astrXbian/zen/ipfs_SWARM_refresh.sh

#!/bin/bash
########################################################################
# Author: Fred (support@qo-op.com)
# Version: 2020.03.24
# License: AGPL-3.0 (https://choosealicense.com/licenses/agpl-3.0/)
########################################################################
MY_PATH="`dirname \"$0\"`"              # relative
MY_PATH="`( cd \"$MY_PATH\" && pwd )`"  # absolutized and normalized
ME="${0##*/}"
countMErunning=$(ps auxf --sort=+utime | grep -w $ME | grep -v -E 'color=auto|grep' | wc -l)
[[ $countMErunning -gt 2 ]] && echo "$ME already running $countMErunning time" && exit 0

YOU=$(ps auxf --sort=+utime | grep -w ipfs | grep -v -E 'color=auto|grep' | tail -n 1 | cut -d " " -f 1) && [[ ! $YOU ]] && echo "ipfs NOT RUNNING. EXIT" && exit 1
G1PUB=$(cat ~/.zen/secret.dunikey | grep 'pub:' | cut -d ' ' -f 2) && [[ ! $G1PUB ]] && echo "ERREUR G1PUB. EXIT" && exit 1
IPFSNODEID=$(ipfs --timeout=20s id -f='<id>\n')
[[ ! $IPFSNODEID ]] && echo 'ERROR missing IPFS Node id !! IPFS is not installed !?' && exit 1
########################################################################
########################################################################
# This script is controling IPFS swarm
# Sync friends peers ~/.zen/ipfs/ into ~/.zen/ipfs_swarm/.IPFSNODEID's/ directories
# add not friend_of_mine IPs to fail2ban
########################################################################
########################################################################
mkdir -p ~/.zen/ipfs_swarm
echo '
___ _  _ __  __         _       _  _ _ _  _ __
 | |_)|_(_  (_\    //\ |_)|\/| |_)|_|_|_)|_(_ |_|
_|_|  | __) __)\/\//--\| \|  | | \|_| | \|___)| |

'
echo "I am $IPFSNODEID CONTROLING MY SWARM"
timestamp=$(date -u +%s%N | cut -b1-13)

########################################################################
# Delete "ipfs" & "ipfs_swarm" after reboot
# [[ ! -f /tmp/swarm_cleaned ]] && rm -Rf ~/.zen/ipfs/* && rm -Rf ~/.zen/ipfs_swarm/ && mkdir -p ~/.zen/ipfs_swarm && echo "IPFS CLEANING OK" > /tmp/swarm_cleaned
########################################################################
[[ "$1" == "quick" ]] && echo "" > /tmp/A_swarm || cat ~/.zen/A_swarm_map.txt > /tmp/A_swarm
rm /tmp/treated.ipfs.swarm
touch /tmp/treated.ipfs.swarm

## RESET BOOTSTRAP LIST
# ipfs bootstrap rm --all > /dev/null 2>&1

########################################################################
########################################################################
echo "******************************************************************"
echo "RETRIEVING MY OWN DATA FROM IPNS TO ~/.zen/ipfs_swarm"
#ipfs get --output=/home/$YOU/.zen/ipfs_swarm/ /ipns/$IPFSNODEID
########################################################################
count=1
ipfs bootstrap > /tmp/ipfs_swarm_peers
ipfs swarm peers >> /tmp/ipfs_swarm_peers
for ipfsnodeid in $( (cat /tmp/ipfs_swarm_peers | grep -o '[^/]*$' && cat /tmp/A_swarm | grep -o '[^/]*$' ) | sort | uniq);
do
    ## $ipfsnodeid already Treated ?
    [[ "$ipfsnodeid" == "$IPFSNODEID" ]] && continue
    [[ -f ~/.zen/ipfs_swarm/.$ipfsnodeid/_xbian.zuid ]] && XID=$(cat ~/.zen/ipfs_swarm/.$ipfsnodeid/_xbian.zuid) || XID=''
    [[ -f ~/.zen/ipfs_swarm/.$ipfsnodeid/G1SSB/_g1.gchange_title ]] && XZUID=$(cat ~/.zen/ipfs_swarm/.$ipfsnodeid/G1SSB/_g1.gchange_title) || XZUID=''
    [[ "$XID" == "" ]] && ipfs swarm disconnect /ipfs/$ipfsnodeid ## NOT COMPLIANT STATION
    # [[ $(cat /tmp/treated.ipfs.swarm | grep "$ipfsnodeid") ]] && continue
    [[ $(cat ~/.zen/A_dead_swarm.txt | grep "$ipfsnodeid") ]] && echo "DEAD SWARM" && continue


