updated reseter to make login more clean
This commit is contained in:
parent
5d1ec73a3c
commit
c3b70dcb14
@ -2,10 +2,6 @@
|
||||
|
||||
set -o nounset
|
||||
|
||||
ID=$(timeout 1 -k dig @resolver4.opendns.com myip.opendns.com +short -4)
|
||||
|
||||
ID6=$(timeout 1 dig -t aaaa +short myip.opendns.com @resolver1.opendns.com)
|
||||
|
||||
#### CREATE NEW MASTER LOGIN ####
|
||||
|
||||
curl "https://git.sovransystems.com/Sovran_Systems/Software/raw/branch/main/Sovran_SystemsOS_Reseter/Reseter_Intro.md" | zenity --text-info --title="Sovran_SystemsOS_Reseter" --width=1100 --height=720
|
||||
@ -37,7 +33,7 @@ curl "https://git.sovransystems.com/Sovran_Systems/Software/raw/branch/main/Sovr
|
||||
|
||||
#### Initial Reseter Tag ####
|
||||
|
||||
ssh -i /home/free/.ssh/factory_login root@${ID} 'mkdir -p /var/lib/beacons/reseter ; touch /var/lib/beacons/reseter/started' || ssh -i /home/free/.ssh/factory_login root@${ID6} 'mkdir -p /var/lib/beacons/reseter ; touch /var/lib/beacons/reseter/started'
|
||||
ssh root@localhost 'mkdir -p /var/lib/beacons/reseter ; touch /var/lib/beacons/reseter/started'
|
||||
|
||||
if [[ $? != 0 ]]; then
|
||||
|
||||
@ -78,7 +74,7 @@ curl "https://git.sovransystems.com/Sovran_Systems/Software/raw/branch/main/Sovr
|
||||
fi
|
||||
|
||||
|
||||
ssh -i /home/free/.ssh/factory_login root@${ID} 'sed -i -e "0,/ssh-ed25519.*/{ s::$(cat /home/free/.ssh/sovranpro_login.pub): }" /root/.ssh/authorized_keys' || ssh -i /home/free/.ssh/factory_login root@${ID6} 'sed -i -e "0,/ssh-ed25519.*/{ s::$(cat /home/free/.ssh/sovranpro_login.pub): }" /root/.ssh/authorized_keys'
|
||||
ssh root@localhost 'sed -i -e "0,/ssh-ed25519.*/{ s::$(cat /home/free/.ssh/sovranpro_login.pub): }" /root/.ssh/authorized_keys'
|
||||
|
||||
if [[ $? != 0 ]]; then
|
||||
|
||||
@ -116,7 +112,7 @@ curl "https://git.sovransystems.com/Sovran_Systems/Software/raw/branch/main/Sovr
|
||||
NOW=$(date '+%Y%m%d.%H%M%S') # default NOW string
|
||||
BAKDIR=bak_${NOW}
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "cd /root/.ssh/agenix/; mkdir ${BAKDIR}" || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} "cd /root/.ssh/agenix/; mkdir ${BAKDIR}"
|
||||
ssh root@localhost "cd /root/.ssh/agenix/; mkdir ${BAKDIR}"
|
||||
|
||||
if [[ $? != 0 ]]; then
|
||||
|
||||
@ -133,7 +129,7 @@ curl "https://git.sovransystems.com/Sovran_Systems/Software/raw/branch/main/Sovr
|
||||
|
||||
#### Move existing keys to Backup Directory ####
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "cd /root/.ssh/agenix/; mv agenix-secret-keys* ${BAKDIR}" || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} "cd /root/.ssh/agenix/; mv agenix-secret-keys* ${BAKDIR}"
|
||||
ssh root@localhost "cd /root/.ssh/agenix/; mv agenix-secret-keys* ${BAKDIR}"
|
||||
|
||||
if [[ $? != 0 ]]; then
|
||||
|
||||
@ -150,7 +146,7 @@ curl "https://git.sovransystems.com/Sovran_Systems/Software/raw/branch/main/Sovr
|
||||
|
||||
##### Generate New Keys ####
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} 'ssh-keygen -q -N "" -t ed25519 -f /root/.ssh/agenix/agenix-secret-keys' || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} 'ssh-keygen -q -N "" -t ed25519 -f /root/.ssh/agenix/agenix-secret-keys'
|
||||
ssh root@localhost 'ssh-keygen -q -N "" -t ed25519 -f /root/.ssh/agenix/agenix-secret-keys'
|
||||
|
||||
if [[ $? != 0 ]]; then
|
||||
|
||||
@ -168,7 +164,7 @@ curl "https://git.sovransystems.com/Sovran_Systems/Software/raw/branch/main/Sovr
|
||||
#### Send .pub into agenix/secrets.nix ####
|
||||
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} 'sed -i -e "0,/root.*/{s::root = $(cat /root/.ssh/agenix/agenix-secret-keys.pub):};s:root@nixos::" /var/lib/agenix-secrets/secrets.nix' || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} 'sed -i -e "0,/root.*/{s::root = $(cat /root/.ssh/agenix/agenix-secret-keys.pub):};s:root@nixos::" /var/lib/agenix-secrets/secrets.nix'
|
||||
ssh root@localhost 'sed -i -e "0,/root.*/{s::root = $(cat /root/.ssh/agenix/agenix-secret-keys.pub):};s:root@nixos::" /var/lib/agenix-secrets/secrets.nix'
|
||||
|
||||
if [[ $? != 0 ]]; then
|
||||
|
||||
@ -182,7 +178,7 @@ curl "https://git.sovransystems.com/Sovran_Systems/Software/raw/branch/main/Sovr
|
||||
|
||||
fi
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} << 'EOF'
|
||||
ssh root@localhost << 'EOF'
|
||||
|
||||
sed -i 's:\(root =[[:blank:]]*\)\(.*\):\1"\2";:' /var/lib/agenix-secrets/secrets.nix
