Last active
April 8, 2020 09:54
-
-
Save lexologe/e649ea5a72604516b6358a365b63cf38 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Script to setup a SIP firewall on a clean Raspbian. | |
# | |
# Originally clone from NodeJS setup script. | |
# | |
# Run as root or insert `sudo -E` before `bash`: | |
# | |
# curl -sL https://git.io/JvxWf | bash - | |
# or | |
# wget -qO- https://git.io/JvxWf | bash - | |
export DEBIAN_FRONTEND=noninteractive | |
print_status() { | |
echo | |
echo "## $1" | |
echo | |
} | |
if test -t 1; then # if terminal | |
ncolors=$(which tput > /dev/null && tput colors) # supports color | |
if test -n "$ncolors" && test $ncolors -ge 8; then | |
termcols=$(tput cols) | |
bold="$(tput bold)" | |
underline="$(tput smul)" | |
standout="$(tput smso)" | |
normal="$(tput sgr0)" | |
black="$(tput setaf 0)" | |
red="$(tput setaf 1)" | |
green="$(tput setaf 2)" | |
yellow="$(tput setaf 3)" | |
blue="$(tput setaf 4)" | |
magenta="$(tput setaf 5)" | |
cyan="$(tput setaf 6)" | |
white="$(tput setaf 7)" | |
fi | |
fi | |
print_bold() { | |
title="$1" | |
text="$2" | |
echo | |
echo "${red}================================================================================${normal}" | |
echo "${red}================================================================================${normal}" | |
echo | |
echo -e " ${bold}${yellow}${title}${normal}" | |
echo | |
echo -en " ${text}" | |
echo | |
echo "${red}================================================================================${normal}" | |
echo "${red}================================================================================${normal}" | |
} | |
bail() { | |
echo 'Error executing command, exiting' | |
exit 1 | |
} | |
exec_cmd_nobail() { | |
echo "+ $1" | |
bash -c "$1" | |
} | |
exec_cmd() { | |
exec_cmd_nobail "$1" || bail | |
} | |
setup() { | |
print_status "Setting up the SIP firewall on a Raspberry Pi..." | |
PRE_INSTALL_PKGS="" | |
# Check that HTTPS transport is available to APT | |
# (Check snaked from: https://get.docker.io/ubuntu/) | |
if [ ! -e /usr/lib/apt/methods/https ]; then | |
PRE_INSTALL_PKGS="${PRE_INSTALL_PKGS} apt-transport-https" | |
fi | |
if [ ! -x /usr/bin/lsb_release ]; then | |
PRE_INSTALL_PKGS="${PRE_INSTALL_PKGS} lsb-release" | |
fi | |
if [ ! -x /usr/bin/curl ] && [ ! -x /usr/bin/wget ]; then | |
PRE_INSTALL_PKGS="${PRE_INSTALL_PKGS} curl" | |
fi | |
# Used by apt-key to add new keys | |
if [ ! -x /usr/bin/gpg ]; then | |
PRE_INSTALL_PKGS="${PRE_INSTALL_PKGS} gnupg" | |
fi | |
# Populating Cache | |
print_status "Populating apt-get cache..." | |
exec_cmd 'apt-get update' | |
if [ "X${PRE_INSTALL_PKGS}" != "X" ]; then | |
print_status "Installing packages required for setup:${PRE_INSTALL_PKGS}..." | |
# This next command needs to be redirected to /dev/null or the script will bork | |
# in some environments | |
exec_cmd "apt-get install -y${PRE_INSTALL_PKGS} > /dev/null 2>&1" | |
fi | |
DISTRO=$(lsb_release -c -s) | |
if [ "X${DISTRO}" == "Xdebian" ]; then | |
print_status "Unknown Debian-based distribution, checking /etc/debian_version..." | |
NEWDISTRO=$([ -e /etc/debian_version ] && cut -d/ -f1 < /etc/debian_version) | |
if [ "X${NEWDISTRO}" == "X" ]; then | |
print_status "Could not determine distribution from /etc/debian_version..." | |
else | |
DISTRO=$NEWDISTRO | |
print_status "Found \"${DISTRO}\" in /etc/debian_version..." | |
fi | |
fi | |
print_status "Confirming \"${DISTRO}\" is supported..." | |
FIRE_INSTALL_PKGS="" | |
FIRE_INSTALL_PKGS="${FIRE_INSTALL_PKGS} screen iperf3 tcpdump jed arping iftop netdiag kamailio rtpproxy" | |
if [ "X${FIRE_INSTALL_PKGS}" != "X" ]; then | |
print_status "Installing packages required for SIP firewall:${FIRE_INSTALL_PKGS}..." | |
# This next command needs to be redirected to /dev/null or the script will bork | |
# in some environments | |
exec_cmd "apt-get install -y${FIRE_INSTALL_PKGS} > /dev/null 2>&1" | |
fi | |
print_status "Setting up locale ..." | |
exec_cmd "localedef -i en_US -f UTF-8 en_US.UTF-8" | |
} | |
## Defer setup until we have the complete script | |
setup |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment