WebSVN – ALCASAR – Diff – /scripts/alcasar-conf.sh



#/bin/bash
# $Id: alcasar-conf.sh 1827 2016-04-19 09:47:29Z raphael.pion $
 
# alcasar-conf.sh
# by REXY
# This script is distributed under the Gnu General Public License (GPL)
 

new="$(date +%G%m%d-%Hh%M)"  			# date et heure des fichiers
fichier="alcasar-conf-$new.tar.gz"		# nom du fichier de sauvegarde
DIR_UPDATE="/tmp/conf"				# répertoire de stockage des fichier de conf pour une mise à jour
DIR_WEB="/var/www/html"				# répertoire du centre de gestion
DIR_BIN="/usr/local/bin"			# répertoire des scripts d'admin
 
DIR_ETC="/usr/local/etc"			# répertoire des fichiers de conf
CONF_FILE="$DIR_ETC/alcasar.conf"		# main alcasar conf file
VERSION="/var/www/html/VERSION"			# contient la version en cours
EXTIF=`grep ^EXTIF= $CONF_FILE|cut -d"=" -f2`	# EXTernal InterFace
INTIF=`grep ^INTIF= $CONF_FILE|cut -d"=" -f2`	# INTernal InterFace

		;;
	--create|-create)	
		[ -d $DIR_UPDATE ] && rm -rf $DIR_UPDATE
		mkdir $DIR_UPDATE
# backup the users database
		$DIR_BIN/alcasar-mysql.sh -dump
		cp /var/Save/base/`ls -1t /var/Save/base|head -1` $DIR_UPDATE
# backup the logo
		cp -f $DIR_WEB/images/organisme.png $DIR_UPDATE
# backup Dansguardian files
		cp -f /etc/dansguardian/lists/exceptioniplist $DIR_UPDATE

		chown -R dansguardian:apache /etc/dansguardian/lists
		chmod -R g+rw /etc/dansguardian/lists
# Adapt DNS/URL filtering
		PARENT_SCRIPT=`basename $0`
		export PARENT_SCRIPT
		$DIR_BIN/alcasar-bl.sh -adapt
		$DIR_BIN/alcasar-bl.sh -reload
# retrieve dnsmasq general config file
		[ -e $DIR_UPDATE/dnsmasq ] && cp -f $DIR_UPDATE/dnsmasq /etc/sysconfig/dnsmasq \
		&& chown root.root /etc/sysconfig/dnsmasq \
		&& chmod 644 /etc/sysconfig/dnsmasq
# admin profile update (admin + manager + backup)
		$DIR_BIN/alcasar-profil.sh --list
# Start / Stop SSH Daemon
		ssh_active=`grep SSH= $CONF_FILE|cut -d"=" -f2`
		if [ $ssh_active = "on" ]
		then
			/usr/bin/systemctl -q enable sshd.service

		DHCP_mode=`grep DHCP= $CONF_FILE|cut -d"=" -f2`
		if [ "$PARENT_SCRIPT" != "alcasar.sh" ] # don't launch on install stage
		then
			if [ $DHCP_mode = "off" ]
			then
				$DIR_BIN/alcasar-dhcp.sh --off
			fi
 
# Implementation of the local DNS
			$DIR_BIN/alcasar-dns-local.sh --$INT_DNS_active
			
# Implementation of the authentification LDAP
#			$DIR_BIN/alcasar-ldap.sh --$INT_LDAP_active
 
# Logout everybody
			$DIR_BIN/alcasar-logout.sh all		
# Services stop
			echo -n "Stop services : "
			for i in ntpd tinyproxy dnsmasq dnsmasq-whitelist dnsmasq-blacklist chilli network
			do
				/usr/bin/systemctl stop $i && echo -n "$i, "
			done
			/usr/bin/kill -s SIGSTOP $(pidof httpd)
			echo
		fi
 
