-
Notifications
You must be signed in to change notification settings - Fork 2
/
install.sh
211 lines (150 loc) · 6.05 KB
/
install.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
#!/bin/bash
cat<<'EOF'
N E X T G E N E R A T I O N O F H Y P E R L O C A L F I L E S H A R I N G -------------------
:::. ::: .,:::::: .,:: .: :::. :::. :::.:::::::-. :::::::.. ::: :::.
;;`;; ;;; ;;;;'''' `;;;, .,;; ;;`;; `;;;;, `;;; ;;, `';,;;;;``;;;; ;;; ;;`;;
,[[ '[[, [[[ [[cccc '[[,,[[' ,[[ '[[, [[[[[. '[[ `[[ [[ [[[,/[[[' [[[ ,[[ '[[,
c$$$cc$$$c $$' $$"""" Y$$$P c$$$cc$$$c $$$ "Y$c$$ $$, $$ $$$$$$c $$$c$$$cc$$$c
888 888,o88oo,.__888oo,__ oP"``"Yo, 888 888,888 Y88 888_,o8P' 888b "88bo,888 888 888,
YMM ""` """"YUMMM""""YUMMM,m" "Mm,YMM ""` MMM YM MMMMP"` MMMM "W" MMM YMM ""`
--------------------------------- B U I L D T H E B E S T L I B R A R Y T H A T E V E R W A S
EOF
if [ -e $INSTDIR ]; then
INSTDIR=$(dirname $(readlink -f $0))
fi
if [ -e $LOCALCONF ]; then
LOCALCONF=/etc/alexandria.ini
fi
echo "install: install dir = ${INSTDIR}"
echo "install: config file = ${LOCALCONF}"
ABINDIR=${INSTDIR}/bin
AVARDIR=${INSTDIR}/var
ARUNDIR=${INSTDIR}/run
VENVDIR=${INSTDIR}/env
VENVBIN=${VENVDIR}/bin
VENVPIP=${VENVBIN}/pip
VENVPY=${VENVBIN}/python
if [ $(whoami) != "root" ]; then
echo "I need to be run as root!"
exit 1
fi
echo "install: deps"
echo "install: make sure apt is up to date"
apt-get update
echo "install: apt-get -> python3, virtualenv, nginx-light, hostapd, dnsmasq, nyancat, exfat"
apt-get install -y virtualenv python3-virtualenv python3 python2.7 python-pip nginx-light hostapd dnsmasq nyancat exfat-utils exfat-fuse
echo "install: global pip install of supervisor"
pip install supervisor
# I don't trust that things were brought over with the copy. Let's make sure things that should be there are.
echo "install: enforce install of current filesystem tree"
mkdir -p ${AVARDIR}
mkdir -p ${ARUNDIR}
chown nobody:nogroup ${ARUNDIR}
# We don't put anything sensitive here, so this is mostly safe?
chmod a+rw ${ARUNDIR}
# Now, we're going to make sure that the virtualenv gets what it needs.
echo "venv: create virtualenv python3 at ${VENVDIR}"
virtualenv -p python3 ${VENVDIR} > /dev/null
echo "venv: pip install requirements"
# This was a pain to track down.
$VENVPIP install -r ${INSTDIR}/requirements.txt
echo "install: make sure ${LOCALCONF} exists"
touch $LOCALCONF
# Now, we're going to write the install path to /etc/alexandria-env. This gets
# consumed by genconfig.
ENVPATH=/etc/alexandria-env
echo "install: write environment file at ${ENVPATH}"
cat<<EOE>$ENVPATH
ALEXANDRIAPATH=${INSTDIR}
BASECONFIG=${INSTDIR}/alexandria.ini
LOCALCONFIG=${LOCALCONF}
ABINDIR=${ABINDIR}
AVARDIR=${AVARDIR}
ARUNDIR=${INSTDIR}/run
VENVDIR=${VENVDIR}
VENVBIN=${VENVDIR}/bin
VENVPIP=${VENVBIN}/pip
VENVPY=${VENVBIN}/python
EOE
echo "install: contents of environment file are"
echo ""
cat ${ENVPATH}
echo ""
# we need to set the file mode of our configuration tools
echo "install: enforce execute permissions on scripts"
chmod a+x ${ABINDIR}/genconfig.sh
chmod a+x ${ABINDIR}/libctl.sh
# Tinetd is a super stupid TCP daemon that I wrote.
chmod a+x ${ABINDIR}/tinetd
echo "config: back up current configuration file"
cp /etc/network/interfaces /etc/network/interfaces.dist
echo "config: run initial configuration."
${ABINDIR}/genconfig.sh
# We now need to make sure that the systemd configuration is correct.
# This means we need to generate systemd unit files.
# This makes sure that the configuration files are written just after we have
# gotten everything stable but the network devices have not been touched yet
#
# see also https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/
#
echo "systemd: start"
echo "systemd: write local copy of unit files."
cat<<EOF>${INSTDIR}/alexandria-config.service
[Unit]
Description=Alexandria configuration
DefaultDependencies=no
Wants=local-fs.target
Before=network-pre.target multi-user.target
After=local-fs.target
[Service]
Type=oneshot
RemainAfterExit=True
ExecStart=${ABINDIR}/genconfig.sh
[Install]
WantedBy=multi-user.target network-pre.target
EOF
cat<<EOF>${INSTDIR}/alexandria-server.service
[Unit]
Description=Alexandria librarian daemons
After=network.target
[Service]
Type=simple
ExecStart=/usr/local/bin/supervisord -c supervisord.conf
WorkingDirectory=${INSTDIR}
Environment="PATH=${ABINDIR}:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
EnvironmentFile=/etc/alexandria-env
[Install]
WantedBy=multi-user.target
EOF
# Now we link them in the right way
echo "Systemd: hard link in our service files and get going."
ln ${INSTDIR}/alexandria-server.service /lib/systemd/system/alexandria-server.service
ln ${INSTDIR}/alexandria-config.service /lib/systemd/system/alexandria-config.service
# ensure that hostapd and dnsmasq are disabled
echo "systemd: disable distribution installed hostapd, dnsmasq and nginx"
systemctl disable hostapd
systemctl disable dnsmasq
systemctl disable nginx
echo "systemd: enable alexandria services."
systemctl enable alexandria-config
systemctl enable alexandria-server
# Final steps
# We need to make sure that the configuration file is owned by nobody:nogroup and that it is world writable.
# This is in typical fashion a terrible idea, but there is never a point where file access can go outside the designated filesystem.
echo "install: set permissions."
echo "install: set permissions permissive on ${LOCALCONF}"
chown nobody:nogroup ${LOCALCONF}
chmod 766 ${LOCALCONF}
# Now, we're going to make the path that things are mounted at
echo "install: add default media path, make it owned by nobody"
mkdir -p /media/alexandria
chown nobody:nogroup /media/alexandria
# make sure that the udev rules are installed correctly
echo "udev: add usbstor rule"
cp ${INSTDIR}/system/udev.rules /etc/udev/rules.d/99-alexandria.rules
# add the appropriate rules for sudoers such that `nobody` can reboot the system:
echo "nobody ALL=NOPASSWD: /bin/systemctl poweroff,/bin/systemctl reboot" > /etc/sudoers.d/020-nobody-reboot
# make sure it has the right permission (440)
chmod 440 /etc/sudoers.d/020-nobody-reboot
# This is all we have at the moment
exit 0