freedombone-controlpanel 76KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340
  1. #!/bin/bash
  2. #
  3. # .---. . .
  4. # | | |
  5. # |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-.
  6. # | | (.-' (.-' ( | ( )| | | | )( )| | (.-'
  7. # ' ' --' --' -' - -' ' ' -' -' -' ' - --'
  8. #
  9. # Freedom in the Cloud
  10. #
  11. # Administrator control panel for the Freedombone system
  12. #
  13. # License
  14. # =======
  15. #
  16. # Copyright (C) 2015-2018 Bob Mottram <bob@freedombone.net>
  17. #
  18. # This program is free software: you can redistribute it and/or modify
  19. # it under the terms of the GNU Affero General Public License as published by
  20. # the Free Software Foundation, either version 3 of the License, or
  21. # (at your option) any later version.
  22. #
  23. # This program is distributed in the hope that it will be useful,
  24. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  25. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  26. # GNU Affero General Public License for more details.
  27. #
  28. # You should have received a copy of the GNU Affero General Public License
  29. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  30. PROJECT_NAME='freedombone'
  31. export TEXTDOMAIN=${PROJECT_NAME}-controlpanel
  32. export TEXTDOMAINDIR="/usr/share/locale"
  33. if [[ $USER != 'root' ]]; then
  34. # show the user version of the control panel
  35. #${PROJECT_NAME}-controlpanel-user
  36. controluser
  37. exit 0
  38. fi
  39. function please_wait {
  40. local str width height length
  41. width=$(tput cols)
  42. height=$(tput lines)
  43. str=$"Please wait"
  44. length=${#str}
  45. clear
  46. tput cup $((height / 2)) $(((width / 2) - (length / 2)))
  47. echo "$str"
  48. tput cup $((height * 3 / 5)) $(((width / 2)))
  49. echo -n ''
  50. }
  51. please_wait
  52. # Start including files
  53. source /usr/local/bin/${PROJECT_NAME}-vars
  54. UTILS_FILES="/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-*"
  55. for f in $UTILS_FILES
  56. do
  57. source "$f"
  58. done
  59. APP_FILES="/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-*"
  60. for f in $APP_FILES
  61. do
  62. source "$f"
  63. done
  64. # End including files
  65. COMPLETION_FILE="$HOME/${PROJECT_NAME}-completed.txt"
  66. SELECTED_USERNAME=
  67. ADMIN_USER=
  68. UPGRADE_SCRIPT_NAME="${PROJECT_NAME}-upgrade"
  69. UPDATE_DATE_SCRIPT=/usr/bin/updatedate
  70. # Minimum number of characters in a password
  71. MINIMUM_PASSWORD_LENGTH=$(grep 'MINIMUM_PASSWORD_LENGTH=' "/usr/share/${PROJECT_NAME}/utils/${PROJECT_NAME}-utils-passwords" | head -n 1 | awk -F '=' '{print $2}')
  72. # Mumble
  73. MUMBLE_PORT=64738
  74. MUMBLE_ONION_PORT=8095
  75. SSH_PORT=2222
  76. # outgoing SMTP proxy
  77. SMTP_PROXY_ENABLE=$'no'
  78. SMTP_PROXY_PROTOCOL='smtps'
  79. SMTP_PROXY_SERVER='mail.myispdomain'
  80. SMTP_PROXY_PORT=465
  81. SMTP_PROXY_USERNAME=''
  82. SMTP_PROXY_PASSWORD=''
  83. WIFI_INTERFACE=wlan0
  84. WIFI_SSID=
  85. WIFI_TYPE='wpa2-psk'
  86. WIFI_PASSPHRASE=
  87. WIFI_HOTSPOT='no'
  88. WIFI_NETWORKS_FILE="$HOME/${PROJECT_NAME}-wifi.cfg"
  89. USB_DRIVE=sdb
  90. # get default USB from config file
  91. CONFIGURATION_FILE="$HOME/${PROJECT_NAME}.cfg"
  92. read_config_param WIFI_HOTSPOT
  93. read_config_param WIFI_INTERFACE
  94. read_config_param WIFI_TYPE
  95. read_config_param WIFI_SSID
  96. read_config_param WIFI_PASSPHRASE
  97. read_config_param SSH_PORT
  98. read_config_param SMTP_PROXY_ENABLE
  99. read_config_param SMTP_PROXY_PROTOCOL
  100. read_config_param SMTP_PROXY_SERVER
  101. read_config_param SMTP_PROXY_PORT
  102. read_config_param SMTP_PROXY_USERNAME
  103. read_config_param SMTP_PROXY_PASSWORD
  104. read_config_param USB_DRIVE
  105. read_config_param MY_USERNAME
  106. read_config_param ONION_ONLY
  107. if [[ $USB_DRIVE == *"dev"* ]]; then
  108. USB_DRIVE=$(echo ${USB_DRIVE} | awk -F '/' '{print $3}' | sed 's|1||g' | sed 's|2||g')
  109. fi
  110. function any_key {
  111. echo ''
  112. read -n1 -rsp $"Press any key to continue..." key
  113. }
  114. function any_key_verify {
  115. echo ''
  116. read -n1 -rsp $"Press any key to continue or C to check a hash..." key
  117. if [[ "$key" != 'c' && "$key" != 'C' ]]; then
  118. return
  119. fi
  120. data=$(mktemp 2>/dev/null)
  121. dialog --title $"Check tripwire hash" \
  122. --backtitle $"Freedombone Control Panel" \
  123. --inputbox $"Paste your tripwire hash below and it will be checked against the current database" 12 60 2>"$data"
  124. sel=$?
  125. case $sel in
  126. 0)
  127. GIVEN_HASH=$(<"$data")
  128. if [ ${#GIVEN_HASH} -gt 8 ]; then
  129. if [[ "$GIVEN_HASH" == *' '* ]]; then
  130. dialog --title $"Check tripwire" \
  131. --msgbox $"\\nThe hash should not contain any spaces" 10 40
  132. else
  133. DBHASH=$(sha512sum "/var/lib/tripwire/${HOSTNAME}.twd" | awk -F ' ' '{print $1}')
  134. if [[ "$DBHASH" == "$GIVEN_HASH" ]]; then
  135. dialog --title $"Check tripwire" \
  136. --msgbox $"\\nSuccess\\n\\nThe hash you gave matches the current tripwire database" 10 40
  137. else
  138. dialog --title $"Check tripwire" \
  139. --msgbox $"\\nFailed\\n\\nThe hash you gave does not match the current tripwire database. This might be because you reset the tripwire, or there could have been an unauthorised modification of the system" 12 50
  140. fi
  141. fi
  142. fi
  143. ;;
  144. esac
  145. rm -f "$data"
  146. }
  147. function get_app_icann_address {
  148. app_name="$1"
  149. if grep -q "${app_name} domain" "$COMPLETION_FILE"; then
  150. grep "${app_name} domain" "${COMPLETION_FILE}" | head -n 1 | awk -F ':' '{print $2}'
  151. return
  152. else
  153. app_name_upper="$(echo "$app_name" | tr '[:lower:]' '[:upper:]')_DOMAIN_NAME"
  154. if [ "$app_name_upper" ]; then
  155. param_value=$(grep "${app_name_upper}=" "$CONFIGURATION_FILE" | head -n 1 | awk -F '=' '{print $2}')
  156. if [ "${param_value}" ]; then
  157. echo "${param_value}"
  158. return
  159. fi
  160. fi
  161. fi
  162. echo "${DEFAULT_DOMAIN_NAME}"
  163. }
  164. function passwords_select_user {
  165. SELECTED_USERNAME=
  166. # shellcheck disable=SC2207
  167. users_array=($(ls /home))
  168. delete=(git)
  169. # shellcheck disable=SC2068
  170. for del in ${delete[@]}
  171. do
  172. # shellcheck disable=SC2206
  173. users_array=(${users_array[@]/$del})
  174. done
  175. i=0
  176. W=()
  177. name=()
  178. # shellcheck disable=SC2068
  179. for u in ${users_array[@]}
  180. do
  181. if [[ $(is_valid_user "$u") == "1" ]]; then
  182. i=$((i+1))
  183. W+=("$i" "$u")
  184. name+=("$u")
  185. fi
  186. done
  187. if [ $i -eq 1 ]; then
  188. SELECTED_USERNAME="${name[0]}"
  189. else
  190. user_index=$(dialog --backtitle $"Freedombone Control Panel" --title $"Select User" --menu $"Select one of the following:" 24 40 17 "${W[@]}" 3>&2 2>&1 1>&3)
  191. # shellcheck disable=SC2181
  192. if [ $? -eq 0 ]; then
  193. SELECTED_USERNAME="${name[$((user_index-1))]}"
  194. fi
  195. fi
  196. }
  197. function passwords_show_apps {
  198. SELECTED_APP=
  199. i=0
  200. W=()
  201. name=()
  202. for a in "${APPS_AVAILABLE[@]}"
  203. do
  204. if [[ $(function_exists "change_password_${a}") == "1" ]]; then
  205. i=$((i+1))
  206. W+=("$i" "$a")
  207. name+=("$a")
  208. fi
  209. done
  210. i=$((i+1))
  211. W+=("$i" "mariadb")
  212. name+=("mariadb")
  213. selected_app_index=$(dialog --backtitle $"Freedombone Control Panel" --title $"Select App" --menu $"Select one of the following:" 24 40 17 "${W[@]}" 3>&2 2>&1 1>&3)
  214. # shellcheck disable=SC2181
  215. if [ $? -eq 0 ]; then
  216. SELECTED_APP="${name[$((selected_app_index-1))]}"
  217. fi
  218. }
  219. function reset_password_tries {
  220. passwords_select_user
  221. if [ ! "$SELECTED_USERNAME" ]; then
  222. return
  223. fi
  224. pam_tally --user "$SELECTED_USERNAME" --reset
  225. dialog --title $"Reset password tries" \
  226. --msgbox $"Password tries have been reset for $SELECTED_USERNAME" 6 60
  227. }
  228. function view_or_change_passwords {
  229. passwords_select_user
  230. if [ ! "$SELECTED_USERNAME" ]; then
  231. return
  232. fi
  233. detect_installed_apps
  234. passwords_show_apps
  235. if [ ! "$SELECTED_APP" ]; then
  236. return
  237. fi
  238. CURR_PASSWORD=$("${PROJECT_NAME}-pass" -u "${SELECTED_USERNAME}" -a "${SELECTED_APP}")
  239. icann_address=$(get_app_icann_address "${SELECTED_APP}")
  240. onion_address=$(get_app_onion_address "${SELECTED_APP}")
  241. titlestr=$"View or Change Password"
  242. if [ ${#onion_address} -gt 0 ]; then
  243. viewstr=$"${SELECTED_APP} password for ${SELECTED_USERNAME} on $icann_address or $onion_address\\n\\nCopy or change it if you wish."
  244. else
  245. viewstr=$"${SELECTED_APP} password for ${SELECTED_USERNAME} on $icann_address\\n\\nCopy or change it if you wish."
  246. fi
  247. if [ -f /root/.nostore ]; then
  248. titlestr=$"Change Password"
  249. if [ ${#onion_address} -gt 0 ]; then
  250. viewstr=$"Change the ${SELECTED_APP} password for ${SELECTED_USERNAME} on $icann_address or $onion_address."
  251. else
  252. viewstr=$"Change the ${SELECTED_APP} password for ${SELECTED_USERNAME} on $icann_address."
  253. fi
  254. fi
  255. if [[ "${SELECTED_APP}" == 'mariadb' ]]; then
  256. CURR_PASSWORD=$("${PROJECT_NAME}-pass" -u root -a mariadb)
  257. dialog --title $"MariaDB database password" \
  258. --msgbox "\\n ${CURR_PASSWORD}" 7 40
  259. return
  260. fi
  261. data=$(mktemp 2>/dev/null)
  262. dialog --title "$titlestr" \
  263. --backtitle $"Freedombone Control Panel" \
  264. --inputbox "$viewstr" 12 75 "$CURR_PASSWORD" 2>"$data"
  265. sel=$?
