Smaller Changes / Code cleanup

system_setup/create_nc_package_from_sys_config.sh

@@ -1,5 +1,5 @@
 #!/bin/sh
-source ./setup_system.conf
+source $(dirname "$0")/setup_system.inc.sh
 mkdir -p ${HOME}/temp
 cd ${SYSCONFIGPATH}
 tar --exclude='.*' -I 'zstd -9' -cf ${HOME}/temp/sys_config.tar.zst ${SYSCONFIGPATH}

system_setup/logon_script.sh

@@ -4,8 +4,7 @@
 #
 # User logon script for KDE Environement
 #
-source ./setup_system.conf
+source $(dirname "$0")/setup_system.inc.sh
-source ./setup_system.inc.sh
 
 elog_init "User Logon Script"
 elog_add "=================="
@@ -50,11 +49,7 @@ fi
 get_nc_token
 elog_add "Successfully obtained Token for User ${DAVTOKEN_USER}"
 
-#SYNC Firefox + Thunderbird Profile
+#Install Software
-./mozilla_starter.sh firefox sync && ./mozilla_starter.sh thunderbird sync
-elog_add "Successfully synced Mozilla profiles (log in another file)."
-
-#Install additional Software
 elog_add "==="
 elog_add "Update and install client Software"
 # Without sudoers-rule for run without asking for password, it won't run and quit complaining about not askpass utilities found
@@ -72,6 +67,10 @@ if [[ $INST_RET -ne 0 ]]; then
     fi
 fi
 
+#SYNC Firefox + Thunderbird Profile
+./mozilla_starter.sh firefox sync && ./mozilla_starter.sh thunderbird sync
+elog_add "Successfully synced Mozilla profiles (log in another file)."
+
 elog_add "Sucessfully run logon script (Wait 3 seconds)"
 sleep 3
 

system_setup/mount_ecrypt_home.sh

@@ -7,7 +7,7 @@
 # If no IPA-Server is available (e.g. if no internet is available) it will Prompt the User to Enter the Key manually. ATTENTION: The Key MUST NOT BE STORED plaintext on this PC, this would be very insecure!
 
 # If no encryption has been setup so far, it will create a new wallet and Store the Encryption to the IPA Vault.
-source ./setup_system.conf
+source $(dirname "$0")/setup_system.inc.sh
 EXECDIR=$(pwd)
 
 #Check if Directory is alread mounted

system_setup/mount_nocrypt_home.sh

@@ -6,7 +6,7 @@
 # I created an Issue for that: https://github.com/dogtagpki/pki/issues/5242
 # So we will skip encryption completely!
 
-source ./setup_system.conf
+source $(dirname "$0")/setup_system.inc.sh
 EXECDIR=$(pwd)
 
 #Check if Directory is alread mounted

system_setup/mozilla_starter.sh

@@ -3,8 +3,7 @@
 # SPDX-License-Identifier: AGPL-3.0-or-later
 #
 # Usage
-source ./setup_system.conf
+source $(dirname "$0")/setup_system.inc.sh
-source ./setup_system.inc.sh
 
 #Lokal Vars
 LOGFILE="${TEMPDIR}/${SCRIPTNAME}.log"

system_setup/pack_skel.sh

@@ -1,5 +1,5 @@
 #!/bin/bash
-source ./setup_system.conf
+source $(dirname "$0")/setup_system.inc.sh
 mv skel.tar.zst backup_skel.tar.zst
 if [ $? -eq 0 ]; then
     echo "Old Archive renamed to backup_skel.tar.zst"

system_setup/setup_skel.sh

@@ -1,9 +1,15 @@
 #!/bin/sh
 # Replaces /etc/skel with the contents of skel.tar.zst
-source ./setup_system.conf
+source $(dirname "$0")/setup_system.inc.sh
 EXECDIR=$(pwd)
 SRCFILE="${SYSCONFIGPATH}/system_setup/skel.tar.zst"
 
+#Check for root
+if [ "$EUID" -ne 0 ]; then
+    echo "Error: Script requires root privileges."
+    exit 1
+fi
+
 cd /etc
 sudo rm -f -r /etc/skel
 sudo tar -xf ${SRCFILE}

