#!/bin/bash ######################################################################## # Author: Fred (support@qo-op.com) # Version: 2020.03.24 # License: AGPL-3.0 (https://choosealicense.com/licenses/agpl-3.0/) ######################################################################## MY_PATH="`dirname \"$0\"`" # relative MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized ME="${0##*/}" countMErunning=$(ps auxf --sort=+utime | grep -w $ME | grep -v -E 'color=auto|grep' | wc -l) [[ $countMErunning -gt 2 ]] && echo "$ME already running $countMErunning time" && exit 0 YOU=$(ps auxf --sort=+utime | grep -w ipfs | grep -v -E 'color=auto|grep' | tail -n 1 | cut -d " " -f 1) && [[ ! $YOU ]] && echo "ipfs NOT RUNNING. EXIT" && exit 1 G1PUB=$(cat ~/.zen/secret.dunikey | grep 'pub:' | cut -d ' ' -f 2) && [[ ! $G1PUB ]] && echo "ERREUR G1PUB. EXIT" && exit 1 IPFSNODEID=$(ipfs --timeout=20s id -f='\n') [[ ! $IPFSNODEID ]] && echo 'ERROR missing IPFS Node id !! IPFS is not installed !?' && exit 1 ######################################################################## ######################################################################## # This script is controling IPFS swarm # Sync friends peers ~/.zen/ipfs/ into ~/.zen/ipfs_swarm/.IPFSNODEID's/ directories # add not friend_of_mine IPs to fail2ban ######################################################################## ######################################################################## mkdir -p ~/.zen/ipfs_swarm echo ' ___ _ _ __ __ _ _ _ _ _ _ __ | |_)|_(_ (_\ //\ |_)|\/| |_)|_|_|_)|_(_ |_| _|_| | __) __)\/\//--\| \| | | \|_| | \|___)| | ' echo "I am $IPFSNODEID CONTROLING MY SWARM" timestamp=$(date -u +%s%N | cut -b1-13) ######################################################################## # Delete "ipfs" & "ipfs_swarm" after reboot # [[ ! -f /tmp/swarm_cleaned ]] && rm -Rf ~/.zen/ipfs/* && rm -Rf ~/.zen/ipfs_swarm/ && mkdir -p ~/.zen/ipfs_swarm && echo "IPFS CLEANING OK" > /tmp/swarm_cleaned ######################################################################## [[ "$1" == "quick" ]] && echo "" > /tmp/A_swarm || cat ~/.zen/A_swarm_map.txt > /tmp/A_swarm rm /tmp/treated.ipfs.swarm touch /tmp/treated.ipfs.swarm ## RESET BOOTSTRAP LIST # ipfs bootstrap rm --all > /dev/null 2>&1 ######################################################################## ######################################################################## echo "******************************************************************" echo "RETRIEVING MY OWN DATA FROM IPNS TO ~/.zen/ipfs_swarm" #ipfs get --output=/home/$YOU/.zen/ipfs_swarm/ /ipns/$IPFSNODEID ######################################################################## count=1 ipfs bootstrap > /tmp/ipfs_swarm_peers ipfs swarm peers >> /tmp/ipfs_swarm_peers for ipfsnodeid in $( (cat /tmp/ipfs_swarm_peers | grep -o '[^/]*$' && cat /tmp/A_swarm | grep -o '[^/]*$' ) | sort | uniq); do ## $ipfsnodeid already Treated ? [[ "$ipfsnodeid" == "$IPFSNODEID" ]] && continue [[ -f ~/.zen/ipfs_swarm/.$ipfsnodeid/_xbian.zuid ]] && XID=$(cat ~/.zen/ipfs_swarm/.$ipfsnodeid/_xbian.zuid) || XID='' [[ -f ~/.zen/ipfs_swarm/.$ipfsnodeid/G1SSB/_g1.gchange_title ]] && XZUID=$(cat ~/.zen/ipfs_swarm/.