fi
73 73
 
74
-if [[ $command_options == "menuconfig-postactiv" ]]; then
74
+if [[ "$command_options" == "menuconfig-postactiv" ]]; then
75 75
     MINIMAL_INSTALL="yes"
76 76
     ONION_ONLY="no"
77 77
     SOCIALINSTANCE='postactiv'
78 78
 fi
79 79
 
80
-if [ ! $CONFIGURATION_FILE ]; then
81
-    CONFIGURATION_FILE=$HOME/${PROJECT_NAME}.cfg
80
+if [ ! "$CONFIGURATION_FILE" ]; then
81
+    CONFIGURATION_FILE="$HOME/${PROJECT_NAME}.cfg"
82 82
 fi
83
-if [ ! $COMPLETION_FILE ]; then
84
-    COMPLETION_FILE=$HOME/${PROJECT_NAME}-completed.txt
83
+if [ ! "$COMPLETION_FILE" ]; then
84
+    COMPLETION_FILE="$HOME/${PROJECT_NAME}-completed.txt"
85 85
 fi
86 86
 
87 87
 # before the interactive config so that wifi adaptors may be detected
88 88
 setup_wifi_atheros
89 89
 
90
-if [[ $command_options == "menuconfig"* ]]; then
90
+if [[ "$command_options" == "menuconfig"* ]]; then
91 91
     if [[ "$2" == "--reset" ]]; then
92
-        if [ -f $CONFIGURATION_FILE ]; then
93
-            rm $CONFIGURATION_FILE
92
+        if [ -f "$CONFIGURATION_FILE" ]; then
93
+            rm "$CONFIGURATION_FILE"
94 94
         fi
95
-        if [ -f $COMPLETION_FILE ]; then
96
-            rm $COMPLETION_FILE
95
+        if [ -f "$COMPLETION_FILE" ]; then
96
+            rm "$COMPLETION_FILE"
97 97
         fi
98
-        if [ -f /usr/share/${PROJECT_NAME}/installed.txt ]; then
99
-            rm /usr/share/${PROJECT_NAME}/installed.txt
98
+        if [ -f "/usr/share/${PROJECT_NAME}/installed.txt" ]; then
99
+            rm "/usr/share/${PROJECT_NAME}/installed.txt"
100 100
         fi
101 101
         if [ -f /root/removed ]; then
102 102
             rm /root/removed
@@ -104,18 +104,18 @@ if [[ $command_options == "menuconfig"* ]]; then
104 104
     fi
105 105
 
106 106
     # clear the interactive file which indicates configuration success
107
-    interactive_file=$HOME/.${PROJECT_NAME}-interactive
108
-    if [ -f $interactive_file ]; then
109
-        rm $interactive_file
107
+    interactive_file="$HOME/.${PROJECT_NAME}-interactive"
108
+    if [ -f "$interactive_file" ]; then
109
+        rm "$interactive_file"
110 110
     fi
111 111
 
112 112
     interactive_configuration
113 113
 
114 114
     # check that the interactive file was created
115
-    if [ ! -f $interactive_file ]; then
115
+    if [ ! -f "$interactive_file" ]; then
116 116
         exit 6393562
117 117
     fi
118
-    rm $interactive_file
118
+    rm "$interactive_file"
119 119
 else
120 120
     while [ $# -gt 1 ]
121 121
     do
@@ -169,12 +169,12 @@ else
169 169
             # Static IP address for the system
170 170
             --ip)
171 171
                 shift
172
-                LOCAL_NETWORK_STATIC_IP_ADDRESS=$1
172
+                LOCAL_NETWORK_STATIC_IP_ADDRESS="$1"
173 173
                 ;;
174 174
             # IP address for the internet router
175 175
             --iprouter)
176 176
                 shift
177
-                ROUTER_IP_ADDRESS=$1
177
+                ROUTER_IP_ADDRESS="$1"
178 178
                 ;;
179 179
             # ssh port
180 180
             --ssh)
@@ -214,61 +214,61 @@ else
214 214
             # Mumble server password
215 215
             --vpass)
216 216
                 shift
217
-                MUMBLE_SERVER_PASSWORD=$1
217
+                MUMBLE_SERVER_PASSWORD="$1"
218 218
                 ;;
219 219
             # Mumble server port
220 220
             --vport)
221 221
                 shift
222
-                MUMBLE_PORT=$1
222
+                MUMBLE_PORT="$1"
223 223
                 ;;
224 224
             # DNS Nameserver 1
225 225
             --ns1)
226 226
                 shift
227
-                NAMESERVER1=$1
227
+                NAMESERVER1="$1"
228 228
                 ;;
229 229
             # DNS Nameserver 2
230 230
             --ns2)
231 231
                 shift
232
-                NAMESERVER2=$1
232
+                NAMESERVER2="$1"
233 233
                 ;;
234 234
             # DNS Nameserver 3
235 235
             --ns3)
236 236
                 shift
237
-                NAMESERVER3=$1
237
+                NAMESERVER3="$1"
238 238
                 ;;
239 239
             # DNS Nameserver 4
240 240
             --ns4)
241 241
                 shift
242
-                NAMESERVER4=$1
242
+                NAMESERVER4="$1"
243 243
                 ;;
244 244
             # DNS Nameserver 5
245 245
             --ns5)
246 246
                 shift
247
-                NAMESERVER5=$1
247
+                NAMESERVER5="$1"
248 248
                 ;;
249 249
             # DNS Nameserver 6
250 250
             --ns6)
251 251
                 shift
252
-                NAMESERVER6=$1
252
+                NAMESERVER6="$1"
253 253
                 ;;
254 254
             # Debian repository
255 255
             --repo)
256 256
                 shift
257
-                DEBIAN_REPO=$1
257
+                DEBIAN_REPO="$1"
258 258
                 ;;
259 259
             # clear the config file
260 260
             --reset)
261
-                if [ -f $CONFIGURATION_FILE ]; then
262
-                    rm $CONFIGURATION_FILE
261
+                if [ -f "$CONFIGURATION_FILE" ]; then
262
+                    rm "$CONFIGURATION_FILE"
263 263
                 fi
264
-                if [ -f $COMPLETION_FILE ]; then
265
-                    rm $COMPLETION_FILE
264
+                if [ -f "$COMPLETION_FILE" ]; then
265
+                    rm "$COMPLETION_FILE"
266 266
                 fi
267 267
                 ;;
268 268
             # minimal install
269 269
             --minimal)
270 270
                 shift
271
-                MINIMAL_INSTALL=$1
271
+                MINIMAL_INSTALL="$1"
272 272
                 ;;
273 273
             *)
274 274
                 # unknown option
@@ -293,7 +293,7 @@ function parse_args {
293 293
     read_config_param 'DDNS_USERNAME'
294 294
     read_config_param 'DDNS_PASSWORD'
295 295
 
296
-    if [ ! -d /home/$MY_USERNAME ]; then
296
+    if [ ! -d "/home/$MY_USERNAME" ]; then
297 297
         echo $"There is no user '$MY_USERNAME' on the system. Use 'adduser $MY_USERNAME' to create the user."
298 298
         exit 1
299 299
     fi
@@ -304,7 +304,7 @@ function parse_args {
304 304
             exit 2
305 305
         fi
306 306
     fi
307
-    if [ ! $MY_USERNAME ]; then
307
+    if [ ! "$MY_USERNAME" ]; then
308 308
         echo 'No username specified'
309 309
         show_help
310 310
         exit 3
@@ -312,11 +312,11 @@ function parse_args {
312 312
     if [[ $SYSTEM_TYPE != "mesh"* ]]; then
313 313
         if [[ "$DDNS_PROVIDER" != 'none' ]]; then
314 314
             if [[ $ONION_ONLY == "no" ]]; then
315
-                if [ ! $DDNS_USERNAME ]; then
315
+                if [ ! "$DDNS_USERNAME" ]; then
316 316
                     echo $'Please provide the username for your dynamic DNS provider with the --ddnsuser option'
317 317
                     exit 7823
318 318
                 fi
319
-                if [ ! $DDNS_PASSWORD ]; then
319
+                if [ ! "$DDNS_PASSWORD" ]; then
320 320
                     echo $'Please provide the password for your dynamic DNS provider with the --ddnspass option'
321 321
                     exit 6382
322 322
                 fi
@@ -324,7 +324,7 @@ function parse_args {
324 324
         fi
325 325
     fi
326 326
 
327
-    if [ ! $SYSTEM_TYPE ]; then
327
+    if [ ! "$SYSTEM_TYPE" ]; then
328 328
         SYSTEM_TYPE=$'full'
329 329
         write_config_param "SYSTEM_TYPE" "$SYSTEM_TYPE"
330 330
     fi
@@ -338,8 +338,7 @@ function parse_args {
338 338
 
339 339
 # run some initial tests
340 340
 clear
341
-${PROJECT_NAME}-tests
342
-if [ ! "$?" = "0" ]; then
341
+if ! "${PROJECT_NAME}-tests"; then
343 342
     exit 768252
344 343
 fi
345 344
 
@@ -354,7 +353,7 @@ upgrade_installation_from_previous_versions
354 353
 setup_utils
355 354
 setup_email
356 355
 setup_web
357
-setup_apps $command_options
356
+setup_apps "$command_options"
358 357
 setup_final
359 358
 
360 359
 echo ''

+ 57
- 60
src/freedombone-addcert Zobrazit soubor

@@ -36,10 +36,10 @@ export TEXTDOMAINDIR="/usr/share/locale"
36 36
 CONFIGURATION_FILE=$HOME/${PROJECT_NAME}.cfg
37 37
 COMPLETION_FILE=$HOME/${PROJECT_NAME}-completed.txt
38 38
 
39
-UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*
39
+UTILS_FILES="/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*"
40 40
 for f in $UTILS_FILES
41 41
 do
42
-  source $f
42
+    source "$f"
43 43
 done
44 44
 
45 45
 # Don't pin certs by default
@@ -145,11 +145,11 @@ do
145 145
             ;;
146 146
         --dhkey)
147 147
             shift
148
-            DH_KEYLENGTH=${1}
148
+            DH_KEYLENGTH="${1}"
149 149
             ;;
150 150
         --pin)
151 151
             shift
152
-            PIN_CERTS=${1}
152
+            PIN_CERTS="${1}"
153 153
             ;;
154 154
         *)
155 155
             # unknown option
@@ -158,8 +158,8 @@ do
158 158
     shift
159 159
 done
160 160
 
161
-if [ ! $HOSTNAME ]; then
162
-    if [ ! $LETSENCRYPT_HOSTNAME ]; then
161
+if [ ! "$HOSTNAME" ]; then
162
+    if [ ! "$LETSENCRYPT_HOSTNAME" ]; then
163 163
         echo $'No hostname specified'
164 164
         exit 5748
165 165
     fi
@@ -180,16 +180,16 @@ function remove_cert_letsencrypt {
180 180
     CERTFILE=$LETSENCRYPT_HOSTNAME
181 181
 
182 182
     # disable the site if needed
183
-    if [ -f /etc/nginx/sites-available/${LETSENCRYPT_HOSTNAME} ]; then
184
-        if grep -q "443" /etc/nginx/sites-available/${LETSENCRYPT_HOSTNAME}; then
185
-            nginx_dissite ${LETSENCRYPT_HOSTNAME}
183
+    if [ -f "/etc/nginx/sites-available/${LETSENCRYPT_HOSTNAME}" ]; then
184
+        if grep -q "443" "/etc/nginx/sites-available/${LETSENCRYPT_HOSTNAME}"; then
185
+            nginx_dissite "${LETSENCRYPT_HOSTNAME}"
186 186
         fi
187 187
     fi
188 188
 
189 189
     # remove the cert
190
-    rm -rf /etc/letsencrypt/live/${LETSENCRYPT_HOSTNAME}*
191
-    rm -rf /etc/letsencrypt/archive/${LETSENCRYPT_HOSTNAME}*
192
-    rm /etc/letsencrypt/renewal/${LETSENCRYPT_HOSTNAME}.conf
190
+    rm -rf "/etc/letsencrypt/live/${LETSENCRYPT_HOSTNAME}*"
191
+    rm -rf "/etc/letsencrypt/archive/${LETSENCRYPT_HOSTNAME}*"
192
+    rm "/etc/letsencrypt/renewal/${LETSENCRYPT_HOSTNAME}.conf"
193 193
 
194 194
     # restart the web server
195 195
     systemctl restart nginx
@@ -199,14 +199,14 @@ function add_cert_letsencrypt {
199 199
     CERTFILE=$LETSENCRYPT_HOSTNAME
200 200
 
201 201
     # obtain the email address for the admin user
202
-    if [ ! $MY_EMAIL_ADDRESS ]; then
203
-        if [ -f $CONFIGURATION_FILE ]; then
202
+    if [ ! "$MY_EMAIL_ADDRESS" ]; then
203
+        if [ -f "$CONFIGURATION_FILE" ]; then
204 204
             read_config_param MY_EMAIL_ADDRESS
205 205
         fi
206 206
     fi
207
-    if [ ! $MY_EMAIL_ADDRESS ]; then
208
-        if [ -f $COMPLETION_FILE ]; then
209
-            if grep -q "Admin user:" $COMPLETION_FILE; then
207
+    if [ ! "$MY_EMAIL_ADDRESS" ]; then
208
+        if [ -f "$COMPLETION_FILE" ]; then
209
+            if grep -q "Admin user:" "$COMPLETION_FILE"; then
210 210
                 function_check get_completion_param
211 211
                 ADMIN_USER=$(get_completion_param "Admin user")
212 212
                 if [ ${#ADMIN_USER} -eq 0 ]; then
@@ -232,8 +232,7 @@ function add_cert_letsencrypt {
232 232
     chgrp -R root /etc/letsencrypt
233 233
     chmod -R 777 /etc/letsencrypt
234 234
 
235
-    certbot certonly -n --server $LETSENCRYPT_SERVER --standalone -d $LETSENCRYPT_HOSTNAME --renew-by-default --agree-tos --email $MY_EMAIL_ADDRESS
236
-    if [ ! "$?" = "0" ]; then
235
+    if ! certbot certonly -n --server "$LETSENCRYPT_SERVER" --standalone -d "$LETSENCRYPT_HOSTNAME" --renew-by-default --agree-tos --email "$MY_EMAIL_ADDRESS"; then
237 236
         echo $"Failed to install letsencrypt for domain $LETSENCRYPT_HOSTNAME"
238 237
         echo $'Also see https://letsencrypt.status.io to check for any service outages'
239 238
         chgrp -R ssl-cert /etc/letsencrypt
@@ -245,42 +244,42 @@ function add_cert_letsencrypt {
245 244
     fi
246 245
 
247 246
     # replace some legacy filenames
248
-    if [ -f /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.bundle.crt ]; then
249
-        mv /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.bundle.crt /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem
247
+    if [ -f "/etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.bundle.crt" ]; then
248
+        mv "/etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.bundle.crt" "/etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem"
250 249
     fi
251
-    if [ -f /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.crt ]; then
252
-        mv /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.crt /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem
250
+    if [ -f "/etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.crt" ]; then
251
+        mv "/etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.crt" "/etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem"
253 252
     fi
254
-    sed -i "s|ssl_certificate /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.bundle.crt|ssl_certificate /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem|g" /etc/nginx/sites-available/$LETSENCRYPT_HOSTNAME
255
-    sed -i "s|ssl_certificate /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.crt|ssl_certificate /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem|g" /etc/nginx/sites-available/$LETSENCRYPT_HOSTNAME
253
+    sed -i "s|ssl_certificate /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.bundle.crt|ssl_certificate /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem|g" "/etc/nginx/sites-available/$LETSENCRYPT_HOSTNAME"
254
+    sed -i "s|ssl_certificate /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.crt|ssl_certificate /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem|g" "/etc/nginx/sites-available/$LETSENCRYPT_HOSTNAME"
256 255
 
257 256
     # link the private key
258
-    if [ -f /etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key ]; then
259
-        if [ ! -f /etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key.old ]; then
260
-            mv /etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key /etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key.old
257
+    if [ -f "/etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key" ]; then
258
+        if [ ! -f "/etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key.old" ]; then
259
+            mv "/etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key" "/etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key.old"
261 260
         else
262
-            rm -f /etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key
261
+            rm -f "/etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key"
263 262
         fi
264 263
     fi
265
-    if [ -L /etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key ]; then
266
-        rm /etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key
264
+    if [ -L "/etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key" ]; then
265
+        rm "/etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key"
267 266
     fi
268
-    ln -s /etc/letsencrypt/live/${LETSENCRYPT_HOSTNAME}/privkey.pem /etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key
267
+    ln -s "/etc/letsencrypt/live/${LETSENCRYPT_HOSTNAME}/privkey.pem" "/etc/ssl/private/${LETSENCRYPT_HOSTNAME}.key"
269 268
 
270 269
     # link the public key
271
-    if [ -f /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem ]; then
272
-        if [ ! -f /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem.old ]; then
273
-            mv /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem.old
270
+    if [ -f "/etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem" ]; then
271
+        if [ ! -f "/etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem.old" ]; then
272
+            mv "/etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem" "/etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem.old"
274 273
         else
275
-            rm -f /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem
274
+            rm -f "/etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem"
276 275
         fi
277 276
     fi
278
-    if [ -L /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem ]; then
279
-        rm /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem
277
+    if [ -L "/etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem" ]; then
278
+        rm "/etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem"
280 279
     fi
281
-    ln -s /etc/letsencrypt/live/${LETSENCRYPT_HOSTNAME}/fullchain.pem /etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem
280
+    ln -s "/etc/letsencrypt/live/${LETSENCRYPT_HOSTNAME}/fullchain.pem" "/etc/ssl/certs/${LETSENCRYPT_HOSTNAME}.pem"
282 281
 
283
-    cp /etc/letsencrypt/live/${LETSENCRYPT_HOSTNAME}/fullchain.pem /etc/ssl/mycerts/${LETSENCRYPT_HOSTNAME}.pem
282
+    cp "/etc/letsencrypt/live/${LETSENCRYPT_HOSTNAME}/fullchain.pem" "/etc/ssl/mycerts/${LETSENCRYPT_HOSTNAME}.pem"
284 283
 
285 284
     update_default_domain
286 285
 
@@ -291,12 +290,11 @@ function add_cert_letsencrypt {
291 290
     chmod -R g=rX /etc/letsencrypt
292 291
     chown -R root:ssl-cert /etc/letsencrypt
293 292
 
294
-    nginx_ensite ${LETSENCRYPT_HOSTNAME}
293
+    nginx_ensite "${LETSENCRYPT_HOSTNAME}"
295 294
     systemctl start nginx
296 295
 
297
-    if [ $PIN_CERTS ]; then
298
-        ${PROJECT_NAME}-pin-cert $LETSENCRYPT_HOSTNAME
299
-        if [ ! "$?" = "0" ]; then
296
+    if [ "$PIN_CERTS" ]; then
297
+        if ! "${PROJECT_NAME}-pin-cert" "$LETSENCRYPT_HOSTNAME"; then
300 298
             echo $"Certificate for $LETSENCRYPT_HOSTNAME could not be pinned"
301 299
             exit 62878
302 300
         fi
@@ -304,21 +302,20 @@ function add_cert_letsencrypt {
304 302
 }
305 303
 
306 304
 function add_cert_selfsigned {
307
-    if [[ $ORGANISATION == "Freedombone-CA" ]]; then
305
+    if [[ "$ORGANISATION" == "Freedombone-CA" ]]; then
308 306
         CERTFILE="ca-$HOSTNAME"
309 307
     fi
310 308
 
311
-    openssl req -x509 ${EXTENSIONS} -nodes -days 3650 -sha256 \
309
+    openssl req -x509 "${EXTENSIONS}" -nodes -days 3650 -sha256 \
312 310
             -subj "/O=$ORGANISATION/OU=$UNIT/C=$COUNTRY_CODE/ST=$AREA/L=$LOCATION/CN=$HOSTNAME" \
313
-            -newkey rsa:2048 -keyout /etc/ssl/private/${CERTFILE}.key \
314
-            -out /etc/ssl/certs/${CERTFILE}.crt
315
-    chmod 400 /etc/ssl/private/${CERTFILE}.key
316
-    chmod 640 /etc/ssl/certs/${CERTFILE}.crt
317
-    cp /etc/ssl/certs/${CERTFILE}.crt /etc/ssl/mycerts
318
-
319
-    if [ $PIN_CERTS ]; then
320
-        ${PROJECT_NAME}-pin-cert $CERTFILE
321
-        if [ ! "$?" = "0" ]; then
311
+            -newkey rsa:2048 -keyout "/etc/ssl/private/${CERTFILE}.key" \
312
+            -out "/etc/ssl/certs/${CERTFILE}.crt"
313
+    chmod 400 "/etc/ssl/private/${CERTFILE}.key"
314
+    chmod 640 "/etc/ssl/certs/${CERTFILE}.crt"
315
+    cp "/etc/ssl/certs/${CERTFILE}.crt" "/etc/ssl/mycerts"
316
+
317
+    if [ "$PIN_CERTS" ]; then
318
+        if ! "${PROJECT_NAME}-pin-cert" "$CERTFILE"; then
322 319
             echo $"Certificate for $CERTFILE could not be pinned"
323 320
             exit 62879
324 321
         fi
@@ -326,9 +323,9 @@ function add_cert_selfsigned {
326 323
 }
327 324
 
328 325
 function generate_dh_params {
329
-    if [ ! $NODH ]; then
330
-        if [ ! -f /etc/ssl/certs/${CERTFILE}.dhparam ]; then
331
-            ${PROJECT_NAME}-dhparam -h ${CERTFILE} --fast yes
326
+    if [ ! "$NODH" ]; then
327
+        if [ ! -f "/etc/ssl/certs/${CERTFILE}.dhparam" ]; then
328
+            "${PROJECT_NAME}-dhparam" -h "${CERTFILE}" --fast yes
332 329
         fi
333 330
     fi
334 331
 }
@@ -346,12 +343,12 @@ function make_cert_bundle {
346 343
 }
347 344
 
348 345
 function create_cert {
349
-    if [ $remove_cert ]; then
346
+    if [ "$remove_cert" ]; then
350 347
         remove_cert_letsencrypt
351 348
         return
352 349
     fi
353 350
 
354
-    if [ $LETSENCRYPT_HOSTNAME ]; then
351
+    if [ "$LETSENCRYPT_HOSTNAME" ]; then
355 352
         add_cert_letsencrypt
356 353
     else
357 354
         add_cert_selfsigned

+ 67
- 68
src/freedombone-addemail Zobrazit soubor

@@ -52,49 +52,49 @@ do
52 52
     key="$1"
53 53
 
54 54
     case $key in
55
-    -h|--help)
56
-        show_help
57
-        ;;
58
-    -u|--user)
59
-        shift
60
-        MYUSERNAME="$1"
61
-        ;;
62
-    -e|--email)
63
-        shift
64
-        EMAILADDRESS="$1"
65
-        ;;
66
-    -s|--subject)
67
-        shift
68
-        SUBJECT_TEXT="$1"
69
-        ;;
70
-    -g|--group)
71
-        shift
72
-        GROUP_NAME="$1"
73
-        ;;
74
-    -p|--public)
75
-        shift
76
-        PUBLIC="$1"
77
-        ;;
78
-    *)
79
-        # unknown option
80
-        ;;
55
+        -h|--help)
56
+            show_help
57
+            ;;
58
+        -u|--user)
59
+            shift
60
+            MYUSERNAME="$1"
61
+            ;;
62
+        -e|--email)
63
+            shift
64
+            EMAILADDRESS="$1"
65
+            ;;
66
+        -s|--subject)
67
+            shift
68
+            SUBJECT_TEXT="$1"
69
+            ;;
70
+        -g|--group)
71
+            shift
72
+            GROUP_NAME="$1"
73
+            ;;
74
+        -p|--public)
75
+            shift
76
+            PUBLIC="$1"
77
+            ;;
78
+        *)
79
+            # unknown option
80
+            ;;
81 81
     esac
82 82
     shift
83 83
 done
84 84
 
85
-if ! [[ $MYUSERNAME && $GROUP_NAME ]]; then
85
+if ! [[ "$MYUSERNAME" && "$GROUP_NAME" ]]; then
86 86
     show_help
87 87
 fi
88 88
 
89
-if [ ${#EMAILADDRESS} -lt 2 ]; then
89
+if [ "${#EMAILADDRESS}" -lt 2 ]; then
90 90
     if [ ${#SUBJECT_TEXT} -lt 2 ]; then
91
-    show_help
91
+        show_help
92 92
     fi
93 93
 fi
94 94
 
95
-MUTTRC=/home/$MYUSERNAME/.muttrc
96
-PM=/home/$MYUSERNAME/.procmailrc
97
-LISTDIR=/home/$MYUSERNAME/Maildir/$GROUP_NAME
95
+MUTTRC="/home/$MYUSERNAME/.muttrc"
96
+PM="/home/$MYUSERNAME/.procmailrc"
97
+LISTDIR="/home/$MYUSERNAME/Maildir/$GROUP_NAME"
98 98
 
99 99
 proc_rule="  * ^From:.*$EMAILADDRESS"
100 100
 proc_comment="# Email rule for $EMAILADDRESS -> $GROUP_NAME"
@@ -104,54 +104,53 @@ if [ ${#SUBJECT_TEXT} -gt 0 ]; then
104 104
 fi
105 105
 
106 106
 if [ ! -d "$LISTDIR" ]; then
107
-    mkdir -m 700 $LISTDIR
108
-    mkdir -m 700 $LISTDIR/tmp
109
-    mkdir -m 700 $LISTDIR/new
110
-    mkdir -m 700 $LISTDIR/cur
107
+    mkdir -m 700 "$LISTDIR"
108
+    mkdir -m 700 "$LISTDIR/tmp"
109
+    mkdir -m 700 "$LISTDIR/new"
110
+    mkdir -m 700 "$LISTDIR/cur"
111 111
 fi
112
-chown -R $MYUSERNAME:$MYUSERNAME $LISTDIR
113
-if ! grep -q "$proc_comment" $PM; then
112
+chown -R "$MYUSERNAME":"$MYUSERNAME" "$LISTDIR"
113
+if ! grep -q "$proc_comment" "$PM"; then
114 114
     if [[ $PUBLIC != "yes" ]]; then
115
-    # private emails go after the encryption stage
116
-    echo '' >> $PM
117
-    echo "$proc_comment" >> $PM
118
-    echo ":0" >> $PM
119
-    echo "$proc_rule" >> $PM
120
-    echo "$LISTDIR/new" >> $PM
121
-    echo "# End of rule" >> $PM
115
+        # private emails go after the encryption stage
116
+        { echo '';
117
+          echo "$proc_comment";
118
+          echo ":0";
119
+          echo "$proc_rule";
120
+          echo "$LISTDIR/new";
121
+          echo "# End of rule"; } >> "$PM"
122 122
     else
123
-    # public emails are copied before the encryption stage
124
-    if ! grep -q '# encrypt' $PM; then
125
-        echo '' >> $PM
126
-        echo "$proc_comment" >> $PM
127
-        echo ":0" >> $PM
128
-        echo "$proc_rule" >> $PM
129
-        echo "$LISTDIR/new" >> $PM
130
-        echo "# End of rule" >> $PM
131
-    else
132
-        filter=$(echo "$proc_comment\n:0\n${proc_rule}\n$LISTDIR/new\n# End of rule\n")
133
-        sed -i "/# encrypt/i ${filter}" $PM
134
-    fi
123
+        # public emails are copied before the encryption stage
124
+        if ! grep -q '# encrypt' "$PM"; then
125
+            { echo '';
126
+              echo "$proc_comment";
127
+              echo ":0";
128
+              echo "$proc_rule";
129
+              echo "$LISTDIR/new";
130
+              echo "# End of rule"; } >> "$PM"
131
+        else
132
+            sed -i "/# encrypt/i $proc_comment\\n:0\\n${proc_rule}\\n$LISTDIR/new\\n# End of rule\\n" "$PM"
133
+        fi
135 134
     fi
136
-    chown $MYUSERNAME:$MYUSERNAME $PM
135
+    chown "$MYUSERNAME":"$MYUSERNAME" "$PM"
137 136
 fi
138 137
 
139 138
 if [ ! -f "$MUTTRC" ]; then
140
-    cp /etc/Muttrc $MUTTRC
141
-    chown $MYUSERNAME:$MYUSERNAME $MUTTRC
139
+    cp /etc/Muttrc "$MUTTRC"
140
+    chown "$MYUSERNAME":"$MYUSERNAME" "$MUTTRC"
142 141
 fi
143 142
 
144 143
 PROCMAILLOG=/home/$MYUSERNAME/log
145
-if [ ! -d $PROCMAILLOG ]; then
146
-    mkdir $PROCMAILLOG
147
-    chown -R $MYUSERNAME:$MYUSERNAME $PROCMAILLOG
144
+if [ ! -d "$PROCMAILLOG" ]; then
145
+    mkdir "$PROCMAILLOG"
146
+    chown -R "$MYUSERNAME":"$MYUSERNAME" "$PROCMAILLOG"
148 147
 fi
149 148
 
150
-MUTT_MAILBOXES=$(grep "mailboxes =" $MUTTRC)
151
-if [[ $MUTT_MAILBOXES != *$GROUP_NAME* ]]; then
152
-    if ! grep -q "=$GROUP_NAME" $MUTTRC; then
153
-    sed -i "s|$MUTT_MAILBOXES|$MUTT_MAILBOXES =$GROUP_NAME|g" $MUTTRC
154
-    chown $MYUSERNAME:$MYUSERNAME $MUTTRC
149
+MUTT_MAILBOXES=$(grep "mailboxes =" "$MUTTRC")
150
+if [[ "$MUTT_MAILBOXES" != *$GROUP_NAME* ]]; then
151
+    if ! grep -q "=$GROUP_NAME" "$MUTTRC"; then
152
+        sed -i "s|$MUTT_MAILBOXES|$MUTT_MAILBOXES =$GROUP_NAME|g" "$MUTTRC"
153
+        chown "$MYUSERNAME":"$MYUSERNAME" "$MUTTRC"
155 154
     fi
156 155
 fi
157 156
 

+ 74
- 79
src/freedombone-addlist Zobrazit soubor

@@ -52,119 +52,114 @@ do
52 52
     key="$1"
53 53
 
54 54
     case $key in
55
-    -h|--help)
56
-        show_help
57
-        ;;
58
-    -u|--user)
59
-        shift
60
-        MYUSERNAME="$1"
61
-        ;;
62
-    -l|--list)
63
-        shift
64
-        MAILINGLIST="$1"
65
-        ;;
66
-    -s|--subject)
67
-        shift
68
-        SUBJECTTAG="$1"
69
-        ;;
70
-    -e|--email)
71
-        shift
72
-        LIST_ADDRESS="$1"
73
-        ;;
74
-    -p|--public)
75
-        shift
76
-        PUBLIC="$1"
77
-        ;;
78
-    *)
79
-        # unknown option
80
-        ;;
55
+        -h|--help)
56
+            show_help
57
+            ;;
58
+        -u|--user)
59
+            shift
60
+            MYUSERNAME="$1"
61
+            ;;
62
+        -l|--list)
63
+            shift
64
+            MAILINGLIST="$1"
65
+            ;;
66
+        -s|--subject)
67
+            shift
68
+            SUBJECTTAG="$1"
69
+            ;;
70
+        -e|--email)
71
+            shift
72
+            LIST_ADDRESS="$1"
73
+            ;;
74
+        -p|--public)
75
+            shift
76
+            PUBLIC="$1"
77
+            ;;
78
+        *)
79
+            # unknown option
80
+            ;;
81 81
     esac
82 82
     shift
83 83
 done
84 84
 
85
-if [ ! $MYUSERNAME ]; then
85
+if [ ! "$MYUSERNAME" ]; then
86 86
     show_help
87 87
 fi
88 88
 
89
-if [[ ! $MAILINGLIST && ! $SUBJECTTAG ]]; then
89
+if [[ ! "$MAILINGLIST" && ! "$SUBJECTTAG" ]]; then
90 90
     show_help
91 91
 fi
92 92
 
93
-MUTTRC=/home/$MYUSERNAME/.muttrc
94
-PM=/home/$MYUSERNAME/.procmailrc
95
-LISTDIR=/home/$MYUSERNAME/Maildir/$MAILINGLIST
93
+MUTTRC="/home/$MYUSERNAME/.muttrc"
94
+PM="/home/$MYUSERNAME/.procmailrc"
95
+LISTDIR="/home/$MYUSERNAME/Maildir/$MAILINGLIST"
96 96
 
97
-if grep -q "=$MAILINGLIST" $MUTTRC; then
97
+if grep -q "=$MAILINGLIST" "$MUTTRC"; then
98 98
     echo $"Mailing list $MAILINGLIST was already added"
99 99
 fi
100 100
 
101 101
 if [ ! -d "$LISTDIR" ]; then
102
-    mkdir -m 700 $LISTDIR
103
-    mkdir -m 700 $LISTDIR/tmp
104
-    mkdir -m 700 $LISTDIR/new
105
-    mkdir -m 700 $LISTDIR/cur
102
+    mkdir -m 700 "$LISTDIR"
103
+    mkdir -m 700 "$LISTDIR/tmp"
104
+    mkdir -m 700 "$LISTDIR/new"
105
+    mkdir -m 700 "$LISTDIR/cur"
106 106
 fi
107 107
 
108
-chown -R $MYUSERNAME:$MYUSERNAME $LISTDIR
108
+chown -R "$MYUSERNAME":"$MYUSERNAME" "$LISTDIR"
109 109
 
110 110
 if [ ${#SUBJECTTAG} -gt 0 ]; then
111 111
     # use the subject tag
112
-    if ! grep -q "Subject:.*()\[$SUBJECTTAG\]" $PM; then
113
-    if [[ $PUBLIC != "yes" ]]; then
114
-        # private emails go after the encryption stage
115
-        filter="
116
-# Email rule for $MAILINGLIST subject [$SUBJECTTAG]
117
-:0
118
-  * ^Subject:.*()\[$SUBJECTTAG\]
119
-$LISTDIR/new
120
-# End of rule
121
-"
122
-        echo "$filter" >> $PM
123
-    else
124
-        # public emails are copied before hte encryption stage
125
-        if ! grep -q '# encrypt' $PM; then
126
-        filter="
127
-# Email rule for $MAILINGLIST subject [$SUBJECTTAG]
128
-:0
129
-  * ^Subject:.*()\[$SUBJECTTAG\]
130
-$LISTDIR/new
131
-# End of rule
132
-"
133
-        echo "$filter" >> $PM
112
+    if ! grep -q "Subject:.*()\\[$SUBJECTTAG\\]" "$PM"; then
113
+        if [[ $PUBLIC != "yes" ]]; then
114
+            # private emails go after the encryption stage
115
+            { echo "# Email rule for $MAILINGLIST subject [$SUBJECTTAG]";
116
+              echo ":0";
117
+              echo "  * ^Subject:.*()\\[$SUBJECTTAG\\]";
118
+              echo "$LISTDIR/new";
119
+              echo "# End of rule";
120
+              echo ""; } >> "$PM"
134 121
         else
135
-        filter=$(echo "# Email rule for $MAILINGLIST subject [$SUBJECTTAG]\n:0\n  * ^Subject:.*()\\\[$SUBJECTTAG\\\]\n$LISTDIR/new\n# End of rule\n")
136
-        sed -i "/# encrypt/i ${filter}" $PM
122
+            # public emails are copied before hte encryption stage
123
+            if ! grep -q '# encrypt' "$PM"; then
124
+                { echo "# Email rule for $MAILINGLIST subject [$SUBJECTTAG]";
125
+                  echo ":0";
126
+                  echo "  * ^Subject:.*()\\[$SUBJECTTAG\\]";
127
+                  echo "$LISTDIR/new";
128
+                  echo "# End of rule";
129
+                  echo ""; } >> "$PM"
130
+            else
131
+                sed -i "/# encrypt/i # Email rule for $MAILINGLIST subject [$SUBJECTTAG]\\n:0\\n  * ^Subject:.*()\\\\[$SUBJECTTAG\\\\]\\n$LISTDIR/new\\n# End of rule\\n" "$PM"
132
+            fi
137 133
         fi
138
-    fi
139
-    chown $MYUSERNAME:$MYUSERNAME $PM
134
+        chown "$MYUSERNAME":"$MYUSERNAME" "$PM"
140 135
     fi
141 136
 else
142
-    exit $(${PROJECT_NAME}-addemail -u $MYUSERNAME -e $LIST_ADDRESS -g $MAILINGLIST --public $PUBLIC)
137
+    exit "$("${PROJECT_NAME}-addemail" -u "$MYUSERNAME" -e "$LIST_ADDRESS" -g "$MAILINGLIST" --public "$PUBLIC")"
143 138
 fi
144 139
 
145 140
 if [ ! -f "$MUTTRC" ]; then
146
-    cp /etc/Muttrc $MUTTRC
147
-    chown $MYUSERNAME:$MYUSERNAME $MUTTRC
141
+    cp /etc/Muttrc "$MUTTRC"
142
+    chown "$MYUSERNAME":"$MYUSERNAME" "$MUTTRC"
148 143
 fi
149 144
 
150
-PROCMAILLOG=/home/$MYUSERNAME/log
151
-if [ ! -d $PROCMAILLOG ]; then
152
-    mkdir $PROCMAILLOG
153
-    chown -R $MYUSERNAME:$MYUSERNAME $PROCMAILLOG
145
+PROCMAILLOG="/home/$MYUSERNAME/log"
146
+if [ ! -d "$PROCMAILLOG" ]; then
147
+    mkdir "$PROCMAILLOG"
148
+    chown -R "$MYUSERNAME":"$MYUSERNAME" "$PROCMAILLOG"
154 149
 fi
155 150
 
156
-MUTT_MAILBOXES=$(grep "mailboxes =" $MUTTRC)
157
-if [[ $MUTT_MAILBOXES != *$MAILINGLIST* ]]; then
158
-    if ! grep -q "=$MAILINGLIST" $MUTTRC; then
159
-    sed -i "s|$MUTT_MAILBOXES|$MUTT_MAILBOXES =$MAILINGLIST|g" $MUTTRC
160
-    chown $MYUSERNAME:$MYUSERNAME $MUTTRC
151
+MUTT_MAILBOXES=$(grep "mailboxes =" "$MUTTRC")
152
+if [[ "$MUTT_MAILBOXES" != *$MAILINGLIST* ]]; then
153
+    if ! grep -q "=$MAILINGLIST" "$MUTTRC"; then
154
+        sed -i "s|$MUTT_MAILBOXES|$MUTT_MAILBOXES =$MAILINGLIST|g" "$MUTTRC"
155
+        chown "$MYUSERNAME":"$MYUSERNAME" "$MUTTRC"
161 156
     fi
162 157
 fi
163 158
 
164
-if [ $LIST_ADDRESS ]; then
165
-    sed -i "s|unsubscribe $LIST_ADDRESS|subscribe $LIST_ADDRESS|g" $MUTTRC
166
-    if ! grep -q "subscribe $LIST_ADDRESS" $MUTTRC; then
167
-    echo "subscribe $LIST_ADDRESS" >> $MUTTRC
159
+if [ "$LIST_ADDRESS" ]; then
160
+    sed -i "s|unsubscribe $LIST_ADDRESS|subscribe $LIST_ADDRESS|g" "$MUTTRC"
161
+    if ! grep -q "subscribe $LIST_ADDRESS" "$MUTTRC"; then
162
+        echo "subscribe $LIST_ADDRESS" >> "$MUTTRC"
168 163
     fi
169 164
 fi
170 165
 

+ 31
- 31
src/freedombone-addremove Zobrazit soubor

@@ -34,27 +34,27 @@ export TEXTDOMAIN=${PROJECT_NAME}-addremove
34 34
 export TEXTDOMAINDIR="/usr/share/locale"
35 35
 
36 36
 PROJECT_INSTALL_DIR=/usr/local/bin
37
-if [ -f /usr/bin/${PROJECT_NAME} ]; then
37
+if [ -f "/usr/bin/${PROJECT_NAME}" ]; then
38 38
     PROJECT_INSTALL_DIR=/usr/bin
39 39
 fi
40 40
 
41
-COMPLETION_FILE=$HOME/${PROJECT_NAME}-completed.txt
42
-CONFIGURATION_FILE=$HOME/${PROJECT_NAME}.cfg
41
+COMPLETION_FILE="$HOME/${PROJECT_NAME}-completed.txt"
42
+CONFIGURATION_FILE="$HOME/${PROJECT_NAME}.cfg"
43 43
 
44 44
 # Start including files
45 45
 
46
-source $PROJECT_INSTALL_DIR/${PROJECT_NAME}-vars
46
+source "$PROJECT_INSTALL_DIR/${PROJECT_NAME}-vars"
47 47
 
48
-UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*
48
+UTILS_FILES="/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*"
49 49
 for f in $UTILS_FILES
50 50
 do
51
-  source $f
51
+    source "$f"
52 52
 done
53 53
 
54
-APP_FILES=/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*
54
+APP_FILES="/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*"
55 55
 for f in $APP_FILES
56 56
 do
57
-  source $f
57
+    source "$f"
58 58
 done
59 59
 
60 60
 # End including files
@@ -67,17 +67,17 @@ function mark_unselected_apps_as_removed {
67 67
         return
68 68
     fi
69 69
 
70
-    if [ -f $REMOVED_APPS_FILE ]; then
71
-        rm $REMOVED_APPS_FILE
70
+    if [ -f "$REMOVED_APPS_FILE" ]; then
71
+        rm "$REMOVED_APPS_FILE"
72 72
     fi
73 73
 
74 74
     app_index=0
75 75
     for app_name in "${APPS_AVAILABLE[@]}"
76 76
     do
77 77
         if [[ ${APPS_CHOSEN[$app_index]} == "0" ]]; then
78
-            echo "_${app_name}_" >> $REMOVED_APPS_FILE
78
+            echo "_${app_name}_" >> "$REMOVED_APPS_FILE"
79 79
         fi
80
-        app_index=$[app_index+1]
80
+        app_index=$((app_index+1))
81 81
     done
82 82
 }
83 83
 
@@ -93,7 +93,7 @@ function app_expected_to_be_installed {
93 93
             echo "0"
94 94
             return
95 95
         fi
96
-        if ! grep -q "IN_DEFAULT_INSTALL=1" /usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-${app_name}; then
96
+        if ! grep -q "IN_DEFAULT_INSTALL=1" "/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-${app_name}"; then
97 97
             echo "0"
98 98
             return
99 99
         fi
@@ -102,7 +102,7 @@ function app_expected_to_be_installed {
102 102
 }
103 103
 
104 104
 function show_apps {
105
-    select_all_apps=$1
105
+    select_all_apps="$1"
106 106
     applist=""
107 107
     n=1
108 108
     app_index=0
@@ -117,19 +117,20 @@ function show_apps {
117 117
                 applist="$applist $n $a on"
118 118
             fi
119 119
         fi
120
-        n=$[n+1]
121
-        app_index=$[app_index+1]
120
+        n=$((n+1))
121
+        app_index=$((app_index+1))
122 122
     done
123 123
 
124 124
     choices=$(dialog --stdout --backtitle $"Freedombone" \
125 125
                      --title $"Add/Remove Applications" \
126 126
                      --checklist $'Choose:' \
127
-                     27 40 20 $applist)
127
+                     27 40 20 "$applist")
128 128
 
129
+    # shellcheck disable=SC2181
129 130
     if [ $? -eq 0 ]; then
130 131
         for choice in $choices
131 132
         do
132
-            app_index=$[choice-1]
133
+            app_index=$((choice-1))
133 134
             APPS_CHOSEN[$app_index]="1"
134 135
         done
135 136
     else
@@ -151,10 +152,10 @@ function remove_apps_selected {
151 152
                 else
152 153
                     removals="${APPS_AVAILABLE[$app_index]}"
153 154
                 fi
154
-                n=$[n+1]
155
+                n=$((n+1))
155 156
             fi
156 157
         fi
157
-        app_index=$[app_index+1]
158
+        app_index=$((app_index+1))
158 159
     done
159 160
 
160 161
     # if no apps to be removed then don't do anything
@@ -166,7 +167,7 @@ function remove_apps_selected {
166 167
     dialog --title $"Remove applications" \
167 168
            --backtitle $"Freedombone" \
168 169
            --defaultno \
169
-           --yesno $"\nYou have chosen to remove $n apps.\n\n    $removals\n\nIf you choose 'yes' then this will remove both the applications and their data/messages. If you don't have a backup then you will not be able to recover the data for these applications.\n\nAre you sure that you wish to continue?" 15 60
170
+           --yesno $"\\nYou have chosen to remove $n apps.\\n\\n    $removals\\n\\nIf you choose 'yes' then this will remove both the applications and their data/messages. If you don't have a backup then you will not be able to recover the data for these applications.\\n\\nAre you sure that you wish to continue?" 15 60
170 171
     sel=$?
171 172
     case $sel in
172 173
         1) return;;
@@ -195,10 +196,10 @@ function install_apps_selected {
195 196
                 else
196 197
                     installs="${APPS_AVAILABLE[$app_index]}"
197 198
                 fi
198
-                n=$[n+1]
199
+                n=$((n+1))
199 200
             fi
200 201
         fi
201
-        app_index=$[app_index+1]
202
+        app_index=$((app_index+1))
202 203
     done
203 204
 
204 205
     # if no apps to be installed then don't do anything
@@ -212,13 +213,13 @@ function install_apps_selected {
212 213
             dialog --title $"$installs" \
213 214
                    --backtitle $"Freedombone" \
214 215
                    --defaultno \
215
-                   --yesno $"\nThis will install the $installs app\n\nProceed?" 9 40
216
+                   --yesno $"\\nThis will install the $installs app\\n\\nProceed?" 9 40
216 217
         else
217
-            dialog_height=$((15 + $n))
218
+            dialog_height=$((15 + "$n"))
218 219
             dialog --title $"Add applications" \
219 220
                    --backtitle $"Freedombone" \
220 221
                    --defaultno \
221
-                   --yesno $"\nYou have chosen to install $n apps\n\n    $installs\n\nProceed?" $dialog_height 60
222
+                   --yesno $"\\nYou have chosen to install $n apps\\n\\n    $installs\\n\\nProceed?" $dialog_height 60
222 223
         fi
223 224
         sel=$?
224 225
         case $sel in
@@ -232,14 +233,13 @@ function install_apps_selected {
232 233
     # install the apps
233 234
     read_configuration
234 235
     install_apps interactive
235
-    if [ ! $APP_INSTALLED_SUCCESS ]; then
236
+    if [ ! "$APP_INSTALLED_SUCCESS" ]; then
236 237
         echo $'One or more apps failed to install'
237 238
     fi
238 239
 }
239 240
 
240 241
 if [[ $1 == "test"* ]]; then
241
-    ${PROJECT_NAME}-tests
242
-    if [ ! "$?" = "0" ]; then
242
+    if ! ${PROJECT_NAME}-tests; then
243 243
         exit 2
244 244
     fi
245 245
 fi
@@ -251,8 +251,8 @@ if [[ ${#APPS_AVAILABLE[@]} == 0 ]]; then
251 251
     exit 1
252 252
 fi
253 253
 
254
-show_apps $1
255
-mark_unselected_apps_as_removed $1
254
+show_apps "$1"
255
+mark_unselected_apps_as_removed "$1"
256 256
 
257 257
 clear
258 258
 

+ 93
- 94
src/freedombone-adduser Zobrazit soubor

@@ -34,18 +34,18 @@ PROJECT_NAME='freedombone'
34 34
 export TEXTDOMAIN=${PROJECT_NAME}-adduser
35 35
 export TEXTDOMAINDIR="/usr/share/locale"
36 36
 
37
-CONFIGURATION_FILE=$HOME/${PROJECT_NAME}.cfg
37
+CONFIGURATION_FILE="$HOME/${PROJECT_NAME}.cfg"
38 38
 
39
-UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*
39
+UTILS_FILES="/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*"
40 40
 for f in $UTILS_FILES
41 41
 do
42
-    source $f
42
+    source "$f"
43 43
 done
44 44
 
45
-APP_FILES=/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*
45
+APP_FILES="/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*"
46 46
 for f in $APP_FILES
47 47
 do
48
-    source $f
48
+    source "$f"
49 49
 done
50 50
 
51 51
 ADD_USERNAME=$1
@@ -55,35 +55,35 @@ SSH_PORT=2222
55 55
 COMPLETION_FILE=$HOME/${PROJECT_NAME}-completed.txt
56 56
 DEFAULT_DOMAIN_NAME=
57 57
 
58
-if [ ! $ADD_USERNAME ]; then
58
+if [ ! "$ADD_USERNAME" ]; then
59 59
     echo $'No username was given'
60 60
     exit 1
61 61
 fi
62 62
 
63
-if [ -d /home/$ADD_USERNAME ]; then
63
+if [ -d "/home/$ADD_USERNAME" ]; then
64 64
     echo $"The user $ADD_USERNAME already exists"
65 65
     exit 2
66 66
 fi
67 67
 
68
-if [ ! -f $COMPLETION_FILE ]; then
68
+if [ ! -f "$COMPLETION_FILE" ]; then
69 69
     echo $"$COMPLETION_FILE not found"
70
-    userdel -r $ADD_USERNAME
70
+    userdel -r "$ADD_USERNAME"
71 71
     exit 3
72 72
 fi
73 73
 
74 74
 # Minimum number of characters in a password
75
-MINIMUM_PASSWORD_LENGTH=$(cat /usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-passwords | grep 'MINIMUM_PASSWORD_LENGTH=' | head -n 1 | awk -F '=' '{print $2}')
75
+MINIMUM_PASSWORD_LENGTH=$(grep 'MINIMUM_PASSWORD_LENGTH=' "/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-passwords" | head -n 1 | awk -F '=' '{print $2}')
76 76
 
77
-NEW_USER_PASSWORD="$(openssl rand -base64 30 | cut -c1-${MINIMUM_PASSWORD_LENGTH})"
77
+NEW_USER_PASSWORD="$(create_password "${MINIMUM_PASSWORD_LENGTH}")"
78 78
 chmod 600 /etc/shadow
79 79
 chmod 600 /etc/gshadow
80
-useradd -m -p "$NEW_USER_PASSWORD" -s /bin/bash $ADD_USERNAME
81
-adduser $ADD_USERNAME sasl
82
-groupadd $ADD_USERNAME
80
+useradd -m -p "$NEW_USER_PASSWORD" -s /bin/bash "$ADD_USERNAME"
81
+adduser "$ADD_USERNAME" sasl
82
+groupadd "$ADD_USERNAME"
83 83
 chmod 0000 /etc/shadow
84 84
 chmod 0000 /etc/gshadow
85 85
 
