From f056f35fbfec7df383a3364ee908bdc779c4c338 Mon Sep 17 00:00:00 2001
From: naturallaw77 <advbuwxeew@use.startmail.com>
Date: Tue, 6 Jun 2023 22:22:20 -0700
Subject: [PATCH] updated reseter source scrpit and updater script

---
 .../Master_Passwords_Reset.sh                 | 265 +++++++++++++++---
 .../Update_Sovran_SystemsOS.sh                |   6 +-
 2 files changed, 224 insertions(+), 47 deletions(-)

diff --git a/Sovran_SystemsOS_Reseter/Reseter Source Files/Master_Passwords_Reset.sh b/Sovran_SystemsOS_Reseter/Reseter Source Files/Master_Passwords_Reset.sh
index 9ad6415..7970d68 100644
--- a/Sovran_SystemsOS_Reseter/Reseter Source Files/Master_Passwords_Reset.sh	
+++ b/Sovran_SystemsOS_Reseter/Reseter Source Files/Master_Passwords_Reset.sh	
@@ -2,6 +2,12 @@
 
 set -o nounset
 
+
+
+ID=$(curl ifconfig.me)
+
+#### CREATE NEW MASTER LOGIN ####
+
 curl "https://git.sovransystems.com/Sovran_Systems/Software/raw/branch/main/Sovran_SystemsOS_Reseter/Reseter_Intro.md" |
 zenity --text-info \
 --title="Sovran_SystemsOS Reseter" \
@@ -14,36 +20,66 @@ if [[ $? -eq 1 ]]; then
 
 else
 
+
+
 rm -rf /home/free/.ssh/sovranpro_login
 
 if [[ $? != 0 ]]; then
-   echo "Could not delete Private Key -- exiting" >&2
+
+zenity --error \
+   --ellipsize \
+   --no-wrap \
+   --title="Sovran_SystemsOS_Reseter" \
+   --text="Could Not Delete Old Sovran Private Keys"
+
    exit 1
 fi
 
+
+
 rm -rf /home/free/.ssh/sovranpro_login.pub
 
 if [[ $? != 0 ]]; then
-   echo "Could not delete Public Key -- exiting" >&2
+
+zenity --error \
+   --ellipsize \
+   --no-wrap \
+   --title="Sovran_SystemsOS_Reseter" \
+   --text="Could Not Delete Old Sovran Pro Public Keys"
+
    exit 1
 fi
 
 
+
 PASSWDNEW=$(zenity --password --title="New Sovran Pro Updater Password")
 
 ssh-keygen -q -N "$PASSWDNEW" -t ed25519 -f /home/free/.ssh/sovranpro_login
 
 
 if [[ $? != 0 ]]; then
-   echo "Could create new Sovran Pro Login Keys -- exiting" >&2
+
+zenity --error \
+   --ellipsize \
+   --no-wrap \
+   --title="Sovran_SystemsOS_Reseter" \
+   --text="Could Not Reset Sovran Pro Login Passwords"
+
    exit 1
 fi
 
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 'sed -i -e "0,/ssh-ed25519.*/{ s::$(cat /home/free/.ssh/sovranpro_login.pub): }" /root/.ssh/authorized_keys'
+
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} 'sed -i -e "0,/ssh-ed25519.*/{ s::$(cat /home/free/.ssh/sovranpro_login.pub): }" /root/.ssh/authorized_keys'
 
 if [[ $? != 0 ]]; then
-   echo "Could not write Sovran Pro Login Keys to Root .ssh -- exiting" >&2
+
+zenity --error \
+   --ellipsize \
+   --no-wrap \
+   --title="Sovran_SystemsOS_Reseter" \
+   --text="Could Not Sovran Pro Login Move Keys"
+
    exit 1
 fi
 
@@ -51,75 +87,126 @@ fi
 
 
 
+#### BEGIN SCRIPT ####
 
-# create backup folder
+
+
+#### Reset Keys for Agenix ####
+
+# Make Backup Directory
 