$ipfsnodeid/G1SSB/_g1.gchange_title) || XZUID='' [[ "$XID" == "" ]] && ipfs swarm disconnect /ipfs/$ipfsnodeid ## NOT COMPLIANT STATION # [[ $(cat /tmp/treated.ipfs.swarm | grep "$ipfsnodeid") ]] && continue [[ $(cat ~/.zen/A_dead_swarm.txt | grep "$ipfsnodeid") ]] && echo "DEAD SWARM" && continue # control ip isLAN? peerline=$(cat ~/.zen/A_swarm_map.txt | grep "$ipfsnodeid" | tail -n 1) [[ ! $peerline ]] && peerline=$(cat /tmp/ipfs_swarm_peers | grep "$ipfsnodeid" | tail -n 1) ip=$(cat /tmp/ipfs_swarm_peers | grep "$ipfsnodeid" | awk -F '/' '{print $3}' | tail -n 1) && [[ ! $ip ]] && continue isLAN=$(echo $ip | cut -f3 -d '/' | grep -E "(^127\.)|(^192\.168\.)|(^fd42\:)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^::1$)|(^[fF][cCdD])/") nowdate=$(date) # Convert ipfsnodeid into g1pub [[ "${ipfsnodeid:0:2}" != "Qm" ]] && whoisg1=$(~/.zen/astrXbian/zen/tools/ipfs_to_g1.py $ipfsnodeid) || echo "$ipfsnodeid" >> ~/.zen/A_dead_swarm.txt echo "#############################################################" echo "### ANALYZING $ipfsnodeid ($ip) $XID $XZUID ###" echo "$peerline" myfriendpeer=$(cat ~/.zen/A_my_swarm.txt | grep $ipfsnodeid ) if [[ "$myfriendpeer" != "" ]]; then # _____ ____ ___ _____ _ _ ____ # | ___| _ \|_ _| ____| \ | | _ \ # | |_ | |_) || || _| | \| | | | | # | _| | _ < | || |___| |\ | |_| | # |_| |_| \_\___|_____|_| \_|____/ # # if [[ ! $(cat /tmp/ipfs_swarm_peers | grep $ipfsnodeid) ]]; then ipfs swarm connect "$peerline" if [ $? != 0 ]; then grep -vEi $ip ~/.zen/A_my_swarm.txt echo $ipfsnodeid >> ~/.zen/A_dead_swarm.txt echo "SEND MESSAGE ABOUT UNREACHABLE FRIEND $whoisg1 ($XID) ($XZUID)" ~/.zen/astrXbian/zen/tools/timeout.sh -t 12 ~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey -n "https://data.gchange.fr" send -d $G1PUB -t "ALERT" -m "Impossible de se synchroniser avec $whoisg1 ($XID) ($XZUID)" # KEEPING LAST 10 ALERT MESSAGES nbmessage=0 for messageid in $(~/.zen/astrXbian/zen/tools/timeout.sh -t 12 ~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey -n "https://data.gchange.fr" read -n300 -j | jq -r --arg friendKEY "$G1PUB" '.[] | select(.pubkey == $friendKEY)' | jq 'select(.title == "ALERT")' | jq -r '.id') do nbmessage=$((nbmessage+1)) [ $nbmessage -gt 10 ] && echo "Delete $nbmessage OLD 'ALERT' messages from $G1PUB" && ~/.zen/astrXbian/zen/tools/timeout.sh -t 12 ~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey -n "https://data.gchange.fr" delete -i $messageid && sleep 0.5 done continue fi fi ## Add to bootstrap if XID exists [[ "$XID" != "" ]] && ipfs bootstrap add "$peerline" || ipfs bootstrap rm "$peerline" echo "OK Friend REFRESH /ipns/$ipfsnodeid INTO ~/.zen/ipfs_swarm/" ipfs --timeout=30s get --output=/home/$YOU/.zen/ipfs_swarm/ /ipns/$ipfsnodeid if [ $? != 0 ]; then echo "TIMEOUT REACHED ___ REMOVE $ipfsnodeid FROM ~/.zen/A_my_swarm.txt"; else ################################################################ ## REFRESH stargates keys from my friend ################################################################ mkdir -p ~/.zen/key/stargates/$whoisg1 ipfs --timeout=20s get --output=$HOME/.zen/key/stargates/$whoisg1/ /ipns/$ipfsnodeid/.