More cleanup for rpm based systems including dependacies and remove iptables firewall since it won't stay between reboots

This commit is contained in:
Eric Warnke 2016-10-25 15:49:57 -04:00
parent 898f50d8a8
commit 0fde38176e

View file

@ -71,10 +71,6 @@ fi
if [ -x "$(command -v apt-get)" ]; then
#Debian Family
#Decide if php should be `php5` or just `php` (Fixes issues with Ubuntu 16.04 LTS)
phpVer="php5"
apt-get install --dry-run php5 > /dev/null 2>&1 || phpVer="php"
#############################################
PKG_MANAGER="apt-get"
PKG_CACHE="/var/lib/apt/lists/"
UPDATE_PKG_CACHE="${PKG_MANAGER} update"
@ -82,8 +78,13 @@ if [ -x "$(command -v apt-get)" ]; then
PKG_INSTALL="${PKG_MANAGER} --yes --fix-missing install"
# grep -c will return 1 retVal on 0 matches, block this throwing the set -e with an OR TRUE
PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true"
# #########################################
# fixes for dependancy differences
# Debian 7 doesn't have iproute2 use iproute
${PKG_MANAGER} install --dry-run iproute2 > /dev/null 2>&1 && IPROUTE_PKG='iproute2' || IPROUTE_PKG='iproute'
${PKG_MANAGER} install --dry-run iproute2 > /dev/null 2>&1 && IPROUTE_PKG="iproute2" || IPROUTE_PKG="iproute"
# Ubuntu 16.04 LTS php / php5 fix
${PKG_MANAGER} install --dry-run php5 > /dev/null 2>&1 && phpVer="php5" || phpVer="php"
# #########################################
INSTALLER_DEPS=( apt-utils whiptail git dhcpcd5)
PIHOLE_DEPS=( dnsutils bc dnsmasq lighttpd ${phpVer}-common ${phpVer}-cgi curl unzip wget sudo netcat cron ${IPROUTE_PKG} )
LIGHTTPD_USER="www-data"
@ -95,35 +96,30 @@ if [ -x "$(command -v apt-get)" ]; then
}
elif [ -x "$(command -v rpm)" ]; then
# Fedora Family
if [ -x "$(command -v dnf)" ]; then
PKG_MANAGER="dnf"
else
PKG_MANAGER="yum"
fi
(command -v dnf >/dev/null ) && PKG_MANAGER="dnf" || PKG_MANAGER="yum"
(grep -q "Fedora" /etc/redhat-release ) && ISFEDORA=1
(grep -q -i "release 6." /etc/redhat-release ) && ISREL6=1
PKG_CACHE="/var/cache/${PKG_MANAGER}"
UPDATE_PKG_CACHE="${PKG_MANAGER} check-update"
PKG_UPDATE="${PKG_MANAGER} update -y"
PKG_INSTALL="${PKG_MANAGER} install -y"
PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l"
# We only need epel if we are not Fedora
[ ${ISFEDORA} ] || EPEL_PKG="epel-release"
${PKG_MANAGER} list procps-ng &> /dev/null && PROCPS_PKG="procps-ng" || PROCPS_PKG="procps"
${PKG_MANAGER} list nmap-ncat &> /dev/null && NCAT_PKG="nmap-ncat" || NCAT_PKG="nmap"
${PKG_MANAGER} list nmap-ncat &> /dev/null && NCAT_PKG="nmap-ncat" || NCAT_PKG="nc"
INSTALLER_DEPS=( iproute net-tools $PROCPS_PKG newt git )
PIHOLE_DEPS=( epel-release bind-utils bc dnsmasq lighttpd lighttpd-fastcgi php-common php-cli php curl unzip wget findutils cronie sudo $NCAT_PKG )
if grep -q 'Fedora' /etc/redhat-release; then
remove_deps=(epel-release);
PIHOLE_DEPS=( ${PIHOLE_DEPS[@]/$remove_deps} );
fi
PIHOLE_DEPS=( ${EPEL_PKG} bind-utils lsof bc dnsmasq lighttpd lighttpd-fastcgi php-common php-cli php curl unzip wget findutils cronie sudo $NCAT_PKG )
LIGHTTPD_USER="lighttpd"
LIGHTTPD_GROUP="lighttpd"
LIGHTTPD_CFG="lighttpd.conf.fedora"
DNSMASQ_USER="nobody"
package_check_install() {
rpm -qa | grep ^"${1}"- > /dev/null || ${PKG_INSTALL} "${1}"
${PKG_INSTALL} "${1}"
}
# v6 variants php is too old, install repo for php7.1
if grep -q -i "release 6." /etc/redhat-release; then
echo "::: running CentOS/RHEL 6.X, admin interface is broken"
fi
[ ${ISREL6} ] && echo "::: WARNING running CentOS/RHEL 6.X, admin interface is broken"
else
echo "OS distribution not supported"
exit
@ -781,14 +777,13 @@ configureFirewall() {
if [ -x "$(command -v firewall-cmd)" ]; then
firewall-cmd --state &> /dev/null && ( echo "::: Configuring firewalld for httpd and dnsmasq.." && firewall-cmd --permanent --add-port=80/tcp && firewall-cmd --permanent --add-port=53/tcp \
&& firewall-cmd --permanent --add-port=53/udp && firewall-cmd --reload) || echo "::: FirewallD not enabled"
elif [ -x "$(command -v iptables)" ]; then
echo "::: Configuring iptables for httpd and dnsmasq.."
iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 53 -j ACCEPT
else
return
if [ "$(command -v iptable)" ]; then
iptables_out=$(iptables -L -n || :)
(cat $iptables_out | grep -i DENY || cat $iptables_out | grep -i DROP || echo "::: IPTables firewall does not seem to be active" && return )
echo "::: IPTables firewall active, please make sure ports 53/udp, 53/tcp, and 80/tcp are open"
return
echo "::: No firewall detected.. skipping firewall configuration."
fi
}
finalExports() {