def main(): try: opts, args = getopt.gnu_getopt(sys.argv[1:], "h", ['help', 'virtual-subnet=', 'domain=']) except getopt.GetoptError as e: usage(e) profile = "" virtual_subnet = "" domain = "" for opt, val in opts: if opt in ('-h', '--help'): usage() elif opt == '--profile': profile = val elif opt == '--virtual-subnet': virtual_subnet = val elif opt == '--domain': domain = val dialog = Dialog("TurnKey Linux - First boot configuration") if not profile: profile = dialog.menu( "Wireguard Profile", "Choose a profile for this server.\n\n* Server: clients will route traffic through the VPN.", [('server', 'Accccept VPN connections from clients*'), ('client', 'Initiate VPN connections to a server')]) if not profile in ('server', 'client'): fatal(f'invalid profile: {profile!r}') if profile == 'client': return if not virtual_subnet: virtual_subnet = dialog.get_input( "Wireguard Virtual Address", "Enter IP address in CIDR of server reachable by clients", "10.0.0.0/8") if not domain: domain = dialog.get_input( "Wireguard Public Address", "Used in client configuration as wireguard endpoint", "www.example.com") cmd = os.path.join(os.path.dirname(os.path.abspath(__file__)), 'wireguard-server-init.sh') subprocess.run([cmd, virtual_subnet, domain])
def main(): try: opts, args = getopt.gnu_getopt(sys.argv[1:], "h", ['help', 'pass='******'email=', 'domain=']) except getopt.GetoptError as e: usage(e) password = "" email = "" domain = "" for opt, val in opts: if opt in ('-h', '--help'): usage() elif opt == '--pass': password = val elif opt == '--email': email = val elif opt == '--domain': domain = val if not password: d = Dialog('TurnKey Linux - First boot configuration') password = d.get_password( "Foswiki Password", "Enter new password for the Foswiki 'admin' account.") if not email: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "Foswiki Email", "Enter email address for the Foswiki 'admin' account.", "*****@*****.**") inithooks_cache.write('APP_EMAIL', email) if not domain: if 'd' not in locals(): d = Dialog('Turnkey Linux - First boot configuration') domain = d.get_input("Foswiki Domain", "Enter the domain to serve Foswiki.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN inithooks_cache.write('APP_DOMAIN', domain) if not (domain.startswith('http://') or domain.startswith('https://')): domain = 'https://' + domain check_output([ 'perl', '-CA', '/var/www/foswiki/tools/configure', '-save', '-set', '{Password}=%s' % password, '-set', '{WebMasterEmail}=%s' % email, '-set', '{DefaultUrlHost}=%s' % domain ])
def main(): try: opts, args = getopt.gnu_getopt(sys.argv[1:], "h", ['help', 'pass='******'email=', 'domain=']) except getopt.GetoptError as e: usage(e) email = "" domain = "" password = "" for opt, val in opts: if opt in ('-h', '--help'): usage() elif opt == '--pass': password = val elif opt == '--email': email = val elif opt == '--domain': domain = val if not password: d = Dialog('TurnKey Linux - First boot configuration') password = d.get_password( "PHPlist Password", "Enter new password for the PHPlist 'admin' account.") if not email: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "PHPlist Email", "Enter email address for the PHPlist 'admin' account.", "*****@*****.**") inithooks_cache.write('APP_EMAIL', email) if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "PHPlist Domain", "Enter the domain to serve PHPlist.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN inithooks_cache.write('APP_DOMAIN', domain) m = MySQL() m.execute('UPDATE phplist.admin SET password=%s WHERE loginname=\"admin\";', (password,)) m.execute('UPDATE phplist.admin SET email=%s WHERE loginname=\"admin\";', (email,)) m.execute('UPDATE phplist.config SET value=%s WHERE item=\"website\";', (domain,))
def main(): try: opts, args = getopt.gnu_getopt(sys.argv[1:], "h", ['help', 'pass='******'domain=']) except getopt.GetoptError as e: usage(e) password = "" domain = "" for opt, val in opts: if opt in ('-h', '--help'): usage() elif opt == '--pass': password = val elif opt == '--domain': domain = val if not password: d = Dialog('TurnKey GNU/Linux - First boot configuration') password = d.get_password( "Nextcloud Password", "Enter new password for the Nextcloud 'admin' account.") if not domain: if 'd' not in locals(): d = Dialog('TurnKey GNU/Linux - First boot configuration') domain = d.get_input("Nextcloud Domain", "Enter the domain to serve Nextcloud.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN sedcom = """ /0 => 'localhost',/ a\ 1 => '%s', """ conf = '/var/www/nextcloud/config/config.php' call(['sed', '-i', "/1 => /d", conf]) call(['sed', '-i', sedcom % domain, conf]) call([ '/usr/local/bin/turnkey-occ', 'user:resetpassword', '--password-from-env', 'admin' ], cwd='/var/www/nextcloud', env={"OC_PASS": password})
def main(): try: opts, args = getopt.gnu_getopt(sys.argv[1:], "h", ['help', 'pass='******'domain=']) except getopt.GetoptError as e: usage(e) password = "" domain = "" for opt, val in opts: if opt in ('-h', '--help'): usage() elif opt == '--pass': password = val elif opt == '--domain': domain = val if not password: d = Dialog('TurnKey Linux - First boot configuration') password = d.get_password( "SuiteCRM Password", "Enter new password for the SuiteCRM 'admin' account.") if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "SuiteCRM Domain", "Enter the domain to serve SuiteCRM.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN with open('/var/www/suitecrm/config.php', 'r') as fob: filedata = fob.read() filedata = filedata.replace('http://127.0.0.1', domain) with open('/var/www/suitecrm/config.php', 'w') as fob: fob.write(filedata) hash_pass = hashlib.md5(password.encode('utf8')).hexdigest() m = MySQL() m.execute('UPDATE suitecrm.users SET user_hash=%s WHERE user_name=\"admin\";', (hash_pass,))
def main(): try: opts, args = getopt.gnu_getopt(sys.argv[1:], "h", ['help', 'pass='******'domain=']) except getopt.GetoptError as e: usage(e) domain = "" password = "" for opt, val in opts: if opt in ('-h', '--help'): usage() elif opt == '--pass': password = val elif opt == '--domain': domain = val if not password: d = Dialog('TurnKey Linux - First boot configuration') password = d.get_password( "OpenLDAP Password", "Enter new password for the OpenLDAP 'admin' account.") if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input("OpenLDAP Domain", "Enter the OpenLDAP domain.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN inithooks_cache.write('APP_DOMAIN', domain) script = os.path.join(os.path.dirname(__file__), 'openldap-reinit.sh') subprocess.check_output([script, domain, password])
if not email: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email("Piwik Email", "Enter email address for Piwik 'admin' account.", "*****@*****.**") inithooks_cache.write('APP_EMAIL', email) if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input("Piwik Domain", "Enter the domain to serve Piwik.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN inithooks_cache.write('APP_DOMAIN', domain) domain = domain.strip("/") if not domain.startswith("http://"): domain = "http://%s/" % domain m = MySQL() m.execute( 'UPDATE piwik.piwik_option SET option_value=\"%s\" WHERE option_name=\"piwikUrl\";' % domain)