$ipfsnodeid/FRIENDS/$G1PUB/ ## DECRYPT if [[ $? == 0 ]]; then [[ -f $HOME/.zen/key/stargates/$whoisg1/stargate1.encrypt ]] && $MY_PATH/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/key/stargates/$whoisg1/stargate1.encrypt" -o "$HOME/.zen/key/stargates/$whoisg1/stargate1" [[ -f $HOME/.zen/key/stargates/$whoisg1/stargate2.encrypt ]] && $MY_PATH/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/key/stargates/$whoisg1/stargate2.encrypt" -o "$HOME/.zen/key/stargates/$whoisg1/stargate2" [[ -f $HOME/.zen/key/stargates/$whoisg1/stargate3.encrypt ]] && $MY_PATH/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/key/stargates/$whoisg1/stargate3.encrypt" -o "$HOME/.zen/key/stargates/$whoisg1/stargate3" [[ -f $HOME/.zen/key/stargates/$whoisg1/stargate4.encrypt ]] && $MY_PATH/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/key/stargates/$whoisg1/stargate4.encrypt" -o "$HOME/.zen/key/stargates/$whoisg1/stargate4" [[ -f $HOME/.zen/key/stargates/$whoisg1/stargate5.encrypt ]] && $MY_PATH/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/key/stargates/$whoisg1/stargate5.encrypt" -o "$HOME/.zen/key/stargates/$whoisg1/stargate5" fi fi else # if [[ "$myfriendpeer" != "" ]]; # ____ _____ _____ ____ ___ _ _ # | _ \| ____| ___/ ___/ _ \| \ | | # | | | | _| | |_ | | | | | | \| | # | |_| | |___| _|| |__| |_| | |\ | # |____/|_____|_| \____\___/|_| \_| # [[ -f ~/.zen/DEFCON ]] && export DEFCON=$(cat ~/.zen/DEFCON) || export DEFCON=$(cat ~/.zen/astrXbian/DEFCON) # like in crom_MINUTE.sh echo "!!! UNKNOWN FRIEND !!! $ip ___ $ipfsnodeid ________ # DEFCON : $DEFCON " [[ -d ~/.zen/ipfs_swarm/.$ipfsnodeid ]] && rm -Rf ~/.zen/ipfs_swarm/.$ipfsnodeid && "REMOVE ipfs_swarm DIRECTORY" ip=$(cat /tmp/ipfs_swarm_peers | grep "$ipfsnodeid" | awk -F '/' '{print $3}' | head -n 1) isLAN=$(echo $ip | cut -f3 -d '/' | grep -E "(^127\.)|(^192\.168\.)|(^fd42\:)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^::1$)|(^[fF][cCdD])/") [[ $ip ]] && anybodyelseipfsid=$(cat /tmp/ipfs_swarm_peers | grep "$ip" | grep -Ev "$ipfsnodeid" | head -n 1 | rev | cut -d '/' -f 1 | rev ) [[ $anybodyelseipfsid ]] && isanybodyelseipmyfriend=$(cat ~/.zen/A_my_swarm.txt | grep $anybodyelseipfsid) ## AVOID BANNING IP IF A FRIEND IS IN SAME LAN WITH PUBLIC IP [[ $isanybodyelseipmyfriend ]] && echo "TODO: SEND MESSAGE TO $isanybodyelseipmyfriend WARNING ABOUT $ipfsnodeid SAME SEEN IP $ip" if [[ $ip && ! $isanybodyelseipmyfriend && ( $DEFCON < 5 ) && ! $isLAN ]] then if [[ $DEFCON -eq 4 ]]; then ## DEFCON 4 ### SECURITY CHOICE TO MAKE IN /etc/sudoers ### # $USER ALL=(ALL:ALL) NOPASSWD:ALL # $USER ALL=(ALL:ALL) NOPASSWD:/usr/bin/fail2ban-client sudo fail2ban-client add recidive 2>/dev/null 1>&2 sudo fail2ban-client start recidive sudo fail2ban-client set recidive bantime 36000 # 10 Hours bantime sudo fail2ban-client set recidive banip $ip # Show ALL banned IP sudo fail2ban-client status recidive fi ## DEFCON 2 # nmap NOT FRIEND ## DEFCON 1 # DDOS NOT FRIEND fi if [[ ! $isLAN ]]; then ipfs swarm disconnect "$peerline" fi ipfs bootstrap rm "$peerline" fi echo "$ipfsnodeid" >> /tmp/treated.ipfs.swarm done if [[ $DEFCON -eq 3 ]]; then ## DEFCON 3 # ACTIVATE PRIVATE SMARM !! 1ST BOOTSRAP creates and send a key to every level3 friends he knows (PUB) # RUN ONCE ONLY if [[ ! -f ~/.ipfs/swarm.key.defcon3 ]]; then SWARMKEYnode=$(cat ~/.zen/astrXbian/A_boostrap_nodes.txt | grep -Ev "#" | tail -n 1) ## FIRST BOOTSTRAP EMIT AND SEND swarm.key nodeid=${SWARMKEYnode##*/} KEYnode=$(~/.zen/astrXbian/zen/tools/ipfs_to_g1.py $nodeid) # I $G1PUB am designed to launch defcon3 if [[ "$KEYnode" == "$G1PUB" ]]; then ## CREATE swarm.key echo -e "/key/swarm/psk/1.0.0/\n/base16/\n `tr -dc 'a-f0–9' < /dev/urandom | head -c64`" > ~/.ipfs/swarm.key.defcon3 ## IDENTIFY LEVEL 3 FRIENDS ## CONTACT FRIENDS AND MAKE APPOINTEMENT !! for g1id in $(ls ~/.zen/ipfs/.