| 2223 |
tom.houday |
1 |
#!/bin/bash
|
| 958 |
franck |
2 |
# $Id: alcasar-https.sh 3225 2024-08-28 21:22:11Z rexy $
|
| 843 |
richard |
3 |
|
| 3225 |
rexy |
4 |
# alcasar-https.sh
|
| 843 |
richard |
5 |
# by Rexy
|
|
|
6 |
# This script is distributed under the Gnu General Public License (GPL)
|
|
|
7 |
|
|
|
8 |
# active ou désactive le chiffrement sur les flux d'authentification
|
|
|
9 |
# enable or disable encryption on authentication flows
|
|
|
10 |
|
|
|
11 |
SED="/bin/sed -i"
|
| 2324 |
tom.houday |
12 |
CONF_FILE="/usr/local/etc/alcasar.conf"
|
| 843 |
richard |
13 |
CHILLI_CONF_FILE="/etc/chilli.conf"
|
| 2324 |
tom.houday |
14 |
HOSTNAME=$(grep ^HOSTNAME= $CONF_FILE | cut -d'=' -f2)
|
|
|
15 |
DOMAIN=$(grep ^DOMAIN= $CONF_FILE | cut -d'=' -f2)
|
| 843 |
richard |
16 |
|
|
|
17 |
usage="Usage: alcasar-https.sh {--on | -on} | {--off | -off}"
|
|
|
18 |
nb_args=$#
|
|
|
19 |
args=$1
|
|
|
20 |
if [ $nb_args -eq 0 ]
|
|
|
21 |
then
|
|
|
22 |
echo "$usage"
|
|
|
23 |
exit 1
|
|
|
24 |
fi
|
| 2324 |
tom.houday |
25 |
|
| 843 |
richard |
26 |
case $args in
|
|
|
27 |
-\? | -h* | --h*)
|
|
|
28 |
echo "$usage"
|
|
|
29 |
exit 0
|
|
|
30 |
;;
|
| 2920 |
rexy |
31 |
--off | -off) # Chilli : disable HTTPS (it will listen only on 3990 port) + lighttpd : switch with an HTTP conf file
|
| 2324 |
tom.houday |
32 |
$SED "s?^HTTPS_LOGIN=.*?HTTPS_LOGIN=off?" $CONF_FILE
|
| 2409 |
tom.houday |
33 |
$SED "s?^HTTPS_CHILLI=.*?HTTPS_CHILLI=off?" $CONF_FILE
|
| 2592 |
rexy |
34 |
$SED "s?^uamserver.*?uamserver\thttp://$HOSTNAME.$DOMAIN/intercept.php?" $CHILLI_CONF_FILE
|
|
|
35 |
$SED "s?^redirssl.*?#&?" $CHILLI_CONF_FILE
|
|
|
36 |
$SED "s?^uamuissl.*?#&?" $CHILLI_CONF_FILE
|
| 1617 |
richard |
37 |
/usr/bin/systemctl restart chilli
|
| 2592 |
rexy |
38 |
rm -f /etc/lighttpd/vhosts.d/alcasar.conf
|
|
|
39 |
ln -s /etc/lighttpd/vhosts.d/alcasar-without-ssl.conf /etc/lighttpd/vhosts.d/alcasar.conf
|
|
|
40 |
/usr/bin/systemctl restart lighttpd
|
| 843 |
richard |
41 |
;;
|
| 2920 |
rexy |
42 |
--on | -on) # Chilli : enable HTTPS (it will listen on ports 3990 (http) and 3991 (https) + lighttpd : switch with an HTTPS conf file
|
| 2324 |
tom.houday |
43 |
$SED "s?^HTTPS_LOGIN=.*?HTTPS_LOGIN=on?" $CONF_FILE
|
| 2879 |
rexy |
44 |
$SED "s?^HTTPS_CHILLI=.*?HTTPS_CHILLI=on?" $CONF_FILE
|
| 2592 |
rexy |
45 |
$SED "s?^uamserver.*?uamserver\thttps://$HOSTNAME.$DOMAIN/intercept.php?" $CHILLI_CONF_FILE
|
|
|
46 |
$SED "s?^#redirssl.*?redirssl?" $CHILLI_CONF_FILE
|
|
|
47 |
$SED "s?^#uamuissl.*?uamuissl?" $CHILLI_CONF_FILE
|
| 1617 |
richard |
48 |
/usr/bin/systemctl restart chilli
|
| 2592 |
rexy |
49 |
rm -f /etc/lighttpd/vhosts.d/alcasar.conf
|
|
|
50 |
ln -s /etc/lighttpd/vhosts.d/alcasar-with-ssl.conf /etc/lighttpd/vhosts.d/alcasar.conf
|
|
|
51 |
/usr/bin/systemctl restart lighttpd
|
| 843 |
richard |
52 |
;;
|
|
|
53 |
*)
|
| 2324 |
tom.houday |
54 |
echo "Argument inconnu : $1"
|
| 843 |
richard |
55 |
echo "$usage"
|
|
|
56 |
exit 1
|
|
|
57 |
;;
|
|
|
58 |
esac
|