#!/bin/bash #/** #@file settoken #@brief Generate a new security token for the specified service. #@usage settoken [-f] [Service] #@param -f: force server restart without prompting (ask by default) #@param Service: may be "server", "repo" or "both" (by default) #@warning This script uses "php" command. #@version 1.1.1 - Initial version. #@author Ramón M. Gómez - ETSII Univ. Sevilla #@date 2019-09-25 #*/ ## # Global constants definition. PROG=$(basename "$(realpath "$0")") # Program name. OPENGNSYS=/opt/opengnsys # OpenGnsys main directory. SERVERCFG=$OPENGNSYS/etc/ogAdmServer.cfg # Configuration files. REPOCFG=$OPENGNSYS/etc/ogAdmRepo.cfg # Functions. source $OPENGNSYS/lib/ogfunctions.sh # Error control. [ "$USER" != "root" ] && raiseError access "Need to be root" if [ "$1" == "-f" ]; then FORCE=1 shift fi [ $# -gt 1 ] && raiseError usage case "${1,,}" in help) help ;; server) SERVER=1 ;; repo) REPO=1 ;; ""|both) SERVER=1; REPO=1 ;; *) raiseError notfound "Unknown service" esac [ -w $SERVERCFG ] || raiseError access "Server configuration file" # Update server token. if [ "$SERVER" ]; then # Confirm action (server will be restarted). if [ ! "$FORCE" ]; then read -rp "It will be necessary to restart ogAdmServer service. Continue? [y/N]: " ANSWER [ "${ANSWER,,}" != "y" ] && raiseError cancel "API tokens not updated" fi APIKEY=$(php -r 'echo md5(uniqid(rand(), true));') sed -i -n -e "/^APITOKEN=/!p" -e "$ a\APITOKEN=$APIKEY" $SERVERCFG || raiseError access "Cannot update server file" fi # Update repository token. if [ "$REPO" ]; then [ -w $REPOCFG ] || raiseError access "Repository configuration file" APIKEY=$(php -r 'echo md5(uniqid(rand(), true));') sed -i -n -e "/^ApiToken=/!p" -e "$ a\ApiToken=$APIKEY" $REPOCFG || raiseError access "Cannot update repository file" # If database is local, update it. source $SERVERCFG source $REPOCFG if [ "$ServidorAdm" == "$IPlocal" ]; then MYCNF=$(mktemp) trap "rm -f $MYCNF" 0 1 2 3 6 9 15 chmod 600 $MYCNF cat << EOT > $MYCNF [client] user=$USUARIO password=$PASSWORD host=$datasource EOT mysql --defaults-extra-file="$MYCNF" --default-character-set=utf8 -D "$CATALOG" -e \ "UPDATE repositorios SET apikey='$APIKEY' WHERE ip='$IPlocal';" || raiseError access "Database error" else echo "Please, don't forget to update the authentication token for this repository on the web server (check the file ogAdmRepo.cfg)." fi fi # Restart server, if needed. if [ "$SERVER" ]; then restart opengnsys fi