-
Notifications
You must be signed in to change notification settings - Fork 35
/
Copy pathdepconf.sh
347 lines (302 loc) · 11.2 KB
/
depconf.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
#!/bin/bash
#____ ____ __
#\ \ / /____ _____/ |_ ___________
# \ Y // __ \_/ ___\ __\/ _ \_ __ \
# \ /\ ___/\ \___| | ( <_> ) | \/
# \___/ \___ >\___ >__| \____/|__|
# \/ \/
#--Licensed under GNU GPL 3
#----Authored by Vector/NullArray for NetSet
##############################################
# Coloring scheme for notfications and logo
ESC="\x1b["
RESET=$ESC"39;49;00m"
CYAN=$ESC"33;36m"
RED=$ESC"31;01m"
GREEN=$ESC"32;01m"
# Warning
function warning(){
echo -e "\n$RED [!] $1 $RESET\n"
}
# Green notification
function notification() {
echo -e "\n$GREEN [+] $1 $RESET\n"
}
# Cyan notification
function notification_b() {
echo -e "\n$CYAN [-] $1 $RESET\n"
}
function logo(){
clear
echo -e "\n $CYAN
███╗ ██╗███████╗████████╗███████╗███████╗████████╗
████╗ ██║██╔════╝╚══██╔══╝██╔════╝██╔════╝╚══██╔══╝
██╔██╗ ██║█████╗ ██║ ███████╗█████╗ ██║
██║╚██╗██║██╔══╝ ██║ ╚════██║██╔══╝ ██║
██║ ╚████║███████╗ ██║ ███████║███████╗ ██║
╚═╝ ╚═══╝╚══════╝ ╚═╝ ╚══════╝╚══════╝ ╚═╝
###################################################
$CYAN #$GREEN--| DEPENDENCY & CONFIG SETUP
$CYAN #$GREEN--|Authored by Vector/NullArray
$CYAN #$GREEN--|
$CYAN #$GREEN----License:
$CYAN #$GREEN--------GNU GPL 3
$RESET "
}
function dns_test(){
notification "Testing DNSCrypt-proxy configuration" && sleep 2
# Check if we can resolve github.com
dnscrypt-proxy -resolve github.com > /dev/null || dcheck=1
if [[ $dcheck == 1 ]]; then
warning "Unable to resolve hosts with DNSCrypt-proxy"
echo -e "Auto-Config Failed." && sleep 3 && clear
notification_b "Print instructions on manually configuring DNSCrypt?"
read -p '[Y]es/[N]o: ' choice
if [[ $choice == 'y' || $choice == 'Y' ]]; then
echo -e "
1. Open your NetworkManager and navigate to your connection.
2. Select the option that allows you to edit the settings.
3. Navigate to IPv4 Settings.
4. Click on the drop-down menu labeled 'Method'
5. From there select the option called:
Automatic(DHCP Addresses Only)
6. In the 'DNS Servers' field enter the following value:
127.0.2.1
7. Click 'Save' and exit the NetworkManager\n"
read -p 'Press any button to continue ' null && clear
notification_b "Restarting appropriate services"
sudo systemctl restart NetworkManager
sudo systemctl restart dnscrypt-proxy && notification "DNSCrypt Configuration Complete"
else
warning "Aborted"
fi
else
notification "DNSCrypt configuration and installation complete"
fi
}
function resolv_conf(){
# Creating resolv.conf overide
echo "nameserver 127.0.2.1" | sudo tee /etc/resolv.conf.override
sudo chmod 0777 /etc/resolv.conf.override
sudo chown root:root /etc/resolv.conf.override
# Create NetMan script
touch 20-resolv.conf.override
echo -e "
#########
#!/bin/sh
cp -f /etc/resolv.conf.override" > tmp.log
tail -n 2 tmp.log > 20-resolv-conf-override
# Move to appropriate directory
sudo mv -f 20-resolv-conf-override /etc/NetworkManager/dispatcher.d/
# Set appropriate permissions
# sudo chmod 0755 /etc/NetworkManager/dispatcher.d/20-resolv-conf-override
sudo chown root:root /etc/NetworkManager/dispatcher.d/20-resolv-conf-override
# Symlink
sudo ln -f /etc/NetworkManager/dispatcher.d/20-resolv-conf-override /etc/NetworkManager/dispatcher.d/pre-up.d/
# Restart affected services
sudo systemctl restart NetworkManager
sudo systemctl restart dnscrypt-proxy
}
function conf_dnsmasq(){
