From 5a1367528225e5c6b07ff4b4adc4267293c1c077 Mon Sep 17 00:00:00 2001 From: acidvegas Date: Tue, 23 Jan 2024 21:11:14 -0500 Subject: [PATCH] Updated deploy scripts --- deploy/deploy-anope | 40 --------------------- deploy/deploy-git | 11 ------ deploy/gitea | 43 ++++++++++++++++++++++ deploy/{deploy-nginx => httpd} | 0 deploy/{deploy-unrealircd => ircd} | 40 +++++++++++++++------ deploy/jitsi | 11 ++++++ deploy/services | 58 ++++++++++++++++++++++++++++++ deploy/tor_ircd_helper | 14 ++++++++ 8 files changed, 156 insertions(+), 61 deletions(-) delete mode 100755 deploy/deploy-anope delete mode 100755 deploy/deploy-git create mode 100755 deploy/gitea rename deploy/{deploy-nginx => httpd} (100%) rename deploy/{deploy-unrealircd => ircd} (87%) create mode 100755 deploy/jitsi create mode 100755 deploy/services create mode 100755 deploy/tor_ircd_helper diff --git a/deploy/deploy-anope b/deploy/deploy-anope deleted file mode 100755 index 2ed14f1..0000000 --- a/deploy/deploy-anope +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/sh -# SuperNETs tool for Anope deployment - Developed by acidvegas (https://git.acid.vegas/supertools) -ANOPE=$HOME/services -SOURCE=$HOME/services.source -[ $(command -v curl) ] && echo "error: missing required package 'curl'" && exit 1 -[ $(command -v git) ] && echo "error: missing required package 'git'" && exit 1 -[ $(command -v jq) ] && echo "error: missing required package 'jq'" && exit 1 -[ $(command -v make) ] && echo "error: missing required package 'make'" && exit 1 -if [ "$#" = '1' ]; then - if [ $1 = 'check' ]; then - CURRENT=$($ANOPE/bin/services -v | cut -d' ' -f1 | cut -d'-' -f2) - LATEST=$(curl -s https://api.github.com/repos/anope/anope/releases/latest | jq '.tag_name') - [ ! $CURRENT = $LATEST ] && echo "new version available: $LATEST" - elif [ $1 = 'deploy' ]; then - git clone --depth 1 https://github.com/supernets/anope.git $SOURCE - cd $SOURCE && $SOURCE/Config -nointro -quick && cd $SOURCE/build && make && make install && cd $HOME && rm -rf $SOURCE - if [ $(command -v crontab) ]; then - crontab -l | { cat; echo "*/5 * * * * $HOME/services/data/services.chk >/dev/null 2>&1"; } | crontab - - crontab -l | { cat; echo "@reboot $HOME/services/bin/services"; } | crontab - - elif [ $(command -v systemctl) ]; then - echo -e "[Unit]\nDescription=Anope Check Timer\n\n[Timer]\nOnBootSec=1min\nOnUnitActiveSec=5min\n\n[Install]\nWantedBy=timers.target" > $HOME/.config/systemd/user/anope.timer - echo -e "[Unit]\nDescription=Anope Check Service\n\n[Service]\nType=oneshot\nExecStart=$HOME/services/data/services.chk >/dev/null 2>&1" > $HOME/.config/systemd/user/anope.service - else - echo "warning: cron/systemd not found on system! (reboot/restart timers not set)" - fi - read -p "host = " HOST && sed -i 's/host = "REDACTED"/host = "$HOST"/g' $ANOPE/conf/services.conf - read -p "port = " PORT && sed -i 's/port = REDACTED/port = $PORT/g' $ANOPE/conf/services.conf - read -p "password = " PASSWORD && sed -i 's/password = "REDACTED"/password = "$PASSWORD"/g' $ANOPE/conf/services.conf - read -p "seed = " SEED && sed -i 's/seed = REDACTED/seed = $SEED/g' $ANOPE/conf/services.conf - $ANOPE/bin/services - elif [ $1 = 'update' ]; then - BACKUP=$ANOPE.backup - mkdir $BACKUP && cp $NAOPE/conf/services.conf $BACKUP && cp $ANOPE/data/anope.db $BACKUP - pkill -9 services && rm -rf $ANOPE - git clone --depth 1 https://github.com/supernets/anope.git $SOURCE - cd $SOURCE && $SOURCE/Config -nointro -quick && cd $SOURCE/build && make && make install && cd $HOME && rm -rf $SOURCE - mv $BACKUP/services.conf $ANOPE/conf/ && mv $BACKUP/anope.db $ANOPE/data - $ANOPE/bin/services - fi -fi \ No newline at end of file diff --git a/deploy/deploy-git b/deploy/deploy-git deleted file mode 100755 index ba08a34..0000000 --- a/deploy/deploy-git +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh -# SuperNETs tool for git deployment - Developed by acidvegas (https://git.acid.vegas/supertools) -[ ! $(grep -q /usr/bin/git-shell /etc/shells) ] && echo "/usr/bin/git-shell" >> /etc/shells -[ ! $(getent passwd git) ] && userdel -f git -useradd -d /srv/git -k /dev/null -m -s /usr/bin/git-shell -U git -mkdir -p /srv/git/git-shell-commands -echo -e "#!/bin/sh\nmkdir $1.git\ngit init --bare $1" > /srv/git/git-shell-commands/add -echo -e "#!/bin/sh\nrm -rf $1" > /srv/git/git-shell-commands/del -chmod +x /srv/git/git-shell-commands/* && chown -R git:git /srv/git/git-shell-commands -echo "Be sure to use 'AuthorizedKeysFile /etc/ssh/authorized_keys/%u' in your /etc/ssh/sshd_config" -echo "Add your public key to /etc/ssh/authorized_keys/git prefixed with 'no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty'" \ No newline at end of file diff --git a/deploy/gitea b/deploy/gitea new file mode 100755 index 0000000..d19cf93 --- /dev/null +++ b/deploy/gitea @@ -0,0 +1,43 @@ +#!/bin/sh +# gitea deployment helper - developed by acidvegas (https://git.acid.vegas) + +# Tranfser your Gitea backup file prior to using this script. +# Backup your previous instance with: gitea dump -c /etc/gitea/app.ini + +adduser --system --shell /bin/bash --gecos 'Git Version Control' --group --disabled-password --home /home/git git + +# Grab the latest version of Gitea +wget -O gitea https://dl.gitea.com/gitea/1.21.4/gitea-1.21.4-linux-amd64 && chmod +x gitea +wget -O gitea.asc https://dl.gitea.com/gitea/1.21.4/gitea-1.21.4-linux-amd64.asc +gpg --keyserver keys.openpgp.org --recv 7C9E68152594688862D62AF62D9AE806EC1592E2 +gpg --verify gitea.asc gitea +rm gitea.asc +cp gitea /usr/local/bin/gitea + +# Prepair Gitea directories & permissions +mkdir -p /var/lib/gitea/{custom,data,log} +chown -R git:git /var/lib/gitea/ +chmod -R 750 /var/lib/gitea/ +mkdir /etc/gitea +chown root:git /etc/gitea +chmod 770 /etc/gitea + +# Extract the backup file +unzip gitea-dump-*.zip +cd gitea-dump-* +mv app.ini /etc/gitea/conf/app.ini +mv data/* /var/lib/gitea/data/ +mv log/* /var/lib/gitea/log/ +mv repos/* /var/lib/gitea/gitea-repositories/ + +# Finalize permissions +chown -R gitea:gitea /etc/gitea/conf/app.ini /var/lib/gitea +chmod 750 /etc/gitea +chmod 640 /etc/gitea/app.ini + +# Grab completions and service file +wget -O /usr/share/bash-completion/completions/gitea https://raw.githubusercontent.com/go-gitea/gitea/main/contrib/autocompletion/bash_autocomplete +wget -O /etc/systemd/system/gitea.service https://raw.githubusercontent.com/go-gitea/gitea/release/v1.21/contrib/systemd/gitea.service + +# LET ER RIP !! +systemctl enable gitea && systemctl start gitea diff --git a/deploy/deploy-nginx b/deploy/httpd similarity index 100% rename from deploy/deploy-nginx rename to deploy/httpd diff --git a/deploy/deploy-unrealircd b/deploy/ircd similarity index 87% rename from deploy/deploy-unrealircd rename to deploy/ircd index 67f4d8b..b39fcbf 100755 --- a/deploy/deploy-unrealircd +++ b/deploy/ircd @@ -1,18 +1,33 @@ #!