def main(): try: opts, args = getopt.gnu_getopt(sys.argv[1:], "h", ['help', 'pass='******'email=', 'domain=']) except getopt.GetoptError as e: usage(e) email = "" domain = "" password = "" for opt, val in opts: if opt in ('-h', '--help'): usage() elif opt == '--pass': password = val elif opt == '--email': email = val elif opt == '--domain': domain = val elif opt == '--schema': schema = val if not password: d = Dialog('TurnKey Linux - First boot configuration') password = d.get_password( "GitLab Password", "Enter new password for the GitLab 'root' account.", pass_req=8) if not email: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "GitLab Email", "Enter email address for the GitLab 'root' account.", "*****@*****.**") inithooks_cache.write('APP_EMAIL', email) if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input("GitLab Domain", "Enter the domain to serve GitLab.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN inithooks_cache.write('APP_DOMAIN', domain) print("Reconfiguring GitLab. This might take a while. Please wait.") config = "/etc/gitlab/gitlab.rb" domain = "http://%s" % domain subprocess.run( ["sed", "-i", "/^external_url/ s|'.*|'%s'|" % domain, config]) subprocess.run([ "sed", "-i", "/^gitlab_rails\['gitlab_email_from'\]/ s|=.*|= '%s'|" % email, config ]) subprocess.run(["gitlab-ctl", "reconfigure"]) print( "Setting GitLab 'root' user password and email in database. This might take a while too. Please wait (again)." ) tmp_dir = '/run/user/0' tmp_file = '.gitlab-init.rb' if not os.path.exists(tmp_dir): os.makedirs(tmp_dir) tmp_path = '/'.join([tmp_dir, tmp_file]) # include token resetting here now (just before 'exit'); should fix #1315/#1342 for good! tmp_contents = """ ActiveRecord::Base.logger.level = 1 u = User.where(id: 1).first u.password = u.password_confirmation = '{}' u.email = '{}' u.skip_reconfirmation! u.save! ApplicationSetting.current.reset_runners_registration_token! exit """ flags = os.O_WRONLY | os.O_CREAT with os.fdopen(os.open(tmp_path, flags, 0o600), 'w') as fob: fob.write(tmp_contents.format(password, email)) uid = pwd.getpwnam('git').pw_uid os.chown(tmp_path, uid, 0) try: subprocess.run( ["gitlab-rails", "runner", "-e", "production", tmp_path]) print("Done.") finally: os.remove(tmp_path)
if not email: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "SimpleMachines Email", "Enter email address for the SMF 'admin' account.", "*****@*****.**") if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "SimpleMachines Domain", "Enter the domain to serve SimpleMachines.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN hash = hashlib.sha1('admin' + password).hexdigest() m = MySQL() m.execute('UPDATE simplemachines.members SET passwd=\"%s\" WHERE member_name=\"admin\";' % hash) m.execute('UPDATE simplemachines.members SET email_address=\"%s\" WHERE member_name=\"admin\";' % email) m.execute('UPDATE simplemachines.settings SET value=\"http://%s/Smileys\" WHERE variable=\"smileys_url\";' % domain) m.execute('UPDATE simplemachines.settings SET value=\"http://%s/avatars\" WHERE variable=\"avatar_url\";' % domain) m.execute('UPDATE simplemachines.themes SET value=\"http://%s/Themes/default\" WHERE variable=\"theme_url\" AND id_theme=1;' % domain)
username = "" password = "" for opt, val in opts: if opt in ('-h', '--help'): usage() elif opt == '--pass': password = val elif opt == '--user ': username = val if not username: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') username = d.get_input( "ownCloud Admin Username", "Enter the username for the ownCloud Admin user).", DEFAULT_USER) if username == "DEFAULT": username = DEFAULT_USER if not password: d = Dialog('TurnKey Linux - First boot configuration') password = d.get_password( "ownCloud Password", "Enter new password for the ownCloud Admin account") hashpass = md5(password).hexdigest() m = MySQL() m.execute('UPDATE owncloud.oc_users SET uid=\"%s\" WHERE id=\"1\";' % username) m.execute('UPDATE owncloud.oc_users SET password=\"%s\" WHERE id=\"1\";' % hashpass)
password = val elif opt == '--domain': domain = val if not password: d = Dialog('TurnKey Linux - First boot configuration') password = d.get_password( "ownCloud Password", "Enter new password for the ownCloud 'admin' account.") if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input("OwnCloud Domain", "Enter the domain to serve OwnCloud.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN # make sure MySQL is running when we call the OCServer hasher in owncloud_pass.php m = MySQL() command = ["php", join(dirname(__file__), 'owncloud_pass.php'), password] p = Popen(command, stdin=PIPE, stdout=PIPE) stdout, stderr = p.communicate() if stderr: fatal(stderr) cryptpass = stdout.strip()
usage(e) domain = "" for opt, val in opts: if opt in ('-h', '--help'): usage() elif opt == '--domain': domain = val if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "EspoCRM URL", "Example: www.mydomain.com or mydomain.com", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN conf = "/var/www/espocrm/data/config.php" system("sed -i \"s|siteUrl.*|siteUrl' => 'http://%s',|\" %s" % (domain, conf)) if __name__ == "__main__": main()
if not password: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') password = d.get_password( "PrestaShop Password", "Enter new password for the PrestaShop '%s' account." % email, pass_req=8) if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "PrestaShop Domain", "Enter the domain to serve Prestashop.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN inithooks_cache.write('APP_DOMAIN', domain) for line in file('/var/www/prestashop/config/settings.inc.php').readlines(): m = re.match("define\('_COOKIE_KEY_', '(.*)'", line.strip()) if m: cookie_key = m.group(1) hashpass = hashlib.md5(cookie_key + password).hexdigest() m = MySQL()
if not email: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "Canvas Email", "Enter email address for the Canvas 'admin' account.", "*****@*****.**") if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "Canvas Domain", "Enter the domain to serve Canvas.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN salt = "".join(random.choice(string.letters) for line in range(20)) hash = password + salt for i in range(20): hash = hashlib.sha512(hash).hexdigest() access_token = "".join(random.choice(string.letters) for line in range(20)) m = MySQL() m.execute('UPDATE canvas_production.users SET name=\"%s\", sortable_name=\"%s\" WHERE id=1;' % (email, email)) m.execute('UPDATE canvas_production.pseudonyms SET unique_id=\"%s\", crypted_password=\"%s\", password_salt=\"%s\", single_access_token=\"%s\" WHERE user_id=1;' % (email, hash, salt, access_token))
