freedombone-controlpanel 46KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299
  1. #!/bin/bash
  2. #
  3. # .---. . .
  4. # | | |
  5. # |--- .--. .-. .-. .-.| .-. .--.--. |.-. .-. .--. .-.
  6. # | | (.-' (.-' ( | ( )| | | | )( )| | (.-'
  7. # ' ' --' --' -' - -' ' ' -' -' -' ' - --'
  8. #
  9. # Freedom in the Cloud
  10. #
  11. # Administrator control panel for the Freedombone system
  12. #
  13. # License
  14. # =======
  15. #
  16. # Copyright (C) 2015 Bob Mottram <bob@robotics.uk.to>
  17. #
  18. # This program is free software: you can redistribute it and/or modify
  19. # it under the terms of the GNU General Public License as published by
  20. # the Free Software Foundation, either version 3 of the License, or
  21. # (at your option) any later version.
  22. #
  23. # This program is distributed in the hope that it will be useful,
  24. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  25. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  26. # GNU General Public License for more details.
  27. #
  28. # You should have received a copy of the GNU General Public License
  29. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  30. PROJECT_NAME='freedombone'
  31. export TEXTDOMAIN=${PROJECT_NAME}-controlpanel
  32. export TEXTDOMAINDIR="/usr/share/locale"
  33. COMPLETION_FILE=$HOME/${PROJECT_NAME}-completed.txt
  34. SELECTED_USERNAME=
  35. SIP_CONFIG_FILE=/etc/sipwitch.conf
  36. ADMIN_USER=
  37. UPGRADE_SCRIPT_NAME="${PROJECT_NAME}-upgrade"
  38. UPDATE_DATE_SCRIPT=/usr/bin/updatedate
  39. # Minimum number of characters in a password
  40. MINIMUM_PASSWORD_LENGTH=8
  41. USB_DRIVE=sdb
  42. # get default USB from config file
  43. CONFIG_FILE=$HOME/${PROJECT_NAME}.cfg
  44. if [ -f $CONFIG_FILE ]; then
  45. if grep -q "USB_DRIVE=" $CONFIG_FILE; then
  46. USB_DRIVE=$(cat $CONFIG_FILE | grep "USB_DRIVE=" | awk -F '=' '{print $2}')
  47. if [[ $USB_DRIVE == *"dev"* ]]; then
  48. USB_DRIVE=$(echo ${USB_DRIVE} | awk -F '/' '{print $3}' | sed 's|1||g' | sed 's|2||g')
  49. fi
  50. fi
  51. fi
  52. function any_key {
  53. echo ' '
  54. read -n1 -r -p $"Press any key to continue..." key
  55. }
  56. function check_for_updates {
  57. if [ ! -f /etc/cron.weekly/$UPGRADE_SCRIPT_NAME ]; then
  58. dialog --title $"Check for updates" \
  59. --msgbox $"Upgrade script was not found" 6 40
  60. return
  61. fi
  62. clear
  63. . /etc/cron.weekly/$UPGRADE_SCRIPT_NAME
  64. any_key
  65. }
  66. function add_user {
  67. data=$(tempfile 2>/dev/null)
  68. trap "rm -f $data" 0 1 2 5 15
  69. dialog --backtitle $"Freedombone Control Panel" \
  70. --title $"Add new user" \
  71. --form "\n" 8 40 3 \
  72. $"Username:" 1 1 "" 1 11 16 15 \
  73. $"ssh public key (optional):" 2 1 "" 3 1 40 10000 \
  74. 2> $data
  75. sel=$?
  76. case $sel in
  77. 1) return;;
  78. 255) return;;
  79. esac
  80. new_user_username=$(cat $data | sed -n 1p)
  81. new_user_ssh_public_key=$(cat $data | sed -n 2p)
  82. if [ ${#new_user_username} -lt 2 ]; then
  83. dialog --title $"New username" \
  84. --msgbox $"No username was given" 6 40
  85. return
  86. fi
  87. if [[ "$new_user_username" == *" "* ]]; then
  88. dialog --title $"Invalid username" \
  89. --msgbox $"The username should not contain any spaces" 6 40
  90. return
  91. fi
  92. if [ ${#new_user_ssh_public_key} -lt 20 ]; then
  93. clear
  94. ${PROJECT_NAME}-adduser "$new_user_username"
  95. any_key
  96. else
  97. if [[ "$new_user_ssh_public_key" == "ssh-"* ]]; then
  98. clear
  99. ${PROJECT_NAME}-adduser "$new_user_username" "$new_user_ssh_public_key"
  100. any_key
  101. else
  102. dialog --title $"ssh public key" \
  103. --msgbox $"This does not look like an ssh public key" 6 40
  104. fi
  105. fi
  106. }
  107. function show_sip_extensions {
  108. if [ ! -f $SIP_CONFIG_FILE ]; then
  109. return;
  110. fi
  111. clear
  112. echo $"SIP phone extensions:"
  113. echo " "
  114. while read ext; do
  115. if [[ $ext == *"user id"* ]]; then
  116. echo -n " "
  117. echo -n $(echo "$ext" | awk -F '"' '{print $2}' | awk -F '"' '{print $1}')
  118. echo -n " "
  119. fi
  120. if [[ $ext == *"extension"* ]]; then
  121. echo $(echo "$ext" | awk -F '>' '{print $2}' | awk -F '<' '{print $1}')
  122. fi
  123. done < $SIP_CONFIG_FILE
  124. any_key
  125. }
  126. function select_user {
  127. SELECTED_USERNAME=
  128. data=$(tempfile 2>/dev/null)
  129. trap "rm -f $data" 0 1 2 5 15
  130. dialog --title "Select a user" \
  131. --backtitle $"Freedombone Control Panel" \
  132. --dselect "/home/" 14 40 2> $data
  133. sel=$?
