axiom-team
/
astrXbian
8
7
Fork 4
Code Issues 19 Pull Requests Projects Releases Wiki Activity

remove unecessary

This commit is contained in:
qo-op 2020-12-12 04:06:15 +01:00
parent f91e993fe5
commit ce1611eee7
37 changed files with 0 additions and 2686 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
.install/ipfs-pi-stream/audio.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 32 KiB

31
.install/ipfs-pi-stream/enable-camera.sh
View File

@ -1,31 +0,0 @@
#!/usr/bin/env bash
# Enable camera on Raspberry Pi
# set_config_var taken from raspi-config
set_config_var() {
lua - "$1" "$2" "$3" <<EOF > "$3.bak"
local key=assert(arg[1])
local value=assert(arg[2])
local fn=assert(arg[3])
local file=assert(io.open(fn))
local made_change=false
for line in file:lines() do
if line:match("^#?%s*"..key.."=.*$") then
line=key.."="..value
made_change=true
end
print(line)
end
if not made_change then
print(key.."="..value)
end
EOF
sudo mv "$3.bak" "$3"
}
# Command extracted from raspi-config
sed /boot/config.txt -i -e "s/^startx/#startx/"
sed /boot/config.txt -i -e "s/^fixup_file/#fixup_file/"
set_config_var start_x 1 /boot/config.txt
set_config_var gpu_mem 128 /boot/config.txt

52
.install/ipfs-pi-stream/install
View File

@ -1,52 +0,0 @@
#!/usr/bin/env bash
set -e
BASE_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
# Enable camera on the Raspberry Pi
sudo "$BASE_DIR/enable-camera.sh"
# Install ffmpeg and supporting tools
sudo apt-get install -y ffmpeg lsof inotify-tools nginx
# Copy placeholder for audio-only streams
cp "$BASE_DIR/audio.jpg" "$HOME/audio.jpg"
# Add user to be able to modify nginx directories
sudo usermod -a -G "$USER" www-data
sudo chmod g+rw /var/www/html
# TODO: why is this needed?
sudo chmod a+rw /var/www/html
sudo cp -f "$BASE_DIR/process-stream.sh" /usr/bin/process-stream.sh
sudo cp -f "$BASE_DIR/process-stream.service" /etc/systemd/system/process-stream.service
sudo systemctl daemon-reload
sudo systemctl enable process-stream
# Add hourly job to clear out old data
echo "41 * * * * $USER /usr/local/bin/ipfs repo gc" | sudo tee --append /etc/crontab
# Install the ipfs video player
mkdir "$BASE_DIR/tmp"
current_dir="$(pwd)"
git clone https://github.com/tomeshnet/ipfs-live-streaming.git "$BASE_DIR/tmp/ipfs-live-streaming"
cd "$BASE_DIR/tmp/ipfs-live-streaming"
git checkout b9be352582317e5336ddd7183ecf49042dafb33e
cd "$current_dir"
VIDEO_PLAYER_PATH="$BASE_DIR/tmp/ipfs-live-streaming/terraform/shared/video-player"
sed -i s#__IPFS_GATEWAY_SELF__#/ipfs/# "$VIDEO_PLAYER_PATH/js/common.js"
sed -i s#__IPFS_GATEWAY_ORIGIN__#https://ipfs.io/ipfs/# "$VIDEO_PLAYER_PATH/js/common.js"
IPFS_ID=$(ipfs id | grep ID | head -n 1 | awk -F\" '{print $4}')
sed -i "s#live.m3u8#/ipns/$IPFS_ID#" "$VIDEO_PLAYER_PATH/js/common.js"
sed -i s#__M3U8_HTTP_URLS__#\ # "$VIDEO_PLAYER_PATH/js/common.js"
cp -r "$VIDEO_PLAYER_PATH" /var/www/html/video-player
rm -rf "$BASE_DIR/tmp"
# Add entry into nginx home screen
APP="<div class='app'><h2>IPFS Pi Stream Player</h2>IPFS Video player for Pi Stream. <br />M3U8 Stream located <a href='/ipns/$IPFS_ID'>over ipns</a> <br/><a href='/video-player/'>Go </a> and play with built in video player</div>"
sudo sed -i "s#<\!--APPLIST-->#$APP\n<\!--APPLIST-->#" "/var/www/html/index.html"

16
.install/ipfs-pi-stream/process-stream.service
View File

@ -1,16 +0,0 @@
[Unit]
Description=Service to process RTMP stream
Wants=network.target
After=ipfs.service
[Service]
Type=simple
User=pi
Group=pi
ExecStart=/usr/bin/process-stream.sh
ExecStop=/bin/kill -s QUIT $MAINPID
Restart=on-failure
RestartSec=10s
[Install]
WantedBy=multi-user.target

124
.install/ipfs-pi-stream/process-stream.sh
View File

@ -1,124 +0,0 @@
#!/usr/bin/env bash
HLS_TIME=40
M3U8_SIZE=3
IPFS_GATEWAY="https://ipfs.io"
# Load settings
# Prepare Pi Camera
sudo modprobe bcm2835-v4l2
sudo v4l2-ctl --set-ctrl video_bitrate=100000
function startFFmpeg() {
while true; do
mv ~/ffmpeg.log ~/ffmpeg.1
echo 1 > ~/stream-reset
# Stream Raspberry Pi Camera
ffmpeg -f video4linux2 -input_format h264 -video_size 1280x720 -framerate 30 -i /dev/video0 -vcodec copy -hls_time "${HLS_TIME}" "${what}.m3u8" > ~/ffmpeg.log 2>&1
# Stream FM Station from a SDR module (see contrib/pi-stream to install drivers)
# Frequency ends in M IE 99.9M
# rtl_fm -f 99.9M -M fm -s 170k -A std -l0 -E deemp -r 44.1k | ffmpeg -r 15 -loop 1 -i ../audio.jpg -f s16le -ac 1 -i pipe:0 -c:v libx264 -tune stillimage -preset ultrafast -hls_time "${HLS_TIME}" "${what}.m3u8" > ~/ffmpeg 2>&1
sleep 0.5
done
}
# Create directory for HLS content
currentpath="$HOME/live"
sudo umount "${currentpath}"
rm -rf "${currentpath}"
mkdir "${currentpath}"
sudo mount -t tmpfs tmpfs "${currentpath}"
# shellcheck disable=SC2164
cd "${currentpath}"
what="$(date +%Y%m%d%H%M)-LIVE"
# Start ffmpeg in background
startFFmpeg &
while true; do
#TODO# Fix this one
# shellcheck disable=SC2086,SC2012
nextfile=$(ls -tr ${what}*.ts 2>/dev/null | head -n 1)
if [ -n "${nextfile}" ]; then
# Check if the next file on the list is still being written to by ffmpeg
if lsof "${nextfile}" | grep -1 ffmpeg; then
# Wait for file to finish writing
# If not finished in 45 seconds something is wrong, timeout
inotifywait -e close_write "${nextfile}" -t ${HLS_TIME}
fi
# Grab the timecode from the m3u8 file so we can add it to the log
timecode=$(grep -B1 "${nextfile}" "${what}.m3u8" | head -n1 | awk -F : '{print $2}' | tr -d ,)
attempts=5
until [[ "${timecode}" || ${attempts} -eq 0 ]]; do
# Wait and retry
sleep 0.5
timecode=$(grep -B1 "${nextfile}" "${what}.m3u8" | head -n1 | awk -F : '{print $2}' | tr -d ,)
attempts=$((attempts-1))
done
if ! [[ "${timecode}" ]]; then
# Set approximate timecode
timecode="${HLS_TIME}.000000"
fi
reset_stream=$(cat ~/stream-reset)
reset_stream_marker=''
if [[ ${reset_stream} -eq '1' ]]; then
reset_stream_marker=" #EXT-X-DISCONTINUITY"
fi
echo 0 > ~/stream-reset
# Current UTC date for the log
time=$(date "+%F-%H-%M-%S")
# Add ts file to IPFS
ret=$(ipfs add --pin=false "${nextfile}" 2>/dev/null > ~/tmp.txt; echo $?)
attempts=5
until [[ ${ret} -eq 0 || ${attempts} -eq 0 ]]; do
# Wait and retry
sleep 0.5
ret=$(ipfs add --pin=false "${nextfile}" 2>/dev/null > ~/tmp.txt; echo $?)
attempts=$((attempts-1))
done
if [[ ${ret} -eq 0 ]]; then
# Update the log with the future name (hash already there)
echo "$(cat ~/tmp.txt) ${time}.ts ${timecode}${reset_stream_marker}" >> ~/process-stream.log
# Remove nextfile and tmp.txt
rm -f "${nextfile}" ~/tmp.txt
# Write the m3u8 file with the new IPFS hashes from the log
totalLines="$(wc -l ~/process-stream.log | awk '{print $1}')"
sequence=0
if ((totalLines>M3U8_SIZE)); then
sequence=$((totalLines-M3U8_SIZE))
fi
{
echo "#EXTM3U"
echo "#EXT-X-VERSION:3"
echo "#EXT-X-TARGETDURATION:${HLS_TIME}"
echo "#EXT-X-MEDIA-SEQUENCE:${sequence}"
} > current.m3u8
tail -n ${M3U8_SIZE} ~/process-stream.log | awk '{print $6"#EXTINF:"$5",\n'${IPFS_GATEWAY}'/ipfs/"$2}' | sed 's/#EXT-X-DISCONTINUITY#/#EXT-X-DISCONTINUITY\n#/g' >> current.m3u8
# Add m3u8 file to IPFS and IPNS publish
m3u8hash=$(ipfs add current.m3u8 | awk '{print $2}')
ipfs name publish --timeout=5s "${m3u8hash}" &
# Copy files to web server
cp current.m3u8 /var/www/html/live.m3u8
cp ~/process-stream.log /var/www/html/live.log
fi
else
sleep 5
fi
done

18
.install/ipfs-pi-stream/uninstall
View File

@ -1,18 +0,0 @@
#!/usr/bin/env bash
set -e
BASE_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
sudo systemctl stop process-stream
sudo systemctl disable process-stream
sudo rm -f /usr/bin/process-stream.sh
sudo rm -f /etc/systemd/system/process-stream.service
sudo systemctl daemon-reload
# Remove ffmpeg and supporting tools
sudo apt-get -y remove ffmpeg lsof inotify-tools
# Revert permissions
sudo chmod 755 /var/www/html
sed -i "/ipfs repo gc/d" | sudo tee --append /etc/crontab

69
.install/ipfs.sh
View File

@ -1,69 +0,0 @@
#!/bin/bash
ipfs() {
# Install IPFS
MY_PATH="`dirname \"$0\"`" # relative
MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized
## Config
templates="$MY_PATH/.install/templates/ipfs"
if [ "$EUID" -eq 0 ]
then echo -e "${c_red}DO NOT EXECUTE AS root. Choose a user for your Astroport Station (we like pi)$c_"
exit 1
else echo -e "${c_yellow}OK $USER, let's go!$c_";
fi
[[ -d ~/.ipfs ]] && echo "IPFS install exist, please remove backup before execute this script" && exit 1
echo -e "${c_yellow}Onboarding IPFS...$c_"
[[ -f /usr/local/bin/ipfs ]] && sudo service ipfs stop
if [[ $ARM == "yes" ]]; then
wget https://dist.ipfs.io/ipfs-update/v1.5.2/ipfs-update_v1.5.2_linux-arm.tar.gz -O $MY_PATH/ipfs-update.tar.gz || err+="Download ipfs-update"
else
wget https://dist.ipfs.io/ipfs-update/v1.5.2/ipfs-update_v1.5.2_linux-amd64.tar.gz -O $MY_PATH/ipfs-update.tar.gz || err+="Download ipfs-update"
fi
echo "INSTALL ipfs-update"
sudo tar -xvzf $MY_PATH/ipfs-update.tar.gz -C /usr/src/ || err+="Untar ipfs-update"
rm $MY_PATH/ipfs-update.tar.gz
cd /usr/src/ipfs-update/
sudo ./install.sh || err+="Install ipfs-update"
cd $MY_PATH
echo "INSTALL latest ipfs"
sudo ipfs-update install latest || err+="Install IPFS"
echo "CREATE SYSTEMD ipfs SERVICE"
sudo cp -f $templates/ipfs.service /etc/systemd/system/
sudo sed -i "s/_USER/$USER/g" /etc/systemd/system/ipfs.service
sudo systemctl daemon-reload || err+="Restart IPFS"
sudo systemctl enable ipfs || err+="Enable IPFS daemon"
# INIT ipfs
ipfs init -p lowpower
# ipfs init -p server ## Uncomment for server infrastructure
# ACTIVATE CONFIG OPTIONS
# PUBSUB
ipfs config Pubsub.Router gossipsub
# MAXSTORAGE
availableDiskSize=$(df -P ~/ | awk 'NR>1{sum+=$4}END{print sum}')
diskSize="$((availableDiskSize / 2))"
ipfs config Datastore.StorageMax $diskSize
## PORT FORWARD (SSH)
ipfs config --json Experimental.Libp2pStreamMounting true
######### UPDATE BOOTSTRAP LIST ###########
ipfs bootstrap rm --all
sudo systemctl restart ipfs || err+="Restart IPFS daemon"
exit 0
}
$@

264
.install/loveland.sh
View File

@ -1,264 +0,0 @@
#!/bin/bash
########################################################################
# Author: Fred (support@qo-op.com)
# Version: 0.3
# License: AGPL-3.0 (https://choosealicense.com/licenses/agpl-3.0/)
########################################################################
{
MY_PATH="`dirname \"$0\"`" # relative
MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized
ME="${0##*/}"
########################################################################
YOU=$(ps auxf --sort=+utime | grep -w ipfs | grep -v -E 'color=auto|grep' | tail -n 1 | cut -d " " -f 1) || er+=" ipfs daemon not running"
IPFSNODEID=$(ipfs id -f='<id>\n') || er+=" ipfs id problem"
WHOAMI=$(sbotc whoami | jq -r .id) || er+=" sbotc whoami problem"
[[ "$YOU" == "" || "$IPFSNODEID" == "" || "$WHOAMI" == "" ]] && echo "ERROR : $er " && exit 1
########################################################################
#### DO NOT RUN AS ROOT
[[ $USER == "root" ]] && echo "DO NOT RUN AS root!! Use regular USER with sudo AUTHORISATION" && exit 1
#### APACHE NOT SUPPORTED
is_apache_running=$(ps auxf --sort=+utime | grep -w apache | grep -v -E 'color=auto|grep' | tail -n 1 | cut -d " " -f 1);
[[ $is_apache_running ]] && echo "SORRY ONLY nginx is supported. EXIT" && exit 1
#### ARM / X64 NOT USED THERE
MACHINE_TYPE=`uname -m`
[ ${MACHINE_TYPE:0:3} == 'arm' ] && isARM="YES"
### UPDATE apt cache
sudo apt-get update
### Adding YOU to www-data group
sudo adduser $YOU www-data
##################################
## INSTALL RAINBOW ASCII ;)
[[ ! $(which figlet) ]] && sudo apt install figlet -y
[[ ! $(which lolcat) ]] && sudo apt install lolcat -y
echo '
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
______ __ ____ ___
/ ____/___ ____ __ __/ / ____ _/ __ \____ _____/ (_)___
/ / / __ \/ __ \/ / / / / / __ `/ /_/ / __ `/ __ / / __ \
/ /___/ /_/ / /_/ / /_/ / /___/ /_/ / _, _/ /_/ / /_/ / / /_/ /
\____/\____/ .___/\__, /_____/\__,_/_/ |_|\__,_/\__,_/_/\____/
/_/ /____/
Multimedia Layer (https://www.copylaradio.com)
' | lolcat
## MULTIMEDIA
## VIDEO & AUDIO & PLAYLISTS ~/.zen/ DIR
mkdir -p ~/.zen/video
mkdir -p ~/.zen/audio
mkdir -p ~/.zen/playlists
######## YOUTUBE-DL ##########
if [[ ! $(which youtube-dl) ]]; then
sudo wget https://yt-dl.org/downloads/latest/youtube-dl -O /usr/local/bin/youtube-dl || err=1
sudo chmod a+rx /usr/local/bin/youtube-dl
sudo chown $YOU /usr/local/bin/youtube-dl
fi
###############################
# MPD/MPC RompR AUDIO LAYER
###############################
if [[ ! $(which mpd) ]]; then
sudo apt-get install libid3-tools mpd mpc lame ffmpeg lsof lltag inotify-tools bc -y || err=1
sudo apt-get install lame sox libsox-fmt-mp3 eyed3 python-chardet imagemagick curl -y || err=1 #libav-tools unavailable on some system
sudo apt-get install ca-certificates git-core binutils rsync alsa-utils bc espeak mpg321 fuse atomicparsley -y || err=1
## CONFIG MPD
sudo cp -f /home/$YOU/.zen/astrXbian/.install/templates/copylaradio/mpd.conf /etc/mpd.conf
sudo sed -i "s/_USER_/$YOU/g" /etc/mpd.conf || err=1
mkdir ~/.config/mpd && sudo cp -f /etc/mpd.conf ~/.config/mpd/mpd.conf && sudo chown $YOU ~/.config/mpd/mpd.conf
## CHOWN mpd FILES STRUCTURE
sudo chown -R $YOU /var/lib/mpd/ /var/run/mpd /run/mpd /var/log/mpd
sudo service mpd restart || err=1
fi
### INSTALL NGINX
echo '++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
_
____ ____ _(_)___ _ __
/ __ \/ __ `/ / __ \| |/_/
/ / / / /_/ / / / / /> <
/_/ /_/\__, /_/_/ /_/_/|_|
/____/
install
' | lolcat
sudo apt-get install fail2ban nginx ssl-cert php-curl php-sqlite3 php-gd php-json php-xml php-mbstring php-fpm sqlite -y || err=1
[[ ! $(which nslookup) ]] && sudo apt-get install lolcat dnsutils -y
echo '++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
__ ___ _ ___
/ |/ /_ __ ____ ____ _____ ___ ___ (_)___/__ \
/ /|_/ / / / / / __ \/ __ `/ __ `__ \/ _ \ / / ___// _/
/ / / / /_/ / / / / / /_/ / / / / / / __/ / (__ )/_/
/_/ /_/\__, / /_/ /_/\__,_/_/ /_/ /_/\___/ /_/____/(_)
/____/
' | lolcat
myIP=$(hostname -I | awk '{print $1}' | head -n 1)
isLAN=$(echo $myIP | grep -E "/(^127\.)|(^192\.168\.)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^::1$)|(^[fF][cCdD])/")
# Ask to the router its name (BOX DNS or system defined)
[[ -f /home/$YOU/.zen/astrXbian/zen/tools/nodename ]] && NODENAME=$(/home/$YOU/.zen/astrXbian/zen/tools/nodename) \
|| NODENAME=$(curl -s https://git.p2p.legal/axiom-team/astroport/raw/master/zen/tools/nodename | bash) ## RUNNING ALONE !!
echo $NODENAME
######################################
### LAUNCHIN OASIS = SSB HTTP interface
######################################
echo '
_
____ ____ ______(_)____
/ __ \/ __ `/ ___/ / ___/
/ /_/ / /_/ (__ ) (__ )
\____/\__,_/____/_/____/
SSB DEMO HTTP interface
' | lolcat
# IN CASE, KILL RUNNING OASIS
isOASIS=$(ps auxf --sort=+utime | grep -w oasis | grep -v -E 'color=auto|grep' | tail -n 1 | awk '{print $2}')
[[ $isOASIS ]] && sudo kill -9 $isOASIS
echo "Starting OASIS with good $NODENAME & network config"
echo "TODO: add to your /etc/rc.local or systemd or initV !!!"
#if [[ ! $isLAN ]]; then
# ### TODO: unlock oasis restrictions!! CANNOT MAKE PRIVATE MESSAGE => Feddless.social CAN add it as module on loveland portal!!)
# oasis --allow-host $NODENAME --host $NODENAME --public 2>&1>/dev/null &
# echo "--public = OASIS STATION IS IN VIEWING MODE ONLY..."
#else
# oasis --allow-host $NODENAME --host $NODENAME 2>&1>/dev/null &
#fi
#sleep 5
echo '
__ ____ _ __________ __
/ / / __ \ | / / ____/ / ____ _____ ____/ /
/ / / / / / | / / __/ / / / __ `/ __ \/ __ /
/ /___/ /_/ /| |/ / /___/ /___/ /_/ / / / / /_/ /
/_____/\____/ |___/_____/_____/\__,_/_/ /_/\__,_/
Portal
' | lolcat
###
echo "INSTALL LOVELand WebSite. Linking to /var/www ..."
if [[ ! -L /var/www/loveland ]]; then
sudo ln -s /home/$YOU/.zen/astrXbian/www/LOVELand /var/www/loveland
fi
echo "JUKEBOX init"
[[ -d /var/www/loveland/jukebox/albumart ]] && sudo chmod -R 777 /var/www/loveland/jukebox/albumart
[[ -d /var/www/loveland/jukebox/prefs ]] && sudo chmod -R 777 /var/www/loveland/jukebox/prefs
[[ -d /var/www/loveland/g1barre/img/qrcodes ]] && sudo chmod -R 777 /var/www/loveland/g1barre/img/qrcodes
# CONFIG NGINX - LOVE LAND FRONTAL WEB PAGE
echo "$NODENAME" | figlet -f slant | lolcat
## Write NODENAME to IPFS
echo "$NODENAME" > /home/$YOU/.zen/ipfs/.$IPFSNODEID/G1SSB/_nodename
PHPVERSION=$(ps auxf | grep php-fpm | grep -v -E 'color=auto|grep' | head -n 1 | grep -oP '(?<=\().*(?=\))' | awk -F '/' '{print $4}')
### ASTROPORT STATION LOVELAND PORTAL
sudo sed "s/_PHPVERSION_/$PHPVERSION/g" /home/$YOU/.zen/astrXbian/www/loveland.conf > /tmp/loveland.conf
sudo sed -i "s/_MY_NODE_NAME_/$NODENAME/g" /tmp/loveland.conf
sudo sed -i "s/_PORT_/10010/g" /tmp/loveland.conf
sudo sed -i "s/_APPLI_//g" /tmp/loveland.conf
sudo cp -f /tmp/loveland.conf /etc/nginx/conf.d/loveland.conf
### GCHANGE G1 Zen
sudo rm -f /etc/nginx/conf.d/gchange.conf
sudo sed "s/_PHPVERSION_/$PHPVERSION/g" /home/$YOU/.zen/astrXbian/www/loveland.conf > /tmp/gchange.conf
sudo sed -i "s/_MY_NODE_NAME_/$NODENAME/g" /tmp/gchange.conf
sudo sed -i "s/_PORT_/10020/g" /tmp/gchange.conf
sudo sed -i "s/_APPLI_/gchange/g" /tmp/gchange.conf
sudo cp -f /tmp/gchange.conf /etc/nginx/conf.d/gchange.conf
### CESIUM G1 Zen
sudo sed "s/_PHPVERSION_/$PHPVERSION/g" /home/$YOU/.zen/astrXbian/www/loveland.conf > /tmp/cesium.conf
sudo sed -i "s/_MY_NODE_NAME_/$NODENAME/g" /tmp/cesium.conf
sudo sed -i "s/_PORT_/10030/g" /tmp/cesium.conf
sudo sed -i "s/_APPLI_/cesium/g" /tmp/cesium.conf
sudo cp -f /tmp/cesium.conf /etc/nginx/conf.d/cesium.conf
### JUKEBOX RompR CopyLaRadio
if [[ $(which mpd) ]]; then
sudo sed "s/_PHPVERSION_/$PHPVERSION/g" /home/$YOU/.zen/astrXbian/www/loveland.conf > /tmp/jukebox.conf
sudo sed -i "s/_MY_NODE_NAME_/$NODENAME/g" /tmp/jukebox.conf
sudo sed -i "s/_PORT_/10011/g" /tmp/jukebox.conf
sudo sed -i "s/_APPLI_/jukebox/g" /tmp/jukebox.conf
sudo cp -f /tmp/jukebox.conf /etc/nginx/conf.d/jukebox.conf
fi
### SSB OASIS Zen (PROXY MODE 10040 -> 3000)
if [[ $(which oasis) ]]; then
sudo sed "s/_MY_NODE_NAME_/$NODENAME/g" /home/$YOU/.zen/astrXbian/www/oasis.conf > /tmp/oasis.conf
sudo sed -i "s/_PORT_/10040/g" /tmp/oasis.conf
sudo sed -i "s/_LHOST_/$NODENAME:3000/g" /tmp/oasis.conf
sudo sed -i "s/_APPLI_//g" /tmp/oasis.conf
sudo cp -f /tmp/oasis.conf /etc/nginx/conf.d/oasis.conf
# TRICK: COULD BE USED TO ADD .htpasswod ACCESS CONTROL AND REMOVE --public
# TODO use "ipfs p2p" to AGREGATE ALL OASIS on ONE (not ALL like G1SMS) ?
# NEED G1PUB to be identified with same MEMBER owner in 'zen/ipfs_OPEN_ports.sh'?
fi
### G1SMS propagation to localhost:10099 / 10097 ("ipfs p2p" forwarded)
if [[ $(which gammu) ]]; then
# DIRECT MODE
sudo sed "s/_PHPVERSION_/$PHPVERSION/g" /home/$YOU/.zen/astrXbian/www/loveland.conf > /tmp/g1sms.conf
sudo sed -i "s/_MY_NODE_NAME_/$NODENAME/g" /tmp/g1sms.conf
sudo sed -i "s/_PORT_/10099/g" /tmp/g1sms.conf
sudo sed -i "s/_APPLI_/g1sms/g" /tmp/g1sms.conf
sudo cp -f /tmp/g1sms.conf /etc/nginx/conf.d/g1sms.conf
else
# PROXY MODE (10099 -> 10097) ### ipfs p2p PROPAGATION WITH 'zen/ipfs_OPEN_ports.sh'
sudo sed "s/_MY_NODE_NAME_/$NODENAME/g" /home/$YOU/.zen/astrXbian/www/oasis.conf > /tmp/g1sms_proxy.conf
sudo sed -i "s/_PORT_/10099/g" /tmp/g1sms_proxy.conf
sudo sed -i "s/_LHOST_/127\.0\.0\.1\:10097/g" /tmp/g1sms_proxy.conf
sudo sed -i "s/_APPLI_/g1sms/g" /tmp/g1sms_proxy.conf
sudo cp -f /tmp/g1sms_proxy.conf /etc/nginx/conf.d/g1sms_proxy.conf
fi
##### RESTART NGINX
sudo systemctl restart nginx || err=1
if [[ $err ]]; then
echo -e "${c_red}Installation de LOVELand bizarre??$c_"
echo "PLEASE... POST YOUR ISSUE! https://git.p2p.legal/axiom-team/astroport/issues"
exit 1
else
echo -e "${c_green}LOVE Land a été installé avec succès$c_"
echo -e "LoveLand Portal link http://$NODENAME:10010 (TRY ME)
Add ScuttleButt Astroport PUB Invitation:
${c_green}With Patchwork: "Join a server"$c_
Or with Oasis: http://$NODENAME:3000/settings (dev mode, still buggy)
${c_light}oasis.astroport.com:8008::@UeiA9iqZ0/XTjmYBht230KGr44bsr+Tl5BXSUDFv8vo=.ed25519~jd9Z4y/d/xZCF7bfuSgQSiSGLMeWFhwMosKUFhFxeEY=" $c_
fi
# Open LOVEland in browser
URL="http://$NODENAME"
path=$(which xdg-open || which gnome-open)
xo ()
{
for var in "$@"; do
$path "$var";
sleep 0.5
done
}
[[ -n $path ]] && xo $URL:10010 $URL:10020 $URL:10030 > /dev/null
} # for script being completely downloaded before run

35
.install/nextcloud/README.md
View File

@ -1,35 +0,0 @@
# Automatic install of Nextcloud on Debian 8/9/10
## Use
Set good variables for your use case at the beginning of install.sh:
```
nc_domain="" # Votre nom de domaine pour votre nextcloud. Si vide il prendra le premier argument que vous passerez, sinon le hostname de votre machine
nc_port=80 # Numéro de port d'écoute de nginx
admin_user="admin" # Le pseudo du compte admin
admin_pass="admin" # Le mot de passe que vous désirez pour le compte admin
db_pass="" # Le mot de passe que vous désirez pour MariaDB. Si vide, un mot de passe aléatoire sécurisé sera choisi
isSSL=false # true si nextcloud et nginx doivent être configuré en https
configMaria=auto # Mettez manual ou auto, attention auto est expérimental et vraiment pas recommendé
p2env=false # true si vous êtes dans un environnement p2p.legal
```
Then:
```
chmod u+x install.sh
./install.sh
```
You can change the ssl state of your instance after the installation if you need.
Just execute ssl.sh:
`./ssl.sh`
If you prefere, you can download this script directly via:
```
wget https://dev-nextcloud.p2p.legal/installeur/install-nextcloud.tar.gz
tar -zxvf install-nextcloud.tar.gz
./install.sh 2>&1 | tee loginstall.log
```