 NOW=$(date '+%Y%m%d.%H%M%S') # default NOW string
 BAKDIR=bak_${NOW}
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 "cd /root/.ssh/agenix/; mkdir ${BAKDIR}"
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} "cd /root/.ssh/agenix/; mkdir ${BAKDIR}"
 
 if [[ $? != 0 ]]; then
-   echo "Could not mkdir ${BAKDIR} -- exiting" >&2
+
+zenity --error \
+   --ellipsize \
+   --no-wrap \
+   --title="Sovran_SystemsOS_Reseter" \
+   --text="Could Not Make Backup Directory"
+
    exit 1
 fi
 
-# move existing key material to backup folder
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 "cd /root/.ssh/agenix/; mv agenix-secret-keys* ${BAKDIR}"
+
+# Move existing keys to Backup Directory
+
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} "cd /root/.ssh/agenix/; mv agenix-secret-keys* ${BAKDIR}"
 
 if [[ $? != 0 ]]; then
-   echo "Could not move old files to ${BAKDIR} -- exiting" >&2
+
+zenity --error \
+   --ellipsize \
+   --no-wrap \
+   --title="Sovran_SystemsOS_Reseter" \
+   --text="Could Not Move Keys to Backup Directory"
+
    exit 1
 fi
 
-# generate new keys
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 'ssh-keygen -q -N "" -t ed25519 -f /root/.ssh/agenix/agenix-secret-keys'
+
+# Generate New Keys
+
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} 'ssh-keygen -q -N "" -t ed25519 -f /root/.ssh/agenix/agenix-secret-keys'
 
 if [[ $? != 0 ]]; then
-   echo "Could not recreate keys -- exiting" >&2
+
+zenity --error \
+   --ellipsize \
+   --no-wrap \
+   --title="Sovran_SystemsOS_Reseter" \
+   --text="Could Not Reset Main Agenix Keys"
+
    exit 1
 fi
 
-# Send key.pub into agenix/secrets.nix
 
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 'sed -i -e "0,/root.*/{s::root = $(cat /root/.ssh/agenix/agenix-secret-keys.pub):};s:root@nixos::" /var/lib/agenix-secrets/secrets.nix'
+
+# Send .pub into agenix/secrets.nix
+
+
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} 'sed -i -e "0,/root.*/{s::root = $(cat /root/.ssh/agenix/agenix-secret-keys.pub):};s:root@nixos::" /var/lib/agenix-secrets/secrets.nix'
 
 if [[ $? != 0 ]]; then
-   echo "Could not write keys -- exiting" >&2
+
+zenity --error \
+   --ellipsize \
+   --no-wrap \
+   --title="Sovran_SystemsOS_Reseter" \
+   --text="Could Not Send Agenix Keys to Main"
+
    exit 1
 fi
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 << 'EOF'
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
 sed -i 's:\(root =[[:blank:]]*\)\(.*\):\1"\2";:' /var/lib/agenix-secrets/secrets.nix
+
 EOF
 
 if [[ $? != 0 ]]; then
-   echo "Could not quote keys -- exiting" >&2
+
+zenity --error \
+   --ellipsize \
+   --no-wrap \
+   --title="Sovran_SystemsOS_Reseter" \
+   --text="Could Not Put Quotes On Agenix Keys in Main"
+
    exit 1
 fi
 
 
+
+
 #### DATABASES ####
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/wordpressdb"
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/wordpressdb"
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/matrixdb"
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/matrixdb"
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/nextclouddb"
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/nextclouddb"
 
 
 if [[ $? != 0 ]]; then
-   echo "Could not generate new passwords -- exiting" >&2
+
+zenity --error \
+   --ellipsize \
+   --no-wrap \
+   --title="Sovran_SystemsOS_Reseter" \
+   --text="Could Not Reset Database Passwords"
+
    exit 1
 fi
 
 
-#### Mysql
+#### Mysql Passwords ####
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 << 'EOF'
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
 
 wp=$(cat /var/lib/secrets/wordpressdb)
 
