grillon
/
astrXbian
forked from axiom-team/astrXbian
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

DEBIAN and XBIAN compatible

This commit is contained in:
qo-op 2021-01-31 22:51:25 +01:00
parent 1479145722
commit e4216ba459
2 changed files with 119 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

116
ISOconfig.sh
View File

@ -1,12 +1,12 @@
#!/bin/bash
########################################################################
# Author: Fred (support@qo-op.com)
# Version: 2020.12.05
# Version: 0.2
# License: AGPL-3.0 (https://choosealicense.com/licenses/agpl-3.0/)
########################################################################
# AUTOMATIC version of interactive 1stRUNconfig.sh
# This script can run from ~/.config/autostart/Astroport_X_config.desktop
# IMPORTANT!!! ipfs MUST BE ALREADY RUNNING (.install/ipfs_alone.sh)
# IMPORTANT!!! ipfs MUST BE ALREADY RUNNING
########################################################################
# Create secret key files
# ~/.zen/secret.june
@ -18,10 +18,13 @@
[ $(id -u) -eq 0 ] && echo "RUN as root FORBIDDEN. Please run with user: $YOU" && exit 1
rm -f /tmp/A_booting_log.txt
ping -q -w 1 -c 1 `ip r | grep default | cut -d ' ' -f 3` > /dev/null && echo ok || (echo "NO INTERNET CONNEXION" && exit 1)
ping -q -w 1 -c 1 `ip r | grep default | cut -d ' ' -f 3` > /dev/null && echo ok || (echo "NO GATEWAY CONNEXION" && exit 1)
# UPDATE astrXbian code
[[ -d ~/.zen/astrXbian ]] && cd ~/.zen/astrXbian && git pull || exit 1
# CHECK IF CONFIG ALREADY DONE !! Remove ~/.zen/ipfs ~/.zen/secret ~/.zen/ipfs.sync
# CHECK IF CONFIG ALREADY DONE !!
# ~/.zen/ipfs ~/.zen/secret ~/.zen/ipfs.sync
if [[ -f ~/.zen/ipfs.sync ]]; then
echo "CONFIG ALREADY DONE.... logging init in /tmp/A_booting_log.txt"
source ~/.zen/ipfs.sync
@ -33,7 +36,6 @@ if [[ -f ~/.zen/ipfs.sync ]]; then
~/.zen/astrXbian/zen/gchange_IPFS_swarm.sh >> /tmp/A_booting_log.txt
sleep 10
~/.zen/astrXbian/zen/ipfs_SWARM_refresh.sh >> /tmp/A_booting_log.txt
exit 0
fi
@ -49,16 +51,15 @@ pepper="$(~/.zen/astrXbian/zen/tools/diceware.sh 3 | xargs)"
g1_salt="$salt"
g1_pepper="$pepper"
echo "CREATING /tmp/secret.june"
echo "FILLING /tmp/secret.june with ($g1_salt) ($g1_pepper)"
echo "$g1_salt" > /tmp/secret.june
echo "$g1_pepper" >> /tmp/secret.june
########################################################################
########################################################################
echo "CREATING /tmp/secret.dunikey"
echo "CREATING /tmp/secret.dunikey (https://cesium.app WALLET)"
########################################################################
python3 ~/.zen/astrXbian/zen/tools/key_create_dunikey.py "$g1_salt" "$g1_pepper"
g1pub=$(cat /tmp/secret.dunikey | grep "pub" | cut -d ' ' -f 2)
g1sec=$(cat /tmp/secret.dunikey | grep "sec" | cut -d ' ' -f 2)
@ -73,16 +74,18 @@ jq -r --arg PeerID "$PeerID" '.Identity.PeerID=$PeerID' ~/.ipfs/config > /tmp/co
jq -r --arg PrivKEY "$PrivKEY" '.Identity.PrivKey=$PrivKEY' /tmp/config.tmp > /tmp/config.ipfs
rm /tmp/config.tmp
#
# IPFSNODEID
IPFSNODEID=$PeerID
echo $IPFSNODEID
echo "IPFSNODEID=$IPFSNODEID"
## Declare directory transfered in IPFS
IPFS_sync_directory="$HOME/astroport"
mkdir -p $IPFS_sync_directory
########################################################################
# INSTALL KEYS
########################################################################
echo "INSTALL crypto identity in ~/.zen"
