diff --git a/buster b/buster
deleted file mode 100755
index 5ca052c..0000000
--- a/buster
+++ /dev/null
@@ -1,630 +0,0 @@
-#!/bin/bash
-
-# Copyright (C) 2015-2023 YunoHost
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with this program. If not, see .
-
-set -u
-
-# Globals
-
-readonly YUNOHOST_LOG="/var/log/yunohost-installation_$(date +%Y%m%d_%H%M%S).log"
-
-# Custom colors for whiptail
-export NEWT_COLORS='
-root=white,black
-roottext=white,black
-window=white,black
-border=white,black
-title=white,black
-textbox=white,black
-button=black,white
-compactbutton=white,black
-'
-
-###############################################################################
-# Main functions #
-###############################################################################
-
-function usage() {
- echo "
-Usage :
- `basename $0` [-a] [-d ] [-h]
-
-Options :
- -a Enable automatic mode. No questions are asked.
- This does not perform the post-install step.
- -d Choose the distribution to install ('stable', 'testing', 'unstable').
- Defaults to 'stable'
- -f Ignore checks before starting the installation. Use only if you know
- what you are doing.
- -h Prints this help and exit
-"
-}
-
-function parse_options()
-{
- AUTOMODE=0
- DISTRIB=stable
- BUILD_IMAGE=0
- FORCE=0
-
- while getopts ":aid:fh" option; do
- case $option in
- a)
- AUTOMODE=1
- export DEBIAN_FRONTEND=noninteractive
- ;;
- d)
- DISTRIB=$OPTARG
- ;;
- f)
- FORCE=1
- ;;
- i)
- # This hidden option will allow to build generic image for Rpi/Olimex
- BUILD_IMAGE=1
- ;;
- h)
- usage
- exit 0
- ;;
- :)
- usage
- exit 1
- ;;
- \?)
- usage
- exit 1
- ;;
- esac
- done
-}
-
-function main()
-{
- parse_options "$@"
-
- check_assertions
-
- step upgrade_system || die "Unable to update the system"
- step install_script_dependencies || die "Unable to install dependencies to install script"
- step create_custom_config || die "Creating custom configuration file /etc/yunohost/yunohost.conf failed"
- step confirm_installation || die "Installation cancelled at your request"
- step manage_sshd_config || die "Error caught during sshd management"
- step fix_locales # do not die for a failure here, it's minor
- step setup_package_source || die "Setting up deb package sources failed"
- step apt_update || die "Error caught during 'apt-get update'"
- step register_debconf || die "Unable to insert new values into debconf database"
- step workarounds_because_sysadmin_sucks || die "Unable to run stupid workarounds"
- step install_yunohost_packages || die "Installation of Yunohost packages failed"
-
- if [[ "$BUILD_IMAGE" == "0" ]] ; then
- step restart_services || die "Error caught during services restart"
- fi
-
- if is_raspbian ; then
- step del_user_pi || die "Unable to delete user pi"
- fi
-
- if [[ "$BUILD_IMAGE" == "1" ]] ; then
- step clean_image || die "Unable to clean image"
- fi
-
- if is_raspbian ; then
- # Reboot should be done before postinstall to be able to run iptables rules
- reboot
- fi
-
- info "Installation logs are available in $YUNOHOST_LOG"
- success "YunoHost installation completed !"
- conclusion
- exit 0
-}
-
-###############################################################################
-# Helpers #
-###############################################################################
-
-readonly normal=$(printf '\033[0m')
-readonly bold=$(printf '\033[1m')
-readonly faint=$(printf '\033[2m')
-readonly underline=$(printf '\033[4m')
-readonly negative=$(printf '\033[7m')
-readonly red=$(printf '\033[31m')
-readonly green=$(printf '\033[32m')
-readonly orange=$(printf '\033[33m')
-readonly blue=$(printf '\033[34m')
-readonly yellow=$(printf '\033[93m')
-readonly white=$(printf '\033[39m')
-
-function success()
-{
- local msg=${1}
- echo "[${bold}${green} OK ${normal}] ${msg}" | tee -a $YUNOHOST_LOG
-}
-
-function info()
-{
- local msg=${1}
- echo "[${bold}${blue}INFO${normal}] ${msg}" | tee -a $YUNOHOST_LOG
-}
-
-function warn()
-{
- local msg=${1}
- echo "[${bold}${orange}WARN${normal}] ${msg}" | tee -a $YUNOHOST_LOG >&2
-}
-
-function error()
-{
- local msg=${1}
- echo "[${bold}${red}FAIL${normal}] ${msg}" | tee -a $YUNOHOST_LOG >&2
-}
-
-function die() {
- error "$1"
- info "Installation logs are available in $YUNOHOST_LOG"
- exit 1
-}
-
-function step() {
- info "Running $1"
- $*
- local return_code="$?"
