updated master script
This commit is contained in:
parent
7097f0e9e2
commit
03a77f5297
@ -7,22 +7,18 @@ ID=$(curl ifconfig.me)
|
|||||||
|
|
||||||
#### CREATE NEW MASTER LOGIN ####
|
#### CREATE NEW MASTER LOGIN ####
|
||||||
|
|
||||||
curl "https://git.sovransystems.com/Sovran_Systems/Software/raw/branch/main/Sovran_SystemsOS_Reseter/Reseter_Intro.md" |
|
curl "https://git.sovransystems.com/Sovran_Systems/Software/raw/branch/main/Sovran_SystemsOS_Reseter/Reseter_Intro.md" | zenity --text-info --title="Sovran_SystemsOS_Reseter" --width=1100 --height=710
|
||||||
zenity --text-info \
|
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
|
||||||
--width=1110 \
|
|
||||||
--height=710
|
|
||||||
|
|
||||||
if [[ $? -eq 1 ]]; then
|
if [[ $? -eq 1 ]]; then
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
|
|
||||||
else
|
else
|
||||||
|
|
||||||
|
|
||||||
#### Check to See If It Has Been Run Before ####
|
#### Check to See If It Has Been Run Before ####
|
||||||
|
|
||||||
FILE=/var/lib/beacons/reseter/completed
|
FILE=/var/lib/beacons/reseter/completed
|
||||||
|
|
||||||
if [ -e $FILE ]; then
|
if [ -e $FILE ]; then
|
||||||
|
|
||||||
@ -40,7 +36,7 @@ FILE=/var/lib/beacons/reseter/completed
|
|||||||
|
|
||||||
#### Initial Reseter Tag ####
|
#### Initial Reseter Tag ####
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/factory_login root@${ID} 'mkdir /var/lib/beacons/reseter ; touch /var/lib/beacons/reseter/started'
|
ssh -i /home/free/.ssh/factory_login root@${ID} 'mkdir /var/lib/beacons/reseter ; touch /var/lib/beacons/reseter/started'
|
||||||
|
|
||||||
if [[ $? != 0 ]]; then
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
@ -51,11 +47,13 @@ ssh -i /home/free/.ssh/factory_login root@${ID} 'mkdir /var/lib/beacons/reseter
|
|||||||
--text="Could Not Create Reseter Tag"
|
--text="Could Not Create Reseter Tag"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
#### Create New Log In Key For the Local Sovran Pro ####
|
#### Create New Log In Key For the Local Sovran Pro ####
|
||||||
|
|
||||||
PASS=$(zenity --password --title="Please Type In A New Sovran Pro Updater Password")
|
PASS=$(zenity --password --title="Please Type In A New Sovran Pro Updater Password")
|
||||||
|
|
||||||
if [[ $? -eq 1 ]]; then
|
if [[ $? -eq 1 ]]; then
|
||||||
|
|
||||||
@ -75,6 +73,7 @@ PASS=$(zenity --password --title="Please Type In A New Sovran Pro Updater Passwo
|
|||||||
--text="Could Not Create New Login Key"
|
--text="Could Not Create New Login Key"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
@ -89,6 +88,7 @@ PASS=$(zenity --password --title="Please Type In A New Sovran Pro Updater Passwo
|
|||||||
--text="Could Not Move Key to Root"
|
--text="Could Not Move Key to Root"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
fi
|
fi
|
||||||
@ -104,421 +104,448 @@ PASS=$(zenity --password --title="Please Type In A New Sovran Pro Updater Passwo
|
|||||||
--text="Could Not Remove Factory Keys"
|
--text="Could Not Remove Factory Keys"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
#### RESET KEYS FOR AGENIX ####
|
#### RESET KEYS FOR AGENIX ####
|
||||||
|
|
||||||
### Make Backup Directory ####
|
### Make Backup Directory ####
|
||||||
|
|
||||||
NOW=$(date '+%Y%m%d.%H%M%S') # default NOW string
|
NOW=$(date '+%Y%m%d.%H%M%S') # default NOW string
|
||||||
BAKDIR=bak_${NOW}
|
BAKDIR=bak_${NOW}
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "cd /root/.ssh/agenix/; mkdir ${BAKDIR}"
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "cd /root/.ssh/agenix/; mkdir ${BAKDIR}"
|
||||||
|
|
||||||
if [[ $? != 0 ]]; then
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
zenity --error \
|
zenity --error \
|
||||||
--ellipsize \
|
--ellipsize \
|
||||||
--no-wrap \
|
--no-wrap \
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
--text="Could Not Make Backup Directory"
|
