#!/bin/bash ######################################################################## # Author: Fred (support@qo-op.com) # Version: 2020.03.24 # License: AGPL-3.0 (https://choosealicense.com/licenses/agpl-3.0/) ######################################################################## MY_PATH="`dirname \"$0\"`" # relative MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized ME="${0##*/}" countMErunning=$(ps auxf --sort=+utime | grep -w $ME | grep -v -E 'color=auto|grep' | wc -l) [[ $countMErunning -gt 2 ]] && echo "$ME already running $countMErunning time" && exit 0 start=`date +%s` YOU=$(ps auxf --sort=+utime | grep -w ipfs | grep -v -E 'color=auto|grep' | tail -n 1 | cut -d " " -f 1) && [[ ! $YOU ]] && echo "ipfs NOT RUNNING. EXIT" && exit 1 G1PUB=$(cat ~/.zen/secret.dunikey | grep 'pub:' | cut -d ' ' -f 2) && [[ ! $G1PUB ]] && echo "ERREUR G1PUB. EXIT" && exit 1 IPFSNODEID=$(ipfs --timeout=20s id -f='\n') [[ ! $IPFSNODEID ]] && echo 'ERROR missing IPFS Node id !! IPFS is not installed !?' && exit 1 ######################################################################## ######################################################################## # This script is controling IPFS swarm # Sync friends peers ~/.zen/ipfs/ into ~/.zen/ipfs_swarm/.IPFSNODEID's/ directories # add not friend_of_mine IPs to fail2ban ## CREATES index.html to web publish ######################################################################## ######################################################################## [ ! -d ~/.zen/ipfs_swarm ] && mkdir -p ~/.zen/ipfs_swarm echo ' ___ _ _ __ __ _ _ _ _ _ _ __ | |_)|_(_ (_\ //\ |_)|\/| |_)|_|_|_)|_(_ |_| _|_| | __) __)\/\//--\| \| | | \|_| | \|___)| | ' echo "I am $IPFSNODEID CONTROLING MY SWARM" timestamp=$(date -u +%s%N | cut -b1-13) ######################################################################## # Delete "ipfs" & "ipfs_swarm" after reboot # [[ ! -f /tmp/swarm_cleaned ]] && rm -Rf ~/.zen/ipfs/* && rm -Rf ~/.zen/ipfs_swarm/ && mkdir -p ~/.zen/ipfs_swarm && echo "IPFS CLEANING OK" > /tmp/swarm_cleaned ######################################################################## [[ "$1" == "quick" ]] && echo "" > /tmp/A_swarm || cat ~/.zen/A_swarm_map.txt > /tmp/A_swarm rm /tmp/treated.ipfs.swarm touch /tmp/treated.ipfs.swarm ## RESET BOOTSTRAP LIST # ipfs bootstrap rm --all > /dev/null 2>&1 ######################################################################## ######################################################################## echo "******************************************************************" echo "REFRESHING MY OWN DATA FROM IPNS TO ~/.zen/ipfs_swarm" find /home/$YOU/.zen/ipfs_swarm/.$IPFSNODEID/ -type f -mtime +8 -exec rm '{}' \; find /home/$YOU/.zen/ipfs_swarm/.