Installation script enchansements
parent
a8e3615f89
commit
f3731f8850
|
@ -4,17 +4,17 @@
|
|||
|
||||
InstallDependencies()
|
||||
{
|
||||
packagesNeeded='curl jq mkpasswd pwgen'
|
||||
if [ -x "$(command -v apk)" ]; then sudo apk add --no-cache $packagesNeeded # Alpine Linux
|
||||
elif [ -x "$(command -v apt-get)" ]; then sudo apt-get install curl jq whois pwgen # Debian/Ubuntu Linux
|
||||
elif [ -x "$(command -v dnf)" ]; then sudo dnf install $packagesNeeded # Fedora Linux
|
||||
packagesNeeded='curl jq pwgen vim nano'
|
||||
if [ -x "$(command -v apk)" ]; then sudo apk add --no-cache $packagesNeeded # Alpine Linux
|
||||
elif [ -x "$(command -v apt-get)" ]; then sudo apt-get install curl jq whois pwgen # Debian/Ubuntu Linux
|
||||
elif [ -x "$(command -v dnf)" ]; then sudo dnf install $packagesNeeded # Fedora Linux
|
||||
elif [ -x "$(command -v rpm-ostree)" ]; then sudo rpm-ostree install $packagesNeeded # Fedora Linux Silverblue
|
||||
elif [ -x "$(command -v zypper)" ]; then sudo zypper install $packagesNeeded # openSUSE Linux
|
||||
elif [ -x "$(command -v pacman)" ]; then sudo pacman -S $packagesNeeded # Arch/Manjaro Linux
|
||||
elif [ -x "$(command -v emerge)" ]; then sudo emerge --ask $packagesNeeded # Gentoo Linux
|
||||
elif [ -x "$(command -v nix-env)" ]; then nix-env -iA $packagesNeeded # NixOS
|
||||
elif [ -x "$(command -v zypper)" ]; then sudo zypper install $packagesNeeded # openSUSE Linux
|
||||
elif [ -x "$(command -v pacman)" ]; then sudo pacman -S $packagesNeeded # Arch/Manjaro Linux
|
||||
elif [ -x "$(command -v emerge)" ]; then sudo emerge --ask $packagesNeeded # Gentoo Linux
|
||||
elif [ -x "$(command -v nix-env)" ]; then sudo nix-env -iA $packagesNeeded # NixOS
|
||||
elif [ -x "$(command -v pkg)" ]; then sudo pkg install $packagesNeeded # FreeBSD
|
||||
else echo "FAILED TO INSTALL PACKAGE: Package manager not found. You must manually install: $packagesNeeded">&2; fi
|
||||
PASSWORD=$( mkpasswd -m sha-512 "$PASSWORD" )
|
||||
wget https://selfprivacy.org/configuration.nix
|
||||
wget https://selfprivacy.org/mailserver.nix
|
||||
wget https://selfprivacy.org/goss.nix
|
||||
|
@ -24,7 +24,7 @@ InstallDependencies()
|
|||
wget https://selfprivacy.org/s3cli
|
||||
chmod +x s3cli
|
||||
chmod +x mkpasswd
|
||||
PASSWORD=$( ./mkpasswd -m sha-512 "$PASSWORD" )
|
||||
export PASSWORD=$( ./mkpasswd -m sha-512 "$PASSWORD" )
|
||||
}
|
||||
CollectData()
|
||||
{
|
||||
|
@ -33,7 +33,7 @@ CollectData()
|
|||
read -p "Please, paste your AWS Secret Access Key: " AWS_TOKEN
|
||||
read -p "Please, paste your AWS Access Key ID: " AWS_TOKEN_ID
|
||||
read -p "Please, define your domain there: " DOMAIN
|
||||
read -p "Please, define your mail username: " USERNAME
|
||||
read -p "Please, define your mail username: " USER
|
||||
read -p "Please, define your password: " PASSWORD
|
||||
}
|
||||
|
||||
|
@ -63,11 +63,12 @@ MakeConfig()
|
|||
# Mailserver
|
||||
sed -i '15s/.*/ fqdn = "'$DOMAIN'";/' mailserver.nix
|
||||
sed -i '16s/.*/ domains = [ "'"$DOMAIN"'" ];/' mailserver.nix
|
||||
sed -i '21s/.*/\t"'$USERNAME'@'$DOMAIN'" = {/' mailserver.nix
|
||||
sed -i '22s/.*/\t hashedPassword = "'"$PASSWORD"'";/' mailserver.nix
|
||||
sed -i '21s/.*/\t"'$USER'@'$DOMAIN'" = {/' mailserver.nix
|
||||
