Skip to content

Commit

Permalink
TorBox mini: rc.local integration / raspberrypi-kernel-headers and dk…
Browse files Browse the repository at this point in the history 
…ms removed
  • Loading branch information
@radio24
radio24 committed Mar 31, 2024
1 parent 5a0a567 commit 845fb80
Show file tree
Hide file tree
Showing 5 changed files with 168 additions and 44 deletions.
17 changes: 9 additions & 8 deletions etc/rc.local.disable_wlan
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,14 +59,15 @@ for INTERFACE in $AVAILABLE_INTERFACES ; do
sleep 2
fi
#
if grep "^MAC_$INTERFACE=permanent" /home/torbox/torbox/run/torbox.run; then sudo macchanger -p $INTERFACE; fi
if grep "^MAC_$INTERFACE=random" /home/torbox/torbox/run/torbox.run; then sudo macchanger -r $INTERFACE; fi
# NEW v.0.5.3: We have only to put an interface up, if it was up before
if [ "$INTERFACE1_DOWN" = "1" ]; then
sudo ip link set dev $INTERFACE up
INTERFACE1_DOWN=0
fi
#
# NEW v.0.5.4: After a restart, the default MAC address is already set. Executing the comand result in a error.
# if grep "^MAC_$INTERFACE=permanent" /home/torbox/torbox/run/torbox.run; then sudo macchanger -p $INTERFACE; fi
if grep "^MAC_$INTERFACE=random" /home/torbox/torbox/run/torbox.run; then sudo macchanger -r $INTERFACE; fi
# NEW v.0.5.3: We have only to put an interface up, if it was up before
if [ "$INTERFACE1_DOWN" = "1" ]; then
sudo ip link set dev $INTERFACE up
INTERFACE1_DOWN=0
fi
#
else
MAC_ADDRESS=$(grep "MAC_$INTERFACE=" /home/torbox/torbox/run/torbox.run | sed "s/.*=//g")
# NEW v.0.5.3: We have only to put an interface down, if it is not already down
Expand Down
134 changes: 134 additions & 0 deletions etc/rc.local.mini
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,134 @@
#!/bin/sh -e
#
# This file is a part of TorBox, an easy to use anonymizing router based on Raspberry Pi.
# Copyright (C) 2024 Patrick Truffer
# Contact: anonym@torbox.ch
# Website: https://www.torbox.ch
# Github: https://github.com/radio24/TorBox
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it is useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#

export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/usr/local/go/bin
sudo dmesg -D
rfkill unblock all
rfkill block bluetooth
bash /home/torbox/torbox/bin/regset
sudo systemctl stop hostapd

if grep "TWEBSSH=1" /home/torbox/torbox/run/torbox.run ; then
[ ! -f /etc/nginx/sites-available/webssh.conf ] && sudo cp /home/torbox/torbox/etc/nginx/sites-available/sample-webssh.conf /etc/nginx/sites-available/webssh.conf
[ ! -L /etc/nginx/sites-enabled/webssh.conf ] && sudo ln -sf /etc/nginx/sites-available/webssh.conf /etc/nginx/sites-enabled/
(nohup sudo /home/torbox/torbox/lib/webssh/twebssh --unix-socket=/var/run/webssh.sock &) 2>/dev/null
sudo ls /var/run | grep .*-onion-.*.sock | xargs -I {} -d"\n" sudo rm /var/run/{}
sudo systemctl restart nginx
fi