$IPFSNODEID/ -empty -type d -delete; ipfs get --output=/home/$YOU/.zen/ipfs_swarm/ /ipns/$IPFSNODEID ######################################################################## count=1 ipfs bootstrap > /tmp/ipfs_swarm_peers ipfs swarm peers >> /tmp/ipfs_swarm_peers rm ~/.zen/A_peering_peers.txt [[ ! -f ~/.ipfs/config.bak ]] && cp ~/.ipfs/config ~/.ipfs/config.bak ## Backup previous original cp ~/.ipfs/config ~/.ipfs/config.new ## Prepare Peering.Peers changes # for ipfsnodeid in $( (cat /tmp/ipfs_swarm_peers | grep -o '[^/]*$' && cat /tmp/A_swarm | grep -o '[^/]*$' ) | sort | uniq); ## TODO ACTIVATE IN DEFCON 4 for ipfsnodeid in $(cat ~/.zen/ipfs_swarm/.*/tryme.addr | grep -o '[^/]*$' | sort | uniq); do ## $ipfsnodeid already Treated ? [[ "$ipfsnodeid" == "$IPFSNODEID" ]] && continue [[ -f ~/.zen/ipfs_swarm/.$ipfsnodeid/_xbian.zuid ]] && XID=$(ipfs --timeout=20s cat /ipns/$ipfsnodeid/.$ipfsnodeid/_xbian.zuid) || XID='' [[ -f ~/.zen/ipfs_swarm/.$ipfsnodeid/G1SSB/_g1.gchange_title ]] && GZUID=$(cat ~/.zen/ipfs_swarm/.$ipfsnodeid/G1SSB/_g1.gchange_title) || GZUID='' # [[ "$XID" == "" ]] && ipfs swarm disconnect /ipfs/$ipfsnodeid ## NOT COMPLIANT FRIEND STATION # [[ $(cat /tmp/treated.ipfs.swarm | grep "$ipfsnodeid") ]] && continue ## TODO ACTIVATE IN DEFCON 4 # [[ $(cat ~/.zen/A_dead_swarm.txt | grep "$ipfsnodeid") ]] && echo "DEAD SWARM" && continue ## TODO ACTIVATE IN DEFCON 4 # control ip isLAN? peerline=$(cat ~/.zen/A_swarm_map.txt | grep "$ipfsnodeid" | grep '/quic/' | head -n 1) ## Prefer quic protocol addresses [[ ! $peerline ]] && peerline=$(cat /tmp/ipfs_swarm_peers | grep "$ipfsnodeid" | tail -n 1) ip=$(cat /tmp/ipfs_swarm_peers | grep "$ipfsnodeid" | grep '/quic/' | head -n 1 | awk -F '/' '{print $3}') && [[ ! $ip ]] && continue isLAN=$(echo $ip | cut -f3 -d '/' | grep -E "(^127\.)|(^192\.168\.)|(^fd42\:)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^::1$)|(^[fF][cCdD])/") nowdate=$(date) # Convert ipfsnodeid into g1pub (only for 12D adresses, others are not Astroport) [[ "${ipfsnodeid:0:2}" != "Qm" ]] && whoisg1=$(~/.zen/astrXbian/zen/tools/ipfs_to_g1.py $ipfsnodeid) || echo "$ipfsnodeid" >> ~/.zen/A_dead_swarm.txt echo "#############################################################" echo "### ANALYZING $ipfsnodeid ($ip) $XID $GZUID ###" echo "$peerline" myfriendpeer=$(cat ~/.zen/A_my_swarm.txt | grep $ipfsnodeid ) if [[ "$myfriendpeer" != "" ]]; then # _____ ____ ___ _____ _ _ ____ # | ___| _ \|_ _| ____| \ | | _ \ # | |_ | |_) || || _| | \| | | | | # | _| | _ < | || |___| |\ | |_| | # |_| |_| \_\___|_____|_| \_|____/ # # if [[ ! $(cat /tmp/ipfs_swarm_peers | grep $ipfsnodeid) ]]; then ipfs swarm connect "$peerline" if [ $? != 0 ]; then grep -vEi $ip ~/.zen/A_my_swarm.txt echo $ipfsnodeid >> ~/.zen/A_dead_swarm.txt echo "SEND MESSAGE ABOUT UNREACHABLE FRIEND $whoisg1 ($XID) ($GZUID)" ~/.zen/astrXbian/zen/tools/timeout.sh -t 12 ~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey -n "https://data.gchange.fr" send -d $G1PUB -t "ALERT" -m "Impossible de se synchroniser avec $whoisg1 ($XID) ($GZUID)" # KEEPING LAST 10 ALERT MESSAGES nbmessage=0 for messageid in $(~/.zen/astrXbian/zen/tools/timeout.sh -t 12 ~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey -n "https://data.gchange.fr" read -n300 -j | jq -r --arg friendKEY "$G1PUB" '.