Generate http auth secret and install it

This commit is contained in:
ABelliqueux 2022-10-28 19:02:46 +02:00
parent 9114f97918
commit 2ecfc3597f
2 changed files with 43 additions and 20 deletions

View File

@ -7,8 +7,8 @@ sync_facility = "http"
media_folder_local = "~/Videos" media_folder_local = "~/Videos"
media_folder_remote = "~/Videos" media_folder_remote = "~/Videos"
media_exts = [] media_exts = []
auth = "" auth = "secret"
cmd_auth = "" cmd_auth = "secret"
hosts = [] hosts = []
# VLC http LUA port # VLC http LUA port
port = 0 port = 0

View File

@ -1,5 +1,22 @@
#!/bin/bash #!/usr/bin/env bash
# #
#
# https://sharats.me/posts/shell-script-best-practices/
set -o errexit
set -o nounset
set -o pipefail
if [[ "${TRACE-0}" == "1" ]]; then set -o xtrace; fi
# Change to script dir
cd "$(dirname "$0")"
#
if [[ "${1-}" =~ ^-*h(elp)?$ ]]; then
echo 'Usage: ./pilpil-server.sh path_to_device
This is an awesome bash script to make your life better.
'
exit
fi
# Options # Options
# Device block to write on # Device block to write on
# Colored output # Colored output
@ -26,35 +43,37 @@ function yellow(){
SDCARD=$1 SDCARD=$1
# TODO : accomodate for devices block with name mmcblk0p1|p2 # TODO : accomodate for devices block with name mmcblk0p1|p2
if [ "$SDCARD" == "" ] || [ ! -e "$SDCARD" ] if [[ "$SDCARD" == "" ]] || [[ ! -e "$SDCARD" ]]
then then
red "Please specify an existing device block for your sd-card, e.g: '/dev/sda'." red "Please specify an existing device block for your sd-card, e.g: '/dev/sda'." >&2
exit 0 exit 0
fi fi
DD_BS="128K" DD_BS="128K"
DISK_IMAGE="$HOME/niels/imgs/2022-10-25-pilpil-WIP.img.xz" DISK_IMAGE="$HOME/niels/imgs/2022-10-25-pilpil-WIP.img.xz"
if [ ! -f "$DISK_IMAGE" ] if [[ ! -f "$DISK_IMAGE" ]]
then then
red "Disk image not found, aborting..." red "Disk image not found, aborting..." >&2
exit 0 exit 0
fi fi
CONFIG_DIR="$HOME/niels/pilpil-server" CONFIG_DIR="$HOME/niels/pilpil-server"
if [ ! -d "$CONFIG_DIR" ] if [[ ! -d "$CONFIG_DIR" ]]
then then
red "Config directory not found, aborting..." red "Config directory not found, aborting..." >&2
exit 0 exit 0
fi fi
HTTP_SECRET=$(openssl rand -base64 12)
PI_USER="pil" PI_USER="pil"
BOOT_MOUNT="/run/media/$USER/boot" BOOT_MOUNT="/run/media/$USER/boot"
ROOTFS_MOUNT="/run/media/$USER/rootfs" ROOTFS_MOUNT="/run/media/$USER/rootfs"
#~ LOCAL_MEDIA_DIR="$HOME/Videos" #~ LOCAL_MEDIA_DIR="$HOME/Videos"
LOCAL_MEDIA_DIR="$HOME/niels/medias" LOCAL_MEDIA_DIR="$HOME/niels/medias"
if [ ! -d "$LOCAL_MEDIA_DIR" ] if [[ ! -d "$LOCAL_MEDIA_DIR" ]]
then then
red "Medias directory not found, aborting..." red "Medias directory not found, aborting..." >&2
exit 0 exit 0
fi fi
REMOTE_MEDIA_DIR="$ROOTFS_MOUNT/home/$PI_USER/Videos" REMOTE_MEDIA_DIR="$ROOTFS_MOUNT/home/$PI_USER/Videos"
# WIFI AP config
IP_RANGE="10.42.0.1" IP_RANGE="10.42.0.1"
SSID="omen" SSID="omen"
PASSWD="EpQmSmXH123" PASSWD="EpQmSmXH123"
@ -105,7 +124,7 @@ IP_RANGE_3B=$(echo $IP_RANGE | awk -F. '{print $1"."$2"."$3"."}')
# Generate SSL cert with IPs in IP_RANGE # Generate SSL cert with IPs in IP_RANGE
IP_CNT=$IP IP_CNT=$IP
IP_ARRAY=() IP_ARRAY=()
while [ $IP_CNT -lt $(($CLIENT_NUMBER+$IP)) ] while [[ "$IP_CNT" -lt $(($CLIENT_NUMBER+$IP)) ]]
do do
IP_ARRAY+=("IP:$IP_RANGE_3B$IP_CNT") IP_ARRAY+=("IP:$IP_RANGE_3B$IP_CNT")
((IP_CNT++)) ((IP_CNT++))
@ -131,9 +150,9 @@ do
green "Operation 1/13 : Imaging $SDCARD with the file $DISK_IMAGE ...\n" green "Operation 1/13 : Imaging $SDCARD with the file $DISK_IMAGE ...\n"
red "Are you sure you want to ERASE THE CONTENT of $SDCARD ? Type uppercase 'yes' to confirm." red "Are you sure you want to ERASE THE CONTENT of $SDCARD ? Type uppercase 'yes' to confirm."
