From 793a17b3418e5a8248dee9f386d9e64df0cfc335 Mon Sep 17 00:00:00 2001 From: Tobias Cudnik Date: Thu, 4 May 2023 17:36:08 +0200 Subject: [PATCH] - nm-certs for zerossl - added config for email, domain - updated linux deps --- scripts/nm-certs.sh | 18 ++++++++++++++++ scripts/nm-quick.sh | 51 ++++++++++++++++++++++++++++++++++----------- 2 files changed, 57 insertions(+), 12 deletions(-) create mode 100644 scripts/nm-certs.sh diff --git a/scripts/nm-certs.sh b/scripts/nm-certs.sh new file mode 100644 index 00000000..304c4058 --- /dev/null +++ b/scripts/nm-certs.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +CONFIG_FILE=netmaker.env + +source $CONFIG_FILE + +# TODO check $DOMAIN, $EMAIL +# TODO support EE domains + +wget -O https://github.com/zerossl/zerossl-bot/raw/master/zerossl-bot.sh +chmod +x zerossl-bot.sh + +./zerossl-bot.sh certonly --standalone \ + -m "$EMAIL" \ + -d "stun.nm.$DOMAIN" \ + -d "broker.nm.$DOMAIN" \ + -d "dashboard.nm.$DOMAIN" \ + -d "api.nm.$DOMAIN" diff --git a/scripts/nm-quick.sh b/scripts/nm-quick.sh index 6049600d..c28c0d73 100755 --- a/scripts/nm-quick.sh +++ b/scripts/nm-quick.sh @@ -1,5 +1,6 @@ #!/bin/bash +CONFIG_FILE=netmaker.env LATEST=$(curl -s https://api.github.com/repos/gravitl/netmaker/releases/latest | grep "tag_name" | cut -d : -f 2,3 | tr -d [:space:],\") print_logo() { ( @@ -281,40 +282,40 @@ install_dependencies() { OS=$(uname) if [ -f /etc/debian_version ]; then - dependencies="git wireguard wireguard-tools dnsutils jq docker.io docker-compose" + dependencies="git wireguard wireguard-tools dnsutils jq docker.io certbot docker-compose python-is-python3" update_cmd='apt update' install_cmd='apt-get install -y' elif [ -f /etc/alpine-release ]; then - dependencies="git wireguard jq docker.io docker-compose" + dependencies="git wireguard jq docker.io certbot docker-compose" update_cmd='apk update' install_cmd='apk --update add' elif [ -f /etc/centos-release ]; then - dependencies="git wireguard jq bind-utils docker.io docker-compose" + dependencies="git wireguard jq bind-utils docker.io certbot docker-compose" update_cmd='yum update' install_cmd='yum install -y' elif [ -f /etc/fedora-release ]; then - dependencies="git wireguard bind-utils jq docker.io docker-compose" + dependencies="git wireguard bind-utils jq docker.io certbot docker-compose" update_cmd='dnf update' install_cmd='dnf install -y' elif [ -f /etc/redhat-release ]; then - dependencies="git wireguard jq docker.io bind-utils docker-compose" + dependencies="git wireguard jq docker.io bind-utils certbot docker-compose" update_cmd='yum update' install_cmd='yum install -y' elif [ -f /etc/arch-release ]; then - dependecies="git wireguard-tools dnsutils jq docker.io docker-compose" + dependecies="git wireguard-tools dnsutils jq docker.io certbot docker-compose" update_cmd='pacman -Sy' install_cmd='pacman -S --noconfirm' elif [ "${OS}" = "FreeBSD" ]; then - dependencies="git wireguard wget jq docker.io docker-compose" + dependencies="git wireguard wget jq docker.io certbot docker-compose" update_cmd='pkg update' install_cmd='pkg install -y' elif [ -f /etc/turris-version ]; then - dependencies="git wireguard-tools bash jq docker.io docker-compose" + dependencies="git wireguard-tools bash jq docker.io certbot docker-compose" OS="TurrisOS" update_cmd='opkg update' install_cmd='opkg install' elif [ -f /etc/openwrt_release ]; then - dependencies="git wireguard-tools bash jq docker.io docker-compose" + dependencies="git wireguard-tools bash jq docker.io certbot docker-compose" OS="OpenWRT" update_cmd='opkg update' install_cmd='opkg install' @@ -433,6 +434,14 @@ set_install_vars() { done fi + # update the config + touch $CONFIG_FILE + if grep -q "^DOMAIN=" $CONFIG_FILE; then + sed -i "s/DOMAIN=.*/DOMAIN=$NETMAKER_BASE_DOMAIN/" $CONFIG_FILE + else + echo "DOMAIN=$NETMAKER_BASE_DOMAIN" >> $CONFIG_FILE + fi + wait_seconds 2 echo "-----------------------------------------------------" @@ -476,19 +485,34 @@ set_install_vars() { done fi + # read the config file + if [ -f $CONFIG_FILE ]; then + source $CONFIG_FILE + fi + unset GET_EMAIL unset RAND_EMAIL RAND_EMAIL="$(echo $RANDOM | md5sum | head -c 16)@email.com" + # suggest the prev email or a random one + EMAIL_SUGGESTED=${EMAIL:-$RAND_EMAIL} if [ -z $AUTO_BUILD ]; then - read -p "Email Address for Domain Registration (click 'enter' to use $RAND_EMAIL): " GET_EMAIL + read -p "Email Address for Domain Registration (click 'enter' to use $EMAIL_SUGGESTED): " GET_EMAIL fi if [ -z "$GET_EMAIL" ]; then echo "using rand email" - EMAIL="$RAND_EMAIL" + EMAIL="$EMAIL_SUGGESTED" else EMAIL="$GET_EMAIL" fi + # update the config + touch $CONFIG_FILE + if grep -q "^EMAIL=" $CONFIG_FILE; then + sed -i "s/EMAIL=.*/EMAIL=$EMAIL/" $CONFIG_FILE + else + echo "EMAIL=$EMAIL" >> $CONFIG_FILE + fi + wait_seconds 1 unset GET_MQ_USERNAME @@ -576,7 +600,8 @@ install_netmaker() { CADDY_URL="https://raw.githubusercontent.com/gravitl/netmaker/$BUILD_TAG/docker/Caddyfile-EE" fi if [ ! "$BUILD_TYPE" = "local" ]; then - wget -O /root/docker-compose.yml $COMPOSE_URL && wget -O /root/mosquitto.conf https://raw.githubusercontent.com/gravitl/netmaker/$BUILD_TAG/docker/mosquitto.conf && wget -O /root/Caddyfile $CADDY_URL + # TODO debug only + # wget -O /root/docker-compose.yml $COMPOSE_URL && wget -O /root/mosquitto.conf https://raw.githubusercontent.com/gravitl/netmaker/$BUILD_TAG/docker/mosquitto.conf && wget -O /root/Caddyfile $CADDY_URL wget -O /root/wait.sh https://raw.githubusercontent.com/gravitl/netmaker/$BUILD_TAG/docker/wait.sh fi @@ -697,6 +722,8 @@ set -e # 6. get user input for variables set_install_vars +./nm-certs.sh + # 7. get and set config files, startup docker-compose install_netmaker