86
-if [ ! -d /home/$ADD_USERNAME ]; then
86
+if [ ! -d "/home/$ADD_USERNAME" ]; then
87 87
     echo $'Home directory was not created'
88 88
     exit 4
89 89
 fi
@@ -91,15 +91,15 @@ fi
91 91
 if [ "$SSH_PUBLIC_KEY" ]; then
92 92
     if [ ${#SSH_PUBLIC_KEY} -gt 5 ]; then
93 93
         if [ -f "$SSH_PUBLIC_KEY" ]; then
94
-            mkdir /home/$ADD_USERNAME/.ssh
95
-            cp $SSH_PUBLIC_KEY /home/$ADD_USERNAME/.ssh/authorized_keys
96
-            chown -R $ADD_USERNAME:$ADD_USERNAME /home/$ADD_USERNAME/.ssh
94
+            mkdir "/home/$ADD_USERNAME/.ssh"
95
+            cp "$SSH_PUBLIC_KEY" "/home/$ADD_USERNAME/.ssh/authorized_keys"
96
+            chown -R "$ADD_USERNAME":"$ADD_USERNAME" "/home/$ADD_USERNAME/.ssh"
97 97
             echo $'ssh public key installed'
98 98
         else
99 99
             if [[ "$SSH_PUBLIC_KEY" == "ssh-"* ]]; then
100
-                mkdir /home/$ADD_USERNAME/.ssh
101
-                echo "$SSH_PUBLIC_KEY" > /home/$ADD_USERNAME/.ssh/authorized_keys
102
-                chown -R $ADD_USERNAME:$ADD_USERNAME /home/$ADD_USERNAME/.ssh
100
+                mkdir "/home/$ADD_USERNAME/.ssh"
101
+                echo "$SSH_PUBLIC_KEY" > "/home/$ADD_USERNAME/.ssh/authorized_keys"
102
+                chown -R "$ADD_USERNAME":"$ADD_USERNAME" "/home/$ADD_USERNAME/.ssh"
103 103
                 echo $'ssh public key installed'
104 104
             else
105 105
                 echo $'The second parameter does not look like an ssh key'
@@ -109,55 +109,54 @@ if [ "$SSH_PUBLIC_KEY" ]; then
109 109
     fi
110 110
 fi
111 111
 
112
-if [ -d /home/$ADD_USERNAME/Maildir ]; then
113
-    if grep -q "set from=" /home/$ADD_USERNAME/.muttrc; then
114
-        sed -i "s|set from=.*|set from='$ADD_USERNAME <$ADD_USERNAME@$HOSTNAME>'|g" /home/$ADD_USERNAME/.muttrc
112
+if [ -d "/home/$ADD_USERNAME/Maildir" ]; then
113
+    if grep -q "set from=" "/home/$ADD_USERNAME/.muttrc"; then
114
+        sed -i "s|set from=.*|set from='$ADD_USERNAME <$ADD_USERNAME@$HOSTNAME>'|g" "/home/$ADD_USERNAME/.muttrc"
115 115
     else
116
-        echo "set from='$ADD_USERNAME <$ADD_USERNAME@$HOSTNAME>'" >> /home/$ADD_USERNAME/.muttrc
116
+        echo "set from='$ADD_USERNAME <$ADD_USERNAME@$HOSTNAME>'" >> "/home/$ADD_USERNAME/.muttrc"
117 117
     fi
118 118
 
119
-    USERN='$USER@'
120
-    sed -i "s|$USERN|$ADD_USERNAME@|g" /home/$ADD_USERNAME/.procmailrc
119
+    sed -i "s|\$USER@|$ADD_USERNAME@|g" "/home/$ADD_USERNAME/.procmailrc"
121 120
 fi
122 121
 
123 122
 # generate a gpg key
124 123
 echo "Making a GPG key for $ADD_USERNAME@$HOSTNAME"
125
-mkdir /home/$ADD_USERNAME/.gnupg
126
-echo "keyserver $GPG_KEYSERVER" >> /home/$ADD_USERNAME/.gnupg/gpg.conf
127
-echo 'keyserver-options auto-key-retrieve' >> /home/$ADD_USERNAME/.gnupg/gpg.conf
128
-echo '' >> /home/$ADD_USERNAME/.gnupg/gpg.conf
129
-echo '# default preferences' >> /home/$ADD_USERNAME/.gnupg/gpg.conf
130
-echo 'personal-digest-preferences SHA256' >> /home/$ADD_USERNAME/.gnupg/gpg.conf
131
-echo 'cert-digest-algo SHA256' >> /home/$ADD_USERNAME/.gnupg/gpg.conf
132
-echo 'default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed' >> /home/$ADD_USERNAME/.gnupg/gpg.conf
133
-
134
-chown -R $ADD_USERNAME:$ADD_USERNAME /home/$ADD_USERNAME/.gnupg
135
-chmod 700 /home/$ADD_USERNAME/.gnupg
136
-chmod 600 /home/$ADD_USERNAME/.gnupg/*
124
+mkdir "/home/$ADD_USERNAME/.gnupg"
125
+{ echo "keyserver $GPG_KEYSERVER";
126
+  echo 'keyserver-options auto-key-retrieve';
127
+  echo '';
128
+  echo '# default preferences';
129
+  echo 'personal-digest-preferences SHA256';
130
+  echo 'cert-digest-algo SHA256';
131
+  echo 'default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed'; } >> "/home/$ADD_USERNAME/.gnupg/gpg.conf"
132
+
133
+chown -R "$ADD_USERNAME":"$ADD_USERNAME" "/home/$ADD_USERNAME/.gnupg"
134
+chmod 700 "/home/$ADD_USERNAME/.gnupg"
135
+chmod 600 "/home/$ADD_USERNAME/.gnupg/*"
137 136
 
138 137
 # Generate a GPG key
139
-echo 'Key-Type: eddsa' > /home/$ADD_USERNAME/gpg-genkey.conf
140
-echo 'Key-Curve: Ed25519' >> /home/$ADD_USERNAME/gpg-genkey.conf
141
-echo 'Subkey-Type: eddsa' >> /home/$ADD_USERNAME/gpg-genkey.conf
142
-echo "Name-Real:  $ADD_USERNAME" >> /home/$ADD_USERNAME/gpg-genkey.conf
143
-echo "Name-Email: $ADD_USERNAME@$HOSTNAME" >> /home/$ADD_USERNAME/gpg-genkey.conf
144
-echo 'Expire-Date: 0' >> /home/$ADD_USERNAME/gpg-genkey.conf
145
-echo "Passphrase: $NEW_USER_PASSWORD" >> /home/$ADD_USERNAME/gpg-genkey.conf
146
-chown $ADD_USERNAME:$ADD_USERNAME /home/$ADD_USERNAME/gpg-genkey.conf
147
-su -m root -c "gpg --homedir /home/$ADD_USERNAME/.gnupg --batch --full-gen-key /home/$ADD_USERNAME/gpg-genkey.conf" - $ADD_USERNAME
148
-chown -R $ADD_USERNAME:$ADD_USERNAME /home/$ADD_USERNAME/.gnupg
149
-shred -zu /home/$ADD_USERNAME/gpg-genkey.conf
138
+{ echo 'Key-Type: eddsa';
139
+  echo 'Key-Curve: Ed25519';
140
+  echo 'Subkey-Type: eddsa';
141
+  echo "Name-Real:  $ADD_USERNAME";
142
+  echo "Name-Email: $ADD_USERNAME@$HOSTNAME";
143
+  echo 'Expire-Date: 0';
144
+  echo "Passphrase: $NEW_USER_PASSWORD"; } > "/home/$ADD_USERNAME/gpg-genkey.conf"
145
+chown "$ADD_USERNAME":"$ADD_USERNAME" "/home/$ADD_USERNAME/gpg-genkey.conf"
146
+su -m root -c "gpg --homedir /home/$ADD_USERNAME/.gnupg --batch --full-gen-key /home/$ADD_USERNAME/gpg-genkey.conf" - "$ADD_USERNAME"
147
+chown -R "$ADD_USERNAME":"$ADD_USERNAME" "/home/$ADD_USERNAME/.gnupg"
148
+shred -zu "/home/$ADD_USERNAME/gpg-genkey.conf"
150 149
 MY_GPG_PUBLIC_KEY_ID=$(gpg_pubkey_from_email "$ADD_USERNAME" "$ADD_USERNAME@$HOSTNAME")
151
-MY_GPG_PUBLIC_KEY=/home/$ADD_USERNAME/public_key.gpg
152
-su -m root -c "gpg --output $MY_GPG_PUBLIC_KEY --armor --export $MY_GPG_PUBLIC_KEY_ID" - $ADD_USERNAME
150
+MY_GPG_PUBLIC_KEY="/home/$ADD_USERNAME/public_key.gpg"
151
+su -m root -c "gpg --output $MY_GPG_PUBLIC_KEY --armor --export $MY_GPG_PUBLIC_KEY_ID" - "$ADD_USERNAME"
153 152
 
154
-if [ ! -f $MY_GPG_PUBLIC_KEY ]; then
153
+if [ ! -f "$MY_GPG_PUBLIC_KEY" ]; then
155 154
     echo "GPG public key was not generated for $ADD_USERNAME@$HOSTNAME $MY_GPG_PUBLIC_KEY_ID"
156
-    userdel -r $ADD_USERNAME
155
+    userdel -r "$ADD_USERNAME"
157 156
     exit 7
158 157
 fi
159 158
 
160
-gpg_agent_setup $ADD_USERNAME
159
+gpg_agent_setup "$ADD_USERNAME"
161 160
 
162 161
 # add a monkeysphere subkey
163 162
 #echo $'Adding monkeysphere subkey'
@@ -173,82 +172,82 @@ gpg_agent_setup $ADD_USERNAME
173 172
 #echo $'Updating monkeysphere users'
174 173
 #monkeysphere-authentication update-users
175 174
 
176
-if [ -f /home/$ADD_USERNAME/.muttrc ]; then
175
+if [ -f "/home/$ADD_USERNAME/.muttrc" ]; then
177 176
     # encrypt outgoing mail to the "sent" folder
178
-    if ! grep -q "pgp_encrypt_only_command" /home/$ADD_USERNAME/.muttrc; then
179
-        echo '' >> /home/$ADD_USERNAME/.muttrc
180
-        echo $'# Encrypt items in the Sent folder' >> /home/$ADD_USERNAME/.muttrc
181
-        echo "set pgp_encrypt_only_command=\"/usr/lib/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to $MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"" >> /home/$ADD_USERNAME/.muttrc
177
+    if ! grep -q "pgp_encrypt_only_command" "/home/$ADD_USERNAME/.muttrc"; then
178
+        { echo '';
179
+          echo $'# Encrypt items in the Sent folder';
180
+          echo "set pgp_encrypt_only_command=\"/usr/lib/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to $MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\""; } >> "/home/$ADD_USERNAME/.muttrc"
182 181
     else
183
-        sed -i "s|set pgp_encrypt_only_command.*|set pgp_encrypt_only_command=\"/usr/lib/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to $MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"|g" /home/$ADD_USERNAME/.muttrc
182
+        sed -i "s|set pgp_encrypt_only_command.*|set pgp_encrypt_only_command=\"/usr/lib/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to $MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"|g" "/home/$ADD_USERNAME/.muttrc"
184 183
     fi
185 184
 
186
-    if ! grep -q "pgp_encrypt_sign_command" /home/$ADD_USERNAME/.muttrc; then
187
-        echo "set pgp_encrypt_sign_command=\"/usr/lib/mutt/pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to $MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"" >> /home/$ADD_USERNAME/.muttrc
185
+    if ! grep -q "pgp_encrypt_sign_command" "/home/$ADD_USERNAME/.muttrc"; then
186
+        echo "set pgp_encrypt_sign_command=\"/usr/lib/mutt/pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to $MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"" >> "/home/$ADD_USERNAME/.muttrc"
188 187
     else
189
-        sed -i "s|set pgp_encrypt_sign_command.*|set pgp_encrypt_sign_command=\"/usr/lib/mutt/pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to $MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"|g" /home/$ADD_USERNAME/.muttrc
188
+        sed -i "s|set pgp_encrypt_sign_command.*|set pgp_encrypt_sign_command=\"/usr/lib/mutt/pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to $MY_GPG_PUBLIC_KEY_ID -- -r %r -- %f\"|g" "/home/$ADD_USERNAME/.muttrc"
190 189
     fi
191 190
 fi
192 191
 
193
-if ! grep -q "Change your GPG password" /home/$ADD_USERNAME/README; then
194
-    echo '' >> /home/$ADD_USERNAME/README
195
-    echo '' >> /home/$ADD_USERNAME/README
196
-    echo $'# Change your GPG password' >> /home/$ADD_USERNAME/README
197
-    echo $"It's very important to add a password to your GPG key so that" >> /home/$ADD_USERNAME/README
198
-    echo $"if anyone does get access to your email they still won't be able" >> /home/$ADD_USERNAME/README
199
-    echo $'to read them without knowning the GPG password.' >> /home/$ADD_USERNAME/README
200
-    echo $'You can change the it with:' >> /home/$ADD_USERNAME/README
201
-    echo '' >> /home/$ADD_USERNAME/README
202
-    echo "  gpg --edit-key $MY_GPG_PUBLIC_KEY_ID" >> /home/$ADD_USERNAME/README
203
-    echo '  passwd' >> /home/$ADD_USERNAME/README
204
-    echo '  save' >> /home/$ADD_USERNAME/README
205
-    echo '  quit' >> /home/$ADD_USERNAME/README
192
+if ! grep -q "Change your GPG password" "/home/$ADD_USERNAME/README"; then
193
+    { echo '';
194
+      echo '';
195
+      echo $'# Change your GPG password';
196
+      echo $"It's very important to add a password to your GPG key so that";
197
+      echo $"if anyone does get access to your email they still won't be able";
198
+      echo $'to read them without knowning the GPG password.';
199
+      echo $'You can change the it with:';
200
+      echo '';
201
+      echo "  gpg --edit-key $MY_GPG_PUBLIC_KEY_ID";
202
+      echo '  passwd';
203
+      echo '  save';
204
+      echo '  quit'; } >> "/home/$ADD_USERNAME/README"
206 205
 fi
207 206
 
208
-chown $ADD_USERNAME:$ADD_USERNAME /home/$ADD_USERNAME/README
209
-chown $ADD_USERNAME:$ADD_USERNAME $MY_GPG_PUBLIC_KEY
210
-chmod 600 /home/$ADD_USERNAME/README
207
+chown "$ADD_USERNAME":"$ADD_USERNAME" "/home/$ADD_USERNAME/README"
208
+chown "$ADD_USERNAME":"$ADD_USERNAME" "$MY_GPG_PUBLIC_KEY"
209
+chmod 600 "/home/$ADD_USERNAME/README"
211 210
 
212 211
 echo $'Detecting installed apps...'
213 212
 detect_apps
214 213
 get_apps_installed_names
215 214
 for app_name in "${APPS_INSTALLED_NAMES[@]}"
216 215
 do
217
-    if [[ $(function_exists add_user_${app_name}) == "1" ]]; then
216
+    if [[ $(function_exists "add_user_${app_name}") == "1" ]]; then
218 217
         echo $"Adding user to ${app_name}"
219
-        app_load_variables ${app_name}
220
-        retval=$(add_user_${app_name} "$ADD_USERNAME" "$NEW_USER_PASSWORD" | tail -n 1)
218
+        app_load_variables "${app_name}"
219
+        retval=$("add_user_${app_name}" "$ADD_USERNAME" "$NEW_USER_PASSWORD" | tail -n 1)
221 220
         if [[ $retval != '0' ]]; then
222 221
             echo $"Failed with error code ${retval}"
223
-            ${PROJECT_NAME}-rmuser $ADD_USERNAME --force
222
+            "${PROJECT_NAME}-rmuser" "$ADD_USERNAME" --force
224 223
             exit 672392
225 224
         fi
226
-        if ! grep -q "${app_name}_${ADD_USERNAME}" $APP_USERS_FILE; then
227
-            echo "${app_name}_${ADD_USERNAME}" >> $APP_USERS_FILE
225
+        if ! grep -q "${app_name}_${ADD_USERNAME}" "$APP_USERS_FILE"; then
226
+            echo "${app_name}_${ADD_USERNAME}" >> "$APP_USERS_FILE"
228 227
         fi
229 228
     fi
230 229
 done
231 230
 
232 231
 if [ -f /etc/nginx/.htpasswd ]; then
233 232
     if ! grep -q "${ADD_USERNAME}:" /etc/nginx/.htpasswd; then
234
-        echo "$NEW_USER_PASSWORD" | htpasswd -i -s /etc/nginx/.htpasswd $ADD_USERNAME
233
+        echo "$NEW_USER_PASSWORD" | htpasswd -i -s /etc/nginx/.htpasswd "$ADD_USERNAME"
235 234
     fi
236 235
 fi
237 236
 
238 237
 # add user menu on ssh login
239
-if ! grep -q 'controluser' /home/$ADD_USERNAME/.bashrc; then
240
-    echo 'controluser' >> /home/$ADD_USERNAME/.bashrc
238
+if ! grep -q 'controluser' "/home/$ADD_USERNAME/.bashrc"; then
239
+    echo 'controluser' >> "/home/$ADD_USERNAME/.bashrc"
241 240
 fi
242 241
 
243 242
 # fix some gpg strangeness when searching for keys
244
-printf '%%Assuan%%\nsocket=/dev/shm/S.dirmngr\n' > /home/$ADD_USERNAME/.gnupg/S.dirmngr
245
-if [ -d /home/$ADD_USERNAME/.gnupg/crls.d ]; then
246
-    chmod +x /home/$ADD_USERNAME/.gnupg/crls.d
243
+printf '%%Assuan%%\nsocket=/dev/shm/S.dirmngr\n' > "/home/$ADD_USERNAME/.gnupg/S.dirmngr"
244
+if [ -d "/home/$ADD_USERNAME/.gnupg/crls.d" ]; then
245
+    chmod +x "/home/$ADD_USERNAME/.gnupg/crls.d"
247 246
 fi
248 247
 
249
-${PROJECT_NAME}-pass -u $ADD_USERNAME -a login -p "$NEW_USER_PASSWORD"
248
+"${PROJECT_NAME}-pass" -u "$ADD_USERNAME" -a login -p "$NEW_USER_PASSWORD"
250 249
 
251
-gpg_agent_enable $ADD_USERNAME
250
+gpg_agent_enable "$ADD_USERNAME"
252 251
 
253 252
 clear
254 253
 

+ 153
- 152
src/freedombone-app-akaunting Zobrazit soubor

@@ -49,12 +49,12 @@ akaunting_variables=(ONION_ONLY
49 49
                      MY_USERNAME)
50 50
 
51 51
 function akaunting_remove_bad_links {
52
-    cd /var/www/$AKAUNTING_DOMAIN_NAME/htdocs
52
+    cd "/var/www/$AKAUNTING_DOMAIN_NAME/htdocs" || exit 365873658
53 53
 
54 54
     # copy jquery locally
55 55
     jquery_version='1.12.4'
56 56
     if [ ! -f jquery-${jquery_version}.js ]; then
57
-        cd /var/www/$GHOST_DOMAIN_NAME/htdocs
57
+        cd "/var/www/$GHOST_DOMAIN_NAME/htdocs" || exit 3276324
58 58
         wget https://code.jquery.com/jquery-${jquery_version}.js
59 59
         jquery_hash=$(sha256sum jquery-${jquery_version}.js | awk -F ' ' '{print $1}')
60 60
         if [[ "$jquery_hash" != '430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575' ]]; then
@@ -74,7 +74,7 @@ function akaunting_remove_bad_links {
74 74
     sed -i '/googleapi/d' vendor/almasaeed2010/adminlte/dist/css/alt/AdminLTE-without-plugins.min.css
75 75
     sed -i "s|ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js|$AKAUNTING_DOMAIN_NAME/jquery-${jquery_version}.js|g" vendor/almasaeed2010/adminlte/plugins/ckeditor/samples/old/jquery.html
76 76
 
77
-    chown -R www-data:www-data /var/www/$AKAUNTING_DOMAIN_NAME/htdocs
77
+    chown -R www-data:www-data "/var/www/$AKAUNTING_DOMAIN_NAME/htdocs"
78 78
 }
79 79
 
80 80
 function logging_on_akaunting {
@@ -88,65 +88,66 @@ function logging_off_akaunting {
88 88
 function remove_user_akaunting {
89 89
     remove_username="$1"
90 90
 
91
-    ${PROJECT_NAME}-pass -u $remove_username --rmapp akaunting
91
+    "${PROJECT_NAME}-pass" -u "$remove_username" --rmapp akaunting
92 92
 }
93 93
 
94 94
 function add_user_akaunting {
95 95
     new_username="$1"
96 96
     new_user_password="$2"
97 97
 
98
-    ${PROJECT_NAME}-pass -u $new_username -a akaunting -p "$new_user_password"
98
+    "${PROJECT_NAME}-pass" -u "$new_username" -a akaunting -p "$new_user_password"
99 99
 
100 100
     echo '0'
101 101
 }
102 102
 
103 103
 function install_interactive_akaunting {
104
-    if [ ! $ONION_ONLY ]; then
104
+    if [ ! "$ONION_ONLY" ]; then
105 105
         ONION_ONLY='no'
106 106
     fi
107 107
 
108
-    if [[ $ONION_ONLY != "no" ]]; then
108
+    if [[ "$ONION_ONLY" != "no" ]]; then
109 109
         AKAUNTING_DOMAIN_NAME='akaunting.local'
110 110
     else
111 111
         AKAUNTING_DETAILS_COMPLETE=
112 112
         while [ ! $AKAUNTING_DETAILS_COMPLETE ]
113 113
         do
114
-            data=$(tempfile 2>/dev/null)
115
-            trap "rm -f $data" 0 1 2 5 15
114
+            data=$(mktemp 2>/dev/null)
116 115
             if [[ $DDNS_PROVIDER == "default@freedns.afraid.org" ]]; then
117 116
                 dialog --backtitle $"Freedombone Configuration" \
118 117
                        --title $"Akaunting Configuration" \
119
-                       --form $"\nPlease enter your Akaunting details.\n\nIMPORTANT: This should be a domain name which is supported by Let's Encrypt:" 14 65 2 \
118
+                       --form $"\\nPlease enter your Akaunting details.\\n\\nIMPORTANT: This should be a domain name which is supported by Let's Encrypt:" 14 65 2 \
120 119
                        $"Domain:" 1 1 "$(grep 'AKAUNTING_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 1 25 33 40 \
121 120
                        $"Code:" 2 1 "$(grep 'AKAUNTING_CODE' temp.cfg | awk -F '=' '{print $2}')" 2 25 33 255 \
122
-                       2> $data
121
+                       2> "$data"
123 122
             else
124 123
                 dialog --backtitle $"Freedombone Configuration" \
125 124
                        --title $"Akaunting Configuration" \
126
-                       --form $"\nPlease enter your Akaunting details.\n\nIMPORTANT: This should be a domain name which is supported by Let's Encrypt:" 14 65 2 \
125
+                       --form $"\\nPlease enter your Akaunting details.\\n\\nIMPORTANT: This should be a domain name which is supported by Let's Encrypt:" 14 65 2 \
127 126
                        $"Domain:" 1 1 "$(grep 'AKAUNTING_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 1 25 33 40 \
128
-                       2> $data
127
+                       2> "$data"
129 128
             fi
130 129
             sel=$?
131 130
             case $sel in
132
-                1) exit 1;;
133
-                255) exit 1;;
131
+                1) rm -f "$data"
132
+                   exit 1;;
133
+                255) rm -f "$data"
134
+                     exit 1;;
134 135
             esac
135
-            AKAUNTING_DOMAIN_NAME=$(cat $data | sed -n 1p)
136
-            if [ $AKAUNTING_DOMAIN_NAME ]; then
136
+            AKAUNTING_DOMAIN_NAME=$(sed -n 1p < "$data")
137
+            if [ "$AKAUNTING_DOMAIN_NAME" ]; then
137 138
                 if [[ $AKAUNTING_DOMAIN_NAME == "$HUBZILLA_DOMAIN_NAME" ]]; then
138 139
                     AKAUNTING_DOMAIN_NAME=""
139 140
                 fi
140 141
                 TEST_DOMAIN_NAME=$AKAUNTING_DOMAIN_NAME
141 142
                 validate_domain_name
142
-                if [[ $TEST_DOMAIN_NAME != $AKAUNTING_DOMAIN_NAME ]]; then
143
+                if [[ "$TEST_DOMAIN_NAME" != "$AKAUNTING_DOMAIN_NAME" ]]; then
143 144
                     AKAUNTING_DOMAIN_NAME=
144 145
                     dialog --title $"Domain name validation" --msgbox "$TEST_DOMAIN_NAME" 15 50
145 146
                 else
146 147
                     if [[ $DDNS_PROVIDER == "default@freedns.afraid.org" ]]; then
147
-                        AKAUNTING_CODE=$(cat $data | sed -n 2p)
148
+                        AKAUNTING_CODE=$(sed -n 2p < "$data")
148 149
                         validate_freedns_code "$AKAUNTING_CODE"
149
-                        if [ ! $VALID_CODE ]; then
150
+                        if [ ! "$VALID_CODE" ]; then
150 151
                             AKAUNTING_DOMAIN_NAME=
151 152
                         fi
152 153
                     fi
@@ -155,6 +156,7 @@ function install_interactive_akaunting {
155 156
             if [ $AKAUNTING_DOMAIN_NAME ]; then
156 157
                 AKAUNTING_DETAILS_COMPLETE="yes"
157 158
             fi
159
+            rm -f "$data"
158 160
         done
159 161
 
160 162
         write_config_param "AKAUNTING_CODE" "$AKAUNTING_CODE"
@@ -169,23 +171,23 @@ function change_password_akaunting {
169 171
 
170 172
     read_config_param 'AKAUNTING_DOMAIN_NAME'
171 173
 
172
-    ${PROJECT_NAME}-pass -u "$curr_username" -a akaunting -p "$new_user_password"
174
+    "${PROJECT_NAME}-pass" -u "$curr_username" -a akaunting -p "$new_user_password"
173 175
 }
174 176
 
175 177
 function akaunting_create_database {
176
-    if [ -f $IMAGE_PASSWORD_FILE ]; then
177
-        AKAUNTING_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
178
+    if [ -f "$IMAGE_PASSWORD_FILE" ]; then
179
+        AKAUNTING_ADMIN_PASSWORD="$(printf "%s" "$(cat "$IMAGE_PASSWORD_FILE")")"
178 180
     else
179
-        if [ ! $AKAUNTING_ADMIN_PASSWORD ]; then
180
-            AKAUNTING_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
181
+        if [ ! "$AKAUNTING_ADMIN_PASSWORD" ]; then
182
+            AKAUNTING_ADMIN_PASSWORD="$(create_password "${MINIMUM_PASSWORD_LENGTH}")"
181 183
         fi
182 184
     fi
183
-    if [ ! $AKAUNTING_ADMIN_PASSWORD ]; then
185
+    if [ ! "$AKAUNTING_ADMIN_PASSWORD" ]; then
184 186
         return
185 187
     fi
186 188
 
187 189
     function_check create_database
188
-    create_database akaunting "$AKAUNTING_ADMIN_PASSWORD" $MY_USERNAME
190
+    create_database akaunting "$AKAUNTING_ADMIN_PASSWORD" "$MY_USERNAME"
189 191
 }
190 192
 
191 193
 function reconfigure_akaunting {
@@ -198,70 +200,69 @@ function upgrade_akaunting {
198 200
         return
199 201
     fi
200 202
 
201
-    if grep -q "akaunting domain" $COMPLETION_FILE; then
203
+    if grep -q "akaunting domain" "$COMPLETION_FILE"; then
202 204
         AKAUNTING_DOMAIN_NAME=$(get_completion_param "akaunting domain")
203 205
     fi
204 206
 
205 207
     # update to the next commit
206 208
     function_check set_repo_commit
207
-    set_repo_commit /var/www/$AKAUNTING_DOMAIN_NAME/htdocs "akaunting commit" "$AKAUNTING_COMMIT" $AKAUNTING_REPO
209
+    set_repo_commit "/var/www/$AKAUNTING_DOMAIN_NAME/htdocs" "akaunting commit" "$AKAUNTING_COMMIT" "$AKAUNTING_REPO"
208 210
 
209
-    cd /var/www/$AKAUNTING_DOMAIN_NAME/htdocs
211
+    cd "/var/www/$AKAUNTING_DOMAIN_NAME/htdocs" || exit 367835
210 212
     install_composer
211 213
     akaunting_remove_bad_links
212 214
 
213
-    chown -R www-data:www-data /var/www/${AKAUNTING_DOMAIN_NAME}/htdocs
215
+    chown -R www-data:www-data "/var/www/${AKAUNTING_DOMAIN_NAME}/htdocs"
214 216
 }
215 217
 
216 218
 
217 219
 function backup_local_akaunting {
218
-    akaunting_path=/var/www/${AKAUNTING_DOMAIN_NAME}/htdocs
219
-    if [ -d $akaunting_path ]; then
220
-        suspend_site ${AKAUNTING_DOMAIN_NAME}
220
+    akaunting_path="/var/www/${AKAUNTING_DOMAIN_NAME}/htdocs"
221
+    if [ -d "$akaunting_path" ]; then
222
+        suspend_site "${AKAUNTING_DOMAIN_NAME}"
221 223
         function_check backup_database_to_usb
222 224
         backup_database_to_usb akaunting
223
-        backup_directory_to_usb $akaunting_path akaunting
225
+        backup_directory_to_usb "$akaunting_path" akaunting
224 226
         restart_site
225 227
     fi
226 228
 }
227 229
 
228 230
 function restore_local_akaunting {
229 231
     temp_restore_dir=/root/tempakaunting
230
-    akaunting_dir=/var/www/${AKAUNTING_DOMAIN_NAME}/htdocs
232
+    akaunting_dir="/var/www/${AKAUNTING_DOMAIN_NAME}/htdocs"
231 233
 
232
-    suspend_site ${AKAUNTING_DOMAIN_NAME}
234
+    suspend_site "${AKAUNTING_DOMAIN_NAME}"
233 235
 
234 236
     function_check akaunting_create_database
235 237
     akaunting_create_database
236 238
 
237
-    restore_database akaunting ${AKAUNTING_DOMAIN_NAME}
238
-    chown www-data:www-data $akaunting_dir
239
+    restore_database akaunting "${AKAUNTING_DOMAIN_NAME}"
240
+    chown www-data:www-data "$akaunting_dir"
239 241
 
240 242
     restart_site
241 243
 }
242 244
 
243 245
 function backup_remote_akaunting {
244
-    akaunting_path=/var/www/${AKAUNTING_DOMAIN_NAME}/htdocs
245
-    if [ -d $akaunting_path ]; then
246
-        suspend_site ${AKAUNTING_DOMAIN_NAME}
246
+    akaunting_path="/var/www/${AKAUNTING_DOMAIN_NAME}/htdocs"
247
+    if [ -d "$akaunting_path" ]; then
248
+        suspend_site "${AKAUNTING_DOMAIN_NAME}"
247 249
         function_check backup_database_to_friend
248 250
         backup_database_to_friend akaunting
249
-        backup_directory_to_friend $akaunting_path akaunting
251
+        backup_directory_to_friend "$akaunting_path" akaunting
250 252
         restart_site
251 253
     fi
252 254
 }
253 255
 
254 256
 function restore_remote_akaunting {
255
-    temp_restore_dir=/root/tempakaunting
256
-    akaunting_dir=/var/www/${AKAUNTING_DOMAIN_NAME}/htdocs
257
+    akaunting_dir="/var/www/${AKAUNTING_DOMAIN_NAME}/htdocs"
257 258
 
258
-    suspend_site ${AKAUNTING_DOMAIN_NAME}
259
+    suspend_site "${AKAUNTING_DOMAIN_NAME}"
259 260
 
260 261
     function_check akaunting_create_database
261 262
     akaunting_create_database
262 263
 
263
-    restore_database_from_friend akaunting ${AKAUNTING_DOMAIN_NAME}
264
-    chown www-data:www-data $akaunting_dir
264
+    restore_database_from_friend akaunting "${AKAUNTING_DOMAIN_NAME}"
265
+    chown www-data:www-data "$akaunting_dir"
265 266
 
266 267
     restart_site
267 268
 }
@@ -274,28 +275,28 @@ function remove_akaunting {
274 275
     read_config_param "AKAUNTING_DOMAIN_NAME"
275 276
     read_config_param "MY_USERNAME"
276 277
     echo "Removing $AKAUNTING_DOMAIN_NAME"
277
-    nginx_dissite $AKAUNTING_DOMAIN_NAME
278
-    remove_certs $AKAUNTING_DOMAIN_NAME
278
+    nginx_dissite "$AKAUNTING_DOMAIN_NAME"
279
+    remove_certs "$AKAUNTING_DOMAIN_NAME"
279 280
 
280
-    if [ -d /var/www/$AKAUNTING_DOMAIN_NAME ]; then
281
-        rm -rf /var/www/$AKAUNTING_DOMAIN_NAME
281
+    if [ -d "/var/www/$AKAUNTING_DOMAIN_NAME" ]; then
282
+        rm -rf "/var/www/$AKAUNTING_DOMAIN_NAME"
282 283
     fi
283
-    if [ -f /etc/nginx/sites-available/$AKAUNTING_DOMAIN_NAME ]; then
284
-        rm /etc/nginx/sites-available/$AKAUNTING_DOMAIN_NAME
284
+    if [ -f "/etc/nginx/sites-available/$AKAUNTING_DOMAIN_NAME" ]; then
285
+        rm "/etc/nginx/sites-available/$AKAUNTING_DOMAIN_NAME"
285 286
     fi
286 287
     function_check drop_database
287 288
     drop_database akaunting
288 289
     function_check remove_onion_service
289
-    remove_onion_service akaunting ${AKAUNTING_ONION_PORT}
290
+    remove_onion_service akaunting "${AKAUNTING_ONION_PORT}"
290 291
     if grep -q "akaunting" /etc/crontab; then
291 292
         sed -i "/akaunting/d" /etc/crontab
292 293
     fi
293 294
     remove_app akaunting
294 295
     remove_completion_param install_akaunting
295
-    sed -i '/akaunting/d' $COMPLETION_FILE
296
+    sed -i '/akaunting/d' "$COMPLETION_FILE"
296 297
 
297 298
     function_check remove_ddns_domain
298
-    remove_ddns_domain $AKAUNTING_DOMAIN_NAME
299
+    remove_ddns_domain "$AKAUNTING_DOMAIN_NAME"
299 300
 }
300 301
 
301 302
 function install_akaunting {
@@ -303,7 +304,7 @@ function install_akaunting {
303 304
         ONION_ONLY='no'
304 305
     fi
305 306
 
306
-    if [ ! $AKAUNTING_DOMAIN_NAME ]; then
307
+    if [ ! "$AKAUNTING_DOMAIN_NAME" ]; then
307 308
         echo $'No domain name was given for akaunting'
308 309
         exit 89353
309 310
     fi
@@ -317,142 +318,142 @@ function install_akaunting {
317 318
     apt-get -yq install php-gettext php-curl php-gd php-mysql git curl
318 319
     apt-get -yq install memcached php-memcached php-intl exiftool libfcgi0ldbl
319 320
 
320
-    if [ ! -d /var/www/$AKAUNTING_DOMAIN_NAME ]; then
321
-        mkdir /var/www/$AKAUNTING_DOMAIN_NAME
321
+    if [ ! -d "/var/www/$AKAUNTING_DOMAIN_NAME" ]; then
322
+        mkdir "/var/www/$AKAUNTING_DOMAIN_NAME"
322 323
     fi
323
-    if [ ! -d /var/www/$AKAUNTING_DOMAIN_NAME/htdocs ]; then
324
+    if [ ! -d "/var/www/$AKAUNTING_DOMAIN_NAME/htdocs" ]; then
324 325
         if [ -d /repos/akaunting ]; then
325
-            mkdir /var/www/$AKAUNTING_DOMAIN_NAME/htdocs
326
-            cp -r -p /repos/akaunting/. /var/www/$AKAUNTING_DOMAIN_NAME/htdocs
327
-            cd /var/www/$AKAUNTING_DOMAIN_NAME/htdocs
326
+            mkdir "/var/www/$AKAUNTING_DOMAIN_NAME/htdocs"
327
+            cp -r -p /repos/akaunting/. "/var/www/$AKAUNTING_DOMAIN_NAME/htdocs"
328
+            cd "/var/www/$AKAUNTING_DOMAIN_NAME/htdocs" || exit 23458735
328 329
             git pull
329 330
         else
330 331
             function_check git_clone
331
-            git_clone $AKAUNTING_REPO /var/www/$AKAUNTING_DOMAIN_NAME/htdocs
332
+            git_clone "$AKAUNTING_REPO" "/var/www/$AKAUNTING_DOMAIN_NAME/htdocs"
332 333
         fi
333 334
 
334
-        if [ ! -d /var/www/$AKAUNTING_DOMAIN_NAME/htdocs ]; then
335
+        if [ ! -d "/var/www/$AKAUNTING_DOMAIN_NAME/htdocs" ]; then
335 336
             echo $'Unable to clone akaunting repo'
336 337
             exit 2589389
337 338
         fi
338 339
     fi
339 340
 
340
-    cd /var/www/$AKAUNTING_DOMAIN_NAME/htdocs
341
-    git checkout $AKAUNTING_COMMIT -b $AKAUNTING_COMMIT
341
+    cd "/var/www/$AKAUNTING_DOMAIN_NAME/htdocs" || exit 23468724527
342
+    git checkout "$AKAUNTING_COMMIT" -b "$AKAUNTING_COMMIT"
342 343
     set_completion_param "akaunting commit" "$AKAUNTING_COMMIT"
343 344
 
344
-    chmod g+w /var/www/$AKAUNTING_DOMAIN_NAME/htdocs
345
-    chown -R www-data:www-data /var/www/$AKAUNTING_DOMAIN_NAME/htdocs
345
+    chmod g+w "/var/www/$AKAUNTING_DOMAIN_NAME/htdocs"
346
+    chown -R www-data:www-data "/var/www/$AKAUNTING_DOMAIN_NAME/htdocs"
346 347
 
347
-    cd /var/www/$AKAUNTING_DOMAIN_NAME/htdocs
348
+    cd "/var/www/$AKAUNTING_DOMAIN_NAME/htdocs" || exit 34783524
348 349
     install_composer
349 350
 
350 351
     function_check akaunting_create_database
351 352
     akaunting_create_database
352 353
 
353 354
     function_check add_ddns_domain
354
-    add_ddns_domain $AKAUNTING_DOMAIN_NAME
355
+    add_ddns_domain "$AKAUNTING_DOMAIN_NAME"
355 356
 
356 357
     AKAUNTING_ONION_HOSTNAME=$(add_onion_service akaunting 80 ${AKAUNTING_ONION_PORT})
357 358
 
358 359
     akaunting_nginx_site=/etc/nginx/sites-available/$AKAUNTING_DOMAIN_NAME
359 360
     if [[ $ONION_ONLY == "no" ]]; then
360 361
         function_check nginx_http_redirect
361
-        nginx_http_redirect $AKAUNTING_DOMAIN_NAME "index index.php"
362
-        echo 'server {' >> $akaunting_nginx_site
363
-        echo '  listen 443 ssl;' >> $akaunting_nginx_site
364
-        echo '  #listen [::]:443 ssl;' >> $akaunting_nginx_site
365
-        echo "  server_name $AKAUNTING_DOMAIN_NAME;" >> $akaunting_nginx_site
366
-        echo '' >> $akaunting_nginx_site
362
+        nginx_http_redirect "$AKAUNTING_DOMAIN_NAME" "index index.php"
363
+        { echo 'server {';
364
+          echo '  listen 443 ssl;';
365
+          echo '  #listen [::]:443 ssl;';
366
+          echo "  server_name $AKAUNTING_DOMAIN_NAME;";
367
+          echo ''; } >> "$akaunting_nginx_site"
367 368
         function_check nginx_compress
368
-        nginx_compress $AKAUNTING_DOMAIN_NAME
369
-        echo '' >> $akaunting_nginx_site
370
-        echo '  # Security' >> $akaunting_nginx_site
369
+        nginx_compress "$AKAUNTING_DOMAIN_NAME"
370
+        echo '' >> "$akaunting_nginx_site"
371
+        echo '  # Security' >> "$akaunting_nginx_site"
371 372
         function_check nginx_ssl
372
-        nginx_ssl $AKAUNTING_DOMAIN_NAME
373
+        nginx_ssl "$AKAUNTING_DOMAIN_NAME"
373 374
 
374 375
         function_check nginx_disable_sniffing
375
-        nginx_disable_sniffing $AKAUNTING_DOMAIN_NAME
376
-
377
-        echo '  add_header Strict-Transport-Security max-age=15768000;' >> $akaunting_nginx_site
378
-        echo '' >> $akaunting_nginx_site
379
-        echo '  access_log /dev/null;' >> $akaunting_nginx_site
380
-        echo '  error_log /dev/null;' >> $akaunting_nginx_site
381
-        echo '' >> $akaunting_nginx_site
382
-        echo "  root /var/www/$AKAUNTING_DOMAIN_NAME/htdocs;" >> $akaunting_nginx_site
383
-        echo '' >> $akaunting_nginx_site
384
-        echo '  index index.php;' >> $akaunting_nginx_site
385
-        echo '' >> $akaunting_nginx_site
386
-        echo '  location ~ \.php {' >> $akaunting_nginx_site
387
-        echo '    include snippets/fastcgi-php.conf;' >> $akaunting_nginx_site
388
-        echo '    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;' >> $akaunting_nginx_site
389
-        echo '    fastcgi_read_timeout 30;' >> $akaunting_nginx_site
390
-        echo '  }' >> $akaunting_nginx_site
391
-        echo '' >> $akaunting_nginx_site
392
-        echo '  location / {' >> $akaunting_nginx_site
376
+        nginx_disable_sniffing "$AKAUNTING_DOMAIN_NAME"
377
+
378
+        { echo '  add_header Strict-Transport-Security max-age=15768000;';
379
+          echo '';
380
+          echo '  access_log /dev/null;';
381
+          echo '  error_log /dev/null;';
382
+          echo '';
383
+          echo "  root /var/www/$AKAUNTING_DOMAIN_NAME/htdocs;";
384
+          echo '';
385
+          echo '  index index.php;';
386
+          echo '';
387
+          echo '  location ~ \.php {';
388
+          echo '    include snippets/fastcgi-php.conf;';
389
+          echo '    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;';
390
+          echo '    fastcgi_read_timeout 30;';
391
+          echo '  }';
392
+          echo '';
393
+          echo '  location / {'; } >> "$akaunting_nginx_site"
393 394
         function_check nginx_limits
394
-        nginx_limits $AKAUNTING_DOMAIN_NAME '15m'
395
-        echo '    try_files $uri $uri/ @akaunting;' >> $akaunting_nginx_site
396
-        echo '  }' >> $akaunting_nginx_site
397
-        echo '' >> $akaunting_nginx_site
398
-        echo '  location @akaunting {' >> $akaunting_nginx_site
399
-        echo '    rewrite ^(.*)$ /index.php?p=$1 last;' >> $akaunting_nginx_site
400
-        echo '  }' >> $akaunting_nginx_site
401
-        echo '' >> $akaunting_nginx_site
402
-        echo '  location ~ /\.(ht|git) {' >> $akaunting_nginx_site
403
-        echo '    deny all;' >> $akaunting_nginx_site
404
-        echo '  }' >> $akaunting_nginx_site
405
-        echo '' >> $akaunting_nginx_site
406
-        echo '}' >> $akaunting_nginx_site
395
+        nginx_limits "$AKAUNTING_DOMAIN_NAME" '15m'
396
+        { echo "    try_files \$uri \$uri/ @akaunting;";
397
+          echo '  }';
398
+          echo '';
399
+          echo '  location @akaunting {';
400
+          echo "    rewrite ^(.*)\$ /index.php?p=\$1 last;";
401
+          echo '  }';
402
+          echo '';
403
+          echo '  location ~ /\.(ht|git) {';
404
+          echo '    deny all;';
405
+          echo '  }';
406
+          echo '';
407
+          echo '}'; } >> "$akaunting_nginx_site"
407 408
     else
408
-        echo -n '' > $akaunting_nginx_site
409
+        echo -n '' > "$akaunting_nginx_site"
409 410
     fi
410
-    echo 'server {' >> $akaunting_nginx_site
411
-    echo "    listen 127.0.0.1:$AKAUNTING_ONION_PORT default_server;" >> $akaunting_nginx_site
412
-    echo "    server_name $AKAUNTING_ONION_HOSTNAME;" >> $akaunting_nginx_site
413
-    echo '' >> $akaunting_nginx_site
414
-    function_check nginx_compress
415
-    nginx_compress $AKAUNTING_DOMAIN_NAME
416
-    echo '' >> $akaunting_nginx_site
411
+    { echo 'server {';
412
+      echo "    listen 127.0.0.1:$AKAUNTING_ONION_PORT default_server;";
413
+      echo "    server_name $AKAUNTING_ONION_HOSTNAME;";
414
+      echo ''; } >> "$akaunting_nginx_site"
415
+      function_check nginx_compress
416
+    nginx_compress "$AKAUNTING_DOMAIN_NAME"
417
+    echo '' >> "$akaunting_nginx_site"
417 418
     function_check nginx_disable_sniffing
418
-    nginx_disable_sniffing $AKAUNTING_DOMAIN_NAME
419
-    echo '' >> $akaunting_nginx_site
420
-    echo '  access_log /dev/null;' >> $akaunting_nginx_site
421
-    echo '  error_log /dev/null;' >> $akaunting_nginx_site
422
-    echo '' >> $akaunting_nginx_site
423
-    echo "  root /var/www/$AKAUNTING_DOMAIN_NAME/htdocs;" >> $akaunting_nginx_site
424
-    echo '' >> $akaunting_nginx_site
425
-    echo '  index index.php;' >> $akaunting_nginx_site
426
-    echo '' >> $akaunting_nginx_site
427
-    echo '  location ~ \.php {' >> $akaunting_nginx_site
428
-    echo '    include snippets/fastcgi-php.conf;' >> $akaunting_nginx_site
429
-    echo '    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;' >> $akaunting_nginx_site
430
-    echo '    fastcgi_read_timeout 30;' >> $akaunting_nginx_site
431
-    echo '  }' >> $akaunting_nginx_site
432
-    echo '' >> $akaunting_nginx_site
433
-    echo '  location / {' >> $akaunting_nginx_site
419
+    nginx_disable_sniffing "$AKAUNTING_DOMAIN_NAME"
420
+    { echo '';
421
+      echo '  access_log /dev/null;';
422
+      echo '  error_log /dev/null;';
423
+      echo '';
424
+      echo "  root /var/www/$AKAUNTING_DOMAIN_NAME/htdocs;";
425
+      echo '';
426
+      echo '  index index.php;';
427
+      echo '';
428
+      echo '  location ~ \.php {';
429
+      echo '    include snippets/fastcgi-php.conf;';
430
+      echo '    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;';
431
+      echo '    fastcgi_read_timeout 30;';
432
+      echo '  }';
433
+      echo '';
434
+      echo '  location / {'; } >> "$akaunting_nginx_site"
434 435
     function_check nginx_limits
435
-    nginx_limits $AKAUNTING_DOMAIN_NAME '15m'
436
-    echo '    try_files $uri $uri/ @akaunting;' >> $akaunting_nginx_site
437
-    echo '  }' >> $akaunting_nginx_site
438
-    echo '' >> $akaunting_nginx_site
439
-    echo '  location @akaunting {' >> $akaunting_nginx_site
440
-    echo '    rewrite ^(.*)$ /index.php?p=$1 last;' >> $akaunting_nginx_site
441
-    echo '  }' >> $akaunting_nginx_site
442
-    echo '' >> $akaunting_nginx_site
443
-    echo '  location ~ /\.(ht|git) {' >> $akaunting_nginx_site
444
-    echo '    deny all;' >> $akaunting_nginx_site
445
-    echo '  }' >> $akaunting_nginx_site
446
-    echo '}' >> $akaunting_nginx_site
436
+    nginx_limits "$AKAUNTING_DOMAIN_NAME" '15m'
437
+    { echo "    try_files \$uri \$uri/ @akaunting;";
438
+      echo '  }';
439
+      echo '';
440
+      echo '  location @akaunting {';
441
+      echo "    rewrite ^(.*)\$ /index.php?p=\$1 last;";
442
+      echo '  }';
443
+      echo '';
444
+      echo '  location ~ /\.(ht|git) {';
445
+      echo '    deny all;';
446
+      echo '  }';
447
+      echo '}'; } >> "$akaunting_nginx_site"
447 448
 
448 449
     function_check configure_php
449 450
     configure_php
450 451
 
451 452
     function_check create_site_certificate
452
-    create_site_certificate $AKAUNTING_DOMAIN_NAME 'yes'
453
+    create_site_certificate "$AKAUNTING_DOMAIN_NAME" 'yes'
453 454
 
454 455
     function_check nginx_ensite
455
-    nginx_ensite $AKAUNTING_DOMAIN_NAME
456
+    nginx_ensite "$AKAUNTING_DOMAIN_NAME"
456 457
 
457 458
     akaunting_remove_bad_links
458 459
 
@@ -460,7 +461,7 @@ function install_akaunting {
460 461
     systemctl restart php7.0-fpm
461 462
     systemctl restart nginx
462 463
 
463
-    ${PROJECT_NAME}-pass -u $MY_USERNAME -a akaunting -p "$AKAUNTING_ADMIN_PASSWORD"
464
+    "${PROJECT_NAME}-pass" -u "$MY_USERNAME" -a akaunting -p "$AKAUNTING_ADMIN_PASSWORD"
464 465
 
465 466
     set_completion_param "akaunting domain" "$AKAUNTING_DOMAIN_NAME"
466 467
 

+ 26
- 27
src/freedombone-app-batman Zobrazit soubor

@@ -90,8 +90,7 @@ function restore_remote_batman {
90 90
 }
91 91
 
92 92
 function remove_batman {
93
-    ${PROJECT_NAME}-mesh-install -f batman --remove yes
94
-    if [ ! "$?" = "0" ]; then
93
+    if ! "${PROJECT_NAME}-mesh-install" -f batman --remove yes; then
95 94
         echo $'Failed to remove batman'
96 95
         exit 79353
97 96
     fi
@@ -100,45 +99,46 @@ function remove_batman {
100 99
 }
101 100
 
102 101
 function mesh_install_batman {
102
+    # shellcheck disable=SC2154
103 103
     chroot "$rootdir" apt-get -yq install iproute bridge-utils libnetfilter-conntrack3 batctl
104 104
     chroot "$rootdir" apt-get -yq install python-dev libevent-dev ebtables python-pip git
105 105
     chroot "$rootdir" apt-get -yq install wireless-tools rfkill
106 106
 
107
-    if ! grep -q "batman_adv" $rootdir/etc/modules; then
108
-        echo 'batman_adv' >> $rootdir/etc/modules
107
+    if ! grep -q "batman_adv" "$rootdir/etc/modules"; then
108
+        echo 'batman_adv' >> "$rootdir/etc/modules"
109 109
     fi
110 110
 