  134. case $sel in
  135. 0) SELECTED_USERNAME=$(cat $data | awk -F '/' '{print $3}');;
  136. 1) return;;
  137. 255) return;;
  138. esac
  139. if [ ${#SELECTED_USERNAME} -lt 2 ]; then
  140. SELECTED_USERNAME=
  141. fi
  142. if [ ! -d /home/$SELECTED_USERNAME ]; then
  143. dialog --title $"User directory check" \
  144. --msgbox $"This does not look like a user directory" 6 40
  145. SELECTED_USERNAME=
  146. fi
  147. }
  148. function delete_user {
  149. select_user
  150. if [ ! $SELECTED_USERNAME ]; then
  151. return
  152. fi
  153. if grep -Fxq "Admin user:$SELECTED_USERNAME" $COMPLETION_FILE; then
  154. dialog --title $"Administrator user" \
  155. --msgbox $"You can't delete the administrator user" 6 40
  156. return
  157. fi
  158. clear
  159. ${PROJECT_NAME}-rmuser $SELECTED_USERNAME
  160. any_key
  161. }
  162. function configure_remote_backups {
  163. if ! grep -Fxq "Admin user:$ADMIN_USER" $COMPLETION_FILE; then
  164. dialog --title $"Administrator user" \
  165. --msgbox $"No Administrator user found. Check $COMPLETION_FILE" 6 40
  166. return
  167. fi
  168. if [ ${#ADMIN_USER} -lt 2 ]; then
  169. dialog --title $"Administrator user" \
  170. --msgbox $"Username not found" 6 40
  171. return
  172. fi
  173. if [ ! -d /home/$ADMIN_USER ]; then
  174. dialog --title $"Administrator user" \
  175. --msgbox $"Home directory not found" 6 40
  176. return
  177. fi
  178. ${PROJECT_NAME}-remote -u $ADMIN_USER
  179. if [ ! "$?" = "0" ]; then
  180. any_key
  181. fi
  182. }
  183. function change_password {
  184. select_user
  185. if [ ! $SELECTED_USERNAME ]; then
  186. return
  187. fi
  188. dialog --title $"Change password" \
  189. --passwordbox $"New password for user $SELECTED_USERNAME" 8 40 2> $data
  190. newpassword=$(<$data)
  191. if [ ${#newpassword} -lt ${MINIMUM_PASSWORD_LENGTH} ]; then
  192. dialog --title $"Change password" \
  193. --msgbox $"The password should be ${MINIMUM_PASSWORD_LENGTH} or more characters" 6 40
  194. return
  195. fi
  196. echo "$SELECTED_USERNAME:$newpassword"|chpasswd
  197. dialog --title $"Change password" \
  198. --msgbox $"Password for $SELECTED_USERNAME was changed" 6 40
  199. }
  200. function irc_set_global_password {
  201. dialog --title $"IRC Password" \
  202. --clear \
  203. --backtitle $"Freedombone Control Panel" \
  204. --passwordbox $"Password for all IRC users, or press Enter for no password" 10 50 2> $data
  205. sel=$?
  206. case $sel in
  207. 0)
  208. NEW_IRC_PASSWORD=$(<$data)
  209. sed -i "0,/RE/s/Password =.*/Password =$NEW_IRC_PASSWORD/" /etc/ngircd/ngircd.conf
  210. dialog --title $"IRC Password" \
  211. --msgbox $"The IRC password was changed" 6 40
  212. ;;
  213. esac
  214. }
  215. function change_ssh_public_key {
  216. select_user
  217. if [ ! $SELECTED_USERNAME ]; then
  218. return
  219. fi
  220. if grep -Fxq "Admin user:$SELECTED_USERNAME" $COMPLETION_FILE; then
  221. dialog --title $"Change ssh public key" \
  222. --backtitle $"Freedombone Control Panel" \
  223. --defaultno \
  224. --yesno $"\nThis is the administrator user.\n\nAre you sure you want to change the ssh public key for the administrator?" 10 60
  225. sel=$?
  226. case $sel in
  227. 1) return;;
  228. 255) return;;
  229. esac
  230. fi
  231. data=$(tempfile 2>/dev/null)
  232. trap "rm -f $data" 0 1 2 5 15
  233. dialog --title $"Change ssh public key for $SELECTED_USERNAME" \
  234. --backtitle $"Freedombone Control Panel" \
  235. --inputbox $"Paste the ssh public key below" 8 60 2>$data
  236. sel=$?
  237. case $sel in
  238. 0)
  239. SSH_PUBLIC_KEY=$(<$data)
  240. if [ "$SSH_PUBLIC_KEY" ]; then
  241. if [ ${#SSH_PUBLIC_KEY} -gt 5 ]; then
  242. if [ -f "$SSH_PUBLIC_KEY" ]; then
  243. if [ ! -d /home/$SELECTED_USERNAME/.ssh ]; then
  244. mkdir /home/$SELECTED_USERNAME/.ssh
  245. fi
  246. cp $SSH_PUBLIC_KEY \
  247. /home/$SELECTED_USERNAME/.ssh/authorized_keys
  248. chown -R $SELECTED_USERNAME:$SELECTED_USERNAME \
  249. /home/$SELECTED_USERNAME/.ssh
  250. dialog --title $"Change ssh public key" \
  251. --msgbox $"ssh public key was installed" 6 40
  252. else
  253. if [[ "$SSH_PUBLIC_KEY" == "ssh-"* ]]; then
  254. if [ ! -d /home/$SELECTED_USERNAME/.ssh ]; then
  255. mkdir /home/$SELECTED_USERNAME/.ssh
  256. fi
  257. echo "$SSH_PUBLIC_KEY" > \
  258. /home/$SELECTED_USERNAME/.ssh/authorized_keys
  259. chown -R $SELECTED_USERNAME:$SELECTED_USERNAME \
  260. /home/$SELECTED_USERNAME/.ssh
  261. dialog --title $"Change ssh public key" \
  262. --msgbox $"ssh public key was installed" 6 40
  263. fi
  264. fi
  265. fi
  266. fi
  267. ;;
  268. esac
  269. }
  270. function add_to_mailing_list {
  271. select_user
  272. if [ ! $SELECTED_USERNAME ]; then
  273. return
  274. fi
  275. data=$(tempfile 2>/dev/null)
  276. trap "rm -f $data" 0 1 2 5 15
  277. dialog --backtitle $"Freedombone Control Panel" \
  278. --title $"Subscribe $SELECTED_USERNAME to a mailing list" \
  279. --form "\n" 8 68 4 \
  280. $"List folder name:" 1 1 "" 1 35 26 25 \
  281. $"Name between [] on subject line:" 2 1 "" 2 35 26 25 \
  282. $"List email address:" 3 1 "" 3 35 26 25 \
  283. 2> $data
  284. sel=$?
  285. case $sel in
  286. 1) return;;
  287. 255) return;;
  288. esac
  289. LIST_NAME=$(cat $data | sed -n 1p)
  290. LIST_SUBJECT=$(cat $data | sed -n 2p)
  291. LIST_EMAIL=$(cat $data | sed -n 3p)
  292. if [ ${#LIST_NAME} -lt 2 ]; then
  293. dialog --title $"Add mailing list" \
  294. --msgbox $"No mailing list name was given" 6 40
  295. return
  296. fi
  297. if [ ${#LIST_SUBJECT} -lt 2 ]; then
  298. dialog --title $"Add mailing list" \
  299. --msgbox $"No mailing list subject was given" 6 40
  300. return
  301. fi
  302. if [ ${#LIST_EMAIL} -lt 2 ]; then
  303. dialog --title $"Add mailing list" \
  304. --msgbox $"No mailing list email address was given" 6 40
  305. return
  306. fi
  307. if [[ "$LIST_EMAIL" != *"@"* || "$LIST_EMAIL" != *"."* ]]; then
  308. dialog --title $"Add mailing list" \
  309. --msgbox $"Unrecognised email address" 6 40
  310. return
  311. fi
  312. ${PROJECT_NAME}-addlist -u $SELECTED_USERNAME -l "$LIST_NAME" \
  313. -s "$LIST_SUBJECT" -e "$LIST_EMAIL"
  314. dialog --title $"Add mailing list" \
  315. --msgbox $"$LIST_NAME list was added" 6 40
  316. }
  317. function email_rule {
  318. select_user
  319. if [ ! $SELECTED_USERNAME ]; then
  320. return
  321. fi
  322. data=$(tempfile 2>/dev/null)
  323. trap "rm -f $data" 0 1 2 5 15
  324. dialog --backtitle $"Freedombone Control Panel" \
  325. --title $"Email rule for user $SELECTED_USERNAME" \
  326. --form "\n" 8 65 3 \
  327. $"When email arrives from address:" 1 1 "" 1 35 24 28 \
  328. $"Move to folder:" 2 1 "" 2 35 24 28 \
  329. 2> $data
  330. sel=$?
