Browse Source

fix scripts

pull/67/head
Jae Kwon 10 years ago
parent
commit
03354ba06d
3 changed files with 11 additions and 5 deletions
  1. +1
    -0
      INSTALL/README.md
  2. +9
    -4
      INSTALL/install_env.sh
  3. +1
    -1
      INSTALL/ssh_config.sh

+ 1
- 0
INSTALL/README.md View File

@ -4,6 +4,7 @@ NOTE: Only Ubuntu 14.04 64bit is supported at this time.
Install the dependencies and create a new user `tmuser` Install the dependencies and create a new user `tmuser`
curl -L https://raw.githubusercontent.com/tendermint/tendermint/master/INSTALL/ssh_config.sh > ssh_config.sh
curl -L https://raw.githubusercontent.com/tendermint/tendermint/master/INSTALL/install_env.sh > install_env.sh curl -L https://raw.githubusercontent.com/tendermint/tendermint/master/INSTALL/install_env.sh > install_env.sh
source install_env.sh source install_env.sh
cd /home/tmuser cd /home/tmuser


+ 9
- 4
INSTALL/install_env.sh View File

@ -11,6 +11,7 @@ fi
USER="tmuser" USER="tmuser"
ADMIN_EMAIL="ENTER_ADMIN_EMAIL" ADMIN_EMAIL="ENTER_ADMIN_EMAIL"
OPEN_PORTS=(46656 46657 46658 46659 46660 46661 46662 46663 46664 46665 46666 46667 46668 46669 46670 46671) OPEN_PORTS=(46656 46657 46658 46659 46660 46661 46662 46663 46664 46665 46666 46667 46668 46669 46670 46671)
SSH_PORT=20
WHITELIST=() WHITELIST=()
# update and upgrade # update and upgrade
@ -30,14 +31,18 @@ apt-get install -y make screen gcc git mercurial libc6-dev pkg-config libgmp-dev
echo "ENABLE FIREWALL ..." echo "ENABLE FIREWALL ..."
# copy in the ssh config with locked down settings # copy in the ssh config with locked down settings
source ssh_config.sh source ssh_config.sh
echo "$SSHCONFIG" > /etc/ssh/sshd_config
service ssh restart
if [ "$SSH_CONFIG" != "" ]; then
echo "$SSH_CONFIG" > /etc/ssh/sshd_config
service ssh restart
else
echo "Skipping over sshd_config rewrite"
fi
# white list ssh access # white list ssh access
for ip in "${WHITELIST[@]}"; do for ip in "${WHITELIST[@]}"; do
ufw allow from $ip to any port $SSHPORT
ufw allow from $ip to any port $SSH_PORT
done done
if [ ${#WHITELIST[@]} -eq 0 ]; then if [ ${#WHITELIST[@]} -eq 0 ]; then
ufw allow $SSHPORT
ufw allow $SSH_PORT
fi fi
# open ports # open ports
for port in "${OPEN_PORTS[@]}"; do for port in "${OPEN_PORTS[@]}"; do


+ 1
- 1
INSTALL/ssh_config.sh View File

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
SSHCONFIG="# Package generated configuration file
SSH_CONFIG="# Package generated configuration file
# See the sshd_config(5) manpage for details # See the sshd_config(5) manpage for details
# What ports, IPs and protocols we listen for # What ports, IPs and protocols we listen for


Loading…
Cancel
Save