186
.install/nextcloud/install.sh
View File

@ -1,186 +0,0 @@
#!/bin/bash
################################################################################
# Author: poka (poka@p2p.legal)
# Version: 0.1
# License: AGPL-3.0 (https://choosealicense.com/licenses/agpl-3.0/)
################################################################################
### Variables ###
nc_domain="" # Votre nom de domaine pour votre nextcloud. Si vide il prendra le premier argument que vous passerez, sinon le hostname de votre machine
nc_port=10050 # Numéro de port d'écoute de nginx
YOU=$(ps auxf --sort=+utime | grep -w ipfs | grep -v -E 'color=auto|grep' | tail -n 1 | cut -d " " -f 1)
admin_user="$YOU" # Le pseudo du compte admin
admin_pass="0penS0urce!" # Le mot de passe que vous désirez pour le compte admin
db_pass="" # Le mot de passe que vous désirez pour MariaDB. Si vide, un mot de passe aléatoire sécurisé sera choisi
data_dir="/home/$YOU/.zen/nextcloud" # Le répertoir data de nextcloud, toutes les données utilisateurs s'y trouvent
isSSL=false # true si nextcloud et nginx doivent être configuré en https
configMaria=auto # Mettez manual ou auto, attention auto est expérimental et vraiment pas recommendé
p2env=false # true si vous êtes dans un environnement p2p.legal
#################
if [ "$EUID" -ne 0 ]
then echo -e "${c_red}Veuillez executez ce script en root$c_"
exit 1
fi
## Atroport config
echo -e "${c_yellow}Getting local hostname...$c_"
nc_domain=$(/home/$YOU/.zen/astrXbian/zen/tools/nodename)
templates="/home/$YOU/.zen/astrXbian/.install/nextcloud/templates"
## Set var
[[ -z $nc_domain ]] && nc_domain=$1
[[ -z $nc_domain ]] && nc_domain=$(echo $HOSTNAME.p2p.legal)
[[ -z $db_pass ]] && db_pass="$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)" && echo "Votre mot de passe mysql nextcloud est : $db_pass" >> /root/nextcloud_mysql_pwd.txt
db_pass_root="$(cat /dev/urandom | tr -dc 'a-zA-Z0-9~!@#$%^&*_-' | fold -w 32 | head -n 1)"
if [[ p2env == "true" ]]; then
cd /nextcloud/templates/
else
[[ ! -e $templates ]] && echo -e "${c_red}Erreur: Le dossier templates n'existe pas, installation impossible.$c_" && exit 1
cd $templates
fi
## Update system packages
apt install -y lsb-release apt-transport-https ca-certificates
apt update -y
apt install nginx mariadb-server apt-transport-https curl gnupg2 git lsb-release ssl-cert ca-certificates apt-transport-https tree locate software-properties-common dirmngr screen htop net-tools zip unzip curl ffmpeg ghostscript libfile-fcntllock-perl -y
systemctl start nginx || (echo -e "${c_red}Erreur quelque part ...$c_" && exit 1)
systemctl start mariadb || (echo -e "${c_red}Erreur quelque part ...$c_" && exit 1)
systemctl enable mariadb || (echo -e "${c_red}Erreur quelque part ...$c_" && exit 1)
systemctl enable nginx || (echo -e "${c_red}Erreur quelque part ...$c_" && exit 1)
echo -e "${c_yellow} === Installing php ... ===$c_"
apt install php php-fpm php-xml php-curl php-gd php php-cgi php-cli php-zip php-mysql php-mbstring php-intl php-json php-bz2 php-ldap php-apcu imagemagick php-imagick php-smbclient -y
export PHPVERSION=$(ps auxf | grep php-fpm | grep -v -E 'color=auto|grep' | head -n 1 | grep -oP '(?<=\().*(?=\))' | awk -F '/' '{print $4}')
echo -e "${c_yellow} === Configuring php ... ===$c_"
[[ ! -e /etc/php/$PHPVERSION/cli/php.ini.bak ]] && (bash configure_php.sh || (echo -e "${c_red}Erreur quelque part ...$c_" && exit 1)) || echo "PHP déjà configuré, skip"
echo -e "${c_yellow} === Configure MariaDB ===$c_"
configMariaManual() {
mysql_secure_installation || (echo -e "${c_red}Erreur quelque part ...$c_" && exit 1)
}
configMariaAuto() {
mysql -e "UPDATE mysql.user SET Password = PASSWORD('$db_pass_root') WHERE User = 'root'"
isLocalhostUsers=$(mysql -e "select user from mysql.user;" | grep "localhost")
isTestDB=$(mysql -e "show databases" | grep "test")
[[ -n $isLocalhostUsers ]] && mysql -e "DROP USER ''@'localhost'; DROP USER ''@'$(hostname)'"
[[ -n $isTestDB ]] && mysql -e "DROP DATABASE test"
mysql -e "FLUSH PRIVILEGES"
}
[[ $configMaria == "auto" ]] && configMariaAuto || configMariaManual
[[ ! -e /etc/mysql/my.cnf.bak ]] && (mv /etc/mysql/my.cnf /etc/mysql/my.cnf.bak && cp my.cnf /etc/mysql/ && service mysql restart) || echo "MariaDB déjà configuré, skip"
echo -e "${c_yellow} === Create and configure database... ===$c_"
isDBCreate=$(mysql -e "show databases" | grep "nextcloud")
[[ -z $isDBCreate ]] && mysql -e "CREATE DATABASE nextcloud;CREATE USER 'nextcloud'@'localhost' IDENTIFIED BY \"$db_pass\";GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextcloud'@'localhost';FLUSH PRIVILEGES;ALTER DATABASE nextcloud CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci;" || echo "La base de donnée de nextcloud est déjà créé, skip"
echo -e "${c_yellow} === Installing and configure Redis... ===$c_"
apt install redis-server php-redis -y
[[ ! -e /etc/redis/redis.conf.bak ]] && cp /etc/redis/redis.conf /etc/redis/redis.conf.bak || echo "Redis est déjà configuré, skip"
sed -i "s/port 6379/port 0/" /etc/redis/redis.conf
sed -i "s/redis.sock/redis-server.sock/" /etc/redis/redis.conf
sed -i s/\#\ unixsocket/\unixsocket/g /etc/redis/redis.conf
sed -i "s/unixsocketperm 700/unixsocketperm 770/" /etc/redis/redis.conf
sed -i "s/# maxclients 10000/maxclients 512/" /etc/redis/redis.conf
usermod -a -G redis www-data || (echo -e "${c_red}Erreur quelque part ...$c_" && exit 1)
[[ ! -e /etc/sysctl.conf.bak ]] && cp /etc/sysctl.conf /etc/sysctl.conf.bak || echo "sysctl est déjà configuré, skip"
sed -i '$avm.overcommit_memory = 1' /etc/sysctl.conf
service redis-server restart || (echo -e "${c_red}Erreur quelque part ...$c_" && exit 1)
echo -e "${c_yellow} === Installing NextCloud... ===$c_"
if [[ ! -e /var/www/nextcloud ]]; then
mkdir /var/www/nextcloud
chown www-data:www-data /var/www/nextcloud
chmod 750 /var/www/nextcloud || (echo -e "${c_red}Erreur quelque part ...$c_" && exit 1)
wget https://download.nextcloud.com/server/releases/latest.tar.bz2
tar -xjf latest.tar.bz2 -C /var/www && chown -R www-data:www-data /var/www/ && rm -f latest.tar.bz2
fi
if [[ ! -e $data_dir ]]; then
mkdir -p $data_dir
chown www-data:www-data $data_dir
chmod 750 $data_dir || (echo -e "${c_red}Erreur quelque part ...$c_" && exit 1)
fi
## Add local IP as secondary trust domain
# Prefere occ methode ...
# sed -i "/0 => '$nc_domain'.*/a \ 1 => '$ip_local:$nc_port'," /var/www/nextcloud/config/config.php
ip_local=$(/sbin/ifconfig | sed -En 's/127.0.0.1//;s/.*inet (addr:)?(([0-9]*\.){3}[0-9]*).*/\2/p')
[[ $nc_port == 80 ]] && nc_port_loc="" || nc_port_loc=":$nc_port"
[[ -e /var/www/nextcloud/config/config.php ]] && isNCConfig=$(cat /var/www/nextcloud/config/config.php | grep "'installed' => true")
[[ -z "$isNCConfig" ]] && sudo -u www-data php /var/www/nextcloud/occ maintenance:install --database "mysql" --database-name "nextcloud" --database-user "nextcloud" --database-pass "$db_pass" --admin-user "$admin_user" --admin-pass "$admin_pass" --data-dir "$data_dir"
sleep 0.2
sudo -u www-data php /var/www/nextcloud/occ config:system:set mysql.utf8mb4 --type boolean --value="true"
sudo -u www-data php /var/www/nextcloud/occ config:system:set trusted_domains 0 --value=$nc_domain
sudo -u www-data php /var/www/nextcloud/occ config:system:set trusted_domains 1 --value=$ip_local$nc_port_loc
sudo -u www-data php /var/www/nextcloud/occ config:system:set overwrite.cli.url --value=$nc_domain
isNCConfigAdd=$(cat /var/www/nextcloud/config/config.php | grep "activity_expire_days")
if [[ -z "$isNCConfigAdd" ]]; then
sudo -u www-data sed -i 's/^[ ]*//' /var/www/nextcloud/config/config.php
sudo -u www-data sed -i '/);/d' /var/www/nextcloud/config/config.php
cat config_complete.php >> /var/www/nextcloud/config/config.php
fi
sudo -u www-data sed -i "s/output_buffering=.*/output_buffering=0/" /var/www/nextcloud/.user.ini
sudo -u www-data php /var/www/nextcloud/occ app:disable survey_client
sudo -u www-data php /var/www/nextcloud/occ app:disable firstrunwizard
sudo -u www-data php /var/www/nextcloud/occ app:enable admin_audit
sudo -u www-data php /var/www/nextcloud/occ app:enable files_pdfviewer
echo -e "${c_yellow} === Configure nginx ... ===$c_"
cp nextcloud.conf /etc/nginx/conf.d/
cp *optimization.conf /etc/nginx/
sed -i "s/NC_DOMAIN/$nc_domain/" /etc/nginx/conf.d/nextcloud.conf
sed -i "s/NC_PORT/$nc_port/" /etc/nginx/conf.d/nextcloud.conf
sed -i "s/_PHPVERSION/$PHPVERSION/" /etc/nginx/conf.d/nextcloud.conf
sed -i "s/80 default_server;/81 default_server;/" /etc/nginx/sites-enabled/default
chmod u+x ../ssl.sh
if [[ $isSSL == "false" ]]; then
../ssl.sh nonssl
else
../ssl.sh certif
../ssl.sh ssl
fi
echo -e "${c_yellow} === Mise en place des scripts et crons ... ===$c_"
[[ ! -e /opt/scripts ]] && mkdir /opt/scripts
cp nc_optimize.sh /opt/scripts/
cp upgrade.sh /opt/scripts/
cp occ /opt/scripts/
echo "alias occ='/opt/scripts/occ'" >> ~/.bashrc
alias occ='/opt/scripts/occ'
[[ -z $(crontab -l | grep "/var/www/nextcloud/cron.php") ]] && (crontab -l ; echo "*/5 * * * * sudo -u www-data /usr/bin/php -f /var/www/nextcloud/cron.php > /dev/null 2>&1") | crontab -u root - || echo "cron nextcloud ever set, skip"
[[ -z $(crontab -l | grep "/opt/scripts/optimize.sh") ]] && (crontab -l ; echo "5 1 * * * /opt/scripts/optimize.sh > /dev/null 2>&1") | crontab -u root - || echo "cron optimize ever set, skip"
sudo -u www-data php /var/www/nextcloud/occ background:cron
sudo -u www-data php /var/www/nextcloud/occ db:add-missing-indices
sudo -u www-data php /var/www/nextcloud/occ db:convert-filecache-bigint
echo -e "${c_yellow} === Restarting services ... ===$c_"
service php$PHPVERSION-fpm restart && service nginx restart && service mysql restart && service redis-server restart || (echo -e "${c_red}Impossible de reloader les service$c_" && exit 1)
bash /opt/scripts/nc_optimize.sh
usermod -aG www-data $YOU
echo -e "${c_green}Nextcloud a été installé avec succès !\nOuverture...$c_"
URL="http://$nc_domain:$nc_port"
[[ -x $BROWSER ]] && su -c "exec \"$BROWSER\" \"$URL\"" $YOU > /dev/null
path=$(which xdg-open || which gnome-open) && su -c "exec \"$path\" \"$URL\"" $YOU > /dev/null
echo -e "${c_yellow}Can't find browser$c_"

69
.install/nextcloud/ssl.sh
View File

@ -1,69 +0,0 @@
#!/bin/bash
if [ "$EUID" -ne 0 ]
then echo "Veuillez executez ce script en root"
exit 1
fi
domain=$(cat /etc/nginx/conf.d/nextcloud.conf | grep server_name | awk '{ print $2 }')
domain=$(echo ${domain::-1})
[[ ! $1 =~ ^(ssl|nonssl|certif)$ ]] && echo "Veuillez choisir ssl, nonssl ou certif pour créer un certificat ssl" && exit 1
ssl(){
sed -i "s/'overwriteprotocol' => 'http'/'overwriteprotocol' => 'https'/" /var/www/nextcloud/config/config.php
sed -i "s/http/https/" /etc/nginx/conf.d/nextcloud.conf
sed -i "s/fastcgi_param HTTPS off/fastcgi_param HTTPS on/" /etc/nginx/conf.d/nextcloud.conf
sed -i "s/listen 443;/listen 443 ssl;/" /etc/nginx/conf.d/nextcloud.conf
[[ ! -e /etc/nginx/includes ]] && mkdir /etc/nginx/includes
cp .install_templates/ssl.conf /etc/nginx/includes/
sed -i "/fastcgi_hide_header X-Powered-By;/a \ include includes/ssl.conf;\n ssl_certificate /etc/letsencrypt/live/$domain/fullchain.pem;\n ssl_certificate_key /etc/letsencrypt/live/$domain/privkey.pem;" /etc/nginx/conf.d/nextcloud.conf
}
nonssl(){
sed -i "s/'overwriteprotocol' => 'https'/'overwriteprotocol' => 'http'/" /var/www/nextcloud/config/config.php
sed -i "s/https/http/" /etc/nginx/conf.d/nextcloud.conf
sed -i "s/fastcgi_param HTTPS on/fastcgi_param HTTPS off/" /etc/nginx/conf.d/nextcloud.conf
sed -i '/ssl.conf;/d' /etc/nginx/conf.d/nextcloud.conf
sed -i '/ssl_certificate/d' /etc/nginx/conf.d/nextcloud.conf
}
install_certbot(){
sudo apt update
if [[ $(grep buster /etc/os-release) ]]; then
[[ -z $(cat /etc/apt/sources.list | grep "buster-backports main") ]] && echo "deb http://deb.debian.org/debian buster-backports main" >> /etc/apt/sources.list
sudo apt install certbot python-certbot-nginx -t buster-backports -y
elif [[ $(grep stretch /etc/os-release) ]]; then
sudo apt install certbot python-certbot-nginx -y
elif [[ $(grep -E '16.|17.|18.|19.' /etc/os-release) ]]; then
sudo apt install software-properties-common
sudo add-apt-repository universe
sudo add-apt-repository ppa:certbot/certbot
sudo apt update
sudo apt install certbot python-certbot-nginx
else
echo "OS non supporté pour certbot." && exit 1
fi
}
create_certificate() {
cd .install_templates
certbot --nginx certonly --non-interactive --agree-tos -m $USER@$domain -d $domain && echo "Le certificat de $domain a bien été déployé" || echo "Une erreur s'est produite lors de la création du certificat SSL"
## Cronification
[[ ! -e /opt/scripts ]] && mkdir /opt/scripts
cp ssl_renew.sh /opt/scripts/
[[ -z $(crontab -l | grep "/opt/scripts/ssl_renew.sh") ]] && (crontab -l ; echo "12 2 * * 1 /opt/scripts/ssl_renew.sh") | crontab -u root -
}
certif() {
[[ -z $(which certbot) ]] && install_certbot
[[ -n /etc/letsencrypt/live/$domain/fullchain.pem ]] && create_certificate
}
$@
service nginx reload
exit 0

52
.install/nextcloud/templates/config_complete.php
View File

@ -1,52 +0,0 @@
'activity_expire_days' => 14,
'auth.bruteforce.protection.enabled' => true,
'blacklisted_files' =>
array (
0 => '.htaccess',
1 => 'Thumbs.db',
2 => 'thumbs.db',
),
'cron_log' => true,
'enable_previews' => true,
'enabledPreviewProviders' =>
array (
0 => 'OC\\Preview\\PNG',
1 => 'OC\\Preview\\JPEG',
2 => 'OC\\Preview\\GIF',
3 => 'OC\\Preview\\BMP',
4 => 'OC\\Preview\\XBitmap',
5 => 'OC\\Preview\\Movie',
6 => 'OC\\Preview\\PDF',
7 => 'OC\\Preview\\MP3',
8 => 'OC\\Preview\\TXT',
9 => 'OC\\Preview\\MarkDown',
),
'filesystem_check_changes' => 0,
'filelocking.enabled' => 'true',
'htaccess.RewriteBase' => '/',
'integrity.check.disabled' => false,
'knowledgebaseenabled' => false,
'logfile' => '/var/log/nextcloud.log',
'loglevel' => 2,
'logtimezone' => 'Europe/Paris',
'log_rotate_size' => 104857600,
'maintenance' => false,
'memcache.local' => '\\OC\\Memcache\\APCu',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'overwriteprotocol' => 'https',
'preview_max_x' => 1024,
'preview_max_y' => 768,
'preview_max_scale_factor' => 1,
'redis' =>
array (
'host' => '/var/run/redis/redis-server.sock',
'port' => 0,
'timeout' => 0.0,
),
'quota_include_external_storage' => false,
'share_folder' => '/Shares',
'skeletondirectory' => '',
'theme' => '',
'trashbin_retention_obligation' => 'auto, 7',
'updater.release.channel' => 'stable',
);

