Merge branch 'stretch' of https://github.com/bashrc/freedombone

doc/EN/debianinstall.org

@@ -28,7 +28,13 @@ git clone https://github.com/bashrc/freedombone
 cd freedombone
 git checkout stretch
 make install
-freedombone makeconfig
+freedombone menuconfig (or freedombone menuconfig-onion)
 #+END_SRC
 
 The installation process will then begin. Depending upon the hardware you're installing onto and your internet connection speed it may take quite a while to install.
+
+Once installed you can then log in from another system with:
+
+#+BEGIN_SRC bash
+ssh yourusername@freedombone.local -p 2222
+#+END_SRC

src/freedombone

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-akaunting

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-cryptpad

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2017-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-dokuwiki

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-etherpad

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2016-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2016-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-friendica

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-gnusocial

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-gogs

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-hubzilla

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-icecast

@@ -17,7 +17,7 @@
 # License
 # =======
 #
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2017-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-jitsi

@@ -15,7 +15,7 @@
 # License
 # =======
 #
-# Copyright (C) 2016-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2016-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-kanboard

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2017-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-keyserver

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2017-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-koel

@@ -14,7 +14,7 @@
 # License
 # =======
 #
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2017-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-lychee

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-mailpile

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2016-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2016-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-matrix

@@ -20,7 +20,7 @@
 # License
 # =======
 #
-# Copyright (C) 2016-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2016-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-mediagoblin

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2016-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2016-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-movim

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2017-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-nextcloud

@@ -15,7 +15,7 @@
 # License
 # =======
 #
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2017-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-peertube

@@ -16,7 +16,7 @@
 # License
 # =======
 #
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2017-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-pelican

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-pleroma

@@ -875,6 +875,9 @@ function install_pleroma {
     if [[ $ONION_ONLY == "no" ]]; then
         function_check nginx_http_redirect
         nginx_http_redirect $PLEROMA_DOMAIN_NAME "index index.html"
+        echo '' >> $pleroma_nginx_site
+        echo 'proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=100m inactive=80m use_temp_path=off;' >> $pleroma_nginx_site
+        echo '' >> $pleroma_nginx_site
         echo 'server {' >> $pleroma_nginx_site
         echo '  listen 443 ssl;' >> $pleroma_nginx_site
         echo '  listen [::]:443 ssl;' >> $pleroma_nginx_site
@@ -902,12 +905,23 @@ function install_pleroma {
         echo '  location / {' >> $pleroma_nginx_site
         function_check nginx_limits
         nginx_limits $PLEROMA_DOMAIN_NAME '15m'
+        echo '    proxy_http_version 1.1;' >> $pleroma_nginx_site
+        echo '    proxy_set_header Upgrade $http_upgrade;' >> $pleroma_nginx_site
+        echo '    proxy_set_header Connection "upgrade";' >> $pleroma_nginx_site
+        echo "    proxy_pass http://localhost:$PLEROMA_PORT;" >> $pleroma_nginx_site
+        echo '  }' >> $pleroma_nginx_site
+        echo '' >> $pleroma_nginx_site
+        echo '  location /proxy {' >> $pleroma_nginx_site
+        nginx_limits $PLEROMA_DOMAIN_NAME '15m'
+        echo '    proxy_cache pleroma_media_cache;' >> $pleroma_nginx_site
+        echo '    proxy_cache_lock on;' >> $pleroma_nginx_site
         echo "    proxy_pass http://localhost:$PLEROMA_PORT;" >> $pleroma_nginx_site
         echo '  }' >> $pleroma_nginx_site
         echo '  # include snippets/well-known.conf;' >> $pleroma_nginx_site
         echo '}' >> $pleroma_nginx_site
     else
-        echo -n '' > $pleroma_nginx_site
+        echo 'proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=100m inactive=80m use_temp_path=off;' >> $pleroma_nginx_site
+        echo '' >> $pleroma_nginx_site
     fi
     echo 'server {' >> $pleroma_nginx_site
     echo "    listen 127.0.0.1:$PLEROMA_ONION_PORT default_server;" >> $pleroma_nginx_site
@@ -929,6 +943,16 @@ function install_pleroma {
     echo '  location / {' >> $pleroma_nginx_site
     function_check nginx_limits
     nginx_limits $PLEROMA_DOMAIN_NAME '15m'
+    echo '      proxy_http_version 1.1;' >> $pleroma_nginx_site
+    echo '      proxy_set_header Upgrade $http_upgrade;' >> $pleroma_nginx_site
+    echo '      proxy_set_header Connection "upgrade";' >> $pleroma_nginx_site
+    echo "      proxy_pass http://localhost:$PLEROMA_PORT;" >> $pleroma_nginx_site
+    echo '  }' >> $pleroma_nginx_site
+    echo '' >> $pleroma_nginx_site
+    echo '  location /proxy {' >> $pleroma_nginx_site
+    nginx_limits $PLEROMA_DOMAIN_NAME '15m'
+    echo '    proxy_cache pleroma_media_cache;' >> $pleroma_nginx_site
+    echo '    proxy_cache_lock on;' >> $pleroma_nginx_site
     echo "    proxy_pass http://localhost:$PLEROMA_PORT;" >> $pleroma_nginx_site
     echo '  }' >> $pleroma_nginx_site
     echo '  # include snippets/well-known.conf;' >> $pleroma_nginx_site

src/freedombone-app-postactiv

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2016-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2016-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-profanity

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2017-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-riot

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2017-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-rss

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by
@@ -149,10 +149,11 @@ function upgrade_rss {
 
 function backup_local_rss {
     if [ -d /etc/share/tt-rss ]; then
-        RSS_READER_DOMAIN_NAME=$(get_completion_param "rss reader domain")
-
         echo $"Backing up ttrss"
 
+        function_check get_mariadb_password
+        get_mariadb_password
+
         function_check backup_database_to_usb
         backup_database_to_usb ttrss
 
@@ -165,10 +166,11 @@ function backup_local_rss {
 function restore_local_rss {
     temp_restore_dir=/root/tempttrss
 
-    function_check rss_create_database
-    rss_create_database
+    function_check get_mariadb_password
+    get_mariadb_password
 
-    restore_database ttrss ${RSS_READER_DOMAIN_NAME}
+    function_check restore_database
+    restore_database ttrss
 
     if [ -d /etc/share/tt-rss ]; then
         if [ -d $temp_restore_dir/etc/share/tt-rss ]; then
@@ -176,6 +178,9 @@ function restore_local_rss {
                 rm -rf /etc/share/tt-rss
                 mv $temp_restore_dir/etc/share/tt-rss /etc/share/
             else
+                if [ ! -d /etc/share/tt-rss ]; then
+                    mkdir -p /etc/share/tt-rss
+                fi
                 cp -r $temp_restore_dir/* /etc/share/tt-rss/
             fi
             if [ ! "$?" = "0" ]; then
@@ -216,7 +221,10 @@ function restore_local_rss {
 function backup_remote_rss {
     if [ -d /etc/share/tt-rss ]; then
         function_check suspend_site
-        suspend_site ${RSS_READER_DOMAIN_NAME}
+        suspend_site ttrss
+
+        function_check get_mariadb_password
+        get_mariadb_password
 
         function_check backup_database_to_friend
         backup_database_to_friend ttrss
@@ -229,7 +237,8 @@ function backup_remote_rss {
         function_check restart_site
         restart_site
     else
-        echo $"RSS reader domain specified but not found in /etc/share/ttrss}"
+        echo $"/etc/share/tt-rss directory not found}"
+        exit 783532
     fi
 }
 
@@ -237,18 +246,20 @@ function restore_remote_rss {
     temp_restore_dir=/root/tempttrss
     if grep -q "rss reader domain" $COMPLETION_FILE; then
         echo $"Restoring ttrss"
-        function_check restore_database_from_friend
-
-        function_check rss_create_database
-        rss_create_database
+        function_check get_mariadb_password
+        get_mariadb_password
 
-        restore_database_from_friend ttrss ${RSS_READER_DOMAIN_NAME}
+        function_check restore_database_from_friend
+        restore_database_from_friend ttrss
 
         if [ -d /etc/share/tt-rss ]; then
             if [ -d $temp_restore_dir/etc/share/tt-rss ]; then
                 rm -rf /etc/share/tt-rss
                 mv $temp_restore_dir/etc/share/tt-rss /etc/share/
             else
+                if [ ! -d /etc/share/tt-rss ]; then
+                    mkdir -p /etc/share/tt-rss
+                fi
                 cp -r $temp_restore_dir/* /etc/share/tt-rss/
             fi
             if [ ! "$?" = "0" ]; then

src/freedombone-app-scuttlebot

@@ -14,7 +14,7 @@
 # License
 # =======
 #
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2017-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-searx