# Change the MAC address if needed
# List all available network interfaces
AVAILABLE_INTERFACES=$(ip -o link show | awk -F': ' '{print $2}' | sed "/^lo/d" | sed "/^wwan/d")
for INTERFACE in $AVAILABLE_INTERFACES ; do
if grep "^MAC_$INTERFACE=permanent" /home/torbox/torbox/run/torbox.run || grep "^MAC_$INTERFACE=random" /home/torbox/torbox/run/torbox.run ; then
# NEW v.0.5.3: We have only to put an interface down, if it is not already down
# ATTENTION not connected interfaces have to put down, even the state is already down --> NO-CARRIER
if ip link | grep "$INTERFACE" | grep -e "state UP" -e "NO-CARRIER" ; then
sudo ip link set dev $INTERFACE down
INTERFACE1_DOWN=1
sleep 2
fi
#
# NEW v.0.5.4: After a restart, the default MAC address is already set. Executing the comand result in a error.
# if grep "^MAC_$INTERFACE=permanent" /home/torbox/torbox/run/torbox.run; then sudo macchanger -p $INTERFACE; fi
if grep "^MAC_$INTERFACE=random" /home/torbox/torbox/run/torbox.run; then sudo macchanger -r $INTERFACE; fi
# NEW v.0.5.3: We have only to put an interface up, if it was up before
if [ "$INTERFACE1_DOWN" = "1" ]; then
sudo ip link set dev $INTERFACE up
INTERFACE1_DOWN=0
fi
#
else
MAC_ADDRESS=$(grep "MAC_$INTERFACE=" /home/torbox/torbox/run/torbox.run | sed "s/.*=//g")
# NEW v.0.5.3: We have only to put an interface down, if it is not already down
# ATTENTION not connected interfaces have to put down, even the state is already down --> NO-CARRIER
if ip link | grep "$INTERFACE" | grep -e "state UP" -e "NO-CARRIER" ; then
sudo ip link set dev $INTERFACE down
INTERFACE1_DOWN=1
sleep 2
fi
sudo ip link set dev $INTERFACE address $MAC_ADDRESS
# NEW v.0.5.3: We have only to put an interface up, if it was up before
if [ "$INTERFACE1_DOWN" = "1" ]; then
sudo ip link set dev $INTERFACE up
INTERFACE1_DOWN=0
fi
fi
done

# Let's check if we can auto-connect to a wireless network
if ip link | grep wlan0 ; then
if grep "INTERNET_IFACE=wlan0" /home/torbox/torbox/run/torbox.run ; then
exitstatus=$(sudo /usr/bin/python3 /home/torbox/torbox/lib/torbox_wireless_manager.py -i wlan0 -a)
if [ "$exitstatus" == "1" ]; then
systemctl restart tor
fi
fi
fi

# If configured, turn TACA on
if grep "LOGCHECK=1" /home/torbox/torbox/run/torbox.run ; then
(nohup sudo /usr/bin/python3 /home/torbox/torbox/log_check.py &) 2>/dev/null
fi

# Start TFS and TCS, if configured
if grep "^TFS-" /home/torbox/torbox/run/torbox.run ; then sudo /home/torbox/torbox/bin/start_tfs initial ; fi
if grep "^TCS-" /home/torbox/torbox/run/torbox.run ; then sudo /home/torbox/torbox/bin/start_tcs initial ; fi

sudo systemctl start dnsmasq
sudo /bin/ping -c 1 "pool.ntp.org" >/dev/null 2>&1 && sudo /usr/sbin/ntpdate pool.ntp.org
# NEW post-v.0.5.3
sudo systemctl stop dnsmasq

# NEW v.0.5.3
# Starting domain exclusion, if activated
if grep "^UNPROTECTED_DOMAIN=1" /home/torbox/torbox/run/torbox.run ; then
if [ -f "/home/torbox/torbox/run/clearnet-list" ]; then
sudo /sbin/ipset -q restore -file /home/torbox/torbox/run/clearnet-list -exist
else
sudo /sbin/ipset create clearnet-list hash:ip
fi
tun0up=$(sudo timeout 5 sudo route | grep -m 1 tun0 | tr -s " " | cut -d " " -f1)
if [ ! -z "$tun0up" ] ; then
if [ -f "/home/torbox/torbox/run/vpn-list" ]; then
sudo ipset -q restore -file /home/torbox/torbox/run/vpn-list -exist
fi
fi
fi
sudo /sbin/iptables-restore < /etc/iptables.ipv4.nat