  331. case $sel in
  332. 1) return;;
  333. 255) return;;
  334. esac
  335. RULE_EMAIL=$(cat $data | sed -n 1p)
  336. RULE_FOLDER=$(cat $data | sed -n 2p)
  337. if [ ${#RULE_EMAIL} -lt 2 ]; then
  338. dialog --title $"Add email rule" \
  339. --msgbox $"No email address was given" 6 40
  340. return
  341. fi
  342. if [ ${#RULE_FOLDER} -lt 2 ]; then
  343. dialog --title $"Add email rule" \
  344. --msgbox $"No folder name was given" 6 40
  345. return
  346. fi
  347. if [[ "$RULE_EMAIL" != *"@"* || "$RULE_EMAIL" != *"."* ]]; then
  348. dialog --title $"Add email rule" \
  349. --msgbox $"Unrecognised email address" 6 40
  350. return
  351. fi
  352. ${PROJECT_NAME}-addemail -u $SELECTED_USERNAME -e "$RULE_EMAIL" \
  353. -g "$RULE_FOLDER"
  354. dialog --title $"Add email rule" \
  355. --msgbox $"Email rule for $RULE_EMAIL was added" 6 40
  356. }
  357. function block_unblock_email {
  358. select_user
  359. if [ ! $SELECTED_USERNAME ]; then
  360. return
  361. fi
  362. blockstr=$"Block/Unblock email going to"
  363. data=$(tempfile 2>/dev/null)
  364. trap "rm -f $data" 0 1 2 5 15
  365. dialog --backtitle $"Freedombone Control Panel" \
  366. --title "$blockstr $SELECTED_USERNAME" \
  367. --form "\n" 8 65 3 \
  368. $"When email arrives from address:" 1 1 "" 1 35 24 28 \
  369. $"Block it:" 2 1 "yes" 2 35 4 4 \
  370. 2> $data
  371. sel=$?
  372. case $sel in
  373. 1) return;;
  374. 255) return;;
  375. esac
  376. BLOCK_EMAIL=$(cat $data | sed -n 1p)
  377. BLOCK=$(cat $data | sed -n 2p)
  378. if [ ${#BLOCK_EMAIL} -lt 2 ]; then
  379. dialog --title $"Block/Unblock an email" \
  380. --msgbox $"No email address was given" 6 40
  381. return
  382. fi
  383. if [[ "$BLOCK_EMAIL" != *"@"* || "$BLOCK_EMAIL" != *"."* ]]; then
  384. dialog --title $"Block/Unblock an email" \
  385. --msgbox $"Unrecognised email address" 6 40
  386. return
  387. fi
  388. if [[ $BLOCK == "y"* || $BLOCK == "Y"* ]]; then
  389. ${PROJECT_NAME}-ignore -u $SELECTED_USERNAME -e "$BLOCK_EMAIL"
  390. dialog --title $"Block an email" \
  391. --msgbox "Email from $BLOCK_EMAIL to $SELECTED_USERNAME blocked" 6 40
  392. else
  393. ${PROJECT_NAME}-unignore -u $SELECTED_USERNAME -e "$BLOCK_EMAIL"
  394. dialog --title $"Unblock an email" \
  395. --msgbox "Email from $BLOCK_EMAIL to $SELECTED_USERNAME unblocked" 6 40
  396. fi
  397. }
  398. function block_unblock_subject {
  399. select_user
  400. if [ ! $SELECTED_USERNAME ]; then
  401. return
  402. fi
  403. blockstr=$"Block/Unblock email going to"
  404. data=$(tempfile 2>/dev/null)
  405. trap "rm -f $data" 0 1 2 5 15
  406. dialog --backtitle $"Freedombone Control Panel" \
  407. --title "$blockstr $SELECTED_USERNAME" \
  408. --form "\n" 8 70 3 \
  409. $"When email arrives with subject text:" 1 1 "" 1 40 24 28 \
  410. $"Block it:" 2 1 "yes" 2 40 4 4 \
  411. 2> $data
  412. sel=$?
  413. case $sel in
  414. 1) return;;
  415. 255) return;;
  416. esac
  417. BLOCK_SUBJECT=$(cat $data | sed -n 1p)
  418. BLOCK=$(cat $data | sed -n 2p)
  419. if [ ${#BLOCK_SUBJECT} -lt 2 ]; then
  420. dialog --title $"Block/Unblock an email" \
  421. --msgbox $"No subject was given" 6 40
  422. return
  423. fi
  424. if [[ $BLOCK == "y"* || $BLOCK == "Y"* ]]; then
  425. ${PROJECT_NAME}-ignore -u $SELECTED_USERNAME -t "$BLOCK_SUBJECT"
  426. dialog --title $"Block an email" \
  427. --msgbox "Email with subject $BLOCK_SUBJECT to $SELECTED_USERNAME blocked" 6 40
  428. else
  429. ${PROJECT_NAME}-unignore -u $SELECTED_USERNAME -t "$BLOCK_SUBJECT"
  430. dialog --title $"Unblock an email" \
  431. --msgbox "Email with subject $BLOCK_SUBJECT to $SELECTED_USERNAME unblocked" 6 40
  432. fi
  433. }
  434. function create_keydrive_master {
  435. select_user
  436. if [ ! $SELECTED_USERNAME ]; then
  437. return
  438. fi
  439. dialog --title $"USB Master Keydrive" \
  440. --msgbox $"Plug in a LUKS encrypted USB drive" 6 40
  441. clear
  442. ${PROJECT_NAME}-keydrive -u $SELECTED_USERNAME --master 'yes'
  443. any_key
  444. }
  445. function create_keydrive_fragment {
  446. select_user
  447. if [ ! $SELECTED_USERNAME ]; then
  448. return
  449. fi
  450. dialog --title $"USB Fragment Keydrive" \
  451. --msgbox $"Plug in a LUKS encrypted USB drive" 6 40
  452. clear
  453. ${PROJECT_NAME}-keydrive -u $SELECTED_USERNAME
  454. any_key
  455. }
  456. function backup_data {
  457. dialog --title $"Backup data to USB" \
  458. --msgbox $"Plug in a LUKS encrypted USB drive" 6 40
  459. clear
  460. echo ' '
  461. echo $'Enter the passphrase for your LUKS encrypted backup drive:'
  462. ${PROJECT_NAME}-backup-local
  463. any_key
  464. }
  465. function restore_from_usb {
  466. while true
  467. do
  468. data=$(tempfile 2>/dev/null)
  469. trap "rm -f $data" 0 1 2 5 15
  470. dialog --backtitle $"Freedombone Control Panel" \
  471. --title $"Restore from USB backup" \
  472. --radiolist $"Choose an application to restore:" 30 70 27 \
  473. 1 $"Everything" on \
  474. 2 $"Return to the backup and restore menu" off \
  475. 3 $"Configuration files" off \
  476. 4 $"MariaDB settings" off \
  477. 5 $"Let's Encrypt account" off \
  478. 6 $"Mutt email client settings" off \
  479. 7 $"GPG keys" off \
  480. 8 $"Email processing rules" off \
  481. 9 $"Spam filtering rules" off \
  482. 10 $"Administrator's README file" off \
  483. 11 $"IPFS" off \
  484. 12 $"SSH keys" off \
  485. 13 $"User configuration files" off \
  486. 14 $"SSL/TLS certificates" off \
  487. 15 $"Personal settings" off \
  488. 16 $"Mailing List" off \
  489. 17 $"XMPP chat" off \
  490. 18 $"GNU Social" off \
  491. 19 $"Hubzilla" off \
  492. 20 $"Owncloud" off \
  493. 21 $"Gogs" off \
  494. 22 $"Wiki" off \
  495. 23 $"Blog" off \
  496. 24 $"CJDNS" off \
  497. 25 $"Email" off \
  498. 26 $"DLNA" off \
  499. 27 $"VoIP" off \
  500. 28 $"Tox" off 2> $data
  501. sel=$?
