many
This commit is contained in:
parent
fee08bdd59
commit
f4594c90b3
12
Taskfile.yml
12
Taskfile.yml
|
|
@ -50,18 +50,6 @@ tasks:
|
|||
- sudo cp mailu-f2b/fail2ban-override.conf /etc/systemd/system/fail2ban.service.d/override.conf
|
||||
- sudo sudo systemctl daemon-reload
|
||||
- sudo systemctl restart fail2ban
|
||||
sources:
|
||||
- mailu-f2b/fail2ban-bad-auth-filter.conf
|
||||
- mailu-f2b/fail2ban-bad-auth-jail.conf
|
||||
- mailu-f2b/fail2ban-sshd-jail.conf
|
||||
- mailu-f2b/fail2ban-docker-action.conf
|
||||
- mailu-f2b/fail2ban-override.conf
|
||||
generates:
|
||||
- /etc/fail2ban/filter.d/bad-auth.conf
|
||||
- /etc/fail2ban/jail.d/bad-auth.conf
|
||||
- /etc/fail2ban/jail.d/sshd.conf
|
||||
- /etc/fail2ban/action.d/docker-action.conf
|
||||
- /etc/systemd/system/fail2ban.service.d/override.conf
|
||||
preconditions:
|
||||
- sh: 'command -v fail2ban-server'
|
||||
|
||||
|
|
|
|||
|
|
@ -2,10 +2,10 @@
|
|||
enabled = true
|
||||
backend = systemd
|
||||
filter = bad-auth
|
||||
bantime = 1w
|
||||
bantime = 1h
|
||||
bantime.increment = true
|
||||
bantime.factor = 2
|
||||
bantime.maxtime = 128w
|
||||
findtime = 86400
|
||||
findtime = 3600
|
||||
maxretry = 3
|
||||
action = docker-action
|
||||
|
|
|
|||
|
|
@ -1,8 +1,8 @@
|
|||
[sshd]
|
||||
enabled = true
|
||||
bantime = 1w
|
||||
bantime = 1h
|
||||
bantime.increment = true
|
||||
bantime.factor = 2
|
||||
bantime.maxtime = 128w
|
||||
findtime = 86400
|
||||
findtime = 3600
|
||||
maxretry = 3
|
||||
|
|
|
|||
|
|
@ -7,6 +7,8 @@ if [[ ! -f docker-compose.yml ]]; then
|
|||
exit 1
|
||||
fi
|
||||
|
||||
INSTALL="nextc-install.log"
|
||||
|
||||
source .env
|
||||
|
||||
P1="sudo docker compose exec -u 1000"
|
||||
|
|
@ -19,8 +21,8 @@ if [[ $? -eq 0 && -n $RE ]]; then
|
|||
if [[ -d $DATA/ncdata/$USERNAME ]]; then printf "Files exist for user $USERNAME\n"; exit 1; fi
|
||||
|
||||
LOG=""
|
||||
if [[ -f install.log ]]; then
|
||||
LOG=$(cat install.log)
|
||||
if [[ -f "${INSTALL}" ]]; then
|
||||
LOG=$(cat "${INSTALL}")
|
||||
ROOTPASS="${LOG#*: }"
|
||||
printf "Found existing database password\n"
|
||||
else
|
||||
|
|
@ -40,7 +42,7 @@ if [[ $? -eq 0 && -n $RE ]]; then
|
|||
RE=$($P1 nextc-db bash -c "mysqladmin -u root password $ROOTPASS")
|
||||
if [[ $? -eq 0 ]]; then
|
||||
printf "Root password changed\n"
|
||||
printf "ROOTPASS: $ROOTPASS\n" > install.log
|
||||
printf "ROOTPASS: $ROOTPASS\n" > "${INSTALL}"
|
||||
else
|
||||
printf "Error trying to set password\n"
|
||||
exit 1
|
||||
|
|
@ -51,16 +53,22 @@ if [[ $? -eq 0 && -n $RE ]]; then
|
|||
--database-host nextc-db --database-name ncdb --database-user root \
|
||||
--database-pass $ROOTPASS --admin-user $USERNAME --admin-pass $USERPASS --data-dir /ncdata")
|
||||
if [[ $? -eq 0 ]]; then
|
||||
printf "USERNAME: $USERNAME\nUSERPASS: $USERPASS\n" >> install.log
|
||||
printf "USERNAME: $USERNAME\nUSERPASS: $USERPASS\n" >> "${INSTALL}"
|
||||
printf "Install success\n"
|
||||
else
|
||||
printf "Error installing nextcloud\n"
|
||||
printf "Error installing nextcloud: $RE\n"
|
||||
exit 1;
|
||||
fi
|
||||
fi
|
||||
|
||||
read -p "Enter Trusted domain: " DOMAIN
|
||||
|
||||
RE=$($P1 nextc bash -c "$P2 config:system:set trusted_domains 1 --value=nextc")
|
||||
if [[ $? -eq 0 ]]; then
|
||||
printf "Trusted Domain nextc set\n"
|
||||
else
|
||||
exit 1;
|
||||
fi
|
||||
RE=$($P1 nextc bash -c "$P2 config:system:set trusted_domains 2 --value=$DOMAIN")
|
||||
if [[ $? -eq 0 ]]; then
|
||||
printf "Trusted Domain $DOMAIN set\n"
|
||||
|
|
|
|||
|
|
@ -0,0 +1,110 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -o xtrace
|
||||
|
||||
if [[ ! -f docker-compose.yml ]]; then