    # control ip isLAN?
    peerline=$(cat ~/.zen/A_swarm_map.txt | grep "$ipfsnodeid" | tail -n 1)
    [[ ! $peerline ]] && peerline=$(cat /tmp/ipfs_swarm_peers | grep "$ipfsnodeid" | tail -n 1)
    ip=$(cat /tmp/ipfs_swarm_peers | grep "$ipfsnodeid" | awk -F '/' '{print $3}' | tail -n 1) && [[ ! $ip ]] && continue
    isLAN=$(echo $ip | cut -f3 -d '/' | grep -E "(^127\.)|(^192\.168\.)|(^fd42\:)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^::1$)|(^[fF][cCdD])/")

    nowdate=$(date)

    # Convert ipfsnodeid into g1pub
    [[ "${ipfsnodeid:0:2}" != "Qm" ]] && whoisg1=$(~/.zen/astrXbian/zen/tools/ipfs_to_g1.py $ipfsnodeid) || echo "$ipfsnodeid" >> ~/.zen/A_dead_swarm.txt

    echo "#############################################################"
    echo "### ANALYZING $ipfsnodeid ($ip) $XID $XZUID ###"
    echo "$peerline"
    myfriendpeer=$(cat ~/.zen/A_my_swarm.txt | grep $ipfsnodeid )
    if [[ "$myfriendpeer" != "" ]];
    then
#  _____ ____  ___ _____ _   _ ____
# |  ___|  _ \|_ _| ____| \ | |  _ \
# | |_  | |_) || ||  _| |  \| | | | |
# |  _| |  _ < | || |___| |\  | |_| |
# |_|   |_| \_\___|_____|_| \_|____/
#
#
        if [[ ! $(cat /tmp/ipfs_swarm_peers | grep $ipfsnodeid) ]];
        then
            ipfs swarm connect "$peerline"
            if [ $? != 0 ]; then
                grep -vEi $ip ~/.zen/A_my_swarm.txt
                echo $ipfsnodeid >> ~/.zen/A_dead_swarm.txt
                echo "SEND MESSAGE ABOUT UNREACHABLE FRIEND $whoisg1 ($XID) ($XZUID)"
                ~/.zen/astrXbian/zen/tools/timeout.sh -t 12 ~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey -n "https://data.gchange.fr" send -d $G1PUB -t "ALERT" -m "Impossible de se synchroniser avec $whoisg1 ($XID) ($XZUID)"
                # KEEPING LAST 10 ALERT MESSAGES
                nbmessage=0
                for messageid in $(~/.zen/astrXbian/zen/tools/timeout.sh -t 12 ~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey -n "https://data.gchange.fr" read -n300 -j | jq -r --arg friendKEY "$G1PUB" '.[] | select(.pubkey == $friendKEY)' | jq 'select(.title == "ALERT")' | jq -r '.id')
                do
                    nbmessage=$((nbmessage+1))
                    [ $nbmessage -gt 10 ] && echo "Delete $nbmessage OLD 'ALERT' messages from $G1PUB" && ~/.zen/astrXbian/zen/tools/timeout.sh -t 12 ~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey -n "https://data.gchange.fr" delete -i $messageid && sleep 0.5
                done
                continue
            fi
        fi
        ## Add to bootstrap if XID exists
        [[ "$XID" != "" ]] && ipfs bootstrap add "$peerline" || ipfs bootstrap rm "$peerline"
        echo "OK Friend REFRESH /ipns/$ipfsnodeid INTO ~/.zen/ipfs_swarm/"