# This function opens the ports, after a restart if bridge relay is on
if grep "^BridgeRelay" /etc/tor/torrc ; then
ORPORT=$(grep "^ORPort" /etc/tor/torrc | cut -d " " -f2)
OBFS4PORT=$(grep "^ServerTransportListenAddr" /etc/tor/torrc | cut -d ":" -f2)
(sudo /sbin/iptables -C INPUT -p tcp --dport $ORPORT -j ACCEPT) 2>/dev/null
RULE_CHECK=$?
if [ $RULE_CHECK = 1 ]; then
(sudo /sbin/iptables -A INPUT -p tcp --dport $ORPORT -j ACCEPT) 2>/dev/null
(sudo /sbin/iptables -A INPUT -p tcp --dport $OBFS4PORT -j ACCEPT) 2>/dev/null
fi
else
if iptables-save | grep -e "-A INPUT -p tcp --dport $ORPORT -j ACCEPT" ; then (sudo /sbin/iptables -D INPUT -p tcp --dport $ORPORT -j ACCEPT) 2>/dev/null ; fi
if iptables-save | grep -e "-A INPUT -p tcp --dport $OBFS4PORT -j ACCEPT" ; then (sudo /sbin/iptables -D INPUT -p tcp --dport $OBFS4PORT -j ACCEPT) 2>/dev/null ; fi
fi

exit 0
10 changes: 5 additions & 5 deletions install/run_install.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1108,12 +1108,12 @@ sudo sed -i "s|^WIRINGPI_USED=.*|WIRINGPI_USED=${WIRINGPI_USED}|g" ${RUNFILE}
# NEW v.0.5.4: Specifc configurations for an installation on a cloud
# Important: Randomizing MAC addresses could prevent the assignement of an IP address
if [ "$ON_A_CLOUD" == "--on_a_cloud" ]; then
sed -i "s/^FRESH_INSTALLED=.*/FRESH_INSTALLED=1/" ${RUNFILE}
sed -i "s/^ON_A_CLOUD=.*/ON_A_CLOUD=1/" ${RUNFILE}
sed -i "s/=random/=permanent/" ${RUNFILE}
sudo sed -i "s/^FRESH_INSTALLED=.*/FRESH_INSTALLED=1/" ${RUNFILE}
sudo sed -i "s/^ON_A_CLOUD=.*/ON_A_CLOUD=1/" ${RUNFILE}
sudo sed -i "s/=random/=permanent/" ${RUNFILE}
else
sed -i "s/^FRESH_INSTALLED=.*/FRESH_INSTALLED=3/" ${RUNFILE}
sed -i "s/^ON_A_CLOUD=.*/ON_A_CLOUD=0/" ${RUNFILE}
sudo sed -i "s/^FRESH_INSTALLED=.*/FRESH_INSTALLED=3/" ${RUNFILE}
sudo sed -i "s/^ON_A_CLOUD=.*/ON_A_CLOUD=0/" ${RUNFILE}
fi

echo -e "${RED}[+] Update sudo setup${NOCOLOR}"
Expand Down
41 changes: 15 additions & 26 deletions install/run_install_mini.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@
# on the SD card running in the Raspberry Pi Zero 2 W.
#
# SYNTAX
# ./run_install.sh [-h|--help] [--randomize_hostname] [--select-tor] [--select-fork fork_owner_name] [--select-branch branch_name] [--on_a_cloud] [--step_by_step]
# ./run_install.sh [-h|--help] [--randomize_hostname] [--select-tor] [--select-fork fork_owner_name] [--select-branch branch_name] [--step_by_step]
#
# The -h or --help option shows the help screen.
#
Expand All @@ -47,9 +47,6 @@
# The --select-branch option allows to install a specific TorBox branch.
# Without this option, the installation script installs the master branch.
#
# The --on_a_cloud option has to be used if you install TorBox on a cloud or
# as a cloud service. This will enable/disable some features.
#
# The --step_by_step option execute the installation step by step, which
# is ideal to find bugs.
#
Expand Down Expand Up @@ -145,7 +142,7 @@ CHECK_URL1="debian.org"
CHECK_URL2="google.com"

