blob: 12f7ab3d9b6e0a6be95f3239a26c94a7fdc0c51a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
#!/bin/bash -x
export VERSION="0.1"
echo "This program will now reconfigure your Debian system into a Torouter"
# For every file we touch, move it to the temp_dir and then tar it up in the end
export temp_dir="`mktemp -d`"
export config_dir="/usr/share/torouter-prep/example-configs/"
# Add a user to administrate the Torouter later
export ADMINUSER="torouter"
export ADMINGROUP="torouter"
addgroup $ADMINGROUP
useradd -g $ADMINGROUP -s /bin/bash $ADMINUSER
# Install the Tor repo key
# gpg --keyserver keys.gnupg.net --recv 886DDD89
# gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add -
# This is the main Tor repo apt pubkey
apt-key add $config_dir/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.apt-key
# This is the temp torrouter archive pubkey; this should be updated when we
# freeze this repo and know what we want to do
apt-key add $config_dir/047E6A24.asc
# Set us to have a default host name and hosts file
cp $config_dir/hostname /etc/hostname
cp $config_dir/hosts /etc/hosts
# We need to prep apt to understand that we want packages from other repos
cp $config_dir/sources.list /etc/apt/sources.list
# We're creating this file to ensure we get updates
cp $config_dir/apt-preferences.d-backports /etc/apt/preferences.d/backports
cp $config_dir/apt.conf /etc/apt/apt.conf
apt-get -y update
# Remove a bunch of stuff:
apt-get -y remove exim4-base exim4-config exim4-daemon-light dbus
# Install the weird wireless control for the DreamPlug
apt-get install -y -t sid uaputl
# Install some other packages here:
apt-get -y install denyhosts ufw
# Allow us to set the clock:
apt-get -y -t squeeze-backports install openntpd
# Install Tor and deps:
apt-get -y install tor tor-geoipdb
# To build a 0.2.3.x Tor:
# apt-get source tor=0.2.3.1-alpha-1~~squeeze+1
# Debuild here...
# To build with natpmp support
apt-get -y -t experimental install libnatpmp-dev
apt-get -y -t experimental install libnatpmp0
# To build with miniupnpc support
apt-get -y -t squeeze-backports install libminiupnpc-dev
apt-get -y -t squeeze-backports install libminiupnpc5
# XXX
# We want to apt-get source tor and build it for the 0.2.3.x branch
#
# Install a Tor controller:
apt-get -y install tor-arm
# Install the ttdnsd program:
apt-get -y install ttdnsd
# Install a normal dns cache for eth1
apt-get -y install dnsmasq
##
## Configuration stage of the script
##
# Configure arm
zcat $config_dir/armrc.sample.gz > ~$ADMINUSER/.armrc
# Reconfigure /etc/inittab here
cp $config_dir/inittab /etc/inittab
# Configure the network
# eth0 is our "internet" interface with a dhcp client
cp $config_dir/interfaces /etc/network/interfaces
# Configure dnsmasq
cp $config_dir/dnsmasq.conf /etc/dnsmasq.conf
# Configure ntp
cp $config_dir/ntp.conf /etc/ntp.conf
cp $config_dir/openntpd-default /etc/default/openntpd
# Configure ssh
cp $config_dir/sshd_config /etc/ssh/sshd_config
# XXX We should configure ufw here
# XXX We should configure denyhosts
cp $config_dir/torrc /etc/tor/torrc
cp $config_dir/ttdnsd-default /etc/default/ttdnsd
# Configure sshd
cp $config_dir/sshd_config /etc/ssh/sshd_config
# Clean up our cache
apt-get -y clean
## Disable ipv6 support for now
cp $config_dir/modprobe.d-blacklist.conf /etc/modprobe.d/blacklist.conf
echo net.ipv6.conf.all.disable_ipv6=1 > /etc/sysctl.d/disableipv6.conf
##
## Restart services here
##
/etc/init.d/ssh restart
/etc/init.d/tor restart
/etc/init.d/ttdnsd restart
##
## Touch a stamp to show that we're now a Torouter
##
echo "torouter $VERSION" > /etc/torouter
|