Zen
/
Alchemy
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
aesthetic terminal experience
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
66 Commits
1 Branch
0 Tags
32 MiB
 
 
 
 
 
 
Tree: 644ae3243b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '644ae3243b'
${ noResults }
Alchemy/ingredients/copper

302 lines
13 KiB
Raw Blame History

#!/bin/sh
# Bare Metal Alchemist, 2022
#############################################
# Copper - ♀ #
#############################################
# Copper wires form the backbone of electrical systems worldwide
# and much of the internet as a whole.
# This ingredient is focused around scripts that make it easier to
# interact with and create new networks on your system.
# Start with lead...
if [ -z "$LEAD" ]; then
. ingredients/lead
fi
locate_torrc() {
if [ -n $TORRCPATH ]; then
if [ -f $HOME/.tor/torrc ]; then
TORRCPATH="${HOME}/.tor/torrc"
elif [ -f /usr/local/etc/tor/torrc ]; then
TORRCPATH='/usr/local/etc/tor/torrc'
elif [ -f /etc/tor/torrc ]; then
TORRCPATH='/etc/tor/torrc'
else
say "${RED}Uh oh...${RESET} I couldn't figure out where your torrc file is. That might cause some issues"
sleep 3
say "Anyways..."
sleep 2
fi
fi
say "Your torrc is located at ${BLUE}${TORRCPATH}${RESET}"
remember "TORRCPATH=${TORRCPATH}"
}
configure_tor() {
locate_torrc
say "Your existing torrc file has the following settings: "
say ""
cat $TORRCPATH | grep '^[^#]'
say ""
ask_for torrc_reset "Would you like to reset it?: ${BLUE}(y/n)${RESET} "
case $torrc_reset in
"Y" | "y")
cp resources/torrc-template .
sudo sed -i "s#USER#${USER}#g" torrc-template
sudo sed -i "s#HOME#${HOME}#g" torrc-template
sudo mv torrc-template $TORRCPATH
say "${GREEN}Torrc file reset!${RESET}"
;;
'*')
echo "Okay, we'll leave it as is."
;;
esac
echo ""
say "Tor configuration ${GREEN}complete!${RESET}"
}
get_external_ip() {
case "$DISTRO" in
"arch")
install_if_needed dnsutils
;;
"*")
#install_if_needed dig
say "Not yet supported! Feel free to help out here :)"
;;
esac
EXTERNAL_IP=$(dig @resolver4.opendns.com myip.opendns.com +short)
echo "Your external IP is ${BLUE}$EXTERNAL_IP${RESET}"
remember "EXTERNAL_IP=$EXTERNAL_IP"
}
initialize_nginx() {
say "${BOLD}Installing and configuring NGINX${RESET}"
say ""
install_if_needed nginx
# Making sure this version of NGINX supports sites-enabled
if [ -z "$(sudo cat /etc/nginx/nginx.conf | grep sites-enabled)" ]; then
sudo mkdir -p /etc/nginx/sites-available
sudo mkdir -p /etc/nginx/sites-enabled
sudo cp resources/nginx/base.nginx.conf /etc/nginx/nginx.conf
fi
sudo mkdir -p /etc/nginx/logs
}
refresh_nginx() {
sudo systemctl reload nginx
}
make_site() {
SITE=${1}
shift
if [ -f resources/nginx/${SITE}.nginx.conf ]; then
NGINX_SITE_LOCATION=/etc/nginx/sites-available/${SITE}
if [ -f $NGINX_SITE_LOCATION ]; then
say "You already have a site available for ${BLUE}${SITE}${RESET}, what would you like to do?"
ask_for whatdo "${BOLD}R${RESET}eset it, ${BOLD}A${RESET}ctivate it, or do ${BOLD}N${RESET}othing? (r/a/n): "
case $whatdo in
"R" | "r")
say "Resetting sites-available/${SITE}"
sudo rm /etc/nginx/sites-available/${SITE}
;;
"A" | "a")
say "Activating sites-available/${SITE}"
if [ ! -e /etc/nginx/sites-enabled/${SITE} ]; then
sudo ln -s /etc/nginx/sites-available/${SITE} /etc/nginx/sites-enabled/
fi
;;
"N" | "n")
say "Okay, we'll leave it be."
;;
*)
say "Instructions unclear, accidentally an choice"
;;
esac
say ""
fi
if [ ! -f $NGINX_SITE_LOCATION ]; then
sudo cp resources/nginx/${SITE}.nginx.conf $NGINX_SITE_LOCATION
for keyval; do
KEY=$(echo $keyval | cut -d'=' -f 1)
VAL=$(echo $keyval | cut -d'=' -f 2)
say "Substituting $KEY for $VAL"
sudo sed -i "s#$KEY#$VAL#g" $NGINX_SITE_LOCATION
done
if [ ! -e /etc/nginx/sites-enabled/${SITE} ]; then
