From 8f668d6cd910550b5d5409c21d0119db574e1c73 Mon Sep 17 00:00:00 2001
From: joglomedia <eslabs.id@gmail.com>
Date: Thu, 24 Oct 2019 00:32:33 +0700
Subject: [PATCH] Enhance LEMPer installer

---
 .env.dist         | 60 ++++++++++++++++++++++++++---------------------
 lemper.sh         | 21 +++++------------
 scripts/helper.sh | 27 ++++++++++++++-------
 3 files changed, 57 insertions(+), 51 deletions(-)

diff --git a/.env.dist b/.env.dist
index 9c87a60..628a550 100644
--- a/.env.dist
+++ b/.env.dist
@@ -3,13 +3,8 @@
 #
 
 [lemper]
-# Default Timezone, leave it blank or "none" for current server setting
-# Ref: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
-# Example: Asia/Jakarta
-TIMEZONE=""
-
-# Server IP address, leave it blank for auto detection.
-IP_SERVER=""
+# Installer version.
+LEMPER_VERSION="1.3.0"
 
 # Default account username.
 LEMPER_USERNAME="lemper"
@@ -21,6 +16,14 @@ LEMPER_PASSWORD=""
 # Administration email. Don't leave it blank!
 ADMIN_EMAIL="support@lemper.sh"
 
+# Server IP address, leave it blank for auto detection.
+IP_SERVER=""
+
+# Default Timezone, leave it blank or "none" for current server setting
+# Ref: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
+# Example: Asia/Jakarta
+TIMEZONE=""
+
 # Auto install, true for auto installation,
 # false for manual or guided installation.
 AUTO_INSTALL=true
@@ -40,7 +43,7 @@ LOGGING=true
 
 [ssh]
 # Customized SSH port.
-SSH_PORT="2269"
+SSH_PORT=2269
 
 # Allow SSH root login (value: true | false).
 SSH_ROOT_LOGIN=true
@@ -55,15 +58,6 @@ RSA_PUB_KEY="copy your ssh public rsa key here"
 # length of bits used for generating RSA key / Diffie-Helman params.
 HASH_LENGTH=2048
 
-[firewall]
-# Install iptables-based firewall (value: true | false).
-INSTALL_FW=true
-
-# Firewall configurator engine
-# available engine: ufw | csf | apf
-# UFW is default Ubuntu firewall configurator.
-FW_ENGINE="ufw"
-
 [nginx]
 INSTALL_NGINX=true
 NGINX_INSTALLER="source"
@@ -82,14 +76,14 @@ NGINX_EXTRA_MODULES=true
 
 # Availabe extra modules (true to enable),
 # requires Nginx installation from source.
-NGX_ECHO=false
-NGX_HTTP_FANCYINDEX=true
-NGX_HTTP_HEADERS_MORE=true
 NGX_HTTP_AUTH_PAM=false
 NGX_HTTP_BROTLI=true
 NGX_HTTP_CACHE_PURGE=true
+NGX_HTTP_ECHO=false
+NGX_HTTP_FANCYINDEX=true
 NGX_HTTP_GEOIP=false
 NGX_HTTP_GEOIP2=false
+NGX_HTTP_HEADERS_MORE=true
 NGX_HTTP_IMAGE_FILTER=false
 NGX_HTTP_MEMCACHED=false
 NGX_HTTP_NAXSI=true
@@ -156,6 +150,8 @@ MEMCACHED_VERSION="latest"
 
 # Enable SASL authentication.
 MEMCACHED_SASL=false
+MEMCACHED_USERNAME=""
+MEMCACHED_PASSWORD=""
 
 [mongodb]
 INSTALL_MONGODB=false
@@ -164,8 +160,9 @@ MONGODB_VERSION="4.0"
 [redis]
 INSTALL_REDIS=true
 
-[certbot]
-INSTALL_CERTBOT=true
+# Enable pass authentication.
+REDIS_REQUIREPASS=false
+REDIS_PASSWORD=""
 
 [dns]
 # TODO: Install DNS server.
@@ -173,8 +170,17 @@ INSTALL_CERTBOT=true
 [mailer]
 INSTALL_POSTFIX=true
 