timestamp=$(date -u +%s%N | cut -b1-13)
[[ -f ~/.zen/secret.june ]] && mv ~/.zen/secret.june ~/.zen/secret.june.old.$timestamp
mv /tmp/secret.june ~/.zen/secret.june
@ -98,7 +101,7 @@ mv /tmp/config.ipfs ~/.ipfs/config
########################################################################
echo "INIT ~/.zen/ipfs/.${IPFSNODEID}"
echo "INIT ~/.zen/ipfs/.${IPFSNODEID} INDEX"
########################################################################
rm -Rf ~/.zen/ipfs
mkdir -p ~/.zen/ipfs/.${IPFSNODEID}/G1SSB
@ -107,51 +110,52 @@ mkdir -p ~/.zen/ipfs/.${IPFSNODEID}/G1SSB
# IPNS link to "pastebin list" http://localhost:8181/ipns/$IPNSKEY/xbian/$XZUID
########################################################################
XZUID=$(~/.zen/astrXbian/zen/tools/diceware.sh 1 | xargs)${RANDOM:0:2}$(~/.zen/astrXbian/zen/tools/diceware.sh 1 | xargs)
echo "NODE C+ NAME = $XZUID"
echo "SETTING GCHANGE+ PROFILE NAME = $XZUID"
mkdir -p ~/.zen/ipfs/xbian
echo "$XZUID" > ~/.zen/ipfs/.${IPFSNODEID}/_xbian.zuid
########################################################################
########################################################################
echo "CREATE + profile"
echo "CREATING GCHANGE+/CESIUM+ PROFILE"
########################################################################
~/.zen/astrXbian/zen/jaklis/jaklis.py -n "https://g1.data.e-is.pro" set --name "$XZUID" --avatar "/home/$USER/.zen/astrXbian/logo.png" #CESIUM+
~/.zen/astrXbian/zen/jaklis/jaklis.py -n "https://data.gchange.fr" set --name "$XZUID" --avatar "/home/$USER/.zen/astrXbian/logo.png" #GCHANGE+
~/.zen/astrXbian/zen/jaklis/jaklis.py -n "https://g1.data.e-is.pro" set --name "$XZUID" --avatar "/home/$USER/.zen/astrXbian/logo.png" #CESIUM+
### REVERT
# ~/.zen/astrXbian/zen/jaklis/jaklis.py -n "https://g1.data.e-is.pro" erase
# ~/.zen/astrXbian/zen/jaklis/jaklis.py -n "https://data.gchange.fr" erase
########################################################################
########################################################################
echo "BECOME FRIEND with A_boostrap_nodes.txt (1st bootstrap)"
echo "BECOME FRIEND with A_boostrap_nodes.txt"
########################################################################
for g1node in $(cat ~/.zen/astrXbian/A_boostrap_nodes.txt | grep -Ev "#") # remove comments
do
if [[ $g1node != "" ]]; then
echo "LIKING my BOOTSTRAP node : $g1node"
echo "LINKING TO BOOTSTRAP NODE : $g1node"
~/.zen/astrXbian/zen/jaklis/jaklis.py -n "https://g1.data.e-is.pro" like -p $g1node -s 5
~/.zen/astrXbian/zen/jaklis/jaklis.py -n "https://data.gchange.fr" like -p $g1node -s 5
### REVERT
# ~/.zen/astrXbian/zen/jaklis/jaklis.py -n "https://g1.data.e-is.pro" unlike -p 2jQUH4HfHxdTesjCjvMCx1VJgA5AnpuvrWRq1swfRdsS
# ~/.zen/astrXbian/zen/jaklis/jaklis.py -n "https://data.gchange.fr" unlike -p 2jQUH4HfHxdTesjCjvMCx1VJgA5AnpuvrWRq1swfRdsS
fi
done
### REVERT
# ~/.zen/astrXbian/zen/jaklis/jaklis.py -n "https://g1.data.e-is.pro" unlike -p 2jQUH4HfHxdTesjCjvMCx1VJgA5AnpuvrWRq1swfRdsS
# ~/.zen/astrXbian/zen/jaklis/jaklis.py -n "https://data.gchange.fr" unlike -p 2jQUH4HfHxdTesjCjvMCx1VJgA5AnpuvrWRq1swfRdsS
########################################################################
echo "RESTART ipfs"
echo "RESTARTING ipfs"
########################################################################
sudo service ipfs restart
echo ".... WAIT for SWARM to connect ..."
sleep 10
echo ".... ACTUAL SWARM PEERS ..."
