127,11 → 127,6 |
cp -f $DIR_UPDATE/alcasar.crt /etc/pki/tls/certs/ |
cp -f $DIR_UPDATE/alcasar.key /etc/pki/tls/private/ |
[ -e $DIR_UPDATE/server-chain.crt ] && cp -f $DIR_UPDATE/server-chain.crt* /etc/pki/tls/certs/ # autosigned and official if exist |
if [ -e $DIR_UPDATE/alcasar.crt.old ] && [ -e $DIR_UPDATE/alcasar.key.old ] && [ -e $DIR_UPDATE/server-chain.crt.old ]; then |
$DIR_BIN/alcasar-importcert.sh -i $DIR_UPDATE/alcasar.crt -k $DIR_UPDATE/alcasar.key -c $DIR_UPDATE/server-chain.crt |
elif [ -e $DIR_UPDATE/alcasar.crt.old ] && [ -e $DIR_UPDATE/alcasar.key.old ]; then |
$DIR_BIN/alcasar-importcert.sh -i $DIR_UPDATE/alcasar.crt -k $DIR_UPDATE/alcasar.key |
fi |
chown -R root:apache /etc/pki |
chmod -R 750 /etc/pki |
# Import of the users database |
256,12 → 251,6 |
/usr/bin/kill -s SIGSTOP $(pidof httpd) |
echo |
fi |
# /etc/hosts |
if [ "$HOSTNAME" != "alcasar" ] || [ "$DOMAIN" != "localdomain" ]; then |
$SED "/alcasar/s?.*?$PRIVATE_IP\talcasar alcasar.localdomain $HOSTNAME.$DOMAIN?g" /etc/hosts |
else |
$SED "/alcasar/s?.*?$PRIVATE_IP\talcasar alcasar.localdomain?g" /etc/hosts |
fi |
# EXTIF config |
if [ $PUBLIC_IP_MASK == "dhcp" ] |
then |
312,12 → 301,31 |
sshd: ALL |
ntpd: $PRIVATE_NETWORK_SHORT |
EOF |
# Alcasar Control Center |
# Set hostname |
hostnamectl set-hostname $HOSTNAME.$DOMAIN |
# /etc/hosts |
domainNames="alcasar.localdomain $HOSTNAME $HOSTNAME.$DOMAIN" |
if [ "$HOSTNAME" != "alcasar" ]; then domainNames="alcasar $domainNames"; fi |
cat <<EOF > /etc/hosts |
127.0.0.1 localhost |
$PRIVATE_IP $domainNames |
EOF |
# Set hostname in CoovaChilli |
$SED "s/^uamallowed.*/uamallowed\t${domainNames// /,}/g" /etc/chilli.conf |
$SED "s/^locationname.*/locationname\t$HOSTNAME.$DOMAIN/g" /etc/chilli.conf |
$SED "s/^uamserver.*/uamserver\thttps:\/\/$HOSTNAME.$DOMAIN\/intercept.php/g" /etc/chilli.conf |
$SED "s/^radiusnasid.*/radiusnasid\t$HOSTNAME.$DOMAIN/g" /etc/chilli.conf |
# Set hostname in Apache |
$SED "s/^ServerName.*/ServerName $HOSTNAME.$DOMAIN/g" /etc/httpd/conf/httpd.conf |
$SED "s/^\tErrorDocument.*/\tErrorDocument 404 https:\/\/$HOSTNAME.$DOMAIN\//g" /etc/httpd/conf/webapps.d/alcasar.conf |
$SED "s/^\tAuthDigestDomain.*/\tAuthDigestDomain $HOSTNAME.$DOMAIN/g" /etc/httpd/conf/webapps.d/alcasar.conf |
$SED "s/^ ServerName.*/ ServerName $HOSTNAME.$DOMAIN/g" /etc/httpd/conf/sites.d/00_default_vhosts.conf /etc/httpd/conf/sites.d/00_default_ssl_vhost.conf /etc/httpd/conf/vhosts-ssl.default |
# Alcasar Control Center (ACC) |
$SED "s?^Listen.*?Listen $PRIVATE_IP:80?g" /etc/httpd/conf/httpd.conf |
FIC_MOD_SSL=`find /etc/httpd/conf/ -type f -name ssl.conf` |
$SED "s?^Listen.*?Listen $PRIVATE_IP:443?g" $FIC_MOD_SSL |
$SED "/127.0.0.1/!s?Allow from .*?Allow from $PRIVATE_NETWORK_MASK?g" /etc/httpd/conf/webapps.d/alcasar.conf |
# ACC |
# FreeRADIUS Web |
$SED "s?^nas1_name:.*?nas1_name: alcasar-$ORGANISME?g" /etc/freeradius-web/naslist.conf |
$SED "s?^nas1_ip:.*?nas1_ip: $PRIVATE_IP?g" /etc/freeradius-web/naslist.conf |
# coova |
360,12 → 368,12 |
then |
# Services start |
/usr/bin/systemctl start network && echo -n "Start service : network" && sleep 1 |
$DIR_BIN/alcasar-dhcp.sh -$DHCP_mode && echo -n ", coova" # apply DHCP mode and start coova |
for i in dnsmasq tinyproxy ntpd |
do |
sleep 1 |
/usr/bin/systemctl start $i && echo -n ", $i" |
done |
$DIR_BIN/alcasar-dhcp.sh -$DHCP_mode && echo -n ", chilli" # apply DHCP mode and start CoovaChilli |
for i in dnsmasq dnsmasq-blackhole tinyproxy ntpd |
do |
sleep 1 |
/usr/bin/systemctl start $i && echo -n ", $i" |
done |
$DIR_BIN/alcasar-bl.sh -reload && echo -n ", dnsmasq-blacklist, dnsmasq-whitelist, iptables" |
/usr/bin/kill -s SIGCONT $(pidof httpd) |
/usr/bin/systemctl reload httpd && echo -n ", httpd" |