sudo ln -s /etc/nginx/sites-available/${SITE} /etc/nginx/sites-enabled/
fi
fi
else
say ""
say "${RED}Sorry${RESET}, ${SITE} isn't available as an nginx template"
say "We have..."
echo `ls resources/nginx`
fi
}
get_domain() {
if [ ! -z $DOMAIN ]; then
say "Your domain name is currently set to ${BLUE}${DOMAIN}${RESET}"
ask_for newdns "would you like to change it? ${BLUE}(y/n): ${RESET}"
case $newdns in
y | Y)
forget "DOMAIN"
;;
esac
echo ""
fi
if [ -z $DOMAIN ]; then
ask_for dns "Do you have a domain name pointing to this computer? ${BLUE}(y/n)${RESET}: "
say ""
case $dns in
y | Y)
say "Good to hear! What is it?"
OKAY=0
while [ $OKAY -eq 0 ]; do
ask_for DOMAIN "http://"
say ""
ask_for correct "is ${BLUE}http://${DOMAIN}${RESET} correct? ${BLUE}(y/n): ${RESET}"
case $correct in
y | Y)
OKAY=1
;;
*)
say "Okay, let's try again! What is your domain name?"
;;
esac
done
say "${BLUE}${DOMAIN}${RESET}, got it."
remember "DOMAIN=${DOMAIN}"
;;
*)
say "Okay, let's just leave it open for now."
;;
esac
fi
}
configure_domain_for_site() {
get_domain
if [ -f /etc/nginx/sites-enabled/${1} ]; then
if [ ! -z $DOMAIN ]; then
sudo sed -i "s#server_name.*#server_name $DOMAIN;#" /etc/nginx/sites-enabled/${1}
else
echo "You didn't provide a domain to configure!"
fi
else
echo "Sorry, we don't have a site enabled for ${1}"
fi
echo ""
}
enable_ssl() {
if [ -n "$SSL" ]; then
say "We've already gone through the SSL enabling process!"
ask_for reenable "Would you like to do it again? ${BLUE}(y/n)${RESET}: "
case $reenable in
"y"|"Y")
forget "SSL"
;;
"n"|"N")
say "skipping!"
;;
esac
fi
if [ -z "$SSL" ]; then
if [ ! -z "$DOMAIN" ]; then
ask_for ssl "Would you like to enable SSL via Certbot? (y/n): "
say ""
case $ssl in
y | Y)
say "Alright, let's get Certbot in here!"
install_if_needed python3 certbot python3-certbot-nginx
say "${BOLD}Take it away, Certbot${RESET}"
sudo certbot --nginx
SSL=$?
remember "SSL=$SSL"
;;
*)
say "Yea, SSL is like, totally whatever anyways..."
;;
esac
else
say "We can't configure SSL without a domain! Skipping"
fi
fi
if [ -z "$DOMAIN" ]; then
ACCESS_POINT=http://localhost
else
if [ -z $SSL ]; then
ACCESS_POINT=http://$DOMAIN
else
ACCESS_POINT=https://$DOMAIN
fi
fi
remember "ACCESS_POINT=${ACCESS_POINT}"
}
check_ports() {
say "${BOLD}Checking Port Accessibility${RESET}"
if [ -z $DOMAIN ]; then
ADDR=$EXTERNAL_IP
else
ADDR=$DOMAIN
fi
say "Querying this computer's network from ${BLUE}${ADDR}${RESET}"
echo ""
install_if_needed nmap
nmap -Pn $EXTERNAL_IP > nmap.txt
OPEN=1
if grep -qE "^80/.*(open|filtered)" nmap.txt; then
say "I can see port ${GREEN}80${RESET}!"
else
say "Uh oh, port ${RED}80${RESET} isn't showing up..."
OPEN=0
fi
if grep -qE "^443/.*(open|filtered)" nmap.txt; then
say "I can see port ${GREEN}443${RESET} as well!"
else
say "Uh oh, port ${RED}443${RESET} isn't showing up..."
OPEN=0
fi
rm nmap.txt
say ""
# TODO I changed default to src on the line below - impact?
LOCAL_IP=$(ip route | grep src | grep -oP "(?<=src )[^ ]+")
ROUTER_IP=$(route -n | grep ^0.0.0.0 | awk '{print $2}')
if [ "$OPEN" -eq 0 ]; then
say "${RED}Port configuration needed.${RESET} Something (probably your wireless router) is blocking us from serving this page to the rest of the internet."
say "Port forwarding is relatively simple, but as it stands it is beyond the scope of this script to be able to automate it."
say "You'll probably need to look up the login information for your specific router and forward the red ports to the local IP of this computer (${BOLD}${LOCAL_IP}${RESET})."
say "You can log into your router at this IP address: ${BOLD}${ROUTER_IP}${RESET}"
say "That's all the help I can give you regarding port forwarding. Good luck!"
say ""
fi
}
# TODO Expose ports via firewalld
# using yggdrasil could maybe fit in here