        ipfs --timeout=30s get --output=/home/$YOU/.zen/ipfs_swarm/ /ipns/$ipfsnodeid
        if [ $? != 0 ];
        then
            echo "TIMEOUT REACHED ___ REMOVE $ipfsnodeid FROM ~/.zen/A_my_swarm.txt";
        else
            ################################################################
            ## REFRESH stargates keys from my friend
            ################################################################
            mkdir -p ~/.zen/key/stargates/$whoisg1
            ipfs --timeout=20s get --output=$HOME/.zen/key/stargates/$whoisg1/ /ipns/$ipfsnodeid/.$ipfsnodeid/FRIENDS/$G1PUB/
            ## DECRYPT
            if [[ $? == 0 ]]; then
                [[ -f $HOME/.zen/key/stargates/$whoisg1/stargate1.encrypt ]] && $MY_PATH/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/key/stargates/$whoisg1/stargate1.encrypt" -o "$HOME/.zen/key/stargates/$whoisg1/stargate1"
                [[ -f $HOME/.zen/key/stargates/$whoisg1/stargate2.encrypt ]] && $MY_PATH/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/key/stargates/$whoisg1/stargate2.encrypt" -o "$HOME/.zen/key/stargates/$whoisg1/stargate2"
                [[ -f $HOME/.zen/key/stargates/$whoisg1/stargate3.encrypt ]] && $MY_PATH/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/key/stargates/$whoisg1/stargate3.encrypt" -o "$HOME/.zen/key/stargates/$whoisg1/stargate3"
                [[ -f $HOME/.zen/key/stargates/$whoisg1/stargate4.encrypt ]] && $MY_PATH/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/key/stargates/$whoisg1/stargate4.encrypt" -o "$HOME/.zen/key/stargates/$whoisg1/stargate4"
                [[ -f $HOME/.zen/key/stargates/$whoisg1/stargate5.encrypt ]] && $MY_PATH/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/key/stargates/$whoisg1/stargate5.encrypt" -o "$HOME/.zen/key/stargates/$whoisg1/stargate5"
            fi
        fi
    else # if [[ "$myfriendpeer" != "" ]];
#  ____  _____ _____ ____ ___  _   _
# |  _ \| ____|  ___/ ___/ _ \| \ | |
# | | | |  _| | |_ | |  | | | |  \| |
# | |_| | |___|  _|| |__| |_| | |\  |
# |____/|_____|_|   \____\___/|_| \_|
#
        [[ -f ~/.zen/DEFCON ]] && export DEFCON=$(cat ~/.zen/DEFCON) || export DEFCON=$(cat ~/.zen/astrXbian/DEFCON) # like in crom_MINUTE.sh
        echo "!!! UNKNOWN FRIEND !!! $ip ___ $ipfsnodeid ________ # DEFCON : $DEFCON "
        [[ -d ~/.zen/ipfs_swarm/.$ipfsnodeid ]] && rm -Rf ~/.zen/ipfs_swarm/.$ipfsnodeid && "REMOVE ipfs_swarm DIRECTORY"

        ip=$(cat /tmp/ipfs_swarm_peers | grep "$ipfsnodeid" | awk -F '/' '{print $3}' | head -n 1)
        isLAN=$(echo $ip | cut -f3 -d '/' | grep -E "(^127\.)|(^192\.168\.)|(^fd42\:)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^::1$)|(^[fF][cCdD])/")