--text="Could Not Make Backup Directory"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#### Move existing keys to Backup Directory ####
|
#### Move existing keys to Backup Directory ####
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "cd /root/.ssh/agenix/; mv agenix-secret-keys* ${BAKDIR}"
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "cd /root/.ssh/agenix/; mv agenix-secret-keys* ${BAKDIR}"
|
||||||
|
|
||||||
if [[ $? != 0 ]]; then
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
zenity --error \
|
zenity --error \
|
||||||
--ellipsize \
|
--ellipsize \
|
||||||
--no-wrap \
|
--no-wrap \
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
--text="Could Not Move Keys to Backup Directory"
|
--text="Could Not Move Keys to Backup Directory"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
|
||||||
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
##### Generate New Keys ####
|
##### Generate New Keys ####
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} 'ssh-keygen -q -N "" -t ed25519 -f /root/.ssh/agenix/agenix-secret-keys'
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} 'ssh-keygen -q -N "" -t ed25519 -f /root/.ssh/agenix/agenix-secret-keys'
|
||||||
|
|
||||||
if [[ $? != 0 ]]; then
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
zenity --error \
|
zenity --error \
|
||||||
--ellipsize \
|
--ellipsize \
|
||||||
--no-wrap \
|
--no-wrap \
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
--text="Could Not Reset Main Agenix Keys"
|
--text="Could Not Reset Main Agenix Keys"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
#### Send .pub into agenix/secrets.nix ####
|
#### Send .pub into agenix/secrets.nix ####
|
||||||
|
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} 'sed -i -e "0,/root.*/{s::root = $(cat /root/.ssh/agenix/agenix-secret-keys.pub):};s:root@nixos::" /var/lib/agenix-secrets/secrets.nix'
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} 'sed -i -e "0,/root.*/{s::root = $(cat /root/.ssh/agenix/agenix-secret-keys.pub):};s:root@nixos::" /var/lib/agenix-secrets/secrets.nix'
|
||||||
|
|
||||||
if [[ $? != 0 ]]; then
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
zenity --error \
|
zenity --error \
|
||||||
--ellipsize \
|
--ellipsize \
|
||||||
--no-wrap \
|
--no-wrap \
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
--text="Could Not Send Agenix Keys to Main"
|
--text="Could Not Send Agenix Keys to Main"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
fi
|
||||||
|
|
||||||
sed -i 's:\(root =[[:blank:]]*\)\(.*\):\1"\2";:' /var/lib/agenix-secrets/secrets.nix
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
||||||
|
|
||||||
|
sed -i 's:\(root =[[:blank:]]*\)\(.*\):\1"\2";:' /var/lib/agenix-secrets/secrets.nix
|
||||||
|
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
if [[ $? != 0 ]]; then
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
zenity --error \
|
zenity --error \
|
||||||
--ellipsize \
|
--ellipsize \
|
||||||
--no-wrap \
|
--no-wrap \
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
--text="Could Not Put Quotes On Agenix Keys in Main"
|
--text="Could Not Put Quotes On Agenix Keys in Main"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
|
||||||
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#### DATABASES ####
|
#### DATABASES ####
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/wordpressdb"
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/wordpressdb"
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/matrixdb"
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/matrixdb"
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/nextclouddb"
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/nextclouddb"
|
||||||
|
|
||||||
|
|
||||||
if [[ $? != 0 ]]; then
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
zenity --error \
|
zenity --error \
|
||||||
--ellipsize \
|
--ellipsize \
|
||||||
--no-wrap \
|
--no-wrap \
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