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-smilodon

@@ -1,381 +0,0 @@
-#!/bin/bash
-#
-# .---.                  .              .
-# |                      |              |
-# |--- .--. .-.  .-.  .-.|  .-. .--.--. |.-.  .-. .--.  .-.
-# |    |   (.-' (.-' (   | (   )|  |  | |   )(   )|  | (.-'
-# '    '     --'  --'  -' -  -' '  '   -' -'   -' '   -  --'
-#
-#                    Freedom in the Cloud
-#
-# Smilodon ActivityPub app
-#
-# License
-# =======
-#
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-VARIANTS=''
-
-IN_DEFAULT_INSTALL=0
-SHOW_ON_ABOUT=1
-SHOW_ICANN_ADDRESS_ON_ABOUT=0
-
-SMILODON_REPO="https://github.com/bashrc/smilodon"
-SMILODON_COMMIT='18c91b84737fbb1a106d3c495730ac3261aac335'
-SMILODON_ADMIN_PASSWORD=
-SMILODON_ONION_PORT=8054
-SMILODON_PATH=/etc/smilodon
-SMILODON_SECRET_KEY=
-
-smilodon_variables=(SMILODON_REPO
-                    SMILODON_ADMIN_PASSWORD
-                    USB_MOUNT
-                    SMILODON_SECRET_KEY
-                    MY_EMAIL_ADDRESS
-                    MY_USERNAME)
-
-function logging_on_smilodon {
-    echo -n ''
-}
-
-function logging_off_smilodon {
-    echo -n ''
-}
-
-function remove_user_smilodon {
-    remove_username="$1"
-}
-
-function add_user_smilodon {
-    new_username="$1"
-    new_user_password="$2"
-    echo '0'
-}
-
-function install_interactive_smilodon {
-    echo -n ''
-    APP_INSTALLED=1
-}
-
-function change_password_smilodon {
-    curr_username="$1"
-    new_user_password="$2"
-
-    #${PROJECT_NAME}-pass -u "$curr_username" -a smilodon -p "$new_user_password"
-}
-
-function smilodon_create_database {
-    if [ ! $SMILODON_ADMIN_PASSWORD ]; then
-        return
-    fi
-
-    function_check create_database_mongodb
-    create_database_mongodb smilodon "$SMILODON_ADMIN_PASSWORD" smilodon
-}
-
-function reconfigure_smilodon {
-    echo -n ''
-}
-
-function upgrade_smilodon {
-    CURR_SMILODON_COMMIT=$(get_completion_param "smilodon commit")
-    if [[ "$CURR_SMILODON_COMMIT" == "$SMILODON_COMMIT" ]]; then
-        return
-    fi
-
-    if [[ $(app_is_installed smilodon) == "1" ]]; then
-        systemctl stop smilodon
-        function_check set_repo_commit
-        set_repo_commit $SMILODON_PATH "smilodon commit" "$SMILODON_COMMIT" $SMILODON_REPO
-        chown -R smilodon:smilodon $SMILODON_PATH
-        systemctl start smilodon
-    fi
-
-}
-
-function backup_local_smilodon {
-    if [ ! -d $SMILODON_PATH ]; then
-        return
-    fi
-
-    systemctl stop smilodon
-
-    USE_MONGODB=1
-    function_check backup_database_to_usb
-    backup_database_to_usb smilodon
-
-    backup_directory_to_usb $SMILODON_PATH smilodon
-
-    systemctl start smilodon
-}
-
-function restore_local_smilodon {
-    temp_restore_dir=/root/tempsmilodon
-
-    systemctl stop smilodon
-
-    function_check smilodon_create_database
-    smilodon_create_database
-
-    USE_MONGODB=1
-    restore_database smilodon
-
-    if [ -d ${SMILODON_PATH} ]; then
-        if [ -d $temp_restore_dir${SMILODON_PATH} ]; then
-            if [ -d $temp_restore_dir${SMILODON_PATH} ]; then
-                rm -rf ${SMILODON_PATH}
-                mv $temp_restore_dir$SMILODON_PATH ${SMILODON_PATH}/
-            else
-                cp -r $temp_restore_dir/* ${SMILODON_PATH}/
-            fi
-            if [ ! "$?" = "0" ]; then
-                function_check backup_unmount_drive
-                backup_unmount_drive
-                systemctl start smilodon
-                exit 528823
-            fi
-            chown -R smilodon:smilodon ${SMILODON_PATH}
-        fi
-    fi
-
-    if [ -d $USB_MOUNT/backup/smilodon ]; then
-        chown -R smilodon:smilodon ${SMILODON_PATH}
-        if [ -d $temp_restore_dir ]; then
-            rm -rf $temp_restore_dir
-        fi
-    fi
-
-    systemctl start smilodon
-}
-
-function backup_remote_smilodon {
-    if [ -d $SMILODON_PATH ]; then
-        function_check suspend_site
-        suspend_site smilodon
-
-        systemctl stop smilodon
-
-        USE_MONGODB=1
-        function_check backup_database_to_friend
-        backup_database_to_friend smilodon
-
-        function_check backup_directory_to_friend
-        backup_directory_to_friend $SMILODON_PATH smilodon
-
-        systemctl start smilodon
-
-        function_check restart_site
-        restart_site
-    else
-        echo $"Smilodon domain specified but not found in $SMILODON_PATH"
-    fi
-}
-
-function restore_remote_smilodon {
-    temp_restore_dir=/root/tempsmilodon
-    if grep -q "smilodon domain" $COMPLETION_FILE; then
-        echo $"Restoring smilodon"
-        systemctl stop smilodon
-
-        function_check restore_database_from_friend
-
-        function_check smilodon_create_database
-        smilodon_create_database
-
-        USE_MONGODB=1
-        restore_database_from_friend smilodon
-
-        if [ -d $SMILODON_PATH ]; then
-            if [ -d $temp_restore_dir$SMILODON_PATH ]; then
-                rm -rf $SMILODON_PATH
-                mv $temp_restore_dir$SMILODON_PATH ${SMILODON_PATH}/
-            else
-                cp -r $temp_restore_dir/* ${SMILODON_PATH}/
-            fi
-            if [ ! "$?" = "0" ]; then
-                systemctl start smilodon
-                exit 6391643
-            fi
-        fi
-
-        if [ -d $SERVER_DIRECTORY/backup/smilodon ]; then
-            chown -R smilodon:smilodon ${SMILODON_PATH}
-        fi
-        if [ -d /root/tempsmilodon ]; then
-            rm -rf /root/tempsmilodon
-        fi
-
-        systemctl start smilodon
-
-        echo $"Restore of smilodon complete"
-    fi
-}
-
-function remove_smilodon {
-    nginx_dissite smilodon
-
-    systemctl stop smilodon
-    systemctl disable smilodon
-    rm /etc/systemd/system/smilodon.service
-
-    function_check remove_onion_service
-    remove_onion_service smilodon ${SMILODON_ONION_PORT}
-    if [ -f /etc/nginx/sites-available/smilodon ]; then
-        rm /etc/nginx/sites-available/smilodon
-    fi
-
-    groupdel -f smilodon
-    userdel -r smilodon
-
-    if [ -d $SMILODON_PATH ]; then
-        rm -rf $SMILODON_PATH
-    fi
-
-    function_check remove_mongodb_user
-    remove_mongodb_user smilodon
-
-    function_check drop_database_mongodb
-    drop_database_mongodb smilodon
-
-    function_check remove_mongodb
-    remove_mongodb smilodon
-
-    remove_completion_param install_smilodon
-    sed -i '/smilodon/d' $COMPLETION_FILE
-}
-
-function install_smilodon {
-    apt-get -yq install python3-pip
-
-    if [ -d $SMILODON_PATH ]; then
-        rm -rf $SMILODON_PATH
-    fi
-
-    if [ -d /repos/smilodon ]; then
-        mkdir $SMILODON_PATH
-        cp -r -p /repos/smilodon/. $SMILODON_PATH
-        cd $SMILODON_PATH
-        git pull
-    else
-        function_check git_clone
-        git_clone $SMILODON_REPO $SMILODON_PATH
-    fi
-
-    if [ ! -d $SMILODON_PATH ]; then
-        echo $'Could not clone smilodon repo'
-        exit 6784783
-    fi
-    cd $SMILODON_PATH
-    git checkout $SMILODON_COMMIT -b $SMILODON_COMMIT
-    set_completion_param "smilodon commit" "$SMILODON_COMMIT"
-
-    sed -i 's|https:|http:|g' $SMILODON_PATH/api/utilities.py
-
-    groupadd smilodon
-    useradd -c "Smilodon system account" -d $SMILODON_PATH -m -r -g smilodon smilodon
-
-    SMILODON_ONION_HOSTNAME=$(add_onion_service smilodon 80 ${SMILODON_ONION_PORT})
-
-    if [ ! $SMILODON_SECRET_KEY ]; then
-        SMILODON_SECRET_KEY="$(create_password 30)$(create_password 30)$(create_password 30)$(create_password 30)"
-    fi
-
-    if [ -f $IMAGE_PASSWORD_FILE ]; then
-        SMILODON_ADMIN_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
-    else
-        if [ ! $SMILODON_ADMIN_PASSWORD ]; then
-            SMILODON_ADMIN_PASSWORD="$(create_password ${MINIMUM_PASSWORD_LENGTH})"
-        fi
-    fi
-
-    export smilodon_domain_name=$SMILODON_ONION_HOSTNAME
-    export secret_key="$SMILODON_SECRET_KEY"
-    export mongodb_username='smilodon'
-    export mongodb_password="$SMILODON_ADMIN_PASSWORD"
-    export smilodon_admin_address=$MY_EMAIL_ADDRESS
-    export MAIL_SERVER='localhost'
-    export MAIL_PORT=25
-
-    function_check install_mongodb
-    install_mongodb smilodon
-
-    smilodon_create_database
-
-    pip3 install -r requirements.txt
-    if [ ! "$?" = "0" ]; then
-        echo $'Unable to install smilodon dependencies'
-        exit 87352835
-    fi
-
-    echo 'server {' > /etc/nginx/sites-available/smilodon
-    echo "  listen 127.0.0.1:${SMILODON_ONION_PORT} default_server;" >> /etc/nginx/sites-available/smilodon
-    echo "  server_name $SMILODON_ONION_HOSTNAME;" >> /etc/nginx/sites-available/smilodon
-    echo '' >> /etc/nginx/sites-available/smilodon
-    echo '  access_log /dev/null;' >> /etc/nginx/sites-available/smilodon
-    echo '  error_log /dev/null;' >> /etc/nginx/sites-available/smilodon
-    echo '' >> /etc/nginx/sites-available/smilodon
-    echo '  location / {' >> /etc/nginx/sites-available/smilodon
-    echo '      proxy_pass http://localhost:5000;' >> /etc/nginx/sites-available/smilodon
-    echo '  }' >> /etc/nginx/sites-available/smilodon
-    echo '}' >> /etc/nginx/sites-available/smilodon
-
-    nginx_ensite smilodon
-    systemctl enable mongodb
-    systemctl restart mongodb
-
-    chown -R smilodon:smilodon ${SMILODON_PATH}
-
-    echo '#!/bin/bash' > ${SMILODON_PATH}/run_smilodon.sh
-    echo "cd ${SMILODON_PATH}" >> ${SMILODON_PATH}/run_smilodon.sh
-    echo "export smilodon_domain_name=$SMILODON_ONION_HOSTNAME" >> ${SMILODON_PATH}/run_smilodon.sh
-    echo "export secret_key='$SMILODON_SECRET_KEY'" >> ${SMILODON_PATH}/run_smilodon.sh
-    echo "export mongodb_username='smilodon'" >> ${SMILODON_PATH}/run_smilodon.sh
-    echo "export mongodb_password='$SMILODON_ADMIN_PASSWORD'" >> ${SMILODON_PATH}/run_smilodon.sh
-    echo "export smilodon_admin_address=$MY_EMAIL_ADDRESS" >> ${SMILODON_PATH}/run_smilodon.sh
-    echo "export MAIL_SERVER='localhost'" >> ${SMILODON_PATH}/run_smilodon.sh
-    echo "export MAIL_PORT=25" >> ${SMILODON_PATH}/run_smilodon.sh
-    echo "export API_NAME=$SMILODON_ONION_HOSTNAME" >> ${SMILODON_PATH}/run_smilodon.sh
-    echo "python3 run.py" >> ${SMILODON_PATH}/run_smilodon.sh
-    chmod +x ${SMILODON_PATH}/run_smilodon.sh
-    chown smilodon:smilodon ${SMILODON_PATH}/run_smilodon.sh
-
-    echo '[Unit]' > /etc/systemd/system/smilodon.service
-    echo 'Description=Smilodon ActivityPub messenger' >> /etc/systemd/system/smilodon.service
-    echo 'After=network.target mongodb.service' >> /etc/systemd/system/smilodon.service
-    echo 'After=tor.service' >> /etc/systemd/system/smilodon.service
-    echo '' >> /etc/systemd/system/smilodon.service
-    echo '[Service]' >> /etc/systemd/system/smilodon.service
-    echo 'User=smilodon' >> /etc/systemd/system/smilodon.service
-    echo 'Group=smilodon' >> /etc/systemd/system/smilodon.service
-    echo "WorkingDirectory=${SMILODON_PATH}/" >> /etc/systemd/system/smilodon.service
-    echo "ExecStart=${SMILODON_PATH}/run_smilodon.sh" >> /etc/systemd/system/smilodon.service
-    echo 'Restart=on-failure' >> /etc/systemd/system/smilodon.service
-    echo 'RestartSec=10' >> /etc/systemd/system/smilodon.service
-    echo '' >> /etc/systemd/system/smilodon.service
-    echo '[Install]' >> /etc/systemd/system/smilodon.service
-    echo 'WantedBy=multi-user.target' >> /etc/systemd/system/smilodon.service
-    systemctl enable smilodon
-    systemctl daemon-reload
-    systemctl start smilodon
-    systemctl restart nginx
-
-    ${PROJECT_NAME}-pass -u $MY_USERNAME -a smilodon -p "$SMILODON_ADMIN_PASSWORD"
-
-    APP_INSTALLED=1
-}
-
-# NOTE: deliberately no exit 0