system_setup/setup_system.inc

@@ -1,111 +0,0 @@
-# Includes for System Setup
-#
-# SPDX-FileCopyrightText: Daniel Pätzold
-# SPDX-License-Identifier: AGPL-3.0-or-later
-#
-
-#Check if we are root
-check_root()
-{
-    if [ "$EUID" -ne 0 ]
-        then echo "Please run as root"
-        return 1
-        fi
-        return 0
-}
-
-#Check if the Data- Directory is encrypted
-check_data_isecrypted() {
-    CHECKRES=$( cat /etc/mtab | grep "${DECRYPTEDDATADIR}" | grep "fuse.gocryptfs" )
-    if [ "${CHECKRES}." == "." ]; then
-        return 1 # Error: Directory is not mounted
-    else
-        return 0 # Directory is mounted
-    fi
-}
-
-# Will set variable DAVTOKEN_USER and DAVTOKEN_PASS to the stored value or get a new one
-get_nc_token() {
-    DAVTOKEN_USER=""
-    DAVTOKEN_PASS=""
-
-    if [ ${IPAVAULTUSE} == "true" ]; then
-        check_data_isecrypted
-        if [ $? -ne 0 ]; then
-            echo "Data Directory is not encrypted. Please mount it first."
-            return 1
-        fi
-    fi
-
-    if [ ! -f ${DAVTOKENFILENAME} ]; then
-        # Directory is ok, but no Tokenfile was found, need to generate a new one
-        REQJSON=$( curl -s -A "WEBDAV:${HOSTNM}" -X POST "https://${SERVERFQDN_NC}/index.php/login/v2" )
-        #    echo "JSON is:"
-        #    echo "${REQJSON}"
-
-        REQTOKEN=$( echo "${REQJSON}" | grep -oP '(?<="token":")[^"]+(?=")' )
-        REQURL=$( echo "${REQJSON}" | grep -oP '(?<="login":")[^"]+(?=")' )
-        /usr/bin/firefox "${REQURL}" &
-
-        for i in {1..200}
-        do
-            echo "Waiting 6 seconds"
-            sleep 6
-            echo -n "Poll Number ${i}..."
-            POLLJSON=$( curl -s -X POST "https://${SERVERFQDN_NC}/login/v2/poll" -d "token=${REQTOKEN}" )
-            if [[ "${POLLJSON}" == *"appPassword"* ]]; then
-                echo "${POLLJSON}" > ${DAVTOKENFILENAME}
-                echo "found token. Token has been written to ${DAVTOKENFILENAME}"
-                break
-            else
-                echo "failed"
-            fi
-        done
-    else
-        # Tokenfile found, reading it
-        POLLJSON=$( cat ${DAVTOKENFILENAME} )
-    fi
-    DAVTOKEN_USER=$( echo "${POLLJSON}" | grep -oP '(?<="loginName":")[^"]+(?=")' )
-    DAVTOKEN_PASS=$( echo "${POLLJSON}" | grep -oP '(?<="appPassword":")[^"]+(?=")' )
-}
-
-# Custom `select` implementation that allows *empty* input.
-# Pass the choices as individual arguments.
-# Output is the chosen item, or "", if the user just pressed ENTER.
-# Example:
-#    choice=$(selectWithDefault 'one' 'two' 'three')
-selectWithDefault() {
-
-    local item i=0 numItems=$#
-
-    # Print numbered menu items, based on the arguments passed.
-    for item; do         # Short for: for item in "$@"; do
-        printf '%s\n' "$((++i))) $item"
-        done >&2 # Print to stderr, as `select` does.
-
-        # Prompt the user for the index of the desired item.
-        while :; do
-            printf %s "${PS3-#? }" >&2 # Print the prompt string to stderr, as `select` does.
-            read -r index
-            # Make sure that the input is either empty or that a valid index was entered.
-            [[ -z $index ]] && break  # empty input
-            (( index >= 1 && index <= numItems )) 2>/dev/null || { echo "Invalid selection. Please try again." >&2; continue; }
-            break
-            done
-
-            # Output the selected item, if any.
-            [[ -n $index ]] && printf %s "${@: index:1}"
-
-}
-selectExample() {
-# Print the prompt message and call the custom select function.
-echo "Include audits (default is 'Nope')?"
-optionsAudits=('Yep' 'Nope')
-opt=$(selectWithDefault "${optionsAudits[@]}")
-
-# Process the selected item.
-case $opt in
-'Yep') includeAudits=true; ;;
-''|'Nope') includeAudits=false; ;; # $opt is '' if the user just pressed ENTER
-esac
-}

system_setup/setup_system.inc.sh

@@ -14,6 +14,7 @@
 #    fi
 #    return 0
 #}
+source $(dirname "$0")/setup_system.conf
 
 #Check if the Data- Directory is encrypted
 check_data_isecrypted() {

system_setup/setup_system_full.sh

@@ -33,8 +33,8 @@
 # TODO write a doc!
 
 #Load Sytem Settings
-source $(dirname "$0")/setup_system.conf
 source $(dirname "$0")/setup_system.inc.sh
+
 # TODO
 # Install System settings to installed system
 # read system settings from that file
@@ -114,7 +114,6 @@ install_sw()
 check_root
 yum install -y mc htop ipa-client thunderbird pip npm pykickstart gocryptfs mediawriter
 flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
-flatpak install -y --reinstall flathub com.nextcloud.desktopclient.nextcloud
 
 #Set default Umask 0077
 sudo cp -f /etc/login.defs /etc/login.defs_backup_${CDATEC8}_${CTIMEC6}

system_setup/sync_client_software.sh

@@ -4,8 +4,7 @@
 #
 # Central sofwareinstallation script. Should be called from logon-script via sudo and prereserved env
 #
-source ./setup_system.conf
+source $(dirname "$0")/setup_system.inc.sh
-source ./setup_system.inc.sh
 
 #Check for root
 if [ "$EUID" -ne 0 ]; then
@@ -38,6 +37,10 @@ LOGFILE="${TEMPDIR}/${SCRIPTNAME}.log"
 echo "Logging to File ${LOGFILE}"
 mkdir -p ${TEMPDIR}
 
+#Install or update Nextcloud com.nextcloud.desktopclient.nextcloud
+echo "Update or install Nextcloud client"
+/usr/bin/flatpak install -y --or-update --noninteractive flathub com.nextcloud.desktopclient.nextcloud && echo "Done Update/Install of Nextcloud."
+
 #Sync Files
 SYNCCMD="sudo -i /usr/bin/flatpak run --branch=stable --arch=x86_64 --command=nextcloudcmd com.nextcloud.desktopclient.nextcloud -h -u ${DAVTOKEN_USER} -p ${DAVTOKEN_PASS} --path ${CLIENT_SOFTWARE_SRC} ${CLIENT_SOFTWARE_DST} https://${SERVERFQDN_NC}"
 SYNCCMD_HIDDENPW=$( echo "${SYNCCMD/${DAVTOKEN_PASS}/***HIDDEN***}" )