- return $return_code
-}
-
-function apt_get_wrapper() {
- if [[ "$AUTOMODE" == "0" ]] ;
- then
- debconf-apt-progress \
- --logfile $YUNOHOST_LOG \
- -- \
- apt-get $*
- else
- # Why we need pipefail : https://stackoverflow.com/a/6872163
- set -o pipefail
- apt-get $* 2>&1 | tee -a $YUNOHOST_LOG || return 1
- set +o pipefail
- fi
-}
-
-
-function apt_update() {
- apt_get_wrapper update --allow-releaseinfo-change
-}
-
-###############################################################################
-# Installation steps #
-###############################################################################
-
-function check_assertions()
-{
- # Assert we're on Debian
- # Note : we do not rely on lsb_release to avoid installing a dependency
- # only to check this...
- [[ -f "/etc/debian_version" ]] || die "This script can only be ran on Debian 10 (Buster)."
-
- # Assert we're on Buster
- # Note : we do not rely on lsb_release to avoid installing a dependency
- # only to check this...
- [[ "$(cat /etc/debian_version)" =~ ^10.* ]] || die "YunoHost is only available for the version 10 (Buster) of Debian, you are using '$(cat /etc/debian_version)'."
-
- # Forbid people from installing on Ubuntu or Linux mint ...
- if [[ -f "/etc/lsb-release" ]];
- then
- if cat /etc/lsb-release | grep -q -i "Ubuntu\|Mint"
- then
- die "Please don't try to install YunoHost on an Ubuntu or Linux Mint system ... You need a 'raw' Debian 10 (Buster)."
- fi
- fi
-
- # Assert we're root
- [[ "$(id -u)" == "0" ]] || die "This script must be run as root. On most setups, the command 'sudo -i' can be run first to become root."
-
- # Check PATH var
- [[ "$PATH" == *"/sbin"* ]] || die "Your environment PATH variable must contains /sbin directory."
-
- # Assert systemd is installed
- command -v systemctl > /dev/null || die "YunoHost requires systemd to be installed."
-
- # Check that kernel is >= 3.12, otherwise systemd won't work properly. Cf. https://github.com/systemd/systemd/issues/5236#issuecomment-277779394
- dpkg --compare-versions "$(uname -r)" "ge" "3.12" || die "YunoHost requires a kernel >= 3.12. Please consult your hardware documentation or VPS provider to learn how to upgrade your kernel."
-
- # If we're on Raspbian, we want the user 'pi' to be logged out because
- # it's going to be deleted for security reasons...
- if is_raspbian ; then
- user_pi_logged_out || die "The user pi should be logged out."
- fi
-
- # Check we aren't running in docker or other weird containers that we can't probably install on
- systemd-detect-virt | grep -v -q -w "docker\|container-other" || [[ "$FORCE" == "1" ]] \
- || die "It seems like you are trying to install YunoHost in docker or a weird container technology which probably is not supported by this install script (or YunoHost as a whole). If you know what you are doing, you can run this script with -f."
-
- # Check possible conflict with apache, bind9.
- [[ -z "$(dpkg --get-selections | grep -v deinstall | grep 'bind9\s')" ]] || [[ "$FORCE" == "1" ]] \
- || die "Bind9 is installed on your system. Yunohost conflicts with Bind9 because it requires dnsmasq. To be able to run this script, you should first run 'apt remove bind9 --purge --autoremove'."
-
- [[ -z "$(dpkg --get-selections | grep -v deinstall | grep 'apache2\s')" ]] || [[ "$FORCE" == "1" ]] \
- || die "Apache is installed on your system. Yunohost conflicts with apache2 because it requires nginx. To be able to run this script, you should first run 'apt remove apache2 --purge --autoremove'."
-
-}
-
-function upgrade_system() {
-
- # Some VPS don't have debconf install, therefore don't have debconf-apt-progress...