111 111
     BATMAN_SCRIPT=$rootdir/var/lib/batman
112 112
 
113
-    if [ -f /usr/local/bin/${PROJECT_NAME}-mesh-batman ]; then
114
-        cp /usr/local/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
113
+    if [ -f "/usr/local/bin/${PROJECT_NAME}-mesh-batman" ]; then
114
+        cp "/usr/local/bin/${PROJECT_NAME}-mesh-batman" "$BATMAN_SCRIPT"
115 115
     else
116
-        cp /usr/bin/${PROJECT_NAME}-mesh-batman $BATMAN_SCRIPT
116
+        cp "/usr/bin/${PROJECT_NAME}-mesh-batman" "$BATMAN_SCRIPT"
117 117
     fi
118 118
 
119 119
     BATMAN_DAEMON=$rootdir/etc/systemd/system/batman.service
120
-    echo '[Unit]' > $BATMAN_DAEMON
121
-    echo 'Description=B.A.T.M.A.N. Advanced' >> $BATMAN_DAEMON
122
-    echo 'After=network.target' >> $BATMAN_DAEMON
123
-    echo '' >> $BATMAN_DAEMON
124
-    echo '[Service]' >> $BATMAN_DAEMON
125
-    echo 'RemainAfterExit=yes' >> $BATMAN_DAEMON
126
-    echo "ExecStart=/var/lib/batman start" >> $BATMAN_DAEMON
127
-    echo "ExecStop=/var/lib/batman stop" >> $BATMAN_DAEMON
128
-    echo 'Restart=on-failure' >> $BATMAN_DAEMON
129
-    echo 'SuccessExitStatus=3 4' >> $BATMAN_DAEMON
130
-    echo 'RestartForceExitStatus=3 4' >> $BATMAN_DAEMON
131
-    echo '' >> $BATMAN_DAEMON
132
-    echo '# Allow time for the server to start/stop' >> $BATMAN_DAEMON
133
-    echo 'TimeoutSec=300' >> $BATMAN_DAEMON
134
-    echo '' >> $BATMAN_DAEMON
135
-    echo '[Install]' >> $BATMAN_DAEMON
136
-    echo 'WantedBy=multi-user.target' >> $BATMAN_DAEMON
120
+    { echo '[Unit]';
121
+      echo 'Description=B.A.T.M.A.N. Advanced';
122
+      echo 'After=network.target';
123
+      echo '';
124
+      echo '[Service]';
125
+      echo 'RemainAfterExit=yes';
126
+      echo "ExecStart=/var/lib/batman start";
127
+      echo "ExecStop=/var/lib/batman stop";
128
+      echo 'Restart=on-failure';
129
+      echo 'SuccessExitStatus=3 4';
130
+      echo 'RestartForceExitStatus=3 4';
131
+      echo '';
132
+      echo '# Allow time for the server to start/stop';
133
+      echo 'TimeoutSec=300';
134
+      echo '';
135
+      echo '[Install]';
136
+      echo 'WantedBy=multi-user.target'; } > "$BATMAN_DAEMON"
137 137
     chroot "$rootdir" systemctl enable batman
138 138
 }
139 139
 
140 140
 function install_batman {
141
-    if [ $INSTALLING_MESH ]; then
141
+    if [ "$INSTALLING_MESH" ]; then
142 142
         mesh_install_batman
143 143
         return
144 144
     fi
@@ -146,8 +146,7 @@ function install_batman {
146 146
         return
147 147
     fi
148 148
 
149
-    ${PROJECT_NAME}-mesh-install -f batman
150
-    if [ ! "$?" = "0" ]; then
149
+    if ! "${PROJECT_NAME}-mesh-install" -f batman; then
151 150
         echo $'Failed to install batman'
152 151
         exit 72524
153 152
     fi

+ 124
- 124
src/freedombone-app-bdsmail Zobrazit soubor

@@ -49,29 +49,29 @@ function bdsmail_configure_users {
49 49
         if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
50 50
 
51 51
             # Add the user to the i2p group
52
-            usermod -a -G i2psvc $USERNAME
52
+            usermod -a -G i2psvc "$USERNAME"
53 53
 
54
-            if [ -f /home/$USERNAME/.muttrc ]; then
54
+            if [ -f "/home/$USERNAME/.muttrc" ]; then
55 55
                 # Create a mutt i2p folder
56
-                if ! grep -q ' =i2p' /home/$USERNAME/.muttrc; then
57
-                    MUTT_MAILBOXES=$(grep "mailboxes =" /home/$USERNAME/.muttrc)
58
-                    sed -i "s|$MUTT_MAILBOXES|$MUTT_MAILBOXES =i2p|g" /home/$USERNAME/.muttrc
56
+                if ! grep -q ' =i2p' "/home/$USERNAME/.muttrc"; then
57
+                    MUTT_MAILBOXES=$(grep "mailboxes =" "/home/$USERNAME/.muttrc")
58
+                    sed -i "s|$MUTT_MAILBOXES|$MUTT_MAILBOXES =i2p|g" "/home/$USERNAME/.muttrc"
59 59
                 fi
60 60
 
61 61
                 # Create a mutt folder hook to the i2p config
62
-                if ! grep -q 'folder-hook !i2p' /home/$USERNAME/.muttrc; then
63
-                    echo 'folder-hook !i2p/*     source ~/.muttrc' >> /home/$USERNAME/.muttrc
62
+                if ! grep -q 'folder-hook !i2p' "/home/$USERNAME/.muttrc"; then
63
+                    echo 'folder-hook !i2p/*     source ~/.muttrc' >> "/home/$USERNAME/.muttrc"
64 64
                 fi
65
-                if ! grep -q 'folder-hook i2p' /home/$USERNAME/.muttrc; then
66
-                    echo 'folder-hook i2p/*     source ~/.mutt/bdsmail' >> /home/$USERNAME/.muttrc
65
+                if ! grep -q 'folder-hook i2p' "/home/$USERNAME/.muttrc"; then
66
+                    echo 'folder-hook i2p/*     source ~/.mutt/bdsmail' >> "/home/$USERNAME/.muttrc"
67 67
                 fi
68 68
             fi
69 69
 
70 70
             # Create a directory where i2p mail will be stored
71
-            if [ ! -d /home/$USERNAME/Maildir/i2p/new ]; then
72
-                mkdir -p /home/$USERNAME/Maildir/i2p/cur
73
-                mkdir -p /home/$USERNAME/Maildir/i2p/new
74
-                chown -R $USERNAME:$USERNAME /home/$USERNAME/Maildir/i2p
71
+            if [ ! -d "/home/$USERNAME/Maildir/i2p/new" ]; then
72
+                mkdir -p "/home/$USERNAME/Maildir/i2p/cur"
73
+                mkdir -p "/home/$USERNAME/Maildir/i2p/new"
74
+                chown -R "$USERNAME":"$USERNAME" "/home/$USERNAME/Maildir/i2p"
75 75
             fi
76 76
         fi
77 77
     done
@@ -93,18 +93,18 @@ function add_user_bdsmail {
93 93
     new_username="$1"
94 94
     new_user_password="$2"
95 95
 
96
-    if [ ! -d /home/$new_username/.mutt ]; then
97
-        mkdir /home/$new_username/.mutt
98
-        cp /etc/skel/.mutt/bdsmail /home/$new_username/.mutt
96
+    if [ ! -d "/home/$new_username/.mutt" ]; then
97
+        mkdir "/home/$new_username/.mutt"
98
+        cp /etc/skel/.mutt/bdsmail "/home/$new_username/.mutt"
99 99
     fi
100 100
     read_config_param MY_USERNAME
101
-    BDSMAIL_PASSWORD=$(${PROJECT_NAME}-pass -u $MY_USERNAME -a bdsmail)
102
-    sed -i "s|username|$new_username|g" /home/$new_username/.mutt/bdsmail
103
-    sed -i "s|password|$BDSMAIL_PASSWORD|g" /home/$new_username/.mutt/bdsmail
101
+    BDSMAIL_PASSWORD=$("${PROJECT_NAME}-pass" -u "$MY_USERNAME" -a bdsmail)
102
+    sed -i "s|username|$new_username|g" "/home/$new_username/.mutt/bdsmail"
103
+    sed -i "s|password|$BDSMAIL_PASSWORD|g" "/home/$new_username/.mutt/bdsmail"
104 104
     bdsmail_configure_users
105
-    cd $BDSMAIL_DIR
106
-    $BDSMAIL_DIR/bin/mailtool $BDSMAIL_DIR/config.ini $new_username /home/$new_username/Maildir/i2p "$BDSMAIL_PASSWORD"
107
-    chown -R $new_username:$new_username /home/$new_username/.mutt
105
+    cd $BDSMAIL_DIR || exit 57247684234
106
+    $BDSMAIL_DIR/bin/mailtool $BDSMAIL_DIR/config.ini "$new_username" "/home/$new_username/Maildir/i2p" "$BDSMAIL_PASSWORD"
107
+    chown -R "$new_username":"$new_username" "/home/$new_username/.mutt"
108 108
     echo '0'
109 109
 }
110 110
 
@@ -117,16 +117,16 @@ function change_password_bdsmail {
117 117
     curr_username="$1"
118 118
     new_user_password="$2"
119 119
 
120
-    ${PROJECT_NAME}-pass -u $MY_USERNAME -a bdsmail -p "$new_user_password"
120
+    "${PROJECT_NAME}-pass" -u "$MY_USERNAME" -a bdsmail -p "$new_user_password"
121 121
 
122 122
     for d in /home/*/ ; do
123 123
         USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
124 124
         if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
125
-            sed -i "s|set smtp_url=.*|set smtp_url=smtp://${curr_username}:${new_user_password}@127.0.0.1:$I2P_SMTP_PORT/" /home/${USERNAME}/.mutt/bdsmail
126
-            sed -i "s|set from=.*|set from=${USERNAME}@$(bdsmail_domain)|g" /home/${USERNAME}/.mutt/bdsmail
127
-            chown ${USERNAME}:${USERNAME} /home/${USERNAME}/.mutt/bdsmail
125
+            sed -i "s|set smtp_url=.*|set smtp_url=smtp://${curr_username}:${new_user_password}@127.0.0.1:$I2P_SMTP_PORT/" "/home/${USERNAME}/.mutt/bdsmail"
126
+            sed -i "s|set from=.*|set from=${USERNAME}@$(bdsmail_domain)|g" "/home/${USERNAME}/.mutt/bdsmail"
127
+            chown "${USERNAME}":"${USERNAME}" "/home/${USERNAME}/.mutt/bdsmail"
128 128
             cd $BDSMAIL_DIR
129
-            $BDSMAIL_DIR/bin/mailtool $BDSMAIL_DIR/config.ini $curr_username /home/$curr_username/Maildir/i2p "$new_user_password"
129
+            $BDSMAIL_DIR/bin/mailtool $BDSMAIL_DIR/config.ini "$curr_username" "/home/$curr_username/Maildir/i2p" "$new_user_password"
130 130
         fi
131 131
     done
132 132
 }
@@ -136,9 +136,9 @@ function bdsmail_update_domain {
136 136
     for d in /home/*/ ; do
137 137
         USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
138 138
         if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
139
-            cp /etc/skel/.mutt/bdsmail /home/${USERNAME}/.mutt/bdsmail
140
-            sed -i "s|set from=.*|set from=${USERNAME}@$(bdsmail_domain)|g" /home/${USERNAME}/.mutt/bdsmail
141
-            chown ${USERNAME}:${USERNAME} /home/${USERNAME}/.mutt/bdsmail
139
+            cp /etc/skel/.mutt/bdsmail "/home/${USERNAME}/.mutt/bdsmail"
140
+            sed -i "s|set from=.*|set from=${USERNAME}@$(bdsmail_domain)|g" "/home/${USERNAME}/.mutt/bdsmail"
141
+            chown "${USERNAME}":"${USERNAME}" "/home/${USERNAME}/.mutt/bdsmail"
142 142
         fi
143 143
     done
144 144
 }
@@ -154,7 +154,7 @@ function bdsmail_wait_for_key_generation {
154 154
         sleep 30
155 155
         bds_domain=$(bdsmail_domain)
156 156
         sleep_ctr=$((sleep_ctr + 1))
157
-        if [ $sleep_ctr -gt 100 ]; then
157
+        if [ "$sleep_ctr" -gt 100 ]; then
158 158
             break
159 159
         fi
160 160
     done
@@ -178,9 +178,9 @@ function upgrade_bdsmail {
178 178
     fi
179 179
 
180 180
     # update to the next commit
181
-    set_repo_commit $BDSMAIL_DIR "bdsmail commit" "$BDSMAIL_COMMIT" $BDSMAIL_REPO
182
-    cd $BDSMAIL_DIR
183
-    make GOROOT=/home/go/go${GO_VERSION}
181
+    set_repo_commit $BDSMAIL_DIR "bdsmail commit" "$BDSMAIL_COMMIT" "$BDSMAIL_REPO"
182
+    cd $BDSMAIL_DIR || exit 2457245
183
+    make GOROOT="/home/go/go${GO_VERSION}"
184 184
     chown -R i2psvc:i2psvc $BDSMAIL_DIR
185 185
     systemctl restart bdsmail
186 186
 
@@ -210,7 +210,7 @@ function restore_local_bdsmail {
210 210
     function_check restore_directory_from_usb
211 211
     restore_directory_from_usb $temp_restore_dir bdsmail
212 212
     if [ -d $temp_restore_dir ]; then
213
-        if [ -d cp $temp_restore_dir$bdsmail_dir ]; then
213
+        if [ -d $temp_restore_dir$bdsmail_dir ]; then
214 214
             cp -rp $temp_restore_dir$bdsmail_dir $bdsmail_dir/
215 215
         else
216 216
             if [ ! -d $bdsmail_dir ]; then
@@ -246,7 +246,7 @@ function restore_remote_bdsmail {
246 246
     function_check restore_directory_from_friend
247 247
     restore_directory_from_friend $temp_restore_dir bdsmail
248 248
     if [ -d $temp_restore_dir ]; then
249
-        if [ -d cp $temp_restore_dir$bdsmail_dir ]; then
249
+        if [ -d $temp_restore_dir$bdsmail_dir ]; then
250 250
             cp -rp $temp_restore_dir$bdsmail_dir $bdsmail_dir/
251 251
         else
252 252
             if [ ! -d $bdsmail_dir ]; then
@@ -272,33 +272,33 @@ function remove_bdsmail {
272 272
         USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
273 273
         if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
274 274
             # remove the user from the i2p group
275
-            deluser $USERNAME i2psvc
275
+            deluser "$USERNAME" i2psvc
276 276
 
277 277
             # Remove mutt folder hook to the i2p config
278
-            if [ -f /home/$USERNAME/.muttrc ]; then
279
-                if grep -q 'folder-hook !i2p' /home/$USERNAME/.muttrc; then
280
-                    sed -i '/folder-hook !i2p/d' /home/$USERNAME/.muttrc
278
+            if [ -f "/home/$USERNAME/.muttrc" ]; then
279
+                if grep -q 'folder-hook !i2p' "/home/$USERNAME/.muttrc"; then
280
+                    sed -i '/folder-hook !i2p/d' "/home/$USERNAME/.muttrc"
281 281
                 fi
282
-                if grep -q 'folder-hook i2p' /home/$USERNAME/.muttrc; then
283
-                    sed -i '/folder-hook i2p/d' /home/$USERNAME/.muttrc
282
+                if grep -q 'folder-hook i2p' "/home/$USERNAME/.muttrc"; then
283
+                    sed -i '/folder-hook i2p/d' "/home/$USERNAME/.muttrc"
284 284
                 fi
285 285
             fi
286 286
 
287 287
             # Remove folder
288
-            if grep -q ' =i2p' /home/$USERNAME/.muttrc; then
289
-                sed -i 's| =i2p||g' /home/$USERNAME/.muttrc
288
+            if grep -q ' =i2p' "/home/$USERNAME/.muttrc"; then
289
+                sed -i 's| =i2p||g' "/home/$USERNAME/.muttrc"
290 290
             fi
291 291
 
292 292
             # NOTE: leave Maildir/i2p/cur. We might want to archive that
293 293
             # or just be reinstalling the system without losing mail
294
-            rm -rf /home/$USERNAME/Maildir/i2p/new
294
+            rm -rf "/home/$USERNAME/Maildir/i2p/new"
295 295
         fi
296 296
     done
297 297
 
298 298
     remove_i2p
299 299
     remove_app bdsmail
300 300
     remove_completion_param install_bdsmail
301
-    sed -i '/bdsmail/d' $COMPLETION_FILE
301
+    sed -i '/bdsmail/d' "$COMPLETION_FILE"
302 302
     rm -rf /etc/skel/.mutt
303 303
     if [ -d $BDSMAIL_DIR ]; then
304 304
         rm -rf $BDSMAIL_DIR
@@ -322,7 +322,7 @@ function install_bdsmail {
322 322
         cd $BDSMAIL_DIR
323 323
         git pull
324 324
     else
325
-        git_clone $BDSMAIL_REPO $BDSMAIL_DIR
325
+        git_clone "$BDSMAIL_REPO" "$BDSMAIL_DIR"
326 326
     fi
327 327
 
328 328
     if [ ! -d $BDSMAIL_DIR ]; then
@@ -331,13 +331,13 @@ function install_bdsmail {
331 331
     fi
332 332
 
333 333
     cd $BDSMAIL_DIR
334
-    git checkout $BDSMAIL_COMMIT -b $BDSMAIL_COMMIT
334
+    git checkout "$BDSMAIL_COMMIT" -b "$BDSMAIL_COMMIT"
335 335
     set_completion_param "bdsmail commit" "$BDSMAIL_COMMIT"
336 336
 
337 337
     mkdir -p $BDSMAIL_DIR/Maildir/i2p
338 338
     chmod -R 700 $BDSMAIL_DIR/Maildir
339 339
 
340
-    make GOROOT=/home/go/go${GO_VERSION}
340
+    make GOROOT="/home/go/go${GO_VERSION}"
341 341
     if [ ! -f $BDSMAIL_DIR/bin/bdsconfig ]; then
342 342
         echo $'Unable to make bdsmail'
343 343
         exit 87923567842
@@ -347,72 +347,72 @@ function install_bdsmail {
347 347
     i2p_enable_sam
348 348
 
349 349
     # create configuration file
350
-    $BDSMAIL_DIR/bin/bdsconfig > $BDSMAIL_DIR/config.ini
351
-    echo '[maild]' > $BDSMAIL_DIR/config.ini
352
-    echo "i2paddr = 127.0.0.1:$I2P_SAM_PORT" >> $BDSMAIL_DIR/config.ini
353
-    echo 'i2pkeyfile = bdsmail-privkey.dat' >> $BDSMAIL_DIR/config.ini
354
-    echo "bindmail = 127.0.0.1:$I2P_SMTP_PORT" >> $BDSMAIL_DIR/config.ini
355
-    echo "bindweb = 127.0.0.1:$I2P_WEB_PORT" >> $BDSMAIL_DIR/config.ini
356
-    echo "bindpop3 = 127.0.0.1:$I2P_POP3_PORT" >> $BDSMAIL_DIR/config.ini
357
-    echo 'domain = localhost' >> $BDSMAIL_DIR/config.ini
358
-    echo 'maildir = Maildir/i2p' >> $BDSMAIL_DIR/config.ini
359
-    echo 'database = localhost.sqlite' >> $BDSMAIL_DIR/config.ini
360
-    echo 'assets = contrib/assets/web' >> $BDSMAIL_DIR/config.ini
361
-
362
-    echo '[Unit]' > /etc/systemd/system/bdsmail.service
363
-    echo 'Description=bdsmail' >> /etc/systemd/system/bdsmail.service
364
-    echo 'After=syslog.target' >> /etc/systemd/system/bdsmail.service
365
-    echo 'After=network.target' >> /etc/systemd/system/bdsmail.service
366
-    echo '' >> /etc/systemd/system/bdsmail.service
367
-    echo '[Service]' >> /etc/systemd/system/bdsmail.service
368
-    echo 'Type=simple' >> /etc/systemd/system/bdsmail.service
369
-    echo 'User=i2psvc' >> /etc/systemd/system/bdsmail.service
370
-    echo 'Group=i2psvc' >> /etc/systemd/system/bdsmail.service
371
-    echo "WorkingDirectory=$BDSMAIL_DIR" >> /etc/systemd/system/bdsmail.service
372
-    echo "ExecStart=$BDSMAIL_DIR/bin/maild $BDSMAIL_DIR/config.ini" >> /etc/systemd/system/bdsmail.service
373
-    echo 'Restart=always' >> /etc/systemd/system/bdsmail.service
374
-    echo 'Environment="USER=i2psvc"' >> /etc/systemd/system/bdsmail.service
375
-    echo '' >> /etc/systemd/system/bdsmail.service
376
-    echo '[Install]' >> /etc/systemd/system/bdsmail.service
377
-    echo 'WantedBy=multi-user.target' >> /etc/systemd/system/bdsmail.service
378
-
379
-    echo '#!/usr/bin/env python2' > $BDSMAIL_DIR/get_address
380
-    echo 'import base64, hashlib, sys' >> $BDSMAIL_DIR/get_address
381
-    echo 'with open(sys.argv[1]) as f:' >> $BDSMAIL_DIR/get_address
382
-    echo "    print(base64.b32encode(hashlib.sha256(base64.b64decode(f.read(516), '-~')).digest()).strip('=')+\".b32.i2p\")" >> $BDSMAIL_DIR/get_address
350
+    #$BDSMAIL_DIR/bin/bdsconfig > $BDSMAIL_DIR/config.ini
351
+    { echo '[maild]':
352
+      echo "i2paddr = 127.0.0.1:$I2P_SAM_PORT";
353
+      echo 'i2pkeyfile = bdsmail-privkey.dat';
354
+      echo "bindmail = 127.0.0.1:$I2P_SMTP_PORT";
355
+      echo "bindweb = 127.0.0.1:$I2P_WEB_PORT";
356
+      echo "bindpop3 = 127.0.0.1:$I2P_POP3_PORT";
357
+      echo 'domain = localhost';
358
+      echo 'maildir = Maildir/i2p';
359
+      echo 'database = localhost.sqlite';
360
+      echo 'assets = contrib/assets/web'; } > $BDSMAIL_DIR/config.ini
361
+
362
+    { echo '[Unit]';
363
+      echo 'Description=bdsmail';
364
+      echo 'After=syslog.target';
365
+      echo 'After=network.target';
366
+      echo '';
367
+      echo '[Service]';
368
+      echo 'Type=simple';
369
+      echo 'User=i2psvc';
370
+      echo 'Group=i2psvc';
371
+      echo "WorkingDirectory=$BDSMAIL_DIR";
372
+      echo "ExecStart=$BDSMAIL_DIR/bin/maild $BDSMAIL_DIR/config.ini";
373
+      echo 'Restart=always';
374
+      echo 'Environment="USER=i2psvc"';
375
+      echo '';
376
+      echo '[Install]';
377
+      echo 'WantedBy=multi-user.target'; } > /etc/systemd/system/bdsmail.service
378
+
379
+    { echo '#!/usr/bin/env python2';
380
+      echo 'import base64, hashlib, sys';
381
+      echo 'with open(sys.argv[1]) as f:';
382
+      echo "    print(base64.b32encode(hashlib.sha256(base64.b64decode(f.read(516), '-~')).digest()).strip('=')+\".b32.i2p\")"; } > $BDSMAIL_DIR/get_address
383 383
     chmod +x $BDSMAIL_DIR/get_address
384 384
 
385 385
     chown -R i2psvc:i2psvc $BDSMAIL_DIR
386 386
     systemctl enable bdsmail
387 387
     systemctl start bdsmail
388 388
 
389
-    echo '#!/bin/bash' > /usr/bin/bdsmail_distribute
390
-    echo "BDSMAIL_DIR=$BDSMAIL_DIR" >> /usr/bin/bdsmail_distribute
391
-    echo "MAIL_DIR=\$BDSMAIL_DIR/\$(cat \$BDSMAIL_DIR/config.ini | grep 'maildir =' | awk -F ' ' '{print \$3}')" >> /usr/bin/bdsmail_distribute
392
-    echo 'if [ ! -d $MAIL_DIR/postmaster/new ]; then' >> /usr/bin/bdsmail_distribute
393
-    echo '    exit 0' >> /usr/bin/bdsmail_distribute
394
-    echo 'fi' >> /usr/bin/bdsmail_distribute
395
-    echo 'for filename in $MAIL_DIR/postmaster/new/*; do' >> /usr/bin/bdsmail_distribute
396
-    echo '    to_line=$(cat $filename | grep "To: " | head -n 1)' >> /usr/bin/bdsmail_distribute
397
-    echo "    to_username=\$(echo \"\$to_line\" | awk -F ' ' '{print \$2}' | awk -F '@' '{print \$1}')" >> /usr/bin/bdsmail_distribute
398
-    echo '    if [ -d /home/$to_username/Maildir/i2p/new ]; then' >> /usr/bin/bdsmail_distribute
399
-    echo '        chown $to_username:$to_username $filename' >> /usr/bin/bdsmail_distribute
400
-    echo '        chmod 600 $filename' >> /usr/bin/bdsmail_distribute
401
-    echo '        mv $filename /home/$to_username/Maildir/i2p/new' >> /usr/bin/bdsmail_distribute
402
-    echo '    fi' >> /usr/bin/bdsmail_distribute
403
-    echo 'done' >> /usr/bin/bdsmail_distribute
389
+    { echo '#!/bin/bash';
390
+      echo "BDSMAIL_DIR=$BDSMAIL_DIR";
391
+      echo "MAIL_DIR=\$BDSMAIL_DIR/\$(cat \$BDSMAIL_DIR/config.ini | grep 'maildir =' | awk -F ' ' '{print \$3}')";
392
+      echo "if [ ! -d \$MAIL_DIR/postmaster/new ]; then";
393
+      echo '    exit 0';
394
+      echo 'fi';
395
+      echo "for filename in \$MAIL_DIR/postmaster/new/*; do";
396
+      echo "    to_line=\$(cat \$filename | grep \"To: \" | head -n 1)";
397
+      echo "    to_username=\$(echo \"\$to_line\" | awk -F ' ' '{print \$2}' | awk -F '@' '{print \$1}')";
398
+      echo "    if [ -d /home/\$to_username/Maildir/i2p/new ]; then";
399
+      echo "        chown \$to_username:\$to_username \$filename";
400
+      echo "        chmod 600 \$filename";
401
+      echo "        mv \$filename /home/\$to_username/Maildir/i2p/new";
402
+      echo '    fi';
403
+      echo 'done'; } > /usr/bin/bdsmail_distribute
404 404
     chmod +x /usr/bin/bdsmail_distribute
405 405
 
406 406
     if ! grep -q 'bdsmail_distribute' /etc/crontab; then
407 407
         cron_add_mins 1 '/usr/bin/bdsmail_distribute 2> /dev/null'
408 408
     fi
409 409
 
410
-    echo '#!/bin/bash' > /usr/bin/bdsmail_domain
411
-    echo "cd $BDSMAIL_DIR" >> /usr/bin/bdsmail_domain
412
-    echo 'if [ ! -f bdsmail-privkey.dat ]; then' >> /usr/bin/bdsmail_domain
413
-    echo '    exit 1' >> /usr/bin/bdsmail_domain
414
-    echo 'fi' >> /usr/bin/bdsmail_domain
415
-    echo "python2 get_address bdsmail-privkey.dat | tr '[:upper:]' '[:lower:]'" >> /usr/bin/bdsmail_domain
410
+    { echo '#!/bin/bash';
411
+      echo "cd $BDSMAIL_DIR";
412
+      echo 'if [ ! -f bdsmail-privkey.dat ]; then';
413
+      echo '    exit 1';
414
+      echo 'fi';
415
+      echo "python2 get_address bdsmail-privkey.dat | tr '[:upper:]' '[:lower:]'"; } > /usr/bin/bdsmail_domain
416 416
     chmod +x /usr/bin/bdsmail_domain
417 417
 
418 418
     echo ''
@@ -422,7 +422,7 @@ function install_bdsmail {
422 422
 
423 423
     bdsmail_wait_for_key_generation
424 424
 
425
-    if [ ! $bds_domain ]; then
425
+    if [ ! "$bds_domain" ]; then
426 426
         systemctl stop bdsmail
427 427
         systemctl disable bdsmail
428 428
         remove_i2p
@@ -430,38 +430,38 @@ function install_bdsmail {
430 430
         exit 8934638
431 431
     fi
432 432
 
433
-    BDSMAIL_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
434
-    ${PROJECT_NAME}-pass -u $MY_USERNAME -a bdsmail -p "$BDSMAIL_PASSWORD"
435
-    cd $BDSMAIL_DIR
433
+    BDSMAIL_PASSWORD="$(create_password "${MINIMUM_PASSWORD_LENGTH}")"
434
+    "${PROJECT_NAME}-pass" -u "$MY_USERNAME" -a bdsmail -p "$BDSMAIL_PASSWORD"
435
+    cd $BDSMAIL_DIR || exit 2346872427
436 436
     $BDSMAIL_DIR/bin/mailtool $BDSMAIL_DIR/config.ini admin $BDSMAIL_DIR/Maildir/i2p/admin "$BDSMAIL_PASSWORD"
437 437
 
438 438
     # Create mutt configuration
439 439
     if [ ! -d /etc/skel/.mutt ]; then
440 440
         mkdir /etc/skel/.mutt
441 441
     fi
442
-    echo 'set mbox_type=Maildir' > /etc/skel/.mutt/bdsmail
443
-    echo "set smtp_url=smtp://username:password@127.0.0.1:$I2P_SMTP_PORT/" >> /etc/skel/.mutt/bdsmail
444
-    echo 'set use_from=yes' >> /etc/skel/.mutt/bdsmail
445
-    echo "set from=username@${bds_domain}" >> /etc/skel/.mutt/bdsmail
446
-    echo "set spoolfile=~/Maildir/i2p" >> /etc/skel/.mutt/bdsmail
447
-    echo 'set pgp_autoencrypt=no' >> /etc/skel/.mutt/bdsmail
448
-    echo 'set pgp_replyencrypt=no' >> /etc/skel/.mutt/bdsmail
449
-    echo 'set pgp_autosign=no' >> /etc/skel/.mutt/bdsmail
450
-    echo 'set pgp_replysign=no' >> /etc/skel/.mutt/bdsmail
442
+    { echo 'set mbox_type=Maildir';
443
+      echo "set smtp_url=smtp://username:password@127.0.0.1:$I2P_SMTP_PORT/";
444
+      echo 'set use_from=yes';
445
+      echo "set from=username@${bds_domain}";
446
+      echo "set spoolfile=~/Maildir/i2p";
447
+      echo 'set pgp_autoencrypt=no';
448
+      echo 'set pgp_replyencrypt=no';
449
+      echo 'set pgp_autosign=no';
450
+      echo 'set pgp_replysign=no'; } > /etc/skel/.mutt/bdsmail
451 451
 
452 452
     # mutt configuration for the admin user
453
-    if [ ! -d /home/$MY_USERNAME/.mutt ]; then
454
-        mkdir /home/$MY_USERNAME/.mutt
453
+    if [ ! -d "/home/$MY_USERNAME/.mutt" ]; then
454
+        mkdir "/home/$MY_USERNAME/.mutt"
455 455
     fi
456
-    cp /etc/skel/.mutt/bdsmail /home/$MY_USERNAME/.mutt
457
-    sed -i "s|username|$MY_USERNAME|g" /home/$MY_USERNAME/.mutt/bdsmail
458
-    sed -i "s|password|$BDSMAIL_PASSWORD|g" /home/$MY_USERNAME/.mutt/bdsmail
459
-    chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.mutt
456
+    cp /etc/skel/.mutt/bdsmail "/home/$MY_USERNAME/.mutt"
457
+    sed -i "s|username|$MY_USERNAME|g" "/home/$MY_USERNAME/.mutt/bdsmail"
458
+    sed -i "s|password|$BDSMAIL_PASSWORD|g" "/home/$MY_USERNAME/.mutt/bdsmail"
459
+    chown -R "$MY_USERNAME":"$MY_USERNAME" "/home/$MY_USERNAME/.mutt"
460 460
 
461 461
     bdsmail_configure_users
462 462
 
463
-    cd $BDSMAIL_DIR
464
-    $BDSMAIL_DIR/bin/mailtool $BDSMAIL_DIR/config.ini $MY_USERNAME /home/$MY_USERNAME/Maildir/i2p "$BDSMAIL_PASSWORD"
463
+    cd $BDSMAIL_DIR || exit 2457245
464
+    $BDSMAIL_DIR/bin/mailtool $BDSMAIL_DIR/config.ini "$MY_USERNAME" "/home/$MY_USERNAME/Maildir/i2p" "$BDSMAIL_PASSWORD"
465 465
 
466 466
     APP_INSTALLED=1
467 467
 }

+ 300
- 300
src/freedombone-app-cryptpad Zobrazit soubor

@@ -101,7 +101,7 @@ function upgrade_cryptpad {
101 101
     function_check set_repo_commit
102 102
     set_repo_commit $CRYPTPAD_DIR "cryptpad commit" "$CRYPTPAD_COMMIT" $CRYPTPAD_REPO
103 103
 
104
-    cd $CRYPTPAD_DIR
104
+    cd $CRYPTPAD_DIR || exit 254724
105 105
     cryptpad_create_config
106 106
     npm upgrade
107 107
     npm install
@@ -156,7 +156,7 @@ function restore_local_cryptpad {
156 156
 }
157 157
 
158 158
 function backup_remote_cryptpad {
159
-    if grep -q "cryptpad domain" $COMPLETION_FILE; then
159
+    if grep -q "cryptpad domain" "$COMPLETION_FILE"; then
160 160
         temp_backup_dir=$CRYPTPAD_DIR/datastore
161 161
         if [ -d $temp_backup_dir ]; then
162 162
             systemctl stop cryptpad
@@ -226,7 +226,7 @@ function remove_cryptpad {
226 226
     remove_onion_service cryptpad ${CRYPTPAD_ONION_PORT}
227 227
     remove_app cryptpad
228 228
     remove_completion_param install_cryptpad
229
-    sed -i '/cryptpad/d' $COMPLETION_FILE
229
+    sed -i '/cryptpad/d' "$COMPLETION_FILE"
230 230
 
231 231
     userdel -r cryptpad
232 232
 }
@@ -236,123 +236,123 @@ function cryptpad_create_config {
236 236
 
237 237
     cryptpad_prefix=
238 238
     if [[ "$cryptpad_install_type" == "mesh" ]]; then
239
-        cryptpad_prefix=$rootdir
239
+        # shellcheck disable=SC2154
240
+        cryptpad_prefix="$rootdir"
240 241
     fi
241 242
 
242
-    echo '/*@flow*/' > $cryptpad_prefix$CRYPTPAD_DIR/config.js
243
-    echo '/*' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
244
-    echo '  globals module' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
245
-    echo '*/' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
246
-    echo "var domain = ' http://localhost:${CRYPTPAD_PORT}/';" >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
247
-    echo 'module.exports = {' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
248
-    echo "        httpAddress: '::'," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
249
-    echo '        httpHeaders: {' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
250
-    echo '                "X-XSS-Protection": "1; mode=block",' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
251
-    echo '                "X-Content-Type-Options": "nosniff",' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
252
-    echo '                "Access-Control-Allow-Origin": "*"' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
253
-    echo '        },' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
254
-    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
255
-    echo '        contentSecurity: [' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
256
-    echo "                \"default-src 'none'\"," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
257
-    echo "                \"style-src 'unsafe-inline' 'self' \" + domain," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
258
-    echo "                \"script-src 'self'\" + domain," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
259
-    echo "                \"font-src 'self' data:\" + domain," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
260
-    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
261
-    echo '                "child-src blob: *",' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
262
-    echo '                "frame-src blob: *",' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
263
-    echo '                "media-src * blob:",' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
264
-    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
265
-    echo "                \"connect-src 'self' ws: wss: blob:\" + domain," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
266
-    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
267
-    echo "                \"img-src 'self' data: blob:\" + domain," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
268
-    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
269
-    echo '                "frame-ancestors *",' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
270
-    echo "        ].join('; ')," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
271
-    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
272
-    echo '        padContentSecurity: [' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
273
-    echo "                \"default-src 'none'\"," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
274
-    echo "                \"style-src 'unsafe-inline' 'self'\" + domain," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
275
-    echo "                \"script-src 'self' 'unsafe-eval' 'unsafe-inline'\" + domain," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
276
-    echo "                \"font-src 'self'\" + domain," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
277
-    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
278
-    echo '                "child-src *",' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
279
-    echo '                "frame-src *",' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
280
-    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
281
-    echo "                \"connect-src 'self' ws: wss:\" + domain," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
282
-    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
283
-    echo '                "img-src * blob:",' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
284
-    echo "        ].join('; ')," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
285
-    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
286
-    echo "        httpPort: ${CRYPTPAD_PORT}," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
287
-    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
288
-    echo '        // This is for allowing the cross-domain iframe to function when developing' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
289
-    echo "        httpSafePort: ${CRYPTPAD_PORT2}," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
290
-    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
291
-    echo "        websocketPath: '/cryptpad_websocket'," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
292
-    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
293
-    echo '        logToStdout: false,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
294
-    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
295
-    echo '        verbose: false,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
296
-    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
297
-    echo '        mainPages: [' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
298
-    echo "                'index'" >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
299
-    echo '        ],' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
300
-    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
301
-    echo '        removeDonateButton: true,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
302
-    echo '        allowSubscriptions: false,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
243
+    { echo '/*@flow*/';
244
+      echo '/*';
245
+      echo '  globals module';
246
+      echo '*/';
247
+      echo "var domain = ' http://localhost:${CRYPTPAD_PORT}/';";
248
+      echo 'module.exports = {';
249
+      echo "        httpAddress: '::',";
250
+      echo '        httpHeaders: {';
251
+      echo '                "X-XSS-Protection": "1; mode=block",';
252
+      echo '                "X-Content-Type-Options": "nosniff",';
253
+      echo '                "Access-Control-Allow-Origin": "*"';
254
+      echo '        },';
255
+      echo '';
256
+      echo '        contentSecurity: [';
257
+      echo "                \"default-src 'none'\",";
258
+      echo "                \"style-src 'unsafe-inline' 'self' \" + domain,";
259
+      echo "                \"script-src 'self'\" + domain,";
260
+      echo "                \"font-src 'self' data:\" + domain,";
261
+      echo '';
262
+      echo '                "child-src blob: *",';
263
+    echo '                "frame-src blob: *",';
264
+    echo '                "media-src * blob:",';
265
+    echo '';
266
+    echo "                \"connect-src 'self' ws: wss: blob:\" + domain,";
267
+    echo '';
268
+    echo "                \"img-src 'self' data: blob:\" + domain,";
269
+    echo '';
270
+    echo '                "frame-ancestors *",';
271
+    echo "        ].join('; '),";
272
+    echo '';
273
+    echo '        padContentSecurity: [';
274
+    echo "                \"default-src 'none'\",";
275
+    echo "                \"style-src 'unsafe-inline' 'self'\" + domain,";
276
+    echo "                \"script-src 'self' 'unsafe-eval' 'unsafe-inline'\" + domain,";
277
+    echo "                \"font-src 'self'\" + domain,";
278
+    echo '';
279
+    echo '                "child-src *",';
280
+    echo '                "frame-src *",';
281
+    echo '';
282
+    echo "                \"connect-src 'self' ws: wss:\" + domain,";
283
+    echo '';
284
+    echo '                "img-src * blob:",';
285
+    echo "        ].join('; '),";
286
+    echo '';
287
+    echo "        httpPort: ${CRYPTPAD_PORT},";
288
+    echo '';
289
+    echo '        // This is for allowing the cross-domain iframe to function when developing';
290
+    echo "        httpSafePort: ${CRYPTPAD_PORT2},";
291
+    echo '';
292
+    echo "        websocketPath: '/cryptpad_websocket',";
293
+    echo '';
294
+    echo '        logToStdout: false,';
295
+    echo '';
296
+    echo '        verbose: false,';
297
+    echo '';
298
+    echo '        mainPages: [';
299
+    echo "                'index'";
300
+    echo '        ],';
301
+    echo '';
302
+    echo '        removeDonateButton: true,';
303
+    echo '        allowSubscriptions: false,'; } > "$cryptpad_prefix$CRYPTPAD_DIR/config.js"
303 304
     if [[ "$cryptpad_install_type" == "mesh" ]]; then
304
-        echo "        myDomain: 'http://P${PEER_ID}.local'," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
305
+        echo "        myDomain: 'http://P${PEER_ID}.local'," >> "$cryptpad_prefix$CRYPTPAD_DIR/config.js"
305 306
     else
306 307
         CRYPTPAD_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_cryptpad/hostname)
307
-        echo "        myDomain: 'http://${CRYPTPAD_ONION_HOSTNAME}'," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
308
+        echo "        myDomain: 'http://${CRYPTPAD_ONION_HOSTNAME}'," >> "$cryptpad_prefix$CRYPTPAD_DIR/config.js"
308 309
     fi
309
-    echo '        defaultStorageLimit: 50 * 1024 * 1024,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
310
-
311
-    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
312
-    echo '        customLimits: {' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
313
-    echo '        },' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
314
-    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
315
-    echo '        adminEmail: false,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
316
-    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
317
-    echo "        storage: './storage/file'," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
318
-    echo '' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
319
-    echo "       filePath: './datastore/'," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
320
-    echo "        pinPath: './pins'," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
321
-    echo "        blobPath: './blob'," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
322
-    echo "        blobStagingPath: './blobstage'," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
323
-    echo '        channelExpirationMs: 30000,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
324
-    echo '        openFileLimit: 1024,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
325
-    echo "        rpc: './rpc.js'," >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
326
-    echo '        suppressRPCErrors: false,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
327
-    echo '        enableUploads: true,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
328
-    echo '        //restrictUploads: false,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
329
-    echo '        maxUploadSize: 20 * 1024 * 1024,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
330
-    echo '        //logFeedback: true,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
331
-    echo '        //logRPC: true,' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
332
-    echo '};' >> $cryptpad_prefix$CRYPTPAD_DIR/config.js
310
+    { echo '        defaultStorageLimit: 50 * 1024 * 1024,';
311
+      echo '';
312
+      echo '        customLimits: {';
313
+      echo '        },';
314
+      echo '';
315
+      echo '        adminEmail: false,';
316
+      echo '';
317
+      echo "        storage: './storage/file',";
318
+      echo '';
319
+      echo "       filePath: './datastore/',";
320
+      echo "        pinPath: './pins',";
321
+      echo "        blobPath: './blob',";
322
+      echo "        blobStagingPath: './blobstage',";
323
+      echo '        channelExpirationMs: 30000,';
324
+      echo '        openFileLimit: 1024,';
325
+      echo "        rpc: './rpc.js',";
326
+      echo '        suppressRPCErrors: false,';
327
+      echo '        enableUploads: true,';
328
+      echo '        //restrictUploads: false,';
329
+      echo '        maxUploadSize: 20 * 1024 * 1024,';
330
+      echo '        //logFeedback: true,';
331
+      echo '        //logRPC: true,';
332
+      echo '};'; } >> "$cryptpad_prefix$CRYPTPAD_DIR/config.js"
333 333
 
334 334
     if [[ "$cryptpad_install_type" != "mesh" ]]; then
335
-        chown cryptpad:cryptpad $cryptpad_prefix$CRYPTPAD_DIR/config.js
335
+        chown cryptpad:cryptpad "$cryptpad_prefix$CRYPTPAD_DIR/config.js"
336 336
     else
337 337
         chroot "$rootdir" chown cryptpad:cryptpad $CRYPTPAD_DIR/config.js
338 338
     fi
339 339
 }
340 340
 
341 341
 function mesh_install_cryptpad {
342
-    if [[ $VARIANT != "meshclient" && $VARIANT != "meshusb" ]]; then
342
+    if [[ "$VARIANT" != "meshclient" && "$VARIANT" != "meshusb" ]]; then
343 343
         return
344 344
     fi
345 345
 
346
-    if [ ! -d $rootdir/var/www/cryptpad ]; then
347
-        mkdir $rootdir/var/www/cryptpad
346
+    if [ ! -d "$rootdir/var/www/cryptpad" ]; then
347
+        mkdir "$rootdir/var/www/cryptpad"
348 348
     fi
349
-    if [ -d $rootdir$CRYPTPAD_DIR ]; then
350
-        rm -rf $rootdir$CRYPTPAD_DIR
349
+    if [ -d "$rootdir$CRYPTPAD_DIR" ]; then
350
+        rm -rf "$rootdir$CRYPTPAD_DIR"
351 351
     fi
352 352
 
353
-    git_clone $CRYPTPAD_REPO $rootdir$CRYPTPAD_DIR
353
+    git_clone "$CRYPTPAD_REPO" "$rootdir$CRYPTPAD_DIR"
354 354
 
355
-    if [ ! -d $rootdir$CRYPTPAD_DIR ]; then
355
+    if [ ! -d "$rootdir$CRYPTPAD_DIR" ]; then
356 356
         echo $'Unable to clone cryptpad repo'
357 357
         exit 783251
358 358
     fi
@@ -360,94 +360,94 @@ function mesh_install_cryptpad {
360 360
     # an unprivileged user to run as
361 361
     chroot "$rootdir" useradd -d $CRYPTPAD_DIR/ cryptpad
362 362
 
363
-    cd $rootdir$CRYPTPAD_DIR
364
-    git checkout $CRYPTPAD_COMMIT -b $CRYPTPAD_COMMIT
363
+    cd "$rootdir$CRYPTPAD_DIR" || exit 34683568
364
+    git checkout "$CRYPTPAD_COMMIT" -b "$CRYPTPAD_COMMIT"
365 365
 
366 366
     chroot "$rootdir" chown -R cryptpad:cryptpad $CRYPTPAD_DIR
367 367
 
368 368
     cryptpad_nginx_site=$rootdir/etc/nginx/sites-available/cryptpad
369
-    echo 'server {' > $cryptpad_nginx_site
370
-    echo "  listen 80 default_server;" >> $cryptpad_nginx_site
371
-    echo "  server_name P${PEER_ID}.local;" >> $cryptpad_nginx_site
372
-    echo '' >> $cryptpad_nginx_site
373
-    echo '  # Logs' >> $cryptpad_nginx_site
374
-    echo '  access_log /dev/null;' >> $cryptpad_nginx_site
375
-    echo '  error_log /dev/null;' >> $cryptpad_nginx_site
376
-    echo '' >> $cryptpad_nginx_site
377
-    echo '  # Root' >> $cryptpad_nginx_site
378
-    echo "  root $CRYPTPAD_DIR;" >> $cryptpad_nginx_site
379
-    echo '' >> $cryptpad_nginx_site
380
-    echo '  index index.html;' >> $cryptpad_nginx_site
381
-    echo '' >> $cryptpad_nginx_site
382
-    echo '  add_header X-XSS-Protection "1; mode=block";' >> $cryptpad_nginx_site
383
-    echo '  add_header X-Content-Type-Options nosniff;' >> $cryptpad_nginx_site
384
-    echo '  add_header X-Frame-Options SAMEORIGIN;' >> $cryptpad_nginx_site
385
-    echo '' >> $cryptpad_nginx_site
386
-    echo '  if ($uri = /pad/inner.html) {' >> $cryptpad_nginx_site
387
-    echo "    set \$scriptSrc \"'self' 'unsafe-eval' 'unsafe-inline'\";" >> $cryptpad_nginx_site
388
-    echo '  }' >> $cryptpad_nginx_site
389
-    echo '' >> $cryptpad_nginx_site
390
-    echo '  location = /cryptpad_websocket {' >> $cryptpad_nginx_site
391
-    echo "    proxy_pass http://localhost:$CRYPTPAD_PORT;" >> $cryptpad_nginx_site
392
-    echo '    proxy_set_header X-Real-IP $remote_addr;' >> $cryptpad_nginx_site
393
-    echo '    proxy_set_header Host $host;' >> $cryptpad_nginx_site
394
-    echo '    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> $cryptpad_nginx_site
395
-    echo '' >> $cryptpad_nginx_site
396
-    echo '    # WebSocket support (nginx 1.4)' >> $cryptpad_nginx_site
397
-    echo '    proxy_http_version 1.1;' >> $cryptpad_nginx_site
398
-    echo '    proxy_set_header Upgrade $http_upgrade;' >> $cryptpad_nginx_site
399
-    echo '    proxy_set_header Connection upgrade;' >> $cryptpad_nginx_site
400
-    echo '  }' >> $cryptpad_nginx_site
401
-    echo '' >> $cryptpad_nginx_site
402
-
403
-    echo '  location ^~ /customize.dist/ {' >> $cryptpad_nginx_site
404
-    echo '    # This is needed in order to prevent infinite recursion between /customize/ and the root' >> $cryptpad_nginx_site
405
-    echo '  }' >> $cryptpad_nginx_site
406
-    echo '  location ^~ /customize/ {' >> $cryptpad_nginx_site
407
-    echo '    rewrite ^/customize/(.*)$ $1 break;' >> $cryptpad_nginx_site
408
-    echo '    try_files /customize/$uri /customize.dist/$uri;' >> $cryptpad_nginx_site
409
-    echo '  }' >> $cryptpad_nginx_site
410
-    echo '  location = /api/config {' >> $cryptpad_nginx_site
411
-    echo '    default_type text/javascript;' >> $cryptpad_nginx_site
412
-    echo '    rewrite ^.*$ /customize/api/config break;' >> $cryptpad_nginx_site
413
-    echo '  }' >> $cryptpad_nginx_site
414
-    echo '' >> $cryptpad_nginx_site
415
-    echo '  location ^~ /blob/ {' >> $cryptpad_nginx_site
416
-    echo '    try_files $uri =404;' >> $cryptpad_nginx_site
417
-    echo '  }' >> $cryptpad_nginx_site
418
-    echo '' >> $cryptpad_nginx_site
419
-    echo '  location ^~ /register/ {' >> $cryptpad_nginx_site
420
-    echo '    try_files $uri =404;' >> $cryptpad_nginx_site
421
-    echo '  }' >> $cryptpad_nginx_site
422
-    echo '' >> $cryptpad_nginx_site
423
-    echo '  location ^~ /login/ {' >> $cryptpad_nginx_site
424
-    echo '    try_files $uri =404;' >> $cryptpad_nginx_site
425
-    echo '  }' >> $cryptpad_nginx_site
426
-    echo '' >> $cryptpad_nginx_site
427
-    echo '  location ^~ /about.html {' >> $cryptpad_nginx_site
428
-    echo '    try_files $uri =404;' >> $cryptpad_nginx_site
429
-    echo '  }' >> $cryptpad_nginx_site
430
-    echo '' >> $cryptpad_nginx_site
431
-    echo '  location ^~ /contact.html {' >> $cryptpad_nginx_site
432
-    echo '    try_files $uri =404;' >> $cryptpad_nginx_site
433
-    echo '  }' >> $cryptpad_nginx_site
434
-    echo '' >> $cryptpad_nginx_site
435
-    echo '  location ^~ /what-is-cryptpad.html {' >> $cryptpad_nginx_site
436
-    echo '    try_files $uri =404;' >> $cryptpad_nginx_site
437
-    echo '  }' >> $cryptpad_nginx_site
438
-    echo '' >> $cryptpad_nginx_site
439
-    echo '  location ~ ^/(register|login|settings|user|pad|drive|poll|slide|code|whiteboard|file|media)$ {' >> $cryptpad_nginx_site
440
-    echo '    rewrite ^(.*)$ $1/ redirect;' >> $cryptpad_nginx_site
441
-    echo '  }' >> $cryptpad_nginx_site
442
-    echo '' >> $cryptpad_nginx_site
443
-    echo '  try_files /www/$uri /www/$uri/index.html /customize/$uri;' >> $cryptpad_nginx_site
444
-    echo '}' >> $cryptpad_nginx_site
445
-
446
-    cd $rootdir$CRYPTPAD_DIR
369
+    { echo 'server {';
370
+      echo "  listen 80 default_server;";
371
+      echo "  server_name P${PEER_ID}.local;";
372
+      echo '';
373
+      echo '  # Logs';
374
+      echo '  access_log /dev/null;';
375
+      echo '  error_log /dev/null;';
376
+      echo '';
377
+      echo '  # Root';
378
+      echo "  root $CRYPTPAD_DIR;";
379
+      echo '';
380
+      echo '  index index.html;';
381
+      echo '';
382
+      echo '  add_header X-XSS-Protection "1; mode=block";';
383
+      echo '  add_header X-Content-Type-Options nosniff;';
384
+      echo '  add_header X-Frame-Options SAMEORIGIN;';
385
+      echo '';
386
+      echo "  if (\$uri = /pad/inner.html) {";
387
+      echo "    set \$scriptSrc \"'self' 'unsafe-eval' 'unsafe-inline'\";";
388
+      echo '  }';
389
+      echo '';
390
+      echo '  location = /cryptpad_websocket {';
391
+      echo "    proxy_pass http://localhost:$CRYPTPAD_PORT;";
392
+      echo "    proxy_set_header X-Real-IP \$remote_addr;";
393
+      echo "    proxy_set_header Host \$host;";
394
+      echo "    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;";
395
+      echo '';
396
+      echo '    # WebSocket support (nginx 1.4)';
397
+      echo '    proxy_http_version 1.1;';
398
+      echo "    proxy_set_header Upgrade \$http_upgrade;";
399
+      echo '    proxy_set_header Connection upgrade;';
400
+      echo '  }';
401
+      echo '';
402
+
403
+      echo '  location ^~ /customize.dist/ {';
404
+      echo '    # This is needed in order to prevent infinite recursion between /customize/ and the root';
405
+      echo '  }';
406
+      echo '  location ^~ /customize/ {';
407
+      echo "    rewrite ^/customize/(.*)\$ \$1 break;";
408
+      echo "    try_files /customize/\$uri /customize.dist/\$uri;";
409
+      echo '  }';
410
+      echo '  location = /api/config {';
411
+      echo '    default_type text/javascript;';
412
+      echo '    rewrite ^.*$ /customize/api/config break;';
413
+      echo '  }';
414
+      echo '';
415
+      echo '  location ^~ /blob/ {';
416
+      echo "    try_files \$uri =404;";
417
+      echo '  }';
418
+      echo '';
419
+      echo '  location ^~ /register/ {';
420
+      echo "    try_files \$uri =404;";
421
+      echo '  }';
422
+      echo '';
423
+      echo '  location ^~ /login/ {';
424
+      echo "    try_files \$uri =404;";
425
+      echo '  }';
426
+      echo '';
427
+      echo '  location ^~ /about.html {';
428
+      echo "    try_files \$uri =404;";
429
+      echo '  }';
430
+      echo '';
431
+      echo '  location ^~ /contact.html {';
432
+      echo "    try_files \$uri =404;";
433
+      echo '  }';
434
+      echo '';
435
+      echo '  location ^~ /what-is-cryptpad.html {';
436
+      echo "    try_files \$uri =404;";
437
+      echo '  }';
438
+      echo '';
439
+      echo '  location ~ ^/(register|login|settings|user|pad|drive|poll|slide|code|whiteboard|file|media)$ {';
440
+      echo "    rewrite ^(.*)\$ \$1/ redirect;";
441
+      echo '  }';
442
+      echo '';
443
+      echo "  try_files /www/\$uri /www/\$uri/index.html /customize/\$uri;";
444
+      echo '}'; } > "$cryptpad_nginx_site"
445
+
446
+    cd "$rootdir$CRYPTPAD_DIR" || exit 6246824624527
447 447
 