src/freedombone-app-tahoelafs

@@ -15,7 +15,7 @@
 # License
 # =======
 #
-# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-vpn

@@ -16,7 +16,7 @@
 # License
 # =======
 #
-# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-wekan

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2017-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-app-xmpp

@@ -10,10 +10,14 @@
 #
 # XMPP functions
 #
+# The two directories for prosody modules seem necessary.
+# Trying to remove /usr/lib/prosody/modules causes problems, and that's
+# part of the package install.
+#
 # License
 # =======
 #
-# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-base-email

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-client

@@ -36,7 +36,6 @@ CURR_GROUP=$USER
 if [ -f /usr/bin/pacman ]; then
     CURR_GROUP='users'
 fi
-MESH_CLIENT_INSTALL=
 ENABLE_MONKEYSPHERE=
 
 # setup for a specific app
@@ -211,7 +210,7 @@ function configure_monkeysphere {
 
 function show_help {
     echo ''
-    echo $"${PROJECT_NAME}-client --mesh [yes|no] --monkeysphere [yes|no]"
+    echo $"${PROJECT_NAME}-client --monkeysphere [yes|no]"
     echo ''
     exit 0
 }
@@ -319,10 +318,6 @@ do
             verify_ssh_server_key
             exit 0
             ;;
-        -m|--mesh)
-            shift
-            MESH_CLIENT_INSTALL=${1}
-            ;;
         --monkeysphere|--ms|--monkey)
             shift
             ENABLE_MONKEYSPHERE=${1}
@@ -342,12 +337,5 @@ configure_ssh_client
 global_rate_limit
 configure_monkeysphere
 remove_known_hosts_entries
-if [[ $MESH_CLIENT_INSTALL == $'yes' || $MESH_CLIENT_INSTALL == $'y' || $MESH_CLIENT_INSTALL == $'on' ]]; then
-    echo $'Installing mesh packages'
-    sudo ${PROJECT_NAME}-mesh-install -f tox_node
-    sudo ${PROJECT_NAME}-mesh-install -f toxic
-    ${PROJECT_NAME}-mesh-install -f qtox
-    sudo ${PROJECT_NAME}-mesh-install -f zeronet
-fi
 echo $'Configuration complete'
 exit 0

src/freedombone-config

@@ -14,7 +14,7 @@
 # License
 # =======
 #
-# Copyright (C) 2015-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2015-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-controlpanel