if not email: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "ZenCart Email", "Enter email address for the ZenCart 'admin' account.", "*****@*****.**") if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "ZenCart Domain", "Enter the domain to serve ZenCart.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN salt = "".join(random.choice(string.letters) for line in range(2)) hashpass = "******".join([hashlib.md5(salt + password).hexdigest(), salt]) m = MySQL() m.execute('UPDATE zencart.admin SET admin_pass=\"%s\" WHERE admin_name=\"admin\";' % hashpass) m.execute('UPDATE zencart.admin SET admin_email=\"%s\" WHERE admin_name=\"admin\";' % email) # perform tweaks so user isn't asked to reset password now = datetime.now() date = now.strftime("%Y-%m-%d %H:%M:%S")
if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "Django Email", "Enter email address for the Django 'admin' account.", "*****@*****.**") inithooks_cache.write('APP_EMAIL', email) if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "Django Domain", "Enter the domain to serve Django.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN inithooks_cache.write('APP_DOMAIN', domain) m = MySQL() m.execute('UPDATE django.auth_user SET email=\"%s\" WHERE username=\"admin\";' % email) os.system("echo \"from django.contrib.auth.models import User; user = User.objects.get(username='******'); user.set_password('"+ password + "');user.save()\" | /var/www/turnkey_project/manage.py shell") with open('/var/lib/django/allowed_hosts', 'w') as fob: fob.write("*" + '\n') fob.write(domain + '\n')
if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "GNU social Email", "Please enter email address for the GNU Social 'administrator' account.", "*****@*****.**") inithooks_cache.write('APP_EMAIL', email) if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "GNU social Domain", "Enter the domain to serve GNU social", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN inithooks_cache.write('APP_DOMAIN', domain) hashpass = hashlib.md5(password + '1').hexdigest() # userid m = MySQL() m.execute('UPDATE gnusocial.user SET email=\"%s\" WHERE nickname=\"administrator\";' % email) m.execute('UPDATE gnusocial.user SET password=\"%s\" WHERE nickname=\"administrator\";' % hashpass) m.execute('UPDATE gnusocial.user SET uri=\"http://%s/user/1\" WHERE nickname=\"administrator\";' % domain) new = []
admin_password = "" for opt, val in opts: if opt in ('-h', '--help'): usage() elif opt == '--pass': admin_password = val elif opt == '--realm': realm = val DEFAULT_DOMAIN = realm.split('.')[0].upper() elif opt == '--domain': domain = val if not realm: d = Dialog('Turnkey Linux - First boot configuration') realm = d.get_input( "Samba/Kerberos Realm", "Enter realm you would like to use.", DEFAULT_REALM) DEFAULT_DOMAIN = realm.split('.')[0].upper() if not domain: d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "Samba Domain", "Enter domain you would like to use.", DEFAULT_DOMAIN) if not admin_password: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') admin_password = d.get_password(
password = val elif opt == '--domain': domain = val if not password: d = Dialog('TurnKey Linux - First boot configuration') password = d.get_password( "Zurmo Password", "Enter new password for the Zurmo 'admin' account.") if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "Zurmo Domain", "Enter the domain to serve Zurmo.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN hash = hashlib.md5(password).hexdigest() m = MySQL() m.execute('UPDATE zurmo._user SET hash=\"%s\" WHERE username=\"admin\";' % hash) conf = "/var/www/zurmo/app/protected/config/perInstance.php" system("sed -i \"s|hostInfo.*|hostInfo'] = 'http://%s';|\" %s" % (domain, conf)) if __name__ == "__main__": main()
if not email: if 'd' not in locals(): d = Dialog('Turnkey Linux - First boot configuration') email = d.get_email( "Ghost Email", "Please enter email address for the Ghost blogger account.", "*****@*****.**") if not uname: if 'd' not in locals(): d = Dialog('Turnkey Linux - First boot configuration') uname = d.get_input( "Ghost Account Name", "Enter the Ghost blogger's name (real name recommended).", DEFAULT_UNAME) if uname == "DEFAULT": uname = DEFAULT_UNAME if not domain: if 'd' not in locals(): d = Dialog('Turnkey Linux - First boot configuration') domain = d.get_input( "Ghost Domain", "Enter the domain to serve Ghost, include http(s) protocol, defaults to https.", "https://www.example.com") if not domain.startswith('https://') and not domain.startswith('http://'):
if not email: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "eZPublish Email", "Enter email address for the eZPublish 'admin' account.", "*****@*****.**") if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "eZPublish Domain", "Enter the domain to serve eZPublish.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN def sed(var, val, conf): system("sed -i \"s|%s.*|%s%s|\" %s" % (var, var, val, conf)) # tweak configuration files conf = "/var/www/ezpublish/settings/siteaccess/eng/site.ini.append.php" sed("SiteURL=", "%s/index.php/eng" % domain, conf) sed("ActionURL=", "http://%s/index.php/site_admin/user/login" % domain, conf) sed("AdminEmail=", email, conf) conf = "/var/www/ezpublish/settings/siteaccess/site/site.ini.append.php"
def main(): HOSTNAME = subprocess.run(['hostname', '-s'], encoding='utf-8', stdout=PIPE).stdout.strip() NET_IP = subprocess.run(['hostname', '-I'], encoding='utf-8', stdout=PIPE).stdout.strip() # disabled for now, will reimplment at some point... # NET_IP321 = NET_IP.split('.')[:-1] # NET_IP321.reverse() # NET_IP321 = '.'.join(NET_IP321) # NET_IP4 = NET_IP.split('.')[-1] DEFAULT_HOSTNAME = "dc1" DEFAULT_REALM = "DOMAIN.LAN" DEFAULT_DOMAIN = "DOMAIN" DEFAULT_NS = "" DEFAULT_NEW_HOSTNAME = "dc2" try: opts, args = getopt.gnu_getopt( sys.argv[1:], "h", ['help', 'pass='******'domain=', 'realm=', 'join_ns=', 'hostname=']) except getopt.GetoptError as e: usage(e) interactive = False domain = "" realm = "" admin_password = "" join_nameserver = "" hostname = "" for opt, val in opts: if opt in ('-h', '--help'): usage() elif opt == '--pass': admin_password = val elif opt == '--realm': realm = val elif opt == '--domain': domain = val elif opt == '--join_ns': join_nameserver = val DEFAULT_NS = join_nameserver elif opt == '--hostname': hostname = val if ((not (realm and domain and admin_password)) or (join_nameserver and not valid_ip(join_nameserver) or (join_nameserver and not hostname)) or TURNKEY_INIT): interactive = True if join_nameserver: create = True elif realm and domain and admin_password and join_nameserver and hostname: join_nameserver = valid_ip(join_nameserver) update_resolvconf(realm.lower(), join_nameserver, interactive) hostname = validate_hostname(hostname, realm, interactive, DEFAULT_HOSTNAME) if join_nameserver and hostname[0]: # both valid create = False elif join_nameserver: # invalid hostname restore_resolvconf() interactive = True hostname = "" elif hostname[0]: # invalid nameserver IPv4 interactive = True else: # both invalid restore_resolvconf() interactive = True hostname = "" join_nameserver = "" elif realm and domain and admin_password and not join_nameserver: create = True while True: if TURNKEY_INIT: d = Dialog('Turnkey Linux - First boot configuration') do_it = d.yesno( "Reconfigure Samba?", "Existing Samba config will be removed.\n\n" "Cancelling will leave existing config in place.