|
||||
|
||||
@ -203,11 +199,11 @@ EOF
|
||||
|
||||
#### DATABASES ####
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/wordpressdb" || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/wordpressdb"
|
||||
ssh root@localhost "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/wordpressdb"
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/matrixdb" || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/matrixdb"
|
||||
ssh root@localhost "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/matrixdb"
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/nextclouddb" || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/nextclouddb"
|
||||
ssh root@localhost "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/nextclouddb"
|
||||
|
||||
|
||||
if [[ $? != 0 ]]; then
|
||||
@ -225,7 +221,7 @@ EOF
|
||||
|
||||
#### Mysql Passwords ####
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} << 'EOF'
|
||||
ssh root@localhost << 'EOF'
|
||||
|
||||
wp=$(cat /var/lib/secrets/wordpressdb)
|
||||
|
||||
@ -250,7 +246,7 @@ EOF
|
||||
|
||||
#### PostgresQL Passwords ####
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} << 'EOF'
|
||||
ssh root@localhost << 'EOF'
|
||||
|
||||
nc=$(cat /var/lib/secrets/nextclouddb)
|
||||
|
||||
@ -271,7 +267,7 @@ EOF
|
||||
fi
|
||||
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} << 'EOF'
|
||||
ssh root@localhost << 'EOF'
|
||||
|
||||
nc=$(cat /var/lib/secrets/nextclouddb)
|
||||
|
||||
@ -292,7 +288,7 @@ EOF
|
||||
fi
|
||||
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} << 'EOF'
|
||||
ssh root@localhost << 'EOF'
|
||||
|
||||
ms=$(cat /var/lib/secrets/matrixdb)
|
||||
|
||||
@ -315,9 +311,9 @@ EOF
|
||||
|
||||
#### Matrix-Synapse Keys ####
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/turn" || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/turn"
|
||||
ssh root@localhost "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/turn"
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/matrix_reg_secret" || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/matrix_reg_secret"
|
||||
ssh root@localhost "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/matrix_reg_secret"
|
||||
|
||||
if [[ $? != 0 ]]; then
|
||||
|
||||
@ -334,7 +330,7 @@ EOF
|
||||
|
||||
#### UPDATE AGENIX SECRETS ####
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} "
|
||||
ssh root@localhost "
|
||||
|
||||
rm -rf /var/lib/agenix-secrets/nextclouddb.age ;
|
||||
rm -rf /var/lib/agenix-secrets/wordpressdb.age ;
|
||||
@ -343,7 +339,7 @@ EOF
|
||||
rm -rf /var/lib/agenix-secrets/matrix_reg_secret.age "
|
||||
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} << 'EOF'
|
||||
ssh root@localhost << 'EOF'
|
||||
|
||||
pushd /var/lib/agenix-secrets/
|
||||
|
||||
@ -377,7 +373,7 @@ EOF
|
||||
|
||||
#### VAULTWARDEN ####
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} << 'EOF'
|
||||
ssh root@localhost << 'EOF'
|
||||
|
||||
echo -n $(pwgen -s 77 -1) > /var/lib/secrets/vaultwarden/vaultwarden
|
||||
|
||||
@ -402,7 +398,7 @@ EOF
|
||||
|
||||
#### MAIN ####
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} << 'EOF'
|
||||
ssh root@localhost << 'EOF'
|
||||
|
||||
echo -n $(pwgen -s 77 -1) > /var/lib/secrets/main
|
||||
|
||||
@ -426,7 +422,7 @@ EOF
|
||||
|
||||
#### RESET SYSTEMD SERVICES ####
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} "
|
||||
ssh root@localhost "
|
||||
|
||||
systemctl restart postgresql matrix-synapse caddy mysql coturn vaultwarden"
|
||||
|
||||
@ -445,7 +441,7 @@ EOF
|
||||
|
||||
#### RESET LND AND RTL ####
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} << 'EOF'
|
||||
ssh root@localhost << 'EOF'
|
||||
|
||||
systemctl stop bitcoind lnd lightning-loop lightning-pool rtl
|
||||
|
||||
@ -469,12 +465,12 @@ EOF
|
||||
|
||||
#### NixOS Rebuild Switch ####
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} 'nixos-rebuild switch --impure'
|
||||
ssh root@localhost 'nixos-rebuild switch --impure'
|
||||
|
||||
|
||||
#### FINAL RESETER TAG ####
|
||||
|
||||
ssh -i /home/free/.ssh/sovranpro_login root@${ID} || ssh -i /home/free/.ssh/sovranpro_login root@${ID6} 'touch /var/lib/beacons/reseter/completed'
|
||||
ssh root@localhost 'touch /var/lib/beacons/reseter/completed'
|
||||
|
||||
if [[ $? != 0 ]]; then
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user