1 |
95b003ff
|
Origo
|
#! /usr/bin/perl
|
2 |
|
|
|
3 |
|
|
# All rights reserved and Copyright (c) 2020 Origo Systems ApS.
|
4 |
|
|
# This file is provided with no warranty, and is subject to the terms and conditions defined in the license file LICENSE.md.
|
5 |
|
|
# The license file is part of this source code package and its content is also available at:
|
6 |
|
|
# https://www.origo.io/info/stabiledocs/licensing/stabile-open-source-license
|
7 |
|
|
|
8 |
|
|
use strict;
|
9 |
|
|
use Debconf::Client::ConfModule qw(:all);
|
10 |
|
|
#use Data::Dumper;
|
11 |
|
|
use Data::Password qw(:all);
|
12 |
|
|
|
13 |
|
|
version('2.0');
|
14 |
|
|
my $out = *STDERR;
|
15 |
|
|
|
16 |
|
|
my @qs = ("stabile/letsencrypt", "stabile/hostname", "stabile/initial_user", "stabile/initial_password");
|
17 |
|
|
my @titles = ("Configure SSL", "Set hostname", "Create initial user", "Set initial user password");
|
18 |
|
|
my @required = (0, 0, 1, 1);
|
19 |
|
|
my $alert;
|
20 |
|
|
my $interactive = $ENV{'DEBIAN_FRONTEND'} ne 'noninteractive';
|
21 |
|
|
my $syshostname = `cat /etc/hostname`;
|
22 |
|
|
chomp $syshostname;
|
23 |
|
|
set("stabile/hostname", $syshostname);
|
24 |
|
|
my $hostname = $syshostname;
|
25 |
|
|
my $req = 0;
|
26 |
|
|
|
27 |
|
|
for (my $i==0; $i<scalar @qs; $i++) {
|
28 |
|
|
if ($req>3) { # prevent deadlocks
|
29 |
|
|
$req = 0;
|
30 |
|
|
$alert = 0;
|
31 |
|
|
$i++;
|
32 |
|
|
}
|
33 |
|
|
my $q = $qs[$i];
|
34 |
|
|
capb(($i==0)?'':'backup'); # Don't show cancel on first question
|
35 |
|
|
my $title = $titles[$i];
|
36 |
|
|
$title = "* $title" if ($required[$i]);
|
37 |
|
|
if ($alert) { # Alert that this is a required field
|
38 |
|
|
$title = "$title ($alert)";
|
39 |
|
|
$alert = 0;
|
40 |
|
|
}
|
41 |
|
|
title($title);
|
42 |
|
|
input("high", $q);
|
43 |
|
|
my ($ret, $rstring) = go();
|
44 |
|
|
# print $out "got reply: $ret, $rstring, " . get($q). "\n";
|
45 |
|
|
if ($ret eq '30') { # Cancel button pressed, go back one
|
46 |
|
|
$i = $i-2;
|
47 |
|
|
$i = -1 if ($i<0);
|
48 |
|
|
} elsif (!get($q) && $required[$i]) { # No input - redisplay question
|
49 |
|
|
$alert = "required - please fill out";
|
50 |
|
|
if ($interactive) {
|
51 |
|
|
$i--;
|
52 |
|
|
$req++;
|
53 |
|
|
}
|
54 |
|
|
} elsif ($q eq "stabile/hostname") {
|
55 |
|
|
$hostname = get($q) || $syshostname;
|
56 |
|
|
my $ip;
|
57 |
|
|
my $letsencrypt = get("stabile/letsencrypt");
|
58 |
|
|
$letsencrypt = '' if ($letsencrypt eq 'false');
|
59 |
|
|
if ($letsencrypt) {
|
60 |
|
|
$ip = `dig \@1.1.1.1 +short $hostname`; chomp $ip;
|
61 |
|
|
} else {
|
62 |
|
|
$ip = `dig +short $hostname`; chomp $ip;
|
63 |
|
|
unless ($ip) {
|
64 |
d24d9a01
|
hq
|
$ip = $1 if (`getent ahostsv4 $hostname` =~ /(\d+\.\d+\.\d+\.\d+)/);
|
65 |
95b003ff
|
Origo
|
}
|
66 |
|
|
}
|
67 |
|
|
$ip = $1 if ($ip =~ /(\d+\.\d+\.\d+\.\d+)/s);
|
68 |
|
|
if (!$ip) {
|
69 |
|
|
$alert = "hostname must resolve to an IP address";
|
70 |
|
|
set($q, $syshostname);
|
71 |
|
|
if ($interactive) {
|
72 |
|
|
$i--;
|
73 |
|
|
$req++;
|
74 |
|
|
}
|
75 |
|
|
} elsif ($letsencrypt && !($hostname =~ /.+\..+/)) {
|
76 |
|
|
$alert = "hostname must be a FQDN";
|
77 |
|
|
set($q, $syshostname);
|
78 |
|
|
if ($interactive) {
|
79 |
|
|
$i--;
|
80 |
|
|
$req++;
|
81 |
|
|
}
|
82 |
|
|
} elsif ($letsencrypt) {
|
83 |
|
|
my $pubip = `curl --silent checkip.dyn.com`;
|
84 |
|
|
if ($pubip =~ /IP Address: (\d+\.\d+\.\d+\.\d+)/) {
|
85 |
|
|
$pubip = $1
|
86 |
|
|
} else {
|
87 |
|
|
$pubip = '';
|
88 |
|
|
}
|
89 |
|
|
if ($ip ne $pubip) {
|
90 |
|
|
$alert = "$hostname does not resolve ($ip) to your public IP address ($pubip), please correct or disable Let's Encrypt.";
|
91 |
|
|
set($q);
|
92 |
|
|
if ($interactive) {
|
93 |
|
|
$i--;
|
94 |
|
|
$req++;
|
95 |
|
|
}
|
96 |
|
|
}
|
97 |
d24d9a01
|
hq
|
open(my $base, '>', '/etc/stabile/baseurl');
|
98 |
|
|
print $base "https://$hostname/stabile";
|
99 |
|
|
close($base);
|
100 |
95b003ff
|
Origo
|
}
|
101 |
|
|
} elsif ($q eq "stabile/initial_password") {
|
102 |
|
|
$MAXLEN = 20;
|
103 |
|
|
my $pwd = get($q);
|
104 |
|
|
my $msg = IsBadPassword($pwd);
|
105 |
|
|
if ($msg) {
|
106 |
|
|
$alert = "$msg - please choose a stronger password!";
|
107 |
|
|
set($q);
|
108 |
|
|
if ($interactive) {
|
109 |
|
|
$i--;
|
110 |
|
|
$req++;
|
111 |
|
|
}
|
112 |
|
|
}
|
113 |
|
|
}
|
114 |
|
|
}
|
115 |
|
|
|
116 |
|
|
# echo "get stabile/hostname" | debconf-communicate
|
117 |
|
|
# echo "set stabile/hostname myhost" | debconf-communicate
|