  266. case $sel in
  267. 0)
  268. CURR_PASSWORD=$(<"$data")
  269. if [ ${#CURR_PASSWORD} -gt 8 ]; then
  270. "${PROJECT_NAME}-pass" -u "${SELECTED_USERNAME}" -a "${SELECTED_APP}" -p "${CURR_PASSWORD}"
  271. "change_password_${SELECTED_APP}" "${SELECTED_USERNAME}" "${CURR_PASSWORD}"
  272. dialog --title $"Change password" \
  273. --msgbox $"The password was changed" 6 40
  274. else
  275. dialog --title $"Change password" \
  276. --msgbox $"The password given must be at least 8 characters" 6 40
  277. fi
  278. ;;
  279. esac
  280. rm -f "$data"
  281. }
  282. function check_for_updates {
  283. if [ ! -f "/etc/cron.weekly/$UPGRADE_SCRIPT_NAME" ]; then
  284. dialog --title $"Check for updates" \
  285. --msgbox $"Upgrade script was not found" 6 40
  286. return
  287. fi
  288. clear
  289. /etc/cron.weekly/$UPGRADE_SCRIPT_NAME
  290. any_key
  291. }
  292. function add_user {
  293. data=$(mktemp 2>/dev/null)
  294. dialog --backtitle $"Freedombone Control Panel" \
  295. --title $"Add new user" \
  296. --form "\\n" 8 60 3 \
  297. $"Username:" 1 1 "" 1 28 16 15 \
  298. $"ssh public key (optional):" 2 1 "" 2 28 40 10000 \
  299. 2> "$data"
  300. sel=$?
  301. case $sel in
  302. 1) rm -f "$data"
  303. return;;
  304. 255) rm -f "$data"
  305. return;;
  306. esac
  307. new_user_username=$(sed -n 1p < "$data")
  308. new_user_ssh_public_key=$(sed -n 2p < "$data")
  309. rm -f "$data"
  310. if [ ${#new_user_username} -lt 2 ]; then
  311. dialog --title $"New username" \
  312. --msgbox $"No username was given" 6 40
  313. return
  314. fi
  315. if [[ "$new_user_username" == *" "* ]]; then
  316. dialog --title $"Invalid username" \
  317. --msgbox $"The username should not contain any spaces" 6 40
  318. return
  319. fi
  320. if [ ${#new_user_ssh_public_key} -lt 20 ]; then
  321. clear
  322. "${PROJECT_NAME}-adduser" "$new_user_username"
  323. any_key
  324. else
  325. if [[ "$new_user_ssh_public_key" == "ssh-"* ]]; then
  326. clear
  327. "${PROJECT_NAME}-adduser" "$new_user_username" "$new_user_ssh_public_key"
  328. any_key
  329. else
  330. dialog --title $"ssh public key" \
  331. --msgbox $"This does not look like an ssh public key" 6 40
  332. fi
  333. fi
  334. }
  335. function pad_string {
  336. echo -n -e "$1" | sed -e :a -e 's/^.\{1,25\}$/& /;ta'
  337. }
  338. function show_domains {
  339. read_config_param "DEFAULT_DOMAIN_NAME"
  340. echo 'Domains'
  341. echo '======='
  342. echo ''
  343. echo -n -e "$(pad_string 'Name')"
  344. echo -n -e "$(pad_string 'ICANN')"
  345. echo -n -e "$(pad_string 'Tor')"
  346. echo ''
  347. echo '--------------------------------------------------------------------------'
  348. if grep -q "ssh onion domain" "$COMPLETION_FILE"; then
  349. echo -n -e "$(pad_string 'ssh')"
  350. echo -n -e "$(pad_string "${DEFAULT_DOMAIN_NAME}")"
  351. grep 'ssh onion domain' "${COMPLETION_FILE}" | awk -F ':' '{print $2}'
  352. fi
  353. if grep -q "email onion domain" "$COMPLETION_FILE"; then
  354. echo -n -e "$(pad_string 'Email')"
  355. echo -n -e "$(pad_string "${DEFAULT_DOMAIN_NAME}")"
  356. grep 'email onion domain' "${COMPLETION_FILE}" | awk -F ':' '{print $2}'
  357. fi
  358. if grep -q "sks onion domain" "$COMPLETION_FILE"; then
  359. read_config_param "KEYSERVER_DOMAIN_NAME"
  360. echo -n -e "$(pad_string 'SKS')"
  361. echo -n -e "$(pad_string "${KEYSERVER_DOMAIN_NAME}")"
  362. grep 'sks onion domain' "${COMPLETION_FILE}" | awk -F ':' '{print $2}'
  363. fi
  364. for app_name in "${APPS_INSTALLED_NAMES[@]}"
  365. do
  366. if ! grep -q "SHOW_ON_ABOUT=1" "/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-${app_name}"; then
  367. continue
  368. fi
  369. # handle the foibles of capitalisation
  370. if ! grep -q "${app_name} domain" "$COMPLETION_FILE"; then
  371. app_name_upper=$(echo "${app_name}" | awk '{print toupper($0)}')
  372. if grep -q "${app_name_upper} domain" "$COMPLETION_FILE"; then
  373. app_name=${app_name_upper}
  374. else
  375. app_name_first_upper="$(tr '[:lower:]' '[:upper:]' <<< "${app_name:0:1}")${app_name:1}"
  376. if grep -q "${app_name_first_upper} domain" "$COMPLETION_FILE"; then
  377. app_name=${app_name_first_upper}
  378. fi
  379. fi
  380. fi
  381. if [ ${#app_name} -gt 0 ]; then
  382. icann_address=$(get_app_icann_address "$app_name")
  383. if grep -q "SHOW_ICANN_ADDRESS_ON_ABOUT=0" "/usr/share/${PROJECT_NAME}/apps/${PROJECT_NAME}-app-${app_name}"; then
  384. icann_address='-'
  385. fi
  386. if [[ "$ONION_ONLY" != 'no' ]]; then
  387. if [[ "${icann_address}" != "${LOCAL_NAME}.local" ]]; then
  388. icann_address='-'
  389. fi
  390. fi
  391. onion_address=$(get_app_onion_address "$app_name")
  392. if [ ${#onion_address} -eq 0 ]; then
  393. onion_address="-"
  394. fi
  395. echo -n -e "$(pad_string "${app_name}")"
  396. echo -n -e "$(pad_string "${icann_address}")"
  397. echo "${onion_address}"
  398. if grep -q "mobile${app_name} onion domain" "$COMPLETION_FILE"; then
  399. onion_address=$(get_app_onion_address "${app_name}" "mobile")
  400. echo -n -e "$(pad_string "${app_name} (mobile)")"
  401. echo -n -e "$(pad_string "${icann_address}")"
  402. echo "${onion_address}"
  403. fi
  404. fi
  405. done
  406. if grep -q "rss reader domain" "$COMPLETION_FILE"; then
  407. if [ -d /var/lib/tor/hidden_service_ttrss ]; then
  408. echo -n -e "$(pad_string 'RSS reader')"
  409. RSSDOM='-'
  410. echo -n -e "$(pad_string ${RSSDOM})"
  411. echo -n "$(cat /var/lib/tor/hidden_service_ttrss/hostname)"
  412. echo ''
  413. fi
  414. if [ -d /var/lib/tor/hidden_service_mobilerss ]; then
  415. echo -n -e "$(pad_string 'RSS mobile')"
  416. RSSMOBILEDOM='-'
  417. echo -n -e "$(pad_string ${RSSMOBILEDOM})"
  418. echo -n "$(cat /var/lib/tor/hidden_service_mobilerss/hostname)"
  419. echo ''
  420. fi
  421. fi
  422. echo ''
  423. }
  424. function show_users {
  425. echo 'Users'
  426. echo '====='
  427. echo ''
  428. echo -n -e "$(pad_string 'Name')"
  429. echo -n -e "$(pad_string 'Data')"
  430. echo ''
  431. echo '----------------------------------'
  432. for d in /home/*/ ; do
  433. USRNAME=$(echo "$d" | awk -F '/' '{print $3}')
  434. if [[ $(is_valid_user "$USRNAME") == "1" ]]; then
  435. echo -n -e "$(pad_string "${USRNAME}")"
  436. # size of the home directory
  437. du -s -h "/home/${USRNAME}" | awk -F ' ' '{print $1}'
  438. fi
  439. done
  440. echo ''
  441. }
  442. function show_tahoelafs {
  443. if [ ! -f /home/tahoelafs/storage/private/storage.furl ]; then
  444. return
  445. fi
  446. echo 'Tahoe-LAFS Storage Node'
  447. echo '======================='
  448. echo ''
  449. echo "Hostname: $(get_tahoelafs_storage_hostname)"
  450. echo "Public key: $(get_tahoelafs_public_key)"
  451. echo "Nickname: $(get_tahoelafs_nick)"
  452. echo "FURL: $(get_tahoelafs_furl)"
  453. echo ''
  454. }
  455. function show_ip_addresses {
  456. echo $'IP/DNS addresses'
  457. echo '================'
  458. echo ''
  459. echo -n "IPv4: $(get_ipv4_address)/$(get_external_ipv4_address)"
  460. ipv6_address="$(get_ipv6_address)"
  461. if [ ${#ipv6_address} -gt 0 ]; then
  462. echo " IPv6: ${ipv6_address}"
  463. fi
  464. echo ''
  465. echo ''
  466. }
  467. function show_tor_bridges {
  468. bridges_list=$(grep "Bridge " /etc/tor/torrc | grep -v '##')
  469. if [ ${#bridges_list} -gt 0 ]; then
  470. echo $'Tor Bridges'
  471. echo '==========='
  472. echo ''
  473. echo "${bridges_list}"
  474. echo ''
  475. echo ''
  476. fi
  477. if ! grep -q "#BridgeRelay" /etc/tor/torrc; then
  478. if grep -q "BridgeRelay 1" /etc/tor/torrc; then
  479. read_config_param 'TOR_BRIDGE_PORT'
  480. read_config_param 'TOR_BRIDGE_NICKNAME'
  481. if [ ${#TOR_BRIDGE_NICKNAME} -gt 0 ]; then
  482. echo "Tor bridge on this system"
  483. echo '========================='
  484. echo ''
  485. echo "IP Address: $(get_ipv4_address)"
  486. echo "Port: ${TOR_BRIDGE_PORT}"
  487. echo "Nickname: ${TOR_BRIDGE_NICKNAME}"
  488. echo ''
  489. echo ''
  490. fi
  491. fi
  492. fi
  493. }
  494. function show_ssh_public_key {
  495. echo $'SSH Public Keys'
  496. echo '==============='
  497. echo ''
  498. get_ssh_server_key
  499. echo ''
  500. echo ''
  501. }
  502. function show_tahoelafs_introducer {
  503. INTRODUCER_FILENAME=/home/tahoelafs/data/private/introducer.furl
  504. if [ ! -f $INTRODUCER_FILENAME ]; then
  505. return
  506. fi
  507. echo $'Tahoe-LAFS introducer'
  508. echo '====================='
  509. echo ''
  510. cat $INTRODUCER_FILENAME
  511. echo ''
  512. echo ''
  513. }
  514. function show_about {
  515. detect_apps
  516. get_apps_installed_names
  517. clear
  518. echo "==== ${PROJECT_NAME} version ${VERSION} ($DEBIAN_VERSION) ===="
  519. echo ''
  520. show_ip_addresses
  521. show_tor_bridges
  522. show_ssh_public_key
  523. show_domains
  524. show_tahoelafs
  525. show_users
  526. any_key
  527. }
  528. function select_user {
  529. SELECTED_USERNAME=
  530. # shellcheck disable=SC2207
  531. users_array=($(ls /home))
  532. delete=(git)
  533. # shellcheck disable=SC2068
  534. for del in ${delete[@]}
  535. do
  536. # shellcheck disable=SC2206
  537. users_array=(${users_array[@]/$del})
  538. done
  539. i=0
  540. W=()
  541. name=()
  542. # shellcheck disable=SC2068
  543. for u in ${users_array[@]}
  544. do
  545. if [[ $(is_valid_user "$u") == "1" ]]; then
  546. i=$((i+1))
  547. W+=("$i" "$u")
  548. name+=("$u")
  549. fi
  550. done
  551. if [ $i -eq 1 ]; then
  552. SELECTED_USERNAME="${name[0]}"
  553. else
  554. user_index=$(dialog --backtitle $"Freedombone Control Panel" --title $"Select User" --menu $"Select one of the following:" 24 40 17 "${W[@]}" 3>&2 2>&1 1>&3)
  555. # shellcheck disable=SC2181
  556. if [ $? -eq 0 ]; then
  557. SELECTED_USERNAME="${name[$((user_index-1))]}"
  558. fi
  559. fi
  560. }
  561. function delete_user {
  562. select_user
  563. if [ ! "$SELECTED_USERNAME" ]; then
  564. return
  565. fi
  566. if grep -Fxq "Admin user:$SELECTED_USERNAME" "$COMPLETION_FILE"; then
  567. dialog --title $"Administrator user" \
  568. --msgbox $"You can't delete the administrator user" 6 40
  569. return
  570. fi
  571. clear
  572. "${PROJECT_NAME}-rmuser" "$SELECTED_USERNAME"
  573. any_key
  574. }
  575. function configure_remote_backups {
  576. if ! grep -Fxq "Admin user:$ADMIN_USER" "$COMPLETION_FILE"; then
  577. dialog --title $"Administrator user" \
  578. --msgbox $"No Administrator user found. Check $COMPLETION_FILE" 6 40
  579. return
  580. fi
  581. if [ ${#ADMIN_USER} -lt 2 ]; then
  582. dialog --title $"Administrator user" \
  583. --msgbox $"Username not found" 6 40
  584. return
  585. fi
  586. if [ ! -d "/home/$ADMIN_USER" ]; then
  587. dialog --title $"Administrator user" \
  588. --msgbox $"Home directory not found" 6 40
  589. return
  590. fi
  591. if ! "${PROJECT_NAME}-remote" -u "$ADMIN_USER"; then
  592. any_key
  593. fi
  594. }
  595. function change_password {
  596. select_user
  597. if [ ! "$SELECTED_USERNAME" ]; then
  598. return
  599. fi
  600. dialog --title $"Change password" \
  601. --passwordbox $"New password for user $SELECTED_USERNAME" 8 40 2> "$data"
  602. newpassword=$(<"$data")
  603. rm -f "$data"
  604. if [ "${#newpassword}" -lt "${MINIMUM_PASSWORD_LENGTH}" ]; then
  605. dialog --title $"Change password" \
  606. --msgbox $"The password should be ${MINIMUM_PASSWORD_LENGTH} or more characters" 6 40
  607. return
  608. fi
  609. echo "$SELECTED_USERNAME:$newpassword"|chpasswd
  610. dialog --title $"Change password" \
  611. --msgbox $"Password for $SELECTED_USERNAME was changed" 6 40
  612. }
  613. function change_ssh_public_key {
  614. select_user
  615. if [ ! "$SELECTED_USERNAME" ]; then
  616. return
  617. fi
  618. if grep -Fxq "Admin user:$SELECTED_USERNAME" "$COMPLETION_FILE"; then
  619. dialog --title $"Change ssh public key" \
  620. --backtitle $"Freedombone Control Panel" \
  621. --defaultno \
  622. --yesno $"\\nThis is the administrator user.\\n\\nAre you sure you want to change the ssh public key for the administrator?" 10 60
  623. sel=$?