-[decorator]
-# Text colour decorator.
-RED=31
-GREEN=32
-YELLOW=33
+[certbot]
+INSTALL_CERTBOT=true
+
+[firewall]
+INSTALL_FW=true
+
+# Firewall configurator engine
+# available engine: ufw | csf | apf
+# UFW is default Ubuntu firewall configurator.
+FW_ENGINE="ufw"
+
+[fail2ban]
+INSTALL_FAIL2BAN=false
+FAIL2BAN_JAIL_SSH="enable"
diff --git a/lemper.sh b/lemper.sh
index b59d915..d4fc113 100755
--- a/lemper.sh
+++ b/lemper.sh
@@ -85,6 +85,9 @@ case "${1}" in
         # Init log.
         run init_log
 
+        # Init config.
+        run init_config
+
         ### Clean-up server ###
         echo ""
         if [ -f scripts/cleanup_server.sh ]; then
@@ -181,7 +184,7 @@ case "${1}" in
         if "${FORCE_REMOVE}"; then
             # Cleaning up all build dependencies hanging around on production server?
             echo -e "\nClean up installation process..."
-            run apt-get autoremove -y
+            run apt-get -qq autoremove -y
 
             # Cleanup build dir
             echo "Clean up build directory..."
@@ -223,19 +226,7 @@ Please Save & Keep It Private!
                 status "${CREDENTIALS}"
 
                 # Save it to log file
-                echo "${CREDENTIALS}" >> lemper.log
-
-                # Save to lemper.conf
-                cat > /etc/lemper.conf <<EOL
-HOSTNAME=$(hostname)
-IP_SERVER=${IP_SERVER}
-SSH_PORT=${SSH_PORT}
-LEMPER_USERNAME=${USERNAME}
-LEMPER_PASSWORD=${PASSWORD}
-MYSQL_ROOT_PASS=${MYSQL_ROOT_PASS}
-MARIABACKUP_USER=${MARIABACKUP_USER}
-MARIABACKUP_PASS=${MARIABACKUP_PASS}
-EOL
+                save_log "${CREDENTIALS}"
             fi
         fi
 
@@ -335,7 +326,7 @@ Now, you can reboot your server and enjoy it!"
             fi
         fi
 
-        # Remove Tools
+        # Remove tools.
         run rm -f /usr/local/bin/lemper-cli
         run rm -fr /usr/local/lib/lemper
 
diff --git a/scripts/helper.sh b/scripts/helper.sh
index 340270f..2e5d344 100644
--- a/scripts/helper.sh
+++ b/scripts/helper.sh
@@ -507,12 +507,11 @@ function create_account() {
                 run echo "${USERNAME}:${PASSWORD_HASH}" >> /srv/.htpasswd
             fi
 
+            # Save config.
+            save_config -e "LEMPER_USERNAME=${USERNAME}\nLEMPER_PASSWORD=${PASSWORD}\nLEMPER_ADMIN_EMAIL=${ADMIN_EMAIL}"
+
             # Save data to log file.
-            echo "
-Your default system account information:
-Username: ${USERNAME}
-Password: ${PASSWORD}
-"
+            save_log -e "Your default system account information:\nUsername: ${USERNAME}\nPassword: ${PASSWORD}"
 
             status "Username ${USERNAME} created."
         fi
@@ -559,6 +558,12 @@ function get_ip_addr() {
     fi
 }
 
+# Init logging.
+function init_log() {
+    [ ! -e lemper.log ] && touch lemper.log
+    save_log "Initialize LEMPer installation log..."
+}
+
 # Save log.
 function save_log() {
     {
@@ -568,10 +573,14 @@ function save_log() {
     } >> lemper.log
 }
 
-# Init logging.
-function init_log() {
-    touch lemper.log
-    save_log "Initialize LEMPer installation log..."
+# Make config file if not exist.
+function init_config() {
+    [ ! -e /etc/lemper/lemper.conf ] && mkdir -p /etc/lemper/ && touch /etc/lemper/lemper.conf
+}
+
+# Save configuration.
+function save_config() {
+    echo "$@" >> /etc/lemper/lemper.conf
 }
 
 # Header message.