448 448
     get_npm_arch
449 449
 
450
-    cat <<EOF > $rootdir/usr/bin/install_cryptpad
450
+    cat <<EOF > "$rootdir/usr/bin/install_cryptpad"
451 451
 #!/bin/bash
452 452
 cd $CRYPTPAD_DIR
453 453
 npm install --arch=$NPM_ARCH --build-from-source
@@ -456,37 +456,37 @@ chown -R cryptpad:cryptpad $CRYPTPAD_DIR
456 456
 su -c 'bower install' - cryptpad
457 457
 cp config.example.js config.js
458 458
 EOF
459
-    chmod +x $rootdir/usr/bin/install_cryptpad
459
+    chmod +x "$rootdir/usr/bin/install_cryptpad"
460 460
     chroot "$rootdir" /usr/bin/install_cryptpad
461 461
 
462
-    if [ ! -f $rootdir$CRYPTPAD_DIR/config.js ]; then
462
+    if [ ! -f "$rootdir$CRYPTPAD_DIR/config.js" ]; then
463 463
         echo $'Cryptpad config file not found'
464 464
         exit 628252
465 465
     fi
466 466
 
467
-    rm $rootdir/usr/bin/install_cryptpad
467
+    rm "$rootdir/usr/bin/install_cryptpad"
468 468
 
469 469
     cryptpad_create_config mesh
470 470
 
471 471
     chroot "$rootdir" chown -R cryptpad:cryptpad $CRYPTPAD_DIR
472 472
 
473 473
     # daemon
474
-    echo '[Unit]' > $rootdir/etc/systemd/system/cryptpad.service
475
-    echo 'Description=Cryptpad' >> $rootdir/etc/systemd/system/cryptpad.service
476
-    echo 'After=syslog.target' >> $rootdir/etc/systemd/system/cryptpad.service
477
-    echo 'After=network.target' >> $rootdir/etc/systemd/system/cryptpad.service
478
-    echo '' >> $rootdir/etc/systemd/system/cryptpad.service
479
-    echo '[Service]' >> $rootdir/etc/systemd/system/cryptpad.service
480
-    echo 'User=cryptpad' >> $rootdir/etc/systemd/system/cryptpad.service
481
-    echo 'Group=cryptpad' >> $rootdir/etc/systemd/system/cryptpad.service
482
-    echo "WorkingDirectory=$CRYPTPAD_DIR" >> $rootdir/etc/systemd/system/cryptpad.service
483
-    echo "ExecStart=/usr/local/bin/node $CRYPTPAD_DIR/server.js" >> $rootdir/etc/systemd/system/cryptpad.service
484
-    echo 'Environment=PATH=/usr/bin:/usr/local/bin' >> $rootdir/etc/systemd/system/cryptpad.service
485
-    echo 'Environment=NODE_ENV=production' >> $rootdir/etc/systemd/system/cryptpad.service
486
-    echo 'Restart=on-failure' >> $rootdir/etc/systemd/system/cryptpad.service
487
-    echo '' >> $rootdir/etc/systemd/system/cryptpad.service
488
-    echo '[Install]' >> $rootdir/etc/systemd/system/cryptpad.service
489
-    echo 'WantedBy=multi-user.target' >> $rootdir/etc/systemd/system/cryptpad.service
474
+    { echo '[Unit]';
475
+      echo 'Description=Cryptpad';
476
+      echo 'After=syslog.target';
477
+      echo 'After=network.target';
478
+      echo '';
479
+      echo '[Service]';
480
+      echo 'User=cryptpad';
481
+      echo 'Group=cryptpad';
482
+      echo "WorkingDirectory=$CRYPTPAD_DIR";
483
+      echo "ExecStart=/usr/local/bin/node $CRYPTPAD_DIR/server.js";
484
+      echo 'Environment=PATH=/usr/bin:/usr/local/bin';
485
+      echo 'Environment=NODE_ENV=production';
486
+      echo 'Restart=on-failure';
487
+      echo '';
488
+      echo '[Install]';
489
+      echo 'WantedBy=multi-user.target'; } > "$rootdir/etc/systemd/system/cryptpad.service"
490 490
     chroot "$rootdir" systemctl enable cryptpad.service
491 491
 }
492 492
 
@@ -505,7 +505,7 @@ function install_cryptpad_main {
505 505
     if [ -d /repos/cryptpad ]; then
506 506
         mkdir $CRYPTPAD_DIR
507 507
         cp -r -p /repos/cryptpad/. $CRYPTPAD_DIR
508
-        cd $CRYPTPAD_DIR
508
+        cd $CRYPTPAD_DIR || exit 3468356385
509 509
         git pull
510 510
     else
511 511
         function_check git_clone
@@ -520,7 +520,7 @@ function install_cryptpad_main {
520 520
     # an unprivileged user to run as
521 521
     useradd -d $CRYPTPAD_DIR/ cryptpad
522 522
 
523
-    cd $CRYPTPAD_DIR
523
+    cd $CRYPTPAD_DIR || exit 34683655
524 524
     git checkout $CRYPTPAD_COMMIT -b $CRYPTPAD_COMMIT
525 525
     set_completion_param "cryptpad commit" "$CRYPTPAD_COMMIT"
526 526
 
@@ -529,87 +529,87 @@ function install_cryptpad_main {
529 529
     CRYPTPAD_ONION_HOSTNAME=$(add_onion_service cryptpad 80 ${CRYPTPAD_ONION_PORT})
530 530
 
531 531
     cryptpad_nginx_site=/etc/nginx/sites-available/cryptpad
532
-    echo 'server {' > $cryptpad_nginx_site
533
-    echo "  listen 127.0.0.1:$CRYPTPAD_ONION_PORT default_server;" >> $cryptpad_nginx_site
534
-    echo "  server_name $CRYPTPAD_ONION_HOSTNAME;" >> $cryptpad_nginx_site
535
-    echo '' >> $cryptpad_nginx_site
536
-    echo '  # Logs' >> $cryptpad_nginx_site
537
-    echo '  access_log /dev/null;' >> $cryptpad_nginx_site
538
-    echo '  error_log /dev/null;' >> $cryptpad_nginx_site
539
-    echo '' >> $cryptpad_nginx_site
540
-    echo '  # Root' >> $cryptpad_nginx_site
541
-    echo "  root $CRYPTPAD_DIR;" >> $cryptpad_nginx_site
542
-    echo '' >> $cryptpad_nginx_site
543
-    echo '  index index.html;' >> $cryptpad_nginx_site
544
-    echo '' >> $cryptpad_nginx_site
545
-    echo '  if ($args ~ ver=) {' >> $cryptpad_nginx_site
546
-    echo '      set $cacheControl max-age=31536000;' >> $cryptpad_nginx_site
547
-    echo '  }' >> $cryptpad_nginx_site
548
-    echo '  add_header Cache-Control $cacheControl;' >> $cryptpad_nginx_site
549
-    echo '' >> $cryptpad_nginx_site
550
-    echo '  add_header X-XSS-Protection "1; mode=block";' >> $cryptpad_nginx_site
551
-    echo '  add_header X-Content-Type-Options nosniff;' >> $cryptpad_nginx_site
552
-    echo '  add_header X-Frame-Options SAMEORIGIN;' >> $cryptpad_nginx_site
553
-    echo '' >> $cryptpad_nginx_site
554
-    echo '  if ($uri = /pad/inner.html) {' >> $cryptpad_nginx_site
555
-    echo "    set \$scriptSrc \"'self' 'unsafe-eval' 'unsafe-inline'\";" >> $cryptpad_nginx_site
556
-    echo '  }' >> $cryptpad_nginx_site
557
-    echo '' >> $cryptpad_nginx_site
558
-    echo '  location = /cryptpad_websocket {' >> $cryptpad_nginx_site
559
-    echo "    proxy_pass http://localhost:$CRYPTPAD_PORT;" >> $cryptpad_nginx_site
560
-    echo '    proxy_set_header X-Real-IP $remote_addr;' >> $cryptpad_nginx_site
561
-    echo '    proxy_set_header Host $host;' >> $cryptpad_nginx_site
562
-    echo '    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> $cryptpad_nginx_site
563
-    echo '' >> $cryptpad_nginx_site
564
-    echo '    # WebSocket support (nginx 1.4)' >> $cryptpad_nginx_site
565
-    echo '    proxy_http_version 1.1;' >> $cryptpad_nginx_site
566
-    echo '    proxy_set_header Upgrade $http_upgrade;' >> $cryptpad_nginx_site
567
-    echo '    proxy_set_header Connection upgrade;' >> $cryptpad_nginx_site
568
-    echo '  }' >> $cryptpad_nginx_site
569
-    echo '' >> $cryptpad_nginx_site
570
-
571
-    echo '  location ^~ /customize.dist/ {' >> $cryptpad_nginx_site
572
-    echo '    # This is needed in order to prevent infinite recursion between /customize/ and the root' >> $cryptpad_nginx_site
573
-    echo '  }' >> $cryptpad_nginx_site
574
-    echo '  location ^~ /customize/ {' >> $cryptpad_nginx_site
575
-    echo '    rewrite ^/customize/(.*)$ $1 break;' >> $cryptpad_nginx_site
576
-    echo '    try_files /customize/$uri /customize.dist/$uri;' >> $cryptpad_nginx_site
577
-    echo '  }' >> $cryptpad_nginx_site
578
-    echo '  location = /api/config {' >> $cryptpad_nginx_site
579
-    echo '    default_type text/javascript;' >> $cryptpad_nginx_site
580
-    echo '    rewrite ^.*$ /customize/api/config break;' >> $cryptpad_nginx_site
581
-    echo '  }' >> $cryptpad_nginx_site
582
-    echo '' >> $cryptpad_nginx_site
583
-    echo '  location ^~ /blob/ {' >> $cryptpad_nginx_site
584
-    echo '    try_files $uri =404;' >> $cryptpad_nginx_site
585
-    echo '  }' >> $cryptpad_nginx_site
586
-    echo '' >> $cryptpad_nginx_site
587
-    echo '  location ^~ /register/ {' >> $cryptpad_nginx_site
588
-    echo '    try_files $uri =404;' >> $cryptpad_nginx_site
589
-    echo '  }' >> $cryptpad_nginx_site
590
-    echo '' >> $cryptpad_nginx_site
591
-    echo '  location ^~ /login/ {' >> $cryptpad_nginx_site
592
-    echo '    try_files $uri =404;' >> $cryptpad_nginx_site
593
-    echo '  }' >> $cryptpad_nginx_site
594
-    echo '' >> $cryptpad_nginx_site
595
-    echo '  location ^~ /about.html {' >> $cryptpad_nginx_site
596
-    echo '    try_files $uri =404;' >> $cryptpad_nginx_site
597
-    echo '  }' >> $cryptpad_nginx_site
598
-    echo '' >> $cryptpad_nginx_site
599
-    echo '  location ^~ /contact.html {' >> $cryptpad_nginx_site
600
-    echo '    try_files $uri =404;' >> $cryptpad_nginx_site
601
-    echo '  }' >> $cryptpad_nginx_site
602
-    echo '' >> $cryptpad_nginx_site
603
-    echo '  location ^~ /what-is-cryptpad.html {' >> $cryptpad_nginx_site
604
-    echo '    try_files $uri =404;' >> $cryptpad_nginx_site
605
-    echo '  }' >> $cryptpad_nginx_site
606
-    echo '' >> $cryptpad_nginx_site
607
-    echo '  location ~ ^/(register|login|settings|user|pad|drive|poll|slide|code|whiteboard|file|media)$ {' >> $cryptpad_nginx_site
608
-    echo '    rewrite ^(.*)$ $1/ redirect;' >> $cryptpad_nginx_site
609
-    echo '  }' >> $cryptpad_nginx_site
610
-    echo '' >> $cryptpad_nginx_site
611
-    echo '  try_files /www/$uri /www/$uri/index.html /customize/$uri;' >> $cryptpad_nginx_site
612
-    echo '}' >> $cryptpad_nginx_site
532
+    { echo 'server {';
533
+      echo "  listen 127.0.0.1:$CRYPTPAD_ONION_PORT default_server;";
534
+      echo "  server_name $CRYPTPAD_ONION_HOSTNAME;";
535
+      echo '';
536
+      echo '  # Logs';
537
+      echo '  access_log /dev/null;';
538
+      echo '  error_log /dev/null;';
539
+      echo '';
540
+      echo '  # Root';
541
+      echo "  root $CRYPTPAD_DIR;";
542
+      echo '';
543
+      echo '  index index.html;';
544
+      echo '';
545
+      echo "  if (\$args ~ ver=) {";
546
+      echo "      set \$cacheControl max-age=31536000;";
547
+      echo '  }';
548
+      echo "  add_header Cache-Control \$cacheControl;";
549
+      echo '';
550
+      echo '  add_header X-XSS-Protection "1; mode=block";';
551
+      echo '  add_header X-Content-Type-Options nosniff;';
552
+      echo '  add_header X-Frame-Options SAMEORIGIN;';
553
+      echo '';
554
+      echo "  if (\$uri = /pad/inner.html) {";
555
+      echo "    set \$scriptSrc \"'self' 'unsafe-eval' 'unsafe-inline'\";";
556
+      echo '  }';
557
+      echo '';
558
+      echo '  location = /cryptpad_websocket {';
559
+      echo "    proxy_pass http://localhost:$CRYPTPAD_PORT;";
560
+      echo "    proxy_set_header X-Real-IP \$remote_addr;";
561
+      echo "    proxy_set_header Host \$host;";
562
+      echo "    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;";
563
+      echo '';
564
+      echo '    # WebSocket support (nginx 1.4)';
565
+      echo '    proxy_http_version 1.1;';
566
+      echo "    proxy_set_header Upgrade \$http_upgrade;";
567
+      echo '    proxy_set_header Connection upgrade;';
568
+      echo '  }';
569
+      echo '';
570
+
571
+      echo '  location ^~ /customize.dist/ {';
572
+      echo '    # This is needed in order to prevent infinite recursion between /customize/ and the root';
573
+      echo '  }';
574
+      echo '  location ^~ /customize/ {';
575
+      echo "    rewrite ^/customize/(.*)\$ \$1 break;";
576
+      echo "    try_files /customize/\$uri /customize.dist/\$uri;";
577
+      echo '  }';
578
+      echo '  location = /api/config {';
579
+      echo '    default_type text/javascript;';
580
+      echo '    rewrite ^.*$ /customize/api/config break;';
581
+      echo '  }';
582
+      echo '';
583
+      echo '  location ^~ /blob/ {';
584
+      echo "    try_files \$uri =404;";
585
+      echo '  }';
586
+      echo '';
587
+      echo '  location ^~ /register/ {';
588
+      echo "    try_files \$uri =404;";
589
+      echo '  }';
590
+      echo '';
591
+      echo '  location ^~ /login/ {';
592
+      echo "    try_files \$uri =404;";
593
+      echo '  }';
594
+      echo '';
595
+      echo '  location ^~ /about.html {';
596
+      echo "    try_files \$uri =404;";
597
+      echo '  }';
598
+      echo '';
599
+      echo '  location ^~ /contact.html {';
600
+      echo "    try_files \$uri =404;";
601
+      echo '  }';
602
+      echo '';
603
+      echo '  location ^~ /what-is-cryptpad.html {';
604
+      echo "    try_files \$uri =404;";
605
+      echo '  }';
606
+      echo '';
607
+      echo '  location ~ ^/(register|login|settings|user|pad|drive|poll|slide|code|whiteboard|file|media)$ {';
608
+      echo "    rewrite ^(.*)\$ \$1/ redirect;";
609
+      echo '  }';
610
+      echo '';
611
+      echo "  try_files /www/\$uri /www/\$uri/index.html /customize/\$uri;";
612
+      echo '}'; } > $cryptpad_nginx_site
613 613
 
614 614
     function_check nginx_ensite
615 615
     nginx_ensite cryptpad
@@ -623,7 +623,7 @@ function install_cryptpad {
623 623
 
624 624
     install_cryptpad_main
625 625
 
626
-    cd $CRYPTPAD_DIR
626
+    cd $CRYPTPAD_DIR || exit 35483548
627 627
 
628 628
     npm install
629 629
     npm install -g bower@1.8.0
@@ -639,22 +639,22 @@ function install_cryptpad {
639 639
     chown -R cryptpad:cryptpad $CRYPTPAD_DIR
640 640
 
641 641
     # daemon
642
-    echo '[Unit]' > /etc/systemd/system/cryptpad.service
643
-    echo 'Description=Cryptpad' >> /etc/systemd/system/cryptpad.service
644
-    echo 'After=syslog.target' >> /etc/systemd/system/cryptpad.service
645
-    echo 'After=network.target' >> /etc/systemd/system/cryptpad.service
646
-    echo '' >> /etc/systemd/system/cryptpad.service
647
-    echo '[Service]' >> /etc/systemd/system/cryptpad.service
648
-    echo 'User=cryptpad' >> /etc/systemd/system/cryptpad.service
649
-    echo 'Group=cryptpad' >> /etc/systemd/system/cryptpad.service
650
-    echo "WorkingDirectory=$CRYPTPAD_DIR" >> /etc/systemd/system/cryptpad.service
651
-    echo "ExecStart=/usr/local/bin/node $CRYPTPAD_DIR/server.js" >> /etc/systemd/system/cryptpad.service
652
-    echo 'Environment=PATH=/usr/bin:/usr/local/bin' >> /etc/systemd/system/cryptpad.service
653
-    echo 'Environment=NODE_ENV=production' >> /etc/systemd/system/cryptpad.service
654
-    echo 'Restart=on-failure' >> /etc/systemd/system/cryptpad.service
655
-    echo '' >> /etc/systemd/system/cryptpad.service
656
-    echo '[Install]' >> /etc/systemd/system/cryptpad.service
657
-    echo 'WantedBy=multi-user.target' >> /etc/systemd/system/cryptpad.service
642
+    { echo '[Unit]';
643
+      echo 'Description=Cryptpad';
644
+      echo 'After=syslog.target';
645
+      echo 'After=network.target';
646
+      echo '';
647
+      echo '[Service]';
648
+      echo 'User=cryptpad';
649
+      echo 'Group=cryptpad';
650
+      echo "WorkingDirectory=$CRYPTPAD_DIR";
651
+      echo "ExecStart=/usr/local/bin/node $CRYPTPAD_DIR/server.js";
652
+      echo 'Environment=PATH=/usr/bin:/usr/local/bin';
653
+      echo 'Environment=NODE_ENV=production';
654
+      echo 'Restart=on-failure';
655
+      echo '';
656
+      echo '[Install]';
657
+      echo 'WantedBy=multi-user.target'; } > /etc/systemd/system/cryptpad.service
658 658
     systemctl enable cryptpad.service
659 659
     systemctl daemon-reload
660 660
     systemctl start cryptpad.service
@@ -664,7 +664,7 @@ function install_cryptpad {
664 664
     cryptpad_generate_api_config
665 665
 
666 666
     # install again
667
-    cd $CRYPTPAD_DIR
667
+    cd $CRYPTPAD_DIR || exit 73537453
668 668
     su -c 'bower install' - cryptpad
669 669
 
670 670
     systemctl restart nginx

+ 57
- 52
src/freedombone-app-dlna Zobrazit soubor

@@ -49,24 +49,27 @@ function logging_off_dlna {
49 49
 function configure_interactive_dlna {
50 50
     while true
51 51
     do
52
-        data=$(tempfile 2>/dev/null)
53
-        trap "rm -f $data" 0 1 2 5 15
52
+        data=$(mktemp 2>/dev/null)
54 53
         dialog --backtitle $"Freedombone Control Panel" \
55 54
                --title $"Media Menu" \
56 55
                --radiolist $"Choose an operation:" 13 70 3 \
57 56
                1 $"Attach a drive containing playable media" off \
58 57
                2 $"Remove a drive containing playable media" off \
59
-               3 $"Exit" on 2> $data
58
+               3 $"Exit" on 2> "$data"
60 59
         sel=$?
61 60
         case $sel in
62
-            1) break;;
63
-            255) break;;
61
+            1) rm -f "$data"
62
+               break;;
63
+            255) rm -f "$data"
64
+                 break;;
64 65
         esac
65 66
         case $(cat $data) in
66 67
             1) attach-music;;
67 68
             2) remove-music;;
68
-            3) break;;
69
+            3) rm -f "$data"
70
+               break;;
69 71
         esac
72
+        rm -f "$data"
70 73
     done
71 74
 }
72 75
 
@@ -95,19 +98,19 @@ function configure_firewall_for_dlna {
95 98
     firewall_add DLNA 1900 udp
96 99
     firewall_add DLNA 8200 tcp
97 100
 
98
-    echo '<?xml version="1.0" standalone="no"?><!--*-nxml-*-->' > /etc/avahi/services/dlna.service
99
-    echo '<!DOCTYPE service-group SYSTEM "avahi-service.dtd">' >> /etc/avahi/services/dlna.service
100
-    echo '<service-group>' >> /etc/avahi/services/dlna.service
101
-    echo '  <name replace-wildcards="yes">%h DLNA</name>' >> /etc/avahi/services/dlna.service
102
-    echo '  <service>' >> /etc/avahi/services/dlna.service
103
-    echo '    <type>_dlna._tcp</type>' >> /etc/avahi/services/dlna.service
104
-    echo "    <port>8200</port>" >> /etc/avahi/services/dlna.service
105
-    echo '  </service>' >> /etc/avahi/services/dlna.service
106
-    echo '  <service>' >> /etc/avahi/services/dlna.service
107
-    echo '    <type>_dlna._udp</type>' >> /etc/avahi/services/dlna.service
108
-    echo "    <port>1900</port>" >> /etc/avahi/services/dlna.service
109
-    echo '  </service>' >> /etc/avahi/services/dlna.service
110
-    echo '</service-group>' >> /etc/avahi/services/dlna.service
101
+    { echo '<?xml version="1.0" standalone="no"?><!--*-nxml-*-->';
102
+      echo '<!DOCTYPE service-group SYSTEM "avahi-service.dtd">';
103
+      echo '<service-group>';
104
+      echo '  <name replace-wildcards="yes">%h DLNA</name>';
105
+      echo '  <service>';
106
+      echo '    <type>_dlna._tcp</type>';
107
+      echo "    <port>8200</port>";
108
+      echo '  </service>';
109
+      echo '  <service>';
110
+      echo '    <type>_dlna._udp</type>';
111
+      echo "    <port>1900</port>";
112
+      echo '  </service>';
113
+      echo '</service-group>'; } > /etc/avahi/services/dlna.service
111 114
 
112 115
     systemctl restart avahi-daemon
113 116
 
@@ -125,7 +128,7 @@ function backup_local_dlna {
125 128
 
126 129
 function restore_local_dlna {
127 130
     if [ -d /var/cache/minidlna ]; then
128
-        if [ -d $USB_MOUNT_DLNA/backup/dlna ]; then
131
+        if [ -d "$USB_MOUNT_DLNA/backup/dlna" ]; then
129 132
             echo $"Restoring DLNA cache"
130 133
             temp_restore_dir=/root/tempdlna
131 134
             function_check restore_directory_from_usb
@@ -135,6 +138,7 @@ function restore_local_dlna {
135 138
             else
136 139
                 cp -r $temp_restore_dir/* /var/cache/minidlna/
137 140
             fi
141
+            # shellcheck disable=SC2181
138 142
             if [ ! "$?" = "0" ]; then
139 143
                 rm -rf $temp_restore_dir
140 144
                 function_check set_user_permissions
@@ -156,7 +160,7 @@ function backup_remote_dlna {
156 160
 
157 161
 function restore_remote_dlna {
158 162
     if [ -d /var/cache/minidlna ]; then
159
-        if [ -d $SERVER_DIRECTORY/backup/dlna ]; then
163
+        if [ -d "$SERVER_DIRECTORY/backup/dlna" ]; then
160 164
             temp_restore_dir=/root/tempdlna
161 165
             function_check restore_directory_from_friend
162 166
             restore_directory_from_friend $temp_restore_dir dlna
@@ -165,6 +169,7 @@ function restore_remote_dlna {
165 169
             else
166 170
                 cp -r $temp_restore_dir/* /var/cache/minidlna/
167 171
             fi
172
+            # shellcheck disable=SC2181
168 173
             if [ ! "$?" = "0" ]; then
169 174
                 exit 982
170 175
             fi
@@ -201,7 +206,7 @@ function install_dlna_main {
201 206
         exit 55
202 207
     fi
203 208
 
204
-    if [ ! $USB_MOUNT_DLNA ]; then
209
+    if [ ! "$USB_MOUNT_DLNA" ]; then
205 210
         USB_MOUNT_DLNA=/mnt/dlna
206 211
     fi
207 212
     if [ ${#USB_MOUNT_DLNA} -eq 0 ]; then
@@ -242,7 +247,7 @@ function install_dlna_main {
242 247
     systemctl reload minidlna
243 248
 
244 249
     sed -i 's/fs.inotify.max_user_watches*/fs.inotify.max_user_watches=65536/g' /etc/sysctl.conf
245
-    if ! grep -q "max_user_watches" $COMPLETION_FILE; then
250
+    if ! grep -q "max_user_watches" "$COMPLETION_FILE"; then
246 251
         echo 'fs.inotify.max_user_watches=65536' >> /etc/sysctl.conf
247 252
     fi
248 253
     /sbin/sysctl -p -q
@@ -256,37 +261,37 @@ function script_for_attaching_usb_drive {
256 261
     if [[ $(is_completed "${FUNCNAME[0]}") == "1" ]]; then
257 262
         return
258 263
     fi
259
-    echo '#!/bin/bash' > /usr/bin/attach-music
260
-    echo "source /usr/local/bin/${PROJECT_NAME}-vars" >> /usr/bin/attach-music
261
-    echo "UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*" >> /usr/bin/attach-music
262
-    echo '' >> /usr/bin/attach-music
263
-    echo 'for f in $UTILS_FILES' >> /usr/bin/attach-music
264
-    echo 'do' >> /usr/bin/attach-music
265
-    echo '    source $f' >> /usr/bin/attach-music
266
-    echo 'done' >> /usr/bin/attach-music
267
-    echo '' >> /usr/bin/attach-music
268
-    echo 'USB_DRIVE=/dev/sda1' >> /usr/bin/attach-music
269
-    echo 'detect_usb_drive' >> /usr/bin/attach-music
270
-    echo '' >> /usr/bin/attach-music
271
-    echo 'remove-music' >> /usr/bin/attach-music
272
-    echo "if [ ! -d $USB_MOUNT_DLNA ]; then" >> /usr/bin/attach-music
273
-    echo "    mkdir $USB_MOUNT_DLNA" >> /usr/bin/attach-music
274
-    echo 'fi' >> /usr/bin/attach-music
275
-    echo -n 'mount $USB_DRIVE ' >> /usr/bin/attach-music
276
-    echo "$USB_MOUNT_DLNA" >> /usr/bin/attach-music
277
-    echo "chown root:root $USB_MOUNT_DLNA" >> /usr/bin/attach-music
278
-    echo "chown -R minidlna:minidlna $USB_MOUNT_DLNA/*" >> /usr/bin/attach-music
279
-    echo 'systemctl restart minidlna' >> /usr/bin/attach-music
280
-    echo 'minidlnad -R' >> /usr/bin/attach-music
281
-    echo 'exit 0' >> /usr/bin/attach-music
264
+    { echo '#!/bin/bash';
265
+      echo "source /usr/local/bin/${PROJECT_NAME}-vars";
266
+      echo "UTILS_FILES=/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*";
267
+      echo '';
268
+      echo "for f in \$UTILS_FILES";
269
+      echo 'do';
270
+      echo "    source \$f";
271
+      echo 'done';
272
+      echo '';
273
+      echo 'USB_DRIVE=/dev/sda1';
274
+      echo 'detect_usb_drive';
275
+      echo '';
276
+      echo 'remove-music';
277
+      echo "if [ ! -d $USB_MOUNT_DLNA ]; then";
278
+      echo "    mkdir $USB_MOUNT_DLNA";
279
+      echo 'fi';
280
+      echo -n "mount \$USB_DRIVE ";
281
+      echo "$USB_MOUNT_DLNA";
282
+      echo "chown root:root $USB_MOUNT_DLNA";
283
+      echo "chown -R minidlna:minidlna $USB_MOUNT_DLNA/*";
284
+      echo 'systemctl restart minidlna';
285
+      echo 'minidlnad -R';
286
+      echo 'exit 0'; } > /usr/bin/attach-music
282 287
     chmod +x /usr/bin/attach-music
283 288
 
284
-    echo '#!/bin/bash' > /usr/bin/remove-music
285
-    echo "if [ -d $USB_MOUNT_DLNA ]; then" >> /usr/bin/remove-music
286
-    echo "  umount $USB_MOUNT_DLNA" >> /usr/bin/remove-music
287
-    echo "  rm -rf $USB_MOUNT_DLNA" >> /usr/bin/remove-music
288
-    echo 'fi' >> /usr/bin/remove-music
289
-    echo 'exit 0' >> /usr/bin/remove-music
289
+    { echo '#!/bin/bash';
290
+      echo "if [ -d $USB_MOUNT_DLNA ]; then";
291
+      echo "  umount $USB_MOUNT_DLNA";
292
+      echo "  rm -rf $USB_MOUNT_DLNA";
293
+      echo 'fi';
294
+      echo 'exit 0'; } > /usr/bin/remove-music
290 295
     chmod +x /usr/bin/remove-music
291 296
 
292 297
     mark_completed "${FUNCNAME[0]}"

+ 254
- 250
src/freedombone-app-dokuwiki Zobrazit soubor

@@ -75,18 +75,18 @@ function change_password_dokuwiki {
75 75
     new_user_password="$2"
76 76
 
77 77
     DOKUWIKI_DOMAIN_NAME=$(get_completion_param "dokuwiki domain")
78
-    if grep -q "$curr_username:" /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php; then
78
+    if grep -q "$curr_username:" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php"; then
79 79
         HASHED_DOKUWIKI_PASSWORD=$(echo -n "$new_user_password" | md5sum | awk -F ' ' '{print $1}')
80
-        existing_user=$(cat /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php | grep "$curr_username:" | hean -n 1)
80
+        existing_user=$(grep "$curr_username:" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php" | hean -n 1)
81 81
         if [[ "$existing_user" == *":admin,"* ]]; then
82 82
             sed -i "s|$curr_username:.*|$curr_username:$HASHED_DOKUWIKI_PASSWORD:$curr_username:$curr_username@$HOSTNAME:admin,user,upload|g" /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php
83 83
         else
84 84
             sed -i "s|$curr_username:.*|$curr_username:$HASHED_DOKUWIKI_PASSWORD:$curr_username:$curr_username@$HOSTNAME:user,upload|g" /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php
85 85
         fi
86
-        cp /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/users.auth.php
87
-        chmod 640 /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/users.auth.php
88
-        chmod 640 /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php
89
-        ${PROJECT_NAME}-pass -u $curr_username -a dokuwiki -p "$new_user_password"
86
+        cp "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/users.auth.php"
87
+        chmod 640 "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/users.auth.php"
88
+        chmod 640 "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php"
89
+        "${PROJECT_NAME}-pass" -u "$curr_username" -a dokuwiki -p "$new_user_password"
90 90
     fi
91 91
 }
92 92
 
@@ -96,21 +96,21 @@ function add_user_dokuwiki {
96 96
 
97 97
     DOKUWIKI_DOMAIN_NAME=$(get_completion_param "dokuwiki domain")
98 98
     HASHED_DOKUWIKI_PASSWORD=$(echo -n "$new_user_password" | md5sum | awk -F ' ' '{print $1}')
99
-    echo "$new_username:$HASHED_DOKUWIKI_PASSWORD:$new_username:$new_username@$HOSTNAME:user,upload" >> /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php
100
-    cp /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/users.auth.php
101
-    chmod 640 /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php
102
-    chmod 640 /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/users.auth.php
103
-    ${PROJECT_NAME}-pass -u "$new_username" -a dokuwiki -p "$new_user_password"
99
+    echo "$new_username:$HASHED_DOKUWIKI_PASSWORD:$new_username:$new_username@$HOSTNAME:user,upload" >> "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php"
100
+    cp "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/users.auth.php"
101
+    chmod 640 "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php"
102
+    chmod 640 "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/users.auth.php"
103
+    "${PROJECT_NAME}-pass" -u "$new_username" -a dokuwiki -p "$new_user_password"
104 104
 }
105 105
 
106 106
 function remove_user_dokuwiki {
107 107
     remove_username="$1"
108 108
 
109 109
     read_config_param "DOKUWIKI_DOMAIN_NAME"
110
-    if grep -q "$remove_username:" /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php; then
111
-        sed -i "/$remove_username:/d" /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php
112
-        sed -i "/$remove_username:/d" /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/users.auth.php
113
-        ${PROJECT_NAME}-pass -u "$remove_username" --rmapp dokuwiki
110
+    if grep -q "$remove_username:" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php"; then
111
+        sed -i "/$remove_username:/d" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php"
112
+        sed -i "/$remove_username:/d" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/users.auth.php"
113
+        "${PROJECT_NAME}-pass" -u "$remove_username" --rmapp dokuwiki
114 114
     fi
115 115
 }
116 116
 
@@ -120,7 +120,7 @@ function reconfigure_dokuwiki {
120 120
 
121 121
 function upgrade_dokuwiki {
122 122
     function_check set_repo_commit
123
-    set_repo_commit /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs "dokuwiki commit" "$DOKUWIKI_COMMIT" $DOKUWIKI_REPO
123
+    set_repo_commit "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs" "dokuwiki commit" "$DOKUWIKI_COMMIT" $DOKUWIKI_REPO
124 124
 }
125 125
 
126 126
 function backup_local_dokuwiki {
@@ -129,18 +129,18 @@ function backup_local_dokuwiki {
129 129
     function_check backup_directory_to_usb
130 130
 
131 131
     # backup the data
132
-    source_directory=/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data
133
-    if [ -d $source_directory ]; then
132
+    source_directory="/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data"
133
+    if [ -d "$source_directory" ]; then
134 134
         dest_directory=dokuwikidat
135
-        backup_directory_to_usb $source_directory $dest_directory
135
+        backup_directory_to_usb "$source_directory" "$dest_directory"
136 136
     fi
137 137
 
138 138
     # backup the users
139
-    source_directory=/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl
140
-    if [ -d $source_directory ]; then
139
+    source_directory="/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl"
140
+    if [ -d "$source_directory" ]; then
141 141
         dest_directory=dokuwikiacl
142
-        cp /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/users*.php /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/
143
-        backup_directory_to_usb $source_directory $dest_directory
142
+        cp "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/users*.php" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/"
143
+        backup_directory_to_usb "$source_directory" "$dest_directory"
144 144
     fi
145 145
 }
146 146
 
@@ -153,11 +153,12 @@ function restore_local_dokuwiki {
153 153
     temp_restore_dir=/root/tempdokuwikidat
154 154
     function_check restore_directory_from_usb
155 155
     restore_directory_from_usb ${temp_restore_dir} dokuwikidat
156
-    if [ -d ${temp_restore_dir}/var/www/${DOKUWIKI_DOMAIN_NAME}/htdocs/data ]; then
157
-        cp -r ${temp_restore_dir}/var/www/${DOKUWIKI_DOMAIN_NAME}/htdocs/data/* /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data
156
+    if [ -d "${temp_restore_dir}/var/www/${DOKUWIKI_DOMAIN_NAME}/htdocs/data" ]; then
157
+        cp -r "${temp_restore_dir}/var/www/${DOKUWIKI_DOMAIN_NAME}/htdocs/data/*" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data"
158 158
     else
159
-        cp -r ${temp_restore_dir}/* /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data
159
+        cp -r "${temp_restore_dir}/*" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data"
160 160
     fi
161
+    # shellcheck disable=SC2181
161 162
     if [ ! "$?" = "0" ]; then
162 163
         function_check restore_directory_from_usb
163 164
         set_user_permissions
@@ -172,13 +173,14 @@ function restore_local_dokuwiki {
172 173
     temp_restore_dir=/root/tempdokuwikiacl
173 174
     function_check restore_directory_from_usb
174 175
     restore_directory_from_usb ${temp_restore_dir} dokuwikiacl
175
-    if [ -d ${temp_restore_dir}/var/www/${DOKUWIKI_DOMAIN_NAME}/htdocs/lib/plugins/acl ]; then
176
-        cp ${temp_restore_dir}/var/www/${DOKUWIKI_DOMAIN_NAME}/htdocs/lib/plugins/acl/users.auth.php /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/
177
-        cp ${temp_restore_dir}/var/www/${DOKUWIKI_DOMAIN_NAME}/htdocs/lib/plugins/acl/users.auth.php /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/
176
+    if [ -d "${temp_restore_dir}/var/www/${DOKUWIKI_DOMAIN_NAME}/htdocs/lib/plugins/acl" ]; then
177
+        cp "${temp_restore_dir}/var/www/${DOKUWIKI_DOMAIN_NAME}/htdocs/lib/plugins/acl/users.auth.php" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/"
178
+        cp "${temp_restore_dir}/var/www/${DOKUWIKI_DOMAIN_NAME}/htdocs/lib/plugins/acl/users.auth.php" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/"
178 179
     else
179
-        cp ${temp_restore_dir}/users.auth.php /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/
180
-        cp ${temp_restore_dir}/users.auth.php /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/
180
+        cp "${temp_restore_dir}/users.auth.php" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/"
181
+        cp "${temp_restore_dir}/users.auth.php" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/"
181 182
     fi
183
+    # shellcheck disable=SC2181
182 184
     if [ ! "$?" = "0" ]; then
183 185
         function_check restore_directory_from_usb
184 186
         set_user_permissions
@@ -189,21 +191,21 @@ function restore_local_dokuwiki {
189 191
     fi
190 192
     rm -rf ${temp_restore_dir}
191 193
 
192
-    chmod 640 /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php
193
-    chmod 640 /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/users.auth.php
194
-    chmod -R 755 /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data
195
-    chmod -R 755 /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib
196
-    chown -R www-data:www-data /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs
194
+    chmod 640 "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php"
195
+    chmod 640 "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/users.auth.php"
196
+    chmod -R 755 "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data"
197
+    chmod -R 755 "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib"
198
+    chown -R www-data:www-data "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs"
197 199
     echo $"Restore of Dokuwiki complete"
198 200
 }
199 201
 
200 202
 function backup_remote_dokuwiki {
201 203
     DOKUWIKI_DOMAIN_NAME=$(get_completion_param "dokuwiki domain")
202
-    if [ -d /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs ]; then
204
+    if [ -d "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs" ]; then
203 205
         echo $"Backing up dokuwiki"
204
-        backup_directory_to_friend /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data dokuwikidat
205
-        cp /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/users*.php /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/
206
-        backup_directory_to_friend /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl dokuwikiacl
206
+        backup_directory_to_friend "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data" dokuwikidat
207
+        cp "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/users*.php" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/"
208
+        backup_directory_to_friend "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl" dokuwikiacl
207 209
     fi
208 210
 }
209 211
 
@@ -212,15 +214,16 @@ function restore_remote_dokuwiki {
212 214
     function_check get_completion_param
213 215
     function_check restore_directory_from_friend
214 216
 
215
-    if [ -d $SERVER_DIRECTORY/backup/dokuwikidat ]; then
217
+    if [ -d "$SERVER_DIRECTORY/backup/dokuwikidat" ]; then
216 218
         echo $"Restoring Dokuwiki data for $DOKUWIKI_DOMAIN_NAME"
217 219
         temp_restore_dir=/root/tempdokuwikidat
218 220
         restore_directory_from_friend $temp_restore_dir dokuwikidat
219
-        if [ -d $temp_restore_dir/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data ]; then
220
-            cp -r $temp_restore_dir/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data/* /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data/
221
+        if [ -d "$temp_restore_dir/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data" ]; then
222
+            cp -r "$temp_restore_dir/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data/*" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data/"
221 223
         else
222
-            cp -r $temp_restore_dir/* /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data/
224
+            cp -r $temp_restore_dir/* "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data/"
223 225
         fi
226
+        # shellcheck disable=SC2181
224 227
         if [ ! "$?" = "0" ]; then
225 228
             exit 92634
226 229
         fi
@@ -229,15 +232,16 @@ function restore_remote_dokuwiki {
229 232
         echo $"Restore of Dokuwiki data complete"
230 233
     fi
231 234
 
232
-    if [ -d $SERVER_DIRECTORY/backup/dokuwikiacl ]; then
235
+    if [ -d "$SERVER_DIRECTORY/backup/dokuwikiacl" ]; then
233 236
         echo $"Restoring Dokuwiki users for $DOKUWIKI_DOMAIN_NAME"
234 237
         temp_restore_dir=/root/tempdokuwikiacl
235 238
         restore_directory_from_friend $temp_restore_dir dokuwikiacl
236
-        if [ -d $temp_restore_dir/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl ]; then
237
-            cp -r $temp_restore_dir/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/* /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/
239
+        if [ -d "$temp_restore_dir/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl" ]; then
240
+            cp -r "$temp_restore_dir/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/*" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/"
238 241
         else
239
-            cp -r $temp_restore_dir/* /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/
242
+            cp -r $temp_restore_dir/* "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/"
240 243
         fi
244
+        # shellcheck disable=SC2181
241 245
         if [ ! "$?" = "0" ]; then
242 246
             exit 735287
243 247
         fi
@@ -246,11 +250,11 @@ function restore_remote_dokuwiki {
246 250
         echo $"Restore of Dokuwiki users complete"
247 251
     fi
248 252
 
249
-    chmod 640 /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php
250
-    chmod 640 /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/users.auth.php
251
-    chmod -R 755 /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data/data
252
-    chmod -R 755 /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data/lib
253
-    chown -R www-data:www-data /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs
253
+    chmod 640 "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php"
254
+    chmod 640 "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/users.auth.php"
255
+    chmod -R 755 "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data/data"
256
+    chmod -R 755 "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data/lib"
257
+    chown -R www-data:www-data "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs"
254 258
 }
255 259
 
256 260
 function remove_dokuwiki {
@@ -259,13 +263,13 @@ function remove_dokuwiki {
259 263
     fi
260 264
     function_check remove_onion_service
261 265
     remove_onion_service dokuwiki ${DOKUWIKI_ONION_PORT}
262
-    nginx_dissite $DOKUWIKI_DOMAIN_NAME
263
-    remove_certs $DOKUWIKI_DOMAIN_NAME
264
-    if [ -f /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME ]; then
265
-        rm /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
266
+    nginx_dissite "$DOKUWIKI_DOMAIN_NAME"
267
+    remove_certs "$DOKUWIKI_DOMAIN_NAME"
268
+    if [ -f "/etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME" ]; then
269
+        rm "/etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME"
266 270
     fi
267
-    if [ ! -d /var/www/$DOKUWIKI_DOMAIN_NAME ]; then
268
-        rm -rf /var/www/$DOKUWIKI_DOMAIN_NAME
271
+    if [ ! -d "/var/www/$DOKUWIKI_DOMAIN_NAME" ]; then
272
+        rm -rf "/var/www/$DOKUWIKI_DOMAIN_NAME"
269 273
     fi
270 274
     if [ -d /var/lib/dokuwiki ]; then
271 275
         rm -rf /var/lib/dokuwiki
@@ -278,14 +282,14 @@ function remove_dokuwiki {
278 282
     fi
279 283
     remove_completion_param "install_dokuwiki"
280 284
     remove_completion_param "dokuwiki domain"
281
-    sed -i '/dokuwiki/d' $COMPLETION_FILE
285
+    sed -i '/dokuwiki/d' "$COMPLETION_FILE"
282 286
 
283 287
     function_check remove_ddns_domain
284
-    remove_ddns_domain $DOKUWIKI_DOMAIN_NAME
288
+    remove_ddns_domain "$DOKUWIKI_DOMAIN_NAME"
285 289
 }
286 290
 
287 291
 function install_dokuwiki {
288
-    if [ ! $DOKUWIKI_DOMAIN_NAME ]; then
292
+    if [ ! "$DOKUWIKI_DOMAIN_NAME" ]; then
289 293
         return
290 294
     fi
291 295
 
@@ -293,25 +297,25 @@ function install_dokuwiki {
293 297
     apt-get -yq install php-dev imagemagick php-imagick libfcgi0ldbl
294 298
     apt-get -yq install php-memcached memcached
295 299
 
296
-    if [ ! -d /var/www/$DOKUWIKI_DOMAIN_NAME ]; then
297
-        mkdir /var/www/$DOKUWIKI_DOMAIN_NAME
300
+    if [ ! -d "/var/www/$DOKUWIKI_DOMAIN_NAME" ]; then
301
+        mkdir "/var/www/$DOKUWIKI_DOMAIN_NAME"
298 302
     fi
299 303
 
300
-    if [ ! -f /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/install.php ]; then
301
-        cd /var/www/$DOKUWIKI_DOMAIN_NAME
304
+    if [ ! -f "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/install.php" ]; then
305
+        cd "/var/www/$DOKUWIKI_DOMAIN_NAME" || exit 23468246824
302 306
 
303 307
         if [ -d /repos/dokuwiki ]; then
304
-            mkdir /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs
305
-            cp -r -p /repos/dokuwiki/. /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs
306
-            cd /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs
308
+            mkdir "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs"
309
+            cp -r -p /repos/dokuwiki/. "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs"
310
+            cd "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs" || exit 24687462
307 311
             git pull
308 312
         else
309 313
             function_check git_clone
310
-            git_clone $DOKUWIKI_REPO /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs
314
+            git_clone "$DOKUWIKI_REPO" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs"
311 315
         fi
312 316
 
313
-        cd /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs
314
-        git checkout $DOKUWIKI_COMMIT -b $DOKUWIKI_COMMIT
317
+        cd "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs" || exit 38368832
318
+        git checkout "$DOKUWIKI_COMMIT" -b "$DOKUWIKI_COMMIT"
315 319
         set_completion_param "dokuwiki commit" "$DOKUWIKI_COMMIT"
316 320
 
317 321
     fi
@@ -322,40 +326,40 @@ function install_dokuwiki {
322 326
         echo $'Removed Apache installation after Dokuwiki install'
323 327
     fi
324 328
 