read -n 4 GO_DD read -n 4 GO_DD
if [ "$GO_DD" != "YES" ] if [[ "$GO_DD" != "YES" ]]
then then
red "Answer was different from 'YES'. Aborting..." red "Answer was different from 'YES'. Aborting..." >&2
break break
fi fi
red "Received answer $GO_DD. Running dd on $SDCARD in 5 seconds." red "Received answer $GO_DD. Running dd on $SDCARD in 5 seconds."
@ -164,7 +183,7 @@ do
ssh-keygen -t ed25519 -f "$HOME/.ssh/$HOST_NAME" -N "" ssh-keygen -t ed25519 -f "$HOME/.ssh/$HOST_NAME" -N ""
red "New SSH key pair generated as $HOME/.ssh/$HOST_NAME. Add to ~/.ssh/config ? (y/n)" red "New SSH key pair generated as $HOME/.ssh/$HOST_NAME. Add to ~/.ssh/config ? (y/n)"
read -n 2 ADD_SSH_CONF read -n 2 ADD_SSH_CONF
if [ "$ADD_SSH_CONF" == "y" ] if [[ "$ADD_SSH_CONF" == "y" ]]
then then
# Add to ~/.ssh/config # Add to ~/.ssh/config
echo -e "\nHost $HOST_NAME\n\tHostname $HOST\n\tIdentityFile ~/.ssh/$HOST_NAME\n\tUser $PI_USER" | tee -a "$HOME/.ssh/config" echo -e "\nHost $HOST_NAME\n\tHostname $HOST\n\tIdentityFile ~/.ssh/$HOST_NAME\n\tUser $PI_USER" | tee -a "$HOME/.ssh/config"
@ -204,10 +223,14 @@ network={
sudo cp "$CONFIG_DIR/selfCA.crt" "$ROOTFS_MOUNT/etc/ssl/certs/nginx-selfsigned.crt" sudo cp "$CONFIG_DIR/selfCA.crt" "$ROOTFS_MOUNT/etc/ssl/certs/nginx-selfsigned.crt"
sudo cp "$CONFIG_DIR/selfCA.key" "$ROOTFS_MOUNT/etc/ssl/private/nginx-selfsigned.key" sudo cp "$CONFIG_DIR/selfCA.key" "$ROOTFS_MOUNT/etc/ssl/private/nginx-selfsigned.key"
sync sync
#~ Change VLC/pilpil http auth secret
sed -i "s:secret:$HTTP_SECRET:g" "$CONFIG_DIR/pilpil-server.toml"
sed -i "s:secret:$HTTP_SECRET:g" "$ROOTFS_MOUNT/home/pil/.config/systemd/user/vlc.service"
sed -i "s:secret:$HTTP_SECRET:g" "$ROOTFS_MOUNT/home/pil/pilpil-client/defaults.toml"
#~ # 6. Copy medias #~ # 6. Copy medias
green "Operation 12/13 : Syncing media folder $LOCAL_MEDIA_DIR/ with $REMOTE_MEDIA_DIR/ \n" green "Operation 12/13 : Syncing media folder $LOCAL_MEDIA_DIR/ with $REMOTE_MEDIA_DIR/ \n"
# Remove filler file # Remove filler file
if [ -f "$REMOTE_MEDIA_DIR/remove_me" ] if [[ -f "$REMOTE_MEDIA_DIR/remove_me" ]]
then then
sudo rm "$REMOTE_MEDIA_DIR/remove_me" sudo rm "$REMOTE_MEDIA_DIR/remove_me"
fi fi
@ -216,7 +239,7 @@ network={
# Get Media folder size # Get Media folder size
MEDIA_SIZE=$(du -c $LOCAL_MEDIA_DIR | tail -1 | awk '{print $1}') MEDIA_SIZE=$(du -c $LOCAL_MEDIA_DIR | tail -1 | awk '{print $1}')
# Only copy files if enough space available # Only copy files if enough space available
if [ $MEDIA_SIZE -lt $ROOTFS_AVAILABLE_SPACE ] if [[ "$MEDIA_SIZE" -lt "$ROOTFS_AVAILABLE_SPACE" ]]
then then
USER_ID=$( cat "$ROOTFS_MOUNT/etc/passwd" | grep $PI_USER | awk -F: '{print $3}' ) USER_ID=$( cat "$ROOTFS_MOUNT/etc/passwd" | grep $PI_USER | awk -F: '{print $3}' )
GROUP_ID=$( cat "$ROOTFS_MOUNT/etc/passwd" | grep $PI_USER | awk -F: '{print $4}' ) GROUP_ID=$( cat "$ROOTFS_MOUNT/etc/passwd" | grep $PI_USER | awk -F: '{print $4}' )
@ -231,13 +254,13 @@ network={
umount $BOOT_MOUNT umount $BOOT_MOUNT
umount $ROOTFS_MOUNT umount $ROOTFS_MOUNT
yellow "Client $(($IP-9))/$CLIENT_NUMBER done." yellow "Client $(($IP-9))/$CLIENT_NUMBER done."
if [ $IP -le $IP_CNT ] if [[ "$IP" -le "$IP_CNT" ]]
then then
red "Please swap sd card in reader and enter uppercase 'yes' to proceed with next client or hit Ctrl-C:" red "Please swap sd card in reader and enter uppercase 'yes' to proceed with next client or hit Ctrl-C:"
read -n 4 GO_ON read -n 4 GO_ON
if [ "$GO_ON" != "YES" ] if [ "$GO_ON" != "YES" ]
then then
red "Answer was different from 'YES'. Aborting...\n" red "Answer was different from 'YES'. Aborting...\n" >&2
break break
fi fi
GO_ON=0 GO_ON=0