# Catching command line options
OPTIONS=$(getopt -o h --long help,randomize_hostname,select-tor,select-fork:,select-branch:,on_a_cloud,step_by_step -n 'run-install' -- "$@")
OPTIONS=$(getopt -o h --long help,randomize_hostname,select-tor,select-fork:,select-branch:,step_by_step -n 'run-install' -- "$@")
if [ $? != 0 ] ; then echo "Syntax error!"; echo ""; OPTIONS="-h" ; fi
eval set -- "$OPTIONS"

Expand All @@ -159,7 +156,7 @@ while true; do
case "$1" in
-h | --help )
echo "Copyright (C) 2023 Patrick Truffer, nyxnor (Contributor)"
echo "Syntax : run_install_debian.sh [-h|--help] [--randomize_hostname] [--select-tor] [--select-fork fork_name] [--select-branch branch_name] [--on_a_cloud] [--step_by_step]"
echo "Syntax : run_install_debian.sh [-h|--help] [--randomize_hostname] [--select-tor] [--select-fork fork_name] [--select-branch branch_name] [--step_by_step]"
echo "Options: -h, --help : Shows this help screen ;-)"
echo " --randomize_hostname"
echo " : Randomizes the hostname to prevent ISPs to see the default"
Expand All @@ -168,7 +165,6 @@ while true; do
echo " : Let select a specific fork from a GitHub user (fork_owner_name)"
echo " --select-branch branch_name"
echo " : Let select a specific TorBox branch (default: master)"
echo " --on_a_cloud : Installing on a cloud or as a cloud service"
echo " --step_by_step : Executes the installation step by step"
echo ""
echo "Please before starting the installation ensure that the user account \"torbox\" is already created"
Expand All @@ -190,7 +186,6 @@ while true; do
[ ! -z "$2" ] && TORBOXMENU_BRANCHNAME="$2"
shift 2
;;
--on_a_cloud ) ON_A_CLOUD="--on_a_cloud"; shift ;;
--step_by_step ) STEP_BY_STEP="--step_by_step"; shift ;;
-- ) shift; break ;;
* ) break ;;
Expand Down Expand Up @@ -499,7 +494,7 @@ select_and_install_tor()