\n" "\nContinue?", "Reconfigure", "Cancel") if not do_it: sys.exit(0) if interactive and not join_nameserver: d = Dialog('Turnkey Linux - First boot configuration') create = d.yesno( "Create new AD or join existing?", "You can create new Active Directory or join existing one." "\n\nNote that joining a non-TurnKey existing AD domain not is" " experimental and may fail. If so, please manually configure" " using the 'samba-tool' commandline tool.", "Create", "Join") if create: create = True else: create = False if not realm: while True: d = Dialog('Turnkey Linux - First boot configuration') realm = d.get_input( "Samba Kerberos Realm / AD DNS zone", "Kerberos Realm should be 2 or more groups of 63 or less" " ASCII characters, separated by dot(s). Kerberos realm" " will be stored as uppercase; DNS zone as" " lowercase\n\n" "Enter the Realm / DNS zone you would like to use.", DEFAULT_REALM) realm = validate_realm(realm, interactive) if realm[0]: break else: d.error(realm[1]) continue else: realm = validate_realm(realm, interactive) if not domain: while True: d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "Samba NetBIOS Domain (aka workgroup)", "The NetBIOS domain (aka workgroup) should be 15 or less" " ASCII characters.\n\n" "Enter NetBIOS domain (aka 'WORKGROUP') to use.", DEFAULT_DOMAIN) domain = validate_netbios(domain, interactive) if domain[0]: break else: d.error(domain[1]) continue else: domain = validate_netbios(domain, interactive) if not admin_password: d = Dialog('TurnKey Linux - First boot configuration') server_status = 'new' if create else 'existing' admin_password = d.get_password( "Samba Password", "Enter password for the {} samba Domain 'Administrator'" " account.".format(server_status), pass_req=8, min_complexity=3, blacklist=['(', ')']) if interactive and not create: d = Dialog('Turnkey Linux - First boot configuration') if not join_nameserver: while True: join_nameserver = d.get_input( "Add nameserver", "Set DNS server IPv4 for existing AD domain DNS" " server", DEFAULT_NS) if not valid_ip(join_nameserver): d.error("IP: '{}' not valid.".format(join_nameserver)) join_nameserver = "" continue else: break update_resolvconf(realm.lower(), join_nameserver, interactive) if not hostname: while True: hostname = d.get_input( "Set new hostname", "Set new unique hostname for this domain-controller.", DEFAULT_NEW_HOSTNAME) hostname = validate_hostname(hostname, realm.lower(), interactive, DEFAULT_HOSTNAME) if not hostname[0]: d.error(hostname[1]) continue else: set_hostname(hostname) break # Stop any Samba services services = ['samba', 'samba-ad-dc', 'smbd', 'nmbd'] for service in services: subprocess.run(['systemctl', 'stop', service], stderr=PIPE) # Remove Samba & Kerberos conf rm_f('/etc/samba/smb.conf') rm_f('/etc/krb5.conf') # Remove Samba DBs dirs = [ '/var/run/samba', '/var/lib/samba', '/var/cache/samba', '/var/lib/samba/private' ] for _dir in dirs: for _db_file in ['*.tdb', '*.ldb']: rm_glob('/'.join([_dir, _db_file])) set_expiry = [ 'samba-tool', 'user', 'setexpiry', ADMIN_USER, '--noexpiry' ] export_krb = [ 'samba-tool', 'domain', 'exportkeytab', '/etc/krb5.keytab' ] krb_pass = None if create: ip = NET_IP # will add to hosts file samba_domain = [ 'samba-tool', 'domain', 'provision', '--server-role=dc', '--use-rfc2307', '--dns-backend=SAMBA_INTERNAL', '--realm={}'.format(realm), '--domain={}'.format(domain), '--adminpass={}'.format(admin_password), '--option=dns forwarder=8.8.8.8', '--option=interfaces=127.0.0.1 {}'.format(NET_IP) ] commands = [samba_domain, set_expiry, export_krb] nameserver = '127.0.0.1' hostname = HOSTNAME else: # join with open('/etc/krb5.conf', 'w') as fob: fob.write('[libdefaults]\n') fob.write(' dns_lookup_realm = false\n') fob.write(' dns_lookup_kdc = true\n') fob.write(' default_realm = {}'.format(realm)) ip = None # will update 127.0.1.1 hosts entry only config_krb = ['kinit', 'administrator'] krb_pass = admin_password samba_domain = [ 'samba-tool', 'domain', 'join', realm.lower(), 'DC', "--option='idmap_ldb:use rfc2307 = yes'" ] commands = [config_krb, samba_domain, export_krb] nameserver = join_nameserver finalize = False update_resolvconf(realm.lower(), nameserver, interactive) print('hostname', hostname, 'realm', realm) update_hosts('127.0.1.1', hostname, realm) if ip: update_hosts(ip, hostname, realm) for samba_command in commands: print('Running command: {}'.format(' '.join(samba_command))) if krb_pass: samba_run_code, samba_run_out = run_command(samba_command, stdin=krb_pass) krb_pass = None else: samba_run_code, samba_run_out = run_command(samba_command) if samba_run_code != 0: os.makedirs(os.path.dirname(COMMAND_LOG), exist_ok=True) with open(COMMAND_LOG, 'a') as fob: fob.write("Command: {}\n\n".format( " ".join(samba_command))) fob.write("\n") fob.write("{}\n".format(samba_run_out)) if interactive: d = Dialog('Turnkey Linux - First boot configuration') # handle incorrect details lines_to_print = [] end = False for line in samba_run_out.split('\n'): if line.startswith('Failed to bind'): lines_to_print.append("-".join( line.split("-", 2)[:2])) elif line.startswith('Failed to connect'): lines_to_print.append(line.split("-", 1)[:1][0]) elif line.startswith('ERROR'): lines_to_print.append("-".join( line.split("-", 2)[:2])) end = True else: if not end: lines_to_print.append(line) continue lines_to_print.append('') lines_to_print.append( "See {} for full output".format(COMMAND_LOG)) retry = d.error("{}\n\n".format('\n'.join(lines_to_print))) finalize = False DEFAULT_REALM = realm realm = "" DEFAULT_DOMAIN = domain domain = "" admin_password = "" DEFAULT_NS = join_nameserver join_nameserver = "" break else: fatal("Errors in processing domain-controller inithook" " data:\n{}".format(samba_run_out)) else: finalize = True if finalize: os.chown('/etc/krb5.keytab', 0, 0) os.chmod('/etc/krb5.keytab', 0o600) shutil.copy2('/var/lib/samba/private/krb5.conf', '/etc/krb5.conf') subprocess.run(['systemctl', 'start', 'samba-ad-dc']) while subprocess.run([ 'systemctl', 'is-active', '--quiet', 'samba-ad-dc' ]).returncode != 0: time.sleep(1) subprocess.check_output(['kinit', ADMIN_USER], encoding='utf-8', input=admin_password) msg = "\nPlease ensure that you have set a static IP. If you" \ " haven't already, please ensure that you do that ASAP," \ " and update IP addresses in DNS and hosts file (please" \ " see docs for more info).\n" if create: msg = msg + \ "\nWhen adding clients, you'll need this info:\n" \ " nameserver: {}\n" \ " * - set client to use this nameserver first!\n" \ " AD DNS domain: {}\n" \ " AD admin account name: {}\n" \ " AD admin user password: (what you set)\n" \ "".format(nameserver, realm.lower(), ADMIN_USER) if interactive: d = Dialog('Turnkey Linux - First boot configuration') d.infobox(msg) else: print(msg) cleanup() break else: restore_resolvconf() restore_hosts()
