diff --git a/Sovran_SystemsOS_Resetter/Resetter Source Files/Master_Passwords_Reset_Root.sh b/Sovran_SystemsOS_Resetter/Resetter Source Files/Master_Passwords_Reset_Root.sh deleted file mode 100644 index 8477bbc..0000000 --- a/Sovran_SystemsOS_Resetter/Resetter Source Files/Master_Passwords_Reset_Root.sh +++ /dev/null @@ -1,521 +0,0 @@ -#!/usr/bin/env bash - -set -o nounset - -#### CREATE NEW MASTER LOGIN #### - -curl "https://git.sovransystems.com/Sovran_Systems/Software/raw/branch/main/Sovran_SystemsOS_Reseter/Reseter_Intro.md" | zenity --text-info --title="Sovran_SystemsOS_Reseter" --width=1100 --height=720 - - if [[ $? -eq 1 ]]; then - - exit 1 - - else - - -#### Check to See If It Has Been Run Before #### - - FILE=/var/lib/beacons/reseter/completed - - if [ -e $FILE ]; then - - zenity --info \ - --ellipsize \ - --no-wrap \ - --width=250 \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Already Completed" - - exit 1 - - fi - - -#### Initial Reseter Tag #### - - ssh root@localhost 'mkdir -p /var/lib/beacons/reseter ; touch /var/lib/beacons/reseter/started' - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Create Reseter Tag" - - exit 1 - - fi - - -#### Create New Log In Key For the Local Sovran Pro #### - - PASS=$(zenity --password --title="Please Type In A New Sovran Pro Updater Password") - - if [[ $? -eq 1 ]]; then - - exit 1 - - else - - - ssh-keygen -q -N "${PASS}" -t ed25519 -f /home/free/.ssh/sovranpro_login - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Create New Login Key" - - exit 1 - - fi - - - ssh root@localhost 'sed -i -e "0,/ssh-ed25519.*/{ s::$(cat /home/free/.ssh/sovranpro_login.pub): }" /root/.ssh/authorized_keys' - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Move Key to Root" - - exit 1 - - fi - - fi - - rm -rf /home/free/.ssh/factory_login /home/free/.ssh/factory_login.pub - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Remove Factory Keys" - - exit 1 - - fi - - -#### RESET KEYS FOR AGENIX #### - -### Make Backup Directory #### - - NOW=$(date '+%Y%m%d.%H%M%S') # default NOW string - BAKDIR=bak_${NOW} - - ssh root@localhost "cd /root/.ssh/agenix/; mkdir ${BAKDIR}" - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Make Backup Directory" - - exit 1 - - fi - - -#### Move existing keys to Backup Directory #### - - ssh root@localhost "cd /root/.ssh/agenix/; mv agenix-secret-keys* ${BAKDIR}" - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Move Keys to Backup Directory" - - exit 1 - - fi - - -##### Generate New Keys #### - - ssh root@localhost 'ssh-keygen -q -N "" -t ed25519 -f /root/.ssh/agenix/agenix-secret-keys' - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Reset Main Agenix Keys" - - exit 1 - - fi - - -#### Send .pub into agenix/secrets.nix #### - - - ssh root@localhost 'sed -i -e "0,/root.*/{s::root = $(cat /root/.ssh/agenix/agenix-secret-keys.pub):};s:root@nixos::" /var/lib/agenix-secrets/secrets.nix' - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Send Agenix Keys to Main" - - exit 1 - - fi - - ssh root@localhost << 'EOF' - - sed -i 's:\(root =[[:blank:]]*\)\(.*\):\1"\2";:' /var/lib/agenix-secrets/secrets.nix - -EOF - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Put Quotes On Agenix Keys in Main" - - exit 1 - - fi - - -#### DATABASES #### - - ssh root@localhost "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/wordpressdb" - - ssh root@localhost "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/matrixdb" - - ssh root@localhost "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/nextclouddb" - - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Reset Database Passwords" - - exit 1 - - fi - - -#### Mysql Passwords #### - - ssh root@localhost << 'EOF' - - wp=$(cat /var/lib/secrets/wordpressdb) - - sudo mysql -u root -e "SET PASSWORD FOR wpusr@localhost = PASSWORD('${wp}')"; - - sed -i "s:define( 'DB_PASSWORD'.*:define( 'DB_PASSWORD', '${wp}' );:" /var/lib/www/wordpress/wp-config.php - -EOF - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Update Wordpress Config File and/or Update Wordpress Password to Database" - - exit 1 - - fi - - -#### PostgresQL Passwords #### - - ssh root@localhost << 'EOF' - - nc=$(cat /var/lib/secrets/nextclouddb) - - sed -i "s:'dbpassword.