###### DISPLAY THE INTRO ######
clear
if (whiptail --title "TorBox Installation on Raspberry Pi OS (scroll down!)" --scrolltext --no-button "INSTALL" --yes-button "STOP!" --yesno " WELCOME TO THE INSTALLATION OF TORBOX ON RASPBERRY PI OS\n\nBefore we start, please ensure that you have already created a user account \"torbox\" and are currently logged in as such. Also, at the end of the installation, we will remove Rasperi Pi OS's auto-login feature - be sure you know your password for \"torbox\"!!\n\nBy the way, this script should be started as \"./run_install\" (without sudo !!) in your home directory, which is \"/home/torbox\".The installation process runs almost without user interaction. However, macchanger will ask for enabling an autmatic change of the MAC address - REPLY WITH NO!\n\nTHIS INSTALLATION WILL CHANGE/DELETE THE CURRENT CONFIGURATION!\n\nIMPORTANT\nInternet connectivity is necessary for the installation.\n\nAVAILABLE OPTIONS\n-h, --help : shows a help screen\n--randomize_hostname\n : randomizes the hostname to prevent ISPs to see the default\n--select-tor : select a specific tor version\n--select-fork fork_owner_name\n : select a specific fork from a GitHub user\n--select-branch branch_name\n : select a specific TorBox branch\n--on_a_cloud : installing on a cloud or as a cloud service.\n--step_by_step : executes the installation step by step.\n\nIn case of any problems, contact us on https://www.torbox.ch." $MENU_HEIGHT_25 $MENU_WIDTH); then
if (whiptail --title "TorBox Installation on Raspberry Pi OS (scroll down!)" --scrolltext --no-button "INSTALL" --yes-button "STOP!" --yesno " WELCOME TO THE INSTALLATION OF TORBOX ON RASPBERRY PI OS\n\nBefore we start, please ensure that you have already created a user account \"torbox\" and are currently logged in as such. Also, at the end of the installation, we will remove Rasperi Pi OS's auto-login feature - be sure you know your password for \"torbox\"!!\n\nBy the way, this script should be started as \"./run_install\" (without sudo !!) in your home directory, which is \"/home/torbox\".The installation process runs almost without user interaction. However, macchanger will ask for enabling an autmatic change of the MAC address - REPLY WITH NO!\n\nTHIS INSTALLATION WILL CHANGE/DELETE THE CURRENT CONFIGURATION!\n\nIMPORTANT\nInternet connectivity is necessary for the installation.\n\nAVAILABLE OPTIONS\n-h, --help : shows a help screen\n--randomize_hostname\n : randomizes the hostname to prevent ISPs to see the default\n--select-tor : select a specific tor version\n--select-fork fork_owner_name\n : select a specific fork from a GitHub user\n--select-branch branch_name\n : select a specific TorBox branch\n--step_by_step : executes the installation step by step.\n\nIn case of any problems, contact us on https://www.torbox.ch." $MENU_HEIGHT_25 $MENU_WIDTH); then
clear
exit
fi
Expand Down Expand Up @@ -630,8 +625,9 @@ fi
clear
echo -e "${RED}[+] Step 4: Installing all necessary packages....${NOCOLOR}"
# Installation of standard packages
# NEW post-v.0.5.3: openssl ca-certificates added
check_install_packages "hostapd isc-dhcp-server usbmuxd dnsmasq dnsutils tcpdump iftop vnstat debian-goodies apt-transport-https dirmngr python3-pip python3-pil imagemagick tesseract-ocr ntpdate screen git openvpn ppp python3-stem raspberrypi-kernel-headers dkms nyx apt-transport-tor qrencode nginx basez iptables ipset macchanger openssl ca-certificates lshw"
# check_install_packages "hostapd isc-dhcp-server usbmuxd dnsmasq dnsutils tcpdump iftop vnstat debian-goodies apt-transport-https dirmngr python3-pip python3-pil imagemagick tesseract-ocr ntpdate screen git openvpn ppp python3-stem raspberrypi-kernel-headers dkms nyx apt-transport-tor qrencode nginx basez iptables ipset macchanger openssl ca-certificates lshw"
# NEW for TorBox mini: raspberrypi-kernel-headers dkms removed
check_install_packages "hostapd isc-dhcp-server usbmuxd dnsmasq dnsutils tcpdump iftop vnstat debian-goodies apt-transport-https dirmngr python3-pip python3-pil imagemagick tesseract-ocr ntpdate screen git openvpn ppp python3-stem nyx apt-transport-tor qrencode nginx basez iptables ipset macchanger openssl ca-certificates lshw"
# Installation of developper packages - THIS PACKAGES ARE NECESARY FOR THE COMPILATION OF TOR!! Without them, tor will disconnect and restart every 5 minutes!!
check_install_packages "build-essential automake libevent-dev libssl-dev asciidoc bc devscripts dh-apparmor libcap-dev liblzma-dev libsystemd-dev libzstd-dev quilt zlib1g-dev"
# IMPORTANT tor-geoipdb installs also the tor package
Expand Down Expand Up @@ -973,11 +969,11 @@ echo -e "${RED}[+]${NOCOLOR} Copied /etc/motd -- backup done"
(sudo cp /etc/network/interfaces /etc/network/interfaces.bak) 2>/dev/null
sudo cp etc/network/interfaces.mini /etc/network/interfaces
echo -e "${RED}[+]${NOCOLOR} Copied /etc/network/interfaces -- backup done"
#sudo cp etc/systemd/system/rc-local.service /etc/systemd/system/rc-local.service
#(sudo cp /etc/rc.local /etc/rc.local.bak) 2>/dev/null
#sudo cp etc/rc.local /etc/
#sudo chmod a+x /etc/rc.local
#echo -e "${RED}[+]${NOCOLOR} Copied /etc/rc.local -- backup done"
sudo cp etc/systemd/system/rc-local.service /etc/systemd/system/rc-local.service
(sudo cp /etc/rc.local /etc/rc.local.bak) 2>/dev/null
sudo cp etc/rc.local.mini /etc/rc.local
sudo chmod a+x /etc/rc.local
echo -e "${RED}[+]${NOCOLOR} Copied /etc/rc.local -- backup done"
if grep -q "#net.ipv4.ip_forward=1" /etc/sysctl.conf ; then
sudo cp /etc/sysctl.conf /etc/sysctl.conf.bak
sudo sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf
Expand Down Expand Up @@ -1110,16 +1106,9 @@ sudo sed -i "s|^GO_DL_PATH=.*|GO_DL_PATH=${GO_DL_PATH}|g" ${RUNFILE}
sudo sed -i "s|^OBFS4PROXY_USED=.*|OBFS4PROXY_USED=${OBFS4PROXY_USED}|g" ${RUNFILE}
sudo sed -i "s|^SNOWFLAKE_USED=.*|SNOWFLAKE_USED=${SNOWFLAKE_USED}|g" ${RUNFILE}
sudo sed -i "s|^WIRINGPI_USED=.*|WIRINGPI_USED=${WIRINGPI_USED}|g" ${RUNFILE}
# NEW v.0.5.4: Specifc configurations for an installation on a cloud
# Important: Randomizing MAC addresses could prevent the assignement of an IP address
if [ "$ON_A_CLOUD" == "--on_a_cloud" ]; then
sed -i "s/^FRESH_INSTALLED=.*/FRESH_INSTALLED=1/" ${RUNFILE}
sed -i "s/^ON_A_CLOUD=.*/ON_A_CLOUD=1/" ${RUNFILE}
sed -i "s/=random/=permanent/" ${RUNFILE}
else
sed -i "s/^FRESH_INSTALLED=.*/FRESH_INSTALLED=3/" ${RUNFILE}
sed -i "s/^ON_A_CLOUD=.*/ON_A_CLOUD=0/" ${RUNFILE}
fi
sudo sed -i "s/^FRESH_INSTALLED=.*/FRESH_INSTALLED=3/" ${RUNFILE}
sudo sed -i "s/^ON_A_CLOUD=.*/ON_A_CLOUD=0/" ${RUNFILE}