50
.install/nextcloud/templates/configure_php.sh
View File

@ -1,50 +0,0 @@
cp /etc/php/$PHPVERSION/fpm/pool.d/www.conf /etc/php/$PHPVERSION/fpm/pool.d/www.conf.bak
cp /etc/php/$PHPVERSION/cli/php.ini /etc/php/$PHPVERSION/cli/php.ini.bak
cp /etc/php/$PHPVERSION/fpm/php.ini /etc/php/$PHPVERSION/fpm/php.ini.bak
cp /etc/php/$PHPVERSION/fpm/php-fpm.conf /etc/php/$PHPVERSION/fpm/php-fpm.conf.bak
sed -i "s/;env\[HOSTNAME\] = /env[HOSTNAME] = /" /etc/php/$PHPVERSION/fpm/pool.d/www.conf
sed -i "s/;env\[TMP\] = /env[TMP] = /" /etc/php/$PHPVERSION/fpm/pool.d/www.conf
sed -i "s/;env\[TMPDIR\] = /env[TMPDIR] = /" /etc/php/$PHPVERSION/fpm/pool.d/www.conf
sed -i "s/;env\[TEMP\] = /env[TEMP] = /" /etc/php/$PHPVERSION/fpm/pool.d/www.conf
sed -i "s/;env\[PATH\] = /env[PATH] = /" /etc/php/$PHPVERSION/fpm/pool.d/www.conf
sed -i "s/pm.max_children = .*/pm.max_children = 240/" /etc/php/$PHPVERSION/fpm/pool.d/www.conf
sed -i "s/pm.start_servers = .*/pm.start_servers = 20/" /etc/php/$PHPVERSION/fpm/pool.d/www.conf
sed -i "s/pm.min_spare_servers = .*/pm.min_spare_servers = 10/" /etc/php/$PHPVERSION/fpm/pool.d/www.conf
sed -i "s/pm.max_spare_servers = .*/pm.max_spare_servers = 20/" /etc/php/$PHPVERSION/fpm/pool.d/www.conf
sed -i "s/;pm.max_requests = 500/pm.max_requests = 500/" /etc/php/$PHPVERSION/fpm/pool.d/www.conf
sed -i "s/output_buffering =.*/output_buffering = 'Off'/" /etc/php/$PHPVERSION/cli/php.ini
sed -i "s/max_execution_time =.*/max_execution_time = 1800/" /etc/php/$PHPVERSION/cli/php.ini
sed -i "s/max_input_time =.*/max_input_time = 3600/" /etc/php/$PHPVERSION/cli/php.ini
sed -i "s/post_max_size =.*/post_max_size = 10240M/" /etc/php/$PHPVERSION/cli/php.ini
sed -i "s/upload_max_filesize =.*/upload_max_filesize = 10240M/" /etc/php/$PHPVERSION/cli/php.ini
sed -i "s/max_file_uploads =.*/max_file_uploads = 100/" /etc/php/$PHPVERSION/cli/php.ini
sed -i "s/;date.timezone.*/date.timezone = Europe\/\Paris/" /etc/php/$PHPVERSION/cli/php.ini
## sed -i "s/;session.cookie_secure.*/session.cookie_secure = True/" /etc/php/$PHPVERSION/cli/php.ini # Bug if not using ssl
sed -i "s/memory_limit = 128M/memory_limit = 512M/" /etc/php/$PHPVERSION/fpm/php.ini
sed -i "s/output_buffering =.*/output_buffering = 'Off'/" /etc/php/$PHPVERSION/fpm/php.ini
sed -i "s/max_execution_time =.*/max_execution_time = 1800/" /etc/php/$PHPVERSION/fpm/php.ini
sed -i "s/max_input_time =.*/max_input_time = 3600/" /etc/php/$PHPVERSION/fpm/php.ini
sed -i "s/post_max_size =.*/post_max_size = 10240M/" /etc/php/$PHPVERSION/fpm/php.ini
sed -i "s/upload_max_filesize =.*/upload_max_filesize = 10240M/" /etc/php/$PHPVERSION/fpm/php.ini
sed -i "s/max_file_uploads =.*/max_file_uploads = 100/" /etc/php/$PHPVERSION/fpm/php.ini
sed -i "s/;date.timezone.*/date.timezone = Europe\/\Paris/" /etc/php/$PHPVERSION/fpm/php.ini
## sed -i "s/;session.cookie_secure.*/session.cookie_secure = True/" /etc/php/$PHPVERSION/fpm/php.ini # Bug if not using ssl
sed -i "s/;opcache.enable=.*/opcache.enable=1/" /etc/php/$PHPVERSION/fpm/php.ini
sed -i "s/;opcache.enable_cli=.*/opcache.enable_cli=1/" /etc/php/$PHPVERSION/fpm/php.ini
sed -i "s/;opcache.memory_consumption=.*/opcache.memory_consumption=128/" /etc/php/$PHPVERSION/fpm/php.ini
sed -i "s/;opcache.interned_strings_buffer=.*/opcache.interned_strings_buffer=8/" /etc/php/$PHPVERSION/fpm/php.ini
sed -i "s/;opcache.max_accelerated_files=.*/opcache.max_accelerated_files=10000/" /etc/php/$PHPVERSION/fpm/php.ini
sed -i "s/;opcache.revalidate_freq=.*/opcache.revalidate_freq=1/" /etc/php/$PHPVERSION/fpm/php.ini
sed -i "s/;opcache.save_comments=.*/opcache.save_comments=1/" /etc/php/$PHPVERSION/fpm/php.ini
sed -i "s/;emergency_restart_threshold =.*/emergency_restart_threshold = 10/" /etc/php/$PHPVERSION/fpm/php-fpm.conf
sed -i "s/;emergency_restart_interval =.*/emergency_restart_interval = 1m/" /etc/php/$PHPVERSION/fpm/php-fpm.conf
sed -i "s/;process_control_timeout =.*/process_control_timeout = 10s/" /etc/php/$PHPVERSION/fpm/php-fpm.conf
sed -i "s/09,39.*/# &/" /etc/cron.d/php
(crontab -l ; echo "09,39 * * * * /usr/lib/php/sessionclean 2>&1") | crontab -u root -
cp /etc/ImageMagick-6/policy.xml /etc/ImageMagick-6/policy.xml.bak
sed -i "s/rights\=\"none\" pattern\=\"PS\"/rights\=\"read\|write\" pattern\=\"PS\"/" /etc/ImageMagick-6/policy.xml
sed -i "s/rights\=\"none\" pattern\=\"EPI\"/rights\=\"read\|write\" pattern\=\"EPI\"/" /etc/ImageMagick-6/policy.xml
sed -i "s/rights\=\"none\" pattern\=\"PDF\"/rights\=\"read\|write\" pattern\=\"PDF\"/" /etc/ImageMagick-6/policy.xml
sed -i "s/rights\=\"none\" pattern\=\"XPS\"/rights\=\"read\|write\" pattern\=\"XPS\"/" /etc/ImageMagick-6/policy.xml
service php$PHPVERSION-fpm restart && service nginx restart

79
.install/nextcloud/templates/my.cnf
View File

@ -1,79 +0,0 @@
[client]
default-character-set = utf8mb4
port = 3306
socket = /var/run/mysqld/mysqld.sock
[mysqld_safe]
log_error=/var/log/mysql/mysql_error.log
nice = 0
socket = /var/run/mysqld/mysqld.sock
[mysqld]
basedir = /usr
bind-address = 127.0.0.1
binlog_format = ROW
bulk_insert_buffer_size = 16M
character-set-server = utf8mb4
collation-server = utf8mb4_general_ci
concurrent_insert = 2
connect_timeout = 5
datadir = /var/lib/mysql
default_storage_engine = InnoDB
expire_logs_days = 10
general_log_file = /var/log/mysql/mysql.log
general_log = 0
innodb_buffer_pool_size = 1024M
innodb_buffer_pool_instances = 1
innodb_flush_log_at_trx_commit = 2
innodb_log_buffer_size = 32M
innodb_max_dirty_pages_pct = 90
innodb_large_prefix = on
innodb_file_format = barracuda
innodb_file_per_table = 1
innodb_open_files = 400
innodb_io_capacity = 4000
innodb_flush_method = O_DIRECT
key_buffer_size = 128M
lc_messages_dir = /usr/share/mysql
lc_messages = en_US
log_bin = /var/log/mysql/mariadb-bin
log_bin_index = /var/log/mysql/mariadb-bin.index
log_error=/var/log/mysql/mysql_error.log
log_slow_verbosity = query_plan
log_warnings = 2
long_query_time = 1
max_allowed_packet = 16M
max_binlog_size = 100M
max_connections = 200
max_heap_table_size = 64M
myisam_recover_options = BACKUP
myisam_sort_buffer_size = 512M
port = 3306
pid-file = /var/run/mysqld/mysqld.pid
query_cache_limit = 2M
query_cache_size = 64M
query_cache_type = 1
query_cache_min_res_unit = 2k
read_buffer_size = 2M
read_rnd_buffer_size = 1M
skip-external-locking
skip-name-resolve
slow_query_log_file = /var/log/mysql/mariadb-slow.log
slow-query-log = 1
socket = /var/run/mysqld/mysqld.sock
sort_buffer_size = 4M
table_open_cache = 400
thread_cache_size = 128
tmp_table_size = 64M
tmpdir = /tmp
transaction_isolation = READ-COMMITTED
user = mysql
wait_timeout = 600
[mysqldump]
max_allowed_packet = 16M
quick
quote-names
[isamchk]
key_buffer = 16M

10
.install/nextcloud/templates/nc_optimize.sh
View File

@ -1,10 +0,0 @@
#!/bin/bash
redis-cli -s /var/run/redis/redis-server.sock <<EOF
FLUSHALL
quit
EOF
sudo -u www-data php /var/www/nextcloud/occ files:scan --all
sudo -u www-data php /var/www/nextcloud/occ files:scan-app-data
exit 0

149
.install/nextcloud/templates/nextcloud.conf
View File

@ -1,149 +0,0 @@
upstream php-handler {
server unix:/var/run/php/php_PHPVERSION-fpm.sock;
}
server {
listen NC_PORT;
listen 443;
listen [::]:443 ssl;
server_name NC_DOMAIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
set_real_ip_from 192.168.9.1;
set_real_ip_from 192.168.9.6;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
add_header X-Frame-Options "SAMEORIGIN";
# Path to the root of your installation
root /var/www/nextcloud/;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# The following 2 rules are only needed for the user_webfinger app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
# last;
location = /.well-known/carddav {
return 301 https://$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 https://$host/remote.php/dav;
}
# set max upload size
client_max_body_size 512M;
fastcgi_buffers 64 4K;
# Enable gzip but do not remove ETag headers
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
# Uncomment if your server is build with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;
location / {
rewrite ^ /index.php;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
try_files $fastcgi_script_name =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
# Avoid sending the security headers twice
fastcgi_param modHeadersAvailable true;
# Enable pretty urls
fastcgi_param front_controller_active true;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
try_files $uri/ =404;
index index.php;
}
# Adding the cache control header for js and css files
# Make sure it is BELOW the PHP block
location ~ \.(?:css|js|woff2?|svg|gif)$ {
try_files $uri /index.php$request_uri;
add_header Cache-Control "public, max-age=15778463";
# Add headers to serve security related headers (It is intended to
# have those duplicated to the ones above)
# Before enabling Strict-Transport-Security headers please read into
# this topic first.
# add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
# Optional: Don't log access to assets
access_log off;
}
location ~ \.(?:png|html|ttf|ico|jpg|jpeg)$ {
try_files $uri /index.php$request_uri;
# Optional: Don't log access to other assets
access_log off;
}
location ^~ /apps/rainloop/app/data {
deny all;
}
location ~ \.(?:flv|mp4|mov|m4a)$ {
# mp4;
# mp4_buffer_size 100M;
# mp4_max_buffer_size 1024M;
fastcgi_split_path_info ^(.+?.php)(\/.*|)$;
include fastcgi_params;
include php_optimization.conf;
fastcgi_pass php-handler;
fastcgi_param HTTPS on;
}
location ~ ^\/nextcloud/(?:updater|oc[ms]-provider)(?:$|\/) {
try_files $uri/ =404;
index index.php;
}
}

6
.install/nextcloud/templates/occ
View File

@ -1,6 +0,0 @@
#/bin/bash
sudo -u www-data php /var/www/nextcloud/occ $@
exit 0

17
.install/nextcloud/templates/optimization.conf
View File

@ -1,17 +0,0 @@
fastcgi_hide_header X-Powered-By;
fastcgi_read_timeout 3600;
fastcgi_send_timeout 3600;
fastcgi_connect_timeout 3600;
fastcgi_buffers 64 64K;
fastcgi_buffer_size 256k;
fastcgi_busy_buffers_size 3840K;
fastcgi_cache_key $http_cookie$request_method$host$request_uri;
fastcgi_cache_use_stale error timeout invalid_header http_500;
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
gzip_disable "MSIE [1-6]\.";

8
.install/nextcloud/templates/permissions.sh
View File

@ -1,8 +0,0 @@
#!/bin/bash
find /var/www/ -type f -print0 | xargs -0 chmod 0640
find /var/www/ -type d -print0 | xargs -0 chmod 0750
chown -R www-data:www-data /var/www/
chown -R www-data:www-data /var/nextcloud/
chmod 0644 /var/www/nextcloud/.htaccess
chmod 0644 /var/www/nextcloud/.user.ini
exit 0

9
.install/nextcloud/templates/php_optimization.conf
View File

@ -1,9 +0,0 @@
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
fastcgi_cache_valid 404 1m;
fastcgi_cache_valid any 1h;
fastcgi_cache_methods GET HEAD;

16
.install/nextcloud/templates/ssl.conf
View File

@ -1,16 +0,0 @@
ssl_session_timeout 4h;
ssl_session_cache shared:SSL:50m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-CBC-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security max-age=15768000;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=86400;
resolver_timeout 10;
ssl_session_tickets on;

26
.install/nextcloud/templates/ssl_renew.sh
View File

@ -1,26 +0,0 @@
#!/bin/bash
log="/var/log/ssl_renew.log"
date=$(date +%d-%m-%Y)
renew=$(certbot renew --pre-hook "service nginx stop" --post-hook "service nginx start")
echo "####################################################################################" >> $log
echo "#################################### $date ####################################" >> $log
echo "####################################################################################" >> $log
echo "$renew" >> $log
if [[ $renew = *"No hooks were run"* ]]; then
echo "Rien n'a été fait" >> $log
else
sleep 5
/etc/init.d/nginx stop
sleep 1
killall nginx
sleep 3
/etc/init.d/nginx restart &>> $log
echo "Des certificats ont été renouvellés" >> $log
fi
exit 0

15
.install/nextcloud/templates/upgrade.sh
View File

@ -1,15 +0,0 @@
#!/bin/bash
/usr/sbin/service nginx stop
sudo -u www-data php /var/www/nextcloud/updater/updater.phar
sudo -u www-data php /var/www/nextcloud/occ status
sudo -u www-data php /var/www/nextcloud/occ -V
sudo -u www-data php /var/www/nextcloud/occ db:add-missing-indices
sudo -u www-data php /var/www/nextcloud/occ db:convert-filecache-bigint
sudo -u www-data sed -i "s/output_buffering=.*/output_buffering=O/" /var/www/nextcloud/.user.ini
sudo -u www-data php /var/www/nextcloud/occ update:check
sudo -u www-data php /var/www/nextcloud/occ app:update --all
/usr/sbin/service php7.3-fpm restart
/usr/sbin/service nginx restart
exit 0

130
.install/scuttlebutt.sh
View File

@ -1,130 +0,0 @@
#!/bin/bash
scuttlebutt() {
echo -e "${c_yellow}Onboarding SCUTTLEBUTT...$c_"
where_is_ssb_installed=$(which ssb-server)
where_is_oasis_installed=$(which oasis)
mkdir -p ~/.zen
BASE_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
if [[ ! $where_is_ssb_installed ]]; then
# KILL the BRUTAL WAY...
kill -9 $(ps auxf --sort=+utime | grep -w ssb-server| grep -v -E 'color=auto|grep' | tail -n 1 | awk '{print $2}')
# Install dependencies
sudo apt-get install -y socat python3-dev libtool python3-setuptools autoconf automake
# Install nvm
if [[ ! $(which nvm) ]]; then
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.35.2/install.sh | bash
source ~/.bashrc
export NVM_DIR="$HOME/.nvm"
nvm install --lts
fi
cd ~/.ssb
### Install module
npm install -g sodium-native ssb-backlinks ssb-ws ssb-links ssb-query ssb-secret-blob ssb-private
npm install -g ssb-server
# TODO plugin activation !??
# sbot plugins.enable
### Install oasis & ssb-cli (could replace ssb-server?? TODO: try it)
npm -g install fraction/oasis#semver:
npm install -g fraction/ssb-daemon
# npm install -g ssb-cli
# INSTALL sbotc
if [[ ! $(which sbotc) ]]; then
sudo apt install libsodium-dev jq -y
git submodule add https://git.scuttlebot.io/%25133ulDgs%2FoC1DXjoK04vDFy6DgVBB%2FZok15YJmuhD5Q%3D.sha256 sbotc
cd sbotc
make
sudo make install
fi
fi
# TEST ssb-server Install
ssbSERVER=$(which ssb-server)
[[ $ssbSERVER == "" ]] && echo "Check your ssb-server install... Cannot find it !!" && exit 1
# If exists backup ~/.ssb to ~/.ssb_$USER SSB (one time only !)
[[ -d ~/.ssb_$USER ]] && echo "BACKUP already existing... ~/.ssb_$USER !!! Manual check please..." && exit 1
[[ -d ~/.ssb ]] && [[ ! -d ~/.ssb_$USER ]] && mv ~/.ssb ~/.ssb_$USER
# CREATE ~/.ssb_astroport
[[ ! -d ~/.ssb_astroport ]] && mkdir -p ~/.ssb_astroport && cd ~/.ssb_astroport
# if exists, keep ~/.ssb_$USER/secret*
[[ ! -f ~/.ssb_astroport/secret ]] && [[ -f ~/.ssb_$USER/secret ]] && cp -f ~/.ssb_$USER/secret* ~/.ssb_astroport/
# Symlink ~/.ssb -> ~/.ssb_astroport
[[ -L ~/.ssb ]] && rm ~/.ssb
[[ -d ~/.ssb_astroport ]] && ln -s ~/.ssb_astroport ~/.ssb
## #TODO get ~/.ssb/manifest.json from template
cp ./templates/ssb/manifest.json ~/.ssb/manifest.json
# Create config (TODO: adapt if public Pub or Local Node)
# TODO: Create unique hostname in swarm !! uidna
nodename=$(cat /etc/hostname)
extension=$(echo $nodename | cut -d '.' -f 2)
if [[ $extension == $nodename ]]; then
PUB="false"
nodename=$nodename.local
else
PUB="true"
fi
cat > ~/.ssb/config <<EOF
{
"connections": {
"incoming": {
"net": [
{ "scope": "public", "host": "0.0.0.0", "external": ["$nodename"], "transform": "shs", "port": 8008 }
],
"ws": [
{ "scope": ["public", "local", "device"], "host": "0.0.0.0", "port": 8989, "transform": "shs", "http": true }
]
},
"outgoing": {
"net": [{ "transform": "shs" }]
}
}
}
EOF
cat > ~/.zen/launch-oasis.sh <<EOF
#!/bin/bash
oasis --allow-host $nodename --host $nodename
EOF
echo "
_ __ __ _
_ _ .__|_o _ (_ (_ |_)
(_(_)| || |(_| __)__)|_)
_|
$nodename
"
echo '
__ _ _ _ _
(_ |_|_)\ /|_|_) o._ o_|_
__)|_| \ \/ |_| \ || || |_ ... SCUTTLEBUTT ... OK?
'
echo "Launching oasis"
oasis --allow-host $nodename --host $nodename &
echo " http://$nodename:3000 "
echo
echo "ADD ~/.zen/launch-oasis.sh TO YOUR '/etc/rc.local' !!! Or use patchwork. "
sleep $((1 + RANDOM % 5))
echo "LAUNCHING OASIS NODE MANAGER http://$nodename:3000"
echo "IF YOU ARE A PUB consider protect it behind password nginx redirect !!!"
echo "3 seconds before ssb_INIT.sh..."
sleep 3
$MY_PATH/zen/ssb_INIT.sh
}
$@