  502. case $sel in
  503. 1) break;;
  504. 255) break;;
  505. esac
  506. case $(cat $data) in
  507. 1) ${PROJECT_NAME}-restore-local $USB_DRIVE;;
  508. 2) return;;
  509. 3) ${PROJECT_NAME}-restore-local $USB_DRIVE configuration;;
  510. 4) ${PROJECT_NAME}-restore-local $USB_DRIVE mariadb;;
  511. 5) ${PROJECT_NAME}-restore-local $USB_DRIVE letsencrypt;;
  512. 6) ${PROJECT_NAME}-restore-local $USB_DRIVE mutt;;
  513. 7) ${PROJECT_NAME}-restore-local $USB_DRIVE gpg;;
  514. 8) ${PROJECT_NAME}-restore-local $USB_DRIVE procmail;;
  515. 9) ${PROJECT_NAME}-restore-local $USB_DRIVE spamassassin;;
  516. 10) ${PROJECT_NAME}-restore-local $USB_DRIVE readme;;
  517. 11) ${PROJECT_NAME}-restore-local $USB_DRIVE ipfs;;
  518. 12) ${PROJECT_NAME}-restore-local $USB_DRIVE ssh;;
  519. 13) ${PROJECT_NAME}-restore-local $USB_DRIVE userconfig;;
  520. 14) ${PROJECT_NAME}-restore-local $USB_DRIVE certs;;
  521. 15) ${PROJECT_NAME}-restore-local $USB_DRIVE personal;;
  522. 16) ${PROJECT_NAME}-restore-local $USB_DRIVE mailinglist;;
  523. 17) ${PROJECT_NAME}-restore-local $USB_DRIVE xmpp;;
  524. 18) ${PROJECT_NAME}-restore-local $USB_DRIVE gnusocial;;
  525. 19) ${PROJECT_NAME}-restore-local $USB_DRIVE hubzilla;;
  526. 20) ${PROJECT_NAME}-restore-local $USB_DRIVE owncloud;;
  527. 21) ${PROJECT_NAME}-restore-local $USB_DRIVE gogs;;
  528. 22) ${PROJECT_NAME}-restore-local $USB_DRIVE wiki;;
  529. 23) ${PROJECT_NAME}-restore-local $USB_DRIVE blog;;
  530. 24) ${PROJECT_NAME}-restore-local $USB_DRIVE cjdns;;
  531. 25) ${PROJECT_NAME}-restore-local $USB_DRIVE email;;
  532. 26) ${PROJECT_NAME}-restore-local $USB_DRIVE dlna;;
  533. 27) ${PROJECT_NAME}-restore-local $USB_DRIVE voip;;
  534. 28) ${PROJECT_NAME}-restore-local $USB_DRIVE tox;;
  535. esac
  536. done
  537. any_key
  538. }
  539. function restore_from_remote {
  540. remote_domain_name=$1
  541. while true
  542. do
  543. data=$(tempfile 2>/dev/null)
  544. trap "rm -f $data" 0 1 2 5 15
  545. dialog --backtitle $"Freedombone Control Panel" \
  546. --title $"Restore from ${remote_domain_name}" \
  547. --radiolist $"Choose an application to restore:" 30 70 27 \
  548. 1 $"Everything" on \
  549. 2 $"Return to the backup and restore menu" off \
  550. 3 $"Configuration files" off \
  551. 4 $"MariaDB settings" off \
  552. 5 $"Let's Encrypt account" off \
  553. 6 $"Mutt email client settings" off \
  554. 7 $"GPG keys" off \
  555. 8 $"Email processing rules" off \
  556. 9 $"Spam filtering rules" off \
  557. 10 $"Administrator's README file" off \
  558. 11 $"IPFS" off \
  559. 12 $"SSH keys" off \
  560. 13 $"User configuration files" off \
  561. 14 $"SSL/TLS certificates" off \
  562. 15 $"Personal settings" off \
  563. 16 $"Mailing List" off \
  564. 17 $"XMPP chat" off \
  565. 18 $"GNU Social" off \
  566. 19 $"Hubzilla" off \
  567. 20 $"Owncloud" off \
  568. 21 $"Gogs" off \
  569. 22 $"Wiki" off \
  570. 23 $"Blog" off \
  571. 24 $"CJDNS" off \
  572. 25 $"Email" off \
  573. 26 $"DLNA" off \
  574. 27 $"VoIP" off \
  575. 28 $"Tox" off 2> $data
  576. sel=$?