--text="Could Not Reset Database Passwords"
|
--text="Could Not Reset Database Passwords"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
#### Mysql Passwords ####
|
#### Mysql Passwords ####
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
||||||
|
|
||||||
wp=$(cat /var/lib/secrets/wordpressdb)
|
wp=$(cat /var/lib/secrets/wordpressdb)
|
||||||
|
|
||||||
sudo mysql -u root -e "SET PASSWORD FOR wpusr@localhost = PASSWORD('${wp}')";
|
sudo mysql -u root -e "SET PASSWORD FOR wpusr@localhost = PASSWORD('${wp}')";
|
||||||
|
|
||||||
sed -i "s:define( 'DB_PASSWORD'.*:define( 'DB_PASSWORD', '${wp}' );:" /var/lib/www/wordpress/wp-config.php
|
sed -i "s:define( 'DB_PASSWORD'.*:define( 'DB_PASSWORD', '${wp}' );:" /var/lib/www/wordpress/wp-config.php
|
||||||
|
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
if [[ $? != 0 ]]; then
|
zenity --error \
|
||||||
|
|
||||||
zenity --error \
|
|
||||||
--ellipsize \
|
--ellipsize \
|
||||||
--no-wrap \
|
--no-wrap \
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
--text="Could Not Update Wordpress Config File and/or Update Wordpress Password to Database"
|
--text="Could Not Update Wordpress Config File and/or Update Wordpress Password to Database"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#### PostgresQL Passwords ####
|
#### PostgresQL Passwords ####
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
||||||
|
|
||||||
nc=$(cat /var/lib/secrets/nextclouddb)
|
nc=$(cat /var/lib/secrets/nextclouddb)
|
||||||
|
|
||||||
sed -i "s:'dbpassword.*:'dbpassword' => '${nc}',:" /var/lib/www/nextcloud/config/config.php
|
sed -i "s:'dbpassword.*:'dbpassword' => '${nc}',:" /var/lib/www/nextcloud/config/config.php
|
||||||
|
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
if [[ $? != 0 ]]; then
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
zenity --error \
|
zenity --error \
|
||||||
--ellipsize \
|
--ellipsize \
|
||||||
--no-wrap \
|
--no-wrap \
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
--text="Could Not Update Nextcloud Config File"
|
--text="Could Not Update Nextcloud Config File"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
||||||
|
|
||||||
nc=$(cat /var/lib/secrets/nextclouddb)
|
nc=$(cat /var/lib/secrets/nextclouddb)
|
||||||
|
|
||||||
PGPASSWORD=${nc} psql -U ncusr nextclouddb
|
PGPASSWORD=${nc} psql -U ncusr nextclouddb
|
||||||
|
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
if [[ $? != 0 ]]; then
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
zenity --error \
|
zenity --error \
|
||||||
--ellipsize \
|
--ellipsize \
|
||||||
--no-wrap \
|
--no-wrap \
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
--text="Could Not Reset Nextcloud Database Password"
|
--text="Could Not Reset Nextcloud Database Password"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
||||||
|
|
||||||
ms=$(cat /var/lib/secrets/matrixdb)
|
ms=$(cat /var/lib/secrets/matrixdb)
|
||||||
|
|
||||||
PGPASSWORD=${ms} psql -U matrix-synapse matrix-synapse
|
|
||||||
|
|
||||||
|
PGPASSWORD=${ms} psql -U matrix-synapse matrix-synapse
|
||||||
|
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
if [[ $? != 0 ]]; then
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
zenity --error \
|
zenity --error \
|
||||||
--ellipsize \
|
--ellipsize \
|
||||||
--no-wrap \
|
--no-wrap \
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
--text="Could Not Reset Matrix-Synapse Database Passwords"
|
--text="Could Not Reset Matrix-Synapse Database Passwords"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#### Matrix-Synapse Keys ####
|
#### Matrix-Synapse Keys ####
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/turn"
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/turn"
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/matrix_reg_secret"
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/matrix_reg_secret"
|
||||||
|
|
||||||
