1
|
#! /usr/bin/perl
|
2
|
|
3
|
# All rights reserved and Copyright (c) 2020 Origo Systems ApS.
|
4
|
# This file is provided with no warranty, and is subject to the terms and conditions defined in the license file LICENSE.md.
|
5
|
# The license file is part of this source code package and its content is also available at:
|
6
|
# https://www.origo.io/info/stabiledocs/licensing/stabile-open-source-license
|
7
|
|
8
|
use strict;
|
9
|
use Debconf::Client::ConfModule qw(:all);
|
10
|
#use Data::Dumper;
|
11
|
use Data::Password qw(:all);
|
12
|
|
13
|
version('2.0');
|
14
|
my $out = *STDERR;
|
15
|
|
16
|
my @qs = ("stabile/letsencrypt", "stabile/hostname", "stabile/initial_user", "stabile/initial_password");
|
17
|
my @titles = ("Configure SSL", "Set hostname", "Create initial user", "Set initial user password");
|
18
|
my @required = (0, 0, 1, 1);
|
19
|
my $alert;
|
20
|
my $interactive = $ENV{'DEBIAN_FRONTEND'} ne 'noninteractive';
|
21
|
my $syshostname = `cat /etc/hostname`;
|
22
|
chomp $syshostname;
|
23
|
set("stabile/hostname", $syshostname);
|
24
|
my $hostname = $syshostname;
|
25
|
my $req = 0;
|
26
|
|
27
|
for (my $i==0; $i<scalar @qs; $i++) {
|
28
|
if ($req>3) { # prevent deadlocks
|
29
|
$req = 0;
|
30
|
$alert = 0;
|
31
|
$i++;
|
32
|
}
|
33
|
my $q = $qs[$i];
|
34
|
capb(($i==0)?'':'backup'); # Don't show cancel on first question
|
35
|
my $title = $titles[$i];
|
36
|
$title = "* $title" if ($required[$i]);
|
37
|
if ($alert) { # Alert that this is a required field
|
38
|
$title = "$title ($alert)";
|
39
|
$alert = 0;
|
40
|
}
|
41
|
title($title);
|
42
|
input("high", $q);
|
43
|
my ($ret, $rstring) = go();
|
44
|
# print $out "got reply: $ret, $rstring, " . get($q). "\n";
|
45
|
if ($ret eq '30') { # Cancel button pressed, go back one
|
46
|
$i = $i-2;
|
47
|
$i = -1 if ($i<0);
|
48
|
} elsif (!get($q) && $required[$i]) { # No input - redisplay question
|
49
|
$alert = "required - please fill out";
|
50
|
if ($interactive) {
|
51
|
$i--;
|
52
|
$req++;
|
53
|
}
|
54
|
} elsif ($q eq "stabile/hostname") {
|
55
|
$hostname = get($q) || $syshostname;
|
56
|
my $ip;
|
57
|
my $letsencrypt = get("stabile/letsencrypt");
|
58
|
$letsencrypt = '' if ($letsencrypt eq 'false');
|
59
|
if ($letsencrypt) {
|
60
|
$ip = `dig \@1.1.1.1 +short $hostname`; chomp $ip;
|
61
|
} else {
|
62
|
$ip = `dig +short $hostname`; chomp $ip;
|
63
|
unless ($ip) {
|
64
|
$ip = $1 if (`getent ahostsv4 $hostname` =~ /(\d+\.\d+\.\d+\.\d+)/);
|
65
|
}
|
66
|
}
|
67
|
$ip = $1 if ($ip =~ /(\d+\.\d+\.\d+\.\d+)/s);
|
68
|
if (!$ip) {
|
69
|
$alert = "hostname must resolve to an IP address";
|
70
|
set($q, $syshostname);
|
71
|
if ($interactive) {
|
72
|
$i--;
|
73
|
$req++;
|
74
|
}
|
75
|
} elsif ($letsencrypt && !($hostname =~ /.+\..+/)) {
|
76
|
$alert = "hostname must be a FQDN";
|
77
|
set($q, $syshostname);
|
78
|
if ($interactive) {
|
79
|
$i--;
|
80
|
$req++;
|
81
|
}
|
82
|
} elsif ($letsencrypt) {
|
83
|
my $pubip = `curl --silent checkip.dyn.com`;
|
84
|
if ($pubip =~ /IP Address: (\d+\.\d+\.\d+\.\d+)/) {
|
85
|
$pubip = $1
|
86
|
} else {
|
87
|
$pubip = '';
|
88
|
}
|
89
|
if ($ip ne $pubip) {
|
90
|
$alert = "$hostname does not resolve ($ip) to your public IP address ($pubip), please correct or disable Let's Encrypt.";
|
91
|
set($q);
|
92
|
if ($interactive) {
|
93
|
$i--;
|
94
|
$req++;
|
95
|
}
|
96
|
}
|
97
|
open(my $base, '>', '/etc/stabile/baseurl');
|
98
|
print $base "https://$hostname/stabile";
|
99
|
close($base);
|
100
|
}
|
101
|
} elsif ($q eq "stabile/initial_password") {
|
102
|
$MAXLEN = 20;
|
103
|
my $pwd = get($q);
|
104
|
my $msg = IsBadPassword($pwd);
|
105
|
if ($msg) {
|
106
|
$alert = "$msg - please choose a stronger password!";
|
107
|
set($q);
|
108
|
if ($interactive) {
|
109
|
$i--;
|
110
|
$req++;
|
111
|
}
|
112
|
}
|
113
|
}
|
114
|
}
|
115
|
|
116
|
# echo "get stabile/hostname" | debconf-communicate
|
117
|
# echo "set stabile/hostname myhost" | debconf-communicate
|