# /etc/hosts
		$SED "/alcasar/s?.*?$PRIVATE_IP\talcasar alcasar.localdomain?g" /etc/hosts

		$SED "s?^Host_Alias.*?Host_Alias	LAN_ORG=$PRIVATE_NETWORK/$PRIVATE_NETMASK,localhost		#réseau de l'organisme?g" /etc/sudoers
		if [ "$PARENT_SCRIPT" != "alcasar.sh" ] # don't launch on install stage
		then
# Services start
			/usr/bin/systemctl start network && echo -n "Start service : network" && sleep 1
			$DIR_BIN/alcasar-dhcp.sh -$DHCP_mode && echo -n ", coova" # apply DHCP mode and start coova
			for i in dnsmasq tinyproxy ntpd
				do
					sleep 1
					/usr/bin/systemctl start $i && echo -n ", $i"
				done
			$DIR_BIN/alcasar-bl.sh -reload && echo ", dnsmasq-blacklist, dnsmasq-whitelist, iptables,"
			/usr/bin/kill -s SIGCONT $(pidof httpd)
			/usr/bin/systemctl reload httpd && echo -n ", httpd"
		fi
# Start / Stop SSH Daemon
		ssh_active=`grep SSH= $CONF_FILE|cut -d"=" -f2`
		if [ $ssh_active = "on" ]
		then