325
-    echo '<?php' > /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/local.php
326
-    echo "\$conf['title'] = '${DOKUWIKI_TITLE}';" >> /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/local.php
327
-    echo "\$conf['lang'] = 'en';" >> /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/local.php
328
-    echo "\$conf['license'] = 'cc-by-sa';" >> /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/local.php
329
-    echo "\$conf['useacl'] = 1;" >> /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/local.php
330
-    echo "\$conf['superuser'] = '@admin';" >> /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/local.php
331
-    echo "\$conf['disableactions'] = 'register';" >> /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/local.php
332
-    ln -s /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/local.php /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/local.php
333
-
334
-    chmod 600 /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/local.php
335
-    chown -R www-data:www-data /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs
336
-    chmod -R 755 /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib
337
-    chmod -R 755 /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data
338
-
339
-    if [ -f $IMAGE_PASSWORD_FILE ]; then
340
-        DOKUWIKI_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
329
+    { echo '<?php';
330
+      echo "\$conf['title'] = '${DOKUWIKI_TITLE}';";
331
+      echo "\$conf['lang'] = 'en';";
332
+      echo "\$conf['license'] = 'cc-by-sa';";
333
+      echo "\$conf['useacl'] = 1;";
334
+      echo "\$conf['superuser'] = '@admin';";
335
+      echo "\$conf['disableactions'] = 'register';"; } > "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/local.php"
336
+    ln -s "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/local.php" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/local.php"
337
+
338
+    chmod 600 "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/local.php"
339
+    chown -R www-data:www-data "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs"
340
+    chmod -R 755 "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib"
341
+    chmod -R 755 "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/data"
342
+
343
+    if [ -f "$IMAGE_PASSWORD_FILE" ]; then
344
+        DOKUWIKI_ADMIN_PASSWORD="$(printf "%s" "$(cat "$IMAGE_PASSWORD_FILE")")"
341 345
     else
342
-        if [ ! $DOKUWIKI_ADMIN_PASSWORD ]; then
343
-            DOKUWIKI_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
346
+        if [ ! "$DOKUWIKI_ADMIN_PASSWORD" ]; then
347
+            DOKUWIKI_ADMIN_PASSWORD="$(create_password "${MINIMUM_PASSWORD_LENGTH}")"
344 348
         fi
345 349
     fi
346 350
     HASHED_DOKUWIKI_PASSWORD=$(echo -n "$DOKUWIKI_ADMIN_PASSWORD" | md5sum | awk -F ' ' '{print $1}')
347
-    echo -n "$MY_USERNAME:$HASHED_DOKUWIKI_PASSWORD:$MY_NAME:$MY_EMAIL:admin,user,upload" > /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php
348
-    cp /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/users.auth.php
349
-    chmod 640 /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php
351
+    echo -n "$MY_USERNAME:$HASHED_DOKUWIKI_PASSWORD:$MY_NAME:$MY_EMAIL:admin,user,upload" > "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php"
352
+    cp "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/users.auth.php"
353
+    chmod 640 "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/lib/plugins/acl/users.auth.php"
350 354
 
351
-    if ! grep -q "video/ogg" /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/mime.conf; then
352
-        echo 'ogv     video/ogg' >> /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/mime.conf
355
+    if ! grep -q "video/ogg" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/mime.conf"; then
356
+        echo 'ogv     video/ogg' >> "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/mime.conf"
353 357
     fi
354
-    if ! grep -q "video/mp4" /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/mime.conf; then
355
-        echo 'mp4     video/mp4' >> /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/mime.conf
358
+    if ! grep -q "video/mp4" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/mime.conf"; then
359
+        echo 'mp4     video/mp4' >> "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/mime.conf"
356 360
     fi
357
-    if ! grep -q "video/webm" /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/mime.conf; then
358
-        echo 'webm    video/webm' >> /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/mime.conf
361
+    if ! grep -q "video/webm" "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/mime.conf"; then
362
+        echo 'webm    video/webm' >> "/var/www/$DOKUWIKI_DOMAIN_NAME/htdocs/conf/mime.conf"
359 363
     fi
360 364
 
361 365
     DOKUWIKI_ONION_HOSTNAME=$(add_onion_service dokuwiki 80 ${DOKUWIKI_ONION_PORT})
@@ -363,178 +367,178 @@ function install_dokuwiki {
363 367
 
364 368
     if [[ $ONION_ONLY == "no" ]]; then
365 369
         function_check nginx_http_redirect
366
-        nginx_http_redirect $DOKUWIKI_DOMAIN_NAME
367
-        echo 'server {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
368
-        echo '    listen 443 ssl;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
369
-        echo '    #listen [::]:443 ssl;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
370
-        echo "    root /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
371
-        echo "    server_name $DOKUWIKI_DOMAIN_NAME;" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
372
-        echo '    access_log /dev/null;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
373
-        echo "    error_log /dev/null;" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
374
-        echo '    index index.php;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
375
-        echo '    charset utf-8;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
376
-        echo '    proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
370
+        nginx_http_redirect "$DOKUWIKI_DOMAIN_NAME"
371
+        { echo 'server {';
372
+          echo '    listen 443 ssl;';
373
+          echo '    #listen [::]:443 ssl;';
374
+          echo "    root /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs;";
375
+          echo "    server_name $DOKUWIKI_DOMAIN_NAME;";
376
+          echo '    access_log /dev/null;';
377
+          echo "    error_log /dev/null;";
378
+          echo '    index index.php;';
379
+          echo '    charset utf-8;';
380
+          echo '    proxy_read_timeout 86400s;'; } >> "/etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME"
377 381
         function_check nginx_ssl
378
-        nginx_ssl $DOKUWIKI_DOMAIN_NAME
382
+        nginx_ssl "$DOKUWIKI_DOMAIN_NAME"
379 383
         function_check nginx_disable_sniffing
380
-        nginx_disable_sniffing $DOKUWIKI_DOMAIN_NAME
381
-        echo '    add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
382
-        echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
383
-        echo '    # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
384
-        echo '    location / {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
384
+        nginx_disable_sniffing "$DOKUWIKI_DOMAIN_NAME"
385
+        { echo '    add_header Strict-Transport-Security "max-age=0;";';
386
+          echo '';
387
+          echo '    # rewrite to front controller as default rule';
388
+          echo '    location / {'; } >> "/etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME"
385 389
         function_check nginx_limits
386
-        nginx_limits $DOKUWIKI_DOMAIN_NAME
387
-        echo '        rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
388
-        echo '    }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
389
-        echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
390
-        echo '    # statically serve these file types when possible' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
391
-        echo '    # otherwise fall back to front controller' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
392
-        echo '    # allow browser to cache them' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
393
-        echo '    # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
394
-        echo '    location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
395
-        echo '        expires 30d;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
396
-        echo '        try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
397
-        echo '    }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
398
-        echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
399
-        echo '    # block these file types' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
400
-        echo '    location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
401
-        echo '        deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
402
-        echo '    }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
403
-        echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
404
-        echo '    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
405
-        echo '    # or a unix socket' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
406
-        echo '    location ~* \.php$ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
390
+        nginx_limits "$DOKUWIKI_DOMAIN_NAME"
391
+        { echo "        rewrite ^/(.*) /index.php?q=\$uri&\$args last;";
392
+          echo '    }';
393
+          echo '';
394
+          echo '    # statically serve these file types when possible';
395
+          echo '    # otherwise fall back to front controller';
396
+          echo '    # allow browser to cache them';
397
+          echo '    # added .htm for advanced source code editor library';
398
+          echo '    location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {';
399
+          echo '        expires 30d;';
400
+          echo "        try_files \$uri /index.php?q=\$uri&\$args;";
401
+          echo '    }';
402
+          echo '';
403
+          echo '    # block these file types';
404
+          echo '    location ~* \.(tpl|md|tgz|log|out)$ {';
405
+          echo '        deny all;';
406
+          echo '    }';
407
+          echo '';
408
+          echo '    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000';
409
+          echo '    # or a unix socket';
410
+          echo '    location ~* \.php$ {'; } >> "/etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME"
407 411
         function_check nginx_limits
408
-        nginx_limits $DOKUWIKI_DOMAIN_NAME
409
-        echo '        # Zero-day exploit defense.' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
410
-        echo '        # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
411
-        echo "        # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
412
-        echo "        # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
413
-        echo "        # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
414
-        echo "        # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
415
-        echo '        try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
416
-        echo '        # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
417
-        echo '        fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
418
-        echo '        # With php-cgi alone:' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
419
-        echo '        # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
420
-        echo '        # With php-fpm:' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
421
-        echo '        fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
422
-        echo '        fastcgi_read_timeout 30;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
423
-        echo '        include fastcgi_params;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
424
-        echo '        fastcgi_index index.php;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
425
-        echo '        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
426
-        echo '    }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
427
-        echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
428
-        echo '    # deny access to all dot files' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
429
-        echo '    location ~ /\. {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
430
-        echo '        deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
431
-        echo '    }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
432
-        echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
433
-        echo '    #deny access to store' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
434
-        echo '    location ~ /store {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
435
-        echo '        deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
436
-        echo '    }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
437
-        echo '    location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
438
-        echo '      deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
439
-        echo '    }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
440
-        echo '    location ~ /\.ht {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
441
-        echo '      deny  all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
442
-        echo '    }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
443
-        echo '}' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
444
-        echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
412
+        nginx_limits "$DOKUWIKI_DOMAIN_NAME"
413
+        { echo '        # Zero-day exploit defense.';
414
+          echo '        # http://forum.nginx.org/read.php?2,88845,page=3';
415
+          echo "        # Won't work properly (404 error) if the file is not stored on this";
416
+          echo "        # server, which is entirely possible with php-fpm/php-fcgi.";
417
+          echo "        # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on";
418
+          echo "        # another machine. And then cross your fingers that you won't get hacked.";
419
+          echo "        try_files \$uri \$uri/ /index.php;";
420
+          echo '        # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini';
421
+          echo '        fastcgi_split_path_info ^(.+\.php)(/.+)$;';
422
+          echo '        # With php-cgi alone:';
423
+          echo '        # fastcgi_pass 127.0.0.1:9000;';
424
+          echo '        # With php-fpm:';
425
+          echo '        fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;';
426
+          echo '        fastcgi_read_timeout 30;';
427
+          echo '        include fastcgi_params;';
428
+          echo '        fastcgi_index index.php;';
429
+          echo "        fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;";
430
+          echo '    }';
431
+          echo '';
432
+          echo '    # deny access to all dot files';
433
+          echo '    location ~ /\. {';
434
+          echo '        deny all;';
435
+          echo '    }';
436
+          echo '';
437
+          echo '    #deny access to store';
438
+          echo '    location ~ /store {';
439
+          echo '        deny all;';
440
+          echo '    }';
441
+          echo '    location ~ /(data|conf|bin|inc)/ {';
442
+          echo '      deny all;';
443
+          echo '    }';
444
+          echo '    location ~ /\.ht {';
445
+          echo '      deny  all;';
446
+          echo '    }';
447
+          echo '}';
448
+          echo ''; } >> "/etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME"
445 449
     else
446
-        echo -n '' > /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
450
+        echo -n '' > "/etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME"
447 451
     fi
448
-    echo 'server {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
449
-    echo "    listen 127.0.0.1:${DOKUWIKI_ONION_PORT} default_server;" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
450
-    echo "    root /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs;" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
451
-    echo "    server_name $DOKUWIKI_ONION_HOSTNAME;" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
452
-    echo '    access_log /dev/null;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
453
-    echo "    error_log /dev/null;" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
454
-    echo '    index index.php;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
455
-    echo '    charset utf-8;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
456
-    echo '    proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
452
+    { echo 'server {';
453
+      echo "    listen 127.0.0.1:${DOKUWIKI_ONION_PORT} default_server;";
454
+      echo "    root /var/www/$DOKUWIKI_DOMAIN_NAME/htdocs;";
455
+      echo "    server_name $DOKUWIKI_ONION_HOSTNAME;";
456
+      echo '    access_log /dev/null;';
457
+      echo "    error_log /dev/null;";
458
+      echo '    index index.php;';
459
+      echo '    charset utf-8;';
460
+      echo '    proxy_read_timeout 86400s;'; } >> "/etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME"
457 461
     function_check nginx_disable_sniffing
458
-    nginx_disable_sniffing $DOKUWIKI_DOMAIN_NAME
459
-    echo '    add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
460
-    echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
461
-    echo '    # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
462
-    echo '    location / {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
462
+    nginx_disable_sniffing "$DOKUWIKI_DOMAIN_NAME"
463
+    { echo '    add_header Strict-Transport-Security "max-age=0;";';
464
+      echo '';
465
+      echo '    # rewrite to front controller as default rule';
466
+      echo '    location / {'; } >> "/etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME"
463 467
     function_check nginx_limits
464
-    nginx_limits $DOKUWIKI_DOMAIN_NAME
465
-    echo '        rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
466
-    echo '    }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
467
-    echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
468
-    echo '    # statically serve these file types when possible' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
469
-    echo '    # otherwise fall back to front controller' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
470
-    echo '    # allow browser to cache them' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
471
-    echo '    # added .htm for advanced source code editor library' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
472
-    echo '    location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
473
-    echo '        expires 30d;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
474
-    echo '        try_files $uri /index.php?q=$uri&$args;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
475
-    echo '    }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
476
-    echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
477
-    echo '    # block these file types' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
478
-    echo '    location ~* \.(tpl|md|tgz|log|out)$ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
479
-    echo '        deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
480
-    echo '    }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
481
-    echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
482
-    echo '    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
483
-    echo '    # or a unix socket' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
484
-    echo '    location ~* \.php$ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
468
+    nginx_limits "$DOKUWIKI_DOMAIN_NAME"
469
+    { echo "        rewrite ^/(.*) /index.php?q=\$uri&\$args last;";
470
+      echo '    }';
471
+      echo '';
472
+      echo '    # statically serve these file types when possible';
473
+      echo '    # otherwise fall back to front controller';
474
+      echo '    # allow browser to cache them';
475
+      echo '    # added .htm for advanced source code editor library';
476
+      echo '    location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {';
477
+      echo '        expires 30d;';
478
+      echo "        try_files \$uri /index.php?q=\$uri&\$args;";
479
+      echo '    }';
480
+      echo '';
481
+      echo '    # block these file types';
482
+      echo '    location ~* \.(tpl|md|tgz|log|out)$ {';
483
+      echo '        deny all;';
484
+      echo '    }';
485
+      echo '';
486
+      echo '    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000';
487
+      echo '    # or a unix socket';
488
+      echo '    location ~* \.php$ {'; } >> "/etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME"
485 489
     function_check nginx_limits
486
-    nginx_limits $DOKUWIKI_DOMAIN_NAME
487
-    echo '        # Zero-day exploit defense.' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
488
-    echo '        # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
489
-    echo "        # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
490
-    echo "        # server, which is entirely possible with php-fpm/php-fcgi." >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
491
-    echo "        # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on" >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
492
-    echo "        # another machine. And then cross your fingers that you won't get hacked." >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
493
-    echo '        try_files $uri $uri/ /index.php;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
494
-    echo '        # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
495
-    echo '        fastcgi_split_path_info ^(.+\.php)(/.+)$;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
496
-    echo '        # With php-cgi alone:' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
497
-    echo '        # fastcgi_pass 127.0.0.1:9000;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
498
-    echo '        # With php-fpm:' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
499
-    echo '        fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
500
-    echo '        fastcgi_read_timeout 30;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
501
-    echo '        include fastcgi_params;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
502
-    echo '        fastcgi_index index.php;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
503
-    echo '        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
504
-    echo '    }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
505
-    echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
506
-    echo '    # deny access to all dot files' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
507
-    echo '    location ~ /\. {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
508
-    echo '        deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
509
-    echo '    }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
510
-    echo '' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
511
-    echo '    #deny access to store' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
512
-    echo '    location ~ /store {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
513
-    echo '        deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
514
-    echo '    }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
515
-    echo '    location ~ /(data|conf|bin|inc)/ {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
516
-    echo '      deny all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
517
-    echo '    }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
518
-    echo '    location ~ /\.ht {' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
519
-    echo '      deny  all;' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
520
-    echo '    }' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
521
-    echo '}' >> /etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME
490
+    nginx_limits "$DOKUWIKI_DOMAIN_NAME"
491
+    { echo '        # Zero-day exploit defense.';
492
+      echo '        # http://forum.nginx.org/read.php?2,88845,page=3';
493
+      echo "        # Won't work properly (404 error) if the file is not stored on this";
494
+      echo "        # server, which is entirely possible with php-fpm/php-fcgi.";
495
+      echo "        # Comment the 'try_files' line out if you set up php-fpm/php-fcgi on";
496
+      echo "        # another machine. And then cross your fingers that you won't get hacked.";
497
+      echo "        try_files \$uri \$uri/ /index.php;";
498
+      echo '        # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini';
499
+      echo '        fastcgi_split_path_info ^(.+\.php)(/.+)$;';
500
+      echo '        # With php-cgi alone:';
501
+      echo '        # fastcgi_pass 127.0.0.1:9000;';
502
+      echo '        # With php-fpm:';
503
+      echo '        fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;';
504
+      echo '        fastcgi_read_timeout 30;';
505
+      echo '        include fastcgi_params;';
506
+      echo '        fastcgi_index index.php;';
507
+      echo "        fastcgi_param SCRIPT_FILENAME \$document_root\$fastcgi_script_name;";
508
+      echo '    }';
509
+      echo '';
510
+      echo '    # deny access to all dot files';
511
+      echo '    location ~ /\. {';
512
+      echo '        deny all;';
513
+      echo '    }';
514
+      echo '';
515
+      echo '    #deny access to store';
516
+      echo '    location ~ /store {';
517
+      echo '        deny all;';
518
+      echo '    }';
519
+      echo '    location ~ /(data|conf|bin|inc)/ {';
520
+      echo '      deny all;';
521
+      echo '    }';
522
+      echo '    location ~ /\.ht {';
523
+      echo '      deny  all;';
524
+      echo '    }';
525
+      echo '}'; } >> "/etc/nginx/sites-available/$DOKUWIKI_DOMAIN_NAME"
522 526
 
523 527
     function_check create_site_certificate
524
-    create_site_certificate $DOKUWIKI_DOMAIN_NAME 'yes'
528
+    create_site_certificate "$DOKUWIKI_DOMAIN_NAME" 'yes'
525 529
 
526 530
     function_check configure_php
527 531
     configure_php
528 532
 
529
-    nginx_ensite $DOKUWIKI_DOMAIN_NAME
533
+    nginx_ensite "$DOKUWIKI_DOMAIN_NAME"
530 534
 
531 535
     systemctl restart php7.0-fpm
532 536
     systemctl restart nginx
533 537
 
534 538
     function_check add_ddns_domain
535
-    add_ddns_domain $DOKUWIKI_DOMAIN_NAME
539
+    add_ddns_domain "$DOKUWIKI_DOMAIN_NAME"
536 540
 
537
-    ${PROJECT_NAME}-pass -u $MY_USERNAME -a dokuwiki -p "$DOKUWIKI_ADMIN_PASSWORD"
541
+    "${PROJECT_NAME}-pass" -u "$MY_USERNAME" -a dokuwiki -p "$DOKUWIKI_ADMIN_PASSWORD"
538 542
 
539 543
     APP_INSTALLED=1
540 544
 }

+ 135
- 134
src/freedombone-app-edith Zobrazit soubor

@@ -50,12 +50,12 @@ edith_variables=(MY_USERNAME
50 50
 function remove_bad_links_edith {
51 51
     read_config_param EDITH_DOMAIN_NAME
52 52
 
53
-    edith_dir=/var/www/$EDITH_DOMAIN_NAME/htdocs
53
+    edith_dir="/var/www/$EDITH_DOMAIN_NAME/htdocs"
54 54
 
55 55
     # copy jquery locally
56 56
     jquery_version='1.12.4'
57 57
     if [ ! -f $edith_dir/jquery-${jquery_version}.js ]; then
58
-        cd $edith_dir
58
+        cd $edith_dir || exit 246824628
59 59
         wget https://code.jquery.com/jquery-${jquery_version}.js
60 60
         if [ -f $edith_dir/jquery-${jquery_version}.js ]; then
61 61
             jquery_hash=$(sha256sum $edith_dir/jquery-${jquery_version}.js | awk -F ' ' '{print $1}')
@@ -79,9 +79,9 @@ function change_password_edith {
79 79
     new_user_password="$2"
80 80
 
81 81
     sed -i "/${curr_username}:/d" /etc/nginx/.edithpasswd
82
-    echo -n "$new_user_password" | htpasswd -i -s -c /etc/nginx/.edithpasswd ${curr_username}
82
+    echo -n "$new_user_password" | htpasswd -i -s -c /etc/nginx/.edithpasswd "${curr_username}"
83 83
 
84
-    ${PROJECT_NAME}-pass -u $MY_USERNAME -a ${curr_username} -p "$new_user_password"
84
+    "${PROJECT_NAME}-pass" -u "$MY_USERNAME" -a "${curr_username}" -p "$new_user_password"
85 85
 }
86 86
 
87 87
 function logging_on_edith {
@@ -102,21 +102,20 @@ function edith_enable_login {
102 102
     dialog --title $"Enable Edith login" \
103 103
            --backtitle $"Freedombone Control Panel" \
104 104
            --defaultno \
105
-           --yesno $"\nDo you want to add a login so that random web users can't access your notes?" 10 60
105
+           --yesno $"\\nDo you want to add a login so that random web users can't access your notes?" 10 60
106 106
     sel=$?
107 107
     case $sel in
108
-        0) if grep -q '#auth_basic' /etc/nginx/sites-available/$EDITH_DOMAIN_NAME; then
109
-               sed -i 's|#auth_basic|auth_basic|g' /etc/nginx/sites-available/$EDITH_DOMAIN_NAME
108
+        0) if grep -q '#auth_basic' "/etc/nginx/sites-available/$EDITH_DOMAIN_NAME"; then
109
+               sed -i 's|#auth_basic|auth_basic|g' "/etc/nginx/sites-available/$EDITH_DOMAIN_NAME"
110 110
                systemctl restart nginx
111 111
            fi
112
-           read_config_param $MY_USERNAME
113
-           EDITH_PASSWORD=$(${PROJECT_NAME}-pass -u $MY_USERNAME -a edith)
112
+           read_config_param "$MY_USERNAME"
113
+           EDITH_PASSWORD=$("${PROJECT_NAME}-pass" -u "$MY_USERNAME" -a edith)
114 114
            dialog --title $"Enable Edith login" \
115 115
                   --msgbox $"Edith logins are now enabled with the password $EDITH_PASSWORD" 6 65
116
-           EDITH__PASSWORD=
117 116
            ;;
118
-        1) if ! grep -q '#auth_basic' /etc/nginx/sites-available/$EDITH_DOMAIN_NAME; then
119
-               sed -i 's|auth_basic|#auth_basic|g' /etc/nginx/sites-available/$EDITH_DOMAIN_NAME
117
+        1) if ! grep -q '#auth_basic' "/etc/nginx/sites-available/$EDITH_DOMAIN_NAME"; then
118
+               sed -i 's|auth_basic|#auth_basic|g' "/etc/nginx/sites-available/$EDITH_DOMAIN_NAME"
120 119
                systemctl restart nginx
121 120
            fi
122 121
            dialog --title $"Disable Edith login" \
@@ -127,31 +126,34 @@ function edith_enable_login {
127 126
 
128 127
 function edith_browse {
129 128
     read_config_param EDITH_DOMAIN_NAME
130
-    cd /var/www/$EDITH_DOMAIN_NAME/htdocs/data
131
-    editor /var/www/$EDITH_DOMAIN_NAME/htdocs/data
129
+    cd "/var/www/$EDITH_DOMAIN_NAME/htdocs/data" || exit 24682642
130
+    editor "/var/www/$EDITH_DOMAIN_NAME/htdocs/data"
132 131
 }
133 132
 
134 133
 function configure_interactive_edith {
135 134
     while true
136 135
     do
137
-        data=$(tempfile 2>/dev/null)
138
-        trap "rm -f $data" 0 1 2 5 15
136
+        data=$(mktemp 2>/dev/null)
139 137
         dialog --backtitle $"Freedombone Control Panel" \
140 138
                --title $"Edith" \
141 139
                --radiolist $"Choose an operation:" 10 50 3 \
142 140
                1 $"Enable login" off \
143 141
                2 $"Browse notes" off \
144
-               3 $"Exit" on 2> $data
142
+               3 $"Exit" on 2> "$data"
145 143
         sel=$?
146 144
         case $sel in
147
-            1) break;;
148
-            255) break;;
145
+            1) rm -f "$data"
146
+               break;;
147
+            255) rm -f "$data"
148
+                 break;;
149 149
         esac
150
-        case $(cat $data) in
150
+        case $(cat "$data") in
151 151
             1) edith_enable_login;;
152 152
             2) edith_browse;;
153
-            3) break;;
153
+            3) rm -f "$data"
154
+               break;;
154 155
         esac
156
+        rm -f "$data"
155 157
     done
156 158
 }
157 159
 
@@ -165,24 +167,24 @@ function upgrade_edith {
165 167
 
166 168
     # update to the next commit
167 169
     function_check set_repo_commit
168
-    set_repo_commit /var/www/$EDITH_DOMAIN_NAME/htdocs "edith commit" "$EDITH_COMMIT" $EDITH_REPO
170
+    set_repo_commit "/var/www/$EDITH_DOMAIN_NAME/htdocs" "edith commit" "$EDITH_COMMIT" "$EDITH_REPO"
169 171
 
170 172
     remove_bad_links_edith
171
-    chown -R www-data:www-data /var/www/$EDITH_DOMAIN_NAME/htdocs
172
-    chmod a+w /var/www/$EDITH_DOMAIN_NAME/htdocs/data
173
+    chown -R www-data:www-data "/var/www/$EDITH_DOMAIN_NAME/htdocs"
174
+    chmod a+w "/var/www/$EDITH_DOMAIN_NAME/htdocs/data"
173 175
 }
174 176
 
175 177
 function backup_local_edith {
176 178
     read_config_param EDITH_DOMAIN_NAME
177 179
 
178 180
     function_check suspend_site
179
-    suspend_site ${EDITH_DOMAIN_NAME}
181
+    suspend_site "${EDITH_DOMAIN_NAME}"
180 182
 
181
-    source_directory=/var/www/${EDITH_DOMAIN_NAME}/htdocs/data
183
+    source_directory="/var/www/${EDITH_DOMAIN_NAME}/htdocs/data"
182 184
 
183 185
     function_check backup_directory_to_usb
184 186
     dest_directory=edith
185
-    backup_directory_to_usb $source_directory $dest_directory
187
+    backup_directory_to_usb "$source_directory" "$dest_directory"
186 188
 
187 189
     function_check restart_site
188 190
     restart_site
@@ -192,12 +194,12 @@ function restore_local_edith {
192 194
     read_config_param EDITH_DOMAIN_NAME
193 195
 
194 196
     temp_restore_dir=/root/tempedith
195
-    edith_dir=/var/www/${EDITH_DOMAIN_NAME}/htdocs/data
197
+    edith_dir="/var/www/${EDITH_DOMAIN_NAME}/htdocs/data"
196 198
 
197 199
     function_check restore_directory_from_usb
198 200
     restore_directory_from_usb $temp_restore_dir edith
199 201
     if [ -d $temp_restore_dir ]; then
200
-        if [ -d cp $temp_restore_dir$edith_dir ]; then
202
+        if [ -d $temp_restore_dir$edith_dir ]; then
201 203
             cp -rp $temp_restore_dir$edith_dir $edith_dir/
202 204
         else
203 205
             if [ ! -d $edith_dir ]; then
@@ -215,13 +217,13 @@ function backup_remote_edith {
215 217
     read_config_param EDITH_DOMAIN_NAME
216 218
 
217 219
     function_check suspend_site
218
-    suspend_site ${EDITH_DOMAIN_NAME}
220
+    suspend_site "${EDITH_DOMAIN_NAME}"
219 221
 
220
-    source_directory=/var/www/${EDITH_DOMAIN_NAME}/htdocs/data
222
+    source_directory="/var/www/${EDITH_DOMAIN_NAME}/htdocs/data"
221 223
 
222 224
     function_check backup_directory_to_friend
223 225
     dest_directory=edith
224
-    backup_directory_to_friend $source_directory $dest_directory
226
+    backup_directory_to_friend "$source_directory" "$dest_directory"
225 227
 
226 228
     function_check restart_site
227 229
     restart_site
@@ -231,12 +233,12 @@ function restore_remote_edith {
231 233
     read_config_param EDITH_DOMAIN_NAME
232 234
 
233 235
     temp_restore_dir=/root/tempedith
234
-    edith_dir=/var/www/${EDITH_DOMAIN_NAME}/htdocs/data
236
+    edith_dir="/var/www/${EDITH_DOMAIN_NAME}/htdocs/data"
235 237
 
236 238
     function_check restore_directory_from_friend
237 239
     restore_directory_from_friend $temp_restore_dir edith
238 240
     if [ -d $temp_restore_dir ]; then
239
-        if [ -d cp $temp_restore_dir$edith_dir ]; then
241
+        if [ -d $temp_restore_dir$edith_dir ]; then
240 242
             cp -rp $temp_restore_dir$edith_dir $edith_dir/
241 243
         else
242 244
             if [ ! -d $edith_dir ]; then
@@ -253,17 +255,17 @@ function restore_remote_edith {
253 255
 function remove_edith {
254 256
     nginx_dissite $EDITH_DOMAIN_NAME
255 257
 
256
-    if [ -f /etc/nginx/sites-available/$EDITH_DOMAIN_NAME ]; then
257
-        rm /etc/nginx/sites-available/$EDITH_DOMAIN_NAME
258
+    if [ -f "/etc/nginx/sites-available/$EDITH_DOMAIN_NAME" ]; then
259
+        rm "/etc/nginx/sites-available/$EDITH_DOMAIN_NAME"
258 260
     fi
259 261
 
260
-    if [ -d /var/www/$EDITH_DOMAIN_NAME ]; then
261
-        rm -rf /var/www/$EDITH_DOMAIN_NAME
262
+    if [ -d "/var/www/$EDITH_DOMAIN_NAME" ]; then
263
+        rm -rf "/var/www/$EDITH_DOMAIN_NAME"
262 264
     fi
263 265
 
264 266
     function_check remove_onion_service
265 267
     remove_onion_service edith ${EDITH_ONION_PORT}
266
-    sed -i '/edith/d' $COMPLETION_FILE
268
+    sed -i '/edith/d' "$COMPLETION_FILE"
267 269
 
268 270
     if [ -f /etc/nginx/.edithpasswd ]; then
269 271
         rm /etc/nginx/.edithpasswd
@@ -286,26 +288,26 @@ function install_edith {
286 288
     function_check install_nodejs
287 289
     install_nodejs edith
288 290
 
289
-    if [ ! ${EDITH_PASSWORD} ]; then
290
-        if [ -f ${IMAGE_PASSWORD_FILE} ]; then
291
-            EDITH_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
291
+    if [ ! "${EDITH_PASSWORD}" ]; then
292
+        if [ -f "${IMAGE_PASSWORD_FILE}" ]; then
293
+            EDITH_PASSWORD="$(printf "%s" "$(cat "$IMAGE_PASSWORD_FILE")")"
292 294
         else
293
-            EDITH_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
295
+            EDITH_PASSWORD="$(create_password "${MINIMUM_PASSWORD_LENGTH}")"
294 296
         fi
295 297
     fi
296 298
 
297
-    if [ -d /var/www/$EDITH_DOMAIN_NAME/htdocs ]; then
298
-        rm -rf /var/www/$EDITH_DOMAIN_NAME/htdocs
299
+    if [ -d "/var/www/$EDITH_DOMAIN_NAME/htdocs" ]; then
300
+        rm -rf "/var/www/$EDITH_DOMAIN_NAME/htdocs"
299 301
     fi
300 302
 
301 303
     if [ -d /repos/edith ]; then
302
-        mkdir /var/www/$EDITH_DOMAIN_NAME/htdocs
303
-        cp -r -p /repos/edith/. /var/www/$EDITH_DOMAIN_NAME/htdocs
304
-        cd /var/www/$EDITH_DOMAIN_NAME/htdocs
304
+        mkdir "/var/www/$EDITH_DOMAIN_NAME/htdocs"
305
+        cp -r -p /repos/edith/. "/var/www/$EDITH_DOMAIN_NAME/htdocs"
306
+        cd "/var/www/$EDITH_DOMAIN_NAME/htdocs" || exit 24682462
305 307
         git pull
306 308
     else
307 309
         function_check git_clone
308
-        git_clone $EDITH_REPO /var/www/$EDITH_DOMAIN_NAME/htdocs
310
+        git_clone "$EDITH_REPO" "/var/www/$EDITH_DOMAIN_NAME/htdocs"
309 311
     fi
310 312
 
311 313
     if [ ! -d /var/www/$EDITH_DOMAIN_NAME/htdocs ]; then
@@ -313,102 +315,102 @@ function install_edith {
313 315
         exit 537593569
314 316
     fi
315 317
 
316
-    cd /var/www/$EDITH_DOMAIN_NAME/htdocs
317
-    git checkout $EDITH_COMMIT -b $EDITH_COMMIT
318
+    cd "/var/www/$EDITH_DOMAIN_NAME/htdocs" || exit 2648248
319
+    git checkout "$EDITH_COMMIT" -b "$EDITH_COMMIT"
318 320
     set_completion_param "edith commit" "$EDITH_COMMIT"
319 321
 
320
-    if [ ! -d /var/www/$EDITH_DOMAIN_NAME/htdocs/data ]; then
321
-        mkdir -p /var/www/$EDITH_DOMAIN_NAME/htdocs/data
322
+    if [ ! -d "/var/www/$EDITH_DOMAIN_NAME/htdocs/data" ]; then
323
+        mkdir -p "/var/www/$EDITH_DOMAIN_NAME/htdocs/data"
322 324
     fi
323 325
 
324 326
     EDITH_ONION_HOSTNAME=$(add_onion_service edith 80 ${EDITH_ONION_PORT})
325 327
 
326
-    edith_nginx_site=/etc/nginx/sites-available/$EDITH_DOMAIN_NAME
327
-    if [[ $ONION_ONLY == "no" ]]; then
328
+    edith_nginx_site="/etc/nginx/sites-available/$EDITH_DOMAIN_NAME"
329
+    if [[ "$ONION_ONLY" == "no" ]]; then
328 330
         function_check nginx_http_redirect
329
-        nginx_http_redirect $EDITH_DOMAIN_NAME "index index.php"
330
-        echo 'server {' >> $edith_nginx_site
331
-        echo '  listen 443 ssl;' >> $edith_nginx_site
332
-        echo '  #listen [::]:443 ssl;' >> $edith_nginx_site
333
-        echo "  server_name $EDITH_DOMAIN_NAME;" >> $edith_nginx_site
334
-        echo '' >> $edith_nginx_site
331
+        nginx_http_redirect "$EDITH_DOMAIN_NAME" "index index.php"
332
+        { echo 'server {';
333
+          echo '  listen 443 ssl;';
334
+          echo '  #listen [::]:443 ssl;';
335
+          echo "  server_name $EDITH_DOMAIN_NAME;";
336
+          echo ''; } >> "$edith_nginx_site"
335 337
         function_check nginx_compress
336
-        nginx_compress $EDITH_DOMAIN_NAME
337
-        echo '' >> $edith_nginx_site
338
-        echo '  # Security' >> $edith_nginx_site
338
+        nginx_compress "$EDITH_DOMAIN_NAME"
339
+        echo '' >> "$edith_nginx_site"
340
+        echo '  # Security' >> "$edith_nginx_site"
339 341
         function_check nginx_ssl
340
-        nginx_ssl $EDITH_DOMAIN_NAME
342
+        nginx_ssl "$EDITH_DOMAIN_NAME"
341 343
 
342 344
         function_check nginx_disable_sniffing
343
-        nginx_disable_sniffing $EDITH_DOMAIN_NAME
344
-
345
-        echo '  add_header Strict-Transport-Security max-age=15768000;' >> $edith_nginx_site
346
-        echo '' >> $edith_nginx_site
347
-        echo '  access_log /dev/null;' >> $edith_nginx_site
348
-        echo '  error_log /dev/null;' >> $edith_nginx_site
349
-        echo '' >> $edith_nginx_site
350
-        echo "  root /var/www/$EDITH_DOMAIN_NAME/htdocs;" >> $edith_nginx_site
351
-        echo '' >> $edith_nginx_site
352
-        echo '  index index.php;' >> $edith_nginx_site
353
-        echo '' >> $edith_nginx_site
354
-        echo '  # PHP' >> $edith_nginx_site
355
-        echo '  location ~ \.php {' >> $edith_nginx_site
356
-        echo '    include snippets/fastcgi-php.conf;' >> $edith_nginx_site
357
-        echo '    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;' >> $edith_nginx_site
358
-        echo '    fastcgi_read_timeout 30;' >> $edith_nginx_site
359
-        echo '  }' >> $edith_nginx_site
360
-        echo '' >> $edith_nginx_site
361
-        echo '  # Location' >> $edith_nginx_site
362
-        echo '  location / {' >> $edith_nginx_site
345
+        nginx_disable_sniffing "$EDITH_DOMAIN_NAME"
346
+
347
+        { echo '  add_header Strict-Transport-Security max-age=15768000;';
348
+          echo '';
349
+          echo '  access_log /dev/null;';
350
+          echo '  error_log /dev/null;';
351
+          echo '';
352
+          echo "  root /var/www/$EDITH_DOMAIN_NAME/htdocs;";
353
+          echo '';
354
+          echo '  index index.php;';
355
+          echo '';
356
+          echo '  # PHP';
357
+          echo '  location ~ \.php {';
358
+          echo '    include snippets/fastcgi-php.conf;';
359
+          echo '    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;';
360
+          echo '    fastcgi_read_timeout 30;';
361
+          echo '  }';
362
+          echo '';
363
+          echo '  # Location';
364
+          echo '  location / {'; } >> "$edith_nginx_site"
363 365
         function_check nginx_limits
364
-        nginx_limits $EDITH_DOMAIN_NAME '15m'
365
-        echo '    try_files $uri $uri/ /index.php?$args;' >> $edith_nginx_site
366
-        echo "    auth_basic \"${EDITH_LOGIN_TEXT}\";" >> $edith_nginx_site
367
-        echo '    auth_basic_user_file /etc/nginx/.edithpasswd;' >> $edith_nginx_site
368
-        echo '  }' >> $edith_nginx_site
369
-        echo '}' >> $edith_nginx_site
366
+        nginx_limits "$EDITH_DOMAIN_NAME" '15m'
367
+        { echo "    try_files \$uri \$uri/ /index.php?\$args;";
368
+          echo "    auth_basic \"${EDITH_LOGIN_TEXT}\";";
369
+          echo '    auth_basic_user_file /etc/nginx/.edithpasswd;';
370
+          echo '  }';
371
+          echo '}'; } >> "$edith_nginx_site"
370 372
     else
371
-        echo -n '' > $edith_nginx_site
373
+        echo -n '' > "$edith_nginx_site"
372 374
     fi
373
-    echo 'server {' >> $edith_nginx_site
374
-    echo "    listen 127.0.0.1:$EDITH_ONION_PORT default_server;" >> $edith_nginx_site
375
-    echo "    server_name $EDITH_ONION_HOSTNAME;" >> $edith_nginx_site
376
-    echo '' >> $edith_nginx_site
375
+    { echo 'server {';
376
+      echo "    listen 127.0.0.1:$EDITH_ONION_PORT default_server;";
377
+      echo "    server_name $EDITH_ONION_HOSTNAME;";
378
+      echo ''; } >> "$edith_nginx_site"
377 379
     function_check nginx_compress
378
-    nginx_compress $EDITH_DOMAIN_NAME
379
-    echo '' >> $edith_nginx_site
380
+    nginx_compress "$EDITH_DOMAIN_NAME"
381
+    echo '' >> "$edith_nginx_site"
380 382
     function_check nginx_disable_sniffing
381
-    nginx_disable_sniffing $EDITH_DOMAIN_NAME
382
-    echo '' >> $edith_nginx_site
383
-    echo '  access_log /dev/null;' >> $edith_nginx_site
384
-    echo '  error_log /dev/null;' >> $edith_nginx_site
385
-    echo '' >> $edith_nginx_site
386
-    echo "  root /var/www/$EDITH_DOMAIN_NAME/htdocs;" >> $edith_nginx_site
387
-    echo '' >> $edith_nginx_site
388
-    echo '  index index.php;' >> $edith_nginx_site
389
-    echo '' >> $edith_nginx_site
390
-    echo '  # PHP' >> $edith_nginx_site
391
-    echo '  location ~ \.php {' >> $edith_nginx_site
392
-    echo '    include snippets/fastcgi-php.conf;' >> $edith_nginx_site
393
-    echo '    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;' >> $edith_nginx_site
394
-    echo '    fastcgi_read_timeout 30;' >> $edith_nginx_site
395
-    echo '  }' >> $edith_nginx_site
396
-    echo '' >> $edith_nginx_site
397
-    echo '  # Location' >> $edith_nginx_site
398
-    echo '  location / {' >> $edith_nginx_site
383
+    nginx_disable_sniffing "$EDITH_DOMAIN_NAME"
384
+    { echo '';
385
+      echo '  access_log /dev/null;';
386
+      echo '  error_log /dev/null;';
387
+      echo '';
388
+      echo "  root /var/www/$EDITH_DOMAIN_NAME/htdocs;";
389
+      echo '';
390
+      echo '  index index.php;';
391
+      echo '';
392
+      echo '  # PHP';
393
+      echo '  location ~ \.php {';
394
+      echo '    include snippets/fastcgi-php.conf;';
395
+      echo '    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;';
396
+      echo '    fastcgi_read_timeout 30;';
397
+      echo '  }';
398
+      echo '';
399
+      echo '  # Location';
400
+      echo '  location / {'; } >> "$edith_nginx_site"
399 401
     function_check nginx_limits
400 402
     nginx_limits $EDITH_DOMAIN_NAME '15m'
401
-    echo '    try_files $uri $uri/ /index.php?$args;' >> $edith_nginx_site
402
-    echo "    auth_basic \"${EDITH_LOGIN_TEXT}\";" >> $edith_nginx_site
403
-    echo '    auth_basic_user_file /etc/nginx/.edithpasswd;' >> $edith_nginx_site
404
-    echo '  }' >> $edith_nginx_site
405
-    echo '}' >> $edith_nginx_site
403
+    { echo "    try_files \$uri \$uri/ /index.php?\$args;";
404
+      echo "    auth_basic \"${EDITH_LOGIN_TEXT}\";";
405
+      echo '    auth_basic_user_file /etc/nginx/.edithpasswd;';
406
+      echo '  }';
407
+      echo '}'; } >> "$edith_nginx_site"
406 408
 
407 409
     function_check configure_php
408 410
     configure_php
409 411
 
410 412
     function_check create_site_certificate
411
-    create_site_certificate $EDITH_DOMAIN_NAME 'yes'
413
+    create_site_certificate "$EDITH_DOMAIN_NAME" 'yes'
412 414
 
413 415
     # create a password for users
414 416
     if [ ! -f /etc/nginx/.edithpasswd ]; then
@@ -417,24 +419,23 @@ function install_edith {
417 419
     if grep -q "$MY_USERNAME:" /etc/nginx/.edithpasswd; then
418 420
         sed -i "/$MY_USERNAME:/d" /etc/nginx/.edithpasswd
419 421
     fi
420
-    echo -n "$EDITH_PASSWORD" | htpasswd -i -s -c /etc/nginx/.edithpasswd $MY_USERNAME
422
+    echo -n "$EDITH_PASSWORD" | htpasswd -i -s -c /etc/nginx/.edithpasswd "$MY_USERNAME"
421 423
     if [ ! -f /etc/nginx/.edithpasswd ]; then
422 424
         echo $'/etc/nginx/.edithpasswd not found'
423 425
         exit 6537683563
424 426
     fi
425 427
 
426
-    ${PROJECT_NAME}-pass -u $MY_USERNAME -a edith -p "$EDITH_PASSWORD"
428
+    "${PROJECT_NAME}-pass" -u "$MY_USERNAME" -a edith -p "$EDITH_PASSWORD"
427 429
 
428
-    cp /var/www/$EDITH_DOMAIN_NAME/htdocs/htaccess.example /var/www/$EDITH_DOMAIN_NAME/htdocs/.htaccess
429
-    cd /var/www/$EDITH_DOMAIN_NAME/htdocs
430
+    cp "/var/www/$EDITH_DOMAIN_NAME/htdocs/htaccess.example" "/var/www/$EDITH_DOMAIN_NAME/htdocs/.htaccess"
431
+    cd "/var/www/$EDITH_DOMAIN_NAME/htdocs" || exit 26482468
430 432
     npm install -g coffeescript uglify-js
431
-    cake build
432
-    if [ ! "$?" = "0" ]; then
433
+    if ! cake build; then
433 434
         echo $'Unable to build Edith'
434 435
         exit 7396483635
435 436
     fi
436 437
     cp config.example.php config.php
437
-    if [[ $ONION_ONLY == "no" ]]; then
438
+    if [[ "$ONION_ONLY" == "no" ]]; then
438 439
         sed -i "s|define('EDITH_URI'.*|define('EDITH_URI', 'https://$EDITH_DOMAIN_NAME');|g" config.php
439 440
     else
440 441
         sed -i "s|define('EDITH_URI'.*|define('EDITH_URI', 'http://$EDITH_ONION_HOSTNAME');|g" config.php
@@ -445,20 +446,20 @@ function install_edith {
445 446
 
446 447
     remove_bad_links_edith
447 448
 
448
-    chown -R www-data:www-data /var/www/$EDITH_DOMAIN_NAME/htdocs
449
-    chmod a+w /var/www/$EDITH_DOMAIN_NAME/htdocs/data
450
-    nginx_ensite $EDITH_DAEMON_NAME
449
+    chown -R www-data:www-data "/var/www/$EDITH_DOMAIN_NAME/htdocs"
450
+    chmod a+w "/var/www/$EDITH_DOMAIN_NAME/htdocs/data"
451
+    nginx_ensite "$EDITH_DAEMON_NAME"
451 452
     systemctl restart nginx
452 453
 
453 454
     APP_INSTALLED=1
454 455
 }
455 456
 
456 457
 function install_interactive_edith {
457
-    if [ ! $ONION_ONLY ]; then
458
+    if [ ! "$ONION_ONLY" ]; then
458 459
         ONION_ONLY='no'
459 460
     fi
460 461
 
461
-    if [[ $ONION_ONLY != "no" ]]; then
462
+    if [[ "$ONION_ONLY" != "no" ]]; then
462 463
         GHOST_DOMAIN_NAME='edith.local'
463 464
         write_config_param "EDITH_DOMAIN_NAME" "$EDITH_DOMAIN_NAME"
464 465
     else

+ 147
- 145
src/freedombone-app-emacs Zobrazit soubor

@@ -57,13 +57,13 @@ function backup_local_emacs {
57 57
     for d in /home/*/ ; do
58 58
         USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
59 59
         if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
60
-            if [ -d /home/$USERNAME/.emacs.d ]; then
60
+            if [ -d "/home/$USERNAME/.emacs.d" ]; then
61 61
                 echo $"Backing up Emacs config for $USERNAME"
62
-                if [ -f /home/$USERNAME/.emacs ]; then
63
-                    cp /home/$USERNAME/.emacs /home/$USERNAME/.emacs.d/dotemacs
62
+                if [ -f "/home/$USERNAME/.emacs" ]; then
63
+                    cp "/home/$USERNAME/.emacs" "/home/$USERNAME/.emacs.d/dotemacs"
64 64
                 fi
65 65
                 function_check backup_directory_to_usb
66
-                backup_directory_to_usb /home/$USERNAME/.emacs.d emacs/$USERNAME
66
+                backup_directory_to_usb "/home/$USERNAME/.emacs.d" "emacs/$USERNAME"
67 67
             fi
68 68
         fi
69 69
     done
@@ -71,24 +71,25 @@ function backup_local_emacs {
71 71
 
72 72
 function restore_local_emacs {
73 73
     temp_restore_dir=/root/tempemacs
74
-    if [ -d $USB_MOUNT/backup/emacs ]; then
74
+    if [ -d "$USB_MOUNT/backup/emacs" ]; then
75 75
         for d in $USB_MOUNT/backup/emacs/*/ ; do
76 76
             USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
77 77
             if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
78
-                if [ ! -d /home/$USERNAME ]; then
79
-                    ${PROJECT_NAME}-adduser $USERNAME
78
+                if [ ! -d "/home/$USERNAME" ]; then
79
+                    "${PROJECT_NAME}-adduser" "$USERNAME"
80 80
                 fi
81 81
                 echo $"Restoring Emacs config for $USERNAME"
82 82
                 function_check restore_directory_from_usb
83
-                restore_directory_from_usb $temp_restore_dir emacs/$USERNAME
84
-                if [ -d $temp_restore_dir/home/$USERNAME/.emacs.d ]; then
85
-                    cp -r $temp_restore_dir/home/$USERNAME/.emacs.d /home/$USERNAME/
83
+                restore_directory_from_usb "$temp_restore_dir" "emacs/$USERNAME"
84
+                if [ -d "$temp_restore_dir/home/$USERNAME/.emacs.d" ]; then
85
+                    cp -r "$temp_restore_dir/home/$USERNAME/.emacs.d" "/home/$USERNAME/"
86 86
                 else
87
-                    if [ ! -d /home/$USERNAME/.emacs.d ]; then
88
-                        mkdir /home/$USERNAME/.emacs.d
87
+                    if [ ! -d "/home/$USERNAME/.emacs.d" ]; then
88
+                        mkdir "/home/$USERNAME/.emacs.d"
89 89
                     fi
90
-                    cp -r $temp_restore_dir/* /home/$USERNAME/.emacs.d
90
+                    cp -r "$temp_restore_dir/*" "/home/$USERNAME/.emacs.d"
91 91
                 fi
92
+                # shellcheck disable=SC2181
92 93
                 if [ ! "$?" = "0" ]; then
93 94
                     rm -rf $temp_restore_dir
94 95
                     function_check set_user_permissions
@@ -97,10 +98,10 @@ function restore_local_emacs {
97 98
                     backup_unmount_drive
98 99
                     exit 664
99 100
                 fi
100
-                if [ -d $temp_restore_dir/home/$USERNAME/.emacs.d ]; then
101
-                    cp -f $temp_restore_dir/home/$USERNAME/.emacs.d/dotemacs /home/$USERNAME/.emacs
101
+                if [ -d "$temp_restore_dir/home/$USERNAME/.emacs.d" ]; then
102
+                    cp -f "$temp_restore_dir/home/$USERNAME/.emacs.d/dotemacs" "/home/$USERNAME/.emacs"
102 103
                 else
103
-                    cp -f $temp_restore_dir/dotemacs /home/$USERNAME/.emacs
104
+                    cp -f "$temp_restore_dir/dotemacs" "/home/$USERNAME/.emacs"
104 105
                 fi
105 106
                 rm -rf $temp_restore_dir
106 107
             fi
@@ -112,13 +113,13 @@ function backup_remote_emacs {
112 113
     for d in /home/*/ ; do
113 114
         USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
114 115
         if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
115
-            if [ -d /home/$USERNAME/.emacs.d ]; then
116
+            if [ -d "/home/$USERNAME/.emacs.d" ]; then
116 117
                 echo $"Backing up Emacs config for $USERNAME"
117
-                if [ -f /home/$USERNAME/.emacs ]; then
118
-                    cp /home/$USERNAME/.emacs /home/$USERNAME/.emacs.d/dotemacs
118
+                if [ -f "/home/$USERNAME/.emacs" ]; then
119
+                    cp "/home/$USERNAME/.emacs" "/home/$USERNAME/.emacs.d/dotemacs"
119 120
                 fi
120 121
                 function_check backup_directory_to_friend
121
-                backup_directory_to_friend /home/$USERNAME/.emacs.d emacs/$USERNAME
122
+                backup_directory_to_friend "/home/$USERNAME/.emacs.d" "emacs/$USERNAME"
122 123
             fi
123 124
         fi
124 125
     done
@@ -126,24 +127,25 @@ function backup_remote_emacs {
126 127
 