if not email: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "Magento Email", "Enter email address for the Magento 'admin' account.", "*****@*****.**") if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "Magento Domain", "Enter the domain to serve Magento.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN hashpass = hashlib.md5("qX" + password).hexdigest() + ":qX" m = MySQL() m.execute('UPDATE magento.admin_user SET email=\"%s\" WHERE username=\"admin\";' % email) m.execute('UPDATE magento.admin_user SET password=\"%s\" WHERE username=\"admin\";' % hashpass) m.execute('UPDATE magento.core_config_data SET value=\"http://%s/\" WHERE path=\"web/unsecure/base_url\";' % (domain)) m.execute('UPDATE magento.core_config_data SET value=\"https://%s/\" WHERE path=\"web/secure/base_url\";' % (domain)) # delete cache so it will be rebuilt for new domain shutil.rmtree("/var/www/magento/var/cache", ignore_errors=True)
password = val elif opt == '--domain': domain = val if not password: d = Dialog('TurnKey Linux - First boot configuration') password = d.get_password( "OpenLDAP Password", "Enter new password for the OpenLDAP 'admin' account.") if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "OpenLDAP Domain", "Enter the OpenLDAP domain.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN inithooks_cache.write('APP_DOMAIN', domain) script = os.path.join(os.path.dirname(__file__), 'openldap-reinit.sh') system(script, domain, password) if __name__ == "__main__": main()
usage(e) domain = "" password = "" for opt, val in opts: if opt in ('-h', '--help'): usage() elif opt == '--pass': password = val elif opt == '--domain': domain = val if not domain: d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "Samba Domain", "Enter domain you would like to use.", DEFAULT_DOMAIN) if not password: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') password = d.get_password( "Samba Password", "Enter new password for the samba 'administrator' account.") system("/etc/init.d/samba stop >/dev/null || true") # set domain if domain == "DEFAULT": domain = DEFAULT_DOMAIN
if not email: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "Mattermost Administrator's Email", "Enter email address for Mattermost 'admin' account.", "*****@*****.**") inithooks_cache.write('APP_EMAIL', email) if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "Mattermost domain", "Enter domain to serve Mattermost", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN inithooks_cache.write('APP_DOMAIN', domain) if not domain.startswith('https://') and not domain.startswith('http://'): domain = 'https://'+domain system('sed -i "/SiteURL/ s|\\":.*|\\": \\\"%s\\\",|" /opt/mattermost/config/config.json' % domain) salt = bcrypt.gensalt() hashpass = bcrypt.hashpw(password, salt)
if not email: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "Elgg Email", "Enter email address for the Elgg 'admin' account.", "*****@*****.**") if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "Elgg Domain", "Enter the domain to serve Elgg.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN domain = domain.strip("/") if not domain.startswith("http://"): domain = "http://%s/" % domain salt = "".join(random.choice(string.letters) for line in range(8)) hashpass = hashlib.md5(password + salt).hexdigest() m = MySQL() m.execute('UPDATE elgg.elgg_users_entity SET salt=\"%s\" WHERE username=\"admin\";' % salt) m.execute('UPDATE elgg.elgg_users_entity SET password=\"%s\" WHERE username=\"admin\";' % hashpass)
if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "BambooInvoice Email", "Enter email address for the 'admin' account.", "*****@*****.**") inithooks_cache.write('APP_EMAIL', email) if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "BambooInvoice Domain", "Enter the domain to serve BambooInvoice.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN inithooks_cache.write('APP_DOMAIN', domain) command = ["php", join(dirname(__file__), 'bambooinvoice_pass.php'), password] p = subprocess.Popen(command, stdin=PIPE, stdout=PIPE, shell=False) stdout, stderr = p.communicate() if stderr: fatal(stderr) cryptpass = stdout.strip()
d = Dialog("TurnKey Linux - First boot configuration") password = d.get_password("GitLab Password", "Enter new password for the GitLab 'admin' account.") if not email: if "d" not in locals(): d = Dialog("TurnKey Linux - First boot configuration") email = d.get_email("GitLab Email", "Enter email address for the GitLab 'admin' account.", "*****@*****.**") inithooks_cache.write("APP_EMAIL", email) if not domain: if "d" not in locals(): d = Dialog("TurnKey Linux - First boot configuration") domain = d.get_input("GitLab Domain", "Enter the domain to serve GitLab.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN inithooks_cache.write("APP_DOMAIN", domain) system_gitlab( """echo '\ conf.return_format = ""; \ ActiveRecord::Base.logger.level = 1; \ u = User.find_by_id(1); \ u.password = "******"; \ u.email = "%s"; \ u.skip_reconfirmation!; \ u.save!; \
usage() elif opt == '--pass': password = val elif opt == '--domain': domain = val if not password: d = Dialog('TurnKey Linux - First boot configuration') password = d.get_password( "OpenLDAP Password", "Enter new password for the OpenLDAP 'admin' account.") if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input("OpenLDAP Domain", "Enter the OpenLDAP domain.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN inithooks_cache.write('APP_DOMAIN', domain) script = os.path.join(os.path.dirname(__file__), 'openldap-reinit.sh') system(script, domain, password) if __name__ == "__main__": main()
if not email: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "ClipBucket Email", "Enter email address for the ClipBucket 'admin' account.", "*****@*****.**") if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "ClipBucket Domain", "Enter the domain to serve ClipBucket.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN hash = clipbucket_hash(password) m = MySQL() m.execute('UPDATE clipbucket.users SET password=\"%s\", email=\"%s\" WHERE username=\"admin\";' % (hash, email)) m.execute('UPDATE clipbucket.config SET value=\"%s\" WHERE name=\"support_email\";' % email) m.execute('UPDATE clipbucket.config SET value=\"%s\" WHERE name=\"website_email\";' % email) m.execute('UPDATE clipbucket.config SET value=\"%s\" WHERE name=\"welcome_email\";' % email) m.execute('UPDATE clipbucket.config SET value=\"http://%s\" WHERE name=\"baseurl\";' % domain)
except getopt.GetoptError, e: usage(e) password = "" email = "" addy = "" uname = "" for opt, val in opts: if opt in ('-h', '--help'): usage() elif opt == '--URL': addy = val if not addy: if 'd' not in locals(): d = Dialog('Turnkey Linux - First boot configuration') addy = d.get_input( "Ghost URL", "Enter the full URL of the Ghost Blog.", "http://tryghost.org") for line in fileinput.FileInput("/var/www/ghost/config.js",inplace=1): line = line.replace("http://my-ghost-blog.com",addy) print line if __name__ == "__main__": main()