*:'dbpassword' => '${nc}',:" /var/lib/www/nextcloud/config/config.php - -EOF - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Update Nextcloud Config File" - - exit 1 - - fi - - - ssh root@localhost << 'EOF' - - nc=$(cat /var/lib/secrets/nextclouddb) - - PGPASSWORD=${nc} psql -U ncusr nextclouddb - -EOF - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Reset Nextcloud Database Password" - - exit 1 - - fi - - - ssh root@localhost << 'EOF' - - ms=$(cat /var/lib/secrets/matrixdb) - - PGPASSWORD=${ms} psql -U matrix-synapse matrix-synapse - -EOF - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Reset Matrix-Synapse Database Passwords" - - exit 1 - - fi - - -#### Matrix-Synapse Keys #### - - ssh root@localhost "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/turn" - - ssh root@localhost "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/matrix_reg_secret" - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Reset Matrix-Synapse Keys" - - exit 1 - - fi - - -#### UPDATE AGENIX SECRETS #### - - ssh root@localhost " - - rm -rf /var/lib/agenix-secrets/nextclouddb.age ; - rm -rf /var/lib/agenix-secrets/wordpressdb.age ; - rm -rf /var/lib/agenix-secrets/turn.age ; - rm -rf /var/lib/agenix-secrets/matrixdb.age ; - rm -rf /var/lib/agenix-secrets/matrix_reg_secret.age " - - - ssh root@localhost << 'EOF' - - pushd /var/lib/agenix-secrets/ - - echo -n $(cat /var/lib/secrets/wordpressdb) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e wordpressdb.age -i /root/.ssh/agenix/agenix-secret-keys - - echo -n $(cat /var/lib/secrets/nextclouddb) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e nextclouddb.age -i /root/.ssh/agenix/agenix-secret-keys - - echo -n $(cat /var/lib/secrets/matrixdb) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e matrixdb.age -i /root/.ssh/agenix/agenix-secret-keys - - echo -n $(cat /var/lib/secrets/turn) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e turn.age -i /root/.ssh/agenix/agenix-secret-keys - - echo -n $(cat /var/lib/secrets/matrix_reg_secret) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e matrix_reg_secret.age -i /root/.ssh/agenix/agenix-secret-keys - - popd - - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Update Agenix Secrects" - - exit 1 - - fi - -EOF - - -#### VAULTWARDEN #### - - ssh root@localhost << 'EOF' - - echo -n $(pwgen -s 77 -1) > /var/lib/secrets/vaultwarden/vaultwarden - - ENCRYPTPASS=$(cat "/var/lib/secrets/vaultwarden/vaultwarden" | argon2 "$(openssl rand -base64 32)" -e -id -k 65540 -t 3 -p 4) - - sed -i "0,/ADMIN_.*/{s::ADMIN_TOKEN=${ENCRYPTPASS}:}" /var/lib/secrets/vaultwarden/vaultwarden.env - -EOF - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Update Vaultwarden Password" - - exit 1 - - fi - - -#### MAIN #### - - ssh root@localhost << 'EOF' - - echo -n $(pwgen -s 77 -1) > /var/lib/secrets/main - - sudo echo "root:$(cat /var/lib/secrets/main)" | chpasswd -c SHA512 - -EOF - - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Update Main Password" - - exit 1 - - fi - - -#### RESET SYSTEMD SERVICES #### - - ssh root@localhost " - - systemctl restart postgresql matrix-synapse caddy mysql coturn vaultwarden" - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Reset Services" - - exit 1 - - fi - - -#### RESET LND AND RTL #### - - ssh root@localhost << 'EOF' - - systemctl stop bitcoind lnd lightning-loop lightning-pool rtl - - rm -rf /var/lib/lightning-loop /var/lib/lightning-pool /var/lib/lnd - - echo -n $(pwgen -s 33 -1) > /etc/nix-bitcoin-secrets/rtl-password - -EOF - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Reset LND or RTL Passwords" - - exit 1 - - fi - -#### NixOS Rebuild Switch #### - - ssh root@localhost 'nixos-rebuild switch --impure' - - -#### FINAL RESETER TAG #### - - ssh root@localhost 'touch /var/lib/beacons/reseter/completed' - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Create Final Reseter Tag" - - exit 1 - - fi - - -#### FINAL DIALOG POPUP #### - - zenity --info \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="All Done! All Passwords Are Reset." - - - -#### Remove Reseter App #### - - rm -rf /home/free/.Sovran_Systems/localscript_to_remote_reseter.sh - - rm -rf /home/free/.Sovran_Systems/Icon_Reseter - - rm -rf /home/free/.local/share/applications/Sovran_SystemsOS_Reseter.desktop - - if [[ $? != 0 ]]; then - - zenity --error \ - --ellipsize \ - --no-wrap \ - --title="Sovran_SystemsOS_Reseter" \ - --text="Could Not Remove Reseter App" - - exit 1 - - fi - - fi - - -exit 0 \ No newline at end of file diff --git a/Sovran_SystemsOS_Resetter/Resetter Source Files/Master_Passwords_Reset_old.sh b/Sovran_SystemsOS_Resetter/Resetter Source Files/Master_Passwords_Reset_old.sh deleted file mode 100644 index b30e38b..0000000 --- a/Sovran_SystemsOS_Resetter/Resetter Source Files/Master_Passwords_Reset_old.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/env bash - -set -o nounset - -ID=$(dig @resolver4.opendns.com myip.opendns.com +short -4) - -cd /home/free/Downloads - -wget "https://git.sovransystems.com/Sovran_Systems/Software/raw/branch/main/Sovran_SystemsOS_Reseter/Reseter%20Source%20Files/Master_Passwords_Reset_Root.sh" - -bash /home/free/Downloads/Master_Passwords_Reset_Root.sh | zenity --progress --no-cancel --pulsate --auto-close --width=500 --title="Sovran_SystemsOS_Reseter" --text="Please Wait. Passwords Are Being Reset. This May Take Some Time..." - -rm -rf /home/free/Downloads/Master_Passwords_Reset_Root.sh - -exit 0 \ No newline at end of file