2023-06-21 21:22:10 -07:00
#!/usr/bin/env bash
2023-07-10 01:22:21 -07:00
set -o nounset
2023-06-21 21:22:10 -07:00
GREEN="\e[32m"
LIGHTBLUE="\e[94m"
ENDCOLOR="\e[0m"
#
pushd /etc/nixos/
2023-07-10 01:24:05 -07:00
wget https://git.sovransystems.com/Sovran_Systems/Sovran_SystemsOS/raw/branch/main/for_new_sovran_pros/flake.nix
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chown root:root /etc/nixos/ -R
2023-07-10 02:39:34 -07:00
2023-07-10 01:25:09 -07:00
chmod 770 /etc/nixos/ -R
2023-06-21 21:22:10 -07:00
popd
#
2023-07-10 00:52:30 -07:00
rsync -av -e "ssh -i /root/factory_login_install" root@192.168.0.103:/home/ /home
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
rsync -av -e "ssh -i /root/factory_login_install" root@192.168.0.103:/var/lib/www/ /var/lib/www
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
rsync -av -e "ssh -i /root/factory_login_install" root@192.168.0.103:/var/lib/domains/ /var/lib/domains
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
rsync -av -e "ssh -i /root/factory_login_install" root@192.168.0.103:/var/lib/nextcloudaddition/ /var/lib/nextcloudaddition
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
rsync -av -e "ssh -i /root/factory_login_install" root@192.168.0.103:/var/lib/njalla/ /var/lib/njalla
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
rsync -av -e "ssh -i /root/factory_login_install" root@192.168.0.103:/var/lib/external_ip/ /var/lib/external_ip
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
rsync -av -e "ssh -i /root/factory_login_install" root@192.168.0.103:/var/lib/secrets/ /var/lib/secrets
rsync -av -e "ssh -i /root/factory_login_install" root@192.168.0.103:/var/lib/agenix-secrets/ /var/lib/agenix-secrets
2023-06-21 21:22:10 -07:00
2023-07-10 12:41:25 -07:00
rsync -av -e "ssh -i /root/factory_login_install" root@192.168.0.103:/root/.ssh/agenix/ /root/.ssh/agenix
2023-06-21 21:22:10 -07:00
#
2023-07-12 23:22:05 -07:00
echo -n $(pwgen -s 17 -1) > /var/lib/secrets/nextclouddb
echo -n $(pwgen -s 17 -1) > /var/lib/secrets/wordpressdb
echo -n $(pwgen -s 17 -1) > /var/lib/secrets/matrixdb
echo -n $(pwgen -s 17 -1) > /var/lib/secrets/turn
echo -n $(pwgen -s 17 -1) > /var/lib/secrets/matrix_reg_secret
echo -n $(pwgen -s 17 -1) > /var/lib/secrets/main
echo -n $(pwgen -s 17 -1) > /var/lib/secrets/onlyofficejwtSecretFile
echo -n ADMIN_TOKEN=$(openssl rand -base64 48
) > /var/lib/secrets/vaultwarden/vaultwarden.env
#
rm -rf /var/lib/agenix-secrets/nextclouddb.age
rm -rf /var/lib/agenix-secrets/wordpressdb.age
rm -rf /var/lib/agenix-secrets/turn.age
rm -rf /var/lib/agenix-secrets/matrixdb.age
rm -rf /var/lib/agenix-secrets/matrix_reg_secret.age
pushd /var/lib/agenix-secrets/
echo -n $(cat /var/lib/secrets/wordpressdb) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e wordpressdb.age -i /root/.ssh/agenix/agenix-secret-keys
echo -n $(cat /var/lib/secrets/nextclouddb) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e nextclouddb.age -i /root/.ssh/agenix/agenix-secret-keys
echo -n $(cat /var/lib/secrets/matrixdb) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e matrixdb.age -i /root/.ssh/agenix/agenix-secret-keys
echo -n $(cat /var/lib/secrets/turn) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e turn.age -i /root/.ssh/agenix/agenix-secret-keys
echo -n $(cat /var/lib/secrets/matrix_reg_secret) | EDITOR='cp /dev/stdin' nix run github:ryantm/agenix -- -e matrix_reg_secret.age -i /root/.ssh/agenix/agenix-secret-keys
popd
#
2023-06-21 21:22:10 -07:00
nixos-rebuild switch --impure
#
2023-07-10 00:52:30 -07:00
chown root:root /var/lib/secrets/main -R
chown root:root /var/lib/secrets/external_ip -R
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chown matrix-synapse:matrix-synapse /var/lib/secrets/matrix_reg_secret -R
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chown matrix-synapse:matrix-synapse /var/lib/secrets/matrixdb -R
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chown postgres:postgres /var/lib/secrets/nextclouddb -R
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chown turnserver:turnserver /var/lib/secrets/turn -R
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chown mysql:mysql /var/lib/secrets/wordpressdb -R
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chown vaultwarden:vaultwarden /var/lib/secrets/vaultwarden -R
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chown onlyoffice:onlyoffice /var/lib/secrets/onlyofficejwtSecretFile
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chmod 770 /var/lib/secrets/ -R
2023-06-21 21:22:10 -07:00
#
2023-07-10 00:52:30 -07:00
echo -e "${GREEN}What is your New Matrix (Element Chat) domain name?${ENDCOLOR}"
2023-06-21 21:22:10 -07:00
read
2023-07-10 00:52:30 -07:00
echo -n $REPLY > /var/lib/domains/matrix
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
echo -e "${GREEN}What is your New Wordpress domain name?${ENDCOLOR}"
2023-06-21 21:22:10 -07:00
read
2023-07-10 00:52:30 -07:00