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2015-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2015-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by
@@ -166,6 +166,7 @@ function any_key_verify {
             fi
             ;;
     esac
+    rm $data
 }
 
 function get_app_icann_address {
@@ -304,7 +305,7 @@ function view_or_change_passwords {
             fi
             ;;
     esac
-
+    rm $data
 }
 
 function check_for_updates {
@@ -330,19 +331,23 @@ function add_user {
            2> $data
     sel=$?
     case $sel in
-        1) return;;
-        255) return;;
+        1) rm $data
+           return;;
+        255) rm $data
+             return;;
     esac
     new_user_username=$(cat $data | sed -n 1p)
     new_user_ssh_public_key=$(cat $data | sed -n 2p)
     if [ ${#new_user_username} -lt 2 ]; then
         dialog --title $"New username" \
                --msgbox $"No username was given" 6 40
+        rm $data
         return
     fi
     if [[ "$new_user_username" == *" "* ]]; then
         dialog --title $"Invalid username" \
                --msgbox $"The username should not contain any spaces" 6 40
+        rm $data
         return
     fi
     if [ ${#new_user_ssh_public_key} -lt 20 ]; then
@@ -359,6 +364,7 @@ function add_user {
                    --msgbox $"This does not look like an ssh public key" 6 40
         fi
     fi
+    rm $data
 }
 
 function pad_string {
@@ -742,6 +748,7 @@ function change_ssh_public_key {
             fi
             ;;
     esac
+    rm $data
 }
 
 function remove_user_from_mailing_list {
@@ -848,8 +855,10 @@ function add_to_mailing_list {
            2> $data
     sel=$?
     case $sel in
-        1) return;;
-        255) return;;
+        1)  rm $data
+            return;;
+        255) rm $data
+             return;;
     esac
     LIST_NAME=$(cat $data | sed -n 1p)
     LIST_SUBJECT=$(cat $data | sed -n 2p)
@@ -867,12 +876,14 @@ function add_to_mailing_list {
     if [ ${#LIST_NAME} -lt 2 ]; then
         dialog --title $"Add mailing list" \
                --msgbox $"No mailing list name was given" 6 40
+        rm $data
         return
     fi
     if [ ${#LIST_SUBJECT} -lt 2 ]; then
         if [ ${#LIST_EMAIL} -lt 2 ]; then
             dialog --title $"Add mailing list" \
                    --msgbox $"No mailing list subject or address was given" 6 40
+            rm $data
             return
         fi
     fi
@@ -883,6 +894,7 @@ function add_to_mailing_list {
         if [[ "$LIST_EMAIL" != *"@"* || "$LIST_EMAIL" != *"."* ]]; then
             dialog --title $"Add mailing list" \
                    --msgbox $"Unrecognised email address" 6 40
+            rm $data
             return
         else
             ${PROJECT_NAME}-addlist -u $SELECTED_USERNAME -l "$LIST_NAME" \
@@ -892,6 +904,7 @@ function add_to_mailing_list {
 
     dialog --title $"Add mailing list" \
            --msgbox $"$LIST_NAME list was added" 6 40
+    rm $data
 }
 
 function email_rule {
@@ -910,8 +923,10 @@ function email_rule {
            2> $data
     sel=$?
     case $sel in
-        1) return;;
-        255) return;;
+        1) rm $data
+           return;;
+        255) rm $data
+             return;;
     esac
     RULE_EMAIL=$(cat $data | sed -n 1p)
     RULE_FOLDER=$(cat $data | sed -n 2p)
@@ -928,16 +943,19 @@ function email_rule {
     if [ ${#RULE_EMAIL} -lt 2 ]; then
         dialog --title $"Add email rule" \
                --msgbox $"No email address was given" 6 40
+        rm $data
         return
     fi
     if [ ${#RULE_FOLDER} -lt 2 ]; then
         dialog --title $"Add email rule" \
                --msgbox $"No folder name was given" 6 40
+        rm $data
         return
     fi
     if [[ "$RULE_EMAIL" != *"@"* || "$RULE_EMAIL" != *"."* ]]; then
         dialog --title $"Add email rule" \
                --msgbox $"Unrecognised email address" 6 40
+        rm $data
         return
     fi
 
@@ -945,6 +963,7 @@ function email_rule {
                    -g "$RULE_FOLDER" --public $RULE_PUBLIC
     dialog --title $"Add email rule" \
            --msgbox $"Email rule for $RULE_EMAIL was added" 6 40
+    rm $data
 }
 
 function block_unblock_email {
@@ -963,19 +982,23 @@ function block_unblock_email {
            2> $data
     sel=$?
     case $sel in
-        1) return;;
-        255) return;;
+        1) rm $data
+           return;;
+        255) rm $data
+             return;;
     esac
     BLOCK_EMAIL=$(cat $data | sed -n 1p)
     BLOCK=$(cat $data | sed -n 2p)
     if [ ${#BLOCK_EMAIL} -lt 2 ]; then
         dialog --title $"Block/Unblock an email" \
                --msgbox $"No email address was given" 6 40
+        rm $data
         return
     fi
     if [[ "$BLOCK_EMAIL" != *"@"* || "$BLOCK_EMAIL" != *"."* ]]; then
         dialog --title $"Block/Unblock an email" \
                --msgbox $"Unrecognised email address" 6 40
+        rm $data
         return
     fi
     if [[ $BLOCK == "y"* || $BLOCK == "Y"* ]]; then
@@ -987,6 +1010,7 @@ function block_unblock_email {
         dialog --title $"Unblock an email" \
                --msgbox "Email from $BLOCK_EMAIL to $SELECTED_USERNAME unblocked" 6 75
     fi
+    rm $data
 }
 
 function block_unblock_subject {
@@ -1005,14 +1029,17 @@ function block_unblock_subject {
            2> $data
     sel=$?
     case $sel in
-        1) return;;
-        255) return;;
+        1) rm $data
+           return;;
+        255) rm $data
+             return;;
     esac
     BLOCK_SUBJECT=$(cat $data | sed -n 1p)
     BLOCK=$(cat $data | sed -n 2p)
     if [ ${#BLOCK_SUBJECT} -lt 2 ]; then
         dialog --title $"Block/Unblock an email" \
                --msgbox $"No subject was given" 6 40
+        rm $data
         return
     fi
     if [[ $BLOCK == "y"* || $BLOCK == "Y"* ]]; then
@@ -1024,6 +1051,7 @@ function block_unblock_subject {
         dialog --title $"Unblock an email" \
                --msgbox "Email with subject $BLOCK_SUBJECT to $SELECTED_USERNAME unblocked" 6 40
     fi
+    rm $data
 }
 
 function create_keydrive_master {
@@ -1226,18 +1254,21 @@ function restore_data_remote {
             friend_server_domain_name=$(<$data)
 
             if [ ${#friend_server_domain_name} -lt 2 ]; then
+                rm $data
                 return
             fi
 
             if [[ $friend_server_domain_name != *"."* ]]; then
                 dialog --title $"Remote server domain name" \
                        --msgbox $"Invalid domain name" 6 40
+                rm $data
                 return
             fi
 
             restore_data_from_storage $friend_server_domain_name
             ;;
     esac
+    rm $data
 }
 
 function ping_enable_disable {
@@ -1387,8 +1418,10 @@ function format_drive {
            --yesno $"\nPlease confirm that you wish to format drive\n\n    ${USB_DRIVE}\n\nAll current data on the drive will be lost, and you will be prompted to give a password used to encrypt the drive.\n\nDANGER: If you screw up here and format the wrong drive it's your own fault!" 16 60
     sel=$?
     case $sel in
-        1) return;;
-        255) return;;
+        1) rm $data
+           return;;
+        255) rm $data
+             return;;
     esac
 
     clear
@@ -1397,6 +1430,7 @@ function format_drive {
     echo ''
     ${PROJECT_NAME}-format $USB_DRIVE
     any_key
+    rm $data
 }
 
 function remove_backups {
@@ -1409,13 +1443,16 @@ function remove_backups {
            --yesno $"\nPlease confirm that you wish to remove backups from this drive\n\n    ${drive}\n\nYou will not be able to recover them afterwards." 12 60
     sel=$?
     case $sel in
-        1) return;;
-        255) return;;
+        1) rm $data
+           return;;
+        255) rm $data
+             return;;
     esac
 
     clear
     ${PROJECT_NAME}-backup-local $USB_DRIVE remove
     any_key
+    rm $data
 }
 
 function shut_down_system {
@@ -1465,6 +1502,7 @@ function change_system_name {
            fi
            ;;
     esac
+    rm $data
 }
 
 function set_dynamic_IP {
@@ -1515,11 +1553,14 @@ Enter a static local IP address for this system.\n\nIt will typically be ${IPv4_
         0) NEW_STATIC_IP=$(<$data)
            if [[ "$NEW_STATIC_IP" != *"."* ]]; then
                set_dynamic_IP
+               rm $data
                return
            fi
            ;;
-        1) return;;
+        1) rm $data
+           return;;
     esac
+    rm $data
 