[] | select(.pubkey == $friendKEY)' | jq 'select(.title == "ALERT")' | jq -r '.id') do nbmessage=$((nbmessage+1)) [ $nbmessage -gt 10 ] && echo "Delete $nbmessage OLD 'ALERT' messages from $G1PUB" && ~/.zen/astrXbian/zen/tools/timeout.sh -t 12 ~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey -n "https://data.gchange.fr" delete -i $messageid && sleep 0.5 done continue fi fi ################################################################ ## Refresh bootstrap if XID exists if [[ "$XID" != "" ]]; then ipfs bootstrap rm "/ipfs/$ipfsnodeid" && ipfs bootstrap add "$peerline" || ipfs bootstrap rm "$peerline" ################################################################ ################################################################ echo "Removing 8 days older data from ~/.zen/ipfs_swarm/.$ipfsnodeid/" find /home/$YOU/.zen/ipfs_swarm/.$ipfsnodeid/ -type f -mtime +8 -exec rm '{}' \; find /home/$YOU/.zen/ipfs_swarm/.$ipfsnodeid/ -empty -type d -delete; ################################################################ echo "OK Friend SWARM REFRESH /ipns/$ipfsnodeid INTO ~/.zen/ipfs_swarm/" ipfs --timeout=360s get --output=/home/$YOU/.zen/ipfs_swarm/ /ipns/$ipfsnodeid ################################################################ if [ $? != 0 ]; then echo "TIMEOUT REACHED ___ REMOVE FROM .Peering.Peers "; # jq '.Peering.Peers |= map( if .ID=="'$ipfsnodeid'" then del(.) else . end )' ~/.ipfs/config.new > ~/.ipfs/config.wew && cp ~/.ipfs/config.wew ~/.ipfs/config.new else ################################################################ echo "@@ CREATING Peering.Peer @@" echo ".Peering.Peers += { \"Addrs\": [], \"ID\": \"'$ipfsnodeid'\" }" ################################################################ Addr=$(echo "$peerline" | rev | cut -d '/' -f 2- | rev ) IsAlreadythere=$(cat ~/.ipfs/config.new | grep \"$ipfsnodeid\") && echo $IsAlreadythere if [[ ! $IsAlreadythere ]]; then echo '{ "ID": "'$ipfsnodeid'", "Addrs": [] }' >> ~/.zen/A_peering_peers.txt #jq '.Peering.Peers? += { "Addrs": [], "ID": "'$ipfsnodeid'" }' ~/.ipfs/config.new > ~/.ipfs/config.wew && cp ~/.ipfs/config.wew ~/.ipfs/config.new jq '.Peering.Peers[.Peering.Peers| length] |= . + { "Addrs": [], "ID": "'$ipfsnodeid'" }' ~/.ipfs/config.new > ~/.ipfs/config.wew && cp ~/.ipfs/config.wew ~/.ipfs/config.new fi ################################################################ echo "## REFRESH stargates keys from my friend" ################################################################ mkdir -p ~/.zen/key/stargates/$whoisg1 ipfs --timeout=60s get --output=$HOME/.zen/key/stargates/$whoisg1/ /ipns/$ipfsnodeid/.