ipfs swarm peers
########################################################################
echo 'EXTEND ~/.bashrc'
echo 'UPDATING ~/.bashrc'
########################################################################
~/.zen/astrXbian/.install/update_bashrc.sh "$XZUID"
echo "COPY .kodi template "
echo "UPGRADING ~/.kodi"
cp -Rf ~/.zen/astrXbian/.install/.kodi ~/
# cp -f ~/.zen/astrXbian/.install/.kodi/addons/plugin.video.vstream/resources/sites/astroport.py \
~/.kodi/addons/plugin.video.vstream/resources/sites/astroport.py
@ -169,21 +173,14 @@ sed -i "s/_IPFSNODEID_/$IPFSNODEID/g" ~/.kodi/addons/plugin.video.vstream/resour
#BACKUP source... to restore after Vstream upgrade
cp -f ~/.kodi/addons/plugin.video.vstream/resources/sites/astroport.py ~/.zen/
~/.zen/astrXbian/zen/gchange_IPFS_swarm.sh
~/.zen/astrXbian/zen/ipfs_SWARM_refresh.sh
########################################################################
echo 'SEND "ipfstryme" message'
echo 'Sending "ipfstryme" message'
########################################################################
echo "" > ~/.zen/ipfs/.${IPFSNODEID}/tryme.addr # ERASE
for tryme in $(ipfs id | jq -r .Addresses[]);
do
isLAN=$(echo $tryme | cut -f3 -d '/' | grep -E "(^127\.)|(^192\.168\.)|(^fd42\:)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^::1$)|(^[fF][cCdD])/")
[[ ! $isLAN && $tryme != "" ]] && echo "$tryme" >> ~/.zen/ipfs/.${IPFSNODEID}/tryme.addr && echo "$tryme"
done
~/.zen/astrXbian/zen/tools/add_externIP_to_ipfstryme.sh
echo 'SEND ipfstryme to A_boostrap_nodes.txt listed PUBs' # Add your bootstrap Pub here
########################################################################
echo 'Sending \"ipfstryme\" message to BOOTSTRAP nodes' # Add bootstrap in A_boostrap_nodes.txt
########################################################################
for g1node in $(cat ~/.zen/astrXbian/A_boostrap_nodes.txt | grep -Ev "#") # remove comments
do
if [[ $g1node != "" ]]; then
@ -194,21 +191,26 @@ fi
done
########################################################################
echo 'INSTALL Astroport cron_MINUTE'
echo "Synchronize GCHANGE+ with IPFS SWARM"
########################################################################
~/.zen/astrXbian/zen/gchange_IPFS_swarm.sh
~/.zen/astrXbian/zen/ipfs_SWARM_refresh.sh
########################################################################
echo 'Installing Astroport cron_MINUTE'
########################################################################
~/.zen/astrXbian/zen/cron_VRFY.sh
# Run only once: comment /etc/rc.local (su - xbian -c "~/.zen/astrXbian/ISOconfig.sh")
# sudo sed -i s/su/\#su/g /etc/rc.local
# BETTER NOT: Send new 'ipfstryme' message on each boot is done instead
#echo "CHANGE hostname"
########################################################################
#echo "CHANGE hostname"
########################################################################
#myname=$(hostname)
#sudo sed -i "s/$myname/$XZUID/g" /etc/hostname
#sudo sed -i "s/$myname/$XZUID/g" /etc/hosts
#### KEEP xbian hostname
echo "CHANGE DNS" # Avoid provider restrictions
########################################################################
echo "Changing your DNS with https://FFDN.org and https://opennic.org" # Avoid provider restrictions
########################################################################
sudo chattr -i /etc/resolv.conf
sudo cat > /tmp/resolv.conf <<EOF
domain home
@ -222,43 +224,47 @@ EOF
sudo mv /tmp/resolv.conf /etc/resolv.conf
sudo chattr +i /etc/resolv.conf
# WRITE ~/.zen/ipfs.sync CONFIG (meaning DONE)
########################################################################
echo "Writing ~/.zen/ipfs.sync" # meaning DONE
########################################################################
