You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
325 lines
15 KiB
325 lines
15 KiB
#!/bin/sh |
|
# Bare Metal Alchemist, 2022 |
|
|
|
############################################# |
|
# Copper - ♀ # |
|
############################################# |
|
|
|
# Copper wires form the backbone of electrical systems worldwide |
|
# and much of the internet as a whole. |
|
|
|
# This ingredient is focused around scripts that make it easier to |
|
# interact with and create new networks on your system. |
|
|
|
locate_torrc() { |
|
if [ -n $TORRCPATH ]; then |
|
if [ -e /usr/local/etc/tor/torrc ]; then |
|
TORRCPATH='/usr/local/etc/tor/torrc' |
|
elif [ -e /etc/tor/torrc ]; then |
|
TORRCPATH='/etc/tor/torrc' |
|
elif [ -e $HOME/.tor/torrc ]; then |
|
TORRCPATH="${HOME}/.tor/torrc" |
|
elif [ -e $HOME/.tor/torrc ]; then |
|
TORRCPATH="${HOME}/.tor/torrc" |
|
else |
|
echo -e "${RED}Uh oh...${RESET} I couldn't figure out\ |
|
where your torrc file is. That might cause some issues" |
|
sleep 3 |
|
echo "Anyways..." |
|
sleep 2 |
|
fi |
|
fi |
|
|
|
echo -e "Your torrc is located at ${BLUE}${TORRCPATH}${RESET}" |
|
remember "TORRCPATH=${TORRCPATH}" |
|
} |
|
|
|
configure_tor() { |
|
locate_torrc |
|
|
|
echo -e "Your existing torrc file has the following settings: " |
|
echo "" |
|
cat $TORRCPATH | grep '^[^#]' |
|
echo "" |
|
echo -en "Would you like to reset them?: ${BLUE}(y/n)${RESET} " |
|
read torrc_reset |
|
case $torrc_reset in |
|
"Y" | "y") |
|
cp resources/torrc-template . |
|
sudo sed -i "s#USER#${USER}#g" torrc-template |
|
sudo sed -i "s#HOME#${HOME}#g" torrc-template |
|
sudo mv torrc-template $TORRCPATH |
|
echo -e "${GREEN}Torrc file reset!${RESET}" |
|
;; |
|
'*') |
|
echo "Okay, we'll leave it as is." |
|
;; |
|
esac |
|
echo "" |
|
|
|
echo -e "Tor configuration ${GREEN}complete!${RESET}" |
|
} |
|
|
|
get_external_ip() { |
|
case $DISTRO in |
|
"arch") |
|
install_if_needed dnsutils |
|
;; |
|
"*") |
|
#install_if_needed dig |
|
echo "Not yet supported! Feel free to help out here :)" |
|
;; |
|
esac |
|
|
|
EXTERNAL_IP=$(dig @resolver4.opendns.com myip.opendns.com +short) |
|
echo "Your external IP is ${BLUE}$EXTERNAL_IP${RESET}" |
|
remember "EXTERNAL_IP=$EXTERNAL_IP" |
|
} |
|
|
|
initialize_nginx() { |
|
install_if_needed nginx |
|
|
|
# Making sure this version of NGINX supports sites-enabled |
|
if [[ -z $(sudo cat /etc/nginx/nginx.conf | grep sites-enabled) ]]; then |
|
sudo mkdir -p /etc/nginx/sites-available |
|
sudo mkdir -p /etc/nginx/sites-enabled |
|
sudo cp resources/nginx/base.nginx.conf /etc/nginx/nginx.conf |
|
fi |
|
|
|
sudo mkdir -p /etc/nginx/logs |
|
} |
|
|
|
make_site() { |
|
SITE=${1} |
|
shift |
|
if [ -f resources/nginx/${SITE}.nginx.conf ]; then |
|
NGINX_SITE_LOCATION=/etc/nginx/sites-available/${SITE} |
|
if [ -f $NGINX_SITE_LOCATION ]; then |
|
echo -en "You already have a site available for ${SITE}, \ |
|
what would you like to do? ${BOLD}R${RESET}eset it,\ |
|
${BOLD}A${RESET}ctivate it, or do ${BOLD}N${RESET}\ |
|
othing? ( r / a / n ): " |
|
read whatdo |
|
case $whatdo in |
|
