From e321ce0809ad8023c5fe9fb01ad17c3b119f0e37 Mon Sep 17 00:00:00 2001 From: Alexandre CATTEAU Date: Sun, 31 Oct 2021 13:09:56 +0100 Subject: [PATCH] Update setup according to new design --- setup.sh | 50 +++++++------------------------------------------- 1 file changed, 7 insertions(+), 43 deletions(-) diff --git a/setup.sh b/setup.sh index 67a009d..923a27f 100644 --- a/setup.sh +++ b/setup.sh @@ -23,16 +23,14 @@ install_packages() { sed -i -e "s/$deb_apt_default_repo/$deb_apt_repo/g" /etc/apt/sources.list apt update apt upgrade -y - apt install -y vim tree tmux neofetch simple-scan sane hplip novnc x11vnc xvfb xinit libglib2.0-bin dbus-x11 + apt install -y vim tree tmux neofetch sane sane-utils hplip } -# NOTE in V3, we'll need to add saned to group lp add_users() { echo "Adding users" useradd -U -G sudo,lpadmin -m -s /bin/bash $user chmod 700 /home/$user - useradd -U -G scanner,lp -m -s /sbin/nologin $scan_user - chmod 700 /home/$scan_user + usermod -a -G lp saned } get_conf() { @@ -46,30 +44,10 @@ get_conf() { set_conf() { echo "Setting configuration" - sudo -H -u $user chmod uo+x $sync_directory_path/clean-cloud.sh $sync_directory_path/scan-to-cloud.sh + ln -s $sync_directory_path/conf-sync-server.timer $systemd_units_path/conf-sync.timer ln -s $sync_directory_path/*.service $systemd_units_path/ - ln -s $sync_directory_path/*.timer $systemd_units_path/ - ln -s $sync_directory_path/*.socket $systemd_units_path/ - ln -s $sync_directory_path/*.mount $systemd_units_path/ - ln -s $sync_directory_path/*.path $systemd_units_path/ systemctl daemon-reload - systemctl enable novnc.service vnc.socket conf-sync.timer clean-cloud.timer scan.mount #scan-to-cloud.path -} - -set_scan_conf() { - echo "Setting scan configuration" - sudo -H -u $scan_user sh -c "echo 'simple-scan' > $scan_user_home_directory/.xinitrc" # TODO this should be done another way - touch $passwd_file - chown $scan_user:$scan_user $passwd_file - sudo -H -u $scan_user x11vnc -storepasswd $vnc_passwd $passwd_file - touch $x11vnc_logfile - chown $scan_user:$scan_user $x11vnc_logfile - mkdir $scan_tmpfs - chown $scan_user:$scan_user $scan_tmpfs - sudo -H -u $scan_user gsettings set org.gnome.SimpleScan paper-height 2970 # those don't work - sudo -H -u $scan_user gsettings set org.gnome.SimpleScan paper-width 2100 - sudo -H -u $scan_user gsettings set org.gnome.SimpleScan save-directory $scan_tmpfs - cp $novnc_webroot/vnc.html $novnc_webroot/index.html + systemctl enable conf-sync.timer } set_cups_conf() { @@ -86,6 +64,8 @@ rcs_links() { ln -s /home/$user/.bashrc /root/.bashrc sudo -H -u $user ln -s $sync_directory_path/vimrc /home/$user/.vimrc ln -s /home/$user/.vimrc /root/.vimrc + sudo -H -u $user ln -s $sync_directory_path/tmux.conf /home/$user/.tmux.conf + ln -s /home/$user/.tmux.conf /root/.tmux.conf } ssh_pubkey() { @@ -95,12 +75,6 @@ ssh_pubkey() { sudo -H -u $user mv /home/$user/.ssh/$remote_pubkey /home/$user/.ssh/authorized_keys } -tls_cert() { - echo "Generating TLS certificate" - openssl req -newkey rsa:4096 -x509 -sha256 -days 999 -nodes -out $tls_directory/$cert -keyout $tls_directory/$cert_key -subj "/C=/ST=/L=/O=/OU=/CN=" - chmod o+r $tls_directory/$cert_key -} - # Only run if the user is root if [[ $USER != 'root' ]] ; then echo "You must run this script as root!" @@ -123,16 +97,8 @@ scan_user_home_directory="/home/$scan_user" sync_directory_path="/home/$user/.sync" systemd_units_path='/etc/systemd/system' cups_conf_path='/etc/cups' -vnc_passwd='windows' -passwd_file='/etc/passwdd' -x11vnc_logfile='/var/log/x11vnc.log' -scan_tmpfs='/scan' -novnc_webroot='/usr/share/novnc' remote_pubkey_location='https://keys.kto.black' remote_pubkey='home.pub' -tls_directory='/etc/ssl/' -cert='cert.crt' -cert_key='cert.key' # Main process # You should comment below what you do not want to happen @@ -141,18 +107,16 @@ install_packages add_users get_conf set_conf -set_scan_conf set_cups_conf rcs_links ssh_pubkey -tls_cert echo "" echo "We're all good here!" echo "You should now:" echo "* set $user's password" echo "* lock root account" -echo "* remove setup.sh" +echo "* remove setup.sh and conf-sync.sh" echo "* reboot the SBC" echo "And perhaps:" echo "* connect to http://$hostname:631/ and add a printer"