Installation script enchansements
parent
a8e3615f89
commit
f3731f8850
|
@ -4,17 +4,17 @@
|
||||||
|
|
||||||
InstallDependencies()
|
InstallDependencies()
|
||||||
{
|
{
|
||||||
packagesNeeded='curl jq mkpasswd pwgen'
|
packagesNeeded='curl jq pwgen vim nano'
|
||||||
if [ -x "$(command -v apk)" ]; then sudo apk add --no-cache $packagesNeeded # Alpine Linux
|
if [ -x "$(command -v apk)" ]; then sudo apk add --no-cache $packagesNeeded # Alpine Linux
|
||||||
elif [ -x "$(command -v apt-get)" ]; then sudo apt-get install curl jq whois pwgen # Debian/Ubuntu Linux
|
elif [ -x "$(command -v apt-get)" ]; then sudo apt-get install curl jq whois pwgen # Debian/Ubuntu Linux
|
||||||
elif [ -x "$(command -v dnf)" ]; then sudo dnf install $packagesNeeded # Fedora Linux
|
elif [ -x "$(command -v dnf)" ]; then sudo dnf install $packagesNeeded # Fedora Linux
|
||||||
elif [ -x "$(command -v rpm-ostree)" ]; then sudo rpm-ostree install $packagesNeeded # Fedora Linux Silverblue
|
elif [ -x "$(command -v rpm-ostree)" ]; then sudo rpm-ostree install $packagesNeeded # Fedora Linux Silverblue
|
||||||
elif [ -x "$(command -v zypper)" ]; then sudo zypper install $packagesNeeded # openSUSE Linux
|
elif [ -x "$(command -v zypper)" ]; then sudo zypper install $packagesNeeded # openSUSE Linux
|
||||||
elif [ -x "$(command -v pacman)" ]; then sudo pacman -S $packagesNeeded # Arch/Manjaro Linux
|
elif [ -x "$(command -v pacman)" ]; then sudo pacman -S $packagesNeeded # Arch/Manjaro Linux
|
||||||
elif [ -x "$(command -v emerge)" ]; then sudo emerge --ask $packagesNeeded # Gentoo Linux
|
elif [ -x "$(command -v emerge)" ]; then sudo emerge --ask $packagesNeeded # Gentoo Linux
|
||||||
elif [ -x "$(command -v nix-env)" ]; then nix-env -iA $packagesNeeded # NixOS
|
elif [ -x "$(command -v nix-env)" ]; then sudo nix-env -iA $packagesNeeded # NixOS
|
||||||
|
elif [ -x "$(command -v pkg)" ]; then sudo pkg install $packagesNeeded # FreeBSD
|
||||||
else echo "FAILED TO INSTALL PACKAGE: Package manager not found. You must manually install: $packagesNeeded">&2; fi
|
else echo "FAILED TO INSTALL PACKAGE: Package manager not found. You must manually install: $packagesNeeded">&2; fi
|
||||||
PASSWORD=$( mkpasswd -m sha-512 "$PASSWORD" )
|
|
||||||
wget https://selfprivacy.org/configuration.nix
|
wget https://selfprivacy.org/configuration.nix
|
||||||
wget https://selfprivacy.org/mailserver.nix
|
wget https://selfprivacy.org/mailserver.nix
|
||||||
wget https://selfprivacy.org/goss.nix
|
wget https://selfprivacy.org/goss.nix
|
||||||
|
@ -24,7 +24,7 @@ InstallDependencies()
|
||||||
wget https://selfprivacy.org/s3cli
|
wget https://selfprivacy.org/s3cli
|
||||||
chmod +x s3cli
|
chmod +x s3cli
|
||||||
chmod +x mkpasswd
|
chmod +x mkpasswd
|
||||||
PASSWORD=$( ./mkpasswd -m sha-512 "$PASSWORD" )
|
export PASSWORD=$( ./mkpasswd -m sha-512 "$PASSWORD" )
|
||||||
}
|
}
|
||||||
CollectData()
|
CollectData()