"R" | "r") |
|
echo "Resetting sites-available/${SITE}" |
|
sudo rm /etc/nginx/sites-available/${SITE} |
|
;; |
|
"A" | "a") |
|
echo "Activating sites-available/${SITE}" |
|
if [ ! -e /etc/nginx/sites-enabled/${SITE} ]; then |
|
sudo ln -s /etc/nginx/sites-available/${SITE} /etc/nginx/sites-enabled/ |
|
fi |
|
;; |
|
"N" | "n") |
|
echo "Okay, we'll leave it be." |
|
;; |
|
*) |
|
echo "Instructions unclear, accidentally an choice" |
|
;; |
|
esac |
|
fi |
|
|
|
if [ ! -f $NGINX_SITE_LOCATION ]; then |
|
sudo cp resources/nginx/${SITE}.nginx.conf $NGINX_SITE_LOCATION |
|
|
|
for keyval; do |
|
KEY=$(echo $keyval | cut -d'=' -f 1) |
|
VAL=$(echo $keyval | cut -d'=' -f 2) |
|
|
|
echo "Substituting $KEY for $VAL" |
|
sudo sed -i "s#$KEY#$VAL#g" $NGINX_SITE_LOCATION |
|
done |
|
|
|
if [ ! -e /etc/nginx/sites-enabled/${SITE} ]; then |
|
sudo ln -s /etc/nginx/sites-available/${SITE} /etc/nginx/sites-enabled/ |
|
fi |
|
fi |
|
else |
|
echo "" |
|
echo -e "${RED}Sorry${RESET}, ${SITE} isn't available as an nginx template" |
|
echo "We have..." |
|
echo `ls resources/nginx` |
|
fi |
|
} |
|
|
|
get_domain() { |
|
if [ ! -z $DOMAIN ]; then |
|
echo -e "Your domain name is currently set to ${BLUE}${DOMAIN}${RESET}" |
|
echo -ne "would you like to change it? ${BLUE}(y/n): ${RESET}" |
|
read newdns |
|
case $newdns in |
|
y | Y) |
|
forget "DOMAIN" |
|
;; |
|
esac |
|
echo "" |
|
fi |
|
|
|
if [ -z $DOMAIN ]; then |
|
echo -en "Do you have a domain name pointing to this computer? ${BLUE}(y/n)${RESET}: " |
|
read dns |
|
echo "" |
|
case $dns in |
|
y | Y) |
|
echo "Good to hear! What is it?" |
|
OKAY=0 |
|
while [ $OKAY -eq 0 ]; do |
|
echo -n "http://" |
|
read DOMAIN |
|
echo "" |
|
echo -ne "is ${BLUE}http://${DOMAIN}${RESET} correct? ${BLUE}(y/n): ${RESET}" |
|
read correct |
|
case $correct in |
|
y | Y) |
|
OKAY=1 |
|
;; |
|
*) |
|
echo "Okay, let's try again! What is your domain name?" |
|
;; |
|
esac |
|
done |
|
echo "${BLUE}${DOMAIN}${RESET}, got it." |
|
remember "DOMAIN=${DOMAIN}" |
|
;; |
|
*) |
|
echo "Okay, let's just leave it open for now." |
|
;; |
|
esac |
|
fi |
|
} |
|
|
|
configure_domain_for_site() { |
|
get_domain |
|
if [ -f /etc/nginx/sites-enabled/${1} ]; then |
|
if [ ! -z $DOMAIN ]; then |
|
sed -i "s#server_name.*#server_name $DOMAIN;#" /etc/nginx/sites-enabled/${1} |
|
else |
|
echo "You didn't provide a domain to configure!" |
|
fi |
|
else |
|
echo "Sorry, we don't have a site enabled for ${1}" |
|
fi |
|
echo "" |
|
} |
|
|
|
enable_ssl() { |
|
if [ ! -z $SSL ]; then |
|
echo "We've already gone through the SSL enabling process! Skipping" |
|
else |
|
if [ ! -z $DOMAIN ]; then |
|
read -p "Would you like to enable SSL via Certbot? (y/n): " -n1 ssl |
|
echo "" |
|
case $ssl in |
|
y | Y) |
|
echo "Alright, let's get Certbot in here!" |
|
install_if_needed python3 certbot python3-certbot-nginx |
|
echo -e "${BOLD}Take it away, Certbot${NC}" |
|
SSL=$(sudo certbot --nginx) |
|
remember "SSL=$SSL" |
|
;; |
|
*) |
|
echo "Yea, SSL is like, totally whatever anyways..." |
|
;; |
|
esac |
|
else |
|
echo "We can't configure SSL without a domain! Skipping" |
|
fi |
|
fi |
|
|
|
if [ -z $DOMAIN ]; then |
|
ACCESS_POINT=http://localhost |
|
else |
|
if [ -z $SSL ]; then |
|
ACCESS_POINT=http://$DOMAIN |
|
else |
|
ACCESS_POINT=https://$DOMAIN |
|
fi |
|
fi |
|
remember "ACCESS_POINT=${ACCESS_POINT}" |
|
} |
|
|
|
build_service_from_template() { |
|
SERVICE=$1 |
|
shift |
|
echo "" |
|
if [ -f resources/service-templates/${SERVICE} ]; then |
|
echo "Creating $SERVICE.service..." |
|
SERVICE_FILE=/etc/systemd/system/${SERVICE}.service |
|
if [ -f "$SERVICE_FILE" ]; then |
|
echo "Seems like you've already installed ${SERVICE} here!" |
|
echo -n "Would you like to recreate it? ${BLUE}(y/n)${RESET} " |
|
read reset |
|
case reset in |
|
"Y" | "y") |
|
sudo rm $SERVICE_FILE |
|
;; |
|
"N" | "n") |
|
echo "Okay, we'll leave it as is." |
|
;; |
|
esac |
|
fi |
|
|
|
if [ ! -f "$SERVICE_FILE" ]; then |
|
sudo cp resources/service-templates/${SERVICE} $SERVICE_FILE |
|
|
|
# Common template values |
|
sudo sed -i "s#USER#${USER}#g" $SERVICE_FILE |
|
sudo sed -i "s#HOME#${HOME}#g" $SERVICE_FILE |
|
for keyval; do |
|
KEY=$(echo $keyval | cut -d'=' -f 1) |
|
VAL=$(echo $keyval | cut -d'=' -f 2) |
|
|
|
echo "Substituting $KEY for $VAL" |
|
sudo sed -i "s#$KEY#$VAL#g" $SERVICE_FILE |
|
done |
|
fi |
|
else |
|
echo "No service template available for $SERVICE" |
|
fi |
|
} |
|
|
|
activate_service() { |
|
SERVICE_FILE=/etc/systemd/system/${SERVICE}.service |
|
if [ -f "$SERVICE_FILE" ]; then |
|
echo -e "Enabling and starting ${GREEN}${SERVICE}${RESET}" |
|
sudo systemctl enable ${SERVICE} |
|
sudo systemctl start ${SERVICE} |
|
fi |
|
} |
|
|
|
check_ports() { |
|
install_if_needed nmap |
|
nmap -Pn $domain > nmap.txt |
|
OPEN=1 |
|
if grep -qE "^80/.*(open|filtered)" nmap.txt; then |
|
echo -e "I can see port ${GREEN}80${RESET}!" |
|
else |
|
echo -e "Uh oh, port ${RED}80${RESET} isn't showing up..." |
|
OPEN=0 |
|
fi |
|
|
|
if grep -qE "^443/.*(open|filtered)" nmap.txt; then |
|
echo -e "I can see port ${GREEN}443${RESET} as well!" |
|
else |
|
echo -e "Uh oh, port ${RED}443${RESET} isn't showing up..." |
|
OPEN=0 |
|
fi |
|
rm nmap.txt |
|
echo "" |
|
if [[ $OPEN -eq 0 ]]; then |
|
echo -e "${RED}Port configuration needed.${RESET} Something (probably your wireless router) is blocking us from serving this page to the rest of the internet." |
|
echo "Port forwarding is relatively simple, but as it stands it is beyond the scope of this script to be able to automate it." |
|
echo -e "You'll probably need to look up the login information for your specific router and forward the red ports to the local IP of this computer (${BOLD}$(ip route | grep default | grep -oP "(?<=src )[^ ]+")${RESET})." |
|
echo -e "You can log into your router at this IP address: ${BOLD}$(route -n | grep ^0.0.0.0 | awk '{print $2}')${RESET}" |
|
echo "That's all the help I can give you regarding port forwarding. Good luck!" |
|
echo "" |
|
fi |
|
} |
|
|
|
|
|
|
|
# internet connections? copper wires etc. |
|
# using yggdrasil could maybe fit in here |
|
# nginx setup |
|
# port checking
|
|
|