aboutsummaryrefslogtreecommitdiffstats
path: root/packages/torouter-prep/src/torouter_config.sh
blob: e27c81e5c06aae61708eaa6b26faf4095cf72ec2 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
#!/bin/bash -x

export VERSION="0.1"

echo "This program will now reconfigure your Debian system into a Torouter"

# For every file we touch, move it to the temp_dir and then tar it up in the end
export temp_dir="`mktemp -d`"
export config_dir="/usr/share/torouter-prep/example-configs/"

# Add a user to administrate the Torouter later
export ADMINUSER="torouter"
export ADMINGROUP="torouter"

addgroup $ADMINGROUP
useradd -g $ADMINGROUP -s /bin/bash $ADMINUSER

# Install the Tor repo key
# gpg --keyserver keys.gnupg.net --recv 886DDD89
# gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add -
# This is the main Tor repo apt pubkey
apt-key add $config_dir/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.apt-key

# This is the temp torrouter archive pubkey; this should be updated when we
# freeze this repo and know what we want to do
apt-key add $config_dir/047E6A24.asc

# Set us to have a default host name and hosts file
cp $config_dir/hostname /etc/hostname
cp $config_dir/hosts /etc/hosts

# We need to prep apt to understand that we want packages from other repos
cp $config_dir/sources.list /etc/apt/sources.list

# We're creating this file to ensure we get updates
cp $config_dir/apt-preferences.d-backports /etc/apt/preferences.d/backports
cp $config_dir/apt.conf /etc/apt/apt.conf

apt-get -y update

# Remove a bunch of stuff:
apt-get -y remove exim4-base exim4-config exim4-daemon-light dbus

# Install the weird wireless control for the DreamPlug
apt-get install -y -t sid uaputl

# Install some other packages here:
apt-get -y install denyhosts ufw

# Allow us to set the clock:
apt-get -y -t squeeze-backports install openntpd

# Install Tor and deps:
apt-get -y install tor tor-geoipdb

# To build with natpmp support
apt-get -y -t experimental install libnatpmp-dev
apt-get -y -t experimental install libnatpmp0

# To build with miniupnpc support
apt-get -y -t squeeze-backports install libminiupnpc-dev
apt-get -y -t squeeze-backports install libminiupnpc5

# XXX
# We want to apt-get source tor and build it for the 0.2.3.x branch
#

# Install a Tor controller:
apt-get -y install tor-arm

# Install the ttdnsd program:
apt-get -y install ttdnsd

# Install a normal dns cache for eth1
apt-get -y install dnsmasq

##
## Configuration stage of the script
##

# Configure arm
zcat $config_dir/armrc.sample.gz > ~$ADMINUSER/.armrc

# Reconfigure /etc/inittab here
cp $config_dir/inittab /etc/inittab

# Configure the network
# eth0 is our "internet" interface with a dhcp client
cp $config_dir/interfaces /etc/network/interfaces

# Configure dnsmasq
cp $config_dir/dnsmasq.conf /etc/dnsmasq.conf

# Configure ntp
cp $config_dir/ntp.conf /etc/ntp.conf
cp $config_dir/openntpd-default /etc/default/openntpd

# XXX We should configure ufw here
# XXX We should configure denyhosts

cp $config_dir/torrc /etc/tor/torrc
cp $config_dir/ttdnsd-default /etc/default/ttdnsd

# Configure sshd
cp $config_dir/sshd_config /etc/ssh/sshd_config

# Clean up our cache
apt-get -y clean

## Disable ipv6 support for now
cp $config_dir/modprobe.d-blacklist.conf /etc/modprobe.d/blacklist.conf
echo net.ipv6.conf.all.disable_ipv6=1 > /etc/sysctl.d/disableipv6.conf

##
## Restart services here
##

/etc/init.d/ssh restart
/etc/init.d/tor restart
/etc/init.d/ttdnsd restart

##
## Touch a stamp to show that we're now a Torouter
##

echo "torouter $VERSION" > /etc/torouter