notification "Creating backups for original configuration"
sudo cp /etc/dnsmasq.d backup-*
notification "Writing new configuration"
echo -e"# Redirect everything to dnscrypt-proxy
server=127.0.2.1
no-resolv
proxy-dnssec" | sudo tee /etc/dnsmasq.d/dnscrypt-proxy
}
function conf_netman(){
notification "Creating backups for original configuration"
sudo cp /etc/NetworkManager/NetworkManager.conf backup-*
notification "Writing new configuration"
echo -e "[main]
plugins=ifupdown,keyfile,ofono
#dns=dnsmasq
[ifupdown]
managed=false" | sudo tee /etc/NetworkManager/NetworkManager.conf
}
function dnscrypt(){
notification "Installing and configuring DNSCrypt-proxy"
dnscv=$(dnscrypt-proxy --version)
case $dnscv in
*"2.0.19"*)
pv=1
;;
esac
if [[ $pv != 1 ]]; then
sudo apt purge dnscrypt-proxy > /dev/null
sudo apt install -y dnscrypt-proxy
stat /etc/dnsmasq.d/dnscrypt-proxy > /dev/null || notification "Configuring dnsmasq" && conf_dnsmasq
notification "Configuring resolvconf"
resolv_conf
fi
if [[ -z $(which dnscrypt-proxy) ]]; then
os=$(uname -a)
case $os in
# Does $os contain 'Debian'?
*"Debian"*)
d=1
;;
esac
if [[ d=1 ]]; then
# It is essential to add these sources in order to
# properly install and configure DNSCrypt-proxy on Debian
echo "deb https://deb.debian.org/debian/ testing main" | sudo tee /etc/apt/sources.list.d/testing.list
echo "deb https://deb.debian.org/debian/ unstable main" | sudo tee /etc/apt/sources.list.d/unstable.list
# It is equally essential to pin them in order not to
# install utilities that would otherwise be incompatible
# or undesirable on the system in question
notification "Creating 'pinning.conf' backup"
sudo cp /etc/apt/preferences.d/pinning.pref backup-*
notification "Writing new configuration"
echo -e "
Package: *
Pin: release a=stable
Pin-Priority: 900
Package: *
Pin: release a=testing
Pin-Priority: 500
Package: *
Pin: release a=unstable
Pin-Priority: 100 " > pinning.pref
sudo mv -f pinning.pref /etc/apt/preferences.d/
warning "IMPORTANT [!]" && sleep 1
echo "While the applied config procedures originate"
echo "from DNSCrypt-proxy's official documentation."
echo "Should you find that when next you perform an"
echo "upgrade, unwanted packages are being included."
echo -e "Restore the backup file from the backup dir.\n"
echo -e "For more information run: man apt_preferences\n"
read -p 'Enter any button to to continue: ' null && clear
notification "Preparations complete. Installing."
sudo apt update && sudo apt install -y testing dnscrypt-proxy
sudo apt install -y unstable dnscrypt-proxy
notification "Operations Completed"
else
os=$(uname -a)
case $os in
# Does $os contain 'Ubuntu'?
*"Ubuntu"*)
u=1
;;
esac
if [[ $u != 1 ]]; then warning "Only Debian and Ubuntu configurations supported at this time." && exit 0; fi
if [[ $u == 1 ]]; then
notification "Installing and configuring DNSCrypt-proxy"
# The reason we're adding this repository is because
# it has a version compatible with most Ubuntu OS Versions
sudo add-apt-repository ppa:shevchuk/dnscrypt-proxy
sudo apt-get update
sudo apt-get -y install dnscrypt-proxy
if [[ -z $(which dnsmasq) ]]; then
notification "Configuring Network Manager"
conf_netman
notification "Configuring resolvconv"
resolv_conf
else
stat /etc/dnsmasq.d/dnscrypt-proxy > /dev/null || notification "Configuring dnsmasq" && conf_dnsmasq
notification "Configuring resolvconv"
resolv_conf
fi
fi
fi
fi
notification "Task Completed"
}
# Install VeraCrypt and pwgen
function vera(){
logo
echo -e "\n
Welcome to the config and dependency manager for NetSet.