def main(): try: opts, args = getopt.gnu_getopt(sys.argv[1:], "h", ['help', 'pass='******'email=', 'domain=']) except getopt.GetoptError as e: usage(e) email = "" domain = "" password = "" for opt, val in opts: if opt in ('-h', '--help'): usage() elif opt == '--pass': password = val elif opt == '--email': email = val elif opt == '--domain': domain = val if not password: d = Dialog('TurnKey Linux - First boot configuration') password = d.get_password( "Elgg Password", "Enter new password for the Elgg 'admin' account.") if not email: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "Elgg Email", "Enter email address for the Elgg 'admin' account.", "*****@*****.**") inithooks_cache.write('APP_EMAIL', email) if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "Elgg Domain", "Enter the domain to serve Elgg. Note: Elgg does not support http without further configuration, domain will default to https.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN fqdn = re.compile(r"https?://") fqdn = fqdn.sub('', domain).strip('/') domain = ("https://%s/" % fqdn) inithooks_cache.write('APP_DOMAIN', fqdn) salt = bcrypt.gensalt(10) hashpass = bcrypt.hashpw(password.encode('utf8'), salt) m = MySQL() try: with m.connection.cursor() as cursor: cursor.execute( 'SELECT guid FROM elgg.elgg_entities WHERE type="user" AND owner_guid="0"' ) admin_guid = cursor.fetchone()['guid'] cursor.execute( 'SELECT name FROM elgg.elgg_metadata WHERE entity_guid=%s', (admin_guid, )) assert (cursor.fetchone()['name']) # sanity check, if this fails, look at the database. You'll probably need to update # all of this database stuff cursor.execute( 'UPDATE elgg.elgg_metadata SET value=%s WHERE entity_guid=%s AND name="password_hash"', ( hashpass, admin_guid, )) cursor.execute( 'UPDATE elgg.elgg_metadata SET value=%s WHERE entity_guid=%s AND name="email"', ( email, admin_guid, )) cursor.execute( 'UPDATE elgg.elgg_metadata SET value=%s WHERE entity_guid=1 AND name="email"', (email, )) m.connection.commit() finally: m.connection.close() with open('/etc/cron.d/elgg', 'r') as fob: contents = fob.read() contents = re.sub("ELGG='.*'", "ELGG='%s'" % domain, contents) with open('/etc/cron.d/elgg', 'w') as fob: fob.write(contents) elgg_conf = "/var/www/elgg/elgg-config/settings.php" subprocess.run([ "sed", "-i", '\|^\$CONFIG->wwwroot|s|=.*|= "%s";|' % domain.strip('/'), elgg_conf ]) apache_conf = "/etc/apache2/sites-available/elgg.conf" subprocess.run([ "sed", "-i", "\|RewriteRule|s|https://.*|https://%s/\$1 [R,L]|" % fqdn, apache_conf ]) subprocess.run( ["sed", "-i", "\|RewriteCond|s|!^.*|!^%s$|" % fqdn, apache_conf]) subprocess.run(["service", "apache2", "restart"])
if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "osCommerce Email", "Enter email address for the osCommerce 'admin' account.", "*****@*****.**") inithooks_cache.write('APP_EMAIL', email) if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input("osCommerce Domain", "Enter the domain to serve osCommerce", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN inithooks_cache.write('APP_DOMAIN', domain) command = ["php", join(dirname(__file__), 'oscommerce_pass.php'), password] p = subprocess.Popen(command, stdin=PIPE, stdout=PIPE, shell=False) stdout, stderr = p.communicate() if stderr: fatal(stderr) cryptpass = stdout.strip()
if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "Elgg Email", "Enter email address for the Elgg 'admin' account.", "*****@*****.**") inithooks_cache.write('APP_EMAIL', email) if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "Elgg Domain", "Enter the domain to serve Elgg. Note: Elgg does not support http without further configuration, domain will default to https.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN fqdn = re.compile(r"https?://") fqdn = fqdn.sub('', domain).strip('/') domain = "https://%s/" % fqdn inithooks_cache.write('APP_DOMAIN', fqdn) salt = bcrypt.gensalt(10) hashpass = bcrypt.hashpw(password, salt) m = MySQL()
def main(): try: opts, args = getopt.gnu_getopt(sys.argv[1:], "h", ['help', 'pass='******'email=', 'domain=']) except getopt.GetoptError as e: usage(e) email = "" domain = "" password = "" for opt, val in opts: if opt in ('-h', '--help'): usage() elif opt == '--pass': password = val elif opt == '--email': email = val elif opt == '--domain': domain = val if not password: d = Dialog('TurnKey Linux - First boot configuration') password = d.get_password( "Gitea Password", "Enter new password for the Gitea 'admin' account.", pass_req=8, min_complexity=4) if not email: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "Gitea Email", "Enter email address for the Gitea 'admin' account.", "*****@*****.**") inithooks_cache.write('APP_EMAIL', email) if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input("Gitea Domain", "Enter the domain to serve Gitea.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN inithooks_cache.write('APP_DOMAIN', domain) config = "/etc/gitea/app.ini" subprocess.run([ "su", "git", "-c", "cd /home/git && ./gitea admin change-password -u gitea -p %s" % password ]) subprocess.run(['sed', '-i', "\|DOMAIN|s|=.*|= %s|" % domain, config]) subprocess.run( ['sed', '-i', "\|ROOT_URL|s|=.*|= https://%s/|" % domain, config]) subprocess.run(['sed', '-i', "\|FROM|s|=.*|= %s|" % email, config]) m = MySQL() m.execute("UPDATE gitea.user SET email='%s' WHERE id=1;" % (email, )) subprocess.run(["systemctl", "restart", "gitea"])
if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "GitLab Email", "Enter email address for the GitLab 'root' account.", "*****@*****.**") inithooks_cache.write('APP_EMAIL', email) if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input("GitLab Domain", "Enter the domain to serve GitLab.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN inithooks_cache.write('APP_DOMAIN', domain) print("Reconfiguring GitLab. This might take a while. Please wait.") config = "/etc/gitlab/gitlab.rb" domain = "http://%s" % domain system("sed -i \"/^external_url/ s|'.*|'%s'|\" %s" % (domain, config)) system( "sed -i \"/^gitlab_rails\['gitlab_email_from'\]/ s|=.*|= '%s'|\" %s" % (email, config))
if not email: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "Piwik Email", "Enter email address for Piwik 'admin' account.", "*****@*****.**") if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "Piwik Domain", "Enter the domain to serve Piwik.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN domain = domain.strip("/") if not domain.startswith("http://"): domain = "http://%s/" % domain m = MySQL() m.execute('UPDATE piwik.piwik_option SET option_value=\"%s\" WHERE option_name=\"piwikUrl\";' % domain) piwik_config.update("[General]", "trusted_hosts[]", domain) hash = hashlib.md5(password).hexdigest() token = hashlib.md5('admin' + hash).hexdigest()
for opt, val in opts: if opt in ("-h", "--help"): usage() elif opt == "--pass": password = val elif opt == "--server": server = val elif opt == "--base": ldap_base = val elif opt == "--binddn": ldap_user = val if not ldap_base: d = Dialog("TurnKey Linux - First boot configuration") ldap_base = d.get_input("LDAP Base", "Enter the LDAP Base DN.", DEFAULT_BASE) if ldap_base == "DEFAULT": ldap_base = DEFAULT_BASE if not ldap_user: if "d" not in locals(): d = Dialog("TurnKey Linux - First boot configuration") ldap_user = d.get_input( "LDAP User", "Enter the LDAP User for NSS and PAM connections.", "cn=nsspam," + ldap_base ) if not password: if "d" not in locals(): d = Dialog("TurnKey Linux - First boot configuration")