  624. case $sel in
  625. 1) return;;
  626. 255) return;;
  627. esac
  628. fi
  629. data=$(mktemp 2>/dev/null)
  630. dialog --title $"Change ssh public key for $SELECTED_USERNAME" \
  631. --backtitle $"Freedombone Control Panel" \
  632. --inputbox $"Paste the ssh public key below" 8 60 2>"$data"
  633. sel=$?
  634. case $sel in
  635. 0)
  636. SSH_PUBLIC_KEY=$(<"$data")
  637. if [ "$SSH_PUBLIC_KEY" ]; then
  638. if [ ${#SSH_PUBLIC_KEY} -gt 5 ]; then
  639. if [ -f "$SSH_PUBLIC_KEY" ]; then
  640. if [ ! -d "/home/$SELECTED_USERNAME/.ssh" ]; then
  641. mkdir "/home/$SELECTED_USERNAME/.ssh"
  642. fi
  643. cp "$SSH_PUBLIC_KEY" \
  644. "/home/$SELECTED_USERNAME/.ssh/authorized_keys"
  645. chown -R "$SELECTED_USERNAME":"$SELECTED_USERNAME" \
  646. "/home/$SELECTED_USERNAME/.ssh"
  647. dialog --title $"Change ssh public key" \
  648. --msgbox $"ssh public key was installed" 6 40
  649. else
  650. if [[ "$SSH_PUBLIC_KEY" == "ssh-"* ]]; then
  651. if [ ! -d "/home/$SELECTED_USERNAME/.ssh" ]; then
  652. mkdir "/home/$SELECTED_USERNAME/.ssh"
  653. fi
  654. echo "$SSH_PUBLIC_KEY" > \
  655. "/home/$SELECTED_USERNAME/.ssh/authorized_keys"
  656. chown -R "$SELECTED_USERNAME":"$SELECTED_USERNAME" \
  657. "/home/$SELECTED_USERNAME/.ssh"
  658. dialog --title $"Change ssh public key" \
  659. --msgbox $"ssh public key was installed" 6 40
  660. fi
  661. fi
  662. fi
  663. fi
  664. ;;
  665. esac
  666. rm -f "$data"
  667. }
  668. function remove_user_from_mailing_list {
  669. select_user
  670. if [ ! "$SELECTED_USERNAME" ]; then
  671. return
  672. fi
  673. USER_MAILING_LISTS=$(grep '\[' "/home/$SELECTED_USERNAME/.procmailrc" | grep '\]' | awk -F '\[' '{print $2}' | awk -F '\\' '{print $1}')
  674. i=0
  675. W=()
  676. list_name=()
  677. while read -r listname; do
  678. i=$((i+1))
  679. W+=("$i" "$listname")
  680. list_name+=("$listname")
  681. echo "$listname"
  682. done <<< "$USER_MAILING_LISTS"
  683. i=$((i+1))
  684. W+=("$i" $"Exit back to user mainenance")
  685. list_selected=$(dialog --default-item "$i" --backtitle $"Freedombone Control Panel" --title $"Remove a mailing list for $SELECTED_USERNAME" --menu $"Select one of the following:" 24 50 17 "${W[@]}" 3>&2 2>&1 1>&3)
  686. # shellcheck disable=SC2181
  687. if [ $? -eq 0 ]; then # Exit with OK
  688. if [ "${list_selected}" -ne "${i}" ]; then
  689. remove_list_name="${list_name[$((list_selected-1))]}"
  690. # find the line number where the list is defined
  691. line_number=0
  692. i=0
  693. while read -r line
  694. do
  695. if [[ "$line" == *"\\[${remove_list_name}\\]"* ]]; then
  696. line_number=${i}
  697. fi
  698. i=$((i+1))
  699. done < "/home/$SELECTED_USERNAME/.procmailrc"
  700. if [ ${line_number} -eq 0 ]; then
  701. # no match was found
  702. return
  703. fi
  704. # recreate the file
  705. if [ -f "/home/${SELECTED_USERNAME}/.procmailrc_new" ]; then
  706. rm "/home/${SELECTED_USERNAME}/.procmailrc_new"
  707. fi
  708. i=0
  709. clip=0
  710. while read -r line
  711. do
  712. i=$((i+1))
  713. if [ ${i} -gt $((line_number-1)) ]; then
  714. if [ ${clip} -eq 0 ]; then
  715. clip=1
  716. fi
  717. if [ ${clip} -eq 1 ]; then
  718. if [ ${i} -lt $((line_number+2)) ]; then
  719. continue
  720. else
  721. if [ ${#line} -lt 1 ]; then
  722. clip=2
  723. continue
  724. fi
  725. if [[ "$line" == ":"* || "$line" == "#"* ]]; then
  726. clip=2
  727. else
  728. continue
  729. fi
  730. fi
  731. fi
  732. fi
  733. echo "$line" >> "/home/${SELECTED_USERNAME}/.procmailrc_new"
  734. if [[ "$line" == *"\\[${remove_list_name}\\]"* ]]; then
  735. line_number=${i}
  736. fi
  737. done < "/home/$SELECTED_USERNAME/.procmailrc"
  738. cp "/home/${SELECTED_USERNAME}/.procmailrc_new" "/home/${SELECTED_USERNAME}/.procmailrc"
  739. rm "/home/${SELECTED_USERNAME}/.procmailrc_new"
  740. chown "${SELECTED_USERNAME}":"${SELECTED_USERNAME}" "/home/${SELECTED_USERNAME}/.procmailrc"
  741. dialog --title $"Remove user from mailing list" \
  742. --msgbox $"${SELECTED_USERNAME} has been removed from ${remove_list_name}" 6 50
  743. fi
  744. fi
  745. }
  746. function add_to_mailing_list {
  747. select_user
  748. if [ ! "$SELECTED_USERNAME" ]; then
  749. return
  750. fi
  751. data=$(mktemp 2>/dev/null)
  752. dialog --backtitle $"Freedombone Control Panel" \
  753. --title $"Subscribe $SELECTED_USERNAME to a mailing list" \
  754. --form $"You can either enter a subject or an email address\\n" 11 68 4 \
  755. $"List folder name:" 1 1 "" 1 35 26 25 \
  756. $"Name between [] on subject line:" 2 1 "" 2 35 26 25 \
  757. $"List email address:" 3 1 "" 3 35 26 25 \
  758. $"Public:" 4 1 $"yes" 4 35 4 25 \
  759. 2> "$data"
  760. sel=$?
  761. case $sel in
  762. 1) rm -f "$data"
  763. return;;
  764. 255) rm -f "$data"
  765. return;;
  766. esac
  767. LIST_NAME=$(sed -n 1p < "$data")
  768. LIST_SUBJECT=$(sed -n 2p < "$data")
  769. LIST_EMAIL=$(sed -n 3p < "$data")
  770. LIST_PUBLIC=$(sed -n 4p < "$data")
  771. if [ ${#LIST_PUBLIC} -lt 1 ]; then
  772. LIST_PUBLIC='no'
  773. fi
  774. if [[ $LIST_PUBLIC == $'y' || $LIST_PUBLIC == $'Y' || $LIST_PUBLIC == $'true' || $LIST_PUBLIC == $'True' || $LIST_PUBLIC == $'yes' || $LIST_PUBLIC == $'Yes' || $LIST_PUBLIC == $'YES' ]]; then
  775. LIST_PUBLIC='yes'
  776. else
  777. LIST_PUBLIC='no'
  778. fi
  779. if [ ${#LIST_NAME} -lt 2 ]; then
  780. dialog --title $"Add mailing list" \
  781. --msgbox $"No mailing list name was given" 6 40
  782. rm -f "$data"
  783. return
  784. fi
  785. if [ ${#LIST_SUBJECT} -lt 2 ]; then
  786. if [ ${#LIST_EMAIL} -lt 2 ]; then
  787. dialog --title $"Add mailing list" \
  788. --msgbox $"No mailing list subject or address was given" 6 40
  789. rm -f "$data"
  790. return
  791. fi
  792. fi
  793. if [ ${#LIST_SUBJECT} -gt 1 ]; then
  794. "${PROJECT_NAME}-addlist" -u "$SELECTED_USERNAME" -l "$LIST_NAME" \
  795. -s "$LIST_SUBJECT" --public "$LIST_PUBLIC"
  796. else
  797. if [[ "$LIST_EMAIL" != *"@"* || "$LIST_EMAIL" != *"."* ]]; then
  798. dialog --title $"Add mailing list" \
  799. --msgbox $"Unrecognised email address" 6 40
  800. rm -f "$data"
  801. return
  802. else
  803. "${PROJECT_NAME}-addlist" -u "$SELECTED_USERNAME" -l "$LIST_NAME" \
  804. -e "$LIST_EMAIL" --public "$LIST_PUBLIC"
  805. fi
  806. fi
  807. dialog --title $"Add mailing list" \
  808. --msgbox $"$LIST_NAME list was added" 6 40
  809. rm -f "$data"
  810. }
  811. function email_rule {
  812. select_user
  813. if [ ! "$SELECTED_USERNAME" ]; then
  814. return
  815. fi
  816. data=$(mktemp 2>/dev/null)
  817. dialog --backtitle $"Freedombone Control Panel" \
  818. --title $"Email rule for user $SELECTED_USERNAME" \
  819. --form "\\n" 9 65 4 \
  820. $"When email arrives from address:" 1 1 "" 1 35 24 28 \
  821. $"Move to folder:" 2 1 "" 2 35 24 28 \
  822. $"Public:" 3 1 $"no" 3 35 4 25 \
  823. 2> "$data"
  824. sel=$?