     # get the gateway
     data=$(tempfile 2>/dev/null)
@@ -1531,10 +1572,12 @@ Enter a static local IP address for this system.\n\nIt will typically be ${IPv4_
     case $sel in
         0) NEW_STATIC_GATEWAY=$(<$data)
            if [[ "$NEW_STATIC_GATEWAY" != *"."* ]]; then
+               rm $data
                return
            fi
            ;;
-        1) return;;
+        1) rm $data
+           return;;
     esac
 
     if [[ "$NEW_STATIC_GATEWAY" == *"."* && "$NEW_STATIC_IP" == *"."* ]]; then
@@ -1604,6 +1647,7 @@ Enter a static local IP address for this system.\n\nIt will typically be ${IPv4_
             esac
         fi
     fi
+    rm $data
 }
 
 function wifi_settings {
@@ -1662,8 +1706,10 @@ function hotspot_settings {
            2> $data
     sel=$?
     case $sel in
-        1) return;;
-        255) return;;
+        1) rm $data
+           return;;
+        255) rm $data
+             return;;
     esac
     TEMP_WIFI_HOTSPOT=$(cat $data | sed -n 1p)
     TEMP_WIFI_SSID=$(cat $data | sed -n 2p)
@@ -1671,9 +1717,11 @@ function hotspot_settings {
     TEMP_WIFI_PASSPHRASE=$(cat $data | sed -n 4p)
 
     if [ ${#TEMP_WIFI_SSID} -lt 2 ]; then
+        rm $data
         return
     fi
     if [ ${#TEMP_WIFI_TYPE} -lt 2 ]; then
+        rm $data
         return
     fi
 
@@ -1691,11 +1739,13 @@ function hotspot_settings {
         if [ ! $TEMP_WIFI_PASSPHRASE ]; then
             dialog --title $"Wifi Settings" \
                    --msgbox $"No wifi hotspot passphrase was given" 6 40
+            rm $data
             return
         fi
         if [ ${#TEMP_WIFI_PASSPHRASE} -lt 2 ]; then
             dialog --title $"Wifi Settings" \
                    --msgbox $"Wifi hotspot passphrase was too short" 6 40
+            rm $data
             return
         fi
 
@@ -1726,6 +1776,7 @@ function hotspot_settings {
 
     dialog --title $"Wifi Settings" \
            --msgbox $"Hotspot settings were changed" 6 40
+    rm $data
 }
 
 function reinstall_mariadb {
@@ -1792,6 +1843,7 @@ function email_extra_domains {
             fi
             ;;
     esac
+    rm $data
 }
 
 function email_smtp_proxy {
@@ -1823,6 +1875,7 @@ function email_smtp_proxy {
     SMTP_PROXY_PORT=$(cat $data | sed -n 4p)
     SMTP_PROXY_USERNAME=$(cat $data | sed -n 5p)
     SMTP_PROXY_PASSWORD=$(cat $data | sed -n 6p)
+    rm $data
 
     # change muttrc
     if [ $SMTP_PROXY_ENABLE != $'no' ]; then
@@ -1868,8 +1921,10 @@ function menu_backup_restore {
                11 $"Back to main menu" on 2> $data
         sel=$?
         case $sel in
-            1) break;;
-            255) break;;
+            1) rm $data
+               break;;
+            255) rm $data
+                 break;;
         esac
         case $(cat $data) in
             1) backup_data;;
@@ -1884,6 +1939,7 @@ function menu_backup_restore {
             10) remove_backups;;
             11) break;;
         esac
+        rm $data
     done
 }
 
@@ -1905,8 +1961,10 @@ function menu_email {
                8 $"Back to main menu" on 2> $data
         sel=$?
         case $sel in
-            1) break;;
-            255) break;;
+            1) rm $data
+               break;;
+            255) rm $data
+                 break;;
         esac
         case $(cat $data) in
             1) add_to_mailing_list;;
@@ -1918,6 +1976,7 @@ function menu_email {
             7) email_extra_domains;;
             8) break;;
         esac
+        rm $data
     done
 }
 
@@ -1945,6 +2004,7 @@ function domain_blocking_add {
             fi
             ;;
     esac
+    rm $data
 }
 
 function ip_blocking_add {
@@ -1968,6 +2028,7 @@ function ip_blocking_add {
             fi
             ;;
     esac
+    rm $data
 }
 
 function domain_blocking_remove {
@@ -1994,6 +2055,7 @@ function domain_blocking_remove {
             fi
             ;;
     esac
+    rm $data
 }
 
 function ip_blocking_remove {
@@ -2017,6 +2079,7 @@ function ip_blocking_remove {
             fi
             ;;
     esac
+    rm $data
 }
 
 function domain_blocking_show {
@@ -2049,8 +2112,10 @@ function domain_blocking {
                6 $"Back to main menu" on 2> $data
         sel=$?
         case $sel in
-            1) break;;
-            255) break;;
+            1) rm $data
+               break;;
+            255) rm $data
+                 break;;
         esac
         case $(cat $data) in
             1) domain_blocking_add;;
@@ -2058,8 +2123,10 @@ function domain_blocking {
             3) ip_blocking_add;;
             4) ip_blocking_remove;;
             5) domain_blocking_show;;
-            6) break;;
+            6) rm $data
+               break;;
         esac
+        rm $data
     done
 }
 
@@ -2079,8 +2146,10 @@ function menu_users {
                6 $"Back to main menu" on 2> $data
         sel=$?
         case $sel in
-            1) break;;
-            255) break;;
+            1) rm $data
+               break;;
+            255) rm $data
+                 break;;
         esac
         case $(cat $data) in
             1) add_user;;
@@ -2088,8 +2157,10 @@ function menu_users {
             3) change_password;;
             4) change_ssh_public_key;;
             5) reset_password_tries;;
-            6) break;;
+            6) rm $data
+               break;;
         esac
+        rm $data
     done
 }
 
@@ -2172,16 +2243,20 @@ function menu_wifi {
                5 $"Exit" on 2> $data
         sel=$?
         case $sel in
-            1) break;;
-            255) break;;
+            1) rm $data
+               break;;
+            255) rm $data
+                 break;;
         esac
         case $(cat $data) in
             1) wifi_enable;;
             2) wifi_settings;;
             3) wifi_edit_networks;;
             4) hotspot_settings;;
-            5) break;;
+            5) rm $data
+               break;;
         esac
+        rm $data
     done
 }
 
@@ -2256,8 +2331,10 @@ function menu_top_level {
                22 $"Exit" on 2> $data
         sel=$?
         case $sel in
-            1) exit 1;;
-            255) exit 1;;
+            1) rm $data
+               exit 1;;
+            255) rm $data
+                 exit 1;;
         esac
         please_wait
         case $(cat $data) in
@@ -2287,8 +2364,10 @@ function menu_top_level {
             19) check_for_updates;;
             20) shut_down_system;;
             21) restart_system;;
-            22) break;;
+            22) rm $data
+                break;;
         esac
+        rm $data
     done
 }
 

src/freedombone-controlpanel-user

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2016 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by
@@ -169,8 +169,10 @@ function add_to_mailing_list {
            2> $data
     sel=$?
     case $sel in
-        1) return;;
-        255) return;;
+        1) rm $data
+           return;;
+        255) rm $data
+             return;;
     esac
     LIST_NAME=$(cat $data | sed -n 1p)
     LIST_SUBJECT=$(cat $data | sed -n 2p)
@@ -188,12 +190,14 @@ function add_to_mailing_list {
     if [ ${#LIST_NAME} -lt 2 ]; then
         dialog --title $"Add mailing list" \
                --msgbox $"No mailing list name was given" 6 40
+        rm $data
         return
     fi
     if [ ${#LIST_SUBJECT} -lt 2 ]; then
         if [ ${#LIST_EMAIL} -lt 2 ]; then
             dialog --title $"Add mailing list" \
                    --msgbox $"No mailing list subject or address was given" 6 40
+            rm $data
             return
         fi
     fi
@@ -204,6 +208,7 @@ function add_to_mailing_list {
         if [[ "$LIST_EMAIL" != *"@"* || "$LIST_EMAIL" != *"."* ]]; then
             dialog --title $"Add mailing list" \
                    --msgbox $"Unrecognised email address" 6 40
+            rm $data
             return
         else
             ${PROJECT_NAME}-addlist -u $USER -l "$LIST_NAME" \
@@ -213,6 +218,7 @@ function add_to_mailing_list {
 