        [[ $ip ]] && anybodyelseipfsid=$(cat /tmp/ipfs_swarm_peers | grep "$ip" | grep -Ev "$ipfsnodeid" | head -n 1 | rev | cut -d '/' -f 1 | rev )
        [[ $anybodyelseipfsid ]] && isanybodyelseipmyfriend=$(cat ~/.zen/A_my_swarm.txt | grep $anybodyelseipfsid) ## AVOID BANNING IP IF A FRIEND IS IN SAME LAN WITH PUBLIC IP
        [[ $isanybodyelseipmyfriend ]] && echo "TODO: SEND MESSAGE TO $isanybodyelseipmyfriend WARNING ABOUT $ipfsnodeid SAME SEEN IP $ip"
        if [[ $ip && ! $isanybodyelseipmyfriend && ( $DEFCON < 5 ) && ! $isLAN ]]
        then

            if [[ $DEFCON -eq 4 ]]; then ## DEFCON 4
            ### SECURITY CHOICE TO MAKE IN /etc/sudoers ###
            # $USER ALL=(ALL:ALL) NOPASSWD:ALL
            # $USER ALL=(ALL:ALL) NOPASSWD:/usr/bin/fail2ban-client
            sudo fail2ban-client add recidive 2>/dev/null 1>&2
            sudo fail2ban-client start recidive
            sudo fail2ban-client set recidive bantime 36000 # 10 Hours bantime

            sudo fail2ban-client set recidive banip $ip
            # Show ALL banned IP
            sudo fail2ban-client status recidive
            fi

            ## DEFCON 2
            # nmap NOT FRIEND

            ## DEFCON 1
            # DDOS NOT FRIEND

        fi

        if [[ ! $isLAN ]]; then
            ipfs swarm disconnect "$peerline"
        fi

        ipfs bootstrap rm "$peerline"
    fi

    echo "$ipfsnodeid" >> /tmp/treated.ipfs.swarm

done

if [[ $DEFCON -eq 3 ]];
then ## DEFCON 3
# ACTIVATE PRIVATE SMARM !! 1ST BOOTSRAP creates and send a key to every level3 friends he knows (PUB)
# RUN ONCE ONLY
    if [[ ! -f ~/.ipfs/swarm.key.defcon3 ]];
    then
        SWARMKEYnode=$(cat ~/.zen/astrXbian/A_boostrap_nodes.txt | grep -Ev "#" | tail -n 1) ## FIRST BOOTSTRAP EMIT AND SEND swarm.key
        nodeid=${SWARMKEYnode##*/}
        KEYnode=$(~/.zen/astrXbian/zen/tools/ipfs_to_g1.py $nodeid)
        # I $G1PUB am designed to launch defcon3
        if [[ "$KEYnode" == "$G1PUB" ]];
        then
        ## CREATE swarm.key
        echo -e "/key/swarm/psk/1.0.0/\n/base16/\n `tr -dc 'a-f0–9' < /dev/urandom | head -c64`" > ~/.ipfs/swarm.key.defcon3
        ## IDENTIFY LEVEL 3 FRIENDS
        ## CONTACT FRIENDS AND MAKE APPOINTEMENT !!
        for g1id in $(ls ~/.zen/ipfs/.$IPFSNODEID/FRIENDS); do
                [[ "$g1id" == "index.html" ]] && continue
                ipfsnodeid=$(~/.zen/astrXbian/zen/tools/g1_to_ipfs.py $g1id)
                 [[ "$ipfsnodeid" == "" ]] && continue

                echo "BLOB-Brain Friend RENEW /ipns/$ipfsnodeid TO ~/.zen/ipfs_swarm/"
                rm - Rf /home/$YOU/.zen/ipfs_swarm/$ipfsnodeid
                ipfs --timeout=20s get --output=/home/$YOU/.zen/ipfs_swarm/ /ipns/$ipfsnodeid
                [[ -f /home/$YOU/.zen/ipfs_swarm/.$ipfsnodeid/_xbian.zuid ]] && zuid=$(cat /home/$YOU/.zen/ipfs_swarm/.$ipfsnodeid/_xbian.zuid) || continue