@@ -131,15 +218,21 @@ EOF
 
 
 if [[ $? != 0 ]]; then
-   echo "Could not update Wordpress Database Password -- exiting" >&2
+
+zenity --error \
+   --ellipsize \
+   --no-wrap \
+   --title="Sovran_SystemsOS_Reseter" \
+   --text="Could Not Update Wordpress Config File and/or Update Wordpress Password to Database"
+
    exit 1
 fi
 
 
 
-#### PostgresQL
+#### PostgresQL Passwords ####
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 << 'EOF'
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
 
 nc=$(cat /var/lib/secrets/nextclouddb)
 
@@ -148,12 +241,18 @@ sed -i "s:'dbpassword.*:'dbpassword' => '${nc}',:" /var/lib/www/nextcloud/config
 EOF
 
 if [[ $? != 0 ]]; then
-   echo "Could not update Nextcloud config.php file -- exiting" >&2
+
+zenity --error \
+   --ellipsize \
+   --no-wrap \
+   --title="Sovran_SystemsOS_Reseter" \
+   --text="Could Not Update Nextcloud Config File"
+
    exit 1
 fi
 
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 << 'EOF'
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
 
 nc=$(cat /var/lib/secrets/nextclouddb)
 
@@ -162,12 +261,18 @@ PGPASSWORD=${nc} psql -U ncusr nextclouddb
 EOF
 
 if [[ $? != 0 ]]; then
-   echo "Could not update Nextcloud Database Password-- exiting" >&2
+
+zenity --error \
+   --ellipsize \
+   --no-wrap \
+   --title="Sovran_SystemsOS_Reseter" \
+   --text="Could Not Reset Nextcloud Database Password"
+
    exit 1
 fi
 
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 << 'EOF'
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
 
 ms=$(cat /var/lib/secrets/matrixdb)
 
@@ -177,26 +282,41 @@ PGPASSWORD=${ms} psql -U matrix-synapse matrix-synapse
 EOF
 
 if [[ $? != 0 ]]; then
-   echo "Could not update Matrix-Synapse Database Password-- exiting" >&2
+
+zenity --error \
+   --ellipsize \
+   --no-wrap \
+   --title="Sovran_SystemsOS_Reseter" \
+   --text="Could Not Reset Matrix-Synapse Database Passwords"
+
    exit 1
 fi
 
 
+
 #### Matrix-Synapse Keys ####
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/turn"
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/turn"
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/matrix_reg_secret"
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} "echo -n $(pwgen -s 33 -1) > /var/lib/secrets/matrix_reg_secret"
 
 if [[ $? != 0 ]]; then
-   echo "Could not rest Matrix-Synapse/Coturn keys-- exiting" >&2
+
+zenity --error \
+   --ellipsize \
+   --no-wrap \
+   --title="Sovran_SystemsOS_Reseter" \
+   --text="Could Not Reset Matrix-Synapse Keys"
+
    exit 1
 fi
 
 
-#### UPDATE AGENIX ####
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 "
+
+#### UPDATE AGENIX SECRETS ####
+
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} "
 
 rm -rf /var/lib/agenix-secrets/nextclouddb.age ; 
 rm -rf /var/lib/agenix-secrets/wordpressdb.age ;
@@ -205,7 +325,7 @@ rm -rf /var/lib/agenix-secrets/matrixdb.age ;
 rm -rf /var/lib/agenix-secrets/matrix_reg_secret.age "
 
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 << 'EOF'
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
 
 pushd /var/lib/agenix-secrets/
 
@@ -223,19 +343,53 @@ popd
 
 
 if [[ $? != 0 ]]; then
-   echo "Could not update Agenix Keys-- exiting" >&2
+
+zenity --error \
+   --ellipsize \
+   --no-wrap \
+   --title="Sovran_SystemsOS_Reseter" \
+   --text="Could Not Update Agenix Secrects"
+
    exit 1
 fi
 