  577. case $sel in
  578. 1) break;;
  579. 255) break;;
  580. esac
  581. case $(cat $data) in
  582. 1) ${PROJECT_NAME}-restore-remote $remote_domain_name;;
  583. 2) return;;
  584. 3) ${PROJECT_NAME}-restore-remote $remote_domain_name configuration;;
  585. 4) ${PROJECT_NAME}-restore-remote $remote_domain_name mariadb;;
  586. 5) ${PROJECT_NAME}-restore-remote $remote_domain_name letsencrypt;;
  587. 6) ${PROJECT_NAME}-restore-remote $remote_domain_name mutt;;
  588. 7) ${PROJECT_NAME}-restore-remote $remote_domain_name gpg;;
  589. 8) ${PROJECT_NAME}-restore-remote $remote_domain_name procmail;;
  590. 9) ${PROJECT_NAME}-restore-remote $remote_domain_name spamassassin;;
  591. 10) ${PROJECT_NAME}-restore-remote $remote_domain_name readme;;
  592. 11) ${PROJECT_NAME}-restore-remote $remote_domain_name ipfs;;
  593. 12) ${PROJECT_NAME}-restore-remote $remote_domain_name ssh;;
  594. 13) ${PROJECT_NAME}-restore-remote $remote_domain_name userconfig;;
  595. 14) ${PROJECT_NAME}-restore-remote $remote_domain_name certs;;
  596. 15) ${PROJECT_NAME}-restore-remote $remote_domain_name personal;;
  597. 16) ${PROJECT_NAME}-restore-remote $remote_domain_name mailinglist;;
  598. 17) ${PROJECT_NAME}-restore-remote $remote_domain_name xmpp;;
  599. 18) ${PROJECT_NAME}-restore-remote $remote_domain_name gnusocial;;
  600. 19) ${PROJECT_NAME}-restore-remote $remote_domain_name hubzilla;;
  601. 20) ${PROJECT_NAME}-restore-remote $remote_domain_name owncloud;;
  602. 21) ${PROJECT_NAME}-restore-remote $remote_domain_name gogs;;
  603. 22) ${PROJECT_NAME}-restore-remote $remote_domain_name wiki;;
  604. 23) ${PROJECT_NAME}-restore-remote $remote_domain_name blog;;
  605. 24) ${PROJECT_NAME}-restore-remote $remote_domain_name cjdns;;
  606. 25) ${PROJECT_NAME}-restore-remote $remote_domain_name email;;
  607. 26) ${PROJECT_NAME}-restore-remote $remote_domain_name dlna;;
  608. 27) ${PROJECT_NAME}-restore-remote $remote_domain_name voip;;
  609. 28) ${PROJECT_NAME}-restore-remote $remote_domain_name tox;;
  610. esac
  611. done
  612. any_key
  613. }
  614. function restore_data {
  615. dialog --title $"Restore data from USB" \
  616. --msgbox $"Plug in your backup USB drive" 6 40
  617. clear
  618. echo ' '
  619. echo $'Enter the passphrase for your LUKS encrypted backup drive:'
  620. restore_from_usb
  621. }
  622. function restore_data_remote {
  623. if [ ! $ADMIN_USER ]; then
  624. dialog --title $"Restore data from remote server" \
  625. --msgbox $"Unknown admin user" 6 40
  626. return
  627. fi
  628. data=$(tempfile 2>/dev/null)
  629. trap "rm -f $data" 0 1 2 5 15
  630. dialog --title $"Restore from remote server" \
  631. --backtitle $"Freedombone Control Panel" \
  632. --inputbox $"Enter the domain name of the server from which you wish to restore" 8 60 2>$data
  633. sel=$?
  634. case $sel in
  635. 0)
  636. friend_server_domain_name=$(<$data)
  637. if [ ${#friend_server_domain_name} -lt 2 ]; then
  638. return
  639. fi
  640. if [[ $friend_server_domain_name != *"."* ]]; then
  641. dialog --title $"Remote server domain name" \
  642. --msgbox $"Invalid domain name" 6 40
  643. return
  644. fi
  645. restore_from_remote $friend_server_domain_name
  646. ;;
  647. esac
  648. }
  649. function ping_enable_disable {
  650. ping_str=$"\nDo you want to enable other systems to ping this machine?\n\nPing may be useful for diagnostic purposes, but for added security you may not want to enable it."
  651. enable_ping="no"
  652. dialog --title $"Enable Ping / ICMP" \
  653. --backtitle $"Freedombone Control Panel" \
  654. --defaultno \
  655. --yesno "$ping_str" 10 60
  656. sel=$?
  657. case $sel in
  658. 0) enable_ping="yes";;
  659. 255) return;;
  660. esac
  661. if [[ $enable_ping == "yes" ]]; then
  662. iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
  663. iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
  664. echo "0" > /proc/sys/net/ipv4/icmp_echo_ignore_all
  665. else
  666. iptables -D INPUT -p icmp --icmp-type echo-request -j ACCEPT
  667. iptables -D OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
  668. echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all
  669. fi
  670. }
  671. function logging_on_off {
  672. logging="no"
  673. dialog --title $"Logging" \
  674. --backtitle $"Freedombone Control Panel" \
  675. --yesno $"\nDo you want to turn logging on?" 7 60
  676. sel=$?
  677. case $sel in
  678. 0) logging="yes";;
  679. 255) return;;
  680. esac
  681. clear
  682. echo ''
  683. echo $'This may take a few seconds. Please wait...'
  684. if [[ $logging == "no" ]]; then
  685. ${PROJECT_NAME}-logging off
  686. else
  687. ${PROJECT_NAME}-logging on
  688. fi
  689. }
  690. function restore_gpg_key {
  691. select_user
  692. if [ ! $SELECTED_USERNAME ]; then
  693. return
  694. fi
  695. restorestr=$"Restore GPG key for user"
  696. dialog --title "$restorestr $SELECTED_USERNAME" \
  697. --msgbox $"Plug in your USB keydrive" 6 40
  698. clear
  699. ${PROJECT_NAME}-recoverkey -u $SELECTED_USERNAME
  700. any_key
  701. }
  702. function security_settings {
  703. ${PROJECT_NAME}-sec
  704. any_key
  705. }
  706. function reset_tripwire {
  707. clear
  708. echo $'Resetting the Tripwire...'
  709. echo ' '
  710. echo '
  711. ' | reset-tripwire
  712. any_key
  713. }
  714. function hubzilla_renew_cert {
  715. dialog --title $"Renew SSL certificate" \
  716. --backtitle $"Freedombone Control Panel" \
  717. --yesno $"\nThis will renew a letsencrypt certificate. Select 'yes' to continue" 16 60
  718. sel=$?
  719. case $sel in
  720. 1) return;;
  721. 255) return;;
  722. esac
  723. HUBZILLA_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Hubzilla domain" | awk -F ':' '{print $2}')
  724. if [ ! -d /var/www/$HUBZILLA_DOMAIN_NAME/htdocs ]; then
  725. dialog --title $"Renew SSL certificate" \
  726. --msgbox $"Hubzilla install directory not found" 6 40
  727. return
  728. fi
  729. ${PROJECT_NAME}-renew-cert -h $HUBZILLA_DOMAIN_NAME -p 'letsencrypt'
  730. if [ ! "$?" = "0" ]; then
  731. any_key
  732. else
  733. dialog --title $"Renew SSL certificate" \
  734. --msgbox $"Hubzilla certificate has been renewed" 6 40
  735. fi
  736. }
  737. function hubzilla_channel_directory_server {
  738. if ! grep -q "Hubzilla domain" $COMPLETION_FILE; then
  739. dialog --title $"Hubzilla channel directory server" \
  740. --msgbox $"Hubzilla is not installed on this system" 6 40
  741. return
  742. fi
  743. HUBZILLA_DOMAIN_NAME=$(cat $COMPLETION_FILE | grep "Hubzilla domain" | awk -F ':' '{print $2}')
  744. if [ ! -d /var/www/$HUBZILLA_DOMAIN_NAME/htdocs ]; then
  745. dialog --title $"Hubzilla channel directory server" \
  746. --msgbox $"Hubzilla install directory not found" 6 40
  747. return
  748. fi
  749. data=$(tempfile 2>/dev/null)
  750. trap "rm -f $data" 0 1 2 5 15
  751. dialog --title $"Hubzilla channel directory server" \
  752. --backtitle $"Freedombone Control Panel" \
  753. --inputbox $"When you click on 'channel directory' this is where Hubzilla will obtain its list from" 8 60 2>$data
  754. sel=$?