echo "IPFS_SYNC_DIR=$IPFS_sync_directory" > ~/.zen/ipfs.sync
# RESIZING / partition
# sudo btrfs filesystem resize max /
# DHT PUBSUB mode
########################################################################
echo "Activating ipfs DHT optimisations"
########################################################################
# DHT gossip PUBSUB mode
ipfs config Pubsub.Router gossipsub
# MAXSTORAGE = 1/2 available
availableDiskSize=$(df -P ~/ | awk 'NR>1{sum+=$4}END{print sum}')
diskSize="$((availableDiskSize / 2))"
ipfs config Datastore.StorageMax $diskSize
## Activate Rapid "ipfs p2p"
# Activate Rapid "ipfs p2p"
ipfs config --json Experimental.Libp2pStreamMounting true
ipfs config --json Experimental.P2pHttpProxy true
######### MAKE DEFAULT BOOTSTRAP TO oasis.astroport.com 2jQUH4HfHxdTesjCjvMCx1VJgA5AnpuvrWRq1swfRdsS ###########
# MAKE DEFAULT BOOTSTRAP TO oasis.astroport.com (2jQUH4HfHxdTesjCjvMCx1VJgA5AnpuvrWRq1swfRdsS) ###########
ipfs bootstrap rm --all
ipfs bootstrap add /dnsaddr/oasis.astroport.com/tcp/4001/ipfs/12D3KooWBYme2BsNUrtx4mEdNX6Yioa9AV7opWzQp6nrPs6ZKabN
ipfs bootstrap add /ip4/51.15.166.54/tcp/4001/p2p/12D3KooWBYme2BsNUrtx4mEdNX6Yioa9AV7opWzQp6nrPs6ZKabN
ipfs bootstrap add /ip4/51.15.166.54/udp/4001/quic/p2p/12D3KooWBYme2BsNUrtx4mEdNX6Yioa9AV7opWzQp6nrPs6ZKabN
ipfs bootstrap add /ip6/fe80::208:a2ff:fe0c:20d8/tcp/4001/p2p/12D3KooWBYme2BsNUrtx4mEdNX6Yioa9AV7opWzQp6nrPs6ZKabN
###########################################
# TODO: ADD some other bootstrap NODES
###########################################
# AVOID CONFLICT WITH KODI REMOTE
ipfs config Addresses.Gateway "/ip4/127.0.0.1/tcp/8181"
# RESTRICT $USER NOPASSWD sudo to fail2ban-client ONLY
sudo cp /etc/sudoers /etc/sudoers.bak
sudo head -n -1 /etc/sudoers > /tmp/sudoers # REMOVE LINE install.sh ADDED before
sudo echo "$USER ALL=(ALL) NOPASSWD:/usr/bin/fail2ban-client" >> /tmp/sudoers
sudo chown root:root /tmp/sudoers
sudo mv /tmp/sudoers /etc/sudoers
#sudo cp /etc/sudoers /etc/sudoers.bak
#sudo head -n -1 /etc/sudoers > /tmp/sudoers # REMOVE LINE install.sh ADDED before
#sudo echo "$USER ALL=(ALL) NOPASSWD:/usr/bin/fail2ban-client" >> /tmp/sudoers
#sudo chown root:root /tmp/sudoers
#sudo mv /tmp/sudoers /etc/sudoers
########################################################################
echo 'REBOOT NOW...'
# echo 'ONLY XBIAN REBOOT NOW...'
########################################################################
sudo reboot
[[ "$USER" == "xbian" ]] && sudo reboot
exit 0

87
install.sh
View File

@ -1,45 +1,53 @@
#!/bin/bash
########################################################################
# Version: 0.2
# License: AGPL-3.0 (https://choosealicense.com/licenses/agpl-3.0/)
########################################################################
{
[ $(id -u) -eq 0 ] && echo "RUN as root FORBIDDEN. Please run with regular user from sudo group." && exit 1
# Check requirements
echo "AstrXbian installer, for https://xbian.org"
## ONLY FOR xbian
[[ "$USER" != "xbian" ]] && exit 1
sudo apt-get update
sudo apt-get install git fail2ban inotify-tools curl net-tools libsodium23 libsodium-dev python3-dev python3-pip python3-setuptools python3-wheel mpack libssl-dev libffi-dev -y
sudo apt-get install build-essential qrencode jq bc gawk ffmpeg sqlite dnsutils -y
pip3 install cryptography Ed25519 base58 google protobuf
[ $(id -u) -eq 0 ] && echo "LANCEMENT root INTERDIT. Utilisez un simple utilisateur du groupe \"sudo\" SVP" && exit 1
[[ ! $(which kodi) ]] && echo "Installez KODI svp (https://kodi.tv/) puis relancez l'installation" && exit 1
# git clone astrXbian
# Check requirements
echo "AstrXbian installateur pour https://xbian.org et autres ditributions basées sur DEBIAN"
sudo apt-get update