66
.install/silkaj-php-mysql.sh
View File

@ -1,66 +0,0 @@
#!/bin/bash
###########################################
echo "NO READY TO USE. REWRITING..." && exit 1
###########################################
MY_PATH="`dirname \"$0\"`" # relative
MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized
OS=$(head -n1 $MY_PATH/.OS)
isARM=$(cat $MY_PATH/.OS | grep YES)
unset err
# Basics
sudo apt update
echo -e "${c_yellow}Mise à jours des prérequis...$c_"
sudo apt install curl jq zip unzip htop tree ntpdate gnupg mpack imagemagick qrencode build-essential base58 bc -y
# Silkaj + Duniterpy
silkaj() {
echo -e "${c_yellow}Installation de Silkaj...$c_"
libsodium=$(sudo apt-cache search libsodium 2>/dev/null | grep -v -E "header|debug symbols" | grep "Network communication" -B1 | head -n1 | awk -F '-' '{ print $1 }')
[[ $libsodium =~ " " ]] && libsodium=$(echo $libsodium | awk '{ print $2 }')
sudo apt install libsodium-dev libssl-dev libffi-dev python3-pip python3-wheel $libsodium -y || err+="Install python3 and $libsodium"
pip3 install duniterpy || err+="Install duniterpy"
pip3 install silkaj --user || err+="Install Silkaj"
source .profile ## PATH="$HOME/.local/bin:$PATH"
}
# Install PHP + MySQL (TODO: REWRITE!!)
php() {
echo -e "${c_yellow}Installation de PHP et MySQL$c_"
if [[ $OS == "buster" ]]; then
sudo apt -y install software-properties-common nginx php php-common php-fpm php-gettext php-gd php-mysql php-curl php-imap php-mbstring php-xml php-cli mariadb-server || err+="Install PHP and MySQL"
elif [[ $OS == "stretch" ]]; then
sudo apt -y install lsb-release apt-transport-https ca-certificates || err+="Install apt-transport-https"
sudo wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg || err+="Download PHP key"
echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/php7.3.list
sudo apt update
sudo apt -y install software-properties-common dirmngr nginx php7.3 php7.3-common php7.3-gettext php7.3-fpm php7.3-gd php7.3-mysql php7.3-curl php7.3-imap php7.3-mbstring php7.3-xml php7.3-cli mariadb-server || err+="Install PHP and MySQL"
else
echo "${c_red}Votre système n'est pas pris en charge par ce script d'installation.$c_"
exit 1
fi
isLocalhostUsers=$(sudo mysql -e "select user from mysql.user;" | grep "localhost")
isTestDB=$(sudo mysql -e "show databases" | grep "test")
[[ -n $isLocalhostUsers ]] && sudo mysql -e "DROP USER ''@'localhost'; DROP USER ''@'$(hostname)'"
[[ -n $isTestDB ]] && sudo mysql -e "DROP DATABASE test"
sudo mysql -e "FLUSH PRIVILEGES"
}
# Read arguments
for i in $@; do
echo -e "${c_yellow}Installation de $c_light$i$c_"
$i
done
if [[ $err ]]; then
echo -e "${c_red}Installation des prérequis incomplète: $err$c_"
exit 1
else
echo -e "${c_green}Les prérequis ont été correctement installés$c_"
exit 0
fi

7
.install/ssb-patchfoo/config
View File

@ -1,7 +0,0 @@
{
"plugins": {
"ssb-private": true,
"ssb-backlinks": true,
"patchfoo": true
}
}

65
.install/ssb-patchfoo/install
View File

@ -1,65 +0,0 @@
#!/usr/bin/env bash
# shellcheck disable=SC1091
true
VERSION="TO-V0.5"
BASE_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
CURRENT_DIR="$(pwd)"
# Install node.js shared module
# shellcheck source=../shared/node.js/install
source "$BASE_DIR/../shared/node.js/install"
# Make folder if service did not
mkdir -p ~/.ssb/node_modules || true
# shellcheck disable=SC2164
cd ~/.ssb/node_modules
# Install dependencies
npm install --unsafe-perm asyncmemo hashlru pull-stream pull-cat multicb hyperscript pull-paramap ssb-contact ssb-sort stream-to-pull-stream emoji-server pull-paginate ssb-mentions busboy mime-types pull-identify-filetype human-time pull-hyperscript jpeg-autorotate pull-catch diff pull-split pull-utf8-decoder ssb-web-resolver highlight.js pull-box-stream base64-url ssb-backlinks ssb-private
# Install patchfoo and enable plugin
git clone https://github.com/tomeshnet/patchfoo.git patchfoo
(
# shellcheck disable=SC2164
cd patchfoo
git checkout ${VERSION}
)
# Replace ssb-server plugins.install with a static config file
# This will prevent the installation of these modules a second time
# and compiling downlevel for a 3rd time
cp "$BASE_DIR/config" ~/.ssb
#ssb-server plugins.install ssb-private
#ssb-server plugins.install ssb-backlinks
#ssb-server plugins.enable patchfoo
# Stop ssb service to process plugin
sudo systemctl stop ssb
# Disable the git-ssb and npm-ssb prerequisite
# Comment out two lines in patchwork that create a prerequisite for git-ssb and npm-ssb
# but don't seem to serve any purpose. git-ssb and and npm-ssbis not available on npm
sed -i 's#var Git#//var Git#' patchfoo/lib/app.js patchfoo/lib/app.js
sed -i 's#this.git = new Git(this.sbot, this.config)#//this.git = new Git(this.sbot, this.config)#' patchfoo/lib/app.js
sed -i 's#var SsbNpmRegistry#//var SsbNpmRegistry#' patchfoo/lib/app.js patchfoo/lib/app.js
sed -i 's#this.serveSsbNpmRegistry = SsbNpmRegistry.respond(this.sbot, this.config)#//this.serveSsbNpmRegistry = SsbNpmRegistry.respond(this.sbot, this.config)#' patchfoo/lib/app.js
# Comment out line that breaks things
sed -i "s#h('input', {type: 'file', name: 'upload'})#//h('input', {type: 'file', name: 'upload'})#" patchfoo/lib/serve.js
# Start service again to start patchfoo
sudo systemctl start ssb
# Install nginx reverse proxy file
sudo cp "$BASE_DIR/ssb-patchfoo.conf" /etc/nginx/site-path-enabled/ssb-patchfoo.conf
# Add entry into nginx home screen
APP="<div class='app'><h2>Patch Foo</h2>Plain SSB web UI. <br/><a href='/patchfoo'>Go</a></div>"
sudo sed -i "s#<\!--APPLIST-->#$APP\n<\!--APPLIST-->#" "/var/www/html/index.html"
# shellcheck disable=SC2164
cd "$CURRENT_DIR"

9
.install/ssb-patchfoo/ssb-patchfoo.conf
View File

@ -1,9 +0,0 @@
location /patchfoo {
proxy_pass http://127.0.0.1:8027/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
sub_filter "=\"/" "=\"/patchfoo/";
sub_filter_once off;
}

127
zen/miam_miam.sh
View File

@ -1,127 +0,0 @@
#!/bin/bash
########################################################################
# Author: Fred (support@qo-op.com)
# Version: 2020.04.16
# License: AGPL-3.0 (https://choosealicense.com/licenses/agpl-3.0/)
########################################################################
MY_PATH="`dirname \"$0\"`" # relative
MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized
ME="${0##*/}"
########################################################################
# \\///
# qo-op
############# '$ME' HELLO!! I am getting files from ~/.zen/miam
########################################################################
# ex: '$MY_PATH'/'$ME'
# MOVE ~/.zen/miam/* IN ZenTag AS PASSENGER
# Then find SSB same timestamp message and make a reply ;)
########################################################################
# [ASTROPORT](https://astroport.com)
########################################################################
echo '
___
|\/| | /\ |\/| |_ ._ _ ._
| | _|_ /--\ | | | | |_| | | (_| | \/
_| /
'
tstamp="$1"
# for tstamp in $(ls ~/.zen/miam/); do
[[ $tstamp == "" ]] && echo "MISSING tstamp $tstamp" && exit 1
[ ! -d ~/.zen/miam/$tstamp ] && echo "NOT FOUND ~/.zen/miam/$tstamp" && exit 1
[ -f ~/.zen/miam/$tstamp/msg_key ] && msg_key=$(cat ~/.zen/miam/$tstamp/msg_key) || echo "HEY I cannot find source SSB message in $tstamp" || exit 1
echo "$msg_key"
msg=$(sbotc get '{"id":"'"$msg_key"'"}')
[[ $msg == "" ]] && echo "No SSB message for $tstamp" && continue
msg_root=$(printf %s "$msg" | jq -r .value.content.root)
msg_branch=$(printf %s "$msg" | jq -r .value.content.branch)
# TREATING miam $tstamp FILES
echo "##############################################################"
for file in ~/.zen/miam/$tstamp/*; do
# file --mime-type "$file"
filename=$(basename -- "$file")
extension="${filename##*.}"
filena="${filename%.*}"
case "$extension" in
json)
JSON="$file"
echo "# METADATA FILE"
echo "$filename"
extractor=$(cat "$file" | jq -r '.extractor')
if [[ $extractor == "youtube" ]]; then
id=$(cat "$file" | jq -r '.id')
fulltitle=$(cat "$file" | jq -r '.fulltitle')
description=$(cat "$file" | jq -r '.description')
artist=$(cat "$file" | jq -r '.artist')
album=$(cat "$file" | jq -r '.album')
duration=$(cat "$file" | jq -r '.duration')
upload_date=$(cat "$file" | jq -r '.upload_date')
uploader_id=$(cat "$file" | jq -r '.uploader_id')
echo "YOUTUBE: $id : $fulltitle ($duration s) by $uploader_id "
else
echo "ERROR Unknown METADATA TYPE, please add some code here..." && JSON=""
fi
continue
;;
jpg)
JPG="$file"
echo "# THUMBNAIL FILE"
echo "$filename"
convert "$file" -strip -resize 640 -format jpg ~/.zen/miam/$tstamp/ssb_thumb.jpg
continue
;;
mp4)
MP4="$file"
echo "# VIDEO FILE"
echo "$filename"
continue
;;
mp3)
MP3="$file"
echo "# AUDIO FILE"
echo "$filename"
continue
;;
*)
echo "TYPE is UNKNOWN for $file" && UNKOWN="$file"
continue
;;
esac
done
# File analyse finished...
# WHAT DO WE HAVE THERE?
[[ "$JSON" == "" ]] && echo "NO METADATA !!!!" \
&& echo "BAD PASSENGER ERASING ~/.zen/miam/$tstamp" && rm -Rf ~/.zen/miam/$tstamp \
&& exit 1
[[ -f $MP3 ]] && $MY_PATH/zen_MAKE.sh "1000" "$tstamp" "$MP3" "$JSON" "10" "10"
[[ -f $MP4 ]] && $MY_PATH/zen_MAKE.sh "1000" "$tstamp" "$MP4" "$JSON" "10" "10"
# [[ -f $MP3 ]] && mv "$MP3" "~/.zen/audio/$fulltitle.mp3" # && lltag -a "$artist" -A "$album" -t "$fulltitle" "~/.zen/audio/$fulltitle.mp3"
# [[ -f $MP4 ]] && mv "$MP4" "~/.zen/video/$fulltitle.mp4"
# CLEAN A LITTLE
UNKOWN=""
MP3=""
MP4=""
JPG=""
JSON=""
[[ -d ~/.zen/miam/$tstamp && "$tstamp" != "" ]] && rm -Rf ~/.zen/miam/$tstamp && echo "# DELETE miam, it has been EATEN"
exit 0
#done

113
zen/park4night_MONITOR.sh
View File

@ -1,113 +0,0 @@
#!/bin/bash
################################################################################
# Author: Fred (support@qo-op.com)
# Version: 0.1
# License: AGPL-3.0 (https://choosealicense.com/licenses/agpl-3.0/)
################################################################################
# Extract last ads
# Thank you @kimamila for cesium & gchange
# ES backend http://www.elasticsearchtutorial.com/spatial-search-tutorial.html
MY_PATH="`dirname \"$0\"`" # relative
MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized
mkdir ~/.zen/cache/gchange -p
ipfsnodeid=$(ipfs id -f='<id>\n')
[[ ! -f ~/.ssb/secret.dunikey ]] && $MY_PATH/tools/secret2dunikey.sh
g1pub=$(cat ~/.ssb/secret.dunikey | grep 'pub:' | cut -d ' ' -f 2)
CESIUM="https://g1.data.le-sou.org"
curl -sk ${CESIUM}/user/profile/${g1pub} -o ~/.zen/cache/cesium_profile.json
LON=$(cat ~/.zen/cache/cesium_profile.json | jq '._source.geoPoint.lon')
LAT=$(cat ~/.zen/cache/cesium_profile.json | jq '._source.geoPoint.lat')
RAD="$1"
[[ ! $RAD ]] && RAD="50km"
if [[ "$LON" != "null" ]]; then
curl -sk -XPOST 'https://data.gchange.fr/market/record/_search?pretty&_source=title' -d '
{
"size": 200,
"query": {
"bool": {
"filter": [{
"geo_distance": {
"distance": "'$RAD'",
"geoPoint": {
"lat": '$LAT',
"lon": '$LON'
}
}
}]
}
}
}' > /tmp/gchange.json || exit 1
else
echo "Aucune coordonnées geoPoint pour $g1pub"
sbotc publish '{"type":"post","text":"Ajouter sa géolocalisation dans Cesium+ permet de publier les annonces autour de chez soi..."}'
exit 1
fi
TIMEBEFORE=$(date -u --date="-$DELAY" +"%s")
TIMESTAMP=$(date -u +"%s")
TOTAL=$(cat /tmp/gchange.json | jq .hits.total)
echo 'tail -f ~/.zen/cache/gchange.txt'
echo 'Annonces_Gchange' > ~/.zen/cache/gchange.txt
echo "Portefeuille_[June_:heart:](https://demo.cesium.app/#/app/wot/$g1pub/)" >> ~/.zen/cache/gchange.txt
echo "Carte_[$RAD](https://www.openstreetmap.org/#map=10/$LAT/$LON) " >> ~/.zen/cache/gchange.txt
chunk=0
fullcount=0
DUNITERNODE=$($MY_PATH/tools/duniter_getnode.sh)
DUNITERURL="https://$DUNITERNODE"
LASTDU=$(curl -s ${DUNITERURL}/blockchain/with/ud | jq '.result.blocks[]' | tail -n 1);
[[ $LASTDU != "" ]] && LASTDU=$(curl -s ${DUNITERURL}/blockchain/block/${LASTDU} | jq '.dividend')
echo "DU = $LASTDU G1"
for gID in $(cat /tmp/gchange.json | jq -r .hits.hits[]._id); do
NEW=""
[[ ! -f ~/.zen/cache/gchange/$gID.json ]] &&
NEW="true" \
&& curl -s --create-dirs -o ~/.zen/cache/gchange/$gID.json -s https://data.gchange.fr/market/record/$gID?_source=category,title,description,issuer,time,creationTime,location,address,city,price,unit,currency,thumbnail._content_type,thumbnail._content,picturesCount,type,stock,fees,feesCurrency,geoPoint \
&& sleep $((1 + RANDOM % 3))
type=$(cat ~/.zen/cache/gchange/$gID.json | jq -r ._source.type)
stock=$(cat ~/.zen/cache/gchange/$gID.json | jq -r ._source.stock)
[[ $stock == 0 ]] && continue
# [[ $type == "need" ]] && continue
creationTime=$(cat ~/.zen/cache/gchange/$gID.json | jq -r ._source.creationTime)
title=$(cat ~/.zen/cache/gchange/$gID.json | jq -r ._source.title)
currency=$(cat ~/.zen/cache/gchange/$gID.json | jq -r ._source.currency)
price=$(cat ~/.zen/cache/gchange/$gID.json | jq -r ._source.price)
categoryname=$(cat ~/.zen/cache/gchange/$gID.json | jq -r ._source.category.name)
[[ $price == null ]] && price="0"
[[ $currency == "g1" ]] && love=$(bc -l <<< "scale=2; $price / $LASTDU * 100") || love="?.??"
love="$love_LOVE"
price=$(bc -l <<< "scale=2; $price / 100")
fullcount=$((fullcount+1)) && echo "DEBUG : $fullcount - $type - $price $currency - $title "
[[ $price == "0" ]] && love="..." && price="A débattre "
[[ $type == "offer" ]] && LINE="___OFFRE___[$title](https://data.gchange.fr/market/record/$gID/_share)_$love"
[[ $type == "need" ]] && LINE="__DEMANDE__[$title](https://data.gchange.fr/market/record/$gID/_share)_$love"
[[ $NEW == "true" ]] && echo "$LINE" >> ~/.zen/cache/gchange.txt && chunk=$((chunk+1)) && echo $chunk
done
echo "$chunk_nouvelles_annonces_($TOTAL)" >> ~/.zen/cache/gchange.txt
## TODO AUTOMATIC PUBLISHING \n and message size problem ??
if [[ $(cat ~/.zen/cache/gchange.txt | wc -c) -lt 8000 ]]; then
export raw="$(cat ~/.zen/cache/gchange.txt)"
annonces=$(node -p "JSON.stringify(process.env.raw)")
sbotc publish '{"type":"post","text":'$annonces'}'
fi
# EXTRA COULD CREATE IT'S OWN MAP with https://github.com/zicmama/tile-stitch.git
# And magick to overlay... But best would be a local map proxy...