  755. case $sel in
  756. 0)
  757. hubzilla_domain_server=$(<$data)
  758. if [[ $hubzilla_domain_server != *"."* ]]; then
  759. return
  760. fi
  761. if [[ $hubzilla_domain_server != "https"* ]]; then
  762. dialog --title $"Hubzilla channel directory server" \
  763. --msgbox $"Invalid domain - include the https://" 6 40
  764. return
  765. fi
  766. ./var/www/$HUBZILLA_DOMAIN_NAME/htdocs/util/config system directory_server $hubzilla_domain_server
  767. dialog --title $"Hubzilla channel directory server" \
  768. --msgbox $"Domain channel directory server changed to $hubzilla_domain_server" 6 40
  769. ;;
  770. esac
  771. }
  772. function format_drive {
  773. drive=
  774. data=$(tempfile 2>/dev/null)
  775. trap "rm -f $data" 0 1 2 5 15
  776. dialog --backtitle $"Freedombone Control Panel" \
  777. --title $"Format a USB drive (LUKS encrypted)" \
  778. --radiolist $"Choose a drive:" 12 70 5 \
  779. 1 $"sda (Beaglebone Black)" off \
  780. 2 $"sdb" off \
  781. 3 $"sdc" off \
  782. 4 $"sdd" off \
  783. 5 $"Back to Backup and Restore menu" on 2> $data
  784. sel=$?
  785. case $sel in
  786. 1) return;;
  787. 255) return;;
  788. esac
  789. case $(cat $data) in
  790. 1) drive='sda';;
  791. 2) drive='sdb';;
  792. 3) drive='sdc';;
  793. 4) drive='sdd';;
  794. 5) return;;
  795. esac
  796. dialog --title $"Format USB drive" \
  797. --backtitle $"Freedombone Control Panel" \
  798. --defaultno \
  799. --yesno $"\nPlease confirm that you wish to format drive\n\n ${drive}\n\nAll current data on the drive will be lost, and you will be prompted to give a password used to encrypt the drive.\n\nDANGER: If you screw up here and format the wrong drive it's your own fault!" 16 60
  800. sel=$?
  801. case $sel in
  802. 1) return;;
  803. 255) return;;
  804. esac
  805. clear
  806. ${PROJECT_NAME}-format $drive
  807. any_key
  808. }
  809. function remove_backups {
  810. drive=
  811. data=$(tempfile 2>/dev/null)
  812. trap "rm -f $data" 0 1 2 5 15
  813. dialog --backtitle $"Freedombone Control Panel" \
  814. --title $"Remove backups from a USB drive" \
  815. --radiolist $"Choose a drive:" 12 70 5 \
  816. 1 $"sda (Beaglebone Black)" off \
  817. 2 $"sdb" off \
  818. 3 $"sdc" off \
  819. 4 $"sdd" off \
  820. 5 $"Back to Backup and Restore menu" on 2> $data
  821. sel=$?
  822. case $sel in
  823. 1) return;;
  824. 255) return;;
  825. esac
  826. case $(cat $data) in
  827. 1) drive='sda';;
  828. 2) drive='sdb';;
  829. 3) drive='sdc';;
  830. 4) drive='sdd';;
  831. 5) return;;
  832. esac
  833. dialog --title $"Remove backups from a USB drive" \
  834. --backtitle $"Freedombone Control Panel" \
  835. --defaultno \
  836. --yesno $"\nPlease confirm that you wish to remove backups from this drive\n\n ${drive}\n\nYou will not be able to recover them afterwards." 12 60
  837. sel=$?
  838. case $sel in
  839. 1) return;;
  840. 255) return;;
  841. esac
  842. clear
  843. ${PROJECT_NAME}-backup-local $drive remove
  844. any_key
  845. }
  846. function shut_down_system {
  847. dialog --title $"Power off the system" \
  848. --backtitle $"Freedombone Control Panel" \
  849. --defaultno \
  850. --yesno $"\nPlease confirm that you wish to power off the system.\n\nWARNING: to power on again you will need to have physical access to the hardware." 10 60
  851. sel=$?
  852. case $sel in
  853. 1) return;;
  854. 255) return;;
  855. esac
  856. shutdown now
  857. }
  858. function restart_system {
  859. dialog --title $"Restart the system" \
  860. --backtitle $"Freedombone Control Panel" \
  861. --defaultno \
  862. --yesno $"\nPlease confirm that you wish to restart the system.\n\nWARNING: If you are using full disk encryption then you will need physical access to the hardware to type in the password" 10 60
  863. sel=$?
  864. case $sel in
  865. 1) return;;
  866. 255) return;;
  867. esac
  868. reboot
  869. }
  870. function change_system_name {
  871. data=$(tempfile 2>/dev/null)
  872. trap "rm -f $data" 0 1 2 5 15
  873. dialog --title $"Change the name of this system" \
  874. --backtitle $"Freedombone Control Panel" \
  875. --inputbox $'Enter a new name for this system on your local network\n\nIt will appear as newname.local' 10 60 2>$data
  876. sel=$?
  877. case $sel in
  878. 0) NEW_SYSTEM_NAME=$(<$data)
  879. if [ "$NEW_SYSTEM_NAME" ]; then
  880. if [ ${#NEW_SYSTEM_NAME} -gt 1 ]; then
  881. sed -i "s|host-name=.*|host-name=$NEW_SYSTEM_NAME|g" /etc/avahi/avahi-daemon.conf
  882. systemctl restart avahi-daemon
  883. if grep -q "host-name=$NEW_SYSTEM_NAME" /etc/avahi/avahi-daemon.conf; then
  884. dialog --title $"New local network name" \
  885. --msgbox $"The name of this system on your local network was changed successfully" 6 70
  886. fi
  887. fi
  888. fi
  889. ;;
  890. esac
  891. }
  892. function set_tls_time_source {
  893. TLS_DATE_SOURCE=$(cat /usr/bin/updatedate | grep "TIMESOURCE='" | awk -F '=' '{print $2}' | awk -F "'" '{print $2}')
  894. data=$(tempfile 2>/dev/null)
  895. trap "rm -f $data" 0 1 2 5 15
  896. dialog --title $"Set the TLS date/time source" \
  897. --backtitle $"Freedombone Control Panel" \
  898. --inputbox $"Enter a domain name to use as a TLS time source.\n\nFactors to consider when choosing a source are whether you wish that site to know that your system is 'alive' and also what might happen if an adversary were to try to mess with the date/time from that domain (i.e. how much blowback would there be)." 14 60 "$TLS_DATE_SOURCE" 2>$data
  899. sel=$?