sudo apt-get install git fail2ban inotify-tools curl net-tools libsodium* python3-dev python3-pip python3-setuptools python3-wheel mpack libssl-dev libffi-dev -y
sudo apt-get install build-essential qrencode jq bc gawk ffmpeg sqlite dnsutils -y
[[ ! $(which apache2)]] && sudo apt-get install mariadb-server nginx ssl-cert php-imap php-cli php-curl php-sqlite3 php-gd php-json php-xml php-mbstring php-gettext php-mysql php-fpm -y
pip3 install cryptography Ed25519 base58 google protobuf duniterpy
########################################################################
echo "Clonage git astrXbian depuis https://git.p2p.legal"
mkdir -p ~/.zen
cd ~/.zen
git clone https://git.p2p.legal/axiom-team/astrXbian.git
########################################################################
echo "Install .kodi default config"
echo "Configuration ASTROPORT de ~/.kodi"
cp -Rf ~/.zen/astrXbian/.install/.kodi ~/
########################################################################
echo "Install IPFS Swarm Layer"
~/.zen/astrXbian/.install/ipfs_alone.sh || exit 1
echo "Installation de IPFS https://ipfs.io"
~/.zen/astrXbian/.install/ipfs_alone.sh
########################################################################
echo "Setup jaklis CG+ communication tool"
echo "Configuration des communications avec GCHANGE+"
cd ~/.zen/astrXbian/zen/jaklis
./setup.sh
## XBIAN fail2ban ERROR correction ##
[[ "$USER" == "xbian" ]] && sudo sed -i "s/auth.log/faillog/g" /etc/fail2ban/paths-common.conf || echo "NOT XBIAN $USER"
#[....] Starting authentication failure monitor: fail2ban No file(s) found for glob /var/log/auth.log
# Failed during configuration: Have not found any log file for sshd jail failed!
### FOR fail2ban-client + ISOConfig.sh use ADD TO /etc/sudoers ###
sudo echo "$USER ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
# Under DEFCON level 5, Node activates fail2ban (zen/ipfs_SWARM_refresh.sh)
########################################################################
echo "Setup AstrXbian"
~/.zen/astrXbian/ISOconfig.sh
echo "Sécurisation DEFCON SUDOERS FAIL2BAN"
## XBIAN fail2ban ERROR correction ##
#[....] Starting authentication failure monitor: fail2ban No file(s) found for glob /var/log/auth.log
[[ "$USER" == "xbian" ]] && sudo sed -i "s/auth.log/faillog/g" /etc/fail2ban/paths-common.conf
### MODIFIYING /etc/sudoers ###
# DEFCON LEVEL < 5
sudo echo "$USER ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
# NODE activates fail2ban IN zen/ipfs_SWARM_refresh.sh
if [[ "$USER" == "xbian" ]]
then
echo "enable ipfs initV service autostart"
echo "enabling ipfs initV service autostart"
cd /etc/rc2.d && sudo ln -s ../init.d/ipfs S02ipfs
cd /etc/rc3.d && sudo ln -s ../init.d/ipfs S02ipfs
cd /etc/rc4.d && sudo ln -s ../init.d/ipfs S02ipfs
@ -50,14 +58,35 @@ then
cd /etc/rc6.d && sudo ln -s ../init.d/ipfs K01ipfs
fi
########################################################################
echo "Configuration ASTROPORT/KODI"
~/.zen/astrXbian/ISOconfig.sh
echo "Redémarrage des services..."
sudo service ipfs restart
sudo service fail2ban restart
echo "Installation complete !!
=============================
BIENVENUE DANS ASTROPORT/KODI
=============================
BIENVENUE DANS ASTROPORT
Utiliser
Connectez-vous sur https://gchange.fr avec vos identifiants
$(cat ~/.zen/secret.june)
Retrouvez-y vos amis, et échangez des étoiles avec eux.
Ajoutez vos vidéos avec ~/zen/astrXbian/ajouter_video.sh
________________________________________________________________________
Ajustez votre niveau de sécurité? DEFCON LEVEL $(cat ~/.zen/astrXbian/DEFCON)
\"$USER ALL=(ALL) NOPASSWD:/usr/bin/fail2ban-client\" dans /etc/sudoers
~/.zen/astrXbian/DEFCON
Participez à rendre le monde plus LIBRE, P2P et LEGAL
Retrouvez-nous sur https://copylaradio.com
Redemarrez l'ordinateur: sudo reboot
"
}