37
zen/port_ipfsp2p_g1sms_all.sh
View File

@ -1,37 +0,0 @@
#!/bin/bash
################################################################################
# Author: Fred (support@qo-op.com)
# Version: 0.1
# License: AGPL-3.0 (https://choosealicense.com/licenses/agpl-3.0/)
################################################################################
# Activate SUPPORT MODE: open ssh over IPFS
MY_PATH="`dirname \"$0\"`" # relative
MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized
########################################################################
YOU=$(ps auxf --sort=+utime | grep -w ipfs | grep -v -E 'color=auto|grep' | tail -n 1 | cut -d " " -f 1) || er+=" ipfs daemon not running"
IPFSNODEID=$(ipfs id -f='<id>\n') || er+=" ipfs id problem"
WHOAMI=$(sbotc whoami | jq -r .id) || er+=" sbotc whoami problem"
[[ "$YOU" == "" || "$IPFSNODEID" == "" || "$WHOAMI" == "" ]] && echo "ERROR : $er " && exit 1
########################################################################
# TODO ESTABLISH A PORT FORWARD STRATEGY (depending on Node Flavour)
# Arrange local port forwarded to swarm
# GET _uidna (means g1sms/init.sh been run)
[[ -f /home/$YOU/.zen/ipfs/.$IPFSNODEID/G1SSB/_uidna ]] && UIDNA=$(cat /home/$YOU/.zen/ipfs/.$IPFSNODEID/G1SSB/_uidna)
if [[ $(which gammu) ]]; then
# I am a g1sms NODE, pushing my web interface
ipfs p2p listen /x/g1sms /ip4/127.0.0.1/tcp/10099
else
# Looking for g1sms NODE in my swarm
SMSNODE=$(ls /home/$YOU/.zen/ipfs_swarm/.12D3KooW*/G1SSB/_g1sms | shuf -n 1 | cut -d '/' -f 6 | cut -d '.' -f 2)
# Wait for DHT to propagate.... before getting eventual /x/g1sms forward
[[ $SMSNODE ]] && sleep $((1 + RANDOM % 10)) && ipfs p2p forward /x/g1sms /ip4/127.0.0.1/tcp/10097 /p2p/$SMSNODE
fi
# ipfs p2p close --all
# ipfs p2p listen /x/ssh-$UIDNA /ip4/127.0.0.1/tcp/22
# ipfs p2p listen /x/http-$UIDNA /ip4/127.0.0.1/tcp/80
# ipfs p2p listen /x/https-$UIDNA /ip4/127.0.0.1/tcp/443
ipfs p2p ls

107
zen/ssb_GET_zenyta.sh
View File

@ -1,107 +0,0 @@
#!/bin/bash
########################################################################
# Author: Fred (support@qo-op.com)
# Version: 2020.03.24
# License: AGPL-3.0 (https://choosealicense.com/licenses/agpl-3.0/)
########################################################################
MY_PATH="`dirname \"$0\"`" # relative
MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized
ME="${0##*/}"
echo '
########################################################################
# \\///
# qo-op
############# '$MY_PATH/$ME'
########################################################################
# ex: ./'$ME'
# #zenyta = youtube-dl video to ~/.zen/miam/$timestamp
########################################################################
'
######## YOUTUBE-DL ##########
if [[ ! $(which youtube-dl) ]]; then
sudo curl -s https://yt-dl.org/downloads/latest/youtube-dl -o /usr/local/bin/youtube-dl || err=1
sudo chmod a+rx /usr/local/bin/youtube-dl
sudo chown $(whoami) /usr/local/bin/youtube-dl
fi
mkdir -p ~/.zen/miam/
self=$(sbotc whoami | jq -r .id) || exit 1
[[ "$self" == "" ]] && exit 1
g1self=$(echo $self | cut -d '@' -f 2 | cut -d '.' -f 1 | base64 -d | base58)
self_name=$(sbotc query.read '{"query":[{"$filter":{"value":{"author": "'"$self"'", "content":{"type":"about", "about": "'"$self"'"}}}}]}' | jq -r .value?.content?.name | grep -v null | tail -n 1)
ipfsnodeid=$(ipfs id -f='<id>\n')
current_ts=$(date -u +%s%N | cut -b1-13)
[ -s ~/.zen/zenyta.last.ts ] && last_ts=$(cat ~/.zen/zenyta.last.ts) || last_ts=$((current_ts - 24*3600*1000)) # 24h ago
last_ts=$((last_ts + 10))
echo "Hi, i am [$self_name]($self)
last timestamp: $last_ts"
echo '
a u d i o
_ _
__ _ _ _ __| | (_) ___
/ _` | | || | / _` | | | / _ \
\__,_| \_,_| \__,_| |_| \___/
'
#messages=$(sbotc messagesByType '{"type":"post","gt":'$last_ts'}')
# SEARCH "#zenyta" CMD in message text
echo "sbotc backlinks.read '{\"query\":[{\"\$filter\":{\"dest\":\"#zenyta\",\"value\":{\"content\":{\"type\":\"post\"}},\"timestamp\":{\"\$gt\":'\"$last_ts\"'}}}]}'"
messages=$(sbotc backlinks.read '{"query":[{"$filter":{"dest":"#zenyta","value":{"content":{"type":"post"}},"timestamp":{"$gt":'"$last_ts"'}}}]}')
[[ $messages == "" ]] && messages=$(sbotc query.read '{"query":[{"$filter":{"value":{"author": "'"$WHOAMI"'", "content":{"type":"zenyta"}}}}]}') && echo "sbotc query.read '{\"query\":[{\"\$filter\":{\"value\":{\"author\": \"'"$WHOAMI"'\", \"content\":{\"type\":\"zenyta\"}}}}]}'"
while read -r msg
do
# EXTRACT CMD PARAM
msg_key=$(printf %s "$msg" | jq -r .key)
author=$(printf %s "$msg" | jq -r .value.author)
timestamp=$(printf %s "$msg" | jq -r .value.timestamp)
# TEST CURRENT NODE last_ts
[[ $timestamp -lt $last_ts ]] && echo "$last_ts: ALREADY DONE $msg_key timestamp is $timestamp " && continue
# SWARM REFRESH
$MY_PATH/ipfs_SWARM_refresh.sh
# SWARM ALREADY DONE IT ??
# IS LIKE "SELECT FROM ipfs_swarm WHERE _tag.zensource=$timestamp"(or something like that in SQL), means a ZenTag already exists.
CHECKSWARM=$(grep -Rwl "$timestamp" ~/.zen/ipfs_swarm/.12D3KooW*/TAG/*/_tag.zensource | tail -n 1 | cut -f 6 -d '/')
# OR SWARM PROCESS IN ACTION (NB: copy tasks must be asynchronous in swarm)
[[ ! $CHECKSWARM ]] && CHECKSWARM=$(grep -Rwl "$timestamp" ~/.zen/ipfs_swarm/.12D3KooW*/TAG/process.timestamp.ssb | tail -n 1 | cut -f 6 -d '/')
[[ $CHECKSWARM ]] \
&& echo "$timestamp ALREADY on NODE $CHECKSWARM CONTINUE" \
&& echo "$timestamp" > ~/.zen/zenyta.last.ts \
&& continue
# ANTI DOUBLE COPY START
echo "$timestamp" > ~/.zen/ipfs/.$ipfsnodeid/process.timestamp.ssb
$MY_PATH/ipfs_SWARM_refresh.sh
# ANTI DOUBLE COPY
msg_root=$(printf %s "$msg" | jq -r .value.content.root)
msg_branch=$(printf %s "$msg" | jq -r .value.content.branch)
msg_text=$(printf %s "$msg" | jq -r .value.content.text)
msg_ytdlurl=$(echo $msg_text | egrep -o 'https?://[^ ]+' | grep you | cut -d '\' -f 1 | tail -n 1)
# YOUTUBE-DL AUDIO
[[ $timestamp ]] && mkdir -p ~/.zen/miam/$timestamp
[[ $msg_ytdlurl ]] && /usr/local/bin/youtube-dl -x --audio-format mp3 \
--write-thumbnail --write-info-json --add-metadata --embed-thumbnail \
--no-mtime -o "~/.zen/miam/$timestamp/%(id)s.%(ext)s" $msg_ytdlurl
# REFERENCE msg_key AND timestamp
[[ $timestamp ]] && echo "$((timestamp + 1))" > ~/.zen/zenyta.last.ts
[[ $msg_key ]] && echo "$msg_key" > ~/.zen/miam/$timestamp/msg_key
$MY_PATH/miam_miam.sh "$timestamp"
# ANTI DOUBLE COPY END
rm ~/.zen/ipfs/.$ipfsnodeid/process.timestamp.ssb
$MY_PATH/ipfs_SWARM_refresh.sh
# ANTI DOUBLE COPY
done < <(printf '%s\n' "$messages")

109
zen/ssb_GET_zenytv.sh
View File

@ -1,109 +0,0 @@
#!/bin/bash
########################################################################
# Author: Fred (support@qo-op.com)
# Version: 2020.03.24
# License: AGPL-3.0 (https://choosealicense.com/licenses/agpl-3.0/)
########################################################################
MY_PATH="`dirname \"$0\"`" # relative
MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized
ME="${0##*/}"
########################################################################
# \\///
# qo-op
############# '$MY_PATH/$ME'
########################################################################
# ex: ./'$ME'
# #zenytv = youtube-dl video to ~/.zen/miam/$timestamp
########################################################################
######## YOUTUBE-DL ##########
if [[ ! $(which youtube-dl) ]]; then
sudo curl -s https://yt-dl.org/downloads/latest/youtube-dl -o /usr/local/bin/youtube-dl || err=1
sudo chmod a+rx /usr/local/bin/youtube-dl
sudo chown $(whoami) /usr/local/bin/youtube-dl
fi
mkdir -p ~/.zen/miam/
self=$(sbotc whoami | jq -r .id) || exit 1
[[ "$self" == "" ]] && exit 1
g1self=$(echo $self | cut -d '@' -f 2 | cut -d '.' -f 1 | base64 -d | base58)
self_name=$(sbotc query.read '{"query":[{"$filter":{"value":{"author": "'"$self"'", "content":{"type":"about", "about": "'"$self"'"}}}}]}' | jq -r .value?.content?.name | grep -v null | tail -n 1)
ipfsnodeid=$(ipfs id -f='<id>\n')
current_ts=$(date -u +%s%N | cut -b1-13)
[ -s ~/.zen/zenytv.last.ts ] && last_ts=$(cat ~/.zen/zenytv.last.ts) || last_ts=$((current_ts - 24*3600*1000)) # 24h ago
# last_ts=$((last_ts + 10))
echo "Hi, i am [$self_name]($self)
last timestamp: $last_ts"
echo '
v i d e o
_ _
__ __ (_) __| | ___ ___
\ V / | | / _` | / -_) / _ \
\_/ |_| \__,_| \___| \___/
'
#messages=$(sbotc messagesByType '{"type":"post","gt":'$last_ts'}')
# SEARCH "#zenytv" CMD in message text
echo "sbotc backlinks.read '{\"query\":[{\"\$filter\":{\"dest\":\"#zenytv\",\"value\":{\"content\":{\"type\":\"post\"}},\"timestamp\":{\"\$gt\":'\"$last_ts\"'}}}]}'"
messages=$(sbotc backlinks.read '{"query":[{"$filter":{"dest":"#zenytv","value":{"content":{"type":"post"}},"timestamp":{"$gt":'"$last_ts"'}}}]}')
[[ $messages == "" ]] && exit 1
while read -r msg
do
# EXTRACT CMD PARAM
msg_key=$(printf %s "$msg" | jq -r .key)
author=$(printf %s "$msg" | jq -r .value.author)
timestamp=$(printf %s "$msg" | jq -r .value.timestamp)
# TEST CURRENT NODE last_ts
[[ $timestamp -lt $last_ts ]] && echo "ALREADY DONE $msg_key timestamp is $timestamp " && continue
# SWARM REFRESH
$MY_PATH/ipfs_SWARM_refresh.sh
# SWARM ALREADY DONE
CHECKSWARM=$(grep -Rwl "$timestamp" ~/.zen/ipfs_swarm/.12D3KooW*/TAG/*/_tag.zensource | tail -n 1 | cut -f 6 -d '/')
# OR SWARM PROCESS IN ACTION
[[ ! $CHECKSWARM ]] && CHECKSWARM=$(grep -Rwl "$timestamp" ~/.zen/ipfs_swarm/.12D3KooW*/TAG/process.timestamp.ssb | tail -n 1 | cut -f 6 -d '/')
[[ $CHECKSWARM ]] \
&& echo "$timestamp ALREADY on NODE $CHECKSWARM CONTINUE" \
&& echo "$timestamp" > ~/.zen/zenytv.last.ts \
&& continue
# ANTI DOUBLE COPY START
echo "$timestamp" > ~/.zen/ipfs/.$ipfsnodeid/process.timestamp.ssb
$MY_PATH/ipfs_SWARM_refresh.sh
# ANTI DOUBLE COPY
msg_root=$(printf %s "$msg" | jq -r .value.content.root)
msg_branch=$(printf %s "$msg" | jq -r .value.content.branch)
msg_text=$(printf %s "$msg" | jq -r .value.content.text)
msg_ytdlurl=$(echo $msg_text | egrep -o 'https?://[^ ]+' | grep you | cut -d '\' -f 1 | tail -n 1)
# YOUTUBE-DL VIDEO
[[ $timestamp ]] && mkdir -p ~/.zen/miam/$timestamp
[[ $msg_ytdlurl ]] && /usr/local/bin/youtube-dl -f '[height=720]/best' \
--write-thumbnail --all-subs --write-info-json --write-annotations \
--no-mtime -o "~/.zen/miam/$timestamp/%(id)s.%(ext)s" $msg_ytdlurl
# ###### TODO make gif tu push to SSB
# ffmpeg -ss 00:00:00.000 -i yesbuddy.mov -pix_fmt rgb24 -r 10 -s 320x240 -t 00:00:10.000 output.gif
# convert -layers Optimize output.gif output_optimized.gif
# REFERENCE msg_key AND timestamp
[[ $timestamp ]] && echo "$((timestamp))" > ~/.zen/zenytv.last.ts
[[ $msg_key ]] && echo "$msg_key" > ~/.zen/miam/$timestamp/msg_key
$MY_PATH/miam_miam.sh "$timestamp"
# ANTI DOUBLE COPY END
echo "$timestamp" > ~/.zen/ipfs/.$ipfsnodeid/process.timestamp.ssb
$MY_PATH/ipfs_SWARM_refresh.sh
# ANTI DOUBLE COPY
done < <(printf '%s\n' "$messages")