 EOF
 
+
+
+
 #### VAULTWARDEN ####
 
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
+
+
+echo -n $(pwgen -s 77 -1) > /var/lib/secrets/vaultwarden/vaultwarden
+
+ENCRYPTPASS=$(cat "/var/lib/secrets/vaultwarden/vaultwarden" | argon2 "$(openssl rand -base64 32)" -e -id -k 65540 -t 3 -p 4)
+
+sed -i "0,/ADMIN_.*/{s::ADMIN_TOKEN=${ENCRYPTPASS}:}" /var/lib/secrets/vaultwarden/vaultwarden.env
+
+
+EOF
+
+
+if [[ $? != 0 ]]; then
+
+zenity --error \
+   --ellipsize \
+   --no-wrap \
+   --title="Sovran_SystemsOS_Reseter" \
+   --text="Could Not Update Vaultwarden Password"
+
+   exit 1
+fi
+
+
 
 
 #### MAIN ####
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 << 'EOF'
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} << 'EOF'
 
 echo -n $(pwgen -s 77 -1) > /var/lib/secrets/main
 
@@ -245,22 +399,43 @@ EOF
 
 
 if [[ $? != 0 ]]; then
-   echo "Could not update Main Passoword-- exiting" >&2
+
+zenity --error \
+   --ellipsize \
+   --no-wrap \
+   --title="Sovran_SystemsOS_Reseter" \
+   --text="Could Not Update Main Password"
+
    exit 1
 fi
 
 
+
+
 #### RESET SYSTEMD SERVICES ####
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 "systemctl restart postgresql matrix-synapse caddy mysql coturn vaultwarden"
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} "systemctl restart postgresql matrix-synapse caddy mysql coturn vaultwarden"
 
 if [[ $? != 0 ]]; then
-   echo "Could not restart services-- exiting" >&2
+
+zenity --error \
+   --ellipsize \
+   --no-wrap \
+   --title="Sovran_SystemsOS_Reseter" \
+   --text="Could Not Reset Services"
+
    exit 1
 fi
 
 
 
-echo "All Fucking Done!!"
+
+#### FINAL DIALOG POPUP ####
+
+zenity --info \
+   --ellipsize \
+   --no-wrap \
+   --title="Sovran_SystemsOS_Reseter" \
+   --text="All Done!"
 
 exit 0
\ No newline at end of file
diff --git a/Sovran_SystemsOS_Updater/Updater Source Files/Update_Sovran_SystemsOS.sh b/Sovran_SystemsOS_Updater/Updater Source Files/Update_Sovran_SystemsOS.sh
index 55dc20d..6a42e81 100755
--- a/Sovran_SystemsOS_Updater/Updater Source Files/Update_Sovran_SystemsOS.sh	
+++ b/Sovran_SystemsOS_Updater/Updater Source Files/Update_Sovran_SystemsOS.sh	
@@ -2,6 +2,8 @@
 
 set -o nounset
 
+ID=$(curl ifconfig.me)
+
 curl "https://git.sovransystems.com/Sovran_Systems/Software/raw/branch/main/Sovran_SystemsOS_Updater/Updater%20Source%20Files/Intro.md" |
 zenity --text-info \
 --title="Sovran_SystemsOS Updater" \
@@ -16,7 +18,7 @@ else
 
 #id=$(curl ifconfig.me)
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 'cd /etc/nixos; nix flake update'
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} 'cd /etc/nixos; nix flake update'
 
 if [[ $? != 0 ]]; then
    echo "Could not update flake -- exiting" |
@@ -28,7 +30,7 @@ if [[ $? != 0 ]]; then
    exit 1
 fi
 
-ssh -i /home/free/.ssh/sovranpro_login root@192.168.1.32 "nixos-rebuild switch --impure" | 
+ssh -i /home/free/.ssh/sovranpro_login root@${ID} "nixos-rebuild switch --impure" | 
 	zenity --progress \
 		--no-cancel \
 		--auto-close \