     dialog --title $"Add mailing list" \
            --msgbox $"$LIST_NAME list was added" 6 40
+    rm $data
 }
 
 function email_rule_address {
@@ -227,8 +233,10 @@ function email_rule_address {
            2> $data
     sel=$?
     case $sel in
-        1) return;;
-        255) return;;
+        1) rm $data
+           return;;
+        255) rm $data
+             return;;
     esac
     RULE_EMAIL=$(cat $data | sed -n 1p)
     RULE_FOLDER=$(cat $data | sed -n 2p)
@@ -245,16 +253,19 @@ function email_rule_address {
     if [ ${#RULE_EMAIL} -lt 2 ]; then
         dialog --title $"Create an email rule" \
                --msgbox $"No email address was given" 6 40
+        rm $data
         return
     fi
     if [ ${#RULE_FOLDER} -lt 2 ]; then
         dialog --title $"Create an email rule" \
                --msgbox $"No folder name was given" 6 40
+        rm $data
         return
     fi
     if [[ "$RULE_EMAIL" != *"@"* || "$RULE_EMAIL" != *"."* ]]; then
         dialog --title $"Create an email rule" \
                --msgbox $"Unrecognised email address" 6 40
+        rm $data
         return
     fi
 
@@ -262,6 +273,7 @@ function email_rule_address {
                    -g "$RULE_FOLDER" --public $RULE_PUBLIC
     dialog --title $"Create an email rule" \
            --msgbox $"Email rule for $RULE_EMAIL was added" 6 40
+    rm $data
 }
 
 function gpg_set_trust {
@@ -281,8 +293,10 @@ function gpg_set_trust {
                5 $"I trust ultimately" off 2> $data
         sel=$?
         case $sel in
-            1) return;;
-            255) return;;
+            1) rm $data
+               return;;
+            255) rm $data
+                 return;;
         esac
         TRUST_LEVEL=$(cat $data)
         if [ ${TRUST_LEVEL} -ge 1 ] ; then
@@ -296,6 +310,7 @@ function gpg_set_trust {
                 fi
             fi
         fi
+        rm $data
     fi
 }
 
@@ -311,8 +326,10 @@ function email_rule_subject {
            2> $data
     sel=$?
     case $sel in
-        1) return;;
-        255) return;;
+        1) rm $data
+           return;;
+        255) rm $data
+             return;;
     esac
     RULE_SUBJECT=$(cat $data | sed -n 1p)
     RULE_FOLDER=$(cat $data | sed -n 2p)
@@ -329,11 +346,13 @@ function email_rule_subject {
     if [ ${#RULE_SUBJECT} -lt 2 ]; then
         dialog --title $"Create an email rule" \
                --msgbox $"No subject text was given" 6 40
+        rm $data
         return
     fi
     if [ ${#RULE_FOLDER} -lt 2 ]; then
         dialog --title $"Create an email rule" \
                --msgbox $"No folder name was given" 6 40
+        rm $data
         return
     fi
 
@@ -341,6 +360,7 @@ function email_rule_subject {
                    -g "$RULE_FOLDER" --public $RULE_PUBLIC
     dialog --title $"Create an email rule" \
            --msgbox $"Email rule for subject '$RULE_SUBJECT' was added" 6 40
+    rm $data
 }
 
 function block_unblock_email {
@@ -355,8 +375,10 @@ function block_unblock_email {
            2> $data
     sel=$?
     case $sel in
-        1) return;;
-        255) return;;
+        1) rm $data
+           return;;
+        255) rm $data
+             return;;
     esac
     BLOCK_EMAIL=$(cat $data | sed -n 1p)
     BLOCK=$(cat $data | sed -n 2p)
@@ -368,6 +390,7 @@ function block_unblock_email {
     if [[ "$BLOCK_EMAIL" != *"@"* || "$BLOCK_EMAIL" != *"."* ]]; then
         dialog --title "$blockstr" \
                --msgbox $"Unrecognised email address" 6 40
+        rm $data
         return
     fi
     if [[ $BLOCK == "y"* || $BLOCK == "Y"* ]]; then
@@ -379,6 +402,7 @@ function block_unblock_email {
         dialog --title $"Unblock an email" \
                --msgbox "Email from $BLOCK_EMAIL is now unblocked" 6 75
     fi
+    rm $data
 }
 
 function block_unblock_subject {
@@ -393,14 +417,17 @@ function block_unblock_subject {
            2> $data
     sel=$?
     case $sel in
-        1) return;;
-        255) return;;
+        1) rm $data
+           return;;
+        255) rm $data
+             return;;
     esac
     BLOCK_SUBJECT=$(cat $data | sed -n 1p)
     BLOCK=$(cat $data | sed -n 2p)
     if [ ${#BLOCK_SUBJECT} -lt 2 ]; then
         dialog --title "$blockstr" \
                --msgbox $"No subject was given" 6 40
+        rm $data
         return
     fi
     if [[ $BLOCK == "y"* || $BLOCK == "Y"* ]]; then
@@ -412,6 +439,7 @@ function block_unblock_subject {
         dialog --title $"Unblock an email" \
                --msgbox $"Email with subject $BLOCK_SUBJECT is now unblocked" 6 40
     fi
+    rm $data
 }
 
 function show_gpg_key {
@@ -530,6 +558,7 @@ function remove_gpg_key {
             fi
             ;;
     esac
+    rm $data
 }
 
 function add_ssh_key {
@@ -568,6 +597,7 @@ function add_ssh_key {
             fi
             ;;
     esac
+    rm $data
 }
 
 function remove_ssh_key {
@@ -590,6 +620,7 @@ function remove_ssh_key {
             fi
             ;;
     esac
+    rm $data
 }
 
 function smtp_proxy {
@@ -631,8 +662,10 @@ function smtp_proxy {
            2> $data
     sel=$?
     case $sel in
-        1) return;;
-        255) return;;
+        1) rm $data
+           return;;
+        255) rm $data
+             return;;
     esac
     SMTP_PROXY_ENABLE=$(cat $data | sed -n 1p)
     SMTP_PROXY_PROTOCOL=$(cat $data | sed -n 2p)
@@ -654,6 +687,7 @@ function smtp_proxy {
             sed -i 's|set smtp_url|#set smtp_url|g' $MUTTRC_FILE
         fi
     fi
+    rm $data
 }
 
 function sign_gpg_key {
@@ -682,6 +716,7 @@ function sign_gpg_key {
             fi
             ;;
     esac
+    rm $data
 }
 
 
@@ -702,6 +737,7 @@ function gpg_key_trust {
             fi
             ;;
     esac
+    rm $data
 }
 
 function menu_encryption_keys {
@@ -725,8 +761,10 @@ function menu_encryption_keys {
                11 $"Back to main menu" on 2> $data
         sel=$?
         case $sel in
-            1) break;;
-            255) break;;
+            1) rm $data
+               break;;
+            255) rm $data
+                 break;;
         esac
         case $(cat $data) in
             1) show_gpg_key;;
@@ -739,8 +777,10 @@ function menu_encryption_keys {
             8) add_ssh_key;;
             9) remove_ssh_key;;
             10) gpg_key_trust;;
-            11) break;;
+            11) rm $data
+                break;;
         esac
+        rm $data
     done
 }
 
@@ -761,8 +801,10 @@ function menu_email {
                7 $"Back to main menu" on 2> $data
         sel=$?
         case $sel in
-            1) break;;
-            255) break;;
+            1) rm $data
+               break;;
+            255) rm $data
+                 break;;
         esac
         case $(cat $data) in
             1) add_to_mailing_list;;
@@ -771,8 +813,10 @@ function menu_email {
             4) email_rule_subject;;
             5) block_unblock_email;;
             6) block_unblock_subject;;
-            7) break;;
+            7) rm $data
+               break;;
         esac
+        rm $data
     done
 }
 