- # c.f. https://github.com/YunoHost/issues/issues/1828
- dpkg --list | grep -q '^ii debconf ' || { apt update --allow-releaseinfo-change; apt install debconf; }
- # also dialog ... https://github.com/YunoHost/doc/pull/1739
- dpkg --list | grep -q '^ii dialog ' || { apt update --allow-releaseinfo-change; apt install dialog; }
-
- apt_get_wrapper update --allow-releaseinfo-change \
- || return 1
-
- # We need libtext-iconv-perl even before the dist-upgrade,
- # otherwise the dist-upgrade might fails on some setups because
- # perl is yolomacnuggets :|
- # Stuff like "Can't locate object method "new" via package "Text::Iconv""
- apt_get_wrapper -o Dpkg::Options::="--force-confold" \
- -y install \
- libtext-iconv-perl \
- || return 1
-
- # Manually upgrade grub stuff in non-interactive mode,
- # otherwise a weird technical question is asked to the user
- # regarding how to upgrade grub's configuration...
- DEBIAN_FRONTEND=noninteractive \
- apt_get_wrapper -o Dpkg::Options::="--force-confold" \
- -y install --only-upgrade \
- grub-common grub2-common \
- || true
-
- apt_get_wrapper -o Dpkg::Options::="--force-confold" \
- -y dist-upgrade \
- || return 2
-
- if is_raspbian ; then
- apt_get_wrapper -o Dpkg::Options::="--force-confold" \
- -y install rpi-update \
- || return 3
-
- if [[ "$BUILD_IMAGE" != "1" ]] ; then
- (rpi-update 2>&1 | tee -a $YUNOHOST_LOG) \
- || return 4
- fi
- fi
-}
-
-function install_script_dependencies() {
- # dependencies of the install script itself
- local DEPENDENCIES="lsb-release wget whiptail gnupg apt-transport-https adduser"
-
- if [[ "$AUTOMODE" == "0" ]] ;
- then
- DEPENDENCIES+=" dialog"
- fi
-
- apt_update
- apt_get_wrapper -o Dpkg::Options::="--force-confold" \
- -y install \
- $DEPENDENCIES \
- || return 1
-}
-
-function create_custom_config() {
- # Create YunoHost configuration folder
- mkdir -p /etc/yunohost/
-}
-
-function confirm_installation() {
- [[ "$AUTOMODE" == "1" ]] && return 0
-
- local text="
-Caution !
-
-Your configuration files for :
- - postfix
- - dovecot
- - mysql
- - nginx
- - metronome
-will be overwritten !
-
-Are you sure you want to proceed with the installation of Yunohost?
-"
- whiptail --title "Yunohost Installation" --yesno "$text" 20 78
-}
-
-function manage_sshd_config() {
- # In auto mode we erase the current sshd config
- [[ "$AUTOMODE" == "1" ]] && return 0
-
- [[ ! -f /etc/ssh/sshd_config ]] && return 0
-
- local sshd_config_possible_issues="0"
- local text="To improve the security of your server, it is recommended to let YunoHost manage the SSH configuration.
-Your current SSH configuration differs from the recommended configuration.
-If you let YunoHost reconfigure it, the way you connect to your server through SSH will change in the following way:"
-
- # If root login is currently enabled
- if ! grep -E "^[[:blank:]]*PermitRootLogin[[:blank:]]+no" /etc/ssh/sshd_config ; then
- sshd_config_possible_issues="1"
- text="$text\n- you will not be able to connect as root through SSH. Instead you should use the admin user ;
-"
- fi
-
- # If current conf uses a custom ssh port
- if grep -Ev "^[[:blank:]]*Port[[:blank:]]+22[[:blank:]]*(#.*)?$" /etc/ssh/sshd_config | grep -E "^[[:blank:]]*Port[[:blank:]]+[[:digit:]]+$" ; then
- sshd_config_possible_issues="1"
- text="$text\n- you will have to connect using port 22 instead of your current custom SSH port. Feel free to reconfigure it after the postinstallation.
-"
- fi
-
- # If we are using DSA key for ssh server fingerprint
- if grep -E "^[[:blank:]]*HostKey[[:blank:]]+/etc/ssh/ssh_host_dsa_key" /etc/ssh/sshd_config ; then
- sshd_config_possible_issues="1"
- text="$text\n- the DSA key will be disabled. Hence, you might later need to invalidate a spooky warning from your SSH client, and recheck the fingerprint of your server ;
-"
-
- fi
-
- text="${text}
-Do you agree to let YunoHost apply those changes to your configuration and therefore affect the way you connect through SSH ?
-"
-
- # If no possible issue found, we just assume it's okay and will take over the SSH conf during postinstall
- [[ "$sshd_config_possible_issues" == "0" ]] && return 0
-
- # Otherwise, we ask the user to confirm
- if ! whiptail --title "SSH Configuration" --yesno "$text" 20 78 --defaultno ; then
-
- # Keep a copy to be restored during the postinstall
- # so that the ssh confs behaves as manually modified.