260
zen/ssb_INIT.sh
View File

@ -1,260 +0,0 @@
#!/bin/bash
########################################################################
# Author: Fred (support@qo-op.com)
# Version: 2020.03.21
# License: AGPL-3.0 (https://choosealicense.com/licenses/agpl-3.0/)
########################################################################
MY_PATH="`dirname \"$0\"`" # relative
MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized
ME="${0##*/}"
echo '
########################################################################
# \\///
# qo-op
############# '$MY_PATH/$ME'
########################################################################
# ex: ./'$ME'
# Initialize G1SSB + SSB About + IPFS Node publish
########################################################################
o__ __o __o o__ __o o__ __o o__ __o
/v v\ __|> /v v\ /v v\ <| v\
/> <\ | /> <\ /> <\ / \ <\
o/ <o> _\o____ _\o____ \o/ o/
<| _\__o__ | \_\__o__ \_\__o__ |__ _<|
\\ | < > \ \ | \
\ / | \ / \ / <o> /
o o o o o o o | o
<\__ __/> __|>_ <\__ __/> <\__ __/> / \ __/>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
# [ASTROPORT](https://astroport.com)
########################################################################
'
########################################################################
# ENVIRONEMENT DETECTION + IPFS ~/.zen/ipfs/.$IPFSNODEID/G1SSB/_info
########################################################################
YOU=$(ps auxf --sort=+utime | grep -w ipfs | grep -v -E 'color=auto|grep' | tail -n 1 | cut -d " " -f 1);
IPFSNODEID=$(ipfs id -f='<id>\n')
[[ $IPFSNODEID == "" ]] && echo "ERROR missing IPFS Node id !! IPFS is not installed !?" && exit 1
########################################################################
WHOAMI=$(sbotc whoami 2>/dev/null | jq -r .id)
[[ $WHOAMI == "" ]] && echo "ERROR sbotc NOT running !! Please check it..." && exit 1
########################################################################
[[ ! -f ~/.ssb/secret.dunikey ]] && $MY_PATH/tools/secret2dunikey.sh
G1PUB=$(cat ~/.ssb/secret.dunikey | grep 'pub:' | cut -d ' ' -f 2)
[[ $G1PUB == "" ]] && echo "ERROR G1PUB empty !! Please check it..." && exit 1
########################################################################
# GET NODE disk performance. TODO, publish and use as IPFS repartition
echo "DISK SIZE AVAILABLE & PERFORMANCE TESTING"
[[ -f ~/.zen/test.disk ]] && rm -f ~/.zen/test.disk
diskperf=$(dd if=/dev/zero of=~/.zen/test.disk bs=10M count=1 oflag=dsync 2>&1 | tail -n 1 | sed s/\,\ /\ -/g | cut -d '-' -f 4)
# echo $diskperf
sizeAvail=$(df -h ~/.ipfs/ | tail -n 1 | awk '{print $4}')
# IPFS LOCAL REPOSITORY for Node Identity G1 + SSB
mkdir -p ~/.zen/ipfs/.$IPFSNODEID/G1SSB
# SSB PUBLISH EXTRA ipfs informations !!
# TODO CHECK FOR NOT MAKING DOUBLE PUBLICATION (lower noisy init)
# This SSB messages are read by ./zen/ssb_IPFS_swarm.sh to build your IPFS #Swarm0
sbotc publish '{"type":"ipfsnodeid","text":"'"$(ipfs id -f='<id>\n')"'"}'
# PUBLISH default "eth" NOT isLAN IP addresses for ./zen/ssb_IPFS_swarm.sh
tryme=$(ipfs id | jq -r .Addresses[] | tail -n 1 )
isLAN=$(echo $tryme | cut -f3 -d '/' | grep -E "/(^127\.)|(^192\.168\.)|(^fd42\:)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^::1$)|(^[fF][cCdD])/")
[[ ! $isLAN ]] && sbotc publish '{"type":"ipfstryme","text":"'"$tryme"'"}'
trymev4=$(ipfs id | jq -r .Addresses[] | grep $(hostname -I | cut -f 1 -d ' '))
isLANv4=$(echo $trymev4 | cut -f3 -d '/' | grep -E "/(^127\.)|(^192\.168\.)|(^fd42\:)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^::1$)|(^[fF][cCdD])/")
[[ $isLAN && ! $isLANv4 ]] && sbotc publish '{"type":"ipfstryme","text":"'"$trymev4"'"}' && tryme="$trymev4"
trymev6=$(ipfs id | jq -r .Addresses[] | grep $(hostname -I | cut -f 2 -d ' '))
isLANv6=$(echo $trymev6 | cut -f3 -d '/' | grep -E "/(^127\.)|(^192\.168\.)|(^fd42\:)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^::1$)|(^[fF][cCdD])/")
[[ $isLAN && $isLANv4 && ! $isLANv6 ]] && sbotc publish '{"type":"ipfstryme","text":"'"$trymev6"'"}' && tryme="$trymev6"
################################
# ADD Cesium+ informations
CESIUM="https://g1.data.le-sou.org"
# PREPARE title
# Made from Cesium+ profile tittle and city OR user@hostname
title=$(curl -s ${CESIUM}/user/profile/${G1PUB} | jq -r '._source.title')
[[ -f ~/.zen/ipfs/.$IPFSNODEID/G1SSB/_uidna ]] && uidna=$(cat ~/.zen/ipfs/.$IPFSNODEID/G1SSB/_uidna)
# Put in .$IPFSNODEID INDEX: _g1.uidna & _g1.cesium_name (used by Minetest flavour and others)
[[ $uidna ]] && echo "$uidna" > ~/.zen/ipfs/.$IPFSNODEID/G1SSB/_g1.uidna
[[ $title ]] && echo "$title" > ~/.zen/ipfs/.$IPFSNODEID/G1SSB/_g1.cesium_name
[[ $uidna ]] && [[ "$title" == "null" ]] && title="Station $uidna"
[[ "$title" == "null" ]] && title="Station $USER@$(cat /etc/hostname)"
city=$(curl -s ${CESIUM}/user/profile/${G1PUB} | jq -r '._source.city')
[[ "$city" != "null" ]] && title="$title in $city"
# ADD "cesium_geoPoint.lat" AND "cesium_geoPoint.lon" messages in SSB feed
# This way any SSB account is connected to its Cesium+ Geolocalisation.
geopointlat=$(curl -s ${CESIUM}/user/profile/${G1PUB} | jq '._source.geoPoint.lat')
[[ $geopointlat != null ]] && sbotc publish '{"type":"cesium_geoPoint.lat","text":"'"$geopointlat"'"}'
geopointlon=$(curl -s ${CESIUM}/user/profile/${G1PUB} | jq '._source.geoPoint.lon')
[[ $geopointlon != null ]] && sbotc publish '{"type":"cesium_geoPoint.lon","text":"'"$geopointlon"'"}'
# REFRESH Cesium+ Avatar image
curl -s ${CESIUM}/user/profile/${G1PUB} | jq -r '._source.avatar._content' | base64 -d > "/tmp/_g1.avatar.png"
## PUBLISH ABOUT MESSAGE
##############################################
# PICTURE: IF AVATAR not png take IMAGE of G1 wallet QRCode
qrencode -s 5 -o ~/.zen/ipfs/.$IPFSNODEID/G1SSB/_g1.qrcode.png "$G1PUB"
imagefile=~/.zen/ipfs/.$IPFSNODEID/G1SSB/_g1.qrcode.png
qrname=${imagefile##*/}
qrid="$(sbotc blobs.add < $imagefile)"
qrtype="$(file -b --mime-type $imagefile)"
qrsize="$(wc -c < $imagefile)"
if [[ ! $(file "/tmp/_g1.avatar.png" | grep 'PNG') ]]; then
echo "NO Cesium AVATAR - Using G1Pub QRCode"
rm -f /tmp/_g1.avatar.png
else
echo "AVATAR FOUND"
imagefile=/tmp/_g1.avatar.png
# PUBLISH AVATAR TO IPFS
cp /tmp/_g1.avatar.png ~/.zen/ipfs/.$IPFSNODEID/G1SSB/
fi
# Prepare QRCode File for SSB (add to blobs)
name=${imagefile##*/}
id="$(sbotc blobs.add < $imagefile)"
type="$(file -b --mime-type $imagefile)"
size="$(wc -c < $imagefile)"
echo "
/\ |_ _ _|_
/--\|_)(_)|_||_ : PUBLISH to SSB feed...
$WHOAMI
$title
$imagefile
$id : $type : $size bits
"
# NOT WORKING, sudo inside !!!
#nodename=$(~/.zen/astrXbian/zen/tools/nodename)
nodename=$(cat /home/$YOU/.zen/ipfs/.$IPFSNODEID/G1SSB/_nodename)
if [[ $nodename == "" ]]; then
nodename=$(cat /etc/hostname)
extension=$(echo $nodename | cut -d '.' -f 2)
if [[ $extension == $nodename ]]; then
nodename=$nodename.home
fi
fi
########################################################################
# DUNITER G1 Wallet balance
export LC_ALL=C.UTF-8 #attipix
export LANG=C.UTF-8 #attipix
DUNITERNODE=$($MY_PATH/tools/duniter_getnode.sh)
echo "DEBUG: silkaj -p $DUNITERNODE balance $G1PUB"
[[ $DUNITERNODE ]] && g1balance=$(silkaj -p $DUNITERNODE balance $G1PUB 2>&1) || g1balance=$(silkaj balance $G1PUB 2>&1)
silkajQuantitativeAmountPattern='Total\sQuantitative\s+=\s+(.*)\s+Ğ1'
if [[ $g1balance =~ $silkajQuantitativeAmountPattern ]]
then
myJune="${BASH_REMATCH[1]}"
else
myJune="0"
fi
DUFACTOR=$(bc <<< "scale=2; $(cat /home/$YOU/.zen/_DU) / 100")
AMOUNTLOVE=$(bc -l <<< "scale=0; $myJune * 100 / $DUFACTOR")
# OLD ssb-server publish
# sbot publish --type about --about $WHOAMI --description "[Astroport Node](https://astroport.com) [$IPFSNODEID](http://localhost:8181/ipns/$IPFSNODEID) - Wallet $G1PUB - $diskperf" --name "$title" --image "$id"
# NEW sbotc publish to oasis
sbotc publish "{\"type\":\"about\",\"about\":\"$WHOAMI\",\"description\":\"![QRCode]($qrid)\\n[Station Astroport](https://astroport.com)\\n - [Mon Marché](https://gchange.fr/#/app/wot/$G1PUB) \\n - [Mon portefeuille ($AMOUNTLOVE :heart:)](https://cesium.app/) \\n Station ID : [$IPFSNODEID](http://localhost:8181/ipns/$IPFSNODEID) \\n Disque: $sizeAvail = $diskperf \\n - [Portail](http://$nodename:10010/) \\n\",\"name\":\"$title\",\"image\":\"$id\"}"
# SSB PUBLISH G1 wallet silkaj balance
json_escape () {
printf '%s' "$1" | python -c 'import json,sys; print(json.dumps(sys.stdin.read()))'
}
INLINE=$(json_escape "$g1balance")
# TODO FIND WHY THIS ***** COMA , IS EVERYWHERE NOT PUBLSHING silkaj
# [[ $INLINE ]] && sbotc publish '{"type":"post","text":'$INLINE'}'
#INLINE="${g1balance@Q}"
#[[ $INLINE ]] && sbotc publish '{"type":"post","text":"'$INLINE'"}'
echo "
_ _
/ \|_) _ _ _| _
\_X| \ (_(_)(_|(/_ ! AVATAR
$g1balance
~/.zen/ipfs/.$IPFSNODEID/G1SSB/_g1.qrcode.png
-- sbotc publish --
"
# IF no AVATAR, publish message with QRCode
if [[ ! $(file "/tmp/_g1.avatar.png" | grep 'PNG') ]]; then
sleep 1
# sbotc publish '{"type":"post","text":"![QRCode]('"$qrid"')\n Scan QRCode with [Cesium](https://cesium.app).\n Thank you\n ONE :heart:","mentions":[{"link":"'"$id"'","name":"'"$name"'","size":'"$size"',"type":"'"$type"'"}]}'
else
# Publish only if new avatar
if [[ $(diff /tmp/_g1.avatar.png ~/.zen/ipfs/.$IPFSNODEID/G1SSB/_g1.avatar.png) ]]; then
sbotc publish '{"type":"post","text":"![Cesium Avatar]('"$id"')\n from my Wallet [Cesium](https://demo.cesium.app/#/app/wot/'"$G1PUB"') '"$G1PUB"'","mentions":[{"link":"'"$id"'","name":"'"$name"'","size":'"$size"',"type":"'"$type"'"}]}'
fi
fi
echo "
___ _ _ __
| |_)|_(_ _. _| _|
_|_| | __) (_|(_|(_|
~/.zen/ipfs
ipfs ls /ipns/$IPFSNODEID
"
# COPY NODE G1SSB ID to IPFS
echo "$WHOAMI" > ~/.zen/ipfs/.$IPFSNODEID/G1SSB/_ssb.whoami
echo "$G1PUB" > ~/.zen/ipfs/.$IPFSNODEID/G1SSB/_g1.pubkey
# IPFS Node PUBLISH Adresses so Pub can become bootstrap for ${g1author}
ipfs id | jq -r .Addresses[] > ~/.zen/ipfs/.${IPFSNODEID}/Addresses
# IPFS Node PUBLISH AgentVersion & repo.stat
ipfs id | jq -r .AgentVersion > ~/.zen/ipfs/.${IPFSNODEID}/AgentVersion
ipfs repo stat > ~/.zen/ipfs/.${IPFSNODEID}/repo.stat
echo "$tryme" > ~/.zen/ipfs/.${IPFSNODEID}/tryme.addr
echo "$diskperf" > ~/.zen/ipfs/.${IPFSNODEID}/disk.perf
echo $(df ~/.ipfs/ | tail -n 1 | awk '{print $4}') > ~/.zen/ipfs/.${IPFSNODEID}/disk.bytes
IWALLETS=$(ipfs add -rHq ~/.zen/ipfs | tail -n 1)
NODEIPNS=$(ipfs name publish --allow-offline --quieter /ipfs/$IWALLETS)
echo "
ipfs ls /ipns/$IPFSNODEID/.$IPFSNODEID/
_ _ _ _ _
(_)_ ____ _(_) |_ __ _| |_(_) ___ _ __
| | _ \ \ / / | __/ _| | __| |/ _ \| _ \
| | | | \ V /| | || (_| | |_| | (_) | | | |
|_|_| |_|\_/ |_|\__\__|_|\__|_|\___/|_| |_|
# This INVITE is to be sent an to 'Astroport Station' willing to Join our IPFS Swarm.
# see 'ssb_SURVEY_contact.sh' for commands executed...
"
echo "INVITATION LINK (only works in LAN or WAN depending on your Node)"
sbotc invite.create 1 2>/dev/null
#read ssb_invit_link
#sbotc invite.accept $ssb_invit_link
exit 0

