You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
186 lines
9.8 KiB
186 lines
9.8 KiB
#!/bin/bash |
|
######################################################################## |
|
# Author: Fred (support@qo-op.com) |
|
# Version: 2020.03.24 |
|
# License: AGPL-3.0 (https://choosealicense.com/licenses/agpl-3.0/) |
|
######################################################################## |
|
MY_PATH="`dirname \"$0\"`" # relative |
|
MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized |
|
ME="${0##*/}" |
|
YOU=$(ps auxf --sort=+utime | grep -w ipfs | grep -v -E 'color=auto|grep' | tail -n 1 | cut -d " " -f 1) && [[ ! $YOU ]] && echo "ipfs NOT RUNNING. EXIT" && exit 1 |
|
G1PUB=$(cat ~/.zen/secret.dunikey | grep 'pub:' | cut -d ' ' -f 2) && [[ ! $G1PUB ]] && echo "ERREUR G1PUB. EXIT" && exit 1 |
|
IPFSNODEID=$(ipfs id -f='<id>\n') && [[ "$IPFSNODEID" == "" ]] && echo 'ERROR missing IPFS Node id !! IPFS is not installed !?' && exit 1 |
|
######################################################################## |
|
######################################################################## |
|
# This script is controling IPFS swarm |
|
# Sync friends peers ~/.zen/ipfs/ into ~/.zen/ipfs_swarm/.IPFSNODEID's/ directories |
|
# add not friend_of_mine IPs to fail2ban |
|
######################################################################## |
|
######################################################################## |
|
mkdir -p ~/.zen/ipfs_swarm |
|
echo ' |
|
___ _ _ __ __ _ _ _ _ _ _ __ |
|
| |_)|_(_ (_\ //\ |_)|\/| |_)|_|_|_)|_(_ |_| |
|
_|_| | __) __)\/\//--\| \| | | \|_| | \|___)| | |
|
|
|
' |
|
echo "I am $IPFSNODEID CONTROLING MY SWARM" |
|
timestamp=$(date -u +%s%N | cut -b1-13) |
|
|
|
######################################################################## |
|
# Delete "ipfs" & "ipfs_swarm" after reboot |
|
# [[ ! -f /tmp/swarm_cleaned ]] && rm -Rf ~/.zen/ipfs/* && rm -Rf ~/.zen/ipfs_swarm/ && mkdir -p ~/.zen/ipfs_swarm && echo "IPFS CLEANING OK" > /tmp/swarm_cleaned |
|
######################################################################## |
|
[[ "$1" == "quick" ]] && echo "" > /tmp/A_swarm || cat ~/.zen/A_swarm_map.txt > /tmp/A_swarm |
|
rm /tmp/treated.ipfs.swarm |
|
touch /tmp/treated.ipfs.swarm |
|
|
|
## RESET BOOTSTRAP LIST |
|
ipfs bootstrap rm --all > /dev/null 2>&1 |
|
|
|
######################################################################## |
|
######################################################################## |
|
echo "******************************************************************" |
|
echo "RETRIEVING MY OWN DATA FROM IPNS TO ~/.zen/ipfs_swarm" |
|
ipfs get --output=/home/$YOU/.zen/ipfs_swarm/ /ipns/$IPFSNODEID |
|
######################################################################## |
|
count=1 |
|
for ipfsnodeid in $( (ipfs swarm peers | grep -o '[^/]*$' && cat /tmp/A_swarm | grep -o '[^/]*$' ) | sort | uniq); |
|
do |
|
## $ipfsnodeid already Treated ? |
|
[[ -f ~/.zen/ipfs_swarm/.$ipfsnodeid/_xbian.zuid ]] && XID=$(cat ~/.zen/ipfs_swarm/.$ipfsnodeid/_xbian.zuid) |
|
[[ -f ~/.zen/ipfs_swarm/.$ipfsnodeid/G1SSB/_g1.gchange_title ]] && XZUID=$(cat ~/.zen/ipfs_swarm/.$ipfsnodeid/G1SSB/_g1.gchange_title) |
|
[[ $(cat /tmp/treated.ipfs.swarm | grep "$ipfsnodeid") ]] && continue |
|
[[ $(cat ~/.zen/A_dead_swarm.txt | grep "$ipfsnodeid") ]] && continue |
|
[[ "$ipfsnodeid" == "$IPFSNODEID" ]] && continue |
|
|
|
# Convert ipfsnodeid into g1pub |
|