127 128
 function restore_remote_emacs {
128 129
     temp_restore_dir=/root/tempemacs
129
-    if [ -d $USB_MOUNT/backup/emacs ]; then
130
+    if [ -d "$USB_MOUNT/backup/emacs" ]; then
130 131
         for d in $USB_MOUNT/backup/emacs/*/ ; do
131 132
             USERNAME=$(echo "$d" | awk -F '/' '{print $6}')
132 133
             if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
133
-                if [ ! -d /home/$USERNAME ]; then
134
-                    ${PROJECT_NAME}-adduser $USERNAME
134
+                if [ ! -d "/home/$USERNAME" ]; then
135
+                    "${PROJECT_NAME}-adduser" "$USERNAME"
135 136
                 fi
136 137
                 echo $"Restoring Emacs config for $USERNAME"
137 138
                 function_check restore_directory_from_friend
138
-                restore_directory_from_friend $temp_restore_dir emacs/$USERNAME
139
-                if [ -d $temp_restore_dir/home/$USERNAME/.emacs.d ]; then
140
-                    cp -r $temp_restore_dir/home/$USERNAME/.emacs.d /home/$USERNAME/
139
+                restore_directory_from_friend "$temp_restore_dir" "emacs/$USERNAME"
140
+                if [ -d "$temp_restore_dir/home/$USERNAME/.emacs.d" ]; then
141
+                    cp -r "$temp_restore_dir/home/$USERNAME/.emacs.d" "/home/$USERNAME/"
141 142
                 else
142
-                    if [ ! -d /home/$USERNAME/.emacs.d ]; then
143
-                        mkdir /home/$USERNAME/.emacs.d
143
+                    if [ ! -d "/home/$USERNAME/.emacs.d" ]; then
144
+                        mkdir "/home/$USERNAME/.emacs.d"
144 145
                     fi
145
-                    cp -r $temp_restore_dir/* /home/$USERNAME/.emacs.d/*
146
+                    cp -r "$temp_restore_dir/*" "/home/$USERNAME/.emacs.d/*"
146 147
                 fi
148
+                # shellcheck disable=SC2181
147 149
                 if [ ! "$?" = "0" ]; then
148 150
                     rm -rf $temp_restore_dir
149 151
                     function_check set_user_permissions
@@ -152,10 +154,10 @@ function restore_remote_emacs {
152 154
                     backup_unmount_drive
153 155
                     exit 664
154 156
                 fi
155
-                if [ -d $temp_restore_dir/home/$USERNAME/.emacs.d ]; then
156
-                    cp -f $temp_restore_dir/home/$USERNAME/.emacs.d/dotemacs /home/$USERNAME/.emacs
157
+                if [ -d "$temp_restore_dir/home/$USERNAME/.emacs.d" ]; then
158
+                    cp -f "$temp_restore_dir/home/$USERNAME/.emacs.d/dotemacs" "/home/$USERNAME/.emacs"
157 159
                 else
158
-                    cp -f $temp_restore_dir/dotemacs /home/$USERNAME/.emacs
160
+                    cp -f "$temp_restore_dir/dotemacs" "/home/$USERNAME/.emacs"
159 161
                 fi
160 162
                 rm -rf $temp_restore_dir
161 163
             fi
@@ -166,7 +168,7 @@ function restore_remote_emacs {
166 168
 function remove_emacs {
167 169
     apt-get -yq remove --purge emacs
168 170
     update-alternatives --set editor /usr/bin/nano
169
-    sed -i '/install_emacs/d' $COMPLETION_FILE
171
+    sed -i '/install_emacs/d' "$COMPLETION_FILE"
170 172
 
171 173
     # remove emacs as the mutt email editor
172 174
     if [ -f /etc/Muttrc ]; then
@@ -176,9 +178,9 @@ function remove_emacs {
176 178
         for d in /home/*/ ; do
177 179
             USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
178 180
             if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
179
-                if [ -f /home/$USERNAME/.muttrc ]; then
180
-                    if grep -q "set editor=" /home/$USERNAME/.muttrc; then
181
-                        sed -i '/set editor=/d' /home/$USERNAME/.muttrc
181
+                if [ -f "/home/$USERNAME/.muttrc" ]; then
182
+                    if grep -q "set editor=" "/home/$USERNAME/.muttrc"; then
183
+                        sed -i '/set editor=/d' "/home/$USERNAME/.muttrc"
182 184
                     fi
183 185
                 fi
184 186
             fi
@@ -194,74 +196,74 @@ function install_emacs {
194 196
     #echo -n "(add-to-list 'load-path " > /home/$MY_USERNAME/.emacs
195 197
     #echo '"~/.emacs.d/")' >> /home/$MY_USERNAME/.emacs
196 198
     #echo '' >> /home/$MY_USERNAME/.emacs
197
-    echo $';; ===== Remove trailing whitepace ======================================' >> /home/$MY_USERNAME/.emacs
198
-    echo '' >> /home/$MY_USERNAME/.emacs
199
-    echo ";;(add-hook 'before-save-hook 'delete-trailing-whitespace)" >> /home/$MY_USERNAME/.emacs
200
-    echo '' >> /home/$MY_USERNAME/.emacs
201
-    echo ';; Goto a line number with CTRL-l' >> /home/$MY_USERNAME/.emacs
202
-    echo -n '(global-set-key "\C-l" ' >> /home/$MY_USERNAME/.emacs
203
-    echo "'goto-line)" >> /home/$MY_USERNAME/.emacs
204
-    echo '' >> /home/$MY_USERNAME/.emacs
205
-    echo $';; ===== Show line numbers ==============================================' >> /home/$MY_USERNAME/.emacs
206
-    echo '' >> /home/$MY_USERNAME/.emacs
207
-    echo "(add-hook 'find-file-hook (lambda () (linum-mode 1)))" >> /home/$MY_USERNAME/.emacs
208
-    echo '' >> /home/$MY_USERNAME/.emacs
209
-    echo $';; ===== Enable line wrapping in org-mode ===============================' >> /home/$MY_USERNAME/.emacs
210
-    echo '' >> /home/$MY_USERNAME/.emacs
211
-    echo " (add-hook 'org-mode-hook" >> /home/$MY_USERNAME/.emacs
212
-    echo "           '(lambda ()" >> /home/$MY_USERNAME/.emacs
213
-    echo "              (visual-line-mode 1)))" >> /home/$MY_USERNAME/.emacs
214
-    echo '' >> /home/$MY_USERNAME/.emacs
215
-    echo $';; ===== Enable shift select in org mode ================================' >> /home/$MY_USERNAME/.emacs
216
-    echo '' >> /home/$MY_USERNAME/.emacs
217
-    echo '(setq org-support-shift-select t)' >> /home/$MY_USERNAME/.emacs
218
-    echo '' >> /home/$MY_USERNAME/.emacs
219
-    echo $';; ===== Set standard indent to 4 rather that 4 =========================' >> /home/$MY_USERNAME/.emacs
220
-    echo '' >> /home/$MY_USERNAME/.emacs
221
-    echo '(setq standard-indent 4)' >> /home/$MY_USERNAME/.emacs
222
-    echo '(setq-default tab-width 4)' >> /home/$MY_USERNAME/.emacs
223
-    echo '(setq c-basic-offset 4)' >> /home/$MY_USERNAME/.emacs
224
-    echo '' >> /home/$MY_USERNAME/.emacs
225
-    echo $';; ===== Support Wheel Mouse Scrolling ==================================' >> /home/$MY_USERNAME/.emacs
226
-    echo '' >> /home/$MY_USERNAME/.emacs
227
-    echo '(mouse-wheel-mode t)' >> /home/$MY_USERNAME/.emacs
228
-    echo '' >> /home/$MY_USERNAME/.emacs
229
-    echo $';; ===== Place Backup Files in Specific Directory =======================' >> /home/$MY_USERNAME/.emacs
230
-    echo '' >> /home/$MY_USERNAME/.emacs
231
-    echo '(setq make-backup-files t)' >> /home/$MY_USERNAME/.emacs
232
-    echo '(setq version-control t)' >> /home/$MY_USERNAME/.emacs
233
-    echo '(setq backup-directory-alist (quote ((".*" . "~/.emacs_backups/"))))' >> /home/$MY_USERNAME/.emacs
234
-    echo '' >> /home/$MY_USERNAME/.emacs
235
-    echo $';; ===== Make Text mode the default mode for new buffers ================' >> /home/$MY_USERNAME/.emacs
236
-    echo '' >> /home/$MY_USERNAME/.emacs
237
-    echo "(setq default-major-mode 'text-mode)" >> /home/$MY_USERNAME/.emacs
238
-    echo '' >> /home/$MY_USERNAME/.emacs
239
-    echo $';; ===== Line length ====================================================' >> /home/$MY_USERNAME/.emacs
240
-    echo '' >> /home/$MY_USERNAME/.emacs
241
-    echo '(setq-default fill-column 72)' >> /home/$MY_USERNAME/.emacs
242
-    echo '' >> /home/$MY_USERNAME/.emacs
243
-    echo $';; ===== Enable Line and Column Numbering ===============================' >> /home/$MY_USERNAME/.emacs
244
-    echo '' >> /home/$MY_USERNAME/.emacs
245
-    echo '(line-number-mode 1)' >> /home/$MY_USERNAME/.emacs
246
-    echo '(column-number-mode 1)' >> /home/$MY_USERNAME/.emacs
247
-    echo '' >> /home/$MY_USERNAME/.emacs
248
-    echo $';; ===== Turn on Auto Fill mode automatically in all modes ==============' >> /home/$MY_USERNAME/.emacs
249
-    echo '' >> /home/$MY_USERNAME/.emacs
250
-    echo ';; Auto-fill-mode the the automatic wrapping of lines and insertion of' >> /home/$MY_USERNAME/.emacs
251
-    echo ';; newlines when the cursor goes over the column limit.' >> /home/$MY_USERNAME/.emacs
252
-    echo '' >> /home/$MY_USERNAME/.emacs
253
-    echo ';; This should actually turn on auto-fill-mode by default in all major' >> /home/$MY_USERNAME/.emacs
254
-    echo ';; modes. The other way to do this is to turn on the fill for specific modes' >> /home/$MY_USERNAME/.emacs
255
-    echo ';; via hooks.' >> /home/$MY_USERNAME/.emacs
256
-    echo '' >> /home/$MY_USERNAME/.emacs
257
-    echo '(setq auto-fill-mode 1)' >> /home/$MY_USERNAME/.emacs
258
-    echo '' >> /home/$MY_USERNAME/.emacs
259
-    echo $';; ===== Enable GPG encryption =========================================' >> /home/$MY_USERNAME/.emacs
260
-    echo '' >> /home/$MY_USERNAME/.emacs
261
-    echo "(require 'epa)" >> /home/$MY_USERNAME/.emacs
262
-    echo '(epa-file-enable)' >> /home/$MY_USERNAME/.emacs
263
-    cp /home/$MY_USERNAME/.emacs /root/.emacs
264
-    chown $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.emacs
199
+    { echo $';; ===== Remove trailing whitepace ======================================';
200
+      echo '';
201
+      echo ";;(add-hook 'before-save-hook 'delete-trailing-whitespace)";
202
+      echo '';
203
+      echo ';; Goto a line number with CTRL-l';
204
+      echo -n '(global-set-key "\C-l" ';
205
+      echo "'goto-line)";
206
+      echo '';
207
+      echo $';; ===== Show line numbers ==============================================';
208
+      echo '';
209
+      echo "(add-hook 'find-file-hook (lambda () (linum-mode 1)))";
210
+      echo '';
211
+      echo $';; ===== Enable line wrapping in org-mode ===============================';
212
+      echo '';
213
+      echo " (add-hook 'org-mode-hook";
214
+      echo "           '(lambda ()";
215
+      echo "              (visual-line-mode 1)))";
216
+      echo '';
217
+      echo $';; ===== Enable shift select in org mode ================================';
218
+      echo '';
219
+      echo '(setq org-support-shift-select t)';
220
+      echo '';
221
+      echo $';; ===== Set standard indent to 4 rather that 4 =========================';
222
+      echo '';
223
+      echo '(setq standard-indent 4)';
224
+      echo '(setq-default tab-width 4)';
225
+      echo '(setq c-basic-offset 4)';
226
+      echo '';
227
+      echo $';; ===== Support Wheel Mouse Scrolling ==================================';
228
+      echo '';
229
+      echo '(mouse-wheel-mode t)';
230
+      echo '';
231
+      echo $';; ===== Place Backup Files in Specific Directory =======================';
232
+      echo '';
233
+      echo '(setq make-backup-files t)';
234
+      echo '(setq version-control t)';
235
+      echo '(setq backup-directory-alist (quote ((".*" . "~/.emacs_backups/"))))';
236
+      echo '';
237
+      echo $';; ===== Make Text mode the default mode for new buffers ================';
238
+      echo '';
239
+      echo "(setq default-major-mode 'text-mode)";
240
+      echo '';
241
+      echo $';; ===== Line length ====================================================';
242
+      echo '';
243
+      echo '(setq-default fill-column 72)';
244
+      echo '';
245
+      echo $';; ===== Enable Line and Column Numbering ===============================';
246
+      echo '';
247
+      echo '(line-number-mode 1)';
248
+      echo '(column-number-mode 1)';
249
+      echo '';
250
+      echo $';; ===== Turn on Auto Fill mode automatically in all modes ==============';
251
+      echo '';
252
+      echo ';; Auto-fill-mode the the automatic wrapping of lines and insertion of';
253
+      echo ';; newlines when the cursor goes over the column limit.';
254
+      echo '';
255
+      echo ';; This should actually turn on auto-fill-mode by default in all major';
256
+      echo ';; modes. The other way to do this is to turn on the fill for specific modes';
257
+      echo ';; via hooks.';
258
+      echo '';
259
+      echo '(setq auto-fill-mode 1)';
260
+      echo '';
261
+      echo $';; ===== Enable GPG encryption =========================================';
262
+      echo '';
263
+      echo "(require 'epa)";
264
+      echo '(epa-file-enable)'; } >> "/home/$MY_USERNAME/.emacs"
265
+    cp "/home/$MY_USERNAME/.emacs" /root/.emacs
266
+    chown "$MY_USERNAME":"$MY_USERNAME" "/home/$MY_USERNAME/.emacs"
265 267
 
266 268
     # add a mutt entry to use emacs to compose emails
267 269
     if [ -f /etc/Muttrc ]; then
@@ -273,92 +275,92 @@ function install_emacs {
273 275
         for d in /home/*/ ; do
274 276
             USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
275 277
             if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
276
-                if [ -f /home/$USERNAME/.muttrc ]; then
277
-                    if ! grep -q "set editor=" /home/$USERNAME/.muttrc; then
278
-                        echo 'set editor="emacs -q --load ~/.emacs-mutt"' >> /home/$USERNAME/.muttrc
278
+                if [ -f "/home/$USERNAME/.muttrc" ]; then
279
+                    if ! grep -q "set editor=" "/home/$USERNAME/.muttrc"; then
280
+                        echo 'set editor="emacs -q --load ~/.emacs-mutt"' >> "/home/$USERNAME/.muttrc"
279 281
                     else
280
-                        sed -i 's|set editor=.*|set editor="emacs -q --load ~/.emacs-mutt"|g' /home/$USERNAME/.muttrc
282
+                        sed -i 's|set editor=.*|set editor="emacs -q --load ~/.emacs-mutt"|g' "/home/$USERNAME/.muttrc"
281 283
                     fi
282 284
                 fi
283 285
 
284 286
                 # create an Emacs configuration specifically for use with Mutt, which
285 287
                 # has word wrap and spell checking on by default
286
-                if [ ! -f /home/$USERNAME/.emacs-mutt ]; then
287
-                    echo "(add-hook 'before-save-hook 'delete-trailing-whitespace)" > /home/$USERNAME/.emacs-mutt
288
-                    echo '(setq org-support-shift-select t)' >> /home/$USERNAME/.emacs-mutt
289
-                    echo '(setq standard-indent 4)' >> /home/$USERNAME/.emacs-mutt
290
-                    echo '(setq-default tab-width 4)' >> /home/$USERNAME/.emacs-mutt
291
-                    echo '(setq c-basic-offset 4)' >> /home/$USERNAME/.emacs-mutt
292
-                    echo '(mouse-wheel-mode t)' >> /home/$USERNAME/.emacs-mutt
293
-                    echo '(setq make-backup-files t)' >> /home/$USERNAME/.emacs-mutt
294
-                    echo '(setq version-control t)' >> /home/$USERNAME/.emacs-mutt
295
-                    echo '(setq backup-directory-alist (quote ((".*" . "~/.emacs_backups/"))))' >> /home/$USERNAME/.emacs-mutt
296
-                    echo "(setq default-major-mode 'text-mode)" >> /home/$USERNAME/.emacs-mutt
297
-                    echo "(dolist (hook '(text-mode-hook))" >> /home/$USERNAME/.emacs-mutt
298
-                    echo '    (add-hook hook (lambda () (flyspell-mode 1))))' >> /home/$USERNAME/.emacs-mutt
299
-                    echo '(setq-default fill-column 72)' >> /home/$USERNAME/.emacs-mutt
288
+                if [ ! -f "/home/$USERNAME/.emacs-mutt" ]; then
289
+                    { echo "(add-hook 'before-save-hook 'delete-trailing-whitespace)";
290
+                    echo '(setq org-support-shift-select t)';
291
+                    echo '(setq standard-indent 4)';
292
+                    echo '(setq-default tab-width 4)';
293
+                    echo '(setq c-basic-offset 4)';
294
+                    echo '(mouse-wheel-mode t)';
295
+                    echo '(setq make-backup-files t)';
296
+                    echo '(setq version-control t)';
297
+                    echo '(setq backup-directory-alist (quote ((".*" . "~/.emacs_backups/"))))';
298
+                    echo "(setq default-major-mode 'text-mode)";
299
+                    echo "(dolist (hook '(text-mode-hook))";
300
+                    echo '    (add-hook hook (lambda () (flyspell-mode 1))))';
301
+                    echo '(setq-default fill-column 72)'; } > "/home/$USERNAME/.emacs-mutt"
300 302
                     if [[ $DEFAULT_LANGUAGE == 'en_US'* ]]; then
301
-                        echo '(setq ispell-dictionary "american")' >> /home/$USERNAME/.emacs-mutt
303
+                        echo '(setq ispell-dictionary "american")' >> "/home/$USERNAME/.emacs-mutt"
302 304
                     fi
303 305
                     if [[ $DEFAULT_LANGUAGE == 'en_GB'* ]]; then
304
-                        echo '(setq ispell-dictionary "british")' >> /home/$USERNAME/.emacs-mutt
306
+                        echo '(setq ispell-dictionary "british")' >> "/home/$USERNAME/.emacs-mutt"
305 307
                     fi
306 308
                     if [[ $DEFAULT_LANGUAGE == 'fr_FR'* ]]; then
307
-                        echo '(setq ispell-dictionary "french")' >> /home/$USERNAME/.emacs-mutt
309
+                        echo '(setq ispell-dictionary "french")' >> "/home/$USERNAME/.emacs-mutt"
308 310
                     fi
309 311
                     if [[ $DEFAULT_LANGUAGE == 'it_IT'* ]]; then
310
-                        echo '(setq ispell-dictionary "italian")' >> /home/$USERNAME/.emacs-mutt
312
+                        echo '(setq ispell-dictionary "italian")' >> "/home/$USERNAME/.emacs-mutt"
311 313
                     fi
312 314
                     if [[ $DEFAULT_LANGUAGE == 'cs_CZ'* ]]; then
313
-                        echo '(setq ispell-dictionary "czech")' >> /home/$USERNAME/.emacs-mutt
315
+                        echo '(setq ispell-dictionary "czech")' >> "/home/$USERNAME/.emacs-mutt"
314 316
                     fi
315 317
                     if [[ $DEFAULT_LANGUAGE == 'da_DK'* ]]; then
316
-                        echo '(setq ispell-dictionary "danish")' >> /home/$USERNAME/.emacs-mutt
318
+                        echo '(setq ispell-dictionary "danish")' >> "/home/$USERNAME/.emacs-mutt"
317 319
                     fi
318 320
                     if [[ $DEFAULT_LANGUAGE == 'nl_NL'* ]]; then
319
-                        echo '(setq ispell-dictionary "dutch")' >> /home/$USERNAME/.emacs-mutt
321
+                        echo '(setq ispell-dictionary "dutch")' >> "/home/$USERNAME/.emacs-mutt"
320 322
                     fi
321 323
                     if [[ $DEFAULT_LANGUAGE == 'ru_RU'* ]]; then
322
-                        echo '(setq ispell-dictionary "russian")' >> /home/$USERNAME/.emacs-mutt
324
+                        echo '(setq ispell-dictionary "russian")' >> "/home/$USERNAME/.emacs-mutt"
323 325
                     fi
324 326
                     if [[ $DEFAULT_LANGUAGE == 'es_ES'* ]]; then
325
-                        echo '(setq ispell-dictionary "spanish")' >> /home/$USERNAME/.emacs-mutt
327
+                        echo '(setq ispell-dictionary "spanish")' >> "/home/$USERNAME/.emacs-mutt"
326 328
                     fi
327 329
                     if [[ $DEFAULT_LANGUAGE == 'sv_SE'* ]]; then
328
-                        echo '(setq ispell-dictionary "swedish")' >> /home/$USERNAME/.emacs-mutt
330
+                        echo '(setq ispell-dictionary "swedish")' >> "/home/$USERNAME/.emacs-mutt"
329 331
                     fi
330 332
                     if [[ $DEFAULT_LANGUAGE == 'no_NO'* ]]; then
331
-                        echo '(setq ispell-dictionary "norwegian")' >> /home/$USERNAME/.emacs-mutt
333
+                        echo '(setq ispell-dictionary "norwegian")' >> "/home/$USERNAME/.emacs-mutt"
332 334
                     fi
333 335
                     if [[ $DEFAULT_LANGUAGE == 'de_DE'* ]]; then
334
-                        echo '(setq ispell-dictionary "ngerman")' >> /home/$USERNAME/.emacs-mutt
336
+                        echo '(setq ispell-dictionary "ngerman")' >> "/home/$USERNAME/.emacs-mutt"
335 337
                     fi
336 338
                     if [[ $DEFAULT_LANGUAGE == 'bg_BG'* ]]; then
337
-                        echo '(setq ispell-dictionary "bulgarian")' >> /home/$USERNAME/.emacs-mutt
339
+                        echo '(setq ispell-dictionary "bulgarian")' >> "/home/$USERNAME/.emacs-mutt"
338 340
                     fi
339 341
                     if [[ $DEFAULT_LANGUAGE == 'pl'* ]]; then
340
-                        echo '(setq ispell-dictionary "polish")' >> /home/$USERNAME/.emacs-mutt
342
+                        echo '(setq ispell-dictionary "polish")' >> "/home/$USERNAME/.emacs-mutt"
341 343
                     fi
342 344
                     if [[ $DEFAULT_LANGUAGE == 'et_EE'* ]]; then
343
-                        echo '(setq ispell-dictionary "estonian")' >> /home/$USERNAME/.emacs-mutt
345
+                        echo '(setq ispell-dictionary "estonian")' >> "/home/$USERNAME/.emacs-mutt"
344 346
                     fi
345 347
                     if [[ $DEFAULT_LANGUAGE == 'lt_LT'* ]]; then
346
-                        echo '(setq ispell-dictionary "lithuanian")' >> /home/$USERNAME/.emacs-mutt
348
+                        echo '(setq ispell-dictionary "lithuanian")' >> "/home/$USERNAME/.emacs-mutt"
347 349
                     fi
348 350
                     if [[ $DEFAULT_LANGUAGE == 'uk_UA'* ]]; then
349
-                        echo '(setq ispell-dictionary "ukranian")' >> /home/$USERNAME/.emacs-mutt
351
+                        echo '(setq ispell-dictionary "ukranian")' >> "/home/$USERNAME/.emacs-mutt"
350 352
                     fi
351 353
                     if [[ $DEFAULT_LANGUAGE == 'ca_ES'* ]]; then
352
-                        echo '(setq ispell-dictionary "catalan")' >> /home/$USERNAME/.emacs-mutt
354
+                        echo '(setq ispell-dictionary "catalan")' >> "/home/$USERNAME/.emacs-mutt"
353 355
                     fi
354
-                    echo '(setq auto-fill-mode 0)' >> /home/$USERNAME/.emacs-mutt
355
-                    echo "(add-hook 'text-mode-hook 'turn-on-auto-fill)" >> /home/$USERNAME/.emacs-mutt
356
-                    echo "(setq-default auto-fill-function 'do-auto-fill)" >> /home/$USERNAME/.emacs-mutt
357
-                    chown $USERNAME:$USERNAME /home/$USERNAME/.emacs-mutt
356
+                    { echo '(setq auto-fill-mode 0)';
357
+                      echo "(add-hook 'text-mode-hook 'turn-on-auto-fill)";
358
+                      echo "(setq-default auto-fill-function 'do-auto-fill)"; } >> "/home/$USERNAME/.emacs-mutt"
359
+                    chown "$USERNAME":"$USERNAME" "/home/$USERNAME/.emacs-mutt"
358 360
 
359 361
                     # add the emacs mutt configuration to the user profile skeleton
360 362
                     if [ ! -f /etc/skel/.emacs-mutt ]; then
361
-                        cp /home/$USERNAME/.emacs-mutt /etc/skel/.emacs-mutt
363
+                        cp "/home/$USERNAME/.emacs-mutt" /etc/skel/.emacs-mutt
362 364
                         chown root:root /etc/skel/.emacs-mutt
363 365
                     fi
364 366
                 fi

+ 40
- 40
src/freedombone-utils-go Zobrazit soubor

@@ -51,7 +51,7 @@ function select_go_version {
51 51
     else
52 52
         sed -i "s|export GVM_ROOT=.*|export GVM_ROOT=$GVM_ROOT|g" ~/.bashrc
53 53
     fi
54
-    cd $GVM_ROOT/bin
54
+    cd "$GVM_ROOT/bin" || exit 3873658
55 55
     [[ -s "$GVM_ROOT/scripts/gvm" ]] && source "$GVM_ROOT/scripts/gvm"
56 56
     gvm use go${GO_VERSION} --default
57 57
 
@@ -60,21 +60,21 @@ function select_go_version {
60 60
         exit 629825
61 61
     fi
62 62
 
63
-    systemctl set-environment GOPATH=$GOPATH
63
+    systemctl set-environment GOPATH="$GOPATH"
64 64
 }
65 65
 
66 66
 function mesh_upgrade_golang_from_source {
67 67
     chroot "$rootdir" adduser --disabled-login --gecos 'go' ipfs
68 68
 
69
-    git clone $GO_REPO $rootdir/home/go/go${GO_VERSION}
70
-    cd $rootdir/home/go/go${GO_VERSION}
71
-    git checkout go${GO_VERSION} -b go${GO_VERSION}
69
+    git clone "$GO_REPO" "$rootdir/home/go/go${GO_VERSION}"
70
+    cd "$rootdir/home/go/go${GO_VERSION}" || exit 3463635
71
+    git checkout "go${GO_VERSION}" -b "go${GO_VERSION}"
72 72
 
73
-    git clone $GO_REPO $rootdir/home/go/go${GO_INTERMEDIATE_VERSION}
74
-    cd $rootdir/home/go/go${GO_INTERMEDIATE_VERSION}
73
+    git clone "$GO_REPO" "$rootdir/home/go/go${GO_INTERMEDIATE_VERSION}"
74
+    cd "$rootdir/home/go/go${GO_INTERMEDIATE_VERSION}" || exit 672845624
75 75
     git checkout go${GO_INTERMEDIATE_VERSION} -b go${GO_INTERMEDIATE_VERSION}
76 76
 
77
-    cat <<EOF > ${rootdir}/root/upgrade_golang.sh
77
+    cat <<EOF > "${rootdir}/root/upgrade_golang.sh"
78 78
 #!/bin/bash
79 79
 
80 80
 apt-get -yq install build-essential libc6-dev
@@ -119,20 +119,20 @@ systemctl set-environment GOROOT=\$GOROOT
119 119
 
120 120
 exit 0
121 121
 EOF
122
-    chroot ${rootdir} chmod +x /root/upgrade_golang.sh
123
-    chroot ${rootdir} /root/upgrade_golang.sh
124
-    if [ ! -f ${rootdir}/home/go/go${GO_VERSION}/bin/go ]; then
122
+    chroot "${rootdir}" chmod +x /root/upgrade_golang.sh
123
+    chroot "${rootdir}" /root/upgrade_golang.sh
124
+    if [ ! -f "${rootdir}/home/go/go${GO_VERSION}/bin/go" ]; then
125 125
         echo $'Failed to upgrade golang'
126
-        cat ${rootdir}/root/upgrade_golang.sh
127
-        rm -f ${rootdir}/root/upgrade_golang.sh
126
+        cat "${rootdir}/root/upgrade_golang.sh"
127
+        rm -f "${rootdir}/root/upgrade_golang.sh"
128 128
         exit 836535
129 129
     fi
130
-    rm -f ${rootdir}/root/upgrade_golang.sh
130
+    rm -f "${rootdir}/root/upgrade_golang.sh"
131 131
 }
132 132
 
133 133
 function mesh_upgrade_golang {
134 134
     prefix=
135
-    if [ $rootdir ]; then
135
+    if [ "$rootdir" ]; then
136 136
         prefix="chroot $rootdir"
137 137
     fi
138 138
     $prefix adduser --disabled-login --gecos 'go' go
@@ -177,43 +177,43 @@ function mesh_upgrade_golang {
177 177
     fi
178 178
     GO_SOURCE=https://storage.googleapis.com/golang/go${GO_VERSION}.linux-${GOARCH}.tar.gz
179 179
 
180
-    if [ ! -d ${rootdir}${INSTALL_DIR} ]; then
181
-        chroot "$rootdir" mkdir -p ${INSTALL_DIR}
180
+    if [ ! -d "${rootdir}${INSTALL_DIR}" ]; then
181
+        chroot "$rootdir" mkdir -p "${INSTALL_DIR}"
182 182
     fi
183
-    cd ${rootdir}${INSTALL_DIR}
184
-    if [ ! -f ${rootdir}${INSTALL_DIR}/go${GO_VERSION}.linux-${GOARCH}.tar.gz ]; then
183
+    cd "${rootdir}${INSTALL_DIR}" || exit 236487365
184
+    if [ ! -f "${rootdir}${INSTALL_DIR}/go${GO_VERSION}.linux-${GOARCH}.tar.gz" ]; then
185 185
         wget ${GO_SOURCE}
186 186
     fi
187
-    if [ ! -f ${rootdir}${INSTALL_DIR}/go${GO_VERSION}.linux-${GOARCH}.tar.gz ]; then
187
+    if [ ! -f "${rootdir}${INSTALL_DIR}/go${GO_VERSION}.linux-${GOARCH}.tar.gz" ]; then
188 188
         exit 26524
189 189
     fi
190
-    $prefix tar -C /home/go -xzf ${INSTALL_DIR}/go${GO_VERSION}.linux-${GOARCH}.tar.gz
191
-    if [ ! -d ${rootdir}/home/go/go/bin ]; then
190
+    $prefix tar -C /home/go -xzf "${INSTALL_DIR}/go${GO_VERSION}.linux-${GOARCH}.tar.gz"
191
+    if [ ! -d "${rootdir}/home/go/go/bin" ]; then
192 192
         echo 'Go binary not installed'
193 193
         exit 763562
194 194
     fi
195
-    mv ${rootdir}/home/go/go ${rootdir}/home/go/go${GO_VERSION}
196
-    echo "export GOROOT=/home/go" >> ${rootdir}/root/.bashrc
197
-    echo "export GOROOT=/home/go" >> ${rootdir}/etc/skel/.bashrc
198
-    echo "export GOROOT=/home/go" >> ${rootdir}/home/$MY_USERNAME/.bashrc
199
-    echo "export GOROOT=/home/go" >> ${rootdir}/home/go/.bashrc
200
-
201
-    echo "export GOPATH=\$GOROOT/go${GO_VERSION}/bin" >> ${rootdir}/root/.bashrc
202
-    echo "export GOPATH=\$GOROOT/go${GO_VERSION}/bin" >> ${rootdir}/etc/skel/.bashrc
203
-    echo "export GOPATH=\$GOROOT/go${GO_VERSION}/bin" >> ${rootdir}/home/$MY_USERNAME/.bashrc
204
-    echo "export GOPATH=\$GOROOT/go${GO_VERSION}/bin" >> ${rootdir}/home/go/.bashrc
205
-
206
-    echo 'export PATH=$PATH:$GOPATH' >> ${rootdir}/root/.bashrc
207
-    echo 'export PATH=$PATH:$GOPATH' >> ${rootdir}/etc/skel/.bashrc
208
-    echo 'export PATH=$PATH:$GOPATH' >> ${rootdir}/home/$MY_USERNAME/.bashrc
209
-    echo 'export PATH=$PATH:$GOPATH' >> ${rootdir}/home/go/.bashrc
210
-    $prefix chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME
195
+    mv "${rootdir}/home/go/go" "${rootdir}/home/go/go${GO_VERSION}"
196
+    echo "export GOROOT=/home/go" >> "${rootdir}/root/.bashrc"
197
+    echo "export GOROOT=/home/go" >> "${rootdir}/etc/skel/.bashrc"
198
+    echo "export GOROOT=/home/go" >> "${rootdir}/home/$MY_USERNAME/.bashrc"
199
+    echo "export GOROOT=/home/go" >> "${rootdir}/home/go/.bashrc"
200
+
201
+    echo "export GOPATH=\$GOROOT/go${GO_VERSION}/bin" >> "${rootdir}/root/.bashrc"
202
+    echo "export GOPATH=\$GOROOT/go${GO_VERSION}/bin" >> "${rootdir}/etc/skel/.bashrc"
203
+    echo "export GOPATH=\$GOROOT/go${GO_VERSION}/bin" >> "${rootdir}/home/$MY_USERNAME/.bashrc"
204
+    echo "export GOPATH=\$GOROOT/go${GO_VERSION}/bin" >> "${rootdir}/home/go/.bashrc"
205
+
206
+    echo "export PATH=\$PATH:\$GOPATH" >> "${rootdir}/root/.bashrc"
207
+    echo "export PATH=\$PATH:\$GOPATH" >> "${rootdir}/etc/skel/.bashrc"
208
+    echo "export PATH=\$PATH:\$GOPATH" >> "${rootdir}/home/$MY_USERNAME/.bashrc"
209
+    echo "export PATH=\$PATH:\$GOPATH" >> "${rootdir}/home/go/.bashrc"
210
+    $prefix chown -R "$MY_USERNAME":"$MY_USERNAME" "/home/$MY_USERNAME"
211 211
     $prefix chown -R go:go /home/go
212
-    cp ${rootdir}/home/go/go${GO_VERSION}/bin/* ${rootdir}/usr/bin
212
+    cp "${rootdir}/home/go/go${GO_VERSION}/bin/*" "${rootdir}/usr/bin"
213 213
 }
214 214
 
215 215
 function upgrade_golang {
216
-    if grep -Fxq "upgrade_golang:$GO_VERSION" $COMPLETION_FILE; then
216
+    if grep -Fxq "upgrade_golang:$GO_VERSION" "$COMPLETION_FILE"; then
217 217
         return
218 218
     fi
219 219
 

+ 124
- 125
src/freedombone-utils-gpg Zobrazit soubor

@@ -29,57 +29,57 @@
29 29
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
30 30
 
31 31
 function gpg_update_mutt {
32
-    key_username=$1
32
+    key_username="$1"
33 33
 
34
-    if [ ! -f /home/$key_username/.muttrc ]; then
34
+    if [ ! -f "/home/$key_username/.muttrc" ]; then
35 35
         return
36 36
     fi
37 37
 
38 38
     CURR_EMAIL_ADDRESS=$key_username@$HOSTNAME
39
-    CURR_GPG_ID=$(gpg --homedir=/home/$key_username/.gnupg --list-keys $CURR_EMAIL_ADDRESS | sed -n '2p' | sed 's/^[ \t]*//')
39
+    CURR_GPG_ID=$(gpg --homedir="/home/$key_username/.gnupg" --list-keys "$CURR_EMAIL_ADDRESS" | sed -n '2p' | sed 's/^[ \t]*//')
40 40
 
41 41
     # If the default key is specified within gpg.conf
42
-    if [ -f /home/$key_username/gpg.conf ]; then
43
-        if grep -q "default-key" /home/$key_username/gpg.conf; then
44
-            default_gpg_key=$(cat /home/$key_username/gpg.conf | grep "default-key")
42
+    if [ -f "/home/$key_username/gpg.conf" ]; then
43
+        if grep -q "default-key" "/home/$key_username/gpg.conf"; then
44
+            default_gpg_key=$(grep "default-key" "/home/$key_username/gpg.conf")
45 45
             if [[ "$default_gpg_key" != *'#'* ]]; then
46
-                default_gpg_key=$(cat /home/$key_username/gpg.conf | grep "default-key" | awk -F ' ' '{print $2}')
46
+                default_gpg_key=$(grep "default-key" "/home/$key_username/gpg.conf" | awk -F ' ' '{print $2}')
47 47
                 if [ ${#default_gpg_key} -gt 3 ]; then
48
-                    CURR_GPG_ID=$(gpg --homedir=/home/$key_username/.gnupg --list-keys $default_gpg_key | sed -n '2p' | sed 's/^[ \t]*//')
48
+                    CURR_GPG_ID=$(gpg --homedir="/home/$key_username/.gnupg" --list-keys "$default_gpg_key" | sed -n '2p' | sed 's/^[ \t]*//')
49 49
                 fi
50 50
             fi
51 51
         fi
52 52
     fi
53 53
 
54
-    sed -i "s|set pgp_encrypt_only_command.*|set pgp_encrypt_only_command=\"/usr/lib/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --trust-model always --encrypt-to $CURR_GPG_ID -- -r %r -- %f\"|g" /home/$key_username/.muttrc
55
-    sed -i "s|set pgp_encrypt_sign_command.*|set pgp_encrypt_sign_command=\"/usr/lib/mutt/pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --trust-model always --encrypt-to $CURR_GPG_ID -- -r %r -- %f\"|g" /home/$key_username/.muttrc
54
+    sed -i "s|set pgp_encrypt_only_command.*|set pgp_encrypt_only_command=\"/usr/lib/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --trust-model always --encrypt-to $CURR_GPG_ID -- -r %r -- %f\"|g" "/home/$key_username/.muttrc"
55
+    sed -i "s|set pgp_encrypt_sign_command.*|set pgp_encrypt_sign_command=\"/usr/lib/mutt/pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --trust-model always --encrypt-to $CURR_GPG_ID -- -r %r -- %f\"|g" "/home/$key_username/.muttrc"
56 56
 
57
-    chown $key_username:$key_username /home/$key_username/.muttrc
57
+    chown "$key_username":"$key_username" "/home/$key_username/.muttrc"
58 58
 }
59 59
 
60 60
 function gpg_import_public_key {
61
-    key_username=$1
62
-    key_filename=$2
61
+    key_username="$1"
62
+    key_filename="$2"
63 63
 
64
-    gpg --homedir=/home/$key_username/.gnupg --import $key_filename
65
-    gpg_set_permissions $key_username
64
+    gpg --homedir="/home/$key_username/.gnupg" --import "$key_filename"
65
+    gpg_set_permissions "$key_username"
66 66
 }
67 67
 
68 68
 function gpg_import_private_key {
69
-    key_username=$1
70
-    key_filename=$2
69
+    key_username="$1"
70
+    key_filename="$2"
71 71
 
72
-    gpg --homedir=/home/$key_username/.gnupg --allow-secret-key-import --import $key_filename
73
-    gpg_set_permissions $key_username
72
+    gpg --homedir="/home/$key_username/.gnupg" --allow-secret-key-import --import "$key_filename"
73
+    gpg_set_permissions "$key_username"
74 74
 }
75 75
 
76 76
 function gpg_export_public_key {
77
-    key_username=$1
78
-    key_id=$2
79
-    key_filename=$3
77
+    key_username="$1"
78
+    key_id="$2"
79
+    key_filename="$3"
80 80
 
81
-    chown -R $key_username:$key_username /home/$key_username/.gnupg
82
-    su -m root -c "gpg --homedir /home/$key_username/.gnupg --output $key_filename --armor --export $key_id" - $key_username
81
+    chown -R "$key_username":"$key_username" "/home/$key_username/.gnupg"
82
+    su -m root -c "gpg --homedir /home/$key_username/.gnupg --output $key_filename --armor --export $key_id" - "$key_username"
83 83
 }
84 84
 
85 85
 function gpg_export_private_key {
@@ -87,68 +87,68 @@ function gpg_export_private_key {
87 87
     key_id=$2
88 88
     key_filename=$3
89 89
 
90
-    chown -R $key_username:$key_username /home/$key_username/.gnupg
91
-    su -m root -c "gpg --homedir=/home/$key_username/.gnupg --armor --output $key_filename --export-secret-key $key_id" - $key_username
90
+    chown -R "$key_username":"$key_username" "/home/$key_username/.gnupg"
91
+    su -m root -c "gpg --homedir=/home/$key_username/.gnupg --armor --output $key_filename --export-secret-key $key_id" - "$key_username"
92 92
 }
93 93
 
94 94
 function gpg_create_key {
95
-    key_username=$1
96
-    key_passphrase=$2
97
-
98
-    gpg_dir=/home/$key_username/.gnupg
99
-
100
-    echo 'Key-Type: eddsa' > /home/$key_username/gpg-genkey.conf
101
-    echo 'Key-Curve: Ed25519' >> /home/$key_username/gpg-genkey.conf
102
-    echo 'Subkey-Type: eddsa' >> /home/$key_username/gpg-genkey.conf
103
-    echo 'Subkey-Curve: Ed25519' >> /home/$key_username/gpg-genkey.conf
104
-    echo "Name-Real:  $MY_NAME" >> /home/$key_username/gpg-genkey.conf
105
-    echo "Name-Email: $MY_EMAIL_ADDRESS" >> /home/$key_username/gpg-genkey.conf
106
-    echo 'Expire-Date: 0' >> /home/$key_username/gpg-genkey.conf
107
-    cat /home/$key_username/gpg-genkey.conf
108
-    if [ $key_passphrase ]; then
109
-        echo "Passphrase: $key_passphrase" >> /home/$key_username/gpg-genkey.conf
95
+    key_username="$1"
96
+    key_passphrase="$2"
97
+
98
+    gpg_dir="/home/$key_username/.gnupg"
99
+
100
+    { echo 'Key-Type: eddsa';
101
+      echo 'Key-Curve: Ed25519';
102
+      echo 'Subkey-Type: eddsa';
103
+      echo 'Subkey-Curve: Ed25519';
104
+      echo "Name-Real:  $MY_NAME";
105
+      echo "Name-Email: $MY_EMAIL_ADDRESS";
106
+      echo 'Expire-Date: 0'; } > "/home/$key_username/gpg-genkey.conf"
107
+    cat "/home/$key_username/gpg-genkey.conf"
108
+    if [ "$key_passphrase" ]; then
109
+        echo "Passphrase: $key_passphrase" >> "/home/$key_username/gpg-genkey.conf"
110 110
     else
111
-        echo "Passphrase: $PROJECT_NAME" >> /home/$key_username/gpg-genkey.conf
111
+        echo "Passphrase: $PROJECT_NAME" >> "/home/$key_username/gpg-genkey.conf"
112 112
     fi
113
-    chown $key_username:$key_username /home/$key_username/gpg-genkey.conf
113
+    chown "$key_username":"$key_username" "/home/$key_username/gpg-genkey.conf"
114 114
 
115 115
     echo $'Generating a new GPG key'
116
-    su -m root -c "gpg --homedir /home/$key_username/.gnupg --batch --full-gen-key /home/$key_username/gpg-genkey.conf" - $key_username
117
-    chown -R $key_username:$key_username /home/$key_username/.gnupg
116
+    su -m root -c "gpg --homedir /home/$key_username/.gnupg --batch --full-gen-key /home/$key_username/gpg-genkey.conf" - "$key_username"
117
+    chown -R "$key_username":"$key_username" "/home/$key_username/.gnupg"
118 118
     KEY_EXISTS=$(gpg_key_exists "$key_username" "$MY_EMAIL_ADDRESS")
119 119
     if [[ $KEY_EXISTS == "no" ]]; then
120 120
         echo $"A GPG key for $MY_EMAIL_ADDRESS could not be created"
121 121
         exit 63621
122 122
     fi
123
-    shred -zu /home/$key_username/gpg-genkey.conf
123
+    shred -zu "/home/$key_username/gpg-genkey.conf"
124 124
     CURR_GPG_PUBLIC_KEY_ID=$(gpg_pubkey_from_email "$key_username" "$MY_EMAIL_ADDRESS")
125 125
     if [ ${#CURR_GPG_PUBLIC_KEY_ID} -lt 4 ]; then
126 126
         echo $"GPG public key ID could not be obtained for $MY_EMAIL_ADDRESS"
127 127
         exit 825292
128 128
     fi
129
-    gpg_set_permissions $key_username
129
+    gpg_set_permissions "$key_username"
130 130
 }
131 131
 
132 132
 function gpg_delete_key {
133
-    key_username=$1
134
-    key_id=$2
133
+    key_username="$1"
134
+    key_id="$2"
135 135
 
136
-    chown -R $key_username:$key_username /home/$key_username/.gnupg
137
-    su -c "gpg --batch --quiet --homedir=/home/$key_username/.gnupg --delete-secret-key $key_id" - $key_username
138
-    su -c "gpg --batch --quiet --homedir=/home/$key_username/.gnupg --delete-key $key_id" - $key_username
136
+    chown -R "$key_username":"$key_username" "/home/$key_username/.gnupg"
137
+    su -c "gpg --batch --quiet --homedir=/home/$key_username/.gnupg --delete-secret-key $key_id" - "$key_username"
138
+    su -c "gpg --batch --quiet --homedir=/home/$key_username/.gnupg --delete-key $key_id" - "$key_username"
139 139
 }
140 140
 
141 141
 function gpg_set_permissions {
142 142
     key_username=$1
143 143
 
144 144
     if [[ "$key_username" != 'root' ]]; then
145
-        chmod 700 /home/$key_username/.gnupg
146
-        chmod -R 600 /home/$key_username/.gnupg/*
147
-        printf '%%Assuan%%\nsocket=/dev/shm/S.dirmngr\n' > /home/$key_username/.gnupg/S.dirmngr
148
-        if [ -d /home/$key_username/.gnupg/crls.d ]; then
149
-            chmod +x /home/$key_username/.gnupg/crls.d
145
+        chmod 700 "/home/$key_username/.gnupg"
146
+        chmod -R 600 "/home/$key_username/.gnupg/*"
147
+        printf '%%Assuan%%\nsocket=/dev/shm/S.dirmngr\n' > "/home/$key_username/.gnupg/S.dirmngr"
148
+        if [ -d "/home/$key_username/.gnupg/crls.d" ]; then
149
+            chmod +x "/home/$key_username/.gnupg/crls.d"
150 150
         fi
151
-        chown -R $key_username:$key_username /home/$key_username/.gnupg
151
+        chown -R "$key_username":"$key_username" "/home/$key_username/.gnupg"
152 152
     else
153 153
         chmod 700 /root/.gnupg
154 154
         chmod -R 600 /root/.gnupg/*
@@ -156,7 +156,7 @@ function gpg_set_permissions {
156 156
         if [ -d /root/.gnupg/crls.d ]; then
157 157
             chmod +x /root/.gnupg/crls.d
158 158
         fi
159
-        chown -R $key_username:$key_username /root/.gnupg
159
+        chown -R "$key_username":"$key_username" /root/.gnupg
160 160
     fi
161 161
 }
162 162
 
@@ -164,22 +164,22 @@ function gpg_reconstruct_key {
164 164
     key_username=$1
165 165
     key_interactive=$2
166 166
 
167
-    if [ ! -d /home/$key_username/.gnupg_fragments ]; then
167
+    if [ ! -d "/home/$key_username/.gnupg_fragments" ]; then
168 168
         return
169 169
     fi
170
-    cd /home/$key_username/.gnupg_fragments
170
+    cd "/home/$key_username/.gnupg_fragments" || exit 3468346
171
+    # shellcheck disable=SC2012
171 172
     no_of_shares=$(ls -afq keyshare.asc.* | wc -l)
172 173
     if (( no_of_shares < 4 )); then
173
-        if [ $key_interactive ]; then
174
+        if [ "$key_interactive" ]; then
174 175
             dialog --title $"Recover Encryption Keys" --msgbox $'Not enough fragments to reconstruct the key' 6 70
175 176
         else
176 177
             echo $'Not enough fragments to reconstruct the key'
177 178
         fi
178 179
         exit 7348
179 180
     fi
180
-    gfcombine /home/$key_username/.gnupg_fragments/keyshare*
181
-    if [ ! "$?" = "0" ]; then
182
-        if [ $key_interactive ]; then
181
+    if ! gfcombine "/home/$key_username/.gnupg_fragments/keyshare*"; then
182
+        if [ "$key_interactive" ]; then
183 183
             dialog --title $"Recover Encryption Keys" --msgbox $'Unable to reconstruct the key' 6 70
184 184
         else
185 185
             echo $'Unable to reconstruct the key'
@@ -188,8 +188,8 @@ function gpg_reconstruct_key {
188 188
     fi
189 189
 