Rev 1806	Rev 1827
Line 1...	Line 1...
1	`#/bin/bash`	1	`#/bin/bash`
2	`# $Id: alcasar-conf.sh 1806 2016-03-27 09:03:10Z franck $`	2	`# $Id: alcasar-conf.sh 1827 2016-04-19 09:47:29Z raphael.pion $`
3		3
4	`# alcasar-conf.sh`	4	`# alcasar-conf.sh`
5	`# by REXY`	5	`# by REXY`
6	`# This script is distributed under the Gnu General Public License (GPL)`	6	`# This script is distributed under the Gnu General Public License (GPL)`
7		7
Line 17...	Line 17...
17	`new="$(date +%G%m%d-%Hh%M)" # date et heure des fichiers`	17	`new="$(date +%G%m%d-%Hh%M)" # date et heure des fichiers`
18	`fichier="alcasar-conf-$new.tar.gz" # nom du fichier de sauvegarde`	18	`fichier="alcasar-conf-$new.tar.gz" # nom du fichier de sauvegarde`
19	`DIR_UPDATE="/tmp/conf" # répertoire de stockage des fichier de conf pour une mise à jour`	19	`DIR_UPDATE="/tmp/conf" # répertoire de stockage des fichier de conf pour une mise à jour`
20	`DIR_WEB="/var/www/html" # répertoire du centre de gestion`	20	`DIR_WEB="/var/www/html" # répertoire du centre de gestion`
21	`DIR_BIN="/usr/local/bin" # répertoire des scripts d'admin`	21	`DIR_BIN="/usr/local/bin" # répertoire des scripts d'admin`
22	`DIR_SBIN="/usr/local/sbin" # répertoire des scripts d'admin`	-
23	`DIR_ETC="/usr/local/etc" # répertoire des fichiers de conf`	22	`DIR_ETC="/usr/local/etc" # répertoire des fichiers de conf`
24	`CONF_FILE="$DIR_ETC/alcasar.conf" # main alcasar conf file`	23	`CONF_FILE="$DIR_ETC/alcasar.conf" # main alcasar conf file`
25	`VERSION="/var/www/html/VERSION" # contient la version en cours`	24	`VERSION="/var/www/html/VERSION" # contient la version en cours`
26	EXTIF=`grep ^EXTIF= $CONF_FILE\|cut -d"=" -f2` # EXTernal InterFace	25	EXTIF=`grep ^EXTIF= $CONF_FILE\|cut -d"=" -f2` # EXTernal InterFace
27	INTIF=`grep ^INTIF= $CONF_FILE\|cut -d"=" -f2` # INTernal InterFace	26	INTIF=`grep ^INTIF= $CONF_FILE\|cut -d"=" -f2` # INTernal InterFace
Line 67...	Line 66...
67	`;;`	66	`;;`
68	`--create\|-create)`	67	`--create\|-create)`
69	`[ -d $DIR_UPDATE ] && rm -rf $DIR_UPDATE`	68	`[ -d $DIR_UPDATE ] && rm -rf $DIR_UPDATE`
70	`mkdir $DIR_UPDATE`	69	`mkdir $DIR_UPDATE`
71	`# backup the users database`	70	`# backup the users database`
72	`$DIR_SBIN/alcasar-mysql.sh -dump`	71	`$DIR_BIN/alcasar-mysql.sh -dump`
73	cp /var/Save/base/`ls -1t /var/Save/base\|head -1` $DIR_UPDATE	72	cp /var/Save/base/`ls -1t /var/Save/base\|head -1` $DIR_UPDATE
74	`# backup the logo`	73	`# backup the logo`
75	`cp -f $DIR_WEB/images/organisme.png $DIR_UPDATE`	74	`cp -f $DIR_WEB/images/organisme.png $DIR_UPDATE`
76	`# backup Dansguardian files`	75	`# backup Dansguardian files`
77	`cp -f /etc/dansguardian/lists/exceptioniplist $DIR_UPDATE`	76	`cp -f /etc/dansguardian/lists/exceptioniplist $DIR_UPDATE`
Line 136...	Line 135...
136	`chown -R dansguardian:apache /etc/dansguardian/lists`	135	`chown -R dansguardian:apache /etc/dansguardian/lists`
137	`chmod -R g+rw /etc/dansguardian/lists`	136	`chmod -R g+rw /etc/dansguardian/lists`
138	`# Adapt DNS/URL filtering`	137	`# Adapt DNS/URL filtering`
139	PARENT_SCRIPT=`basename $0`	138	PARENT_SCRIPT=`basename $0`
140	`export PARENT_SCRIPT`	139	`export PARENT_SCRIPT`
141	`$DIR_SBIN/alcasar-bl.sh -adapt`	140	`$DIR_BIN/alcasar-bl.sh -adapt`
142	`$DIR_SBIN/alcasar-bl.sh -reload`	141	`$DIR_BIN/alcasar-bl.sh -reload`
143	`# retrieve dnsmasq general config file`	142	`# retrieve dnsmasq general config file`
144	`[ -e $DIR_UPDATE/dnsmasq ] && cp -f $DIR_UPDATE/dnsmasq /etc/sysconfig/dnsmasq \`	143	`[ -e $DIR_UPDATE/dnsmasq ] && cp -f $DIR_UPDATE/dnsmasq /etc/sysconfig/dnsmasq \`
145	`&& chown root.root /etc/sysconfig/dnsmasq \`	144	`&& chown root.root /etc/sysconfig/dnsmasq \`
146	`&& chmod 644 /etc/sysconfig/dnsmasq`	145	`&& chmod 644 /etc/sysconfig/dnsmasq`
147	`# admin profile update (admin + manager + backup)`	146	`# admin profile update (admin + manager + backup)`
148	`$DIR_SBIN/alcasar-profil.sh --list`	147	`$DIR_BIN/alcasar-profil.sh --list`