- cp /etc/ssh/sshd_config /etc/ssh/sshd_config.before_yunohost
- fi
-
- return 0
-}
-
-function setup_package_source() {
-
- local CUSTOMAPT=/etc/apt/sources.list.d/yunohost.list
-
- # Debian repository
-
- local CUSTOMDEB="deb http://forge.yunohost.org/debian/ buster stable"
-
- if [[ "$DISTRIB" == "stable" ]] ; then
- echo "$CUSTOMDEB" > $CUSTOMAPT
- elif [[ "$DISTRIB" == "testing" ]] ; then
- echo "$CUSTOMDEB testing" > $CUSTOMAPT
- elif [[ "$DISTRIB" == "unstable" ]] ; then
- echo "$CUSTOMDEB testing unstable" > $CUSTOMAPT
- fi
-
- # Add YunoHost repository key to the keyring
- wget -O- https://forge.yunohost.org/yunohost.asc -q | apt-key add -qq - >/dev/null 2>&1
-}
-
-function register_debconf() {
- debconf-set-selections << EOF
-slapd slapd/password1 password yunohost
-slapd slapd/password2 password yunohost
-slapd slapd/domain string yunohost.org
-slapd shared/organization string yunohost.org
-slapd slapd/allow_ldap_v2 boolean false
-slapd slapd/invalid_config boolean true
-slapd slapd/backend select MDB
-postfix postfix/main_mailer_type select Internet Site
-postfix postfix/mailname string /etc/mailname
-nslcd nslcd/ldap-bindpw password
-nslcd nslcd/ldap-starttls boolean false
-nslcd nslcd/ldap-reqcert select
-nslcd nslcd/ldap-uris string ldap://localhost/
-nslcd nslcd/ldap-binddn string
-nslcd nslcd/ldap-base string dc=yunohost,dc=org
-libnss-ldapd libnss-ldapd/nsswitch multiselect group, passwd, shadow
-postsrsd postsrsd/domain string yunohost.org
-EOF
-}
-
-function workarounds_because_sysadmin_sucks() {
-
- # ######################## #
- # Workarounds for fail2ban #
- # ######################## #
-
- # We need to create auth.log in case it does not exists, because in some situation,
- # this file does not exists, fail2ban will miserably fail to start because
- # the default fail2ban jail include the sshd jail ... >.>
- touch /var/log/auth.log
-
- # ######################## #
- # Workarounds for avahi #
- # ######################## #
-
- # When attempting several installation of Yunohost on the same host
- # with a light VM system like LXC
- # we hit a bug with avahi-daemon postinstallation
- # This is described in detail in https://github.com/lxc/lxc/issues/25
- #
- # It makes the configure step of avahi-daemon fail, because the service does
- # start correctly. Then all other packages depending on avahi-daemon refuse to
- # configure themselves.
- #
- # The workaround we use is to generate a random uid for the avahi user, and
- # create the user with this id beforehand, so that the avahi-daemon postinst
- # script does not do it on its own. Our randomized uid has far less chances to
- # be already in use in another system than the automated one (which tries to use
- # consecutive uids).
-
- # Return without error if avahi already exists
- if id avahi > /dev/null 2>&1 ; then
- info "User avahi already exists (with uid $(id avahi)), skipping avahi workaround"
- return 0
- fi
-
- # Get a random unused uid between 500 and 999 (system-user)
- local avahi_id=$((500 + RANDOM % 500))
- while cut -d ':' -f 3 /etc/passwd | grep -q $avahi_id ;
- do
- avahi_id=$((500 + RANDOM % 500))
- done
-
- info "Workaround for avahi : creating avahi user with uid $avahi_id"
-
- # Use the same adduser parameter as in the avahi-daemon postinst script
- # Just specify --uid explicitely
- adduser --disabled-password --quiet --system \
- --home /var/run/avahi-daemon --no-create-home \
- --gecos "Avahi mDNS daemon" --group avahi \
- --uid $avahi_id
-
-}
-
-function install_yunohost_packages() {
- # Allow sudo removal even if no root password has been set (on some DO
- # droplet or Vagrant virtual machines), as YunoHost use sudo-ldap
- export SUDO_FORCE_REMOVE=yes
-
- # On some machines (e.g. OVH VPS), the /etc/resolv.conf is immutable
- # We need to make it mutable for the resolvconf dependency to be installed
- chattr -i /etc/resolv.conf 2>/dev/null || true
-
- # Install those damn deps independently ...