190 190
     KEYS_FILE=/home/$key_username/.gnupg_fragments/keyshare.asc
191
-    if [ ! -f $KEYS_FILE ]; then
192
-        if [ $key_interactive ]; then
191
+    if [ ! -f "$KEYS_FILE" ]; then
192
+        if [ "$key_interactive" ]; then
193 193
             dialog --title $"Recover Encryption Keys" --msgbox $'Unable to reconstruct the key' 6 70
194 194
         else
195 195
             echo $'Unable to reconstruct the key'
@@ -197,22 +197,21 @@ function gpg_reconstruct_key {
197 197
         exit 52852
198 198
     fi
199 199
 
200
-    gpg --homedir=/home/$key_username/.gnupg --allow-secret-key-import --import $KEYS_FILE
201
-    if [ ! "$?" = "0" ]; then
202
-        shred -zu $KEYS_FILE
203
-        rm -rf /home/$key_username/.tempgnupg
204
-        if [ $key_interactive ]; then
200
+    if ! gpg --homedir="/home/$key_username/.gnupg" --allow-secret-key-import --import "$KEYS_FILE"; then
201
+        shred -zu "$KEYS_FILE"
202
+        rm -rf "/home/$key_username/.tempgnupg"
203
+        if [ "$key_interactive" ]; then
205 204
             dialog --title $"Recover Encryption Keys" --msgbox $'Unable to import gpg key' 6 70
206 205
         else
207 206
             echo $'Unable to import gpg key'
208 207
         fi
209 208
         exit 96547
210 209
     fi
211
-    shred -zu $KEYS_FILE
210
+    shred -zu "$KEYS_FILE"
212 211
 
213
-    gpg_set_permissions $key_username
212
+    gpg_set_permissions "$key_username"
214 213
 
215
-    if [ $key_interactive ]; then
214
+    if [ "$key_interactive" ]; then
216 215
         dialog --title $"Recover Encryption Keys" --msgbox $'Key has been reconstructed' 6 70
217 216
     else
218 217
         echo $'Key has been reconstructed'
@@ -224,9 +223,9 @@ function gpg_agent_setup {
224 223
 
225 224
     if [[ $gpg_username == 'root' ]]; then
226 225
         if ! grep -q 'GPG_TTY' /root/.bashrc; then
227
-            echo '' >> /root/.bashrc
228
-            echo 'GPG_TTY=$(tty)' >> /root/.bashrc
229
-            echo 'export GPG_TTY' >> /root/.bashrc
226
+            { echo '';
227
+              echo "GPG_TTY=\$(tty)";
228
+              echo 'export GPG_TTY'; } >> /root/.bashrc
230 229
         fi
231 230
         if grep -q '# use-agent' /root/.gnupg/gpg.conf; then
232 231
             sed -i 's|# use-agent|use-agent|g' /root/.gnupg/gpg.conf
@@ -234,37 +233,37 @@ function gpg_agent_setup {
234 233
         if ! grep -q 'use-agent' /root/.gnupg/gpg.conf; then
235 234
             echo 'use-agent' >> /root/.gnupg/gpg.conf
236 235
         fi
237
-        echo 'default-cache-ttl 300' > /root/.gnupg/gpg-agent.conf
238
-        echo 'max-cache-ttl 999999' >> /root/.gnupg/gpg-agent.conf
239
-        echo 'allow-loopback-pinentry' >> /root/.gnupg/gpg-agent.conf
236
+        { echo 'default-cache-ttl 300';
237
+          echo 'max-cache-ttl 999999';
238
+          echo 'allow-loopback-pinentry'; } > /root/.gnupg/gpg-agent.conf
240 239
         if [ -f /root/.gnupg/S.dirmngr ]; then
241 240
             rm /root/.gnupg/S.dirmngr
242 241
         fi
243 242
         echo RELOADAGENT | gpg-connect-agent
244 243
     else
245
-        if ! grep -q 'GPG_TTY' /home/$gpg_username/.bashrc; then
246
-            echo '' >> /home/$gpg_username/.bashrc
247
-            echo 'GPG_TTY=$(tty)' >> /home/$gpg_username/.bashrc
248
-            echo 'export GPG_TTY' >> /home/$gpg_username/.bashrc
249
-            chown $gpg_username:$gpg_username /home/$gpg_username/.bashrc
244
+        if ! grep -q 'GPG_TTY' "/home/$gpg_username/.bashrc"; then
245
+            { echo '';
246
+              echo "GPG_TTY=\$(tty)";
247
+              echo 'export GPG_TTY'; } >> "/home/$gpg_username/.bashrc"
248
+            chown "$gpg_username":"$gpg_username" "/home/$gpg_username/.bashrc"
250 249
         fi
251
-        if grep -q '# use-agent' /home/$gpg_username/.gnupg/gpg.conf; then
252
-            sed -i 's|# use-agent|use-agent|g' /home/$gpg_username/.gnupg/gpg.conf
250
+        if grep -q '# use-agent' "/home/$gpg_username/.gnupg/gpg.conf"; then
251
+            sed -i 's|# use-agent|use-agent|g' "/home/$gpg_username/.gnupg/gpg.conf"
253 252
         fi
254
-        if ! grep -q 'use-agent' /home/$gpg_username/.gnupg/gpg.conf; then
255
-            echo 'use-agent' >> /home/$gpg_username/.gnupg/gpg.conf
253
+        if ! grep -q 'use-agent' "/home/$gpg_username/.gnupg/gpg.conf"; then
254
+            echo 'use-agent' >> "/home/$gpg_username/.gnupg/gpg.conf"
256 255
         fi
257
-        if ! grep -q 'pinentry-mode loopback' /home/$gpg_username/.gnupg/gpg.conf; then
258
-            echo 'pinentry-mode loopback' >> /home/$gpg_username/.gnupg/gpg.conf
256
+        if ! grep -q 'pinentry-mode loopback' "/home/$gpg_username/.gnupg/gpg.conf"; then
257
+            echo 'pinentry-mode loopback' >> "/home/$gpg_username/.gnupg/gpg.conf"
259 258
         fi
260
-        echo 'default-cache-ttl 300' > /home/$gpg_username/.gnupg/gpg-agent.conf
261
-        echo 'max-cache-ttl 999999' >> /home/$gpg_username/.gnupg/gpg-agent.conf
262
-        echo 'allow-loopback-pinentry' >> /home/$gpg_username/.gnupg/gpg-agent.conf
263
-        if [ -f /home/$gpg_username/.gnupg/S.dirmngr ]; then
264
-            rm /home/$gpg_username/.gnupg/S.dirmngr
259
+        echo 'default-cache-ttl 300' > "/home/$gpg_username/.gnupg/gpg-agent.conf"
260
+        echo 'max-cache-ttl 999999' >> "/home/$gpg_username/.gnupg/gpg-agent.conf"
261
+        echo 'allow-loopback-pinentry' >> "/home/$gpg_username/.gnupg/gpg-agent.conf"
262
+        if [ -f "/home/$gpg_username/.gnupg/S.dirmngr" ]; then
263
+            rm "/home/$gpg_username/.gnupg/S.dirmngr"
265 264
         fi
266 265
         if [[ "$gpg_username" != "$USER" ]]; then
267
-            su -c "echo RELOADAGENT | gpg-connect-agent" - $gpg_username
266
+            su -c "echo RELOADAGENT | gpg-connect-agent" - "$gpg_username"
268 267
         else
269 268
             echo RELOADAGENT | gpg-connect-agent
270 269
         fi
@@ -277,21 +276,21 @@ function gpg_agent_enable {
277 276
     if [[ $gpg_username == 'root' ]]; then
278 277
         return
279 278
     else
280
-        if grep -q 'GPG_TTY' /home/$gpg_username/.bashrc; then
281
-            sed -i '/GPG_TTY/d' /home/$gpg_username/.bashrc
282
-            chown $gpg_username:$gpg_username /home/$gpg_username/.bashrc
279
+        if grep -q 'GPG_TTY' "/home/$gpg_username/.bashrc"; then
280
+            sed -i '/GPG_TTY/d' "/home/$gpg_username/.bashrc"
281
+            chown "$gpg_username":"$gpg_username" "/home/$gpg_username/.bashrc"
283 282
         fi
284
-        if grep -q 'use-agent' /home/$gpg_username/.gnupg/gpg.conf; then
285
-           sed -i '/use-agent/d' /home/$gpg_username/.gnupg/gpg.conf
283
+        if grep -q 'use-agent' "/home/$gpg_username/.gnupg/gpg.conf"; then
284
+           sed -i '/use-agent/d' "/home/$gpg_username/.gnupg/gpg.conf"
286 285
         fi
287
-        if grep -q 'pinentry-mode loopback' /home/$gpg_username/.gnupg/gpg.conf; then
288
-            sed -i '/pinentry-mode loopback/d' /home/$gpg_username/.gnupg/gpg.conf
286
+        if grep -q 'pinentry-mode loopback' "/home/$gpg_username/.gnupg/gpg.conf"; then
287
+            sed -i '/pinentry-mode loopback/d' "/home/$gpg_username/.gnupg/gpg.conf"
289 288
         fi
290
-        if [ -f /home/$gpg_username/.gnupg/gpg-agent.conf ]; then
291
-            rm /home/$gpg_username/.gnupg/gpg-agent.conf
289
+        if [ -f "/home/$gpg_username/.gnupg/gpg-agent.conf" ]; then
290
+            rm "/home/$gpg_username/.gnupg/gpg-agent.conf"
292 291
         fi
293 292
         if [[ "$gpg_username" != "$USER" ]]; then
294
-            su -c "echo RELOADAGENT | gpg-connect-agent" - $gpg_username
293
+            su -c "echo RELOADAGENT | gpg-connect-agent" - "$gpg_username"
295 294
         else
296 295
             echo RELOADAGENT | gpg-connect-agent
297 296
         fi
@@ -303,46 +302,46 @@ function gpg_pubkey_from_email {
303 302
     key_email_address=$2
304 303
     key_id=
305 304
     if [[ $key_owner_username != "root" ]]; then
306
-        key_id=$(su -c "gpg --list-keys $key_email_address" - $key_owner_username | sed -n '2p' | sed 's/^[ \t]*//')
305
+        key_id=$(su -c "gpg --list-keys $key_email_address" - "$key_owner_username" | sed -n '2p' | sed 's/^[ \t]*//')
307 306
 
308 307
         # If the default key is specified within gpg.conf
309
-        if [ -f /home/$key_owner_username/gpg.conf ]; then
310
-            if grep -q "default-key" /home/$key_owner_username/gpg.conf; then
311
-                default_gpg_key=$(cat /home/$key_owner_username/gpg.conf | grep "default-key")
308
+        if [ -f "/home/$key_owner_username/gpg.conf" ]; then
309
+            if grep -q "default-key" "/home/$key_owner_username/gpg.conf"; then
310
+                default_gpg_key=$(grep "default-key" "/home/$key_owner_username/gpg.conf")
312 311
                 if [[ "$default_gpg_key" != *'#'* ]]; then
313
-                    default_gpg_key=$(cat /home/$key_owner_username/gpg.conf | grep "default-key" | awk -F ' ' '{print $2}')
312
+                    default_gpg_key=$(grep "default-key" "/home/$key_owner_username/gpg.conf" | awk -F ' ' '{print $2}')
314 313
                     if [ ${#default_gpg_key} -gt 3 ]; then
315
-                        key_id=$(su -c "gpg --list-keys $default_gpg_key" - $key_owner_username | sed -n '2p' | sed 's/^[ \t]*//')
314
+                        key_id=$(su -c "gpg --list-keys $default_gpg_key" - "$key_owner_username" | sed -n '2p' | sed 's/^[ \t]*//')
316 315
                     fi
317 316
                 fi
318 317
             fi
319 318
         fi
320 319
     else
321
-        key_id=$(gpg --list-keys $key_email_address | sed -n '2p' | sed 's/^[ \t]*//')
320
+        key_id=$(gpg --list-keys "$key_email_address" | sed -n '2p' | sed 's/^[ \t]*//')
322 321
 
323 322
         # If the default key is specified within gpg.conf
324 323
         if [ -f /root/gpg.conf ]; then
325 324
             if grep -q "default-key" /root/gpg.conf; then
326
-                default_gpg_key=$(cat /root/gpg.conf | grep "default-key")
325
+                default_gpg_key=$(grep "default-key" /root/gpg.conf)
327 326
                 if [[ "$default_gpg_key" != *'#'* ]]; then
328
-                    default_gpg_key=$(cat /root/gpg.conf | grep "default-key" | awk -F ' ' '{print $2}')
327
+                    default_gpg_key=$(grep "default-key" /root/gpg.conf | awk -F ' ' '{print $2}')
329 328
                     if [ ${#default_gpg_key} -gt 3 ]; then
330
-                        key_id=$(gpg --list-keys $default_gpg_key | sed -n '2p' | sed 's/^[ \t]*//')
329
+                        key_id=$(gpg --list-keys "$default_gpg_key" | sed -n '2p' | sed 's/^[ \t]*//')
331 330
                     fi
332 331
                 fi
333 332
             fi
334 333
         fi
335 334
     fi
336
-    echo $key_id
335
+    echo "$key_id"
337 336
 }
338 337
 
339 338
 function enable_email_encryption_at_rest {
340 339
     for d in /home/*/ ; do
341 340
         USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
342 341
         if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
343
-            if grep -q '#| /usr/bin/gpgit.pl' /home/$USERNAME/.procmailrc; then
344
-                sed -i 's@#| /usr/bin/gpgit.pl@| /usr/bin/gpgit.pl@g' /home/$USERNAME/.procmailrc
345
-                sed -i 's|#:0 f|:0 f|g' /home/$USERNAME/.procmailrc
342
+            if grep -q '#| /usr/bin/gpgit.pl' "/home/$USERNAME/.procmailrc"; then
343
+                sed -i 's@#| /usr/bin/gpgit.pl@| /usr/bin/gpgit.pl@g' "/home/$USERNAME/.procmailrc"
344
+                sed -i 's|#:0 f|:0 f|g' "/home/$USERNAME/.procmailrc"
346 345
             fi
347 346
         fi
348 347
     done
@@ -357,9 +356,9 @@ function disable_email_encryption_at_rest {
357 356
     for d in /home/*/ ; do
358 357
         USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
359 358
         if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
360
-            if ! grep -q '#| /usr/bin/gpgit.pl' /home/$USERNAME/.procmailrc; then
361
-                sed -i 's@| /usr/bin/gpgit.pl@#| /usr/bin/gpgit.pl@g' /home/$USERNAME/.procmailrc
362
-                sed -i 's|:0 f|#:0 f|g' /home/$USERNAME/.procmailrc
359
+            if ! grep -q '#| /usr/bin/gpgit.pl' "/home/$USERNAME/.procmailrc"; then
360
+                sed -i 's@| /usr/bin/gpgit.pl@#| /usr/bin/gpgit.pl@g' "/home/$USERNAME/.procmailrc"
361
+                sed -i 's|:0 f|#:0 f|g' "/home/$USERNAME/.procmailrc"
363 362
             fi
364 363
         fi
365 364
     done

+ 17
- 17
src/freedombone-utils-guile Zobrazit soubor

@@ -37,14 +37,14 @@ EIGHTSYNC_COMMIT='8cbb7f22227c0afdd3b0bd758ebec0efba2fa1e1'
37 37
 function install_8sync {
38 38
     apt-get -qy install flex libunistring-dev libgc-dev autoconf texinfo
39 39
 
40
-    if [ ! -d $INSTALL_DIR ]; then
41
-        mkdir $INSTALL_DIR
40
+    if [ ! -d "$INSTALL_DIR" ]; then
41
+        mkdir "$INSTALL_DIR"
42 42
     fi
43
-    cd $INSTALL_DIR
43
+    cd "$INSTALL_DIR" || exit 67832456
44 44
 
45
-    git_clone $EIGHTSYNC_REPO $INSTALL_DIR/eightsync
46
-    cd $INSTALL_DIR/eightsync
47
-    git checkout ${EIGHTSYNC_COMMIT} -b ${EIGHTSYNC_COMMIT}
45
+    git_clone "$EIGHTSYNC_REPO" "$INSTALL_DIR/eightsync"
46
+    cd "$INSTALL_DIR/eightsync" || exit 23468346
47
+    git checkout "${EIGHTSYNC_COMMIT}" -b "${EIGHTSYNC_COMMIT}"
48 48
 
49 49
     export GUILE_BASE_PATH=/opt/guile-${GUILE_VERSION}
50 50
     export GUILE_CFLAGS="-I${GUILE_BASE_PATH}/include"
@@ -67,31 +67,31 @@ function install_guile {
67 67
 
68 68
     apt-get -qy install flex libunistring-dev libgc-dev autoconf texinfo lzip wget
69 69
 
70
-    if [ ! -d $INSTALL_DIR ]; then
71
-        mkdir $INSTALL_DIR
70
+    if [ ! -d "$INSTALL_DIR" ]; then
71
+        mkdir "$INSTALL_DIR"
72 72
     fi
73
-    cd $INSTALL_DIR
73
+    cd "$INSTALL_DIR" || exit 4298497
74 74
 
75
-    if [ ! -f guile-${GUILE_VERSION}-pack-${GUILE_ARCH}-linux-gnu.tar.lz ]; then
76
-        wget https://ftp.gnu.org/gnu/guile/guile-${GUILE_VERSION}-pack-${GUILE_ARCH}-linux-gnu.tar.lz
75
+    if [ ! -f "guile-${GUILE_VERSION}-pack-${GUILE_ARCH}-linux-gnu.tar.lz" ]; then
76
+        wget "https://ftp.gnu.org/gnu/guile/guile-${GUILE_VERSION}-pack-${GUILE_ARCH}-linux-gnu.tar.lz"
77 77
     fi
78
-    if [ ! -f guile-${GUILE_VERSION}-pack-${GUILE_ARCH}-linux-gnu.tar.lz ]; then
78
+    if [ ! -f "guile-${GUILE_VERSION}-pack-${GUILE_ARCH}-linux-gnu.tar.lz" ]; then
79 79
         echo 'Unable to download guile pack'
80 80
         exit 6735238
81 81
     fi
82
-    CURR_GUILE_HASH=$(sha256sum guile-${GUILE_VERSION}-pack-${GUILE_ARCH}-linux-gnu.tar.lz | awk -F ' ' '{print $1}')
82
+    CURR_GUILE_HASH=$(sha256sum "guile-${GUILE_VERSION}-pack-${GUILE_ARCH}-linux-gnu.tar.lz" | awk -F ' ' '{print $1}')
83 83
     if [[ "$CURR_GUILE_HASH" != "$GUILE_HASH" ]]; then
84 84
         echo 'Guile hash does not match'
85 85
         exit 7237625
86 86
     fi
87
-    cd /
88
-    tar xvf $INSTALL_DIR/guile-${GUILE_VERSION}-pack-${GUILE_ARCH}-linux-gnu.tar.lz
89
-    if [ ! -d /opt/guile-${GUILE_VERSION}/bin ]; then
87
+    cd / || exit 73563635
88
+    tar xvf "$INSTALL_DIR/guile-${GUILE_VERSION}-pack-${GUILE_ARCH}-linux-gnu.tar.lz"
89
+    if [ ! -d "/opt/guile-${GUILE_VERSION}/bin" ]; then
90 90
         echo 'Guile was not installed'
91 91
         exit 825269
92 92
     fi
93 93
     echo "export GUILE_PATH=/opt/guile-${GUILE_VERSION}/bin" >> ~/.bashrc
94
-    echo 'export PATH=$PATH:$GUILE_PATH' >> ~/.bashrc
94
+    echo "export PATH=\$PATH:\$GUILE_PATH" >> ~/.bashrc
95 95
 }
96 96
 
97 97
 # NOTE: deliberately no exit 0

+ 5
- 3
src/freedombone-utils-i2p Zobrazit soubor

@@ -34,12 +34,12 @@
34 34
 I2P_DOMAIN='deb.i2p2.de'
35 35
 
36 36
 function install_i2p {
37
-    if [ ! -d $INSTALL_DIR ]; then
38
-       mkdir -p $INSTALL_DIR
37
+    if [ ! -d "$INSTALL_DIR" ]; then
38
+       mkdir -p "$INSTALL_DIR"
39 39
     fi
40 40
 
41 41
     # install the gpg key
42
-    cd $INSTALL_DIR
42
+    cd "$INSTALL_DIR" || exit 346735
43 43
     if [ -f i2p-debian-repo.key.asc ]; then
44 44
         rm i2p-debian-repo.key.asc
45 45
     fi
@@ -121,3 +121,5 @@ function i2p_enable_sam {
121 121
     sed -i 's|clientApp.1.startOnLoad=.*|clientApp.1.startOnLoad=true|g' /var/lib/i2p/i2p-config/clients.config
122 122
     systemctl restart i2p
123 123
 }
124
+
125
+# NOTE: deliberately no exit 0

+ 61
- 58
src/freedombone-utils-interactive Zobrazit soubor

@@ -32,14 +32,13 @@ function interactive_configuration_remote_backups {
32 32
     if [[ $SYSTEM_TYPE == "mesh"* ]]; then
33 33
         return
34 34
     fi
35
-    if [ ! -f /usr/local/bin/${PROJECT_NAME}-remote ]; then
36
-        if [ ! -f /usr/bin/${PROJECT_NAME}-remote ]; then
35
+    if [ ! -f "/usr/local/bin/${PROJECT_NAME}-remote" ]; then
36
+        if [ ! -f "/usr/bin/${PROJECT_NAME}-remote" ]; then
37 37
             echo $"The command ${PROJECT_NAME}-remote was not found"
38 38
             exit 87354
39 39
         fi
40 40
     fi
41
-    ${PROJECT_NAME}-remote -u $MY_USERNAME -l $FRIENDS_SERVERS_LIST -m $MINIMUM_PASSWORD_LENGTH -r yes
42
-    if [ ! "$?" = "0" ]; then
41
+    if ! "${PROJECT_NAME}-remote" -u "$MY_USERNAME" -l "$FRIENDS_SERVERS_LIST" -m "$MINIMUM_PASSWORD_LENGTH" -r yes; then
43 42
         echo $'Command failed:'
44 43
         echo ''
45 44
         echo $"  ${PROJECT_NAME}-remote -u $MY_USERNAME -l $FRIENDS_SERVERS_LIST -m $MINIMUM_PASSWORD_LENGTH -r yes"
@@ -49,8 +48,8 @@ function interactive_configuration_remote_backups {
49 48
 }
50 49
 
51 50
 function interactive_configuration {
52
-    if [ ! -f /usr/local/bin/${PROJECT_NAME}-config ]; then
53
-        if [ ! -f /usr/bin/${PROJECT_NAME}-config ]; then
51
+    if [ ! -f "/usr/local/bin/${PROJECT_NAME}-config" ]; then
52
+        if [ ! -f "/usr/bin/${PROJECT_NAME}-config" ]; then
54 53
             echo $"The command ${PROJECT_NAME}-config was not found"
55 54
             exit 63935
56 55
         fi
@@ -59,32 +58,32 @@ function interactive_configuration {
59 58
         rm -f /tmp/meshuserdevice
60 59
     fi
61 60
 
62
-    if [ $SOCIALINSTANCE ]; then
63
-        ${PROJECT_NAME}-config \
64
-                       -f $CONFIGURATION_FILE \
65
-                       -w $PROJECT_WEBSITE \
66
-                       -m $MINIMUM_PASSWORD_LENGTH \
61
+    if [ "$SOCIALINSTANCE" ]; then
62
+        "${PROJECT_NAME}-config" \
63
+                       -f "$CONFIGURATION_FILE" \
64
+                       -w "$PROJECT_WEBSITE" \
65
+                       -m "$MINIMUM_PASSWORD_LENGTH" \
67 66
                        --minimal "yes" \
68
-                       --social $SOCIALINSTANCE
67
+                       --social "$SOCIALINSTANCE"
69 68
     else
70 69
         if [[ $ONION_ONLY == "no" ]]; then
71 70
             if [[ $MINIMAL_INSTALL == "no" ]]; then
72
-                ${PROJECT_NAME}-config \
73
-                               -f $CONFIGURATION_FILE \
74
-                               -w $PROJECT_WEBSITE \
75
-                               -m $MINIMUM_PASSWORD_LENGTH
71
+                "${PROJECT_NAME}-config" \
72
+                               -f "$CONFIGURATION_FILE" \
73
+                               -w "$PROJECT_WEBSITE" \
74
+                               -m "$MINIMUM_PASSWORD_LENGTH"
76 75
             else
77
-                ${PROJECT_NAME}-config \
78
-                               -f $CONFIGURATION_FILE \
79
-                               -w $PROJECT_WEBSITE \
80
-                               -m $MINIMUM_PASSWORD_LENGTH \
76
+                "${PROJECT_NAME}-config" \
77
+                               -f "$CONFIGURATION_FILE" \
78
+                               -w "$PROJECT_WEBSITE" \
79
+                               -m "$MINIMUM_PASSWORD_LENGTH" \
81 80
                                --minimal "yes"
82 81
             fi
83 82
         else
84
-            ${PROJECT_NAME}-config \
85
-                           -f $CONFIGURATION_FILE \
86
-                           -w $PROJECT_WEBSITE \
87
-                           -m $MINIMUM_PASSWORD_LENGTH \
83
+            "${PROJECT_NAME}-config" \
84
+                           -f "$CONFIGURATION_FILE" \
85
+                           -w "$PROJECT_WEBSITE" \
86
+                           -m "$MINIMUM_PASSWORD_LENGTH" \
88 87
                            --onion "yes"
89 88
         fi
90 89
     fi
@@ -93,6 +92,7 @@ function interactive_configuration {
93 92
         rm -f /tmp/meshuserdevice
94 93
         exit 0
95 94
     fi
95
+    # shellcheck disable=SC2181
96 96
     if [ ! "$?" = "0" ]; then
97 97
         echo $'Command failed:'
98 98
         echo ''
@@ -107,7 +107,7 @@ function interactive_configuration {
107 107
         dialog --title $"Encrypted backup to other servers" \
108 108
                --backtitle $"${PROJECT_NAME} Configuration" \
109 109
                --defaultno \
110
-               --yesno $"\nDo you wish to configure some remote backup locations?" 7 60
110
+               --yesno $"\\nDo you wish to configure some remote backup locations?" 7 60
111 111
         sel=$?
112 112
         case $sel in
113 113
             0) interactive_configuration_remote_backups;;
@@ -121,53 +121,55 @@ function interactive_site_details {
121 121
 
122 122
     SITE_BACKTITLE=$"Freedombone Configuration"
123 123
     SITE_CONFIG_TITLE=$"${site_name^} Configuration"
124
-    SITE_FORM_TEXT=$"\nPlease enter your ${site_name^} details.\n\nIMPORTANT: This should be a domain name which is supported by Let's Encrypt:"
124
+    SITE_FORM_TEXT=$"\\nPlease enter your ${site_name^} details.\\n\\nIMPORTANT: This should be a domain name which is supported by Let's Encrypt:"
125 125
     SITE_DOMAIN_NAME=
126 126
     SITE_CODE=
127 127
     SITE_DETAILS_COMPLETE=
128 128
     while [ ! $SITE_DETAILS_COMPLETE ]
129 129
     do
130
-        data=$(tempfile 2>/dev/null)
131
-        trap "rm -f $data" 0 1 2 5 15
130
+        data=$(mktemp 2>/dev/null)
132 131
         if [[ $DDNS_PROVIDER == "default@freedns.afraid.org" ]]; then
133 132
             dialog --backtitle "$SITE_BACKTITLE" \
134 133
                    --title "$SITE_CONFIG_TITLE" \
135 134
                    --form "$SITE_FORM_TEXT" 14 55 3 \
136
-                   $"Domain:" 1 1 "$(grep '${site_name_upper}_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 1 16 33 40 \
137
-                   $"Code:" 2 1 "$(grep '${site_name_upper}_CODE' temp.cfg | awk -F '=' '{print $2}')" 2 16 33 255 \
138
-                   2> $data
135
+                   $"Domain:" 1 1 "$(grep "${site_name_upper}_DOMAIN_NAME" temp.cfg | awk -F '=' '{print $2}')" 1 16 33 40 \
136
+                   $"Code:" 2 1 "$(grep "${site_name_upper}_CODE" temp.cfg | awk -F '=' '{print $2}')" 2 16 33 255 \
137
+                   2> "$data"
139 138
         else
140 139
             dialog --backtitle "$SITE_BACKTITLE" \
141 140
                    --title "$SITE_CONFIG_TITLE" \
142 141
                    --form "$SITE_FORM_TEXT" 11 55 3 \
143
-                   $"Domain:" 1 1 "$(grep '${site_name_upper}_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 1 16 33 40 \
144
-                   2> $data
142
+                   $"Domain:" 1 1 "$(grep "${site_name_upper}_DOMAIN_NAME" temp.cfg | awk -F '=' '{print $2}')" 1 16 33 40 \
143
+                   2> "$data"
145 144
         fi
146 145
         sel=$?
147 146
         case $sel in
148
-            1) exit 1;;
149
-            255) exit 1;;
147
+            1) rm -f "$data"
148
+               exit 1;;
149
+            255) rm -f "$data"
150
+                 exit 1;;
150 151
         esac
151
-        SITE_DOMAIN_NAME=$(cat $data | sed -n 1p)
152
-        if [ $SITE_DOMAIN_NAME ]; then
152
+        SITE_DOMAIN_NAME=$(sed -n 1p < "$data")
153
+        if [ "$SITE_DOMAIN_NAME" ]; then
153 154
             TEST_DOMAIN_NAME=$SITE_DOMAIN_NAME
154 155
             validate_domain_name
155
-            if [[ $TEST_DOMAIN_NAME != $SITE_DOMAIN_NAME ]]; then
156
+            if [[ "$TEST_DOMAIN_NAME" != "$SITE_DOMAIN_NAME" ]]; then
156 157
                 SITE_DOMAIN_NAME=
157 158
                 dialog --title $"Domain name validation" --msgbox "$TEST_DOMAIN_NAME" 15 50
158 159
             else
159
-                if [[ $DDNS_PROVIDER == "default@freedns.afraid.org" ]]; then
160
-                    SITE_CODE=$(cat $data | sed -n 2p)
160
+                if [[ "$DDNS_PROVIDER" == "default@freedns.afraid.org" ]]; then
161
+                    SITE_CODE=$(sed -n 2p < "$data")
161 162
                     validate_freedns_code "$SITE_CODE"
162
-                    if [ ! $VALID_CODE ]; then
163
+                    if [ ! "$VALID_CODE" ]; then
163 164
                         SITE_DOMAIN_NAME=
164 165
                     fi
165 166
                 fi
166 167
             fi
167 168
         fi
168
-        if [ $SITE_DOMAIN_NAME ]; then
169
+        if [ "$SITE_DOMAIN_NAME" ]; then
169 170
             SITE_DETAILS_COMPLETE="yes"
170 171
         fi
172
+        rm -f "$data"
171 173
     done
172 174
 
173 175
     # save the results in the config file
@@ -192,31 +194,31 @@ function interactive_site_details_with_title {
192 194
     SITE_DETAILS_COMPLETE=
193 195
     while [ ! $SITE_DETAILS_COMPLETE ]
194 196
     do
195
-        data=$(tempfile 2>/dev/null)
196
-        trap "rm -f $data" 0 1 2 5 15
197
+        data=$(mktemp 2>/dev/null)
197 198
         if [[ $DDNS_PROVIDER == "default@freedns.afraid.org" ]]; then
198 199
                 dialog --backtitle $"Freedombone Configuration" \
199 200
                        --title "$SITE_BACKTITLE" \
200 201
                        --form "$SITE_FORM_TEXT" 14 55 4 \
201
-                       $"Title:" 1 1 "$(grep '$SITE_TITLE' temp.cfg | awk -F '=' '{print $2}')" 1 16 33 40 \
202
-                       $"Domain:" 2 1 "$(grep '$SITE_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 2 16 33 40 \
203
-                       $"Code:" 3 1 "$(grep '$SITE_CODE' temp.cfg | awk -F '=' '{print $2}')" 3 16 33 255 \
204
-                       2> $data
202
+                       $"Domain:" 2 1 "$(grep "$SITE_DOMAIN_NAME" temp.cfg | awk -F '=' '{print $2}')" 2 16 33 40 \
203
+                       $"Code:" 3 1 "$(grep "$SITE_CODE" temp.cfg | awk -F '=' '{print $2}')" 3 16 33 255 \
204
+                       2> "$data"
205 205
         else
206 206
             dialog --backtitle "$SITE_BACKTITLE" \
207 207
                    --title "$SITE_CONFIG_TITLE" \
208 208
                    --form "$SITE_FORM_TEXT" 11 55 3 \
209
-                   $"Title:" 1 1 "$(grep '$SITE_TITLE' temp.cfg | awk -F '=' '{print $2}')" 1 16 33 40 \
210
-                   $"Domain:" 2 1 "$(grep '$SITE_DOMAIN_NAME' temp.cfg | awk -F '=' '{print $2}')" 2 16 33 40 \
211
-                   2> $data
209
+                   $"Title:" 1 1 "$(grep "$SITE_TITLE" temp.cfg | awk -F '=' '{print $2}')" 1 16 33 40 \
210
+                   $"Domain:" 2 1 "$(grep "$SITE_DOMAIN_NAME" temp.cfg | awk -F '=' '{print $2}')" 2 16 33 40 \
211
+                   2> "$data"
212 212
         fi
213 213
         sel=$?
214 214
         case $sel in
215
-            1) exit 1;;
216
-            255) exit 1;;
215
+            1) rm -f "$data"
216
+               exit 1;;
217
+            255) rm -f "$data"
218
+                 exit 1;;
217 219
         esac
218
-        SITE_TITLE=$(cat $data | sed -n 1p)
219
-        SITE_DOMAIN_NAME=$(cat $data | sed -n 2p)
220
+        SITE_TITLE=$(sed -n 1p < "$data")
221
+        SITE_DOMAIN_NAME=$(sed -n 2p < "$data")
220 222
         site_domain_name_str="$SITE_DOMAIN_NAME"
221 223
         if [ ${#site_domain_name_str} -gt 1 ]; then
222 224
             TEST_DOMAIN_NAME="$SITE_DOMAIN_NAME"
@@ -225,10 +227,10 @@ function interactive_site_details_with_title {
225 227
                 SITE_DOMAIN_NAME=
226 228
                 dialog --title $"Domain name validation" --msgbox "$TEST_DOMAIN_NAME" 15 50
227 229
             else
228
-                if [[ $DDNS_PROVIDER == "default@freedns.afraid.org" ]]; then
229
-                    SITE_CODE=$(cat $data | sed -n 3p)
230
+                if [[ "$DDNS_PROVIDER" == "default@freedns.afraid.org" ]]; then
231
+                    SITE_CODE=$(sed -n 3p < "$data")
230 232
                     validate_freedns_code "${SITE_CODE}"
231
-                    if [ ! $VALID_CODE ]; then
233
+                    if [ ! "$VALID_CODE" ]; then
232 234
                         SITE_DOMAIN_NAME=
233 235
                     fi
234 236
                 fi
@@ -240,6 +242,7 @@ function interactive_site_details_with_title {
240 242
                 SITE_DETAILS_COMPLETE="yes"
241 243
             fi
242 244
         fi
245
+        rm -f "$data"
243 246
     done
244 247
 
245 248
     # save the results in the config file

+ 78
- 76
src/freedombone-utils-keys Zobrazit soubor

@@ -41,137 +41,137 @@ function interactive_gpg_from_usb {
41 41
     do
42 42
         detect_usb_drive
43 43
 
44
-        if [ ! -b $USB_DRIVE ]; then
44
+        if [ ! -b "$USB_DRIVE" ]; then
45 45
             if (( GPG_CTR > 0 )); then
46
-                gpg_reconstruct_key $MY_USERNAME interactive
47
-                gpg_update_mutt $MY_USERNAME
46
+                gpg_reconstruct_key "$MY_USERNAME" interactive
47
+                gpg_update_mutt "$MY_USERNAME"
48 48
                 return 0
49 49
             fi
50 50
             dialog --title $"Recover Encryption Keys" --msgbox $'No USB drive found' 6 30
51 51
             exit 739836
52 52
         fi
53 53
 
54
-        backup_mount_drive ${USB_DRIVE} ${MY_USERNAME}
54
+        backup_mount_drive "${USB_DRIVE}" "${MY_USERNAME}"
55 55
 
56
-        if [ ! -d $USB_MOUNT ]; then
56
+        if [ ! -d "$USB_MOUNT" ]; then
57 57
             if (( GPG_CTR > 0 )); then
58
-                backup_unmount_drive ${USB_DRIVE}
59
-                gpg_reconstruct_key $MY_USERNAME interactive
58
+                backup_unmount_drive "${USB_DRIVE}"
59
+                gpg_reconstruct_key "$MY_USERNAME" interactive
60 60
                 return 0
61 61
             fi
62 62
             dialog --title $"Recover Encryption Keys" \
63 63
                    --msgbox $"There was a problem mounting the USB drive $USB_DRIVE to $USB_MOUNT" 6 70
64
-            backup_unmount_drive ${USB_DRIVE}
64
+            backup_unmount_drive "${USB_DRIVE}"
65 65
             exit 74393
66 66
         fi
67 67
 
68
-        if [ ! -d $USB_MOUNT/.gnupg ]; then
69
-            if [ ! -d $USB_MOUNT/.gnupg_fragments ]; then
68
+        if [ ! -d "$USB_MOUNT/.gnupg" ]; then
69
+            if [ ! -d "$USB_MOUNT/.gnupg_fragments" ]; then
70 70
                 if (( GPG_CTR > 0 )); then
71
-                    backup_unmount_drive ${USB_DRIVE}
72
-                    gpg_reconstruct_key $MY_USERNAME interactive
73
-                    gpg_update_mutt $MY_USERNAME
71
+                    backup_unmount_drive "${USB_DRIVE}"
72
+                    gpg_reconstruct_key "$MY_USERNAME" interactive
73
+                    gpg_update_mutt "$MY_USERNAME"
74 74
                     return 0
75 75
                 fi
76 76
                 dialog --title $"Recover Encryption Keys" \
77 77
                        --msgbox $"The directory $USB_MOUNT/.gnupg or $USB_MOUNT/.gnupg_fragments was not found" 6 70
78
-                backup_unmount_drive ${USB_DRIVE}
78
+                backup_unmount_drive "${USB_DRIVE}"
79 79
                 exit 723814
80 80
             fi
81 81
         fi
82 82
 
83
-        if [ -d $USB_MOUNT/letsencrypt ]; then
83
+        if [ -d "$USB_MOUNT/letsencrypt" ]; then
84 84
             if [ ! -d /etc/letsencrypt ]; then
85 85
                 mkdir /etc/letsencrypt
86 86
             fi
87 87
             echo $'Recovering LetsEncrypt keys'
88
-            cp -r $USB_MOUNT/letsencrypt/* /etc/letsencrypt
88
+            cp -r "$USB_MOUNT/letsencrypt/*" /etc/letsencrypt
89 89
             addgroup ssl-cert
90 90
             chown -R root:ssl-cert /etc/letsencrypt
91 91
         fi
92 92
 
93
-        if [ -f $USB_MOUNT/.mastergpgkey ]; then
93
+        if [ -f "$USB_MOUNT/.mastergpgkey" ]; then
94 94
             # Recovering keys from file rather than just copying the gnupg
95 95
             # directory may help to avoid problems during upgrades/reinstalls
96
-            if [ ! -f $USB_MOUNT/.backupgpgkey ]; then
96
+            if [ ! -f "$USB_MOUNT/.backupgpgkey" ]; then
97 97
                 echo $'No backup key file found on USB drive'
98 98
                 exit 725729
99 99
             fi
100 100
             CURR_EMAIL_ADDRESS=$MY_USERNAME@$HOSTNAME
101
-            CURR_GPG_ID=$(gpg --homedir=$HOME_DIR/.gnupg --list-keys $CURR_EMAIL_ADDRESS | sed -n '2p' | sed 's/^[ \t]*//')
102
-            CURR_GPG_BACKUP_ID=$(gpg --homedir=$HOME_DIR/.gnupg --list-keys "(backup key)" | sed -n '2p' | sed 's/^[ \t]*//')
101
+            CURR_GPG_ID=$(gpg --homedir="$HOME_DIR/.gnupg" --list-keys "$CURR_EMAIL_ADDRESS" | sed -n '2p' | sed 's/^[ \t]*//')
102
+            CURR_GPG_BACKUP_ID=$(gpg --homedir="$HOME_DIR/.gnupg" --list-keys "(backup key)" | sed -n '2p' | sed 's/^[ \t]*//')
103 103
 
104 104
             # If the default key is specified within gpg.conf
105
-            if [ -f $HOME_DIR/gpg.conf ]; then
106
-                if grep -q "default-key" $HOME_DIR/gpg.conf; then
107
-                    default_gpg_key=$(cat $HOME_DIR/gpg.conf | grep "default-key")
105
+            if [ -f "$HOME_DIR/gpg.conf" ]; then
106
+                if grep -q "default-key" "$HOME_DIR/gpg.conf"; then
107
+                    default_gpg_key=$(grep "default-key" "$HOME_DIR/gpg.conf")
108 108
                     if [[ "$default_gpg_key" != *'#'* ]]; then
109
-                        default_gpg_key=$(cat $HOME_DIR/gpg.conf | grep "default-key" | awk -F ' ' '{print $2}')
109
+                        default_gpg_key=$(grep "default-key" "$HOME_DIR/gpg.conf" | awk -F ' ' '{print $2}')
110 110
                         if [ ${#default_gpg_key} -gt 3 ]; then
111
-                            CURR_GPG_ID=$(gpg --homedir=$HOME_DIR/.gnupg --list-keys $default_gpg_key | sed -n '2p' | sed 's/^[ \t]*//')
111
+                            CURR_GPG_ID=$(gpg --homedir="$HOME_DIR/.gnupg" --list-keys "$default_gpg_key" | sed -n '2p' | sed 's/^[ \t]*//')
112 112
                         fi
113 113
                     fi
114 114
                 fi
115 115
             fi
116 116
 
117 117
             echo $'Making backup copy of existing gpg keys'
118
-            if [ -d $HOME_DIR/.gnupg ]; then
119
-                if [ -d $HOME_DIR/.gnupg_old ]; then
120
-                    rm -rf $HOME_DIR/.gnupg_old
118
+            if [ -d "$HOME_DIR/.gnupg" ]; then
119
+                if [ -d "$HOME_DIR/.gnupg_old" ]; then
120
+                    rm -rf "$HOME_DIR/.gnupg_old"
121 121
                 fi
122
-                cp -r $HOME_DIR/.gnupg $HOME_DIR/.gnupg_old
123
-                chmod 700 $HOME_DIR/.gnupg_old
124
-                chmod -R 600 $HOME_DIR/.gnupg_old/*
125
-                chown -R $MY_USERNAME:$MY_USERNAME $HOME_DIR/.gnupg_old
122
+                cp -r "$HOME_DIR/.gnupg $HOME_DIR/.gnupg_old"
123
+                chmod 700 "$HOME_DIR/.gnupg_old"
124
+                chmod -R 600 "$HOME_DIR/.gnupg_old/*"
125
+                chown -R "$MY_USERNAME":"$MY_USERNAME" "$HOME_DIR/.gnupg_old"
126 126
             fi
127 127
             echo $'Removing old gpg keys'
128
-            gpg_delete_key $MY_USERNAME $CURR_GPG_BACKUP_ID
129
-            gpg_delete_key $MY_USERNAME $CURR_GPG_ID
128
+            gpg_delete_key "$MY_USERNAME" "$CURR_GPG_BACKUP_ID"
129
+            gpg_delete_key "$MY_USERNAME" "$CURR_GPG_ID"
130 130
             echo $'Importing master keys'
131
-            gpg --homedir=$HOME_DIR/.gnupg --allow-secret-key-import --import $USB_MOUNT/.mastergpgkey
132
-            echo "$BACKUP_DUMMY_PASSWORD" | gpg --batch --passphrase-fd 0 --homedir=$HOME_DIR/.gnupg --allow-secret-key-import --import $USB_MOUNT/.backupgpgkey
133
-            if [ -d $HOME_DIR/.gnupg ]; then
131
+            gpg --homedir="$HOME_DIR/.gnupg" --allow-secret-key-import --import "$USB_MOUNT/.mastergpgkey"
132
+            echo "$BACKUP_DUMMY_PASSWORD" | gpg --batch --passphrase-fd 0 --homedir="$HOME_DIR/.gnupg" --allow-secret-key-import --import "$USB_MOUNT/.backupgpgkey"
133
+            if [ -d "$HOME_DIR/.gnupg" ]; then
134 134
                 echo $'Setting permissions'
135
-                gpg_set_permissions $MY_USERNAME
135
+                gpg_set_permissions "$MY_USERNAME"
136 136
                 echo $"Updating muttrc for $MY_USERNAME"
137
-                gpg_update_mutt $MY_USERNAME
137
+                gpg_update_mutt "$MY_USERNAME"
138 138
             fi
139 139
             GPG_LOADING="no"
140 140
             dialog --title $"Recover Encryption Keys" \
141 141
                    --msgbox $"GPG Keyring loaded to $HOME_DIR from master keydrive" 6 70
142 142
         else
143
-            if [ -d $USB_MOUNT/.gnupg ]; then
144
-                if [ ! -d $HOME_DIR/.gnupg ]; then
145
-                    mkdir $HOME_DIR/.gnupg
143
+            if [ -d "$USB_MOUNT/.gnupg" ]; then
144
+                if [ ! -d "$HOME_DIR/.gnupg" ]; then
145
+                    mkdir "$HOME_DIR/.gnupg"
146 146
                 fi
147 147
                 echo $'Recovering GPG keys'
148
-                cp -r $USB_MOUNT/.gnupg/* $HOME_DIR/.gnupg
148
+                cp -r "$USB_MOUNT/.gnupg/*" "$HOME_DIR/.gnupg"
149 149
                 GPG_LOADING="no"
150 150
                 dialog --title $"Recover Encryption Keys" \
151 151
                        --msgbox $"GPG Keyring directory loaded to $HOME_DIR" 6 70
152 152
             else
153 153
                 # Collect fragments from the USB drive
154
-                if [ ! -d $HOME_DIR/.gnupg_fragments ]; then
155
-                    mkdir $HOME_DIR/.gnupg_fragments
154
+                if [ ! -d "$HOME_DIR/.gnupg_fragments" ]; then
155
+                    mkdir "$HOME_DIR/.gnupg_fragments"
156 156
                 fi
157
-                cp -r $USB_MOUNT/.gnupg_fragments/* $HOME_DIR/.gnupg_fragments
157
+                cp -r "$USB_MOUNT/.gnupg_fragments/*" "$HOME_DIR/.gnupg_fragments"
158 158
             fi
159 159
         fi
160 160
 
161
-        if [[ $SSH_IMPORTED == "no" ]]; then
162
-            if [ -d $USB_MOUNT/.ssh ]; then
163
-                if [ ! -d $HOME_DIR/.ssh ]; then
164
-                    mkdir $HOME_DIR/.ssh
161
+        if [[ "$SSH_IMPORTED" == "no" ]]; then
162
+            if [ -d "$USB_MOUNT/.ssh" ]; then
163
+                if [ ! -d "$HOME_DIR/.ssh" ]; then
164
+                    mkdir "$HOME_DIR/.ssh"
165 165
                 fi
166
-                cp $USB_MOUNT/.ssh/* $HOME_DIR/.ssh
166
+                cp "$USB_MOUNT/.ssh/*" "$HOME_DIR/.ssh"
167 167
                 dialog --title $"Recover Encryption Keys" \
168 168
                        --msgbox $"ssh keys imported" 6 70
169 169
                 SSH_IMPORTED="yes"
170 170
             fi
171 171
         fi
172 172
 
173
-        if [ -d $USB_MOUNT ]; then
174
-            backup_unmount_drive ${USB_DRIVE}
173
+        if [ -d "$USB_MOUNT" ]; then
174
+            backup_unmount_drive "${USB_DRIVE}"
175 175
         fi
176 176
         if [[ $GPG_LOADING == "yes" ]]; then
177 177
             dialog --title $"Recover Encryption Keys" \
@@ -185,15 +185,15 @@ function interactive_gpg_from_remote {
185 185
     REMOTE_SERVERS_LIST=/home/$MY_USERNAME/keyshareservers.txt
186 186
 
187 187
     # get a list of remote servers
188
-    ${PROJECT_NAME}-remote -u $MY_USERNAME -l $REMOTE_SERVERS_LIST -t "Remote server"
188
+    "${PROJECT_NAME}-remote" -u "$MY_USERNAME" -l "$REMOTE_SERVERS_LIST" -t "Remote server"
189 189
 
190
-    if [ ! -f $REMOTE_SERVERS_LIST ]; then
190
+    if [ ! -f "$REMOTE_SERVERS_LIST" ]; then
191 191
         dialog --title $"Encryption Keys Recovery" --msgbox $'Error obtaining server list' 6 70
192 192
         return 1
193 193
     fi
194 194
 
195 195
     # check the number of entries in the file
196
-    no_of_servers=$(cat $REMOTE_SERVERS_LIST | wc -l)
196
+    no_of_servers=$(wc -l < "$REMOTE_SERVERS_LIST")
197 197
     if (( no_of_servers < 3 )); then
198 198
         dialog --title $"Encryption Keys Recovery" \
199 199
                --msgbox $'There must be at least three servers to recover the key' 6 70
@@ -201,8 +201,7 @@ function interactive_gpg_from_remote {
201 201
     fi
202 202
 
203 203
     # try to recover the key from the servers
204
-    ${PROJECT_NAME}-recoverkey -u $MY_USERNAME -l $REMOTE_SERVERS_LIST
205
-    if [ ! "$?" = "0" ]; then
204
+    if ! "${PROJECT_NAME}-recoverkey" -u "$MY_USERNAME" -l "$REMOTE_SERVERS_LIST"; then
206 205
         dialog --title $"Encryption Keys Recovery" --msgbox $'Your key could not be recovered' 6 70
207 206
         return 3
208 207
     fi
@@ -217,36 +216,36 @@ function interactive_gpg {
217 216
     while [[ $GPG_CONFIGURED != "yes" ]]
218 217
     do
219 218
         GPG_CONFIGURED="yes"
220
-        data=$(tempfile 2>/dev/null)
221
-        trap "rm -f $data" 0 1 2 5 15
219
+        data=$(mktemp 2>/dev/null)
222 220
         dialog --backtitle $"Freedombone Configuration" \
223 221
                --radiolist $"GPG/PGP keys for your system:" 13 70 3 \
224 222
                1 $"Generate new keys (new user)" on \
225 223
                2 $"Import keys from USB drive/s" off \
226
-               3 $"Retrieve keys from friends servers" off 2> $data
224
+               3 $"Retrieve keys from friends servers" off 2> "$data"
227 225
         sel=$?
228 226
         case $sel in
229
-            1) exit 1;;
230
-            255) exit 2;;
227
+            1) rm -f "$data"
228
+               exit 1;;
229
+            255) rm -f "$data"
230
+                 exit 2;;
231 231
         esac
232
-        case $(cat $data) in
233
-            1) if [ -d /home/${MY_USERNAME}/.gnupg ]; then
234
-                   rm -rf /home/${MY_USERNAME}/.gnupg
232
+        case $(cat "$data") in
233
+            1) if [ -d "/home/${MY_USERNAME}/.gnupg" ]; then
234
+                   rm -rf "/home/${MY_USERNAME}/.gnupg"
235 235
                fi
236 236
                break;;
237 237
             2) interactive_gpg_from_usb
238 238
                break;;
239
-            3) interactive_gpg_from_remote
240
-               if [ ! "$?" = "0" ]; then
239
+            3) if ! interactive_gpg_from_remote; then
241 240
                    GPG_CONFIGURED="no"
242 241
                fi;;
243 242
         esac
243
+        rm -f "$data"
244 244
     done
245 245
 }
246 246
 