/bin/sh # SuperNETs tool for UnrealIRCd deployment - Developed by acidvegas (https://git.acid.vegas/supertools) # debian deployment: apt-get install build-essential pkg-config gdb libssl-dev libpcre2-dev libargon2-0-dev libsodium-dev libc-ares-dev libcurl4-openssl-dev + UNREAL=$HOME/unrealircd SOURCE=$UNREAL.source -[ ! $(command -v curl) ] && echo "error: missing required package 'curl'" && exit 1 -[ ! $(command -v git) ] && echo "error: missing required package 'git'" && exit 1 -[ ! $(command -v make) ] && echo "error: missing required package 'make'" && exit 1 -if [ "$#" = '1' ]; then - if [ $1 = 'check' ]; then + +for pkg in curl git jq make; do + if ! command -v $pkg > /dev/null; then + echo "error: missing required package '$pkg'" + exit 1 + fi +done + +case "$1" in + check) [ ! $(command -v jq) ] && echo "error: missing required package 'jq'" && exit 1 CURRENT=$($UNREAL/unrealircd version | cut -d'-' -f2) LATEST=$(curl -s https://www.unrealircd.org/downloads/list.json | jq '[.[]][1].Stable.version') [ ! $CURRENT = $LATEST ] && echo "new version available: $LATEST" - elif [ $1 = 'deploy' ]; then + ;; + + distcert) + for link in cowboy contra omega omni phish; do # Make this an arguement instead of hardcoded + scp irc.* $link:unrealircd/conf/tls + ssh $1 unrealircd/unrealircd rehash && unrealircd/unrealircd reloadtls + done + ;; + + deploy) git clone --depth 1 https://github.com/supernets/unrealircd.git $SOURCE cd $SOURCE && echo -e "\n" | ./Config -nointro && make && make install && cd $HOME && rm -rf $SOURCE rm $UNREAL/conf/*.conf @@ -28,12 +43,15 @@ if [ "$#" = '1' ]; then elif [ $(command -v systemctl) ]; then echo -e "[Unit]\nDescription=UnrealIRCd Cron Check Timer\n\n[Timer]\nOnBootSec=1min\nOnUnitActiveSec=5min\n\n[Install]\nWantedBy=timers.target" > $HOME/.config/systemd/user/unreal.timer echo -e "[Unit]\nDescription=UnrealIRCd Cron Check Service\n\n[Service]\nType=oneshot\nExecStart=$HOME/unrealircd/unrealircd croncheck" > $HOME/.config/systemd/user/unreal.service + systemctl --user enable unreal.timer && systemctl --user start unreal.timer else echo "warning: cron/systemd not found on system! (reboot/restart timers not set)" fi $UNREAL/unrealircd spkifp | tail -n2 | head -1 curl -4 icanhazip.com && curl -6 icanhazip.com - elif [ $1 = 'source'; then + ;; + + source) wget -O $SOURCE.tar.gz https://www.unrealircd.org/downloads/unrealircd-latest.tar.gz tar -xvf $SOURCE.tar.gz --one-top-level --strip-components=1 && rm $SOURCE.tar.gz sed -i 's/NICKNAMEHISTORYLENGTH="2000"/NICKNAMEHISTORYLENGTH="100"/g' $SOURCE/Config @@ -46,7 +64,9 @@ if [ "$#" = '1' ]; then sed -i 's;//#undef FAKELAG_CONFIGURABLE;#define FAKELAG_CONFIGURABLE;g' $SOURCE/include/config.h rm $SOURCE/doc/conf/* && rm $SOURCE/doc/conf/aliases && rm $SOURCE/doc/conf/examples && rm $SOURCE/doc/conf/help cp $HOME/dev/git/supernets/unrealircd/doc/conf/* $SOURCE/doc/conf/ - elif [ $1 = 'update']; then + ;; + + update) BACKUP=$UNREAL.backup mkdir $BACKUP && cp $UNREAL/conf/unrealircd.conf $BACKUP && cp $UNREAL/conf/tls/*.pem $BACKUP && cp $UNREAL/data/*.db $BACKUP git clone --depth 1 https://github.com/supernets/unrealircd.git $SOURCE @@ -54,5 +74,5 @@ if [ "$#" = '1' ]; then cd $SOURCE && (echo -e "\n" | ./Config -nointro) && make && make install && cd $HOME && rm -rf $SOURCE rm $UNREAL/conf/*.conf && mv $BACKUP/unrealircd.conf $UNREAL/conf && mv $BACKUP/*.pem $UNREAL/conf/tls && mv $BACKUP/*.db $UNREAL/data && rm -r $BACKUP $UNREAL/unrealircd start & - fi -fi \ No newline at end of file + ;; +esac diff --git a/deploy/jitsi b/deploy/jitsi new file mode 100755 index 0000000..0be7fd5 --- /dev/null +++ b/deploy/jitsi @@ -0,0 +1,11 @@ +#!