  825. case $sel in
  826. 1) rm -f "$data"
  827. return;;
  828. 255) rm -f "$data"
  829. return;;
  830. esac
  831. RULE_EMAIL=$(sed -n 1p < "$data")
  832. RULE_FOLDER=$(sed -n 2p < "$data")
  833. RULE_PUBLIC=$(sed -n 3p < "$data")
  834. if [ ${#RULE_PUBLIC} -lt 1 ]; then
  835. RULE_PUBLIC='no'
  836. fi
  837. if [[ $RULE_PUBLIC == $'y' || $RULE_PUBLIC == $'Y' || $RULE_PUBLIC == $'true' || $RULE_PUBLIC == $'True' || $RULE_PUBLIC == $'yes' || $RULE_PUBLIC == $'Yes' || $RULE_PUBLIC == $'YES' ]]; then
  838. RULE_PUBLIC='yes'
  839. else
  840. RULE_PUBLIC='no'
  841. fi
  842. if [ ${#RULE_EMAIL} -lt 2 ]; then
  843. dialog --title $"Add email rule" \
  844. --msgbox $"No email address was given" 6 40
  845. rm -f "$data"
  846. return
  847. fi
  848. if [ ${#RULE_FOLDER} -lt 2 ]; then
  849. dialog --title $"Add email rule" \
  850. --msgbox $"No folder name was given" 6 40
  851. rm -f "$data"
  852. return
  853. fi
  854. if [[ "$RULE_EMAIL" != *"@"* || "$RULE_EMAIL" != *"."* ]]; then
  855. dialog --title $"Add email rule" \
  856. --msgbox $"Unrecognised email address" 6 40
  857. rm -f "$data"
  858. return
  859. fi
  860. "${PROJECT_NAME}-addemail" -u "$SELECTED_USERNAME" -e "$RULE_EMAIL" \
  861. -g "$RULE_FOLDER" --public $RULE_PUBLIC
  862. dialog --title $"Add email rule" \
  863. --msgbox $"Email rule for $RULE_EMAIL was added" 6 40
  864. rm -f "$data"
  865. }
  866. function block_unblock_email {
  867. select_user
  868. if [ ! "$SELECTED_USERNAME" ]; then
  869. return
  870. fi
  871. blockstr=$"Block/Unblock email going to"
  872. data=$(mktemp 2>/dev/null)
  873. dialog --backtitle $"Freedombone Control Panel" \
  874. --title "$blockstr $SELECTED_USERNAME" \
  875. --form "\\n" 8 65 3 \
  876. $"When email arrives from address:" 1 1 "" 1 35 24 100 \
  877. $"Block it:" 2 1 "yes" 2 35 4 4 \
  878. 2> "$data"
  879. sel=$?
  880. case $sel in
  881. 1) rm -f "$data"
  882. return;;
  883. 255) rm -f "$data"
  884. return;;
  885. esac
  886. BLOCK_EMAIL=$(sed -n 1p < "$data")
  887. BLOCK=$(sed -n 2p < "$data")
  888. rm -f "$data"
  889. if [ ${#BLOCK_EMAIL} -lt 2 ]; then
  890. dialog --title $"Block/Unblock an email" \
  891. --msgbox $"No email address was given" 6 40
  892. return
  893. fi
  894. if [[ "$BLOCK_EMAIL" != *"@"* || "$BLOCK_EMAIL" != *"."* ]]; then
  895. dialog --title $"Block/Unblock an email" \
  896. --msgbox $"Unrecognised email address" 6 40
  897. return
  898. fi
  899. if [[ $BLOCK == "y"* || $BLOCK == "Y"* ]]; then
  900. "${PROJECT_NAME}-ignore" -u "$SELECTED_USERNAME" -e "$BLOCK_EMAIL"
  901. dialog --title $"Block an email" \
  902. --msgbox "Email from $BLOCK_EMAIL to $SELECTED_USERNAME blocked" 6 75
  903. else
  904. "${PROJECT_NAME}-unignore" -u "$SELECTED_USERNAME" -e "$BLOCK_EMAIL"
  905. dialog --title $"Unblock an email" \
  906. --msgbox "Email from $BLOCK_EMAIL to $SELECTED_USERNAME unblocked" 6 75
  907. fi
  908. }
  909. function block_unblock_subject {
  910. select_user
  911. if [ ! "$SELECTED_USERNAME" ]; then
  912. return
  913. fi
  914. blockstr=$"Block/Unblock email going to"
  915. data=$(mktemp 2>/dev/null)
  916. dialog --backtitle $"Freedombone Control Panel" \
  917. --title "$blockstr $SELECTED_USERNAME" \
  918. --form "\\n" 8 70 3 \
  919. $"When email arrives with subject text:" 1 1 "" 1 40 24 28 \
  920. $"Block it:" 2 1 "yes" 2 40 4 4 \
  921. 2> "$data"
  922. sel=$?
  923. case $sel in
  924. 1) rm -f "$data"
  925. return;;
  926. 255) rm -f "$data"
  927. return;;
  928. esac
  929. BLOCK_SUBJECT=$(sed -n 1p < "$data")
  930. BLOCK=$(sed -n 2p < "$data")
  931. rm -f "$data"
  932. if [ ${#BLOCK_SUBJECT} -lt 2 ]; then
  933. dialog --title $"Block/Unblock an email" \
  934. --msgbox $"No subject was given" 6 40
  935. return
  936. fi
  937. if [[ $BLOCK == "y"* || $BLOCK == "Y"* ]]; then
  938. "${PROJECT_NAME}-ignore" -u "$SELECTED_USERNAME" -t "$BLOCK_SUBJECT"
  939. dialog --title $"Block an email" \
  940. --msgbox "Email with subject $BLOCK_SUBJECT to $SELECTED_USERNAME blocked" 6 40
  941. else
  942. "${PROJECT_NAME}-unignore" -u "$SELECTED_USERNAME" -t "$BLOCK_SUBJECT"
  943. dialog --title $"Unblock an email" \
  944. --msgbox "Email with subject $BLOCK_SUBJECT to $SELECTED_USERNAME unblocked" 6 40
  945. fi
  946. }
  947. function create_keydrive_master {
  948. select_user
  949. if [ ! "$SELECTED_USERNAME" ]; then
  950. return
  951. fi
  952. dialog --title $"USB Master Keydrive" \
  953. --msgbox $"Plug in a LUKS encrypted USB drive" 6 40
  954. clear
  955. detect_usb_drive
  956. "${PROJECT_NAME}-keydrive" -u "$SELECTED_USERNAME" --master 'yes' -d "$USB_DRIVE"
  957. any_key
  958. }
  959. function create_keydrive_fragment {
  960. select_user
  961. if [ ! $SELECTED_USERNAME ]; then
  962. return
  963. fi
  964. dialog --title $"USB Fragment Keydrive" \
  965. --msgbox $"Plug in a LUKS encrypted USB drive" 6 40
  966. clear
  967. detect_usb_drive
  968. "${PROJECT_NAME}-keydrive" -u "$SELECTED_USERNAME" -d "$USB_DRIVE"
  969. any_key
  970. }
  971. function backup_data {
  972. dialog --title $"Backup data to USB" \
  973. --msgbox $"Plug in a LUKS encrypted USB drive" 6 40
  974. clear
  975. detect_usb_drive
  976. echo ''
  977. echo $"Detected USB drive $USB_DRIVE"
  978. echo ''
  979. echo $'Enter the passphrase for your LUKS encrypted backup drive:'
  980. "${PROJECT_NAME}-backup-local"
  981. any_key
  982. }
  983. function restore_data_from_storage {
  984. restore_type="$1"
  985. AllStr=$"all"
  986. ExitStr=$"Exit"
  987. RestoreStr=$"Restore apps"
  988. if [[ $restore_type != "local" ]]; then
  989. restore_command="${PROJECT_NAME}-restore-remote $remote_domain_name configuration;;"
  990. else
  991. remote_domain_name="$1"
  992. detect_usb_drive
  993. restore_command="${PROJECT_NAME}-restore-local $USB_DRIVE"
  994. RestoreStr=$"Restore apps from USB drive $USB_DRIVE"
  995. fi
  996. utils_installed=(configfiles
  997. blocklist
  998. mariadb
  999. postgresql
  1000. letsencrypt
  1001. passwords
  1002. mutt
  1003. gpg
  1004. procmail
  1005. spamassassin
  1006. readme
  1007. ssh
  1008. userconfig
  1009. userlocal
  1010. userfin
  1011. certs
  1012. personal
  1013. email)
  1014. detect_apps
  1015. while true
  1016. do
  1017. app_list=()
  1018. n=1
  1019. applist="$n $AllStr off"
  1020. n=$((n+1))
  1021. app_list+=("$AllStr")
  1022. util_index=0
  1023. for a in "${utils_installed[@]}"
  1024. do
  1025. applist="$applist $n $a off"
  1026. app_name=${utils_installed[util_index]}
  1027. n=$((n+1))
  1028. util_index=$((util_index+1))
  1029. app_list+=("$app_name")
  1030. done
  1031. app_index=0
  1032. for a in "${APPS_INSTALLED_NAMES[@]}"
  1033. do
  1034. applist="$applist $n $a off"
  1035. n=$((n+1))
  1036. app_name=${APPS_INSTALLED_NAMES[app_index]}
  1037. app_index=$((app_index+1))
  1038. app_list+=("$app_name")
  1039. done
  1040. applist="$applist $n $ExitStr on"
  1041. n=$((n+1))
  1042. app_list+=("$ExitStr")
  1043. choice=$(dialog --stdout --backtitle $"Freedombone" \
  1044. --title "$RestoreStr" \
  1045. --radiolist $'Choose:' \
  1046. 30 50 20 "$applist")
  1047. # shellcheck disable=SC2181
  1048. if [ $? -ne 0 ]; then
  1049. break
  1050. fi
  1051. app_index=$((choice-1))
  1052. app_name=${app_list[app_index]}
  1053. # exit
  1054. if [[ "$app_name" == "$ExitStr" ]]; then
  1055. break
  1056. fi
  1057. clear
  1058. # Restore all
  1059. if [[ "$app_name" == "$AllStr" ]]; then
  1060. $restore_command
  1061. retcode="$?"
  1062. if [[ "$retcode" != "0" ]]; then
  1063. any_key
  1064. if [[ "$1" == "local" ]]; then
  1065. dialog --title $"Restore all apps from USB" \
  1066. --msgbox $"Restore failed with code $retcode" 6 60
  1067. else
  1068. dialog --title $"Restore all apps from $1" \
  1069. --msgbox $"Restore failed with code $retcode" 6 60
  1070. fi
  1071. break
  1072. fi
  1073. if [[ "$1" == "local" ]]; then
  1074. dialog --title $"Restore all apps from USB" \
  1075. --msgbox $"Restore complete" 6 40
  1076. else
  1077. dialog --title $"Restore all apps from $1" \
  1078. --msgbox $"Restore complete" 6 40
  1079. fi
  1080. break
  1081. fi
  1082. # Restore an app
  1083. $restore_command "${app_name}"
  1084. retcode="$?"