247 247
 function interactive_key_recovery {
248
-    data=$(tempfile 2>/dev/null)
249
-    trap "rm -f $data" 0 1 2 5 15
248
+    data=$(mktemp 2>/dev/null)
250 249
 
251 250
     dialog --title $"Encryption Keys Recovery" \
252 251
            --backtitle $"Freedombone Configuration" \
@@ -254,14 +253,16 @@ function interactive_key_recovery {
254 253
            --yesno $"Do you wish to recover your previous encryption keys from a USB master keydrive?" 7 60
255 254
     sel=$?
256 255
     case $sel in
257
-        1) return;;
258
-        255) return;;
256
+        1) rm -f "$data"
257
+           return;;
258
+        255) rm -f "$data"
259
+             return;;
259 260
     esac
260 261
     clear
261 262
     apt-get -yq install cryptsetup
262
-    ${PROJECT_NAME}-recoverkey -u $MY_USERNAME
263
-    if [ -d /home/$MY_USERNAME/.gnupg ]; then
264
-        cp -rf /home/$MY_USERNAME/.gnupg /root
263
+    "${PROJECT_NAME}-recoverkey" -u "$MY_USERNAME"
264
+    if [ -d "/home/$MY_USERNAME/.gnupg" ]; then
265
+        cp -rf "/home/$MY_USERNAME/.gnupg" /root
265 266
         chmod 700 /root/.gnupg
266 267
         chmod 600 /root/.gnupg/*
267 268
         printf '%%Assuan%%\nsocket=/dev/shm/S.dirmngr\n' > /root/.gnupg/S.dirmngr
@@ -269,6 +270,7 @@ function interactive_key_recovery {
269 270
             chmod +x /root/.gnupg/crls.d
270 271
         fi
271 272
     fi
273
+    rm -f "$data"
272 274
 }
273 275
 
274 276
 function set_password_for_all_users {
@@ -278,7 +280,7 @@ function set_password_for_all_users {
278 280
     for d in /home/*/ ; do
279 281
         USERNAME=$(echo "$d" | awk -F '/' '{print $3}')
280 282
         if [[ $(is_valid_user "$USERNAME") == "1" ]]; then
281
-            ${PROJECT_NAME}-pass -u "${USERNAME}" -a "${app_name}" -p "${change_password}"
283
+            "${PROJECT_NAME}-pass" -u "${USERNAME}" -a "${app_name}" -p "${change_password}"
282 284
         fi
283 285
     done
284 286
 }

+ 7
- 8
src/freedombone-utils-login Zobrazit soubor

@@ -38,14 +38,13 @@ function change_login_message {
38 38
         rm -f /etc/init.d/motd
39 39
     fi
40 40
 
41
-    echo '' > /etc/motd
42
-    echo ".---.                  .              .                   " >> /etc/motd
43
-    echo "|                      |              |                   " >> /etc/motd
44
-    echo "|--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-. " >> /etc/motd
45
-    echo "|    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-' " >> /etc/motd
46
-    echo "'    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'" >> /etc/motd
47
-    echo $'                  Freedom in the Cloud' >> /etc/motd
48
-    echo '' >> /etc/motd
41
+    { echo ".---.                  .              .                   ";
42
+      echo "|                      |              |                   ";
43
+      echo "|--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-. ";
44
+      echo "|    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-' ";
45
+      echo "'    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'";
46
+      echo $'                  Freedom in the Cloud';
47
+      echo ''; } > /etc/motd
49 48
     mark_completed "${FUNCNAME[0]}"
50 49
 }
51 50
 

+ 96
- 96
src/freedombone-utils-mesh Zobrazit soubor

@@ -35,11 +35,11 @@ MESH_DEFAULT_PROTOCOL=/root/.mesh_protocol_default
35 35
 function mesh_generate_ipv6_address {
36 36
     network=fd66:66:66
37 37
 
38
-    if [ $1 ]; then
39
-        search_ipv6=$(ifconfig $1 | grep $network)
40
-        if [ $search_ipv6 ]; then
41
-            result=$(ifconfig $1 | grep $network | awk -F ' ' '{print $2}')
42
-            ip -6 addr add ${result}/128 dev $1
38
+    if [ "$1" ]; then
39
+        search_ipv6=$(ifconfig "$1" | grep "$network")
40
+        if [ "$search_ipv6" ]; then
41
+            result=$(ifconfig "$1" | grep "$network" | awk -F ' ' '{print $2}')
42
+            ip -6 addr add "${result}/128" dev "$1"
43 43
             return
44 44
         fi
45 45
     fi
@@ -51,7 +51,7 @@ function mesh_generate_ipv6_address {
51 51
     d=${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}
52 52
     e=${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}${ipv6_array[$RANDOM%16]}
53 53
     result=$network:$a:$b:$c:$d:$e
54
-    ip -6 addr add ${result}/128 dev $1
54
+    ip -6 addr add "${result}/128" dev "$1"
55 55
 }
56 56
 
57 57
 function mesh_protocol_init {
@@ -67,21 +67,21 @@ function mesh_protocol_init {
67 67
 
68 68
     # Mesh definition
69 69
     WIFI_SSID='mesh'
70
-    if [ -f $COMPLETION_FILE ]; then
71
-        if grep -q "WIFI_SSID:" $COMPLETION_FILE; then
72
-            WIFI_SSID=$(cat $COMPLETION_FILE | grep "WIFI_SSID:" | awk -F ':' '{print $2}')
70
+    if [ -f "$COMPLETION_FILE" ]; then
71
+        if grep -q "WIFI_SSID:" "$COMPLETION_FILE"; then
72
+            WIFI_SSID=$(grep "WIFI_SSID:" "$COMPLETION_FILE" | awk -F ':' '{print $2}')
73 73
         fi
74
-        sed -i "s|WIFI_SSID:.*|WIFI_SSID:${WIFI_SSID}|g" $COMPLETION_FILE
74
+        sed -i "s|WIFI_SSID:.*|WIFI_SSID:${WIFI_SSID}|g" "$COMPLETION_FILE"
75 75
     fi
76 76
     CELLID='any'
77 77
 
78 78
     CHANNEL=2
79 79
     HOTSPOT_CHANNEL=6
80
-    if [ -f $COMPLETION_FILE ]; then
81
-        if grep -q "Wifi channel:" $COMPLETION_FILE; then
82
-            CHANNEL=$(cat $COMPLETION_FILE | grep "Wifi channel:" | awk -F ':' '{print $2}')
80
+    if [ -f "$COMPLETION_FILE" ]; then
81
+        if grep -q "Wifi channel:" "$COMPLETION_FILE"; then
82
+            CHANNEL=$(grep "Wifi channel:" "$COMPLETION_FILE" | awk -F ':' '{print $2}')
83 83
         fi
84
-        sed -i "s|Wifi channel:.*|Wifi channel:${CHANNEL}|g" $COMPLETION_FILE
84
+        sed -i "s|Wifi channel:.*|Wifi channel:${CHANNEL}|g" "$COMPLETION_FILE"
85 85
     fi
86 86
 
87 87
     ZERONET_PORT=15441
@@ -101,18 +101,18 @@ function mesh_protocol_init {
101 101
     EIFACE=eth0
102 102
     WLAN_ADAPTORS=$(count_wlan)
103 103
 
104
-    if [ $WLAN_ADAPTORS -eq 0 ]; then
104
+    if [ "$WLAN_ADAPTORS" -eq 0 ]; then
105 105
         echo $'No wlan adaptors found'
106 106
         exit 0
107 107
     fi
108 108
 }
109 109
 
110 110
 function get_ipv6_wlan {
111
-    echo $(ifconfig ${IFACE} | grep inet6 | awk -F ' ' '{print $2}')
111
+    ifconfig "${IFACE}" | grep inet6 | awk -F ' ' '{print $2}'
112 112
 }
113 113
 
114 114
 function mesh_hotspot_ip_address {
115
-    echo $(ifconfig ${BRIDGE} | grep inet6 | awk -F ' ' '{print $2}')
115
+    ifconfig "${BRIDGE}" | grep inet6 | awk -F ' ' '{print $2}'
116 116
 }
117 117
 
118 118
 function global_rate_limit {
@@ -129,7 +129,7 @@ function global_rate_limit {
129 129
 function assign_peer_address {
130 130
     for i in {1..6}; do
131 131
         number=$RANDOM
132
-        let "number %= 255"
132
+        (( "number %= 255" ))
133 133
         octet=$(echo "obase=16;$number" | bc)
134 134
         if [ ${#octet} -lt 2 ]; then
135 135
             octet="0${octet}"
@@ -142,7 +142,7 @@ function assign_peer_address {
142 142
 }
143 143
 
144 144
 function mesh_create_app_downloads_page {
145
-    if [ ! -d /root/$PROJECT_NAME/image_build/mesh_apps ]; then
145
+    if [ ! -d "/root/$PROJECT_NAME/image_build/mesh_apps" ]; then
146 146
         return
147 147
     fi
148 148
     if [ ! -d /var/www/html ]; then
@@ -163,27 +163,27 @@ function mesh_create_app_downloads_page {
163 163
         mv /home/fbone/Desktop/cryptpad.desktop /home/fbone/.cryptpad.desktop
164 164
     fi
165 165
 
166
-    cp /root/$PROJECT_NAME/website/EN/meshindex.html /var/www/html/index.html
166
+    cp "/root/$PROJECT_NAME/website/EN/meshindex.html" /var/www/html/index.html
167 167
     if [ ! -f /var/www/html/ssb.apk ]; then
168
-        cp /root/$PROJECT_NAME/image_build/mesh_apps/ssb.apk /var/www/html/ssb.apk
168
+        cp "/root/$PROJECT_NAME/image_build/mesh_apps/ssb.apk" /var/www/html/ssb.apk
169 169
     fi
170 170
     if [ ! -f /var/www/html/trifa.apk ]; then
171
-        cp /root/$PROJECT_NAME/image_build/mesh_apps/trifa.apk /var/www/html/trifa.apk
171
+        cp "/root/$PROJECT_NAME/image_build/mesh_apps/trifa.apk" /var/www/html/trifa.apk
172 172
     fi
173 173
     if [ ! -d /var/www/html/images ]; then
174 174
         mkdir /var/www/html/images
175 175
     fi
176 176
     if [ ! -f /var/www/html/images/logo.png ]; then
177
-        cp /root/$PROJECT_NAME/img/logo.png /var/www/html/images/logo.png
177
+        cp "/root/$PROJECT_NAME/img/logo.png" /var/www/html/images/logo.png
178 178
     fi
179 179
     if [ ! -f /var/www/html/images/ssb.png ]; then
180
-        cp /root/$PROJECT_NAME/img/icon_patchwork.png /var/www/html/images/ssb.png
180
+        cp "/root/$PROJECT_NAME/img/icon_patchwork.png" /var/www/html/images/ssb.png
181 181
     fi
182 182
     if [ ! -f /var/www/html/images/trifa.png ]; then
183
-        cp /root/$PROJECT_NAME/img/trifa.png /var/www/html/images/trifa.png
183
+        cp "/root/$PROJECT_NAME/img/trifa.png" /var/www/html/images/trifa.png
184 184
     fi
185 185
     if [ ! -f /var/www/html/freedombone.css ]; then
186
-        cp /root/$PROJECT_NAME/website/freedombone.css /var/www/html/freedombone.css
186
+        cp "/root/$PROJECT_NAME/website/freedombone.css" /var/www/html/freedombone.css
187 187
     fi
188 188
     chown -R www-data:www-data /var/www/html/*
189 189
 }
@@ -191,8 +191,8 @@ function mesh_create_app_downloads_page {
191 191
 function enable_mesh_firewall {
192 192
     iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
193 193
     iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
194
-    iptables -A INPUT -p tcp --dport $TRACKER_PORT -j ACCEPT
195
-    iptables -A INPUT -p udp --dport $TRACKER_PORT -j ACCEPT
194
+    iptables -A INPUT -p tcp --dport "$TRACKER_PORT" -j ACCEPT
195
+    iptables -A INPUT -p udp --dport "$TRACKER_PORT" -j ACCEPT
196 196
     iptables -A INPUT -p udp --dport 6240 -j ACCEPT
197 197
     iptables -A INPUT -p tcp --dport 6240 -j ACCEPT
198 198
     iptables -A INPUT -p tcp --dport 80 -j ACCEPT
@@ -203,16 +203,16 @@ function enable_mesh_firewall {
203 203
     iptables -A INPUT -p udp --dport 5353 -j ACCEPT
204 204
     iptables -A INPUT -p tcp --dport 5354 -j ACCEPT
205 205
     iptables -A INPUT -p udp --dport 5354 -j ACCEPT
206
-    iptables -A INPUT -p tcp --dport $ZERONET_PORT -j ACCEPT
207
-    iptables -A INPUT -p udp --dport $ZERONET_PORT -j ACCEPT
208
-    iptables -A INPUT -p tcp --dport $IPFS_PORT -j ACCEPT
209
-    iptables -A INPUT -p tcp --dport $TOX_PORT -j ACCEPT
210
-    iptables -A INPUT -p udp --dport $TOX_PORT -j ACCEPT
211
-    iptables -A INPUT -p tcp --dport $LIBREVAULT_PORT -j ACCEPT
212
-    iptables -A INPUT -p udp --dport $LIBREVAULT_PORT -j ACCEPT
213
-    iptables -A INPUT -p tcp --dport $TAHOELAFS_PORT -j ACCEPT
206
+    iptables -A INPUT -p tcp --dport "$ZERONET_PORT" -j ACCEPT
207
+    iptables -A INPUT -p udp --dport "$ZERONET_PORT" -j ACCEPT
208
+    iptables -A INPUT -p tcp --dport "$IPFS_PORT" -j ACCEPT
209
+    iptables -A INPUT -p tcp --dport "$TOX_PORT" -j ACCEPT
210
+    iptables -A INPUT -p udp --dport "$TOX_PORT" -j ACCEPT
211
+    iptables -A INPUT -p tcp --dport "$LIBREVAULT_PORT" -j ACCEPT
212
+    iptables -A INPUT -p udp --dport "$LIBREVAULT_PORT" -j ACCEPT
213
+    iptables -A INPUT -p tcp --dport "$TAHOELAFS_PORT" -j ACCEPT
214 214
     # SSB/Scuttlebot/Patchwork
215
-    iptables -A INPUT -p tcp --dport $GIT_SSB_PORT -j ACCEPT
215
+    iptables -A INPUT -p tcp --dport "$GIT_SSB_PORT" -j ACCEPT
216 216
     iptables -A INPUT -p udp --dport 8008 -j ACCEPT
217 217
     iptables -A INPUT -p tcp --dport 8008 -j ACCEPT
218 218
     iptables -A INPUT -p udp --dport 8010 -j ACCEPT
@@ -227,8 +227,8 @@ function enable_mesh_firewall {
227 227
 
228 228
     ip6tables -A INPUT -p ipv6-icmp -j ACCEPT
229 229
     ip6tables -A OUTPUT -p ipv6-icmp -j ACCEPT
230
-    ip6tables -A INPUT -p tcp --dport $TRACKER_PORT -j ACCEPT
231
-    ip6tables -A INPUT -p udp --dport $TRACKER_PORT -j ACCEPT
230
+    ip6tables -A INPUT -p tcp --dport "$TRACKER_PORT" -j ACCEPT
231
+    ip6tables -A INPUT -p udp --dport "$TRACKER_PORT" -j ACCEPT
232 232
     ip6tables -A INPUT -p udp --dport 6240 -j ACCEPT
233 233
     ip6tables -A INPUT -p tcp --dport 6240 -j ACCEPT
234 234
     ip6tables -A INPUT -p tcp --dport 80 -j ACCEPT
@@ -239,16 +239,16 @@ function enable_mesh_firewall {
239 239
     ip6tables -A INPUT -p udp --dport 5353 -j ACCEPT
240 240
     ip6tables -A INPUT -p tcp --dport 5354 -j ACCEPT
241 241
     ip6tables -A INPUT -p udp --dport 5354 -j ACCEPT
242
-    ip6tables -A INPUT -p tcp --dport $ZERONET_PORT -j ACCEPT
243
-    ip6tables -A INPUT -p udp --dport $ZERONET_PORT -j ACCEPT
244
-    ip6tables -A INPUT -p tcp --dport $IPFS_PORT -j ACCEPT
245
-    ip6tables -A INPUT -p tcp --dport $TOX_PORT -j ACCEPT
246
-    ip6tables -A INPUT -p udp --dport $TOX_PORT -j ACCEPT
247
-    ip6tables -A INPUT -p tcp --dport $LIBREVAULT_PORT -j ACCEPT
248
-    ip6tables -A INPUT -p udp --dport $LIBREVAULT_PORT -j ACCEPT
249
-    ip6tables -A INPUT -p tcp --dport $TAHOELAFS_PORT -j ACCEPT
242
+    ip6tables -A INPUT -p tcp --dport "$ZERONET_PORT" -j ACCEPT
243
+    ip6tables -A INPUT -p udp --dport "$ZERONET_PORT" -j ACCEPT
244
+    ip6tables -A INPUT -p tcp --dport "$IPFS_PORT" -j ACCEPT
245
+    ip6tables -A INPUT -p tcp --dport "$TOX_PORT" -j ACCEPT
246
+    ip6tables -A INPUT -p udp --dport "$TOX_PORT" -j ACCEPT
247
+    ip6tables -A INPUT -p tcp --dport "$LIBREVAULT_PORT" -j ACCEPT
248
+    ip6tables -A INPUT -p udp --dport "$LIBREVAULT_PORT" -j ACCEPT
249
+    ip6tables -A INPUT -p tcp --dport "$TAHOELAFS_PORT" -j ACCEPT
250 250
     # SSB/Scuttlebot/Patchwork
251
-    ip6tables -A INPUT -p tcp --dport $GIT_SSB_PORT -j ACCEPT
251
+    ip6tables -A INPUT -p tcp --dport "$GIT_SSB_PORT" -j ACCEPT
252 252
     ip6tables -A INPUT -p udp --dport 8008 -j ACCEPT
253 253
     ip6tables -A INPUT -p tcp --dport 8008 -j ACCEPT
254 254
     ip6tables -A INPUT -p udp --dport 8010 -j ACCEPT
@@ -266,12 +266,12 @@ function enable_mesh_firewall {
266 266
     # to discover local peers
267 267
     iptables -A INPUT -p tcp --dport 653 -j ACCEPT
268 268
     iptables -A INPUT -p udp --dport 653 -j ACCEPT
269
-    iptables -A INPUT -i ${EIFACE} -m state --state NEW -p tcp --dport 1194 -j ACCEPT
269
+    iptables -A INPUT -i "${EIFACE}" -m state --state NEW -p tcp --dport 1194 -j ACCEPT
270 270
     iptables -A INPUT -i tun+ -j ACCEPT
271 271
     iptables -A FORWARD -i tun+ -j ACCEPT
272
-    iptables -A FORWARD -i tun+ -o ${EIFACE} -m state --state RELATED,ESTABLISHED -j ACCEPT
273
-    iptables -A FORWARD -i ${EIFACE} -o tun+ -m state --state RELATED,ESTABLISHED -j ACCEPT
274
-    iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o ${EIFACE} -j MASQUERADE
272
+    iptables -A FORWARD -i tun+ -o "${EIFACE}" -m state --state RELATED,ESTABLISHED -j ACCEPT
273
+    iptables -A FORWARD -i "${EIFACE}" -o tun+ -m state --state RELATED,ESTABLISHED -j ACCEPT
274
+    iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o "${EIFACE}" -j MASQUERADE
275 275
     iptables -A OUTPUT -o tun+ -j ACCEPT
276 276
     echo 1 > /proc/sys/net/ipv4/ip_forward
277 277
     sed -i 's|# net.ipv4.ip_forward|net.ipv4.ip_forward|g' /etc/sysctl.conf
@@ -280,8 +280,8 @@ function enable_mesh_firewall {
280 280
 }
281 281
 
282 282
 function disable_mesh_firewall {
283
-    iptables -D INPUT -p tcp --dport $TRACKER_PORT -j ACCEPT
284
-    iptables -D INPUT -p udp --dport $TRACKER_PORT -j ACCEPT
283
+    iptables -D INPUT -p tcp --dport "$TRACKER_PORT" -j ACCEPT
284
+    iptables -D INPUT -p udp --dport "$TRACKER_PORT" -j ACCEPT
285 285
     iptables -D INPUT -p udp --dport 6240 -j ACCEPT
286 286
     iptables -D INPUT -p tcp --dport 6240 -j ACCEPT
287 287
     iptables -D INPUT -p tcp --dport 80 -j ACCEPT
@@ -292,17 +292,17 @@ function disable_mesh_firewall {
292 292
     iptables -D INPUT -p udp --dport 5353 -j ACCEPT
293 293
     iptables -D INPUT -p tcp --dport 5354 -j ACCEPT
294 294
     iptables -D INPUT -p udp --dport 5354 -j ACCEPT
295
-    iptables -D INPUT -p tcp --dport $ZERONET_PORT -j ACCEPT
296
-    iptables -D INPUT -p udp --dport $ZERONET_PORT -j ACCEPT
297
-    iptables -D INPUT -p tcp --dport $IPFS_PORT -j ACCEPT
298
-    iptables -D INPUT -p udp --dport $IPFS_PORT -j ACCEPT
299
-    iptables -D INPUT -p tcp --dport $TOX_PORT -j ACCEPT
300
-    iptables -D INPUT -p udp --dport $TOX_PORT -j ACCEPT
301
-    iptables -D INPUT -p tcp --dport $LIBREVAULT_PORT -j ACCEPT
302
-    iptables -D INPUT -p udp --dport $LIBREVAULT_PORT -j ACCEPT
303
-    iptables -D INPUT -p tcp --dport $TAHOELAFS_PORT -j ACCEPT
295
+    iptables -D INPUT -p tcp --dport "$ZERONET_PORT" -j ACCEPT
296
+    iptables -D INPUT -p udp --dport "$ZERONET_PORT" -j ACCEPT
297
+    iptables -D INPUT -p tcp --dport "$IPFS_PORT" -j ACCEPT
298
+    iptables -D INPUT -p udp --dport "$IPFS_PORT" -j ACCEPT
299
+    iptables -D INPUT -p tcp --dport "$TOX_PORT" -j ACCEPT
300
+    iptables -D INPUT -p udp --dport "$TOX_PORT" -j ACCEPT
301
+    iptables -D INPUT -p tcp --dport "$LIBREVAULT_PORT" -j ACCEPT
302
+    iptables -D INPUT -p udp --dport "$LIBREVAULT_PORT" -j ACCEPT
303
+    iptables -D INPUT -p tcp --dport "$TAHOELAFS_PORT" -j ACCEPT
304 304
     # SSB/Scuttlebot/Patchwork
305
-    iptables -D INPUT -p tcp --dport $GIT_SSB_PORT -j ACCEPT
305
+    iptables -D INPUT -p tcp --dport "$GIT_SSB_PORT" -j ACCEPT
306 306
     iptables -D INPUT -p udp --dport 8008 -j ACCEPT
307 307
     iptables -D INPUT -p tcp --dport 8008 -j ACCEPT
308 308
     iptables -D INPUT -p udp --dport 8010 -j ACCEPT
@@ -315,8 +315,8 @@ function disable_mesh_firewall {
315 315
     ip6tables -D INPUT -p udp --dport 6696 -j ACCEPT
316 316
 
317 317
 
318
-    ip6tables -D INPUT -p tcp --dport $TRACKER_PORT -j ACCEPT
319
-    ip6tables -D INPUT -p udp --dport $TRACKER_PORT -j ACCEPT
318
+    ip6tables -D INPUT -p tcp --dport "$TRACKER_PORT" -j ACCEPT
319
+    ip6tables -D INPUT -p udp --dport "$TRACKER_PORT" -j ACCEPT
320 320
     ip6tables -D INPUT -p udp --dport 6240 -j ACCEPT
321 321
     ip6tables -D INPUT -p tcp --dport 6240 -j ACCEPT
322 322
     ip6tables -D INPUT -p tcp --dport 80 -j ACCEPT
@@ -327,17 +327,17 @@ function disable_mesh_firewall {
327 327
     ip6tables -D INPUT -p udp --dport 5353 -j ACCEPT
328 328
     ip6tables -D INPUT -p tcp --dport 5354 -j ACCEPT
329 329
     ip6tables -D INPUT -p udp --dport 5354 -j ACCEPT
330
-    ip6tables -D INPUT -p tcp --dport $ZERONET_PORT -j ACCEPT
331
-    ip6tables -D INPUT -p udp --dport $ZERONET_PORT -j ACCEPT
332
-    ip6tables -D INPUT -p tcp --dport $IPFS_PORT -j ACCEPT
333
-    ip6tables -D INPUT -p udp --dport $IPFS_PORT -j ACCEPT
334
-    ip6tables -D INPUT -p tcp --dport $TOX_PORT -j ACCEPT
335
-    ip6tables -D INPUT -p udp --dport $TOX_PORT -j ACCEPT
336
-    ip6tables -D INPUT -p tcp --dport $LIBREVAULT_PORT -j ACCEPT
337
-    ip6tables -D INPUT -p udp --dport $LIBREVAULT_PORT -j ACCEPT
338
-    ip6tables -D INPUT -p tcp --dport $TAHOELAFS_PORT -j ACCEPT
330
+    ip6tables -D INPUT -p tcp --dport "$ZERONET_PORT" -j ACCEPT
331
+    ip6tables -D INPUT -p udp --dport "$ZERONET_PORT" -j ACCEPT
332
+    ip6tables -D INPUT -p tcp --dport "$IPFS_PORT" -j ACCEPT
333
+    ip6tables -D INPUT -p udp --dport "$IPFS_PORT" -j ACCEPT
334
+    ip6tables -D INPUT -p tcp --dport "$TOX_PORT" -j ACCEPT
335
+    ip6tables -D INPUT -p udp --dport "$TOX_PORT" -j ACCEPT
336
+    ip6tables -D INPUT -p tcp --dport "$LIBREVAULT_PORT" -j ACCEPT
337
+    ip6tables -D INPUT -p udp --dport "$LIBREVAULT_PORT" -j ACCEPT
338
+    ip6tables -D INPUT -p tcp --dport "$TAHOELAFS_PORT" -j ACCEPT
339 339
     # SSB/Scuttlebot/Patchwork
340
-    ip6tables -D INPUT -p tcp --dport $GIT_SSB_PORT -j ACCEPT
340
+    ip6tables -D INPUT -p tcp --dport "$GIT_SSB_PORT" -j ACCEPT
341 341
     ip6tables -D INPUT -p udp --dport 8008 -j ACCEPT
342 342
     ip6tables -D INPUT -p tcp --dport 8008 -j ACCEPT
343 343
     ip6tables -D INPUT -p udp --dport 8010 -j ACCEPT
@@ -352,12 +352,12 @@ function disable_mesh_firewall {
352 352
     # vpn over the internet
353 353
     iptables -D INPUT -p tcp --dport 653 -j ACCEPT
354 354
     iptables -D INPUT -p udp --dport 653 -j ACCEPT
355
-    iptables -D INPUT -i ${EIFACE} -m state --state NEW -p tcp --dport 1194 -j ACCEPT
355
+    iptables -D INPUT -i "${EIFACE}" -m state --state NEW -p tcp --dport 1194 -j ACCEPT
356 356
     iptables -D INPUT -i tun+ -j ACCEPT
357 357
     iptables -D FORWARD -i tun+ -j ACCEPT
358
-    iptables -D FORWARD -i tun+ -o ${EIFACE} -m state --state RELATED,ESTABLISHED -j ACCEPT
359
-    iptables -D FORWARD -i ${EIFACE} -o tun+ -m state --state RELATED,ESTABLISHED -j ACCEPT
360
-    iptables -t nat -D POSTROUTING -s 10.8.0.0/24 -o ${EIFACE} -j MASQUERADE
358
+    iptables -D FORWARD -i tun+ -o "${EIFACE}" -m state --state RELATED,ESTABLISHED -j ACCEPT
359
+    iptables -D FORWARD -i "${EIFACE}" -o tun+ -m state --state RELATED,ESTABLISHED -j ACCEPT
360
+    iptables -t nat -D POSTROUTING -s 10.8.0.0/24 -o "${EIFACE}" -j MASQUERADE
361 361
     iptables -D OUTPUT -o tun+ -j ACCEPT
362 362
 
363 363
     echo 0 > /proc/sys/net/ipv4/ip_forward
@@ -401,25 +401,25 @@ function enable_mesh_tor {
401 401
 }
402 402
 
403 403
 function enable_mesh_seconary_wifi {
404
-    if [ $secondary_wifi_available ]; then
404
+    if [ "$secondary_wifi_available" ]; then
405 405
         sed -i 's|#DAEMON_CONF=.*|DAEMON_CONF="/etc/hostapd/hostapd.conf"|g' /etc/default/hostapd
406 406
 
407 407
         mesh_hotspot_address=$(mesh_hotspot_ip_address)
408 408
         if [[ "$mesh_hotspot_address" == *'.'* ]]; then
409
-            echo "interface=${IFACE_SECONDARY}" > /etc/hostapd/hostapd.conf
410
-            echo "bridge=${BRIDGE}" >> /etc/hostapd/hostapd.conf
411
-            echo 'driver=nl80211' >> /etc/hostapd/hostapd.conf
412
-            echo "country_code=UK" >> /etc/hostapd/hostapd.conf
413
-            echo "ssid=${WIFI_SSID}-${mesh_hotspot_address}" >> /etc/hostapd/hostapd.conf
414
-            echo 'hw_mode=g' >> /etc/hostapd/hostapd.conf
415
-            echo "channel=${HOTSPOT_CHANNEL}" >> /etc/hostapd/hostapd.conf
416
-            echo 'wpa=2' >> /etc/hostapd/hostapd.conf
417
-            echo "wpa_passphrase=$HOTSPOT_PASSPHRASE" >> /etc/hostapd/hostapd.conf
418
-            echo 'wpa_key_mgmt=WPA-PSK' >> /etc/hostapd/hostapd.conf
419
-            echo 'wpa_pairwise=TKIP' >> /etc/hostapd/hostapd.conf
420
-            echo 'rsn_pairwise=CCMP' >> /etc/hostapd/hostapd.conf
421
-            echo 'auth_algs=1' >> /etc/hostapd/hostapd.conf
422
-            echo 'macaddr_acl=0' >> /etc/hostapd/hostapd.conf
409
+            { echo "interface=${IFACE_SECONDARY}";
410
+              echo "bridge=${BRIDGE}";
411
+              echo 'driver=nl80211';
412
+              echo "country_code=UK";
413
+              echo "ssid=${WIFI_SSID}-${mesh_hotspot_address}";
414
+              echo 'hw_mode=g';
415
+              echo "channel=${HOTSPOT_CHANNEL}";
416
+              echo 'wpa=2';
417
+              echo "wpa_passphrase=$HOTSPOT_PASSPHRASE";
418
+              echo 'wpa_key_mgmt=WPA-PSK';
419
+              echo 'wpa_pairwise=TKIP';
420
+              echo 'rsn_pairwise=CCMP';
421
+              echo 'auth_algs=1';
422
+              echo 'macaddr_acl=0'; } > /etc/hostapd/hostapd.conf
423 423
 
424 424
             sed -i "s|#interface=.*|interface=${IFACE_SECONDARY}|g" /etc/dnsmasq.conf
425 425
             sed -i "s|interface=.*|interface=${IFACE_SECONDARY}|g" /etc/dnsmasq.conf
@@ -437,7 +437,7 @@ function enable_mesh_seconary_wifi {
437 437
         fi
438 438
     fi
439 439
 
440
-    if [ ! $secondary_wifi_available ]; then
440
+    if [ ! "$secondary_wifi_available" ]; then
441 441
         systemctl stop hostapd
442 442
         systemctl disable hostapd
443 443
 

+ 14
- 17
src/freedombone-utils-meteor Zobrazit soubor

@@ -41,14 +41,14 @@ function meteor_cleanUp {
41 41
 }
42 42
 
43 43
 function install_meteor_script {
44
-    meteor_dir=$1
44
+    meteor_dir="$1"
45 45
 
46
-    if [ ! $meteor_dir ]; then
46
+    if [ ! "$meteor_dir" ]; then
47 47
         echo $'No meteor install directory specified'
48 48
         exit 692025
49 49
     fi
50 50
 
51
-    if [ ! -d $meteor_dir ]; then
51
+    if [ ! -d "$meteor_dir" ]; then
52 52
         echo $'Meteor install directory not found'
53 53
         exit 845382
54 54
     fi
@@ -67,19 +67,19 @@ function install_meteor_script {
67 67
 
68 68
     DIR_PREFIX="/usr/local"
69 69
 
70
-    TARBALL_URL="$https://meteorinstall-4168.kxcdn.com/packages-bootstrap/${RELEASE}/meteor-bootstrap-${PLATFORM}.tar.gz"
70
+    TARBALL_URL="https://meteorinstall-4168.kxcdn.com/packages-bootstrap/${RELEASE}/meteor-bootstrap-${PLATFORM}.tar.gz"
71 71
     INSTALL_TMPDIR="$meteor_dir/.meteor-install-tmp"
72 72
     TARBALL_FILE="$meteor_dir/.meteor-tarball-tmp"
73 73
 
74 74
     # Remove temporary files now in case they exist.
75 75
     meteor_cleanUp
76 76
 
77
-    if [ -d $INSTALL_TMPDIR ]; then
78
-        rm -rf $INSTALL_TMPDIR
77
+    if [ -d "$INSTALL_TMPDIR" ]; then
78
+        rm -rf "$INSTALL_TMPDIR"
79 79
     fi
80 80
     mkdir "$INSTALL_TMPDIR"
81 81
 
82
-    if [ ! -f ${TARBALL_FILE} ]; then
82
+    if [ ! -f "${TARBALL_FILE}" ]; then
83 83
         echo "Downloading Meteor distribution"
84 84
         # keep trying to curl the file until it works (resuming where possible)
85 85
         MAX_ATTEMPTS=10
@@ -90,11 +90,8 @@ function install_meteor_script {
90 90
         do
91 91
             ATTEMPTS=$((ATTEMPTS + 1))
92 92
 
93
-            curl --progress-bar --fail --continue-at - \
94
-                 "$TARBALL_URL" --output "$TARBALL_FILE"
95
-
96
-            if [ $? -eq 0 ]
97
-            then
93
+            if curl --progress-bar --fail --continue-at - \
94
+                    "$TARBALL_URL" --output "$TARBALL_FILE"; then
98 95
                 break
99 96
             fi
100 97
 
@@ -103,14 +100,14 @@ function install_meteor_script {
103 100
         done
104 101
     fi
105 102
 
106
-    if [ ! -f ${TARBALL_FILE} ]; then
103
+    if [ ! -f "${TARBALL_FILE}" ]; then
107 104
         echo $'meteor tarball could not be downloaded'
108 105
         exit 7272452
109 106
     fi
110 107
 
111 108
     tar -xzf "$TARBALL_FILE" -C "$INSTALL_TMPDIR" -o
112 109
 
113
-    if [ ! -f ${INSTALL_TMPDIR}/.meteor/meteor ]; then
110
+    if [ ! -f "${INSTALL_TMPDIR}/.meteor/meteor" ]; then
114 111
         echo $'tarball not extracted'
115 112
         exit 693252
116 113
     fi
@@ -201,10 +198,10 @@ EOF
201 198
 
202 199
 function install_meteor {
203 200
     apt-get -yq install curl
204
-    if [ ! -d $INSTALL_DIR/meteor ]; then
205
-        mkdir $INSTALL_DIR/meteor
201
+    if [ ! -d "$INSTALL_DIR/meteor" ]; then
202
+        mkdir "$INSTALL_DIR/meteor"
206 203
     fi
207
-    cd $INSTALL_DIR/meteor
204
+    cd "$INSTALL_DIR/meteor" || exit 72345274
208 205
     install_meteor_script
209 206
 }
210 207
 

+ 26
- 25
src/freedombone-utils-mongodb Zobrazit soubor

@@ -35,14 +35,14 @@ MONGODB_APPS_FILE=$HOME/.mongodbapps
35 35
 function store_original_mongodb_password {
36 36
     if [ ! -f /root/.mongodboriginal ]; then
37 37
         echo $'Storing original mongodb password'
38
-        ORIGINAL_MONGODB_PASSWORD=$(${PROJECT_NAME}-pass -u root -a mongodb)
38
+        ORIGINAL_MONGODB_PASSWORD=$("${PROJECT_NAME}-pass" -u root -a mongodb)
39 39
         # We can store this in plaintext because it will soon be of historical interest only
40 40
         echo -n "$ORIGINAL_MONGODB_PASSWORD" > /root/.mongodboriginal
41 41
     fi
42 42
 }
43 43
 
44 44
 function get_mongodb_password {
45
-    MONGODB_PASSWORD=$(${PROJECT_NAME}-pass -u root -a mongodb)
45
+    MONGODB_PASSWORD=$("${PROJECT_NAME}-pass" -u root -a mongodb)
46 46
     if [[ "$MONGODB_PASSWORD" == *'failed'* ]]; then
47 47
         echo $'Could not obtain mongodb password'
48 48
         exit 7835272
@@ -63,14 +63,14 @@ function install_mongodb {
63 63
 
64 64
     function_check get_mongodb_password
65 65
     get_mongodb_password
66
-    if [ ! $MONGODB_PASSWORD ]; then
67
-        if [ -f $IMAGE_PASSWORD_FILE ]; then
68
-            MONGODB_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
66
+    if [ ! "$MONGODB_PASSWORD" ]; then
67
+        if [ -f "$IMAGE_PASSWORD_FILE" ]; then
68
+            MONGODB_PASSWORD="$(printf "%s" "$(cat "$IMAGE_PASSWORD_FILE")")"
69 69
         else
70
-            MONGODB_PASSWORD="$(openssl rand -base64 32 | cut -c1-${MINIMUM_PASSWORD_LENGTH})"
70
+            MONGODB_PASSWORD="$(create_password "${MINIMUM_PASSWORD_LENGTH}")"
71 71
         fi
72 72
     fi
73
-    ${PROJECT_NAME}-pass -u root -a mongodb -p "$MONGODB_PASSWORD"
73
+    "${PROJECT_NAME}-pass" -u root -a mongodb -p "$MONGODB_PASSWORD"
74 74
 
75 75
     apt-get -yq install mongodb mongo-tools
76 76
     apt-get -yq remove --purge apache2-bin*
@@ -84,9 +84,9 @@ function install_mongodb {
84 84
         exit 78352
85 85
     fi
86 86
 
87
-    if [ $app_name ]; then
88
-        if ! grep -q "$app_name" $MONGODB_APPS_FILE; then
89
-           echo "$app_name" >> $MONGODB_APPS_FILE
87
+    if [ "$app_name" ]; then
88
+        if ! grep -q "$app_name" "$MONGODB_APPS_FILE"; then
89
+           echo "$app_name" >> "$MONGODB_APPS_FILE"
90 90
         fi
91 91
     fi
92 92
 
@@ -96,14 +96,14 @@ function install_mongodb {
96 96
 function remove_mongodb {
97 97
     app_name=$1
98 98
 
99
-    if [ ! $app_name ]; then
99
+    if [ ! "$app_name" ]; then
100 100
         return
101 101
     fi
102 102
 
103 103
     removemongo=
104
-    if [ -f $MONGODB_APPS_FILE ]; then
105
-        sed -i "/$app_name/d" $MONGODB_APPS_FILE
106
-        if [ ! -s $MONGODB_APPS_FILE ]; then
104
+    if [ -f "$MONGODB_APPS_FILE" ]; then
105
+        sed -i "/$app_name/d" "$MONGODB_APPS_FILE"
106
+        if [ ! -s "$MONGODB_APPS_FILE" ]; then
107 107
             removemongo=1
108 108
         fi
109 109
     else
@@ -125,7 +125,7 @@ function remove_mongodb {
125 125
         if [ -f /etc/init.d/mongodb ]; then
126 126
             rm /etc/init.d/mongodb
127 127
         fi
128
-        sed -i '/install_mongodb/d' $COMPLETION_FILE
128
+        sed -i '/install_mongodb/d' "$COMPLETION_FILE"
129 129
     fi
130 130
 }
131 131
 
@@ -146,10 +146,10 @@ function drop_database_mongodb {
146 146
     if [[ "$database_name" == 'admin' ]]; then
147 147
         return
148 148
     fi
149
-    mongo $database_name --eval "db.runCommand( { dropDatabase: 1 } )"
150
-    if [ $app_name ]; then
151
-        if grep -q "$app_name" $MONGODB_APPS_FILE; then
152
-            sed -i "/$app_name/d" $MONGODB_APPS_FILE
149
+    mongo "$database_name" --eval "db.runCommand( { dropDatabase: 1 } )"
150
+    if [ "$app_name" ]; then
151
+        if grep -q "$app_name" "$MONGODB_APPS_FILE"; then
152
+            sed -i "/$app_name/d" "$MONGODB_APPS_FILE"
153 153
         fi
154 154
     fi
155 155
 }
@@ -157,8 +157,7 @@ function drop_database_mongodb {
157 157
 function initialise_database_mongodb {
158 158
     database_name=$1
159 159
     database_file=$2
160
-    mongorestore $database_file
161
-    if [ ! "$?" = "0" ]; then
160
+    if ! mongorestore "$database_file"; then
162 161
         exit 8358365
163 162
     fi
164 163
 }
@@ -166,11 +165,13 @@ function initialise_database_mongodb {
166 165
 function create_database_mongodb {
167 166
     app_name="$1"
168 167
     app_admin_password="$2"
169
-    app_admin_username=$3
168
+    app_admin_username="$3"
170 169
     mongo admin --eval "db.createUser({user: '$app_admin_username', pwd: '$app_admin_password', roles: [ { role: 'userAdminAnyDatabase', db: 'admin' } ] })"
171
-    if [ $app_name ]; then
172
-        if ! grep -q "$app_name" $MONGODB_APPS_FILE; then
173
-           echo "$app_name" >> $MONGODB_APPS_FILE
170
+    if [ "$app_name" ]; then
171
+        if ! grep -q "$app_name" "$MONGODB_APPS_FILE"; then
172
+           echo "$app_name" >> "$MONGODB_APPS_FILE"
174 173
         fi
175 174
     fi
176 175
 }
176
+
177
+# NOTE: deliberately there is no "exit 0"

+ 10
- 10
src/freedombone-utils-monkeysphere Zobrazit soubor

@@ -34,22 +34,22 @@ function install_monkeysphere {
34 34
     fi
35 35
     apt-get -yq install monkeysphere msva-perl
36 36
     #su -c "monkeysphere gen-subkey $MY_GPG_PUBLIC_KEY_ID" - $MY_USERNAME
37
-    mkdir /home/$MY_USERNAME/.monkeysphere
38
-    chmod 755 /home/$MY_USERNAME/.monkeysphere
39
-    echo "$MY_NAME <${MY_EMAIL_ADDRESS}>" > /home/$MY_USERNAME/.monkeysphere/authorized_user_ids
40
-    chmod 644 /home/$MY_USERNAME/.monkeysphere/authorized_user_ids
41
-    chown -R $MY_USERNAME:$MY_USERNAME /home/$MY_USERNAME/.monkeysphere
37
+    mkdir "/home/$MY_USERNAME/.monkeysphere"
38
+    chmod 755 "/home/$MY_USERNAME/.monkeysphere"
39
+    echo "$MY_NAME <${MY_EMAIL_ADDRESS}>" > "/home/$MY_USERNAME/.monkeysphere/authorized_user_ids"
40
+    chmod 644 "/home/$MY_USERNAME/.monkeysphere/authorized_user_ids"
41
+    chown -R "$MY_USERNAME":"$MY_USERNAME" "/home/$MY_USERNAME/.monkeysphere"
42 42
     monkeysphere-authentication update-users
43 43
 
44 44
     if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
45 45
         echo $'monkeysphere import: ssh host key not found'
46 46
         exit 76295
47 47
     fi
48
-    monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key ssh://$DEFAULT_DOMAIN_NAME
48
+    monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key "ssh://$DEFAULT_DOMAIN_NAME"
49 49
     SSH_ONION_HOSTNAME=$(cat ${COMPLETION_FILE} | grep 'ssh onion domain' | awk -F ':' '{print $2}')
50
-    monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key ssh://$SSH_ONION_HOSTNAME
50
+    monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key "ssh://$SSH_ONION_HOSTNAME"
51 51
 
52
-    if [ ! $MY_GPG_PUBLIC_KEY_ID ]; then
52
+    if [ ! "$MY_GPG_PUBLIC_KEY_ID" ]; then
53 53
         MY_GPG_PUBLIC_KEY_ID=$(gpg_pubkey_from_email "$MY_USERNAME" "$MY_USERNAME@$HOSTNAME")
54 54
         if [ ${#MY_GPG_PUBLIC_KEY_ID} -lt 4 ]; then
55 55
             echo $"monkeysphere unable to get GPG key ID for user $MY_USERNAME@$HOSTNAME"
@@ -57,8 +57,8 @@ function install_monkeysphere {
57 57
         fi
58 58
     fi
59 59
     # The admin user is the identity certifier
60
-    fpr=$(gpg --with-colons --fingerprint $MY_GPG_PUBLIC_KEY_ID | grep fpr | head -n 1 | awk -F ':' '{print $10}')
61
-    monkeysphere-authentication add-identity-certifier $fpr
60
+    fpr=$(gpg --with-colons --fingerprint "$MY_GPG_PUBLIC_KEY_ID" | grep fpr | head -n 1 | awk -F ':' '{print $10}')
61
+    monkeysphere-authentication add-identity-certifier "$fpr"
62 62
 
63 63
     mark_completed "${FUNCNAME[0]}"
64 64
 }

+ 14
- 14
src/freedombone-utils-network Zobrazit soubor

@@ -62,11 +62,11 @@ function install_static_network {
62 62
     echo '# and how to activate them. For more information, see interfaces(5).' >> /etc/network/interfaces
63 63
     echo 'source /etc/network/interfaces.d/*' >> /etc/network/interfaces
64 64
 
65
-    echo 'auto eth0' > /etc/network/interfaces.d/static
66
-    echo 'iface eth0 inet static' >> /etc/network/interfaces.d/static
67
-    echo "    address $LOCAL_NETWORK_STATIC_IP_ADDRESS" >> /etc/network/interfaces.d/static
68
-    echo '    netmask 255.255.255.0' >> /etc/network/interfaces.d/static
69
-    echo "    gateway $ROUTER_IP_ADDRESS" >> /etc/network/interfaces.d/static
65
+    { echo 'auto eth0';
66
+      echo 'iface eth0 inet static';
67
+      echo "    address $LOCAL_NETWORK_STATIC_IP_ADDRESS";
68
+      echo '    netmask 255.255.255.0';
69
+      echo "    gateway $ROUTER_IP_ADDRESS"; } > /etc/network/interfaces.d/static
70 70
 
71 71
     mark_completed "${FUNCNAME[0]}"
72 72
 }
@@ -77,23 +77,23 @@ function get_external_ipv4_address {
77 77
 
78 78
 function get_ipv4_address {
79 79
     IPv4dev=$(ip route get $IPV4_ADDRESS_TEST_DESTINATION | awk '{for(i=1;i<=NF;i++)if($i~/dev/)print $(i+1)}')
80
-    echo $(ip -o -f inet addr show dev "$IPv4dev" | awk '{print $4}' | awk 'END {print}' | awk -F '/' '{print $1}')
80
+    ip -o -f inet addr show dev "$IPv4dev" | awk '{print $4}' | awk 'END {print}' | awk -F '/' '{print $1}'
81 81
 }
82 82
 
83 83
 function get_ipv6_address {
84 84
     retval=$(ip -6 route get $IPV6_ADDRESS_TEST_DESTINATION 2> /dev/null)
85
-    echo $(echo "$retval" | awk -F " " '{ for(i=1;i<=NF;i++) if ($i == "src") print $(i+1) }')
85
+    echo "$retval" | awk -F " " '{ for(i=1;i<=NF;i++) if ($i == "src") print $(i+1) }'
86 86
 }
87 87
 
88 88
 function update_external_ip {
89 89
     ip_update_script=/usr/bin/externalipupdate
90
-    echo '#!/bin/bash' >> $ip_update_script
91
-    echo "existing_ip=\$(cat $CONFIGURATION_FILE | grep \"EXTERNAL_IPV4_ADDRESS=\" | head -n 1 | awk -F '=' '{print \$2}')'" >> $ip_update_script
92
-    echo "curr_ip=\$(nslookup . $EXTERNAL_IP_LOOKUP_URL | grep Address | tail -n 1 | awk -F ' ' '{print \$2}')" >> $ip_update_script
93
-    echo 'if [[ "$curr_ip" != "$existing_ip" ]]; then' >> $ip_update_script
94
-    echo "  sed -i \"s|EXTERNAL_IPV4_ADDRESS=.*|EXTERNAL_IPV4_ADDRESS=\${curr_ip}|g\" $CONFIGURATION_FILE" >> $ip_update_script
95
-    echo "  echo \"\$(date)\" >> ~/${PROJECT_NAME}-external-ip-changes.txt" >> $ip_update_script
96
-    echo 'fi' >> $ip_update_script
90
+    { echo '#!/bin/bash';
91
+      echo "existing_ip=\$(cat $CONFIGURATION_FILE | grep \"EXTERNAL_IPV4_ADDRESS=\" | head -n 1 | awk -F '=' '{print \$2}')'";
92
+      echo "curr_ip=\$(nslookup . $EXTERNAL_IP_LOOKUP_URL | grep Address | tail -n 1 | awk -F ' ' '{print \$2}')";
93
+      echo "if [[ \"\$curr_ip\" != \"\$existing_ip\" ]]; then";
94
+      echo "  sed -i \"s|EXTERNAL_IPV4_ADDRESS=.*|EXTERNAL_IPV4_ADDRESS=\${curr_ip}|g\" $CONFIGURATION_FILE";
95
+      echo "  echo \"\$(date)\" >> ~/${PROJECT_NAME}-external-ip-changes.txt";
96
+      echo 'fi'; } > $ip_update_script
97 97
 
98 98
     cron_add_mins 10 $ip_update_script
99 99
 }