                stars=$(cat ~/.zen/ipfs/.$IPFSNODEID/FRIENDS/$g1id/stars.level);
                G1BALANCE=$(~/.zen/astrXbian/zen/jaklis/jaklis.py balance -p $g1pub) && [[ "$G1BALANCE" == "null" ]] && G1BALANCE=0 || G1BALANCE=$(echo "$G1BALANCE" | cut -d '.' -f 1)
                echo "DEFCON3 $stars STARS $g1pub ($G1BALANCE G1) /ipns/$ipfsnodeid" >> ~/.zen/alert
                ## MESSAGE SENT ONLY TO ONLINE LEVEL 3 FRIENDS
                [ $stars -gt 3 ] && ~/.zen/astrXbian/zen/tools/timeout.sh -t 12 ~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey -n "https://data.gchange.fr" send -d $g1id -t "DEFCON3" -f ~/.ipfs/swarm.key.defcon3
        done
        ## SEULE LA STATION SOURCE DU CODE PEUT ACTIVER DEFON3.
        ## LE SWARM EST ALORS MANUELLEMENT PASSE EN PRIVE
        ## Chaque ami prévenu reçoit le fichier à placer dans ~/.ipfs/swarm.key
        ## Le premier BOOTSTRAP ~/.zen/astrXbian/A_boostrap_nodes.txt
        ## lance un RDV sur FRAMADATE, ou autre...
        fi
    fi
fi
########################################################################
# REFRESH Film Serie Anime Youtube ${PREFIX}ASTRXBIAN index
########################################################################
echo "******************************************************************"
echo "### REFRESH Film Serie Anime Youtube ${PREFIX}ASTRXBIAN   ###"
[[ ! -d ~/.zen/ipfs/.${IPFSNODEID}/astroport/kodi/vstream ]] && mkdir -p ~/.zen/ipfs/.${IPFSNODEID}/astroport/kodi/vstream/
AXID=$(cat ~/.zen/ipfs/.$IPFSNODEID/_xbian.zuid);

for PREFIX in F S A Y
do
    echo "CAT;TMDB;YEAR;TITLE;SAISON;GENRES;GROUPES;RES;URLS=http://127.0.0.1:8181" > ~/.zen/ipfs/.${IPFSNODEID}/${PREFIX}ASTRXBIAN
    cat ~/.zen/ipfs_swarm/.12D*/astroport/kodi/vstream/${PREFIX}ASTRXBIAN | sed "s/anime;/film;/g" | sed '/^[[:space:]]*$/d' | grep -Ev "CAT;TMDB" | sort | uniq >> ~/.zen/ipfs/.${IPFSNODEID}/${PREFIX}ASTRXBIAN
done
# Remove old database
# rm ~/.kodi/userdata/addon_data/plugin.video.vstream/astroport_cache.db

########################################################################
# REFRESH tiddlywiki WALL OF FRIENDS
########################################################################
echo "******************************************************************"
echo "###           PUBLISH tiddlywiki WALL OF FRIENDS          ###"
echo "<html><body>" > ~/.zen/ipfs/.${IPFSNODEID}/FRIENDS/index.html
for wiki in $(ls ~/.zen/ipfs_swarm/.12D*/index.html 2>/dev/null); do
    ipfsnodeid=$(echo $wiki | cut -d '.' -f 3- | cut -d '/' -f 1)
    whoisg1=$(~/.zen/astrXbian/zen/tools/ipfs_to_g1.py $ipfsnodeid)

echo "<iframe id=\"$ipfsnodeid\"
title='tiddlywiki $whoisg1'
width='600'
src=\"http://127.0.0.1:8181/ipns/$ipfsnodeid/.$ipfsnodeid/index.html\">
</iframe>" >> ~/.zen/ipfs/.${IPFSNODEID}/FRIENDS/index.html
done

echo "</body></html>" >> ~/.zen/ipfs/.${IPFSNODEID}/FRIENDS/index.html

########################################################################
# ACTIVATE WORDPRESS CHANNEL ## TODO DEBUG (creates WP duplicates)
########################################################################
## [[ $(which wp) ]] && ~/.zen/astrXbian/zen/wordpress_channel.sh

# REFRESH IPNS SELF PUBLISH
########################################################################
~/.zen/astrXbian/zen/ipns_self_publish.sh
########################################################################

exit 0