|
||||||
{
|
{
|
||||||
|
@ -33,7 +33,7 @@ CollectData()
|
||||||
read -p "Please, paste your AWS Secret Access Key: " AWS_TOKEN
|
read -p "Please, paste your AWS Secret Access Key: " AWS_TOKEN
|
||||||
read -p "Please, paste your AWS Access Key ID: " AWS_TOKEN_ID
|
read -p "Please, paste your AWS Access Key ID: " AWS_TOKEN_ID
|
||||||
read -p "Please, define your domain there: " DOMAIN
|
read -p "Please, define your domain there: " DOMAIN
|
||||||
read -p "Please, define your mail username: " USERNAME
|
read -p "Please, define your mail username: " USER
|
||||||
read -p "Please, define your password: " PASSWORD
|
read -p "Please, define your password: " PASSWORD
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -63,11 +63,12 @@ MakeConfig()
|
||||||
# Mailserver
|
# Mailserver
|
||||||
sed -i '15s/.*/ fqdn = "'$DOMAIN'";/' mailserver.nix
|
sed -i '15s/.*/ fqdn = "'$DOMAIN'";/' mailserver.nix
|
||||||
sed -i '16s/.*/ domains = [ "'"$DOMAIN"'" ];/' mailserver.nix
|
sed -i '16s/.*/ domains = [ "'"$DOMAIN"'" ];/' mailserver.nix
|
||||||
sed -i '21s/.*/\t"'$USERNAME'@'$DOMAIN'" = {/' mailserver.nix
|
sed -i '21s/.*/\t"'$USER'@'$DOMAIN'" = {/' mailserver.nix
|
||||||
sed -i '22s/.*/\t hashedPassword = "'"$PASSWORD"'";/' mailserver.nix
|
#sed -i '22s/.*/\t hashedPassword = "'"$PASSWORD"'";/' mailserver.nix
|
||||||
|
sed -i "22s,.*,\t\ hashedPassword = \"${PASSWORD}\";," mailserver.nix
|
||||||
sed -i '31s/.*/\t\t"'"$DOMAIN"'"/' mailserver.nix
|
sed -i '31s/.*/\t\t"'"$DOMAIN"'"/' mailserver.nix
|
||||||
sed -i '48s/.*/\t "admin@'"$DOMAIN"'" = "'"$USERNAME"'@'"$DOMAIN"'";/' mailserver.nix
|
sed -i '48s/.*/\t "admin@'"$DOMAIN"'" = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix
|
||||||
sed -i '70s/.*/ email = "'"$USERNAME"'@'"$DOMAIN"'";/' mailserver.nix
|
sed -i '70s/.*/ email = "'"$USER"'@'"$DOMAIN"'";/' mailserver.nix
|
||||||
|
|
||||||
# System Configuration
|
# System Configuration
|
||||||
sed -i "16s,.*,\t\"${sshKey}\"," configuration.nix
|
sed -i "16s,.*,\t\"${sshKey}\"," configuration.nix
|
||||||
|
@ -75,6 +76,7 @@ MakeConfig()
|
||||||
# Restic
|
# Restic
|
||||||
sed -i '14s/.*/\t\tEnvironment = [ "AWS_ACCESS_KEY_ID='$AWS_TOKEN_ID'" "AWS_SECRET_ACCESS_KEY='$AWS_TOKEN'" ];/' restic.nix
|
sed -i '14s/.*/\t\tEnvironment = [ "AWS_ACCESS_KEY_ID='$AWS_TOKEN_ID'" "AWS_SECRET_ACCESS_KEY='$AWS_TOKEN'" ];/' restic.nix
|
||||||
sed -i "17s,.*,\t restic -r s3:s3.amazonaws.com/${AWS_BUCKET_NAME} backup /var/vmail /var/vmail ," restic.nix
|
sed -i "17s,.*,\t restic -r s3:s3.amazonaws.com/${AWS_BUCKET_NAME} backup /var/vmail /var/vmail ," restic.nix
|
||||||
|
vim mailserver.nix
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -169,6 +171,9 @@ ClearTempFiles()
|
||||||
rm mailserver.nix
|
rm mailserver.nix
|
||||||
rm restic.nix
|
rm restic.nix
|
||||||
rm s3cli
|
rm s3cli
|
||||||
|
rm .dns_records.json
|
||||||
|
rm .records
|
||||||
|
rm mkpasswd
|