#sed -i '22s/.*/\t hashedPassword = "'"$PASSWORD"'";/' mailserver.nix
|
||||
sed -i "22s,.*,\t\ hashedPassword = \"${PASSWORD}\";," mailserver.nix
|
||||
sed -i '31s/.*/\t\t"'"$DOMAIN"'"/' mailserver.nix
|
||||
sed -i '48s/.*/\t "admin@'"$DOMAIN"'" = "'"$USERNAME"'@'"$DOMAIN"'";/' mailserver.nix
|
||||
sed -i '70s/.*/ email = "'"$USERNAME"'@'"$DOMAIN"'";/' mailserver.nix
|
||||
sed -i '48s/.*/\t "admin@'"$DOMAIN"'" = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix
|
||||
sed -i '70s/.*/ email = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix
|
||||
|
||||
# System Configuration
|
||||
sed -i "16s,.*,\t\"${sshKey}\"," configuration.nix
|
||||
|
@ -75,6 +76,7 @@ MakeConfig()
|
|||
# Restic
|
||||
sed -i '14s/.*/\t\tEnvironment = [ "AWS_ACCESS_KEY_ID='$AWS_TOKEN_ID'" "AWS_SECRET_ACCESS_KEY='$AWS_TOKEN'" ];/' restic.nix
|
||||
sed -i "17s,.*,\t restic -r s3:s3.amazonaws.com/${AWS_BUCKET_NAME} backup /var/vmail /var/vmail ," restic.nix
|
||||
vim mailserver.nix
|
||||
|
||||
}
|
||||
|
||||
|
@ -169,6 +171,9 @@ ClearTempFiles()
|
|||
rm mailserver.nix
|
||||
rm restic.nix
|
||||
rm s3cli
|
||||
rm .dns_records.json
|
||||
rm .records
|
||||
rm mkpasswd
|
||||
exit 0
|
||||
}
|
||||
|
||||
|
@ -182,6 +187,38 @@ GetZoneID()
|
|||
-H "Content-Type: application/json" > .cloudflare.json
|
||||
export zoneid=$( for i in {0..24}; do jq 'if .result['$i'].name == "'$DOMAIN'" then .result['$i'].id else null end' .cloudflare.json; done | grep -v null | sed -e 's/^"//' -e 's/"$//' )
|
||||
}
|
||||
|
||||
#Purge DNS records
|
||||
|
||||
PurgeDNSRecords()
|
||||
{
|
||||
curl -s -X GET "https://api.cloudflare.com/client/v4/zones/$zoneid/dns_records" \
|
||||
-H "Authorization: Bearer $CLOUDFLARE_TOKEN" \
|
||||
-H "Content-Type: application/json" > .dns_records.json
|
||||
|
||||
for i in {0..24}
|
||||
do
|
||||
jq '.result['$i'].id' .dns_records.json
|
||||
done | grep -v null | sed 's/"//g' > .records
|
||||
|
||||
export recordIDs=()
|
||||
while IFS= read -r line
|
||||
do
|
||||
recordIDs+=("$line")
|
||||
done < .records
|
||||
|
||||
for recordid in "${recordIDs[@]}"
|
||||
do
|
||||
echo $zoneid
|
||||
echo $recordid
|
||||
echo $CLOUDFLARE_TOKEN
|
||||
curl -X DELETE "https://api.cloudflare.com/client/v4/zones/$zoneid/dns_records/$recordid" \
|
||||
-H "Authorization: Bearer $CLOUDFLARE_TOKEN" \
|
||||
-H "Content-Type: application/json"
|
||||
done
|
||||
|
||||
}
|
||||
|
||||
# Create records
|
||||
CreateARecord()
|
||||
{
|
||||
|
@ -279,6 +316,15 @@ printf "Waiting for nixos-infect to replace system files(this may take some time
|
|||
sleep 280
|
||||
CreateS3Bucket
|
||||
GetMachineIP
|
||||
read -p "ALL YOUR EXISTING DNS RECORDS ON CLOUDFLARE WILL BE REMOVED!!! ARE YOU SURE(y/N) " CREATEDNS
|
||||
if [ $CREATEDNS != "y" || $CREATEDNS == "Y" ]
|
||||
then
|
||||
exit -1
|
||||
fi
|
||||
printf "Purging records..."
|
||||
PurgeDNSRecords
|
||||
printf "done"
|
||||
CreateARecord
|
||||
ApplyConfig
|
||||
if [ $RESTORE_MAILBACKUP == "y" ]
|
||||
then
|
||||
|
@ -289,7 +335,6 @@ GetDKIM
|
|||
echo "Beginning CloudFlare configuration"
|
||||
GetZoneID
|
||||
printf "Creating records..."
|
||||
CreateARecord
|
||||
CreateMXRecord
|
||||
CreateDMARCRecord
|
||||
CreateSPFRecord
|
||||
|
|
Loading…
Reference in New Issue