$IPFSNODEID/FRIENDS); do [[ "$g1id" == "index.html" ]] && continue ipfsnodeid=$(~/.zen/astrXbian/zen/tools/g1_to_ipfs.py $g1id) [[ "$ipfsnodeid" == "" ]] && continue echo "BLOB-Brain Friend RENEW /ipns/$ipfsnodeid TO ~/.zen/ipfs_swarm/" rm - Rf /home/$YOU/.zen/ipfs_swarm/$ipfsnodeid ipfs --timeout=20s get --output=/home/$YOU/.zen/ipfs_swarm/ /ipns/$ipfsnodeid [[ -f /home/$YOU/.zen/ipfs_swarm/.$ipfsnodeid/_xbian.zuid ]] && zuid=$(cat /home/$YOU/.zen/ipfs_swarm/.$ipfsnodeid/_xbian.zuid) || continue stars=$(cat ~/.zen/ipfs/.$IPFSNODEID/FRIENDS/$g1id/stars.level); G1BALANCE=$(~/.zen/astrXbian/zen/jaklis/jaklis.py balance -p $g1pub) && [[ "$G1BALANCE" == "null" ]] && G1BALANCE=0 || G1BALANCE=$(echo "$G1BALANCE" | cut -d '.' -f 1) echo "DEFCON3 $stars STARS $g1pub ($G1BALANCE G1) /ipns/$ipfsnodeid" >> ~/.zen/alert ## MESSAGE SENT ONLY TO ONLINE LEVEL 3 FRIENDS [ $stars -gt 3 ] && ~/.zen/astrXbian/zen/tools/timeout.sh -t 12 ~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey -n "https://data.gchange.fr" send -d $g1id -t "DEFCON3" -f ~/.ipfs/swarm.key.defcon3 done ## SEULE LA STATION SOURCE DU CODE PEUT ACTIVER DEFON3. ## LE SWARM EST ALORS MANUELLEMENT PASSE EN PRIVE ## Chaque ami prévenu reçoit le fichier à placer dans ~/.ipfs/swarm.key ## Le premier BOOTSTRAP ~/.zen/astrXbian/A_boostrap_nodes.txt ## lance un RDV sur FRAMADATE, ou autre... fi fi ######################################################################## # REFRESH Film Serie Anime Youtube ${PREFIX}ASTRXBIAN index ######################################################################## echo "******************************************************************" echo "### REFRESH Film Serie Anime Youtube ${PREFIX}ASTRXBIAN ###" [[ ! -d ~/.zen/ipfs/.${IPFSNODEID}/astroport/kodi/vstream ]] && mkdir -p ~/.zen/ipfs/.${IPFSNODEID}/astroport/kodi/vstream/ AXID=$(cat ~/.zen/ipfs/.$IPFSNODEID/_xbian.zuid); for PREFIX in F S A Y do echo "CAT;TMDB;YEAR;TITLE;SAISON;GENRES;GROUPES;RES;URLS=http://127.0.0.1:8181" > ~/.zen/ipfs/.${IPFSNODEID}/${PREFIX}ASTRXBIAN cat ~/.zen/ipfs_swarm/.12D*/astroport/kodi/vstream/${PREFIX}ASTRXBIAN | sed "s/anime;/film;/g" | sed '/^[[:space:]]*$/d' | grep -Ev "CAT;TMDB" | sort | uniq >> ~/.zen/ipfs/.${IPFSNODEID}/${PREFIX}ASTRXBIAN done # Remove old database # rm ~/.kodi/userdata/addon_data/plugin.video.vstream/astroport_cache.db ######################################################################## # REFRESH tiddlywiki WALL OF FRIENDS ######################################################################## echo "******************************************************************" echo "### PUBLISH tiddlywiki WALL OF FRIENDS ###" echo "" > ~/.zen/ipfs/.${IPFSNODEID}/FRIENDS/index.html for wiki in $(ls ~/.zen/ipfs_swarm/.12D*/index.html 2>/dev/null); do ipfsnodeid=$(echo $wiki | cut -d '.' -f 3- | cut -d '/' -f 1) whoisg1=$(~/.zen/astrXbian/zen/tools/ipfs_to_g1.py $ipfsnodeid) echo "" >> ~/.zen/ipfs/.${IPFSNODEID}/FRIENDS/index.html done echo "" >> ~/.zen/ipfs/.${IPFSNODEID}/FRIENDS/index.html ######################################################################## # ACTIVATE WORDPRESS CHANNEL ## TODO DEBUG (creates WP duplicates) ######################################################################## ## [[ $(which wp) ]] && ~/.zen/astrXbian/zen/wordpress_channel.sh # REFRESH IPNS SELF PUBLISH ######################################################################## ~/.zen/astrXbian/zen/ipns_self_publish.sh ######################################################################## exit 0