  900. case $sel in
  901. 0) NEW_TLS_DATE_SOURCE=$(<$data)
  902. if [[ $NEW_TLS_DATE_SOURCE == *"."* && $NEW_TLS_DATE_SOURCE != *'/'* ]]; then
  903. if [[ $NEW_TLS_DATE_SOURCE != "http"* ]]; then
  904. sed -i "s|TIMESOURCE='.*|TIMESOURCE='${NEW_TLS_DATE_SOURCE}'|g" $UPDATE_DATE_SCRIPT
  905. else
  906. dialog --title $"Invalid domain name" \
  907. --msgbox $"Don't include the 'https'" 6 70
  908. fi
  909. else
  910. dialog --title $"Invalid domain name" \
  911. --msgbox $"That doesn't look like a domain name" 6 70
  912. fi
  913. ;;
  914. esac
  915. }
  916. function set_static_IP {
  917. STATIC_IP='192.168.1.60'
  918. STATIC_GATEWAY='192.168.1.1'
  919. NEW_STATIC_IP=
  920. NEW_STATIC_GATEWAY=
  921. if grep -q 'iface eth0 inet static' /etc/network/interfaces; then
  922. STATIC_IP=$(cat /etc/network/interfaces | grep "address " | awk -F ' ' '{print $2}' | head -n 1)
  923. STATIC_GATEWAY=$(cat /etc/network/interfaces | grep "gateway " | awk -F ' ' '{print $2}' | head -n 1)
  924. fi
  925. # get the IP for the box
  926. data=$(tempfile 2>/dev/null)
  927. trap "rm -f $data" 0 1 2 5 15
  928. dialog --title $"Set a static local IP address" \
  929. --backtitle $"Freedombone Control Panel" \
  930. --inputbox $"In order to forward incoming internet traffic to this system most internet routers need to know a static local IP address to send the data to.\n\n
  931. Enter a static local IP address for this system.\n\nIt will typically be 192.168.1.x" 15 60 "$STATIC_IP" 2>$data
  932. sel=$?
  933. case $sel in
  934. 0) NEW_STATIC_IP=$(<$data)
  935. if [[ "$NEW_STATIC_IP" != *"."* ]]; then
  936. return
  937. fi
  938. if grep -q 'iface eth0 inet static' /etc/network/interfaces; then
  939. if [[ "$NEW_STATIC_IP" != "$STATIC_IP" ]]; then
  940. sed -i "s|${STATIC_IP}|${NEW_STATIC_IP}|g" /etc/network/interfaces
  941. fi
  942. fi
  943. ;;
  944. esac
  945. # get the gateway
  946. data=$(tempfile 2>/dev/null)
  947. trap "rm -f $data" 0 1 2 5 15
  948. dialog --title $"Set the IP address of your internet router/modem" \
  949. --backtitle $"Freedombone Control Panel" \
  950. --inputbox $"Set the local IP address for your internet router or ADSL modem.\n\nIt will typically be 192.168.1.1, 192.168.1.254, or similar" 12 60 "$STATIC_GATEWAY" 2>$data
  951. sel=$?
  952. case $sel in
  953. 0) NEW_STATIC_GATEWAY=$(<$data)
  954. if [[ "$NEW_STATIC_GATEWAY" != *"."* ]]; then
  955. return
  956. fi
  957. if grep -q 'iface eth0 inet static' /etc/network/interfaces; then
  958. if [[ "$NEW_STATIC_GATEWAY" != "$STATIC_GATEWAY" ]]; then
  959. sed -i "s|${STATIC_GATEWAY}|${NEW_STATIC_GATEWAY}|g" /etc/network/interfaces
  960. fi
  961. return
  962. fi
  963. ;;
  964. esac
  965. if ! grep -q 'iface eth0 inet static' /etc/network/interfaces; then
  966. if [ "$NEW_STATIC_GATEWAY" && "$NEW_STATIC_IP" ]; then
  967. echo '# This file describes the network interfaces available on your system' > /etc/network/interfaces
  968. echo '# and how to activate them. For more information, see interfaces(5).' >> /etc/network/interfaces
  969. echo '' >> /etc/network/interfaces
  970. echo '# The loopback network interface' >> /etc/network/interfaces
  971. echo 'auto lo' >> /etc/network/interfaces
  972. echo 'iface lo inet loopback' >> /etc/network/interfaces
  973. echo '' >> /etc/network/interfaces
  974. echo '# The primary network interface' >> /etc/network/interfaces
  975. echo 'auto eth0' >> /etc/network/interfaces
  976. echo 'iface eth0 inet static' >> /etc/network/interfaces
  977. echo " address ${NEW_STATIC_IP}" >> /etc/network/interfaces
  978. echo ' netmask 255.255.255.0' >> /etc/network/interfaces
  979. echo " gateway ${NEW_STATIC_GATEWAY}" >> /etc/network/interfaces
  980. echo " dns-nameservers 213.73.91.35 85.214.20.141" >> /etc/network/interfaces
  981. echo '# Example to keep MAC address between reboots' >> /etc/network/interfaces
  982. echo '#hwaddress ether DE:AD:BE:EF:CA:FE' >> /etc/network/interfaces
  983. echo '' >> /etc/network/interfaces
  984. echo '# The secondary network interface' >> /etc/network/interfaces
  985. echo '#auto eth1' >> /etc/network/interfaces
  986. echo '#iface eth1 inet dhcp' >> /etc/network/interfaces
  987. echo '' >> /etc/network/interfaces
  988. echo '# WiFi Example' >> /etc/network/interfaces
  989. echo "#auto $WIFI_INTERFACE" >> /etc/network/interfaces
  990. echo "#iface $WIFI_INTERFACE inet dhcp" >> /etc/network/interfaces
  991. echo '# wpa-ssid "essid"' >> /etc/network/interfaces
  992. echo '# wpa-psk "password"' >> /etc/network/interfaces
  993. echo '' >> /etc/network/interfaces
  994. echo '# Ethernet/RNDIS gadget (g_ether)' >> /etc/network/interfaces
  995. echo '# ... or on host side, usbnet and random hwaddr' >> /etc/network/interfaces
  996. echo '# Note on some boards, usb0 is automaticly setup with an init script' >> /etc/network/interfaces
  997. echo '#iface usb0 inet static' >> /etc/network/interfaces
  998. echo '# address 192.168.7.2' >> /etc/network/interfaces
  999. echo '# netmask 255.255.255.0' >> /etc/network/interfaces
  1000. echo '# network 192.168.7.0' >> /etc/network/interfaces
  1001. echo '# gateway 192.168.7.1' >> /etc/network/interfaces
  1002. fi
  1003. fi
  1004. }
  1005. function menu_backup_restore {
  1006. while true
  1007. do
  1008. data=$(tempfile 2>/dev/null)
  1009. trap "rm -f $data" 0 1 2 5 15
  1010. dialog --backtitle $"Freedombone Control Panel" \
  1011. --title $"Backup and Restore" \
  1012. --radiolist $"Choose an operation:" 18 70 11 \
  1013. 1 $"Backup data to USB drive" off \
  1014. 2 $"Restore GPG key from USB keydrive" off \
  1015. 3 $"Restore data from USB drive" off \
  1016. 4 $"Configure remote backups" off \
  1017. 5 $"Restore from remote backup" off \
  1018. 6 $"Backup GPG key to USB (master keydrive)" off \
  1019. 7 $"Backup GPG key to USB (fragment keydrive)" off \
  1020. 8 $"Format a USB drive (LUKS encrypted)" off \
  1021. 9 $"Remove backups from a USB drive" off \
  1022. 10 $"Back to main menu" on 2> $data
  1023. sel=$?