  1085. if [[ "$retcode" != "0" ]]; then
  1086. any_key
  1087. dialog --title $"Restore apps from USB" \
  1088. --msgbox $"Restore of ${app_name} failed with code $retcode" 6 60
  1089. return
  1090. fi
  1091. # finished
  1092. if [[ "$1" == "local" ]]; then
  1093. dialog --title $"Restore apps from USB" \
  1094. --msgbox $"Restore complete" 6 40
  1095. else
  1096. dialog --title $"Restore apps from $1" \
  1097. --msgbox $"Restore complete" 6 40
  1098. fi
  1099. done
  1100. }
  1101. function restore_data {
  1102. dialog --title $"Restore data from USB" \
  1103. --msgbox $"Plug in your backup USB drive" 6 40
  1104. clear
  1105. echo ' '
  1106. echo $'Enter the passphrase for your LUKS encrypted backup drive:'
  1107. restore_data_from_storage local
  1108. }
  1109. function restore_data_remote {
  1110. if [ ! $ADMIN_USER ]; then
  1111. dialog --title $"Restore data from remote server" \
  1112. --msgbox $"Unknown admin user" 6 40
  1113. return
  1114. fi
  1115. data=$(mktemp 2>/dev/null)
  1116. dialog --title $"Restore from remote server" \
  1117. --backtitle $"Freedombone Control Panel" \
  1118. --inputbox $"Enter the domain name of the server from which you wish to restore" 8 60 2>"$data"
  1119. sel=$?
  1120. case $sel in
  1121. 0)
  1122. friend_server_domain_name=$(<"$data")
  1123. if [ ${#friend_server_domain_name} -lt 2 ]; then
  1124. rm -f "$data"
  1125. return
  1126. fi
  1127. if [[ $friend_server_domain_name != *"."* ]]; then
  1128. dialog --title $"Remote server domain name" \
  1129. --msgbox $"Invalid domain name" 6 40
  1130. rm -f "$data"
  1131. return
  1132. fi
  1133. restore_data_from_storage "$friend_server_domain_name"
  1134. ;;
  1135. esac
  1136. rm -f "$data"
  1137. }
  1138. function ping_enable_disable {
  1139. ping_str=$"\\nDo you want to enable other systems to ping this machine?\\n\\nPing may be useful for diagnostic purposes, but for added security you may not want to enable it."
  1140. enable_ping="no"
  1141. dialog --title $"Enable Ping / ICMP" \
  1142. --backtitle $"Freedombone Control Panel" \
  1143. --defaultno \
  1144. --yesno "$ping_str" 10 60
  1145. sel=$?
  1146. case $sel in
  1147. 0) enable_ping="yes";;
  1148. 255) return;;
  1149. esac
  1150. if [[ $enable_ping == "yes" ]]; then
  1151. iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
  1152. iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
  1153. echo "0" > /proc/sys/net/ipv4/icmp_echo_ignore_all
  1154. else
  1155. iptables -D INPUT -p icmp --icmp-type echo-request -j ACCEPT
  1156. iptables -D OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
  1157. echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all
  1158. fi
  1159. }
  1160. function logging_on_off {
  1161. logging="no"
  1162. dialog --title $"Logging" \
  1163. --backtitle $"Freedombone Control Panel" \
  1164. --defaultno \
  1165. --yesno $"\\nDo you want to turn logging on?" 7 60
  1166. sel=$?
  1167. case $sel in
  1168. 0) logging="yes";;
  1169. 255) return;;
  1170. esac
  1171. clear
  1172. echo ''
  1173. echo $'This may take a few seconds. Please wait...'
  1174. if [[ $logging == "no" ]]; then
  1175. ${PROJECT_NAME}-logging off
  1176. else
  1177. ${PROJECT_NAME}-logging on
  1178. fi
  1179. }
  1180. function restore_gpg_key {
  1181. select_user
  1182. if [ ! "$SELECTED_USERNAME" ]; then
  1183. return
  1184. fi
  1185. restorestr=$"Restore GPG key for user"
  1186. dialog --title "$restorestr $SELECTED_USERNAME" \
  1187. --msgbox $"Plug in your USB keydrive" 6 40
  1188. clear
  1189. "${PROJECT_NAME}-recoverkey" -u "$SELECTED_USERNAME"
  1190. any_key
  1191. }
  1192. function security_settings {
  1193. "${PROJECT_NAME}-sec"
  1194. any_key
  1195. }
  1196. function show_tripwire_verification_code {
  1197. if [ ! -f "/var/lib/tripwire/${HOSTNAME}.twd" ]; then
  1198. return
  1199. fi
  1200. clear
  1201. echo ''
  1202. echo $'Tripwire Verification Code'
  1203. echo ''
  1204. DBHASH=$(sha512sum "/var/lib/tripwire/${HOSTNAME}.twd")
  1205. echo -n "$DBHASH" | qrencode -t UTF8
  1206. echo ''
  1207. echo "$DBHASH"
  1208. echo ''
  1209. }
  1210. function reset_tripwire {
  1211. if [ ! -f /usr/bin/reset-tripwire ]; then
  1212. echo $'Missing /usr/bin/reset-tripwire'
  1213. any_key
  1214. return
  1215. fi
  1216. if [ ! -f "/etc/tripwire/${HOSTNAME}-local.key" ]; then
  1217. if [ -f "/etc/tripwire/${PROJECT_NAME}-local.key" ]; then
  1218. mv "/etc/tripwire/${PROJECT_NAME}-local.key" "/etc/tripwire/${HOSTNAME}-local.key"
  1219. mv "/etc/tripwire/${PROJECT_NAME}-site.key" "/etc/tripwire/${HOSTNAME}-site.key"
  1220. else
  1221. echo $'Error: missing local key'
  1222. any_key
  1223. return
  1224. fi
  1225. fi
  1226. clear
  1227. echo $'Turing off logging...'
  1228. "${PROJECT_NAME}-logging" off
  1229. echo $'Locking down permissions...'
  1230. lockdown_permissions
  1231. echo $'Creating configuration...'
  1232. echo '
  1233. ' | twadmin --create-cfgfile -S "/etc/tripwire/${HOSTNAME}-site.key" /etc/tripwire/twcfg.txt
  1234. echo $'Resetting policy...'
  1235. echo '
  1236. ' | twadmin --create-polfile -S "/etc/tripwire/${HOSTNAME}-site.key" /etc/tripwire/twpol.txt
  1237. echo $'Creating tripwire database'
  1238. echo '
  1239. ' | tripwire --init --cfgfile /etc/tripwire/tw.cfg --polfile /etc/tripwire/tw.pol --dbfile "/var/lib/tripwire/${HOSTNAME}.twd"
  1240. echo $'Resetting the Tripwire...'
  1241. echo ''
  1242. echo '
  1243. ' | reset-tripwire
  1244. echo ''
  1245. # Sometimes nginx fails to restart if matrix is installed
  1246. # Restart matrix first
  1247. if [ -d /etc/matrix ]; then
  1248. systemctl restart matrix
  1249. systemctl restart nginx
  1250. fi
  1251. if [ -f "/var/lib/tripwire/${HOSTNAME}.twd" ]; then
  1252. show_tripwire_verification_code
  1253. echo $'Tripwire is now reset. Take a note of the above hash, or record'
  1254. echo $'the QR code using a mobile device. This will enable you to independently'
  1255. echo $'verify the integrity of the tripwire.'
  1256. else
  1257. echo $'ERROR: tripwire database was not created'
  1258. fi
  1259. any_key
  1260. }
  1261. function format_drive {
  1262. detect_usb_drive
  1263. dialog --title $"Format USB drive $USB_DRIVE" \
  1264. --backtitle $"Freedombone Control Panel" \
  1265. --defaultno \
  1266. --yesno $"\\nPlease confirm that you wish to format drive\\n\\n ${USB_DRIVE}\\n\\nAll current data on the drive will be lost, and you will be prompted to give a password used to encrypt the drive.\\n\\nDANGER: If you screw up here and format the wrong drive it's your own fault!" 16 60
  1267. sel=$?
  1268. case $sel in
  1269. 1) return;;
  1270. 255) return;;
  1271. esac
  1272. clear
  1273. echo ''
  1274. echo $"Formatting drive $USB_DRIVE. ALL CONTENTS WILL BE LOST."
  1275. echo ''
  1276. "${PROJECT_NAME}-format" "$USB_DRIVE"
  1277. any_key
  1278. }
  1279. function remove_backups {
  1280. detect_usb_drive
  1281. dialog --title $"Remove backups from a USB drive $USB_DRIVE" \
  1282. --backtitle $"Freedombone Control Panel" \
  1283. --defaultno \
  1284. --yesno $"\\nPlease confirm that you wish to remove backups from this drive\\n\\n ${drive}\\n\\nYou will not be able to recover them afterwards." 12 60
  1285. sel=$?
  1286. case $sel in
  1287. 1) return;;
  1288. 255) return;;
  1289. esac
  1290. clear
  1291. "${PROJECT_NAME}-backup-local" "$USB_DRIVE" remove
  1292. any_key
  1293. }
  1294. function shut_down_system {
  1295. dialog --title $"Power off the system" \
  1296. --backtitle $"Freedombone Control Panel" \
  1297. --defaultno \
  1298. --yesno $"\\nPlease confirm that you wish to power off the system.\\n\\nWARNING: to power on again you will need to have physical access to the hardware." 10 60
  1299. sel=$?
  1300. case $sel in
  1301. 1) return;;
  1302. 255) return;;
  1303. esac
  1304. systemctl poweroff
  1305. }
  1306. function restart_system {
  1307. dialog --title $"Restart the system" \
  1308. --backtitle $"Freedombone Control Panel" \
  1309. --defaultno \
  1310. --yesno $"\\nPlease confirm that you wish to restart the system.\\n\\nWARNING: If you are using full disk encryption then you will need physical access to the hardware to type in the password" 10 60
  1311. sel=$?
  1312. case $sel in
  1313. 1) return;;
  1314. 255) return;;
  1315. esac
  1316. systemctl reboot -i
  1317. }
  1318. function change_system_name {
  1319. data=$(mktemp 2>/dev/null)
  1320. dialog --title $"Change the name of this system" \
  1321. --backtitle $"Freedombone Control Panel" \
  1322. --inputbox $'Enter a new name for this system on your local network\\n\\nIt will appear as newname.local' 10 60 2>"$data"
  1323. sel=$?
  1324. case $sel in
  1325. 0) NEW_SYSTEM_NAME=$(<"$data")
  1326. if [ "$NEW_SYSTEM_NAME" ]; then
  1327. if [ ${#NEW_SYSTEM_NAME} -gt 1 ]; then
  1328. sed -i "s|host-name=.*|host-name=$NEW_SYSTEM_NAME|g" /etc/avahi/avahi-daemon.conf
  1329. systemctl restart avahi-daemon
  1330. if grep -q "host-name=$NEW_SYSTEM_NAME" /etc/avahi/avahi-daemon.conf; then
  1331. dialog --title $"New local network name" \
  1332. --msgbox $"The name of this system on your local network was changed successfully" 6 70
  1333. fi
  1334. fi
  1335. fi
  1336. ;;
  1337. esac
  1338. rm -f "$data"
  1339. }
  1340. function set_dynamic_IP {
  1341. revert_to_dynamic=
  1342. dialog --title $"Return to using a dynamic IP address" \
  1343. --backtitle $"Freedombone Control Panel" \
  1344. --yesno $"\\nDo you wish to go back to using a dynamic IP address?" 8 60
  1345. sel=$?
  1346. case $sel in
  1347. 0) revert_to_dynamic=1
  1348. ;;
  1349. 1) return;;
  1350. esac
  1351. if [ $revert_to_dynamic ]; then
  1352. wifi_original_network_settings
  1353. clear
  1354. echo ''
  1355. echo $'Changing to a dynamic IP address.'
  1356. echo ''
  1357. echo $"System is rebooting. You may need to close this terminal and log in from a new one."
  1358. systemctl reboot -i
  1359. fi
  1360. }
  1361. function set_static_IP {
  1362. IPv4_address=$(get_ipv4_address)
  1363. IPv4_address_base=$(echo "$IPv4_address" | awk -F '.' '{print $1"."$2"."$3}')
  1364. STATIC_IP="${IPv4_address_base}.60"
  1365. STATIC_GATEWAY="${IPv4_address_base}.1"
  1366. NEW_STATIC_IP=
  1367. NEW_STATIC_GATEWAY=
  1368. if [ -f /etc/network/interfaces.d/static ]; then
  1369. STATIC_IP=$(grep "address " /etc/network/interfaces.d/static | head -n 1 | awk -F ' ' '{print $2}')
  1370. STATIC_GATEWAY=$(grep "gateway " /etc/network/interfaces.d/static | head -n 1 | awk -F ' ' '{print $2}')
  1371. fi
  1372. # get the IP for the box
  1373. data=$(mktemp 2>/dev/null)
  1374. dialog --title $"Set a static local IP address" \
  1375. --backtitle $"Freedombone Control Panel" \
  1376. --inputbox $"In order to forward incoming internet traffic to this system most internet routers need to know a static local IP address to send the data to.\\n\\n
  1377. Enter a static local IP address for this system.\\n\\nIt will typically be ${IPv4_address_base}.x\\n\\nIf you leave this field blank then the system will revert to using a dynamic IP address." 18 60 "$STATIC_IP" 2>"$data"
  1378. sel=$?
  1379. case $sel in
  1380. 0) NEW_STATIC_IP=$(<"$data")
  1381. if [[ "$NEW_STATIC_IP" != *"."* ]]; then
  1382. set_dynamic_IP
  1383. rm -f "$data"
  1384. return
  1385. fi
  1386. ;;
  1387. 1) rm -f "$data"
  1388. return;;
  1389. esac
  1390. rm -f "$data"
  1391. # get the gateway
  1392. data=$(mktemp 2>/dev/null)
  1393. dialog --title $"Set the IP address of your internet router/modem" \
  1394. --backtitle $"Freedombone Control Panel" \
  1395. --inputbox $"Set the local IP address for your internet router or ADSL modem.\\n\\nIt will typically be ${IPv4_address_base}.1, ${IPv4_address_base}.254, or similar" 12 60 "$STATIC_GATEWAY" 2>"$data"
  1396. sel=$?
  1397. case $sel in
  1398. 0) NEW_STATIC_GATEWAY=$(<"$data")
  1399. if [[ "$NEW_STATIC_GATEWAY" != *"."* ]]; then
  1400. rm -f "$data"
  1401. return
  1402. fi
  1403. ;;
  1404. 1) rm -f "$data"
  1405. return;;
  1406. esac
  1407. if [[ "$NEW_STATIC_GATEWAY" == *"."* && "$NEW_STATIC_IP" == *"."* ]]; then
  1408. ip_addresses_have_changed=1
  1409. if [ -f /etc/network/interfaces.d/static ]; then
  1410. ip_addresses_have_changed=
  1411. if ! grep -q "address ${NEW_STATIC_IP}" /etc/network/interfaces.d/static; then
  1412. ip_addresses_have_changed=1
  1413. fi
  1414. if ! grep -q "gateway ${NEW_STATIC_GATEWAY}" /etc/network/interfaces.d/static; then
  1415. ip_addresses_have_changed=1
  1416. fi
  1417. fi
  1418. if [ $ip_addresses_have_changed ]; then
  1419. write_config_param "NETWORK_IS_STATIC" "1"
  1420. write_config_param "LOCAL_NETWORK_STATIC_IP_ADDRESS" "$NEW_STATIC_IP"
  1421. write_config_param "ROUTER_IP_ADDRESS" "$NEW_STATIC_GATEWAY"
  1422. email_change_relay "$NEW_STATIC_IP"
  1423. static_wifi_address=
  1424. if [[ $(config_param_exists "WIFI_INTERFACE") == "1" ]]; then
  1425. dialog --title $"Static local IP address" \
  1426. --backtitle $"Freedombone Control Panel" \
  1427. --yesno $"\\nSet a static address for the wifi adapter?\\n\\nIf you select 'no' then wired ethernet will be used." 10 60
  1428. sel=$?
  1429. case $sel in
  1430. 0) static_wifi_address=1
  1431. write_config_param "NETWORK_IS_STATIC" "1"
  1432. ;;
  1433. esac
  1434. fi
  1435. echo '# This file describes the network interfaces available on your system' > /etc/network/interfaces
  1436. echo '# and how to activate them. For more information, see interfaces(5).' >> /etc/network/interfaces
  1437. echo 'source /etc/network/interfaces.d/*' >> /etc/network/interfaces
  1438. if [ ! $static_wifi_address ]; then
  1439. # wired network
  1440. remove_wifi_startup_script
  1441. { echo 'auto eth0';
  1442. echo 'iface eth0 inet static';
  1443. echo " address ${NEW_STATIC_IP}";
  1444. echo ' netmask 255.255.255.0';
  1445. echo " gateway ${NEW_STATIC_GATEWAY}"; } >> /etc/network/interfaces.d/static
  1446. else
  1447. # wifi network
  1448. wifi_settings
  1449. fi
  1450. clear
  1451. echo ''
  1452. echo $'Restarting the network daemon.'
  1453. echo ''
  1454. echo $'If you logged in using the previous IP address then you may need to close this terminal and log in again on the new one.'
  1455. function_check pihole_change_ipv4
  1456. pihole_change_ipv4 "${NEW_STATIC_IP}"
  1457. dialog --title $"Static local IP address" \
  1458. --backtitle $"Freedombone Control Panel" \
  1459. --yesno $"\\nFor the change to take effect your system will now need to reboot. Do this now?" 8 60
  1460. sel=$?
  1461. case $sel in
  1462. 0) systemctl reboot -i;;
  1463. esac
  1464. fi
  1465. fi
  1466. rm -f "$data"
  1467. }
  1468. function wifi_settings {
  1469. if [ -f /etc/hostapd/hostapd.conf ]; then
  1470. return
  1471. fi
  1472. TEMP_WIFI_NETWORKS_FILE=~/.temp-${PROJECT_NAME}-wifi.cfg
  1473. ${PROJECT_NAME}-wifi --networksinteractive $TEMP_WIFI_NETWORKS_FILE
  1474. if [ -f $TEMP_WIFI_NETWORKS_FILE ]; then
  1475. cp "$TEMP_WIFI_NETWORKS_FILE" "$WIFI_NETWORKS_FILE"
  1476. rm $TEMP_WIFI_NETWORKS_FILE
  1477. "${PROJECT_NAME}-wifi" --networks "$WIFI_NETWORKS_FILE"
  1478. create_wifi_startup_script
  1479. if [[ $(wifi_is_running) == "1" ]]; then
  1480. dialog --title $"Wifi Settings" \
  1481. --msgbox $"Wifi settings were changed." 6 60
  1482. else
  1483. dialog --title $"Wifi Settings" \
  1484. --msgbox $"Wifi settings were changed. You will need to restart the system with ethernet cable removed for the changes to take effect." 7 60
  1485. fi
  1486. else
  1487. remove_wifi_startup_script
  1488. fi
  1489. }
  1490. function wifi_edit_networks {
  1491. if [ -f /etc/hostapd/hostapd.conf ]; then
  1492. return
  1493. fi
  1494. if [ ! -f "$WIFI_NETWORKS_FILE" ]; then
  1495. { echo $'# Add wifi networks as follows:';
  1496. echo '#';
  1497. echo $'# MySSID';
  1498. echo $'# wpa2-psk';
  1499. echo $'# myWifiPassphrase';
  1500. echo '#';
  1501. echo $'# AnotherSSID';
  1502. echo $'# none';
  1503. echo '#'; } > "$WIFI_NETWORKS_FILE"
  1504. fi
  1505. editor "$WIFI_NETWORKS_FILE"
  1506. "${PROJECT_NAME}-wifi" --networks "$WIFI_NETWORKS_FILE"
  1507. }
  1508. function hotspot_settings {
  1509. data=$(mktemp 2>/dev/null)
  1510. dialog --backtitle $"Freedombone Control Panel" \
  1511. --title $"Hotspot Settings" \
  1512. --form $"" 10 60 4 \
  1513. $"Enabled (yes/no):" 1 1 "$WIFI_HOTSPOT" 1 24 5 5 \
  1514. $"SSID:" 2 1 "$WIFI_SSID" 2 24 256 256 \
  1515. $"Type (wpa2-psk/none):" 3 1 "$WIFI_TYPE" 3 24 10 10 \
  1516. $"Passphrase:" 4 1 "$WIFI_PASSPHRASE" 4 24 256 256 \
  1517. 2> "$data"
  1518. sel=$?
  1519. case $sel in
  1520. 1) rm -f "$data"
  1521. return;;
  1522. 255) rm -f "$data"
  1523. return;;
  1524. esac
  1525. TEMP_WIFI_HOTSPOT=$(sed -n 1p < "$data")
  1526. TEMP_WIFI_SSID=$(sed -n 2p < "$data")
  1527. TEMP_WIFI_TYPE=$(sed -n 3p < "$data")
  1528. TEMP_WIFI_PASSPHRASE=$(sed -n 4p < "$data")
  1529. rm -f "$data"
  1530. if [ ${#TEMP_WIFI_SSID} -lt 2 ]; then
  1531. return
  1532. fi
  1533. if [ ${#TEMP_WIFI_TYPE} -lt 2 ]; then
  1534. return
  1535. fi
  1536. WIFI_EXTRA=''
  1537. if [[ $TEMP_WIFI_HOTSPOT == $'yes' || $TEMP_WIFI_HOTSPOT == $'y' || $TEMP_WIFI_HOTSPOT == $'on' ]]; then
  1538. TEMP_WIFI_HOTSPOT='yes'
  1539. else
  1540. TEMP_WIFI_HOTSPOT='no'
  1541. if [ -f "$WIFI_NETWORKS_FILE" ]; then
  1542. WIFI_EXTRA="--networks $WIFI_NETWORKS_FILE"
  1543. fi
  1544. fi
  1545. if [[ $TEMP_WIFI_TYPE != $'none' ]]; then
  1546. if [ ! "$TEMP_WIFI_PASSPHRASE" ]; then
  1547. dialog --title $"Wifi Settings" \
  1548. --msgbox $"No wifi hotspot passphrase was given" 6 40
  1549. return
  1550. fi
  1551. if [ ${#TEMP_WIFI_PASSPHRASE} -lt 2 ]; then
  1552. dialog --title $"Wifi Settings" \
  1553. --msgbox $"Wifi hotspot passphrase was too short" 6 40
  1554. return
  1555. fi
  1556. WIFI_HOTSPOT=$TEMP_WIFI_HOTSPOT
  1557. WIFI_SSID=$TEMP_WIFI_SSID
  1558. WIFI_TYPE=$TEMP_WIFI_TYPE
  1559. WIFI_PASSPHRASE=$TEMP_WIFI_PASSPHRASE
  1560. if ! "${PROJECT_NAME}-wifi" -i "$WIFI_INTERFACE" -s "$WIFI_SSID" -t "$WIFI_TYPE" -p "$WIFI_PASSPHRASE" --hotspot "$WIFI_HOTSPOT" "$WIFI_EXTRA"; then
  1561. echo $"Can't enable wifi hotspot"
  1562. any_key
  1563. fi
  1564. else
  1565. WIFI_HOTSPOT=$TEMP_WIFI_HOTSPOT
  1566. WIFI_SSID=$TEMP_WIFI_SSID
  1567. WIFI_TYPE=$TEMP_WIFI_TYPE
  1568. WIFI_PASSPHRASE=$TEMP_WIFI_PASSPHRASE
  1569. "${PROJECT_NAME}-wifi" -i "$WIFI_INTERFACE" -s "$WIFI_SSID" -t "$WIFI_TYPE" --hotspot "$WIFI_HOTSPOT" "$WIFI_EXTRA"
  1570. fi
  1571. # store any changes
  1572. write_config_param "WIFI_HOTSPOT" "$WIFI_HOTSPOT"
  1573. write_config_param "WIFI_SSID" "$WIFI_SSID"
  1574. write_config_param "WIFI_TYPE" "$WIFI_TYPE"
  1575. write_config_param "WIFI_PASSPHRASE" "$WIFI_PASSPHRASE"
  1576. dialog --title $"Wifi Settings" \
  1577. --msgbox $"Hotspot settings were changed" 6 40
  1578. }
  1579. function reinstall_mariadb {
  1580. dialog --title $"Reinstall MariaDB" \
  1581. --backtitle $"Freedombone Control Panel" \
  1582. --defaultno \
  1583. --yesno $"\\nThis should be a LAST RESORT, if the mysql daemon won't start. You will lose ALL databases and will then need to restore them from backup.\\n\\nAre you sure that you wish to continue?" 12 60
  1584. sel=$?
  1585. case $sel in
  1586. 1) return;;
  1587. 255) return;;
  1588. esac
  1589. clear
  1590. database_reinstall
  1591. dialog --title $"Reinstall MariaDB" \
  1592. --msgbox $"MariaDB has been reinstalled" 6 40
  1593. }
  1594. function show_firewall {
  1595. clear
  1596. echo $"Firewall Settings"
  1597. echo ''
  1598. while read -r line; do
  1599. firewall_name=$(awk "$line" -F '=' '{print $1}')
  1600. firewall_port=$(awk "$line" -F '=' '{print $2}')
  1601. echo -n -e "$(pad_string "${firewall_name}")"
  1602. echo "${firewall_port}"
  1603. done < "$FIREWALL_CONFIG"
  1604. any_key
  1605. }
  1606. function email_extra_domains {
  1607. email_hostnames=$(grep "dc_other_hostnames" /etc/exim4/update-exim4.conf.conf | awk -F "'" '{print $2}')
  1608. data=$(mktemp 2>/dev/null)
  1609. dialog --title $"Email Domains" \
  1610. --backtitle $"Freedombone Control Panel" \
  1611. --inputbox $"Enter the list of email domains to use, separated by semicolons" 8 60 "$email_hostnames" 2>"$data"
  1612. sel=$?
  1613. case $sel in
  1614. 0)
  1615. emailhostnames=$(<"$data")
  1616. if [ ${#emailhostnames} -gt 2 ]; then
  1617. if [[ "$email_hostnames" != "$emailhostnames" ]]; then
  1618. if [[ "$emailhostnames" == *"."* ]]; then
  1619. if [[ "$emailhostnames" != *" "* ]]; then
  1620. sed -i "s|dc_other_hostnames=.*|dc_other_hostnames='$emailhostnames'|g" /etc/exim4/update-exim4.conf.conf
  1621. update-exim4.conf
  1622. dpkg-reconfigure --frontend noninteractive exim4-config
  1623. systemctl restart saslauthd
  1624. dialog --title $"Email Domains" \
  1625. --backtitle $"Freedombone Control Panel" \
  1626. --msgbox $"Email domains were changed" 6 50
  1627. else
  1628. dialog --title $"Email Domains not set" \
  1629. --backtitle $"Freedombone Control Panel" \
  1630. --msgbox $"There should be no spaces in the list" 6 50
  1631. fi
  1632. fi
  1633. fi
  1634. fi
  1635. ;;
  1636. esac
  1637. rm -f "$data"
  1638. }
  1639. function email_smtp_proxy {
  1640. MUTTRC_FILE=/home/$ADMIN_USER/.muttrc
  1641. if [ ! -f $MUTTRC_FILE ]; then
  1642. return
  1643. fi
  1644. data=$(mktemp 2>/dev/null)
  1645. dialog --backtitle $"Freedombone Control Panel" \
  1646. --title $"SMTP Proxy for $ADMIN_USER" \
  1647. --form $"You may need to proxy outgoing email via your ISP's mail server. If so enter the details below." 14 75 6 \
  1648. $"Enable proxy:" 1 1 "$SMTP_PROXY_ENABLE" 1 24 5 5 \
  1649. $"Protocol (smtp/smtps):" 2 1 "$SMTP_PROXY_PROTOCOL" 2 24 5 5 \
  1650. $"ISP mail server:" 3 1 "$SMTP_PROXY_SERVER" 3 24 40 10000 \
  1651. $"Port:" 4 1 "$SMTP_PROXY_PORT" 4 24 5 5 \
  1652. $"Username:" 5 1 "$SMTP_PROXY_USERNAME" 5 24 40 10000 \
  1653. $"Password:" 6 1 "$SMTP_PROXY_PASSWORD" 6 24 40 10000 \
  1654. 2> "$data"
  1655. sel=$?
  1656. case $sel in
  1657. 1) rm -f "$data"
  1658. return;;
  1659. 255) rm -f "$data"
  1660. return;;
  1661. esac
  1662. SMTP_PROXY_ENABLE=$(sed -n 1p < "$data")
  1663. SMTP_PROXY_PROTOCOL=$(sed -n 2p < "$data")
  1664. SMTP_PROXY_SERVER=$(sed -n 3p < "$data")
  1665. SMTP_PROXY_PORT=$(sed -n 4p < "$data")
  1666. SMTP_PROXY_USERNAME=$(sed -n 5p < "$data")
  1667. SMTP_PROXY_PASSWORD=$(sed -n 6p < "$data")
  1668. rm -f "$data"
  1669. # change muttrc
  1670. if [ "$SMTP_PROXY_ENABLE" != $'no' ]; then
  1671. if ! grep -q "set smtp_url" "$MUTTRC_FILE"; then
  1672. echo "set smtp_url=\"${SMTP_PROXY_PROTOCOL}://${SMTP_PROXY_USERNAME}:${SMTP_PROXY_PASSWORD}@${SMTP_PROXY_SERVER}:${SMTP_PROXY_PORT}/\"" >> "$MUTTRC_FILE"
  1673. else
  1674. sed -i "s|set smtp_url=.*|set smtp_url=\"${SMTP_PROXY_PROTOCOL}://${SMTP_PROXY_USERNAME}:${SMTP_PROXY_PASSWORD}@${SMTP_PROXY_SERVER}:${SMTP_PROXY_PORT}/\"|g" "$MUTTRC_FILE"
  1675. fi
  1676. sed -i 's|#set smtp_url|set smtp_url|g' "$MUTTRC_FILE"
  1677. else
  1678. if grep -q "set smtp_url" "$MUTTRC_FILE"; then
  1679. sed -i 's|set smtp_url|#set smtp_url|g' "$MUTTRC_FILE"
  1680. fi
  1681. fi
  1682. # save settings within the main configuration file
  1683. write_config_param "SMTP_PROXY_ENABLE" "$SMTP_PROXY_ENABLE"
  1684. write_config_param "SMTP_PROXY_PROTOCOL" "$SMTP_PROXY_PROTOCOL"
  1685. write_config_param "SMTP_PROXY_SERVER" "$SMTP_PROXY_SERVER"
  1686. write_config_param "SMTP_PROXY_PORT" "$SMTP_PROXY_PORT"
  1687. write_config_param "SMTP_PROXY_USERNAME" "$SMTP_PROXY_USERNAME"
  1688. write_config_param "SMTP_PROXY_PASSWORD" "$SMTP_PROXY_PASSWORD"
  1689. }
  1690. function menu_backup_restore {
  1691. while true
  1692. do
  1693. data=$(mktemp 2>/dev/null)
  1694. dialog --backtitle $"Freedombone Control Panel" \
  1695. --title $"Backup and Restore" \
  1696. --radiolist $"Choose an operation:" 19 70 12 \
  1697. 1 $"Backup data to USB drive" off \
  1698. 2 $"Restore GPG key from USB keydrive" off \
  1699. 3 $"Restore data from USB drive" off \
  1700. 4 $"Reinstall mariadb" off \
  1701. 5 $"Configure remote backups" off \
  1702. 6 $"Restore from remote backup" off \
  1703. 7 $"Backup GPG key to USB (master keydrive)" off \
  1704. 8 $"Backup GPG key to USB (fragment keydrive)" off \
  1705. 9 $"Format a USB drive (LUKS encrypted)" off \
  1706. 10 $"Remove backups from a USB drive" off \
  1707. 11 $"Back to main menu" on 2> "$data"
  1708. sel=$?
  1709. case $sel in
  1710. 1) rm -f "$data"
  1711. break;;
  1712. 255) rm -f "$data"
  1713. break;;
  1714. esac
  1715. case $(cat "$data") in
  1716. 1) backup_data;;
  1717. 2) restore_gpg_key;;
  1718. 3) restore_data;;
  1719. 4) reinstall_mariadb;;
  1720. 5) configure_remote_backups;;
  1721. 6) restore_data_remote;;
  1722. 7) create_keydrive_master;;
  1723. 8) create_keydrive_fragment;;
  1724. 9) format_drive;;
  1725. 10) remove_backups;;
  1726. 11) rm -f "$data"
  1727. break;;
  1728. esac
  1729. rm -f "$data"
  1730. done
  1731. }
  1732. function menu_email {
  1733. while true
  1734. do
  1735. data=$(mktemp 2>/dev/null)
  1736. dialog --backtitle $"Freedombone Control Panel" \
  1737. --title $"Email Menu" \
  1738. --radiolist $"Choose an operation:" 15 70 8 \
  1739. 1 $"Add a user to a mailing list" off \
  1740. 2 $"Remove a user from a mailing list" off \
  1741. 3 $"Add an email rule" off \
  1742. 4 $"Block/Unblock an email address" off \
  1743. 5 $"Block/Unblock email with subject text" off \
  1744. 6 $"Outgoing Email Proxy" off \
  1745. 7 $"Extra email domains" off \
  1746. 8 $"Back to main menu" on 2> "$data"
  1747. sel=$?
  1748. case $sel in
  1749. 1) rm -f "$data"
  1750. break;;
  1751. 255) rm -f "$data"
  1752. break;;
  1753. esac
  1754. case $(cat "$data") in
  1755. 1) add_to_mailing_list;;
  1756. 2) remove_user_from_mailing_list;;
  1757. 3) email_rule;;
  1758. 4) block_unblock_email;;
  1759. 5) block_unblock_subject;;
  1760. 6) email_smtp_proxy;;
  1761. 7) email_extra_domains;;
  1762. 8) rm -f "$data"
  1763. break;;
  1764. esac
  1765. rm -f "$data"
  1766. done
  1767. }
  1768. function domain_blocking_add {
  1769. data=$(mktemp 2>/dev/null)
  1770. dialog --title $"Block a domain or user" \
  1771. --backtitle $"Freedombone Control Panel" \
  1772. --inputbox $"Enter the domain name or GNU Social/postActiv/Pleroma nick@domain that you wish to block" 8 60 "" 2>"$data"
  1773. sel=$?
  1774. case $sel in
  1775. 0)
  1776. blocked_domain=$(<"$data")
  1777. if [ ${#blocked_domain} -gt 2 ]; then
  1778. if [[ "${blocked_domain}" == *'.'* ]]; then
  1779. firewall_block_domain "$blocked_domain"
  1780. if [[ "${blocked_domain}" != *'@'* ]]; then
  1781. dialog --title $"Block a domain" \
  1782. --msgbox $"The domain $blocked_domain has been blocked" 6 40
  1783. else
  1784. dialog --title $"Block a GNU Social/postActiv/Pleroma nickname" \
  1785. --msgbox $"$blocked_domain has been blocked" 6 40
  1786. fi
  1787. fi
  1788. fi
  1789. ;;
  1790. esac
  1791. rm -f "$data"
  1792. }
  1793. function ip_blocking_add {
  1794. data=$(mktemp 2>/dev/null)
  1795. dialog --title $"Block an IP address" \
  1796. --backtitle $"Freedombone Control Panel" \
  1797. --inputbox $"Enter the IP address that you wish to block" 8 60 "" 2>"$data"
  1798. sel=$?
  1799. case $sel in
  1800. 0)
  1801. blocked_ip=$(<"$data")
  1802. if [ ${#blocked_ip} -gt 2 ]; then
  1803. if [[ "${blocked_ip}" == *'.'* ]]; then
  1804. firewall_block_ip "$blocked_ip"
  1805. if [[ "${blocked_ip}" != *'@'* ]]; then
  1806. dialog --title $"Block an IP address" \
  1807. --msgbox $"The IP address $blocked_ip has been blocked" 6 40
  1808. fi
  1809. fi
  1810. fi
  1811. ;;
  1812. esac
  1813. rm -f "$data"
  1814. }
  1815. function domain_blocking_remove {
  1816. data=$(mktemp 2>/dev/null)
  1817. dialog --title $"Unblock a domain or user" \
  1818. --backtitle $"Freedombone Control Panel" \
  1819. --inputbox $"Enter the domain name or GNU Social/postActiv nick@domain that you wish to unblock" 8 60 "" 2>"$data"
  1820. sel=$?