if [[ $? != 0 ]]; then
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
zenity --error \
|
zenity --error \
|
||||||
--ellipsize \
|
--ellipsize \
|
||||||
--no-wrap \
|
--no-wrap \
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
--text="Could Not Reset Matrix-Synapse Keys"
|
--text="Could Not Reset Matrix-Synapse Keys"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
|
||||||
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#### UPDATE AGENIX SECRETS ####
|
#### UPDATE AGENIX SECRETS ####
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "
|
||||||
|
|
||||||
rm -rf /var/lib/agenix-secrets/nextclouddb.age ;
|
rm -rf /var/lib/agenix-secrets/nextclouddb.age ;
|
||||||
rm -rf /var/lib/agenix-secrets/wordpressdb.age ;
|
rm -rf /var/lib/agenix-secrets/wordpressdb.age ;
|
||||||
rm -rf /var/lib/agenix-secrets/turn.age ;
|
rm -rf /var/lib/agenix-secrets/turn.age ;
|
||||||
rm -rf /var/lib/agenix-secrets/matrixdb.age ;
|
rm -rf /var/lib/agenix-secrets/matrixdb.age ;
|
||||||
rm -rf /var/lib/agenix-secrets/matrix_reg_secret.age "
|
rm -rf /var/lib/agenix-secrets/matrix_reg_secret.age "
|
||||||
|
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
||||||
|
|
||||||
pushd /var/lib/agenix-secrets/
|
pushd /var/lib/agenix-secrets/
|
||||||
|
|
||||||
echo -n $(cat /var/lib/secrets/wordpressdb) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e wordpressdb.age -i /root/.ssh/agenix/agenix-secret-keys
|
echo -n $(cat /var/lib/secrets/wordpressdb) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e wordpressdb.age -i /root/.ssh/agenix/agenix-secret-keys
|
||||||
|
|
||||||
echo -n $(cat /var/lib/secrets/nextclouddb) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e nextclouddb.age -i /root/.ssh/agenix/agenix-secret-keys
|
echo -n $(cat /var/lib/secrets/nextclouddb) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e nextclouddb.age -i /root/.ssh/agenix/agenix-secret-keys
|
||||||
|
|
||||||
echo -n $(cat /var/lib/secrets/matrixdb) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e matrixdb.age -i /root/.ssh/agenix/agenix-secret-keys
|
echo -n $(cat /var/lib/secrets/matrixdb) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e matrixdb.age -i /root/.ssh/agenix/agenix-secret-keys
|
||||||
|
|
||||||
echo -n $(cat /var/lib/secrets/turn) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e turn.age -i /root/.ssh/agenix/agenix-secret-keys
|
echo -n $(cat /var/lib/secrets/turn) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e turn.age -i /root/.ssh/agenix/agenix-secret-keys
|
||||||
|
|
||||||
echo -n $(cat /var/lib/secrets/matrix_reg_secret) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e matrix_reg_secret.age -i /root/.ssh/agenix/agenix-secret-keys
|
echo -n $(cat /var/lib/secrets/matrix_reg_secret) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e matrix_reg_secret.age -i /root/.ssh/agenix/agenix-secret-keys
|
||||||
|
|
||||||
popd
|
popd
|
||||||
|
|
||||||
|
|
||||||
if [[ $? != 0 ]]; then
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
zenity --error \
|
zenity --error \
|
||||||
--ellipsize \
|
--ellipsize \
|
||||||
--no-wrap \
|
--no-wrap \
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
--text="Could Not Update Agenix Secrects"
|
--text="Could Not Update Agenix Secrects"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
|
||||||
|
fi
|
||||||
|
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#### VAULTWARDEN ####
|
#### VAULTWARDEN ####
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
||||||
|
|
||||||
|
echo -n $(pwgen -s 77 -1) > /var/lib/secrets/vaultwarden/vaultwarden
|
||||||
|
|
||||||
echo -n $(pwgen -s 77 -1) > /var/lib/secrets/vaultwarden/vaultwarden
|
ENCRYPTPASS=$(cat "/var/lib/secrets/vaultwarden/vaultwarden" | argon2 "$(openssl rand -base64 32)" -e -id -k 65540 -t 3 -p 4)
|
||||||
|
|
||||||
ENCRYPTPASS=$(cat "/var/lib/secrets/vaultwarden/vaultwarden" | argon2 "$(openssl rand -base64 32)" -e -id -k 65540 -t 3 -p 4)