$ipfsnodeid/FRIENDS/$G1PUB/ ## DECRYPT STARGATE KEYS if [[ $? == 0 ]]; then [[ -f $HOME/.zen/key/stargates/$whoisg1/stargate1.encrypt ]] && $MY_PATH/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/key/stargates/$whoisg1/stargate1.encrypt" -o "$HOME/.zen/key/stargates/$whoisg1/stargate1" [[ -f $HOME/.zen/key/stargates/$whoisg1/stargate2.encrypt ]] && $MY_PATH/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/key/stargates/$whoisg1/stargate2.encrypt" -o "$HOME/.zen/key/stargates/$whoisg1/stargate2" [[ -f $HOME/.zen/key/stargates/$whoisg1/stargate3.encrypt ]] && $MY_PATH/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/key/stargates/$whoisg1/stargate3.encrypt" -o "$HOME/.zen/key/stargates/$whoisg1/stargate3" [[ -f $HOME/.zen/key/stargates/$whoisg1/stargate4.encrypt ]] && $MY_PATH/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/key/stargates/$whoisg1/stargate4.encrypt" -o "$HOME/.zen/key/stargates/$whoisg1/stargate4" [[ -f $HOME/.zen/key/stargates/$whoisg1/stargate5.encrypt ]] && $MY_PATH/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/key/stargates/$whoisg1/stargate5.encrypt" -o "$HOME/.zen/key/stargates/$whoisg1/stargate5" ## KEYS COULD BE ADDED TO ~/.ipfs/keystore/ ? fi fi fi else # if [[ "$myfriendpeer" != "" ]]; # ____ _____ _____ ____ ___ _ _ # | _ \| ____| ___/ ___/ _ \| \ | | # | | | | _| | |_ | | | | | | \| | # | |_| | |___| _|| |__| |_| | |\ | # |____/|_____|_| \____\___/|_| \_| # [[ -f ~/.zen/DEFCON ]] && export DEFCON=$(cat ~/.zen/DEFCON) || export DEFCON=$(cat ~/.zen/astrXbian/DEFCON) # like in crom_MINUTE.sh echo "!!! UNKNOWN FRIEND !!! $ip ___ $ipfsnodeid ________ # DEFCON : $DEFCON " [[ -d ~/.zen/ipfs_swarm/.$ipfsnodeid ]] && rm -Rf ~/.zen/ipfs_swarm/.$ipfsnodeid && echo "REMOVE ipfs_swarm DIRECTORY" ip=$(cat /tmp/ipfs_swarm_peers | grep "$ipfsnodeid" | awk -F '/' '{print $3}' | head -n 1) isLAN=$(echo $ip | cut -f3 -d '/' | grep -E "(^127\.)|(^192\.168\.)|(^fd42\:)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^::1$)|(^[fF][cCdD])/") [[ $ip ]] && anybodyelseipfsid=$(cat /tmp/ipfs_swarm_peers | grep "$ip" | grep -Ev "$ipfsnodeid" | head -n 1 | rev | cut -d '/' -f 1 | rev ) [[ $anybodyelseipfsid ]] && isanybodyelseipmyfriend=$(cat ~/.zen/A_my_swarm.txt | grep $anybodyelseipfsid) ## AVOID BANNING IP IF A FRIEND IS IN SAME LAN WITH PUBLIC IP [[ $isanybodyelseipmyfriend ]] && echo "TODO: SEND MESSAGE TO $isanybodyelseipmyfriend WARNING ABOUT $ipfsnodeid SAME SEEN IP $ip" if [[ $ip && ! $isanybodyelseipmyfriend && ( $DEFCON < 5 ) && ! $isLAN ]] then if [[ $DEFCON -eq 4 ]]; then ## DEFCON 4 ### SECURITY CHOICE TO MAKE IN /etc/sudoers ### # $USER ALL=(ALL:ALL) NOPASSWD:ALL # $USER ALL=(ALL:ALL) NOPASSWD:/usr/bin/fail2ban-client sudo fail2ban-client add recidive 2>/dev/null 1>&2 sudo fail2ban-client start recidive sudo fail2ban-client set recidive bantime 36000 # 10 Hours bantime sudo fail2ban-client set recidive banip $ip # Show ALL banned IP sudo fail2ban-client status recidive fi ## DEFCON 2 # nmap NOT FRIEND ## DEFCON 1 # DDOS NOT FRIEND fi if [[ ! $isLAN ]]; then ipfs swarm disconnect "$peerline" fi ipfs bootstrap rm "$peerline" fi echo "$ipfsnodeid" >> /tmp/treated.ipfs.swarm done ######################################################################## ## FIND LOCAL IPFS NODE - SERACH FOR FOAF stargate replications ######################################################################## # SUBNET=$(ip route | head -n 3 | tail -n 1 | cut -d ' ' -f 1) # [[ ! $(which nmap) ]] && sudo apt-get install nmap -y && nmap --open -p 4001 $SUBNET ######################################################################## ######################################################################## ######################################################################## if [[ $DEFCON -eq 3 ]];######################################################### ######################################################################## then ## DEFCON 3 # ACTIVATE PRIVATE SMARM !! 1ST BOOTSRAP creates and send a key to every level3 friends he knows (PUB) # RUN ONCE ONLY if [[ ! -f ~/.ipfs/swarm.key.defcon3 ]]; then SWARMKEYnode=$(cat ~/.zen/astrXbian/A_boostrap_nodes.txt | grep -Ev "#" | head -n 1) ## FIRST BOOTSTRAP EMIT AND SEND swarm.key nodeid=${SWARMKEYnode##*/} KEYnode=$(~/.zen/astrXbian/zen/tools/ipfs_to_g1.py $nodeid) # I $G1PUB am designed to launch defcon3 if [[ "$KEYnode" == "$G1PUB" ]]; then ## CREATE swarm.key echo -e "/key/swarm/psk/1.0.0/\n/base16/\n `tr -dc 'a-f0–9' < /dev/urandom | head -c64`" > ~/.ipfs/swarm.key.defcon3 ## IDENTIFY LEVEL 3 FRIENDS ## CONTACT FRIENDS AND MAKE APPOINTEMENT !! for g1id in $(ls ~/.zen/ipfs/.$IPFSNODEID/FRIENDS); do [[ "$g1id" == "index.html" ]] && continue ipfsnodeid=$(~/.zen/astrXbian/zen/tools/g1_to_ipfs.py $g1id) [[ "$ipfsnodeid" == "" ]] && continue echo "BLOB-Brain Friend RENEW /ipns/$ipfsnodeid TO ~/.zen/ipfs_swarm/" rm - Rf /home/$YOU/.zen/ipfs_swarm/$ipfsnodeid ipfs --timeout=60s get --output=/home/$YOU/.zen/ipfs_swarm/ /ipns/$ipfsnodeid [[ -f /home/$YOU/.zen/ipfs_swarm/.$ipfsnodeid/_xbian.zuid ]] && zuid=$(cat /home/$YOU/.zen/ipfs_swarm/.$ipfsnodeid/_xbian.zuid) || continue stars=$(cat ~/.zen/ipfs/.$IPFSNODEID/FRIENDS/$g1id/stars.level); G1BALANCE=$(~/.zen/astrXbian/zen/jaklis/jaklis.py balance -p $g1pub) && [[ "$G1BALANCE" == "null" ]] && G1BALANCE=0 || G1BALANCE=$(echo "$G1BALANCE" | cut -d '.' -f 1) echo "DEFCON3 $stars STARS $g1pub ($G1BALANCE G1) /ipns/$ipfsnodeid" >> ~/.zen/alert ## MESSAGE SENT ONLY TO ONLINE LEVEL 3 FRIENDS [ $stars -gt 3 ] && ~/.zen/astrXbian/zen/tools/timeout.sh -t 12 ~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey -n "https://data.gchange.fr" send -d $g1id -t "DEFCON3" -f ~/.ipfs/swarm.key.defcon3 done ## SEULE LA STATION SOURCE DU CODE PEUT ACTIVER DEFON3. ## LE SWARM EST ALORS MANUELLEMENT PASSE EN PRIVE ## Chaque ami prévenu reçoit le fichier à placer dans ~/.ipfs/swarm.key ## Le premier BOOTSTRAP ~/.zen/astrXbian/A_boostrap_nodes.txt ## lance un RDV sur FRAMADATE, ou autre... fi fi fi ######################################################################## # REFRESH Film Serie Anime Youtube ${PREFIX}ASTRXBIAN index ######################################################################## echo "******************************************************************" echo "### REFRESH Film Serie Anime Youtube ${PREFIX}ASTRXBIAN ###" [[ ! -d ~/.zen/ipfs/.${IPFSNODEID}/astroport/kodi/vstream ]] && mkdir -p ~/.zen/ipfs/.${IPFSNODEID}/astroport/kodi/vstream/ AXID=$(cat ~/.zen/ipfs/.$IPFSNODEID/_xbian.zuid); for PREFIX in F S A Y do echo "CAT;TMDB;YEAR;TITLE;SAISON;GENRES;GROUPES;RES;URLS=http://127.0.0.1:8181" > ~/.zen/ipfs/.${IPFSNODEID}/${PREFIX}ASTRXBIAN cat ~/.zen/ipfs_swarm/.12D*/astroport/kodi/vstream/${PREFIX}ASTRXBIAN | sed "s/anime;/film;/g" | sed '/^[[:space:]]*$/d' | grep -Ev "CAT;TMDB" | sort | uniq >> ~/.zen/ipfs/.${IPFSNODEID}/${PREFIX}ASTRXBIAN done ## CORRECT ACCESS RIGHTS chmod 664 ~/.zen/ipfs_swarm/.*/astroport/kodi/vstream/*ASTRXBIAN ## www-data FOR www ACCESS chown $YOU:www-data ~/.zen/ipfs/.$IPFSNODEID/*ASTRXBIAN chmod 664 ~/.zen/ipfs/.$IPFSNODEID/*ASTRXBIAN ## CORRECT SWARM FILE ACCESS RIGHTS to www-data chmod 644 /home/$YOU/.zen/{ipfs_swarm}/.*/astroport/kodi/vstream/*ASTRXBIAN # Remove old database # rm ~/.kodi/userdata/addon_data/plugin.video.vstream/astroport_cache.db ######################################################################## ## RENEW LIST OF FRIENDS index.html ######################################################################## # REFRESH tiddlywiki WALL OF FRIENDS /ipns/${IPFSNODEID}/.${IPFSNODEID}/FRIENDS/index.html ######################################################################## zuid="$(cat ~/.zen/ipfs/.$IPFSNODEID/_xbian.zuid)" updated="$(date +"%Y-%m-%d_%H:%M")" echo "******************************************************************" echo "### PUBLISH tiddlywiki WALL OF FRIENDS ###" echo " - $zuid Friends - ${IPFSNODEID}

$zuid (gchange) x , Amis Astroport ($updated)

$\"$whoisg1\"$
$ipfsnodeid

Disk :: $(cat ~/.zen/ipfs_swarm/.$ipfsnodeid/disk.perf) :: $(cat ~/.zen/ipfs_swarm/.$ipfsnodeid/disk.bytes) octets
Ping :: $(cat ~/.zen/ipfs/.$IPFSNODEID/FRIENDS/$whoisg1/ping.average.txt)

" >> ~/.zen/ipfs/.${IPFSNODEID}/FRIENDS/index.html ######################################################################## # ACTIVATE WORDPRESS CHANNEL ## TODO DEBUG (creates WP duplicates) ######################################################################## ## [[ $(which wp) ]] && ~/.zen/astrXbian/zen/wordpress_channel.sh ## CLEAN RUN p4n.swarmscraper.sh ~/.zen/astrXbian/actions/p4n.swarmscraper.sh # IPNS SELF PUBLISH = mise à jour balise Station ######################################################################## ~/.zen/astrXbian/zen/ipns_self_publish.sh ######################################################################## echo "#### EXCECUTION TIME" end=`date +%s` echo Execution time was `expr $end - $start` seconds. echo "########################################################################" exit 0