149	`# Start / Stop SSH Daemon`	148	`# Start / Stop SSH Daemon`
150	ssh_active=`grep SSH= $CONF_FILE\|cut -d"=" -f2`	149	ssh_active=`grep SSH= $CONF_FILE\|cut -d"=" -f2`
151	`if [ $ssh_active = "on" ]`	150	`if [ $ssh_active = "on" ]`
152	`then`	151	`then`
153	`/usr/bin/systemctl -q enable sshd.service`	152	`/usr/bin/systemctl -q enable sshd.service`
Line 219...	Line 218...
219	DHCP_mode=`grep DHCP= $CONF_FILE\|cut -d"=" -f2`	218	DHCP_mode=`grep DHCP= $CONF_FILE\|cut -d"=" -f2`
220	`if [ "$PARENT_SCRIPT" != "alcasar.sh" ] # don't launch on install stage`	219	`if [ "$PARENT_SCRIPT" != "alcasar.sh" ] # don't launch on install stage`
221	`then`	220	`then`
222	`if [ $DHCP_mode = "off" ]`	221	`if [ $DHCP_mode = "off" ]`
223	`then`	222	`then`
224	`$DIR_SBIN/alcasar-dhcp.sh --off`	223	`$DIR_BIN/alcasar-dhcp.sh --off`
225	`fi`	224	`fi`
226		225
227	`# Implementation of the local DNS`	226	`# Implementation of the local DNS`
228	`$DIR_SBIN/alcasar-dns-local.sh --$INT_DNS_active`	227	`$DIR_BIN/alcasar-dns-local.sh --$INT_DNS_active`
229		228
230	`# Implementation of the authentification LDAP`	229	`# Implementation of the authentification LDAP`
231	`# $DIR_SBIN/alcasar-ldap.sh --$INT_LDAP_active`	230	`# $DIR_BIN/alcasar-ldap.sh --$INT_LDAP_active`
232		231
233	`# Logout everybody`	232	`# Logout everybody`
234	`$DIR_SBIN/alcasar-logout.sh all`	233	`$DIR_BIN/alcasar-logout.sh all`
235	`# Services stop`	234	`# Services stop`
236	`echo -n "Stop services : "`	235	`echo -n "Stop services : "`
237	`for i in ntpd tinyproxy dnsmasq dnsmasq-whitelist dnsmasq-blacklist chilli network httpd`	236	`for i in ntpd tinyproxy dnsmasq dnsmasq-whitelist dnsmasq-blacklist chilli network`
238	`do`	237	`do`
239	`/usr/bin/systemctl stop $i && echo -n "$i, "`	238	`/usr/bin/systemctl stop $i && echo -n "$i, "`
240	`done`	239	`done`
-		240	`/usr/bin/kill -s SIGSTOP $(pidof httpd)`
241	`echo`	241	`echo`
242	`fi`	242	`fi`
243		243
244	`# /etc/hosts`	244	`# /etc/hosts`
245	`$SED "/alcasar/s?.*?$PRIVATE_IP\talcasar alcasar.localdomain?g" /etc/hosts`	245	`$SED "/alcasar/s?.*?$PRIVATE_IP\talcasar alcasar.localdomain?g" /etc/hosts`
Line 328...	Line 328...
328	`$SED "s?^Host_Alias.*?Host_Alias LAN_ORG=$PRIVATE_NETWORK/$PRIVATE_NETMASK,localhost #réseau de l'organisme?g" /etc/sudoers`	328	`$SED "s?^Host_Alias.*?Host_Alias LAN_ORG=$PRIVATE_NETWORK/$PRIVATE_NETMASK,localhost #réseau de l'organisme?g" /etc/sudoers`
329	`if [ "$PARENT_SCRIPT" != "alcasar.sh" ] # don't launch on install stage`	329	`if [ "$PARENT_SCRIPT" != "alcasar.sh" ] # don't launch on install stage`
330	`then`	330	`then`
331	`# Services start`	331	`# Services start`
332	`/usr/bin/systemctl start network && echo -n "Start service : network" && sleep 1`	332	`/usr/bin/systemctl start network && echo -n "Start service : network" && sleep 1`
333	`$DIR_SBIN/alcasar-dhcp.sh -$DHCP_mode && echo -n ", coova" # apply DHCP mode and start coova`	333	`$DIR_BIN/alcasar-dhcp.sh -$DHCP_mode && echo -n ", coova" # apply DHCP mode and start coova`
334	`for i in dnsmasq tinyproxy ntpd httpd`	334	`for i in dnsmasq tinyproxy ntpd`
335	`do`	335	`do`
336	`sleep 1`	336	`sleep 1`
337	`/usr/bin/systemctl start $i && echo -n ", $i"`	337	`/usr/bin/systemctl start $i && echo -n ", $i"`
338	`done`	338	`done`
339	`$DIR_SBIN/alcasar-bl.sh -reload && echo ", dnsmasq-blacklist, dnsmasq-whitelist, iptables"`	339	`$DIR_BIN/alcasar-bl.sh -reload && echo ", dnsmasq-blacklist, dnsmasq-whitelist, iptables,"`
-		340	`/usr/bin/kill -s SIGCONT $(pidof httpd)`
-		341	`/usr/bin/systemctl reload httpd && echo -n ", httpd"`
340	`fi`	342	`fi`
341	`# Start / Stop SSH Daemon`	343	`# Start / Stop SSH Daemon`
342	ssh_active=`grep SSH= $CONF_FILE\|cut -d"=" -f2`	344	ssh_active=`grep SSH= $CONF_FILE\|cut -d"=" -f2`
343	`if [ $ssh_active = "on" ]`	345	`if [ $ssh_active = "on" ]`
344	`then`	346	`then`

Subversion Repositories ALCASAR

(root)/scripts/alcasar-conf.sh @ 2838 – Rev 1806 → 1827