whoisg1=$(~/.zen/astrXbian/zen/tools/ipfs_to_g1.py $ipfsnodeid) |
|
|
|
# control ip isLAN? |
|
peerline=$(cat ~/.zen/A_swarm_map.txt | grep "$ipfsnodeid" | head -n 1) |
|
[[ ! $peerline ]] && peerline=$(ipfs swarm peers | grep "$ipfsnodeid" | head -n 1) |
|
ip=$(cat ~/.zen/A_swarm_map.txt | grep "$ipfsnodeid" | awk -F '/' '{print $3}' | head -n 1) |
|
isLAN=$(echo $ip | cut -f3 -d '/' | grep -E "(^127\.)|(^192\.168\.)|(^fd42\:)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^::1$)|(^[fF][cCdD])/") |
|
|
|
nowdate=$(date) |
|
|
|
echo "#############################################################" |
|
echo "### ANALYZING $whoisg1 = $ipfsnodeid ($ip) $XID $XZUID ###" |
|
echo "$peerline" |
|
myfriendpeer=$(cat ~/.zen/A_my_swarm.txt | grep $ipfsnodeid ) |
|
if [[ "$myfriendpeer" != "" ]]; then |
|
if [[ ! $(ipfs swarm peers | grep $ipfsnodeid) ]]; then |
|
ipfs swarm connect "$peerline" |
|
if [ $? != 0 ]; then |
|
grep -vEi $ip ~/.zen/A_my_swarm.txt |
|
echo $ipfsnodeid >> ~/.zen/A_dead_swarm.txt |
|
echo "SEND MESSAGE ABOUT UNREACHABLE FRIEND $whoisg1 ($XID) ($XZUID)" |
|
~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey send -d $G1PUB -t "ALERT" -m "Impossible de se synchroniser avec $whoisg1 ($XID) ($XZUID)" |
|
# KEEPING LAST 10 ALERT MESSAGES |
|
nbmessage=0 |
|
for messageid in $(~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey read -n300 -j | jq -r --arg friendKEY "$G1PUB" '.[] | select(.pubkey == $friendKEY)' | jq 'select(.title == "ALERT")' | jq -r '.id') |
|
do |
|
nbmessage=$((nbmessage+1)) |
|
[ $nbmessage -gt 10 ] && echo "Delete $nbmessage OLD 'ALERT' messages from $G1PUB" && ~/.zen/astrXbian/zen/jaklis/jaklis.py -k ~/.zen/secret.dunikey delete -i $messageid && sleep 0.5 |
|
done |
|
continue |
|
fi |
|
fi |
|
ipfs bootstrap add "$peerline" |
|
echo "OK Friend REFRESH /ipns/$ipfsnodeid INTO ~/.zen/ipfs_swarm/" |
|
$MY_PATH/tools/timeout.sh -t 12 ipfs get --output=/home/$YOU/.zen/ipfs_swarm/ /ipns/$ipfsnodeid |
|
if [ $? != 0 ]; then |
|
echo "TIMEOUT REACHED ___ REMOVE $ipfsnodeid FROM ~/.zen/A_my_swarm.txt"; |
|
else |
|
################################################################ |
|
## REFRESH stargates keys from my friend |
|
################################################################ |
|
mkdir -p ~/.zen/key/stargates/$whoisg1 |
|
ipfs get --output=$HOME/.zen/key/stargates/$whoisg1/ /ipns/$ipfsnodeid/.$ipfsnodeid/FRIENDS/$G1PUB/ |
|
## DECRYPT |
|
[[ -f $HOME/.zen/key/stargates/$whoisg1/stargate1.encrypt ]] && $MY_PATH/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/key/stargates/$whoisg1/stargate1.encrypt" -o "$HOME/.zen/key/stargates/$whoisg1/stargate1" |
|
[[ -f $HOME/.zen/key/stargates/$whoisg1/stargate2.encrypt ]] && $MY_PATH/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/key/stargates/$whoisg1/stargate2.encrypt" -o "$HOME/.zen/key/stargates/$whoisg1/stargate2" |
|
[[ -f $HOME/.zen/key/stargates/$whoisg1/stargate3.encrypt ]] && $MY_PATH/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/key/stargates/$whoisg1/stargate3.encrypt" -o "$HOME/.zen/key/stargates/$whoisg1/stargate3" |
|
[[ -f $HOME/.zen/key/stargates/$whoisg1/stargate4.encrypt ]] && $MY_PATH/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/key/stargates/$whoisg1/stargate4.encrypt" -o "$HOME/.zen/key/stargates/$whoisg1/stargate4" |
|
[[ -f $HOME/.zen/key/stargates/$whoisg1/stargate5.encrypt ]] && $MY_PATH/tools/natools.py decrypt -f pubsec -k "$HOME/.zen/secret.dunikey" -i "$HOME/.zen/key/stargates/$whoisg1/stargate5.encrypt" -o "$HOME/.zen/key/stargates/$whoisg1/stargate5" |