  1821. case $sel in
  1822. 0)
  1823. unblocked_domain=$(<"$data")
  1824. if [ ${#unblocked_domain} -gt 2 ]; then
  1825. if [[ "${unblocked_domain}" == *'.'* ]]; then
  1826. firewall_unblock_domain "$unblocked_domain"
  1827. if [[ "${unblocked_domain}" != *'@'* ]]; then
  1828. dialog --title $"Unblock a domain" \
  1829. --msgbox $"The domain $unblocked_domain has been unblocked" 6 40
  1830. else
  1831. dialog --title $"Unblock a GNU Social/postActiv nickname" \
  1832. --msgbox $"$unblocked_domain has been unblocked" 6 40
  1833. fi
  1834. fi
  1835. fi
  1836. ;;
  1837. esac
  1838. rm -f "$data"
  1839. }
  1840. function ip_blocking_remove {
  1841. data=$(mktemp 2>/dev/null)
  1842. dialog --title $"Unblock an IP address" \
  1843. --backtitle $"Freedombone Control Panel" \
  1844. --inputbox $"Enter the IP address that you wish to unblock" 8 60 "" 2>"$data"
  1845. sel=$?
  1846. case $sel in
  1847. 0)
  1848. unblocked_ip=$(<"$data")
  1849. if [ ${#unblocked_ip} -gt 2 ]; then
  1850. if [[ "${unblocked_ip}" == *'.'* ]]; then
  1851. firewall_unblock_ip "$unblocked_ip"
  1852. if [[ "${unblocked_ip}" != *'@'* ]]; then
  1853. dialog --title $"Unblock an IP address" \
  1854. --msgbox $"The IP address $unblocked_ip has been unblocked" 6 40
  1855. fi
  1856. fi
  1857. fi
  1858. ;;
  1859. esac
  1860. rm -f "$data"
  1861. }
  1862. function domain_blocking_show {
  1863. if [ -f "$FIREWALL_DOMAINS" ]; then
  1864. clear
  1865. echo ''
  1866. echo $'The following domains or users have been blocked:'
  1867. echo ''
  1868. sort < "$FIREWALL_DOMAINS"
  1869. any_key
  1870. else
  1871. dialog --title $"Show blocked domains or users" \
  1872. --msgbox $"No domains or users are currently blocked" 6 40
  1873. fi
  1874. }
  1875. function domain_blocking {
  1876. while true
  1877. do
  1878. data=$(mktemp 2>/dev/null)
  1879. dialog --backtitle $"Freedombone Control Panel" \
  1880. --title $"Domain or User Blocking" \
  1881. --radiolist $"Choose an operation:" 14 60 6 \
  1882. 1 $"Block a domain or user" off \
  1883. 2 $"Unblock a domain or user" off \
  1884. 3 $"Block an IP address" off \
  1885. 4 $"Unblock an IP address" off \
  1886. 5 $"Show blocked domains and users" off \
  1887. 6 $"Back to main menu" on 2> "$data"
  1888. sel=$?
  1889. case $sel in
  1890. 1) rm -f "$data"
  1891. break;;
  1892. 255) rm -f "$data"
  1893. break;;
  1894. esac
  1895. case $(cat "$data") in
  1896. 1) domain_blocking_add;;
  1897. 2) domain_blocking_remove;;
  1898. 3) ip_blocking_add;;
  1899. 4) ip_blocking_remove;;
  1900. 5) domain_blocking_show;;
  1901. 6) rm -f "$data"
  1902. break;;
  1903. esac
  1904. rm -f "$data"
  1905. done
  1906. }
  1907. function menu_users {
  1908. while true
  1909. do
  1910. data=$(mktemp 2>/dev/null)
  1911. dialog --backtitle $"Freedombone Control Panel" \
  1912. --title $"Manage Users" \
  1913. --radiolist $"Choose an operation:" 13 70 6 \
  1914. 1 $"Add a user" off \
  1915. 2 $"Delete a user" off \
  1916. 3 $"Change user password" off \
  1917. 4 $"Change user ssh public key" off \
  1918. 5 $"Reset password tries" off \
  1919. 6 $"Back to main menu" on 2> "$data"
  1920. sel=$?
  1921. case $sel in
  1922. 1) rm -f "$data"
  1923. break;;
  1924. 255) rm -f "$data"
  1925. break;;
  1926. esac
  1927. case $(cat "$data") in
  1928. 1) add_user;;
  1929. 2) delete_user;;
  1930. 3) change_password;;
  1931. 4) change_ssh_public_key;;
  1932. 5) reset_password_tries;;
  1933. 6) rm -f "$data"
  1934. break;;
  1935. esac
  1936. rm -f "$data"
  1937. done
  1938. }
  1939. function wifi_enable {
  1940. disable_wifi='yes'
  1941. dialog --title $"Enable Wifi" \
  1942. --backtitle $"Freedombone Control Panel" \
  1943. --defaultno \
  1944. --yesno $"\\nDo you wish to enable wifi?" 10 50
  1945. sel=$?
  1946. case $sel in
  1947. 0) disable_wifi='no';;
  1948. 1) disable_wifi='yes';;
  1949. 255) return;;
  1950. esac
  1951. "${PROJECT_NAME}-wifi" --disable $disable_wifi
  1952. }
  1953. function add_clacks {
  1954. clacks=
  1955. data=$(mktemp 2>/dev/null)
  1956. dialog --title $"Add Clacks Overhead" \
  1957. --backtitle $"Freedombone Control Panel" \
  1958. --inputbox $"" 7 60 2>"$data"
  1959. sel=$?
  1960. case $sel in
  1961. 0)
  1962. clacks=$(<"$data")
  1963. if [ ${#clacks} -gt 1 ]; then
  1964. WEB_FILES="/etc/nginx/sites-available/*"
  1965. for f in $WEB_FILES
  1966. do
  1967. if grep -q "X-Clacks-Overhead" "$f"; then
  1968. sed -i "s|X-Clacks-Overhead .*|X-Clacks-Overhead \"GNU $clacks\";|g" "$f"
  1969. else
  1970. sed -i "/X-Content-Type-Options/a add_header X-Clacks-Overhead \"GNU $clacks\";" "$f"
  1971. fi
  1972. done
  1973. systemctl restart nginx
  1974. dialog --title $"Add Clacks Overhead" \
  1975. --msgbox $"\\nAdded for $clacks" 10 60
  1976. fi
  1977. ;;
  1978. esac
  1979. rm -f "$data"
  1980. }
  1981. function menu_wifi {
  1982. if [[ "$(wifi_exists)" == "0" ]]; then
  1983. dialog --title $"Wifi" \
  1984. --msgbox $"No wifi adaptors were detected" 6 40
  1985. return
  1986. fi
  1987. while true
  1988. do
  1989. status_str=$'Wifi OFF'
  1990. if [ -f /etc/hostapd/hostapd.conf ]; then
  1991. status_str=$'Hotspot ON'
  1992. else
  1993. if [ -f /etc/network/interfaces.d/wifi ]; then
  1994. status_str=$'Wifi ON'
  1995. fi
  1996. fi
  1997. data=$(mktemp 2>/dev/null)
  1998. dialog --backtitle $"Freedombone Control Panel" \
  1999. --title $"Wifi Menu" \
  2000. --radiolist $"${status_str}\\n\\nChoose an operation:" 14 70 6 \
  2001. 1 $"Enable or disable Wifi" off \
  2002. 2 $"Configure wifi networks" off \
  2003. 3 $"Manually edit wifi networks file" off \
  2004. 4 $"Hotspot settings" off \
  2005. 5 $"Exit" on 2> "$data"
  2006. sel=$?
  2007. case $sel in
  2008. 1) rm -f "$data"
  2009. break;;
  2010. 255) rm -f "$data"
  2011. break;;
  2012. esac
  2013. case $(cat "$data") in
  2014. 1) wifi_enable;;
  2015. 2) wifi_settings;;
  2016. 3) wifi_edit_networks;;
  2017. 4) hotspot_settings;;
  2018. 5) rm -f "$data"
  2019. break;;
  2020. esac
  2021. rm -f "$data"
  2022. done
  2023. }
  2024. function menu_app_settings {
  2025. detect_installable_apps
  2026. applist=""
  2027. appnames=()
  2028. n=1
  2029. app_index=0
  2030. for a in "${APPS_AVAILABLE[@]}"
  2031. do
  2032. if [[ ${APPS_INSTALLED[$app_index]} != "0" ]]; then
  2033. if [[ $(function_exists "configure_interactive_${a}") == "1" ]]; then
  2034. applist="$applist $n $a off"
  2035. n=$((n+1))
  2036. appnames+=("$a")
  2037. fi
  2038. fi
  2039. app_index=$((app_index+1))
  2040. done
  2041. if [ $n -le 1 ]; then
  2042. return
  2043. fi
  2044. backstr=$'Exit'
  2045. applist="$applist $n $backstr on"
  2046. appnames+=("Exit")
  2047. choice=$(dialog --stdout --backtitle $"Freedombone" \
  2048. --title $"Change settings for an App" \
  2049. --radiolist $'Choose:' \
  2050. 26 40 30 "$applist")
  2051. # shellcheck disable=SC2181
  2052. if [ $? -eq 0 ]; then
  2053. app_index=$((choice-1))
  2054. chosen_app=${appnames[$app_index]}
  2055. if [[ $chosen_app != "Exit" ]]; then
  2056. "configure_interactive_${chosen_app}"
  2057. fi
  2058. fi
  2059. }
  2060. function menu_top_level {
  2061. while true
  2062. do
  2063. data=$(mktemp 2>/dev/null)
  2064. dialog --backtitle $"Freedombone Control Panel" \
  2065. --title $"Control Panel" \
  2066. --radiolist $"Choose an operation:" 30 70 22 \
  2067. 1 $"About this system" off \
  2068. 2 $"Passwords" off \
  2069. 3 $"Backup and Restore" off \
  2070. 4 $"Show Firewall" off \
  2071. 5 $"Verify Tripwire Code" off \
  2072. 6 $"Reset Tripwire" off \
  2073. 7 $"App Settings" off \
  2074. 8 $"Add/Remove Apps" off \
  2075. 9 $"Logging on/off" off \
  2076. 10 $"Ping enable/disable" off \
  2077. 11 $"Manage Users" off \
  2078. 12 $"Email Menu" off \
  2079. 13 $"Domain or User Blocking" off \
  2080. 14 $"Security Settings" off \
  2081. 15 $"Change the name of this system" off \
  2082. 16 $"Set a static local IP address" off \
  2083. 17 $"Wifi menu" off \
  2084. 18 $"Add Clacks" off \
  2085. 19 $"Check for updates" off \
  2086. 20 $"Power off the system" off \
  2087. 21 $"Restart the system" off \
  2088. 22 $"Exit" on 2> "$data"
  2089. sel=$?
  2090. case $sel in
  2091. 1) rm -f "$data"
  2092. exit 1;;
  2093. 255) rm -f "$data"
  2094. exit 1;;
  2095. esac
  2096. please_wait
  2097. case $(cat "$data") in
  2098. 1) show_about;;
  2099. 2) view_or_change_passwords;;
  2100. 3) menu_backup_restore;;
  2101. 4) show_firewall;;
  2102. 5) show_tripwire_verification_code
  2103. any_key_verify;;
  2104. 6) reset_tripwire;;
  2105. 7) menu_app_settings;;
  2106. 8) if ! /usr/local/bin/addremove; then
  2107. any_key
  2108. fi
  2109. ;;
  2110. 9) logging_on_off;;
  2111. 10) ping_enable_disable;;
  2112. 11) menu_users;;
  2113. 12) menu_email;;
  2114. 13) domain_blocking;;
  2115. 14) security_settings;;
  2116. 15) change_system_name;;
  2117. 16) set_static_IP;;
  2118. 17) menu_wifi;;
  2119. 18) add_clacks;;
  2120. 19) check_for_updates;;
  2121. 20) shut_down_system;;
  2122. 21) restart_system;;
  2123. 22) rm -f "$data"
  2124. break;;
  2125. esac
  2126. rm -f "$data"
  2127. done
  2128. }
  2129. if [ ! -f "$COMPLETION_FILE" ]; then
  2130. echo $'This command should only be run on an installed Freedombone system'
  2131. exit 1
  2132. fi
  2133. ADMIN_USER=$(get_completion_param "Admin user")
  2134. menu_top_level
  2135. clear
  2136. cat /etc/motd
  2137. exit 0