The latest release adds VeraCrypt. This provides the user
with the means to create encrypted volumes and keep data
safe. This version also installs 'pwgen' in order to
generate secure passwords conveniently.\n"
read -p 'Start installation? [Y]es/[N]o: ' choice
if [[ $choice == 'y' || $choice == 'Y' ]]; then
notification "Installing VeraCrypt" && sleep 2
# Create dir to extract tar to
mkdir veracrypt && cd veracrypt
wget -O veracrypt.tar.bz2 https://launchpad.net/veracrypt/trunk/1.23/+download/veracrypt-1.23-setup.tar.bz2
tar -xvjf veracrypt.tar.bz2 || warning "Something went wrong" && exit 1
MACHINE_TYPE=`uname -m`
if [[ ${MACHINE_TYPE} == 'x86_64' ]]; then
chmod +x veracrypt-1.23-setup-gui-x64
./veracrypt-1.23-setup-gui-x64 && notification "Installed VeraCrypt"
else
chmod +x veracrypt-1.23-setup-gui-x86
./veracrypt-1.23-setup-gui-x86 && notification "Installed VeraCrypt"
fi
# Back to depconf dir
cd ..
# Install pwgen for secure password generation
if [[ -z $(which pwgen) ]]; then
notification "Installing 'pwgen' for secure password generation." && sleep 2
sudo apt-get -y pwgen || warning "Something went wrong" && exit 1
fi
fi
}
function start(){
# Print banner
logo
echo -e "\n
Welcome to the config and dependency manager for NetSet.
All third party utilities employed by NetSet will be
automatically installed and configured by this script.
Before making changes all relevant config files will
be backed up in a directory labeled: 'backup- $(date) '\n"
read -p 'Start installation? [Y]es/[N]o: ' choice
if [[ $choice == 'y' || $choice == 'Y' ]]; then
# Install utilities
notification "Checking system utilities." && sleep 2
if [[ -z $(which pymux) ]]; then pip install pymux; fi
if [[ -z $(which tor) ]]; then sudo apt-get -y install tor; fi
if [[ -z $(which nmcli) ]]; then sudo apt-get -y install nmcli; fi
if [[ -z $(which torsocks) ]]; then sudo apt-get -y install torsocks; fi
if [[ -z $(which openvpn) ]]; then sudo apt-get -y install openvpn; fi
if [[ -z $(which iptables) ]]; then sudo apt-get -y install iptables; fi
if [[ -z $(which macchanger) ]]; then sudo apt-get -y install macchanger; fi
if [[ -z $(which proxychains) ]]; then
sudo apt-get -y install proxychains
notification_b "Proxychains has been installed, run 'man proxychains' for details."
fi
notification "Packages checked."
# Install and config DNSCrypt
dnscrypt && dns_test
echo "DNSCrypt-proxy installed and configured" > installed.log
# Install proxy fetcher
wget -O proxies/fetch.py https://raw.githubusercontent.com/stamparm/fetch-some-proxies/master/fetch.py && echo "Proxy Fetcher installed" >> installed.log
if [[ -z $(which protonvpn) ]]; then
echo -e "Would you like to install ProtonVPN?"
read -p '[Y]es/[N]o ' choice
if [[ $choice == 'y' || $choice == 'Y' ]]; then
notification_b "You need an account at Proton before you can use ProtonVPN"
echo -e "Open registration page with web browser?"
read -p '[Y]es/[N]o ' choice
if [[ $choice == 'y' || $choice == 'Y' ]]; then
python -m webbrowser https://protonvpn.com/free-vpn
else
warning "Skipping Account Creation"
if [[ -z $(which dialog) ]]; then sudo apt-get install -y dialog; fi
pip3 install protonvpn-cli || sudo pip3 install protonvpn-cli
protonvpn init
fi
fi
fi
else
warning "Installation Aborted"
fi
# Install VeraCrypt
vera
}
# Check to see if we only need to install VeraCrypt
if [[ "$1" != "" ]]; then
case $1 in
'--crypto' )
vera
esac
else
# Install all
start
fi