|
fi |
|
else |
|
[[ -f ~/.zen/DEFCON ]] && export DEFCON=$(cat ~/.zen/DEFCON) || export DEFCON=$(cat ~/.zen/astrXbian/DEFCON) # like in crom_MINUTE.sh |
|
echo "!!! UNKNOWN FRIEND !!! $ip ___ $ipfsnodeid ________ # DEFCON : $DEFCON " |
|
rm -Rf ~/.zen/ipfs_swarm/.$ipfsnodeid |
|
if [[ ( $DEFCON < 5 ) && ! $isLAN ]] |
|
then |
|
## DEFCON 4 |
|
### SECURITY CHOICE TO MAKE IN /etc/sudoers ### |
|
# $USER ALL=(ALL:ALL) NOPASSWD:ALL |
|
# $USER ALL=(ALL:ALL) NOPASSWD:/usr/bin/fail2ban-client |
|
sudo fail2ban-client add recidive 2>/dev/null 1>&2 |
|
sudo fail2ban-client start recidive |
|
sudo fail2ban-client set recidive banip $ip |
|
# Show ALL banned IP |
|
sudo fail2ban-client status recidive |
|
|
|
## DEFCON 3 |
|
# Ban all known ipfsnodeid ip |
|
|
|
## DEFCON 2 |
|
# nmap NOT FRIEND |
|
|
|
## DEFCON 1 |
|
# DDOS NOT FRIEND |
|
|
|
fi |
|
if [[ ! $isLAN ]]; then |
|
ipfs swarm disconnect "$peerline" |
|
ipfs bootstrap rm "$peerline" |
|
fi |
|
fi |
|
echo "$ipfsnodeid" >> /tmp/treated.ipfs.swarm |
|
done |
|
|
|
######################################################################## |
|
# REFRESH Film Serie Anime Youtube ${PREFIX}ASTRXBIAN index |
|
######################################################################## |
|
echo "******************************************************************" |
|
echo "### REFRESH Film Serie Anime Youtube ${PREFIX}ASTRXBIAN ###" |
|
mkdir -p ~/.zen/ipfs/.${IPFSNODEID}/astroport/kodi/vstream/ |
|
AXID=$(cat ~/.zen/ipfs/.$IPFSNODEID/_xbian.zuid); |
|
|
|
for PREFIX in F S A Y |
|
do |
|
echo "CAT;TMDB;YEAR;TITLE;SAISON;GENRES;GROUPES;RES;URLS=http://127.0.0.1:8181" > ~/.zen/ipfs/.${IPFSNODEID}/${PREFIX}ASTRXBIAN |
|
cat ~/.zen/ipfs_swarm/.12D*/astroport/kodi/vstream/${PREFIX}ASTRXBIAN | sed "s/anime;/film;/g" | sed '/^[[:space:]]*$/d' | grep -Ev "CAT;TMDB" | sort | uniq >> ~/.zen/ipfs/.${IPFSNODEID}/${PREFIX}ASTRXBIAN |
|
done |
|
# Remove old database |
|
# rm ~/.kodi/userdata/addon_data/plugin.video.vstream/astroport_cache.db |
|
|
|
######################################################################## |
|
# REFRESH tiddlywiki WALL OF FRIENDS |
|
######################################################################## |
|
echo "******************************************************************" |
|
echo "### PUBLISH tiddlywiki WALL OF FRIENDS ###" |
|
echo "<html><body>" > ~/.zen/ipfs/.${IPFSNODEID}/FRIENDS/index.html |
|
for wiki in $(ls ~/.zen/ipfs_swarm/.12D*/index.html 2>/dev/null); do |
|
ipfsnodeid=$(echo $wiki | cut -d '.' -f 3- | cut -d '/' -f 1) |
|
whoisg1=$(~/.zen/astrXbian/zen/tools/ipfs_to_g1.py $ipfsnodeid) |
|
|
|
echo "<iframe id=\"$ipfsnodeid\" |
|
title='tiddlywiki $whoisg1' |
|
width='600' |
|
src=\"http://127.0.0.1:8181/ipns/$ipfsnodeid/.$ipfsnodeid/index.html\"> |
|
</iframe>" >> ~/.zen/ipfs/.${IPFSNODEID}/FRIENDS/index.html |
|
done |
|
echo "</body></html>" >> ~/.zen/ipfs/.${IPFSNODEID}/FRIENDS/index.html |
|
|
|
######################################################################## |
|
# ACTIVATE WORDPRESS CHANNEL |
|
######################################################################## |
|
~/.zen/astrXbian/zen/wordpress_channel.sh |
|
|
|
# REFRESH IPNS SELF PUBLISH |
|
######################################################################## |
|
~/.zen/astrXbian/zen/ipns_self_publish.sh |
|
######################################################################## |
|
|
|
exit 0
|
|
|