moving files around

2025-07-01 13:35:42 +00:00 · 2025-07-01 13:35:42 +00:00 · c919df4480
commit c919df4480
parent 4133a99394
4 changed files with 134 additions and 0 deletions
--- a/certbotdns.sh
+++ b/certbotdns.sh
@ -0,0 +1,46 @@
+# Setting variables to run
+DOMAIN=""
+CLOUDFLAREEMAIL=""
+CLOUDFLAREAPIKEY=""
+
+RANDOMLEVEL4=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 6 | head -n 1)
+
+# Verifying script is run as root
+if [ "$EUID" -ne 0 ]
+  then echo "Please run as root"
+  exit
+fi
+#Verifying script runns on /root
+if [ "$PWD" != "/root" ]
+  then echo "Please run on /root"
+  exit
+fi
+# make some cleaning for previous testings
+rm cloudflare.ini renewcert 2>&1 >/dev/null
+
+# Verifying certbot is in the system
+certbot --version 2>&1 >/dev/null # improvement by tripleee
+CERBOT_IS_AVAILABLE=$?
+if [ $CERBOT_IS_AVAILABLE -ne 0 ]; then
+    echo "Certbot is not installed. Installing it..."
+    # Installing certbot
+    apt update
+    apt install -y nginx certbot python3-certbot-nginx python3-certbot-dns-cloudflare
+fi
+
+echo "dns_cloudflare_email = "$CLOUDFLAREEMAIL > cloudflare.ini
+echo "dns_cloudflare_api_key = "$CLOUDFLAREAPIKEY >> cloudflare.ini
+chmod 600 cloudflare.ini
+echo "#!/bin/bash" > renewcert
+echo "source /root/certbot/venv/bin/activate" >> renewcert
+echo "certbot renew" >> renewcert
+chmod +x renewcert
+ln /root/renewcert /etc/cron.weekly/renewcert
+
+certbot certonly \
+        --agree-tos --email $CLOUDFLAREEMAIL  --noninteractive \
+    --server "https://acme-v02.api.letsencrypt.org/directory" \
+    --dns-cloudflare \
+    --dns-cloudflare-propagation-seconds 60 \
+    --dns-cloudflare-credentials "/root/cloudflare.ini" \
+    -d $DOMAIN -d "*."$DOMAIN -d $RANDOMLEVEL4".discard."$DOMAIN
--- a/csrgen.sh
+++ b/csrgen.sh
@ -0,0 +1,41 @@
+#!/bin/bash
+
+# Check for required arguments
+if [ "$#" -ne 2 ]; then
+    echo "Usage: $0 <hostname> <ip>"
+    exit 1
+fi
+
+HOSTNAME=$1
+IP=$2
+DEST_FOLDER="~/LAB/CA" # Use the environment variable
+CONF_FILE="newcert.cnf"
+KEY_FILE="${HOSTNAME}-key.pem"
+CSR="${HOSTNAME}.csr"
+
+# Use sed to replace the hostname in the configuration file
+sed -i.bak "s/[a-z]\+\.local\.naxslabs\.com/${HOSTNAME}.local.naxslabs.com/g" "$CONF_FILE"
+
+# Update the IP address in the configuration file
+sed -i.bak "s/[0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+/${IP}/g" "$CONF_FILE"
+
+echo "Updated $CONF_FILE with hostname: $HOSTNAME"
+
+# Generate SSL certificate request
+openssl req -new -newkey rsa:2048 -nodes -keyout "$KEY_FILE" -out "$CSR" -config "$CONF_FILE" -extensions v3_req
+
+echo "Generated SSL certificate and key: $KEY_FILE and $CSR"
+
+# Create a new directory for the hostname within the destination folder
+HOST_DIR="${DEST_FOLDER}/${HOSTNAME}"
+mkdir -p "$HOST_DIR"
+
+# Check if generated files exist and move them to the hostname directory
+for file in "$CSR" "$KEY_FILE"; do
+    if [ -f "$file" ]; then
+        mv "$file" "$HOST_DIR"
+        echo "Moved $file to $HOST_DIR"
+    else
+        echo "$file does not exist."
+    fi
+done
--- a/docker.sh
+++ b/docker.sh
@ -0,0 +1,18 @@
+#!/usr/bin/env sh
+
+#!/bin/bash
+
+# Preparation
+sudo apt update -y
+sudo apt install ca-certificates curl gnupg lsb-release -y
+sudo mkdir -m 0755 -p /etc/apt/keyrings
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
+echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+
+# Install Docker Engine
+sudo apt update -y
+sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y
+
+# Add user htb-student to the Docker group
+sudo usermod -aG docker $USERNAME
+echo '[!] You need to log out and log back in for the group changes to take effect.'
--- a/newcert.cnf
+++ b/newcert.cnf
@ -0,0 +1,29 @@
+[ req ]
+default_bits       = 2048
+default_md         = sha256
+distinguished_name = req_distinguished_name
+req_extensions     = v3_req
+
+[ req_distinguished_name ]
+countryName                 = Country Name (2 letter code)
+countryName_default         = US
+stateOrProvinceName         = State or Province Name (full name)
+stateOrProvinceName_default = State
+localityName                = Locality Name (eg, city)
+localityName_default        = City
+organizationName            = Organization Name (eg, company)
+organizationName_default    = Company
+organizationalUnitName      = Organizational Unit Name (eg, section)
+organizationalUnitName_default = IT
+commonName                  = Common Name (e.g. server FQDN or YOUR name)
+commonName_default          = 
+
+[ v3_req ]
+basicConstraints = CA:FALSE
+keyUsage = critical, digitalSignature, keyEncipherment, nonRepudiation
+extendedKeyUsage = serverAuth, clientAuth
+subjectAltName = @alt_names
+
+[ alt_names ]
+DNS.1 = 
+IP.1 =