|
||||
printf "Needs to be run from compose directory\n"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
INSTALL="piwigo-install.log"
|
||||
|
||||
source .env
|
||||
|
||||
P1="sudo docker compose exec -u 1000"
|
||||
P2="cd /gallery && REMOTE_ADDR=127.0.0.1 php --run=\"parse_str(\$argv[1], \$_POST); include('install.php');\""
|
||||
|
||||
#RE=$($P1 nextc bash -c "$P2 status" |grep "installed: false")
|
||||
#if [[ $? -ne 0 || -z $RE ]]; then
|
||||
# printf "
|
||||
# exit
|
||||
#fi
|
||||
|
||||
LOG=""
|
||||
if [[ -f "${INSTALL}" ]]; then
|
||||
readarray -t LOG < "${INSTALL}"
|
||||
if [[ -n "${LOG[0]}" ]]; then
|
||||
ROOTPASS="${LOG[0]#*: }"
|
||||
printf "Found existing database password\n"
|
||||
fi
|
||||
else
|
||||
ROOTPASS="$(LC_ALL=C </dev/urandom tr -dc A-Za-z0-9 | head -c 10)"
|
||||
fi
|
||||
|
||||
if [[ -f "${INSTALL}" ]]; then
|
||||
readarray -t LOG < "${INSTALL}"
|
||||
if [[ -n "${LOG[1]}" && -n "${LOG[2]}" && -n "${LOG[3]}" ]]; then
|
||||
USERNAME="${LOG[1]#*: }"
|
||||
USERPASS="${LOG[2]#*: }"
|
||||
USERMAIL="${LOG[3]#*: }"
|
||||
else
|
||||
read -p "Enter Admin name: " USERNAME
|
||||
if [[ -z $USERNAME ]]; then printf "Nothing in username\n"; exit; fi
|
||||
read -p "Enter Amdin email: " USERMAIL
|
||||
if [[ -z $USERMAIL ]]; then printf "Nothing in email\n"; exit; fi
|
||||
USERPASS="$(LC_ALL=C </dev/urandom tr -dc A-Za-z0-9 | head -c 4)"
|
||||
fi
|
||||
fi
|
||||
|
||||
printf "Admin Name: $USERNAME\n"
|
||||
printf "Admin Pass: $USERPASS\n"
|
||||
printf "Admin Email: $USERMAIL\n"
|
||||
printf "Database Password: $ROOTPASS\n"
|
||||
printf "\n"
|
||||
read -r -s -N 1 -p "Press 'Enter' to continue " ENTER
|
||||
if [[ $ENTER != $'\n' ]]; then exit; fi
|
||||
printf "\n"
|
||||
|
||||
if [[ -z $LOG ]]; then
|
||||
RE=$($P1 piwigo-db bash -c "mysqladmin -u root password $ROOTPASS")
|
||||
if [[ $? -eq 0 ]]; then
|
||||
printf "Root password changed\n"
|
||||
else
|
||||
printf "Error trying to set password\n"
|
||||
exit 1
|
||||
fi
|
||||
RE=$($P1 piwigo-db bash -c "mysql -u root p$ROOTPASS < \"create database piwigo;\"")
|
||||
if [[ $? -eq 0 ]]; then
|
||||
printf "Database created.\n"
|
||||
else
|
||||
printf "Error trying to create database\n"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
printf "ROOTPASS: $ROOTPASS\n" > "${INSTALL}"
|
||||
|
||||
ARGV1A="language=en_GB&dbhost=piwigo-db&dbuser=root&dbpasswd=${ROOTPASS}&dbname=piwigo&prefix=piwigo_&"
|
||||
ARGV1B="admin_name=${USERNAME}&admin_pass1=${USERPASS}&admin_pass2=${USERPASS}&admin_mail=${USERMAIL}&install=Start%20installation"
|
||||
ARG="${ARGV1A}${ARGV1B}"
|
||||
printf "$P1 piwigo bash -c \"$P2 '${ARG}'\"\n"
|
||||
read -r -s -N 1 -p "Press 'Enter' to continue " ENTER
|
||||
if [[ $ENTER != $'\n' ]]; then exit; fi
|
||||
printf "\n"
|
||||
|
||||
RE=$($P1 piwigo bash -c "$P2 '${ARG}'" > /dev/null)
|
||||
if [[ $? -eq 0 ]]; then
|
||||
printf "USERNAME: $USERNAME\nUSERPASS: $USERPASS\nUSERMAIL: $USERMAIL\n" >> "${INSTALL}"
|
||||
printf "Install success\n"
|
||||
else
|
||||
printf "Error installing piwigo: $RE\n"
|
||||
exit 1;
|
||||
fi
|
||||
#fi
|
||||
|
||||
#read -p "Enter Trusted domain: " DOMAIN
|
||||
|
||||
#RE=$($P1 nextc bash -c "$P2 config:system:set trusted_domains 1 --value=nextc")
|
||||
#if [[ $? -eq 0 ]]; then
|
||||
# printf "Trusted Domain nextc set\n"
|
||||
#else
|
||||
# exit 1;
|
||||
#fi
|
||||
#RE=$($P1 nextc bash -c "$P2 config:system:set trusted_domains 2 --value=$DOMAIN")
|
||||
#if [[ $? -eq 0 ]]; then
|
||||
# printf "Trusted Domain $DOMAIN set\n"
|
||||
#else
|
||||
# exit 1;
|
||||
#fi
|
||||
|
||||
set +o xtrace
|
||||
|
||||
Loading…
Reference in New Issue