||||||
exit 0
|
exit 0
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -182,6 +187,38 @@ GetZoneID()
|
||||||
-H "Content-Type: application/json" > .cloudflare.json
|
-H "Content-Type: application/json" > .cloudflare.json
|
||||||
export zoneid=$( for i in {0..24}; do jq 'if .result['$i'].name == "'$DOMAIN'" then .result['$i'].id else null end' .cloudflare.json; done | grep -v null | sed -e 's/^"//' -e 's/"$//' )
|
export zoneid=$( for i in {0..24}; do jq 'if .result['$i'].name == "'$DOMAIN'" then .result['$i'].id else null end' .cloudflare.json; done | grep -v null | sed -e 's/^"//' -e 's/"$//' )
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#Purge DNS records
|
||||||
|
|
||||||
|
PurgeDNSRecords()
|
||||||
|
{
|
||||||
|
curl -s -X GET "https://api.cloudflare.com/client/v4/zones/$zoneid/dns_records" \
|
||||||
|
-H "Authorization: Bearer $CLOUDFLARE_TOKEN" \
|
||||||
|
-H "Content-Type: application/json" > .dns_records.json
|
||||||
|
|
||||||
|
for i in {0..24}
|
||||||
|
do
|
||||||
|
jq '.result['$i'].id' .dns_records.json
|
||||||
|
done | grep -v null | sed 's/"//g' > .records
|
||||||
|
|
||||||
|
export recordIDs=()
|
||||||
|
while IFS= read -r line
|
||||||
|
do
|
||||||
|
recordIDs+=("$line")
|
||||||
|
done < .records
|
||||||
|
|
||||||
|
for recordid in "${recordIDs[@]}"
|
||||||
|
do
|
||||||
|
echo $zoneid
|
||||||
|
echo $recordid
|
||||||
|
echo $CLOUDFLARE_TOKEN
|
||||||
|
curl -X DELETE "https://api.cloudflare.com/client/v4/zones/$zoneid/dns_records/$recordid" \
|
||||||
|
-H "Authorization: Bearer $CLOUDFLARE_TOKEN" \
|
||||||
|
-H "Content-Type: application/json"
|
||||||
|
done
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
# Create records
|
# Create records
|
||||||
CreateARecord()
|
CreateARecord()
|
||||||
{
|
{
|
||||||
|
@ -279,6 +316,15 @@ printf "Waiting for nixos-infect to replace system files(this may take some time
|
||||||
sleep 280
|
sleep 280
|
||||||
CreateS3Bucket
|
CreateS3Bucket
|
||||||
GetMachineIP
|
GetMachineIP
|
||||||
|
read -p "ALL YOUR EXISTING DNS RECORDS ON CLOUDFLARE WILL BE REMOVED!!! ARE YOU SURE(y/N) " CREATEDNS
|
||||||
|
if [ $CREATEDNS != "y" || $CREATEDNS == "Y" ]
|
||||||
|
then
|
||||||
|
exit -1
|
||||||
|
fi
|
||||||
|
printf "Purging records..."
|
||||||
|
PurgeDNSRecords
|
||||||
|
printf "done"
|
||||||
|
CreateARecord
|
||||||
ApplyConfig
|
ApplyConfig
|
||||||
if [ $RESTORE_MAILBACKUP == "y" ]
|
if [ $RESTORE_MAILBACKUP == "y" ]
|
||||||
then
|
then
|
||||||
|
@ -289,7 +335,6 @@ GetDKIM
|
||||||
echo "Beginning CloudFlare configuration"
|
echo "Beginning CloudFlare configuration"
|
||||||
GetZoneID
|
GetZoneID
|
||||||
printf "Creating records..."
|
printf "Creating records..."
|
||||||
CreateARecord
|
|
||||||
CreateMXRecord
|
CreateMXRecord
|
||||||
CreateDMARCRecord
|
CreateDMARCRecord
|
||||||
CreateSPFRecord
|
CreateSPFRecord
|
||||||
|
|
Loading…
Reference in New Issue