/bin/sh +# https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart/ +sudo curl -sL https://prosody.im/files/prosody-debian-packages.key -o /etc/apt/keyrings/prosody-debian-packages.key +echo "deb [signed-by=/etc/apt/keyrings/prosody-debian-packages.key] http://packages.prosody.im/debian $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/prosody-debian-packages.list +sudo apt install lua5.2 + +curl -sL https://download.jitsi.org/jitsi-key.gpg.key | sudo sh -c 'gpg --dearmor > /usr/share/keyrings/jitsi-keyring.gpg' +echo "deb [signed-by=/usr/share/keyrings/jitsi-keyring.gpg] https://download.jitsi.org stable/" | sudo tee /etc/apt/sources.list.d/jitsi-stable.list + +sudo apt update +sudo apt install jitsi-meet diff --git a/deploy/services b/deploy/services new file mode 100755 index 0000000..30cc890 --- /dev/null +++ b/deploy/services @@ -0,0 +1,58 @@ +#!/bin/sh +# SuperNETs tool for Anope services - Developed by acidvegas (https://git.acid.vegas/supertools) +# requires cmake + +ANOPE=$HOME/services +SOURCE=$HOME/services.source + +for pkg in curl git jq make; do + if ! command -v $pkg > /dev/null; then + echo "error: missing required package '$pkg'" + exit 1 + fi +done + +case "$1" in + check) + CURRENT=$($ANOPE/bin/services -v | cut -d' ' -f1 | cut -d'-' -f2) + LATEST=$(curl -s https://api.github.com/repos/anope/anope/releases/latest | jq -r '.tag_name') + if [ "$CURRENT" != "$LATEST" ]; then + echo "new version available: $LATEST" + fi + ;; + + deploy) + git clone --depth 1 https://github.com/supernets/anope.git "$SOURCE" + cd "$SOURCE" && ./Config -nointro -quick && cd build && make && make install && cd $HOME && rm -rf "$SOURCE" + if command -v crontab > /dev/null; then + (crontab -l; echo "*/5 * * * * $HOME/services/data/services.chk >/dev/null 2>&1") | crontab - + (crontab -l; echo "@reboot $HOME/services/bin/services") | crontab - + elif command -v systemctl > /dev/null; then + printf "[Unit]\nDescription=Anope Check Timer\n\n[Timer]\nOnBootSec=1min\nOnUnitActiveSec=5min\n\n[Install]\nWantedBy=timers.target" > "$HOME/.config/systemd/user/anope.timer" + printf "[Unit]\nDescription=Anope Check Service\n\n[Service]\nType=oneshot\nExecStart=$HOME/services/data/services.chk >/dev/null 2>&1" > "$HOME/.config/systemd/user/anope.service" + systemctl --user enable anope.timer && systemctl --user start anope.timer + else + echo "warning: cron/systemd not found on system! (reboot/restart timers not set)" + fi + for param in host port password seed; do + read -p "$param = " VALUE + sed -i "s/$param = \"REDACTED\"/$param = \"$VALUE\"/g" "$ANOPE/conf/services.conf" + done + $ANOPE/bin/services + ;; + + update) + BACKUP="$ANOPE.backup" + mkdir "$BACKUP" && cp "$ANOPE/conf/services.conf" "$BACKUP" && cp "$ANOPE/data/anope.db" "$BACKUP" + pkill -9 services && rm -rf "$ANOPE" + git clone --depth 1 https://github.com/supernets/anope.git "$SOURCE" + cd "$SOURCE" && ./Config -nointro -quick && cd build && make && make install && cd $HOME && rm -rf "$SOURCE" + mv "$BACKUP/services.conf" "$ANOPE/conf/" + mv "$BACKUP/anope.db" "$ANOPE/data" + $ANOPE/bin/services + ;; + + *) + echo "Usage: $0 {check|deploy|update}" + ;; +esac diff --git a/deploy/tor_ircd_helper b/deploy/tor_ircd_helper new file mode 100755 index 0000000..69c04cb --- /dev/null +++ b/deploy/tor_ircd_helper @@ -0,0 +1,14 @@ +#!/bin/sh +apt-get install tor +{ + echo "HiddenServiceDir /var/lib/tor/ircd" + echo "HiddenServicePort 6667 unix:/etc/tor/unrealircd/tor_ircd.socket" + echo "HiddenServicePort 6697 unix:/etc/tor/unrealircd/tor_tls_ircd.socket" + echo "#MapAddress irc.supernets.org changeme.onion" +} > /etc/tor/torrc +mkdir /etc/tor/unrealircd +chown unrealircd:debian-tor /etc/tor/unrealircd +chmod 750 /etc/tor/unrealircd +systemctl restart tor.service && systemctl enable tor.service +cat /var/lib/tor/ircd/hostname +echo "MapAddress irc1.example.net xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.onion" >> /etc/tor/torrc