@@ -857,8 +901,10 @@ function menu_top_level {
                9 $"Log out" on 2> $data
         sel=$?
         case $sel in
-            1) exit 1;;
-            255) exit 1;;
+            1) rm $data
+               exit 1;;
+            255) rm $data
+                 exit 1;;
         esac
         case $(cat $data) in
             1) mutt;;
@@ -868,9 +914,11 @@ function menu_top_level {
             5) menu_encryption_keys;;
             6) smtp_proxy;;
             7) menu_admin;;
-            8) break;;
+            8) rm $data
+               break;;
             9) kill -HUP `pgrep -s 0 -o`;;
         esac
+        rm $data
     done
 }
 

src/freedombone-freedns

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2016-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2016-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-image-customise

@@ -909,7 +909,7 @@ initialise_mesh() {
     chroot "$rootdir" apt-get -yq install apt-transport-https
 
     # install tor as a possible way of routing traffic between internet gateways
-    chroot "$rootdir" apt-get -yq install tor
+    chroot "$rootdir" apt-get -yq -t stretch-backports install tor
 
     # dhcp daemon for hotspot on secondary wifi adapter
     chroot "$rootdir" apt-get -yq install dnsmasq

src/freedombone-keydrive

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2015-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2015-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-mesh-batman

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2015-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2015-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-pass

@@ -22,7 +22,7 @@
 # License
 # =======
 #
-# Copyright (C) 2016-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2016-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-prepare-scripts

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2017-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-upgrade

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2015-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2015-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by
@@ -97,6 +97,12 @@ if [ -d $PROJECT_DIR ]; then
         email_install_tls
         email_disable_chunking
         #defrag_filesystem
+
+        # reinstall tor from backports
+        tor_version=$(tor --version)
+        if [[ "$tor_version" == *' 0.2'* ]]; then
+            echo 'N' | apt-get -yq -t stretch-backports install tor
+        fi
     fi
 fi
 

src/freedombone-utils-backup

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by
@@ -255,6 +255,7 @@ function backup_database_local_usb {
     else
         USE_MONGODB=
         USE_POSTGRESQL=
+        cd /etc/postgresql
         sudo -u postgres pg_dump ${1} > ${local_database_dir}/${1}.${database_file_extension}
     fi
     if [ -f ${local_database_dir}/${1}.${database_file_extension} ]; then
@@ -278,14 +279,6 @@ function backup_database_local_usb {
     echo $"Database dump was created for ${1}"
 }
 
-function set_obnam_client_name {
-    # obnam can backup multiple machines with different domain names to
-    # a repository. To be able to restore directories from different
-    # machines we need to enforce a single client name for all backups
-    echo '[config]' > /etc/obnam.conf
-    echo "client-name = ${PROJECT_NAME}" >> /etc/obnam.conf
-}
-
 function backup_directory_to_usb_duplicity {
     create_backups_temp_directory
     echo "$BACKUP_DUMMY_PASSWORD" | duplicity full --gpg-options "$BACKUP_GPG_OPTIONS" --tempdir $BACKUP_TEMP_DIRECTORY --encrypt-key $MY_BACKUP_KEY_ID --full-if-older-than 4W --exclude-other-filesystems ${1} file://$USB_MOUNT/backup/${2}
@@ -319,38 +312,6 @@ function backup_directory_to_usb_duplicity {
     remove_backups_temp_directory
 }
 
-function backup_directory_to_usb_obnam {
-    set_obnam_client_name
-    echo "$BACKUP_DUMMY_PASSWORD" | obnam force-lock -r $USB_MOUNT/backup/${2} --encrypt-with $MY_BACKUP_KEY_ID ${1}
-    echo "$BACKUP_DUMMY_PASSWORD" | obnam backup -r $USB_MOUNT/backup/${2} --encrypt-with $MY_BACKUP_KEY_ID ${1}
-    if [[ $ENABLE_BACKUP_VERIFICATION == "yes" ]]; then
-        echo "$BACKUP_DUMMY_PASSWORD" | obnam verify -r $USB_MOUNT/backup/${2} --encrypt-with $MY_BACKUP_KEY_ID ${1}
-        if [ ! "$?" = "0" ]; then
-            umount $USB_MOUNT
-            rm -rf $USB_MOUNT
-            if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then
-                shred -zu ${1}/*
-                rm -rf ${1}
-            fi
-            function_check restart_site
-            restart_site
-            exit 683252
-        fi
-    fi
-    echo "$BACKUP_DUMMY_PASSWORD" | obnam forget --keep=30d -r $USB_MOUNT/backup/${2} --encrypt-with $MY_BACKUP_KEY_ID
-    if [ ! "$?" = "0" ]; then
-        umount $USB_MOUNT
-        rm -rf $USB_MOUNT
-        if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then
-            shred -zu ${1}/*
-            rm -rf ${1}
-        fi
-        function_check restart_site
-        restart_site
-        exit 7
-    fi
-}
-
 function backup_directory_to_usb {
     if [ ! -d ${1} ]; then
         echo $"WARNING: directory does not exist: ${1}"
@@ -369,7 +330,6 @@ function backup_directory_to_usb {
         fi
 
         backup_directory_to_usb_duplicity ${1} ${2}
-        #backup_directory_to_usb_obnam ${1} ${2}
 
         if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then
             shred -zu ${1}/*
@@ -378,11 +338,6 @@ function backup_directory_to_usb {
     fi
 }
 
-function restore_directory_from_usb_obnam {
-    set_obnam_client_name
-    echo "$BACKUP_DUMMY_PASSWORD" | obnam restore -r $USB_MOUNT/backup/${2} --to ${1}
-}
-
 function restore_directory_from_usb_duplicity {
     create_backups_temp_directory
     PASSPHRASE="$BACKUP_DUMMY_PASSWORD" duplicity restore --gpg-options "$BACKUP_GPG_OPTIONS" --tempdir $BACKUP_TEMP_DIRECTORY --force file://$USB_MOUNT/backup/${2} ${1}
@@ -408,12 +363,6 @@ function restore_directory_from_usb {
         mkdir ${1}
     fi
     restore_directory_from_usb_duplicity ${1} ${2}
-    #restore_directory_from_usb_obnam ${1} ${2}
-}
-
-function restore_directory_from_friend_obnam {
-    set_obnam_client_name
-    echo "$BACKUP_DUMMY_PASSWORD" | obnam restore -r $SERVER_DIRECTORY/backup/${2} --to ${1}
 }
 
 function restore_directory_from_friend_duplicity {
@@ -425,12 +374,10 @@ function restore_directory_from_friend_duplicity {
 
 function restore_directory_from_friend {
     if [ ! ${1} ]; then
-        echo "obnam restore -r $SERVER_DIRECTORY/backup/${2} --to ${1}"
         echo $'No restore destination given'
         return
     fi
     if [ ! ${2} ]; then
-        echo "obnam restore -r $SERVER_DIRECTORY/backup/${2} --to ${1}"
         echo $'No restore source given'
         return
     fi
@@ -438,7 +385,6 @@ function restore_directory_from_friend {
         mkdir ${1}
     fi
     restore_directory_from_friend_duplicity ${1} ${2}
-    #restore_directory_from_friend_obnam ${1} ${2}
 }
 
 function backup_database_to_usb {
@@ -492,38 +438,6 @@ function backup_directory_to_friend_duplicity {
     remove_backups_temp_directory
 }
 
