forked from obel1x/fedora-OEMDRV
Daniel Pätzold
488f04d387
Improved error logging and added function handling calls with log and return values Improved check for matching sudo rule
74 lines
2.9 KiB
Plaintext
74 lines
2.9 KiB
Plaintext
# Include for System Settings
|
|
# SPDX-FileCopyrightText: Daniel Pätzold
|
|
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
#
|
|
export TLDOMAIN=domain.tld
|
|
export DOMAIN=clients.${TLDOMAIN}
|
|
export SERVERFQDN_IPA=ipa.${TLDOMAIN} # Needs to be the IPA- Server
|
|
export SERVERFQDN_NC=nextcloud.${TLDOMAIN}
|
|
export SYSCONFIGPATH="/opt/sys_config"
|
|
export INSTALLDOCS="https://gitea.dtext.online/obel1x/fedora-OEMDRV/src/branch/main/README.md"
|
|
export CLIENTADMINGROUP="clientadmins"
|
|
|
|
# Method to determine Unique Hostname / FQDN of the Client. May be replaced by your needs
|
|
if [ "$EUID" -eq 0 ]; then
|
|
export HOSTNM="pc-$( dmidecode -t system | grep -i 'UUID' | sed 's/UUID: //' | tr '[:upper:]' '[:lower:]' | sed 's/[^0-9a-z]*//g' | xargs|tail -c 13)"
|
|
else
|
|
export HOSTNM=$( hostname -s )
|
|
fi
|
|
export FQDN=${HOSTNM}.${DOMAIN}
|
|
|
|
#Additional Client-Software- Repository-Folder in Nextcloud (Shared Folder / Systemwide)
|
|
export CLIENT_SOFTWARE_DST="/opt/sys_config/client_software" # Optional. If you don't have a Folder that should always be synced, leave this empty
|
|
export CLIENT_SOFTWARE_SRC="/Shared/sw_geteilt/client_software" Set to the Nextcloud directory where the software should come from
|
|
|
|
#Secure File Encryption
|
|
#Needs a running KRA- Service on FreeIPA
|
|
# Set to "true" to use Encryption via IPAVAULT - OTHERWISE YOUR FILES WILL NOT BE ENCRYPTED
|
|
export IPAVAULTUSE="true"
|
|
# Vaultname - can be any Name
|
|
export IPAVAULTNAME="CLIENT_FILEENCRYPTION_"${HOSTNM}
|
|
|
|
#Following settings are only available when run in Userspace
|
|
if [ "$EUID" -ne 0 ]; then
|
|
#This is the Path, that will be mapped from encryptet filesystem at logon - only available for users, not for root
|
|
export DECRYPTEDDATADIR="${HOME}/data" # Decrypted Dir to work for the User
|
|
export ENCRYPTEDDATADIR="${HOME}/.data" # Contains the encrypted Data
|
|
|
|
#Important Files
|
|
export DAVTOKENFILENAME="${DECRYPTEDDATADIR}/WEBDAVTOKEN"
|
|
|
|
#Path for Documents
|
|
export CLIENT_DATA_DST="${DECRYPTEDDATADIR}/Dokumente" #Optional
|
|
export CLIENT_DATA_SRC="/Documents"
|
|
|
|
#Firefox Profiles of the User
|
|
export PROFILE_FIREFOX_SRC="mozilla_profiles/firefox"
|
|
export PROFILE_FIREFOX_DST="${DECRYPTEDDATADIR}/firefox"
|
|
|
|
#Thunderbird Profiles
|
|
export PROFILE_TB_SRC="mozilla_profiles/thunderbird"
|
|
export PROFILE_TB_DST="${DECRYPTEDDATADIR}/thunderbird"
|
|
fi
|
|
|
|
#Basic commons not needing change
|
|
export CDATEC8=$(date '+%Y%m%d') # Date 8 Characters long: YYYYMMDD
|
|
export CTIMEC6=$(date '+%H%M%S') # Time 6 Chars: HHMMSS
|
|
|
|
#Basic runtime-Vars
|
|
export EXECDIR=$(pwd)
|
|
export SCRIPTPATH="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )"
|
|
if [ ${SCRIPTPATH::2} == "//" ]; then
|
|
export SCRIPTPATH=${SCRIPTPATH:1}
|
|
fi
|
|
export SCRIPTNAME=$(basename "$0")
|
|
|
|
#First run Service Name
|
|
export FIRSTRUN_SERVICENAME="setup-system.service"
|
|
export FIRSTRUN_SCRIPTPATH="/usr/lib/systemd/system"
|
|
|
|
# temp and log files
|
|
TEMPDIR="${HOME}/temp/system_setup"
|
|
LOGFILE="${TEMPDIR}/${SCRIPTNAME}.log"
|
|
mkdir -p ${TEMPDIR}
|