echo -n $REPLY > /var/lib/domains/wordpress
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
echo -e "${GREEN}What is your New Nextcloud domain name?${ENDCOLOR}"
2023-06-21 21:22:10 -07:00
read
2023-07-10 00:52:30 -07:00
echo -n $REPLY > /var/lib/domains/nextcloud
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
echo -e "${GREEN}What is your New BTCPayserver domain name?${ENDCOLOR}"
2023-06-21 21:22:10 -07:00
read
2023-07-10 00:52:30 -07:00
echo -n $REPLY > /var/lib/domains/btcpayserver
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
echo -e "${GREEN}What is your New Vaultwarden domain name?${ENDCOLOR}"
2023-06-21 21:22:10 -07:00
read
2023-07-10 00:52:30 -07:00
echo -n $REPLY > /var/lib/domains/vaultwarden
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
echo -e "${GREEN}What is your New OnlyOffice domain name?${ENDCOLOR}"
2023-06-21 21:22:10 -07:00
read
2023-07-10 00:52:30 -07:00
echo -n $REPLY > /var/lib/domains/onlyoffice
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
echo -e "${GREEN}What is the email you would like to use to manage the SSL certificates for your domains?${ENDCOLOR}"
2023-06-21 21:22:10 -07:00
read
2023-07-10 00:52:30 -07:00
echo -n $REPLY > /var/lib/domains/sslemail
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chown caddy:php /var/lib/domains -R
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chmod 770 /var/lib/domains -R
2023-06-21 21:22:10 -07:00
#
set -x
2023-07-10 00:52:30 -07:00
rm -rf /home/free/.config/BraveSoftware
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
rm -rf /home/free/.local/share/fish/fish_history
2023-06-21 21:22:10 -07:00
#
2023-07-10 00:52:30 -07:00
rm -rf /var/lib/www/wordpress/wp-config.php
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
rm -rf /var/lib/www/nextcloud/config/config.php
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
touch /var/lib/www/nextcloud/config/CAN_INSTALL
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chown caddy:php /var/lib/www -R
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chmod 770 /var/lib/www -R
2023-06-21 21:22:10 -07:00
#
2023-07-10 00:52:30 -07:00
mkdir /var/lib/nextcloud
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chown caddy:php /var/lib/nextcloud -R
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chmod 770 /var/lib/nextcloud -R
2023-06-21 21:22:10 -07:00
#
2023-07-10 00:52:30 -07:00
mkdir /var/lib/coturn
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chown turnserver:turnserver /var/lib/coturn -R
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chmod 770 /var/lib/coturn -R
2023-06-21 21:22:10 -07:00
#
2023-07-10 00:52:30 -07:00
echo "root:$(cat /var/lib/secrets/main)" | chpasswd -c SHA512
2023-06-21 21:22:10 -07:00
#
2023-07-10 22:56:56 -07:00
sudo -u free flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
2023-06-21 21:22:10 -07:00
flatpak update
#
2023-07-10 22:19:48 -07:00
sudo -u free ssh-keygen -q -N "gosovransytems" -t ed25519 -f /home/free/.ssh/factory_login
2023-06-21 21:22:10 -07:00
2023-07-10 01:40:25 -07:00
sed -i -e "0,/ssh-ed25519.*/{ s::$(cat /home/free/.ssh/factory_login.pub): }" /root/.ssh/authorized_keys
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
#
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
echo "free:a" | chpasswd -c SHA512
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
#
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
rm -rf /root/sp
2023-06-21 21:22:10 -07:00
2023-07-10 12:41:25 -07:00
rm -rf /root/factory_login_install
rm -rf /home/free/.ssh/sovranpro_login
rm -rf /home/free/.ssh/sovranpro_login.pub
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chown bitcoin:bitcoin /run/media/Second_Drive/BTCEcoandBackup/Bitcoin_Node -R
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chmod 770 /run/media/Second_Drive/BTCEcoandBackup/Bitcoin_Node -R
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chown electrs:electrs /run/media/Second_Drive/BTCEcoandBackup/Electrs_Data -R
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
chmod 770 /run/media/Second_Drive/BTCEcoandBackup/Electrs_Data -R
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
nixos-rebuild switch --impure
2023-06-21 21:22:10 -07:00
#
set +x
2023-07-10 00:52:30 -07:00
echo -e "${GREEN}These four passwords are generated for convenience to use for the Web front end setup UI accounts for Nextcloud, Wordpress, VaultWarden, and BTCPayserver (if you want to use them).${ENDCOLOR} \n"
2023-06-21 21:22:10 -07:00
2023-07-10 00:52:30 -07:00
echo -e "$(pwgen -s 17 -1) \n"
echo -e "$(pwgen -s 17 -1) \n"
echo -e "$(pwgen -s 17 -1) \n"
echo -e "$(pwgen -s 17 -1) \n"
2023-06-21 21:22:10 -07:00
#
2023-07-10 00:52:30 -07:00
echo -e "${LIGHTBLUE}One last thing, you need to put the Njalla DDNS info from Njalla into njalla.sh.${ENDCOLOR} \n"
2023-06-21 21:22:10 -07:00
2023-07-10 01:22:21 -07:00
echo -e "${GREEN}All Finished! Please Reboot then Enjoy your New Sovran Pro!${ENDCOLOR} \n"