# NEW for TorBox mini: Set a flag (only in this installation script!)
sed -i "s/^TORBOX_MINI=.*/TORBOX_MINI=1/" ${RUNFILE}

Expand Down
10 changes: 5 additions & 5 deletions install/run_install_on_ubuntu.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1229,12 +1229,12 @@ sudo sed -i "s|^WIRINGPI_USED=.*|WIRINGPI_USED=${WIRINGPI_USED}|g" ${RUNFILE}
# NEW v.0.5.4: Specifc configurations for an installation on a cloud
# Important: Randomizing MAC addresses could prevent the assignement of an IP address
if [ "$ON_A_CLOUD" == "--on_a_cloud" ]; then
sed -i "s/^FRESH_INSTALLED=.*/FRESH_INSTALLED=1/" ${RUNFILE}
sed -i "s/^ON_A_CLOUD=.*/ON_A_CLOUD=1/" ${RUNFILE}
sed -i "s/=random/=permanent/" ${RUNFILE}
sudo sed -i "s/^FRESH_INSTALLED=.*/FRESH_INSTALLED=1/" ${RUNFILE}
sudo sed -i "s/^ON_A_CLOUD=.*/ON_A_CLOUD=1/" ${RUNFILE}
sudo sed -i "s/=random/=permanent/" ${RUNFILE}
else
sed -i "s/^FRESH_INSTALLED=.*/FRESH_INSTALLED=3/" ${RUNFILE}
sed -i "s/^ON_A_CLOUD=.*/ON_A_CLOUD=0/" ${RUNFILE}
sudo sed -i "s/^FRESH_INSTALLED=.*/FRESH_INSTALLED=3/" ${RUNFILE}
sudo sed -i "s/^ON_A_CLOUD=.*/ON_A_CLOUD=0/" ${RUNFILE}
fi

if [ "$STEP_BY_STEP" = "--step_by_step" ]; then
Expand Down

0 comments on commit 845fb80

Please sign in to comment.