if not profile in ('server', 'gateway', 'client'): fatal('invalid profile: %s' % profile) if profile == "client": return if not key_email: key_email = dialog.get_email( "OpenVPN Email", "Enter email address for the OpenVPN server key.", "*****@*****.**") inithooks_cache.write('APP_EMAIL', key_email) if not public_address: public_address = dialog.get_input( "OpenVPN Public Address", "Enter FQDN or IP address of server reachable by clients", "vpn.example.com") auto_virtual_subnet = "10.%d.%d.0/24" % (r(2, 254), r(2, 254)) if not virtual_subnet: virtual_subnet = dialog.get_input( "OpenVPN Virtual Subnet", "Enter CIDR subnet address pool to allocate to clients. This server will be configured with x.x.x.1. The CIDR must not be in-use on your network.", auto_virtual_subnet) if virtual_subnet.upper() == "AUTO": virtual_subnet = auto_virtual_subnet if profile == "server": if not private_subnet: retcode, private_subnet = dialog.inputbox(
if not email: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "PHPlist Email", "Enter email address for the PHPlist 'admin' account.", "*****@*****.**") if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "PHPlist Domain", "Enter the domain to serve PHPlist.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN m = MySQL() m.execute('UPDATE phplist.admin SET password=\"%s\" WHERE loginname=\"admin\";' % password) m.execute('UPDATE phplist.admin SET email=\"%s\" WHERE loginname=\"admin\";' % email) m.execute('UPDATE phplist.config SET value=\"%s\" WHERE item=\"website\";' % domain) if __name__ == "__main__": main()
if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "PunBB Email", "Enter email address for the PunBB 'admin' account.", "*****@*****.**") inithooks_cache.write('APP_EMAIL', email) if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "PunBB Domain", "Enter the domain to serve PunBB.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN inithooks_cache.write('APP_DOMAIN', domain) def sha1(s): return hashlib.sha1(s).hexdigest() salt = ''.join((random.choice(string.letters+string.digits) for x in range(12))) hash = sha1(salt + sha1(password)) m = MySQL() m.execute('UPDATE punbb.users SET password=\"%s\", salt=\"%s\", email=\"%s\" WHERE username=\"admin\";' % (hash, salt, email))
usage(e) domain = "" password = "" for opt, val in opts: if opt in ('-h', '--help'): usage() elif opt == '--pass': password = val elif opt == '--domain': domain = val if not domain: d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "Ejabberd Domain", "Enter top-level domain to associate with ejabberd and speeqe.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN if not password: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') password = d.get_password( "Ejabberd Password", "Enter new password for ejabberd 'admin@%s' account." % domain) command = ["/usr/lib/inithooks/bin/ejabberd.sh", domain, password] p = subprocess.Popen(command, stdin=PIPE, stdout=PIPE, shell=False)
if not profile in ('server', 'gateway', 'client'): fatal('invalid profile: %s' % profile) if profile == "client": return if not key_email: key_email = dialog.get_email( "OpenVPN Email", "Enter email address for the OpenVPN server key.", "*****@*****.**") if not public_address: public_address = dialog.get_input( "OpenVPN Public Address", "Enter FQDN or IP address of server reachable by clients", "vpn.example.com") auto_virtual_subnet = "10.%d.%d.0/24" % (r(2, 254), r(2, 254)) if not virtual_subnet: virtual_subnet = dialog.get_input( "OpenVPN Virtual Subnet", "Enter CIDR subnet address pool to allocate to clients. This server will be configured with x.x.x.1. The CIDR must not be in-use on your network.", auto_virtual_subnet) if virtual_subnet.upper() == "AUTO": virtual_subnet = auto_virtual_subnet if profile == "server": if not private_subnet: retcode, private_subnet = dialog.inputbox(
if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "Foswiki Email", "Enter email address for the Foswiki 'AdminUser' account.", "*****@*****.**") inithooks_cache.write('APP_EMAIL', email) if not domain: if 'd' not in locals(): d = Dialog('Turnkey Linux - First boot configuration') domain = d.get_input("Foswiki Domain", "Enter the domain to serve Foswiki.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN if not (domain.startswith('http://') or domain.startswith('https://')): domain = 'https://' + domain inithooks_cache.write('APP_DOMAIN', domain) check_output([ 'perl', '-CA', '/var/www/foswiki/tools/configure', '-save', '-set', '{Password}=%s' % password, '-set', '{WebMasterEmail}=%s' % email, '-set', '{DefaultUrlHost}=%s' % domain
if not email: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "iceScrum Email", "Enter email address for the iceScrum 'admin' account.", "*****@*****.**") if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input( "iceScrum Domain", "Enter the domain to serve iceScrum.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN hash = hashlib.sha256(password).hexdigest() m = MySQL() m.execute('UPDATE icescrum.icescrum2_user SET passwd=\"%s\" WHERE username=\"admin\";' % hash) m.execute('UPDATE icescrum.icescrum2_user SET email=\"%s\" WHERE username=\"admin\";' % email) config = "/etc/icescrum/config.groovy" system("sed -i \"s|serverURL =.*|serverURL = \\\"http://%s\\\"|\" %s" % (domain, config)) # restart tomcat if running so changes will take effect
def main(): try: opts, args = getopt.gnu_getopt(sys.argv[1:], "h", [ 'help', 'profile=', 'key-email=', 'public-address=', 'virtual-subnet=', 'private-subnet=' ]) except getopt.GetoptError as e: usage(e) profile = "" key_email = "" public_address = "" virtual_subnet = "" private_subnet = "" redirect_client_gateway = "" for opt, val in opts: if opt in ('-h', '--help'): usage() elif opt == '--profile': profile = val elif opt == '--key-email': key_email = val elif opt == '--public-address': public_address = val elif opt == '--virtual-subnet': virtual_subnet = val elif opt == '--private-subnet': private_subnet = val dialog = Dialog('TurnKey Linux - First boot configuration') if not profile: profile = dialog.menu( "OpenVPN Profile", "Choose a profile for this server.\n\n* Gateway: clients will be configured to route all\n their traffic through the VPN.", [('server', 'Accept VPN connections from clients'), ('gateway', 'Accept VPN connections from clients*'), ('client', 'Initiate VPN connections to a server')]) if not profile in ('server', 'gateway', 'client'): fatal('invalid profile: %s' % profile) if profile == "client": return if not key_email: key_email = dialog.get_email( "OpenVPN Email", "Enter email address for the OpenVPN server key.", "*****@*****.**") inithooks_cache.write('APP_EMAIL', key_email) if not public_address: public_address = dialog.get_input( "OpenVPN Public Address", "Enter FQDN or IP address of server reachable by clients", "vpn.example.com") auto_virtual_subnet = "10.%d.