|
|
||||||
|
|
||||||
sed -i "0,/ADMIN_.*/{s::ADMIN_TOKEN=${ENCRYPTPASS}:}" /var/lib/secrets/vaultwarden/vaultwarden.env
|
|
||||||
|
|
||||||
|
sed -i "0,/ADMIN_.*/{s::ADMIN_TOKEN=${ENCRYPTPASS}:}" /var/lib/secrets/vaultwarden/vaultwarden.env
|
||||||
|
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
if [[ $? != 0 ]]; then
|
zenity --error \
|
||||||
|
|
||||||
zenity --error \
|
|
||||||
--ellipsize \
|
--ellipsize \
|
||||||
--no-wrap \
|
--no-wrap \
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
--text="Could Not Update Vaultwarden Password"
|
--text="Could Not Update Vaultwarden Password"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
|
||||||
|
|
||||||
|
fi
|
||||||
#### OnlyOffice Key ####
|
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
|
||||||
|
|
||||||
echo -n $(pwgen -s 33 -1) > /var/lib/secrets/onlyofficejwtSecretFile
|
|
||||||
|
|
||||||
OF=(cat /var/lib/secrets/onlyofficejwtSecretFile)
|
|
||||||
|
|
||||||
sudo -u caddy php /var/lib/www/nextcloud/occ config:app:set onlyoffice jwt_secret --value="${OF}" --update-only
|
|
||||||
|
|
||||||
EOF
|
|
||||||
|
|
||||||
if [[ $? != 0 ]]; then
|
|
||||||
|
|
||||||
zenity --error \
|
|
||||||
--ellipsize \
|
|
||||||
--no-wrap \
|
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
|
||||||
--text="Could Not Update OnlyOffice Secret"
|
|
||||||
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
#### MAIN ####
|
#### MAIN ####
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
||||||
|
|
||||||
echo -n $(pwgen -s 77 -1) > /var/lib/secrets/main
|
echo -n $(pwgen -s 77 -1) > /var/lib/secrets/main
|
||||||
|
|
||||||
sudo echo "root:$(cat /var/lib/secrets/main)" | chpasswd -c SHA512
|
sudo echo "root:$(cat /var/lib/secrets/main)" | chpasswd -c SHA512
|
||||||
|
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
|
||||||
if [[ $? != 0 ]]; then
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
zenity --error \
|
zenity --error \
|
||||||
--ellipsize \
|
--ellipsize \
|
||||||
--no-wrap \
|
--no-wrap \
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
--text="Could Not Update Main Password"
|
--text="Could Not Update Main Password"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
|
||||||
|
|
||||||
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
#### RESET SYSTEMD SERVICES ####
|
#### RESET SYSTEMD SERVICES ####
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "
|
||||||
|
|
||||||
systemctl restart nginx rabbitmq onlyoffice-docservice onlyoffice-converter
|
systemctl restart nginx rabbitmq onlyoffice-docservice onlyoffice-converter
|
||||||
|
|
||||||
systemctl restart postgresql matrix-synapse caddy mysql coturn vaultwarden"
|
systemctl restart postgresql matrix-synapse caddy mysql coturn vaultwarden"
|
||||||
|
|
||||||
if [[ $? != 0 ]]; then
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
zenity --error \
|
zenity --error \
|
||||||
--ellipsize \
|
--ellipsize \
|
||||||
--no-wrap \
|
--no-wrap \
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
--text="Could Not Reset Services"
|
--text="Could Not Reset Services"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
#### RESET LND AND RTL ####
|
#### RESET LND AND RTL ####
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
||||||
|
|
||||||
systemctl stop bitcoind lnd lightning-loop lightning-pool rtl
|
systemctl stop bitcoind lnd lightning-loop lightning-pool rtl
|
||||||
|
|
||||||
rm -rf /var/lib/lightning-loop /var/lib/lightning-pool /var/lib/lnd
|
rm -rf /var/lib/lightning-loop /var/lib/lightning-pool /var/lib/lnd
|
||||||
|
|
||||||
echo -n $(pwgen -s 33 -1) > /etc/nix-bitcoin-secrets/rtl-password
|
echo -n $(pwgen -s 33 -1) > /etc/nix-bitcoin-secrets/rtl-password
|
||||||
|
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
if [[ $? != 0 ]]; then
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
zenity --error \
|
zenity --error \