- # otherwise they make the install crash for random reasons ~.~
- # c.f. https://github.com/YunoHost/issues/issues/1382
- apt_get_wrapper \
- -o Dpkg::Options::="--force-confold" \
- -y install \
- debhelper dh-autoreconf \
- || true
-
- # Install YunoHost
- apt_get_wrapper \
- -o Dpkg::Options::="--force-confold" \
- -o APT::install-recommends=true \
- -y install \
- yunohost yunohost-admin postfix \
- || return 1
-}
-
-function restart_services() {
- service slapd restart
-# service yunohost-firewall start
- service unscd restart
- service nslcd restart
-
- # NOTE : We don't fail if slapd fails to restart...
- return 0
-}
-
-function fix_locales() {
- # This function tries to fix the whole locale and perl mess about missing locale files
-
- # Install 'locales' if locale-gen does not exists yet
- command -v locale-gen > /dev/null || apt_get_wrapper -o Dpkg::Options::="--force-confold" -y install locales
-
- # Generate at least en_US.UTF-8
- grep -q "^ *en_US.UTF-8" /etc/locale.gen || echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen
-
- # FIXME: here some day we should try to identify the user's lang from LANG or LC_ALL and generate the appropriate locale ...
- # (and set this lang as the default in /etc/env 3 lines below)
-
- locale-gen
-
- # If no /etc/environment exists, default to en_US.UTF-8
- [ "$(grep LC_ALL /etc/environment)" ] || echo 'LC_ALL="en_US.UTF-8"' >> /etc/environment
- source /etc/environment
- export LC_ALL
-}
-
-function conclusion() {
- # Get first local IP and global IP
- local local_ip=$(hostname --all-ip-address | awk '{print $1}')
- local global_ip=$(curl https://ip.yunohost.org 2>/dev/null)
-
- # Will ignore local ip if it's already the global IP (e.g. for some VPS)
- [[ "$local_ip" != "$global_ip" ]] || local_ip=""
-
- # Formatting
- [[ -z "$local_ip" ]] || local_ip=$(echo -e "\n - https://$local_ip/ (local IP, if self-hosting at home)")
- [[ -z "$global_ip" ]] || global_ip=$(echo -e "\n - https://$global_ip/ (global IP, if you're on a VPS)")
-
- cat << EOF
-===============================================================================
-You should now proceed with Yunohost post-installation. This is where you will
-be asked for :
- - the main domain of your server ;
- - the administration password.
-
-You can perform this step :
- - from the command line, by running 'yunohost tools postinstall' as root
- - or from your web browser, by accessing : ${local_ip}${global_ip}
-
-If this is your first time with YunoHost, it is strongly recommended to take
-time to read the administator documentation and in particular the sections
-'Finalizing your setup' and 'Getting to know YunoHost'. It is available at
-the following URL : https://yunohost.org/admindoc
-===============================================================================
-EOF
-}
-
-###############################################################################
-# Raspbian specific stuff #
-###############################################################################
-
-function is_raspbian() {
- # On Raspbian image lsb_release is available
- if [[ "$(lsb_release -i -s 2> /dev/null)" != "Raspbian" ]] ;
- then
- return 1
- fi
- return 0
-}
-
-function user_pi_logged_out() {
- who | grep -w pi > /dev/null && return 1
- return 0
-}
-
-function del_user_pi() {
- if id "pi" >/dev/null 2>&1; then
- deluser --remove-all-files pi >> $YUNOHOST_LOG 2>&1
- fi
-}
-
-###############################################################################
-# Image building specific stuff #
-###############################################################################
-
-function clean_image() {
- # Delete SSH keys
- rm -f /etc/ssh/ssh_host_* >> $YUNOHOST_LOG 2>&1
- yes | ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa >> $YUNOHOST_LOG 2>&1
- yes | ssh-keygen -f /etc/ssh/ssh_host_dsa_key -N '' -t dsa >> $YUNOHOST_LOG 2>&1
- yes | ssh-keygen -f /etc/ssh/ssh_host_ecdsa_key -N '' -t ecdsa -b 521 >> $YUNOHOST_LOG 2>&1
-
- # Deleting logs ...
- find /var/log -type f -exec rm {} \; >> $YUNOHOST_LOG 2>&1
-
- # Purging apt ...
- apt-get clean >> $YUNOHOST_LOG 2>&1
-}
-
-
-###############################################################################
-
-main "$@"