-function backup_directory_to_friend_obnam {
-    set_obnam_client_name
-    echo "$BACKUP_DUMMY_PASSWORD" | obnam force-lock -r $SERVER_DIRECTORY/backup/${2} --encrypt-with ${ADMIN_BACKUP_KEY_ID} ${1}
-    echo "$BACKUP_DUMMY_PASSWORD" | obnam backup -r $SERVER_DIRECTORY/backup/${2} --encrypt-with ${ADMIN_BACKUP_KEY_ID} ${1}
-    if [[ $ENABLE_VERIFICATION == "yes" ]]; then
-        echo "$BACKUP_DUMMY_PASSWORD" | obnam verify -r $SERVER_DIRECTORY/backup/${2} --encrypt-with ${ADMIN_BACKUP_KEY_ID} ${1}
-        if [ ! "$?" = "0" ]; then
-            if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then
-                shred -zu /root/temp${2}/*
-                rm -rf /root/temp${2}
-            fi
-            # Send a warning email
-            echo "Unable to verify ${2}" | mail -s "${PROJECT_NAME} backup to friends" ${ADMIN_EMAIL_ADDRESS}
-            function_check restart_site
-            restart_site
-            exit 953
-        fi
-    fi
-    echo "$BACKUP_DUMMY_PASSWORD" | obnam forget --keep=30d -r $SERVER_DIRECTORY/backup/${2} --encrypt-with ${ADMIN_BACKUP_KEY_ID}
-    if [ ! "$?" = "0" ]; then
-        if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then
-            shred -zu /root/temp${2}/*
-            rm -rf /root/temp${2}
-        fi
-        # Send a warning email
-        echo "Unable to backup ${2}" | mail -s "${PROJECT_NAME} backup to friends" ${ADMIN_EMAIL_ADDRESS}
-        function_check restart_site
-        restart_site
-        exit 853
-    fi
-}
-
 function backup_directory_to_friend {
     BACKUP_KEY_EXISTS=$(gpg --list-keys "$ADMIN_NAME (backup key)")
     if [ ! "$?" = "0" ]; then
@@ -539,7 +453,6 @@ function backup_directory_to_friend {
     fi
 
     backup_directory_to_friend_duplicity ${1} ${2}
-    #backup_directory_to_friend_obnam ${1} ${2}
 
     if [[ ${1} == "/root/temp"* || ${1} == *"tempbackup" ]]; then
         shred -zu /root/temp${2}/*
@@ -585,6 +498,7 @@ function backup_database_remote {
     else
         USE_MONGODB=
         USE_POSTGRESQL=
+        cd /etc/postgresql
         sudo -u postgres pg_dump ${1} > ${local_database_dir}/${1}.${database_file_extension}
     fi
 
@@ -669,7 +583,7 @@ function restore_database_from_friend {
     DATABASE_PASSWORD=
     RESTORE_SUBDIR="root"
 
-    if [ -d $SERVER_DIRECTORY/backup/${1} ]; then
+    if [ -d $SERVER_DIRECTORY/backup/${1}data ]; then
         database_file_extension='sql'
         if [ $USE_MONGODB ]; then
             database_file_extension='mdb'
@@ -701,6 +615,7 @@ function restore_database_from_friend {
         else
             USE_MONGODB=
             USE_POSTGRESQL=
+            cd /etc/postgresql
             mysqlsuccess=$(sudo -u postgres pg_restore ${database_file})
         fi
         if [ ! "$?" = "0" ]; then
@@ -751,6 +666,9 @@ function restore_database_from_friend {
                 fi
             fi
         fi
+    else
+        echo $"No database backup found for ${1}"
+        exit 6239353
     fi
 }
 
@@ -759,7 +677,7 @@ function restore_database {
     restore_app_name=$1
     restore_app_domain=$2
 
-    if [ -d $USB_MOUNT/backup/${restore_app_name} ]; then
+    if [ -d $USB_MOUNT/backup/${restore_app_name}data ]; then
         echo $"Restoring ${restore_app_name} database"
         local_database_dir=/root/temp${restore_app_name}data
         if [ -d ${local_database_dir} ]; then
@@ -790,6 +708,7 @@ function restore_database {
                 USE_MONGODB=
                 USE_POSTGRESQL=
                 keep_database_running
+                cp $database_file ~/test.sql
                 mysqlsuccess=$(mysql -u root --password="$DATABASE_PASSWORD" ${restore_app_name} -o < $database_file)
             else
                 USE_MONGODB=
@@ -799,6 +718,7 @@ function restore_database {
         else
             USE_MONGODB=
             USE_POSTGRESQL=
+            cd /etc/postgresql
             mysqlsuccess=$(sudo -u postgres pg_restore $database_file)
         fi
         if [ ! "$?" = "0" ]; then
@@ -859,6 +779,11 @@ function restore_database {
                 fi
             fi
         fi
+    else
+        echo $"No database backup found for ${restore_app_name}"
+        set_user_permissions
+        backup_unmount_drive
+        exit 7357224
     fi
 }
 

src/freedombone-utils-database

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-utils-firewall

@@ -15,7 +15,7 @@
 # License
 # =======
 #
-# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-utils-gnusocialtools

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2017-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-utils-gpg

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2016-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2016-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-utils-guile

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2017-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-utils-meteor

@@ -14,7 +14,7 @@
 # License
 # =======
 #
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2017-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-utils-mongodb

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2017-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-utils-nodejs

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-utils-onion

@@ -270,7 +270,7 @@ function install_tor {
         return
     fi
 
-    apt-get -yq install tor
+    apt-get -yq -t stretch-backports install tor
     if [ ! -f /etc/tor/torrc ]; then
         echo 'Tor failed to install'
         exit 38259

src/freedombone-utils-postgresql

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2017-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-utils-setup

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by
@@ -545,7 +545,7 @@ function disable_ctrl_alt_del {
 
 function lockdown_permissions {
     if [ -d /root/.npm ]; then
-        find /root/.npm -name package.json -exec chmod 700 {} \;
+        chmod -R 700 /root/.npm
     fi
 
     # All commands owned by root
@@ -593,6 +593,9 @@ function lockdown_permissions {
         if [ -d /usr/lib/node_modules ]; then
             chmod -R 750 /usr/lib/node_modules/*
         fi
+        if [ -d /usr/lib/prosody ]; then
+            chown -R prosody:prosody /usr/lib/prosody
+        fi
     fi
     if [ -d /usr/lib64 ]; then
         chown -R root:root /usr/lib64/*

src/freedombone-utils-ssh

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

src/freedombone-utils-web

@@ -13,7 +13,7 @@
 # License
 # =======
 #
-# Copyright (C) 2014-2017 Bob Mottram <bob@freedombone.net>
+# Copyright (C) 2014-2018 Bob Mottram <bob@freedombone.net>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by

tests/check-libs-owner.sh

@@ -22,7 +22,7 @@ if [ -d "/lib64" ];then
 fi
 if [ -d "/usr/lib" ];then
 
-    COUNT=$(find -L /usr/lib  \! -user root  -exec ls -l {} \; |wc -l)
+    COUNT=$(find -L /usr/lib -path /usr/lib/prosody -prune -o \! -user root  -exec ls -l {} \; |wc -l)
 
     if [ $COUNT -eq 0 ];then
         :

tests/output.sh

@@ -254,7 +254,7 @@ an administrator.\n\n######################\n\n' >> $LOG
               fi
               ;;
     V-51391)  if [ "$3" = "en" ]; then
-                  log_msg $2 'A file integrity baseline must be created.'
+                  log_msg $2 'A file integrity baseline must be created. Reset the tripwire from the administrator control panel.'
               else
                   log_msg $2 '必须创建文件完整性基线。'
               fi
@@ -487,7 +487,7 @@ time, are stored in the following directories by default:\n\n/lib\n/lib64\n/usr/
               fi
               find -L /lib  \! -user root  -exec ls -l {} \; | grep -v '> /dev/null'
               find -L /lib64  \! -user root  -exec ls -l {} \;
-              find -L /usr/lib  \! -user root  -exec ls -l {} \;
+              find -L /usr/lib -path /usr/lib/prosody -prune -o \! -user root  -exec ls -l {} \;
               if [ -d /usr/lib64 ]; then
                   find -L /usr/lib64  \! -user root  -exec ls -l {} \;
               fi

website/EN/debianinstall.html

@@ -3,10 +3,10 @@
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
 <head>
-<!-- 2017-06-25 Sun 23:22 -->
+<!-- 2018-01-23 Tue 20:50 -->
 <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
 <meta name="viewport" content="width=device-width, initial-scale=1" />
-<title></title>
+<title>&lrm;</title>
 <meta name="generator" content="Org mode" />
 <meta name="author" content="Bob Mottram" />
 <meta name="description" content="How to install Freedombone onto an existing Debian system"
@@ -257,20 +257,29 @@ It's still possible to install the system onto these unsupported devices if you
 </p>
 
 <div class="org-src-container">
-<pre><code class="src src-bash">su
+<pre class="src src-bash">su
 apt-get update
 apt-get -qy install build-essential git dialog
 git clone https://github.com/bashrc/freedombone
 <span class="org-builtin">cd</span> freedombone
 git checkout stretch
 make install
-freedombone makeconfig
-</code></pre>
+freedombone menuconfig (or freedombone menuconfig-onion)
+</pre>
 </div>
 
 <p>
 The installation process will then begin. Depending upon the hardware you're installing onto and your internet connection speed it may take quite a while to install.
 </p>
+
+<p>
+Once installed you can then log in from another system with:
+</p>
+
+<div class="org-src-container">
+<pre class="src src-bash">ssh yourusername@freedombone.local -p 2222
+</pre>
+</div>
 </div>
 <div id="postamble" class="status">