|
||||||
--ellipsize \
|
--ellipsize \
|
||||||
--no-wrap \
|
--no-wrap \
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
--text="Could Not Reset LND or RTL Passwords"
|
--text="Could Not Reset LND or RTL Passwords"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
#### OnlyOffice Key Part 1 ####
|
||||||
|
|
||||||
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
||||||
|
|
||||||
|
echo -n $(pwgen -s 33 -1) > /var/lib/secrets/onlyofficejwtSecretFile
|
||||||
|
|
||||||
|
EOF
|
||||||
|
|
||||||
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
|
zenity --error \
|
||||||
|
--ellipsize \
|
||||||
|
--no-wrap \
|
||||||
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
|
--text="Could Not Update OnlyOffice Secret Part 1"
|
||||||
|
|
||||||
|
exit 1
|
||||||
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
#### NixOS Rebuild Switch ####
|
#### NixOS Rebuild Switch ####
|
||||||
\
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} 'nixos-rebuild switch --impure'
|
|
||||||
|
|
||||||
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} 'nixos-rebuild switch --impure'
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
#### OnlyOffice Key Part 2 ####
|
||||||
|
|
||||||
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
|
||||||
|
|
||||||
|
OF=(cat /var/lib/secrets/onlyofficejwtSecretFile)
|
||||||
|
|
||||||
|
sudo -u caddy php /var/lib/www/nextcloud/occ config:app:set onlyoffice jwt_secret --value="${OF}" --update-only
|
||||||
|
|
||||||
|
EOF
|
||||||
|
|
||||||
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
|
zenity --error \
|
||||||
|
--ellipsize \
|
||||||
|
--no-wrap \
|
||||||
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
|
--text="Could Not Update OnlyOffice Secret Part 2"
|
||||||
|
|
||||||
|
exit 1
|
||||||
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
#### FINAL RESETER TAG ####
|
#### FINAL RESETER TAG ####
|
||||||
|
|
||||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} 'touch /var/lib/beacons/reseter/completed'
|
ssh -i /home/free/.ssh/sovranpro_login root@${ID} 'touch /var/lib/beacons/reseter/completed'
|
||||||
|
|
||||||
if [[ $? != 0 ]]; then
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
zenity --error \
|
zenity --error \
|
||||||
--ellipsize \
|
--ellipsize \
|
||||||
--no-wrap \
|
--no-wrap \
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
--text="Could Not Create Final Reseter Tag"
|
--text="Could Not Create Final Reseter Tag"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
#### FINAL DIALOG POPUP ####
|
#### FINAL DIALOG POPUP ####
|
||||||
|
|
||||||
zenity --info \
|
zenity --info \
|
||||||
--ellipsize \
|
--ellipsize \
|
||||||
--no-wrap \
|
--no-wrap \
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
@ -528,25 +555,25 @@ zenity --info \
|
|||||||
|
|
||||||
#### Remove Reseter App ####
|
#### Remove Reseter App ####
|
||||||
|
|
||||||
rm -rf /home/free/.Sovran_Systems/localscript_to_remote_reseter.sh
|
rm -rf /home/free/.Sovran_Systems/localscript_to_remote_reseter.sh
|
||||||
|
|
||||||
rm -rf /home/free/.Sovran_Systems/Icon_Reseter
|
rm -rf /home/free/.Sovran_Systems/Icon_Reseter
|
||||||
|
|
||||||
rm -rf /home/free/.local/share/applications/Sovran_SystemsOS_Reseter.desktop
|
rm -rf /home/free/.local/share/applications/Sovran_SystemsOS_Reseter.desktop
|
||||||
|
|
||||||
if [[ $? != 0 ]]; then
|
if [[ $? != 0 ]]; then
|
||||||
|
|
||||||
zenity --error \
|
zenity --error \
|
||||||
--ellipsize \
|
--ellipsize \
|
||||||
--no-wrap \
|
--no-wrap \
|
||||||
--title="Sovran_SystemsOS_Reseter" \
|
--title="Sovran_SystemsOS_Reseter" \
|
||||||
--text="Could Not Remove Reseter App"
|
--text="Could Not Remove Reseter App"
|
||||||
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
|
||||||
|
|
||||||
|
fi
|
||||||
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
exit 0
|
exit 0
|
||||||
Loading…
Reference in New Issue
Block a user