  1024. case $sel in
  1025. 1) break;;
  1026. 255) break;;
  1027. esac
  1028. case $(cat $data) in
  1029. 1) backup_data;;
  1030. 2) restore_gpg_key;;
  1031. 3) restore_data;;
  1032. 4) configure_remote_backups;;
  1033. 5) restore_data_remote;;
  1034. 6) create_keydrive_master;;
  1035. 7) create_keydrive_fragment;;
  1036. 8) format_drive;;
  1037. 9) remove_backups;;
  1038. 10) break;;
  1039. esac
  1040. done
  1041. }
  1042. function menu_email {
  1043. while true
  1044. do
  1045. data=$(tempfile 2>/dev/null)
  1046. trap "rm -f $data" 0 1 2 5 15
  1047. dialog --backtitle $"Freedombone Control Panel" \
  1048. --title $"Email Filtering Rules" \
  1049. --radiolist $"Choose an operation:" 12 70 5 \
  1050. 1 $"Add a user to a mailing list" off \
  1051. 2 $"Add an email rule" off \
  1052. 3 $"Block/Unblock an email address" off \
  1053. 4 $"Block/Unblock email with subject text" off \
  1054. 5 $"Back to main menu" on 2> $data
  1055. sel=$?
  1056. case $sel in
  1057. 1) break;;
  1058. 255) break;;
  1059. esac
  1060. case $(cat $data) in
  1061. 1) add_to_mailing_list;;
  1062. 2) email_rule;;
  1063. 3) block_unblock_email;;
  1064. 4) block_unblock_subject;;
  1065. 5) break;;
  1066. esac
  1067. done
  1068. }
  1069. function menu_users {
  1070. while true
  1071. do
  1072. data=$(tempfile 2>/dev/null)
  1073. trap "rm -f $data" 0 1 2 5 15
  1074. dialog --backtitle $"Freedombone Control Panel" \
  1075. --title $"Manage Users" \
  1076. --radiolist $"Choose an operation:" 12 70 5 \
  1077. 1 $"Add a user" off \
  1078. 2 $"Delete a user" off \
  1079. 3 $"Change user password" off \
  1080. 4 $"Change user ssh public key" off \
  1081. 5 $"Back to main menu" on 2> $data
  1082. sel=$?
  1083. case $sel in
  1084. 1) break;;
  1085. 255) break;;
  1086. esac
  1087. case $(cat $data) in
  1088. 1) add_user;;
  1089. 2) delete_user;;
  1090. 3) change_password;;
  1091. 4) change_ssh_public_key;;
  1092. 5) break;;
  1093. esac
  1094. done
  1095. }
  1096. function menu_hubzilla {
  1097. while true
  1098. do
  1099. data=$(tempfile 2>/dev/null)
  1100. trap "rm -f $data" 0 1 2 5 15
  1101. dialog --backtitle $"Freedombone Control Panel" \
  1102. --title $"Hubzilla" \
  1103. --radiolist $"Choose an operation:" 13 70 4 \
  1104. 1 $"Set channel directory server" off \
  1105. 2 $"Renew SSL certificate" off \
  1106. 3 $"Back to main menu" on 2> $data
  1107. sel=$?
  1108. case $sel in
  1109. 1) break;;
  1110. 255) break;;
  1111. esac
  1112. case $(cat $data) in
  1113. 1) hubzilla_channel_directory_server;;
  1114. 2) hubzilla_renew_cert;;
  1115. 3) break;;
  1116. esac
  1117. done
  1118. }
  1119. function menu_media {
  1120. while true
  1121. do
  1122. data=$(tempfile 2>/dev/null)
  1123. trap "rm -f $data" 0 1 2 5 15
  1124. dialog --backtitle $"Freedombone Control Panel" \
  1125. --title $"Media Menu" \
  1126. --radiolist $"Choose an operation:" 13 70 3 \
  1127. 1 $"Attach a drive containing playable media" off \
  1128. 2 $"Remove a drive containing playable media" off \
  1129. 3 $"Exit" on 2> $data
  1130. sel=$?
  1131. case $sel in
  1132. 1) break;;
  1133. 255) break;;
  1134. esac
  1135. case $(cat $data) in
  1136. 1) remove-music
  1137. attach-music;;
  1138. 2) remove-music;;
  1139. 3) break;;
  1140. esac
  1141. done
  1142. }
  1143. function menu_irc {
  1144. while true
  1145. do
  1146. data=$(tempfile 2>/dev/null)
  1147. trap "rm -f $data" 0 1 2 5 15
  1148. dialog --backtitle $"Freedombone Control Panel" \
  1149. --title $"IRC Menu" \
  1150. --radiolist $"Choose an operation:" 13 70 3 \
  1151. 1 $"Set a password for all IRC users" off \
  1152. 2 $"Exit" on 2> $data
  1153. sel=$?
  1154. case $sel in
  1155. 1) break;;
  1156. 255) break;;
  1157. esac
  1158. case $(cat $data) in
  1159. 1) irc_set_global_password;;
  1160. 2) break;;
  1161. esac
  1162. done
  1163. }
  1164. function menu_top_level {
  1165. while true
  1166. do
  1167. data=$(tempfile 2>/dev/null)
  1168. trap "rm -f $data" 0 1 2 5 15
  1169. dialog --backtitle $"Freedombone Control Panel" \
  1170. --title $"Control Panel" \
  1171. --radiolist $"Choose an operation:" 25 70 18 \
  1172. 1 $"Backup and Restore" off \
  1173. 2 $"Show SIP Phone Extensions" off \
  1174. 3 $"Reset Tripwire" off \
  1175. 4 $"Logging on/off" off \
  1176. 5 $"Ping enable/disable" off \
  1177. 6 $"Manage Users" off \
  1178. 7 $"Email Filtering Rules" off \
  1179. 8 $"Security Settings" off \
  1180. 9 $"Hubzilla" off \
  1181. 10 $"Media menu" off \
  1182. 11 $"IRC menu" off \
  1183. 12 $"Change the name of this system" off \
  1184. 13 $"Set the TLS date/time source" off \
  1185. 14 $"Set a static local IP address" off \
  1186. 15 $"Check for updates" off \
  1187. 16 $"Power off the system" off \
  1188. 17 $"Restart the system" off \
  1189. 18 $"Exit" on 2> $data
  1190. sel=$?
  1191. case $sel in
  1192. 1) exit 1;;
  1193. 255) exit 1;;
  1194. esac
  1195. case $(cat $data) in
  1196. 1) menu_backup_restore;;
  1197. 2) show_sip_extensions;;
  1198. 3) reset_tripwire;;
  1199. 4) logging_on_off;;
  1200. 5) ping_enable_disable;;
  1201. 6) menu_users;;
  1202. 7) menu_email;;
  1203. 8) security_settings;;
  1204. 9) menu_hubzilla;;
  1205. 10) menu_media;;
  1206. 11) menu_irc;;
  1207. 12) change_system_name;;
  1208. 13) set_tls_time_source;;
  1209. 14) set_static_IP;;
  1210. 15) check_for_updates;;
  1211. 16) shut_down_system;;
  1212. 17) restart_system;;
  1213. 18) break;;
  1214. esac
  1215. done
  1216. }
  1217. if [ ! -f $COMPLETION_FILE ]; then
  1218. echo $'This command should only be run on an installed Freedombone system'
  1219. exit 1
  1220. fi
  1221. ADMIN_USER=$(cat $COMPLETION_FILE | grep "Admin user" | awk -F ':' '{print $2}')
  1222. menu_top_level
  1223. clear
  1224. cat /etc/motd
  1225. exit 0