%d.0/24" % (r(2, 254), r(2, 254)) if not virtual_subnet: virtual_subnet = dialog.get_input( "OpenVPN Virtual Subnet", "Enter CIDR subnet address pool to allocate to clients. This server will be configured with x.x.x.1. The CIDR must not be in-use on your network.", auto_virtual_subnet) if virtual_subnet.upper() == "AUTO": virtual_subnet = auto_virtual_subnet if profile == "server": if not private_subnet: retcode, private_subnet = dialog.inputbox( "OpenVPN Private Subnet", "Enter CIDR subnet behind server for clients to reach.", "10.0.1.0/24", "Apply", "Skip") if private_subnet.upper() == "SKIP": private_subnet = "" cmd = os.path.join(os.path.dirname(__file__), 'openvpn-server-init.sh') subprocess.run([cmd, key_email, public_address, virtual_subnet]) if profile == "gateway": fh = open("/etc/openvpn/server.conf", "a") fh.write( "# configure clients to route all their traffic through the vpn\n") fh.write("push \"redirect-gateway def1 bypass-dhcp\"\n\n") fh.close() if private_subnet: fh = open("/etc/openvpn/server.conf", "a") fh.write( "# push routes to clients to allow them to reach private subnets\n" ) for _private_subnet in private_subnet.split(','): fh.write("push \"route %s\"\n" % expand_cidr(_private_subnet)) fh.close() subprocess.run(['systemctl', 'start', 'openvpn@server'])
rootpass = val elif opt in ('-r', '--rpass'): rounduppass = val elif opt in ('-s', '--sipass'): simpleinvoicespass = val elif opt in ('-t', '--tld'): tld = val elif opt in ('-u', '--user'): username = val elif opt in ('-z', '--zpass'): toolspass = val if not tld: sitename = "" d = Dialog('TurnKey Linux - First boot configuration') tld = d.get_input("Set tld (top level domain) in http://www.basesitename.TLD", "Please enter top level domain (tld) without a dot (e.g. com, org, net).") if not sitename: d = Dialog('TurnKey Linux - First boot configuration') sitename = d.get_input("Set base site name in http://www.BASESITENAME.%s" % tld, "Please enter base site name without 'http://www.' or '.%s'." % tld) lowername = sitename.replace(" ","").lower() tld = tld.lower() hostname = ".".join([lowername,tld]) if not email: email = "@".join(['admin',hostname]) # Set root password. if not username: username = "******"
def main(): try: opts, args = getopt.gnu_getopt(sys.argv[1:], "h", ['help', 'pass='******'email=', 'domain=']) except getopt.GetoptError as e: usage(e) password = "" email = "" domain = "" for opt, val in opts: if opt in ('-h', '--help'): usage() elif opt == '--pass': password = val elif opt == '--email': email = val elif opt == '--domain': domain = val if not password: d = Dialog('TurnKey Linux - First boot configuration') password = d.get_password( "Drupal9 Password", "Enter new password for the Drupal9 'admin' account.") if not email: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "Drupal9 Email", "Enter email address for the Drupal9 'admin' account.", "*****@*****.**") inithooks_cache.write('APP_EMAIL', email) if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input("Drupal9 Domain", "Enter the domain to serve Drupal9.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN inithooks_cache.write('APP_DOMAIN', domain) print("Progress...") m = MySQL() m.execute( 'UPDATE drupal9.users_field_data SET mail=%s WHERE name=\"admin\";', (email, )) m.execute( 'UPDATE drupal9.users_field_data SET init=%s WHERE name=\"admin\";', (email, )) domain = domain.replace('.', '\\\\\.') subprocess.run([ '/usr/lib/inithooks/bin/drupalconf.sh', '-e', email, '-p', password, '-d', domain ])
if opt in ('-h', '--help'): usage() elif opt == '--pass': password = val elif opt == '--server': server = val elif opt == '--base': ldap_base = val elif opt == '--binddn': ldap_user = val if not ldap_base: d = Dialog('TurnKey Linux - First boot configuration') ldap_base = d.get_input( "LDAP Base", "Enter the LDAP Base DN.", DEFAULT_BASE) if ldap_base == "DEFAULT": ldap_base = DEFAULT_BASE if not ldap_user: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') ldap_user = d.get_input( "LDAP User", "Enter the LDAP User for owncloud connections.", "cn=owncloud," + ldap_base) if not password:
def main(): try: opts, args = getopt.gnu_getopt(sys.argv[1:], "h", ['help', 'pass='******'email=', 'domain=']) except getopt.GetoptError as e: usage(e) email = "" domain = "" password = "" for opt, val in opts: if opt in ('-h', '--help'): usage() elif opt == '--pass': password = val elif opt == '--email': email = val elif opt == '--domain': domain = val if not password: d = Dialog('TurnKey Linux - First boot configuration') password = d.get_password( "Canvas Password", "Enter new password for the Canvas 'admin' account.") if not email: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') email = d.get_email( "Canvas Email", "Enter email address for the Canvas 'admin' account.", "*****@*****.**") inithooks_cache.write('APP_EMAIL', email) if not domain: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input("Canvas Domain", "Enter the domain to serve Canvas.", DEFAULT_DOMAIN) if domain == "DEFAULT": domain = DEFAULT_DOMAIN inithooks_cache.write('APP_DOMAIN', domain) salt = "".join(random.choice(string.ascii_letters) for line in range(20)) hash = password + salt for i in range(20): hash = hashlib.sha512(hash.encode('utf-8')).hexdigest() access_token = "".join( random.choice(string.ascii_letters) for line in range(20)) conn = psycopg2.connect("dbname=canvas_production user=root") c = conn.cursor() c.execute('UPDATE users SET name=%s, sortable_name=%s WHERE id=1;', (email, email)) c.execute( 'UPDATE pseudonyms SET unique_id=%s, crypted_password=%s, password_salt=%s, single_access_token=%s WHERE user_id=1;', (email, hash, salt, access_token)) c.execute('UPDATE communication_channels SET path=%s WHERE id=1;', (email, )) conn.commit() c.close() conn.close() config = "/var/www/canvas/config/outgoing_mail.yml" subprocess.run( ["sed", "-ri", 's|domain:.*|domain: "%s"|' % domain, config]) subprocess.run([ "sed", "-ri", 's|outgoing_address:.*|outgoing_address: "%s"|' % email, config ]) config = "/var/www/canvas/config/dynamic_settings.yml" subprocess.run( ["sed", "-ri", 's|app-host:.*|app-host: "%s:3000"|' % domain, config]) config = "/var/www/canvas/config/domain.yml" subprocess.run( ["sed", "-ri", 's|domain:.*|domain: "%s"|' % domain, config]) config = "/var/www/canvas/config/initializers/outgoing_mail.rb" subprocess.run( ["sed", "-ri", 's|:domain => .*|:domain => "%s",|' % domain, config]) print("Restarting services; please wait...") for service in ['canvas_init', 'apache2']: subprocess.run(['systemctl', 'restart', service])
elif opt == '--join_ns': join_nameserver = val while 1: if not join: d = Dialog('Turnkey Linux - First boot configuration') join = d.yesno( "Join existing AD?", "You can create the Active Directory or join existing.", "Join", "Create") if not realm: d = Dialog('Turnkey Linux - First boot configuration') realm = d.get_input("Samba/Kerberos Realm", "Enter realm you would like to use.", DEFAULT_REALM) DEFAULT_DOMAIN = realm.split('.')[0].upper() if not domain: d = Dialog('TurnKey Linux - First boot configuration') domain = d.get_input("Samba Domain", "Enter domain you would like to use.", DEFAULT_DOMAIN) if not admin_password: if 'd' not in locals(): d = Dialog('TurnKey Linux - First boot configuration') admin_password = d.get_password( "Samba Password",