99
zen/ssb_IPFS_swarm.sh
View File

@ -1,99 +0,0 @@
#!/bin/bash
########################################################################
# Author: Fred (support@qo-op.com)
# Version: 2020.04.27
# License: AGPL-3.0 (https://choosealicense.com/licenses/agpl-3.0/)
########################################################################
MY_PATH="`dirname \"$0\"`" # relative
MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized
ME="${0##*/}"
########################################################################
# \\///
# qo-op
############# '$MY_PATH/$ME'
########################################################################
# ex: ./'$ME'
# GET SSB FRIENDS AND FIND THEIR IPFS ID TO "ipfs swarm connect" THEM
########################################################################'
## TODO: REMOVE DUPLICATES
## TODO: MODE : COOL, STRAIGHT, ARMORED
########################################################################
## CONNECT GLOBAL "ipfs.io" ## DANGEROUS only for short time...
########################################################################
# ADD ipfs.io public bootstrap into your swarm peers
# RUN: cat ~/.zen/astrXbian/ipfs.swarm.ipfs.io | ipfs swarm connect
# SOON ipfs swarm peers will GROW!!! YOU ARE VSIBLE !!!
# RUN: sudo systemctl restart ipfs # GOES BACK TO SWARM0
########################################################################
########################################################################
# ENVIRONEMENT DETECTION + IPFS ~/.zen/ipfs/.$IPFSNODEID/G1SSB/_info
########################################################################
IPFSNODEID=$(ipfs id -f='<id>\n')
[[ $IPFSNODEID == "" ]] && echo "ERROR missing IPFS Node id !! IPFS is not installed !?" && exit 1
########################################################################
echo '
__ __ ____
__/ // /_______ ______ __________ ___ / __ \
/_ _ __/ ___/ | /| / / __ `/ ___/ __ `__ \/ / / /
/_ _ __(__ )| |/ |/ / /_/ / / / / / / / / /_/ /
/_//_/ /____/ |__/|__/\__,_/_/ /_/ /_/ /_/\____/
EXTEND IPFS SWARM and SHAPE IT FROM (ssb_INIT.sh) FRIENDS
Search "ipfstryme" message type in SSB feed
'
[[ ! $WHOAMI ]] && WHOAMI=$($MY_PATH/tools/timeout.sh -t 3 sbotc whoami | jq -r .id)
########################################################################
# GET /tmp/ssb-friends.txt
sbotc query.read '{"query":[{"$filter":{"value":{"author": "'"$WHOAMI"'", "content":{"type":"contact"}}}}]}' | jq -r '.value?.content?.contact' > /tmp/ssb-friends.txt
# GET /tmp/ssb-NOTfriends.txt
sbotc links "{\"source\": \"${WHOAMI}\", \"rel\": \"contact\", \"values\": true, \"reverse\": true}" | jq -c . | grep 'blocking":true' | jq -r .dest > /tmp/ssb-NOTfriends.txt
count=1
########################################################################
# Let's look if our SSB Friends ARE "IPFS swarm connected"
########################################################################
echo "" > /tmp/This_NOTfriends_are_astroport
echo "" > /tmp/This_friends_connect_astroport
echo "" > /tmp/This_friends_should_install_astroport
### TODO -> send sbotc message (private or zip attached?) with this reports
for SSBFRIEND in $(uniq /tmp/ssb-friends.txt); do
# Force Strict #swarm0 !!
[[ $count == 1 ]] && ipfs bootstrap rm --all
### sbotc $SSBFRIEND name
MYFRIEND=$(sbotc query.read '{"query":[{"$filter":{"value":{"author": "'"$SSBFRIEND"'", "content":{"type":"about", "about": "'"$SSBFRIEND"'"}}}}]}' | jq -r .value?.content?.name | grep -v null | tail -n 1)
### GET SSB "ipfstryme" message type !!! Astroport Node should have publish it during "ssb_INIT.sh"
TRYME=$(sbotc query.read '{"query":[{"$filter":{"value":{"author": "'"$SSBFRIEND"'", "content":{"type":"ipfstryme"}}}}]}' | jq -r .value?.content?.text | tail -n 1)
## !! REMOVE NOTfriends from IPFS swarm
[[ $TRYME ]] && [[ $(grep -Rwl "$SSBFRIEND" /tmp/ssb-NOTfriends.txt) ]] && MES="($count) HUMMMM $MYFRIEND ($SSBFRIEND) IS NOT my friend disconnecting" && ipfs swarm disconnect $TRYME && ipfs bootstrap rm $TRYME && echo $MES >> /tmp/This_NOTfriends_are_astroport && continue
## Ici, on peut décider de demander à faire supprimer la couche astroport à son PAS AMI
## ADD Friend to our IPFS swarm
[[ $TRYME ]] && MES="($count) $MYFRIEND ($SSBFRIEND) connect OK $TRYME" && ipfs swarm connect $TRYME && ipfs bootstrap add $TRYME && echo $MES >> /tmp/This_friends_connect_astroport
## Ce pote est connecté IPFS avec moi
## This_friends_should_install_astroport
[[ ! $TRYME ]] && MES="($count) $MYFRIEND ($SSBFRIEND) is NOT running ASTROPORT !!!" && echo $MES >> /tmp/This_friends_should_install_astroport
### WHAT HAPPENED this loop on my ssb friends
echo $MES
echo "_________________________________________________"
count=$((count+1))
done
echo "__________________________________________
$WHOAMI ipfs peers are:"
ipfs swarm peers

134
zen/ssb_SURVEY_contact.sh
View File

@ -1,134 +0,0 @@
#!/bin/bash
########################################################################
# Author: Fred (support@qo-op.com)
# Version: 2020.03.24
# License: AGPL-3.0 (https://choosealicense.com/licenses/agpl-3.0/)
########################################################################
MY_PATH="`dirname \"$0\"`" # relative
MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized
ME="${0##*/}"
echo '
########################################################################
# \\///
# qo-op
############# '$MY_PATH/$ME'
########################################################################
# ex: ./'$ME'
# SURVEY SSB contact from "invite" is happening in feed
######################################################################## _ _ _ _ _
(_)_ ____ _(_) |_ __ _| |_(_) ___ _ __
| | _ \ \ / / | __/ _| | __| |/ _ \| _ \
| | | | \ V /| | || (_| | |_| | (_) | | | |
|_|_| |_|\_/ |_|\__\__|_|\__|_|\___/|_| |_| contact SURVEY
# New Station is joining ASTROPORT !!
DETECT in SSB feed messages "type": "contact", "autofollow": true
LIKE
https://tube.p2p.legal/videos/watch/ef319fdd-caf1-4e03-ba22-91c456e94f73
{
"key": "%jVQewn0/ey0tfdvYCjYXJqVivaaZ6NpeUL9xK5QeGTk=.sha256",
"value": {
"previous": "%ilrZ+8CvMXpu09LWh75Uq37j7lVJnoxTvipyooRSjpg=.sha256",
"sequence": 3,
"author": "@S2KB1zRQNAuCRs1vW08c+63+0gjI2egDj4pjUUrt+dw=.ed25519",
"timestamp": 1585068288462,
"hash": "sha256",
"content": {
"type": "contact",
"following": true,
"autofollow": true,
"contact": "@t/giTDc0EtzdPQGC7iAAzgzVOkFo++XZRvzOOlqgX1c=.ed25519"
},
"signature": "kXsFqfBGqZXZApf7UANDYlqnwLXuGdWFbMMofljBOp4dNGc4dAv+P2hzK3XV/jPT8a1u7PHIraJASugR1NCLCw==.sig.ed25519"
},
"timestamp": 1585068290213
}
'
# CACHE
[[ ! -d ~/.zen/ssb_contact ]] && mkdir -p ~/.zen/ssb_contact
self=$(sbotc whoami | jq -r .id) || exit 1
g1self=$(echo $self | cut -d '@' -f 2 | cut -d '.' -f 1 | base64 -d | base58)
self_name=$(sbotc query.read '{"query":[{"$filter":{"value":{"author": "'"$self"'", "content":{"type":"about", "about": "'"$self"'"}}}}]}' | jq -r .value?.content?.name | grep -v null | tail -n 1)
messages=$(sbotc query.read '{"query":[{"$filter":{"value":{"content":{"type":"contact", "contact":"'"$self"'", "autofollow":true}}}}]}')
while read -r msg
do
timestamp=$(printf %s "$msg" | jq .value.timestamp)
echo '
_ _ ___ ____
/ / \|\ || /\ / |
\_\_/| \||/--\\_ | FROM NEW STATION'
echo $timestamp
author=$(printf %s "$msg" | jq -r .value.author)
[[ "$author" == "$self" ]] && echo "Message from myself" && continue
g1author=$(printf %s "$msg" | jq -r .value.author | cut -d '@' -f 2 | cut -d '.' -f 1 | base64 -d | base58)
# Crypt, ipfs store, send
if [[ -f ~/.ipfs/swarm.key ]]; then
ipfsnodeid=$(ipfs id -f='<id>\n')
mkdir -p ~/.zen/ipfs/.${ipfsnodeid}/CONTACT/${g1author}
# PUBLISH swarm.key.crypt to IPFS, so PUB can push new swam.key to our CONTACT
file=~/.zen/ipfs/.${ipfsnodeid}/CONTACT/${g1author}/ipfs_swarm.key.crypt
$MY_PATH/tools/natools.py encrypt -p ${g1author} -i ~/.ipfs/swarm.key -o ${file}
# IPFS Node PUBLISH Adresses so Pub can become bootstrap for ${g1author}
ipfs id | jq -r .Addresses[] > ~/.zen/ipfs/.${ipfsnodeid}/Addresses
# IPFS Node PUBLISH AgentVersion & repo.stat
ipfs id | jq -r .AgentVersion > ~/.zen/ipfs/.${ipfsnodeid}/AgentVersion
ipfs repo stat > ~/.zen/ipfs/.${ipfsnodeid}/repo.stat
bootstrap=$(cat ~/.zen/ipfs/.${ipfsnodeid}/Addresses | tail -n 1)
echo "
$author
\|/ \|/ \|/
/|\ /|\ /|\ preparing cypher swarmkey
~/.zen/ipfs/.${ipfsnodeid}/CONTACT/${g1author}/ipfs_swarm.key.crypt
PUBLISH IPFS
http://localhost:8181/ipns/
"
ipfs name publish --quieter /ipfs/$(ipfs add -rHq ~/.zen/ipfs | tail -n 1)
name=${file##*/}
id="$(sbotc blobs.add < "$file")"
type="$(file -b --mime-type "$file")"
size="$(wc -c < "$file")"
echo '
______ _ _ _ ____ __ _ _
/\ (_ ||_)/ \|_)/ \|_)|__(_\ //\ |_)|\/||/|_\_/
/--\__) || \\_/| \_/| \| __)\/\//--\| \| ||\|_ | message send
'
echo "SSB
#astroport-swarmkey
[$name]($id)
TO.SSB_${author}
TO.G1_${g1author}
+++
FROM.SSB_${self_name}
FROM.G1_${g1self}
FROM.IPFS_${ipfsnodeid}
"
sbotc publish '{"type":"post","text":"#astroport-swarmkey = ['"$name"']('"$id"') TO.SSB_'"$author"' TO.G1_'"$g1author"' +++ FROM.SSB_'"$self_name"' FROM.G1_'"$g1self"' FROM.IPFS_'"$ipfsnodeid"'","mentions":[{"link":"'"$id"'","name":"'"$name"'","size":'"$size"',"type":"'"$type"'"}]}'
else
echo "NO swarm.key here."
fi
done < <(printf '%s\n' "$messages")

122
zen/ssb_SURVEY_swarmkey.sh
View File

@ -1,122 +0,0 @@
#!/bin/bash
########################################################################
# Author: Fred (support@qo-op.com)
# Version: 2020.03.24
# License: AGPL-3.0 (https://choosealicense.com/licenses/agpl-3.0/)
########################################################################
MY_PATH="`dirname \"$0\"`" # relative
MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized
ME="${0##*/}"
echo '
########################################################################
# \\///
# qo-op
############# '$MY_PATH/$ME'
########################################################################
# ex: ./'$ME'
# SURVEY received #astroport-swarmkey ipfs_swarm.key.crypt for IPFS
########################################################################
___DESACTIVATED___ TODO testing.
__ __ _ _
(_ (_ |_) _ ._ _ _|_o|
__)__)|_) _>|_||\/(/_\/ | ||(/__>
/
USED ONLY ONCE... Next swarm.key change will accurs in ~/.zen/ipfs-swarm
{
"key": "%ydN2fyzKTKzVZiZJSxiTXbb17GVvu0ZOf7LPY6u3Bc8=.sha256",
"value": {
"previous": "%SM2J1D8RcWzd2/P6I3ATyN4VXHuQEP3sXy7YCtK0djE=.sha256",
"sequence": 18,
"author": "@t/giTDc0EtzdPQGC7iAAzgzVOkFo++XZRvzOOlqgX1c=.ed25519",
"timestamp": 1585194822251,
"hash": "sha256",
"content": {
"type": "post",
"text": "#astroport-swarmkey = [ipfs_swarm.key.crypt](&L9nCidDjJ4c4Jz1LNTtx8Xp0SJW9HPCD9IVsbbAhS/I=.sha256) TO.SSB_${author} TO.G1_${g1author} +++ FROM.SSB_${self_name} FROM.G1_${g1self} FROM.IPFS_${ipfsnodeid}",
"mentions": [
{
"link": "&L9nCidDjJ4c4Jz1LNTtx8Xp0SJW9HPCD9IVsbbAhS/I=.sha256",
"name": "ipfs_swarm.key.crypt",
"size": 144,
"type": "application/octet-stream"
}
]
},
"signature": "DHMTIS17yF450CqFssuP2iwYMMdOd3PzCDTkLYdjprTtvjWZYUEG9vHaXBrGuaFZRhV2gGZ3WSknM7YLevilAQ==.sig.ed25519"
},
"timestamp": 1585194822367
}
'
[[ -f ~/.ipfs/ipfs_swarm.key ]] && echo "SWARM KEY ~/.ipfs/ipfs_swarm.key OK !!!" && exit 0
self=$(sbotc whoami | jq -r .id) || exit 1
g1self=$(echo $self | cut -d '@' -f 2 | cut -d '.' -f 1 | base64 -d | base58)
self_name=$(sbotc query.read '{"query":[{"$filter":{"value":{"author": "'"$self"'", "content":{"type":"about", "about": "'"$self"'"}}}}]}' | jq -r .value?.content?.name | grep -v null | tail -n 1)
ipfsnodeid=$(ipfs id -f='<id>\n')
# SEARCH "#astroport-swarmkey" CMD in message text
# Not working without patchwork (TODO: find bug. installation ok!? activate? ssb-server ssb-backlinks node_modules. HELP !! )
# messages=$(sbotc backlinks.read '{"query":[{"$filter":{"dest":"#astroport-swarmkey","value":{"content":{"type":"post"}}}}]}')
# The backlinks.read command does not publish a message, it queries the database for messages. It comes from the ssb-backlinks plugin. This plugin does not come with ssb-server by default (but it does come with Patchwork) so if you are using plain ssb-server and want to use ssb-backlinks you have to install it additionally. But to publish a message you would use the publish method (or private.publish to publish a private message, and that requires the ssb-private plugin, which is included in Patchwork but must be installed separately for ssb-server).
# SCRIPT RUN BY cron_MINUTE.sh check last hour messages
current_ts=$(date -u +%s%N | cut -b1-13)
last_ts=$((current_ts - 24*3600*1000 - 1)) # timestamp from 24h ago
echo '
_ _
-|-|- _. __|_.__ ._ _ .__|___/ |\/|| \
-|-|-(_|_> |_|(_)|_)(_)| |_ \_| ||_/
|
sbotc messagesByType "post" > $last_ts
'
messages=$(sbotc messagesByType '{"type":"post","gt":'$last_ts'}')
#messages=$(sbotc messagesByType '{"type":"post"}') #DEBUG
while read -r msg
do
author=$(printf %s "$msg" | jq -r .value.author)
attached_file=$(printf %s "$msg" | jq -r .value.content.mentions[].name 2>/dev/null)
if [[ $attached_file == "ipfs_swarm.key.crypt" ]]; then
echo '
__ _ _
(_\ //\ |_)|\/| |/|_\_/ _._ .__|_
__)\/\//--\| \| | |\|_ | de(_|\/|_)|_
/ |
to ~/.ipfs/ipfs_swarm.key
'
mylink=$(printf %s "$msg" | jq -r .value.content.mentions[].link)
mytmp=$(mktemp -d "${TMPDIR:-/tmp}/astroport.swarmkey.XXXXXXXXX")
echo "http://localhost:8989/blobs/get/$mylink"
continue
curl -s "http://localhost:8989/blobs/get/$mylink" > $mytmp/ipfs_swarm.key.crypt
$MY_PATH/tools/natools.py decrypt -f pubsec -k ~/.ssb/secret.dunikey -i $mytmp/ipfs_swarm.key.crypt -o ~/.ipfs/ipfs_swarm.key && \
echo "IPFS SWARM KEY ~/.ipfs/ipfs_swarm.key received from SSB $author ... OK !"
echo '
___ _ _ __
| |_)|_(_ _| _. _ ._ _ _ ._
_|_| | __) (_|(_|(/_| | |(_)| | ... restart ...
'
# TODO!!! Add user in sudo without password like "pi" = Run astroport under pi user IDEA.
sudo systemctl restart ipfs
fi
done < <(printf '%s\n' "$messages")