9415174eba
* Fix log file access, refactor configuration reading class * Remove bypass option in favor of failmode * fix loging, print enrolment info * Add EMAIL method * Add yubi authentication method * Add support for verification message * Add verification * Made changes in Vagrant's files to run different OSs * Switch off tests and packages demands to run PAM on Debian 11 * Add authentication totp * Changes in utils * Remove unnessesary interface * Changed vagrant files and postinstal script for Ubuntu 20 and 22 * Moved adding PasswordAuth to vagrant file from posinst * Added ubuntu 24.04 * Set version * Poprawki UI * WebSocket implementation * Add totp authentication method * fixup changes in utils * Remove unnessesary interface and simplify code * Remove "default" message handler from WebSocket class * Change display names of known authentication methods * Cleanup code in 'main' file * Add CheckApplication * Remove unused function * Changed vagrant files and postinstal script for Ubuntu 20 and 22 * Moved adding PasswordAuth to vagrant file from posinst * Added ubuntu 24.04 * Set version to 2.0.2 * Proper handle for missing configuration * Fixup use value of optional object * Add more vCPU/RAM to vagrant VM's + fix translations * Minor WS fixes, translations * Proper handler for Werification error * Make use of prompt parameter * Add max number of prompts * remove unused code, fir includes * Add Waiting status * Add check application status check --------- Co-authored-by: Madzik <m.w@linux.pl>
83 lines
3.1 KiB
Ruby
Executable File
83 lines
3.1 KiB
Ruby
Executable File
# -*- mode: ruby -*-
|
|
# vi: set ft=ruby :
|
|
|
|
# Default
|
|
# ----------------------
|
|
# login: root
|
|
# pass: vagrant
|
|
Vagrant.configure("2") do |config|
|
|
# Basic configuration
|
|
config.vm.provider "virtualbox"
|
|
config.vm.box = "debian/bullseye64"
|
|
config.ssh.forward_agent = true
|
|
|
|
# Create a public network, which generally matched to bridged network.
|
|
# Bridged networks make the machine appear as another physical device on
|
|
# your network.
|
|
config.vm.network "public_network"
|
|
|
|
# Share an additional folder to the guest VM. The first argument is
|
|
# the path on the host to the actual folder. The second argument is
|
|
# the path on the guest to mount the folder. And the optional third
|
|
# argument is a set of non-required options.
|
|
config.vm.synced_folder "../../..", "/home/vagrant/Rublon-Linux"
|
|
|
|
config.vm.provider "virtualbox" do |vb|
|
|
vb.memory = 1024
|
|
vb.cpus = 4
|
|
# Display the VirtualBox GUI when booting the machine
|
|
vb.gui = true
|
|
|
|
# Fix for 'SSH auth method: Private key' stuck
|
|
vb.customize ["modifyvm", :id, "--cableconnected1", "on"]
|
|
end
|
|
|
|
# Enable provisioning with a shell script. Additional provisioners such as
|
|
# Ansible, Chef, Docker, Puppet and Salt are also available. Please see the
|
|
# documentation for more information about their specific syntax and use.
|
|
config.vm.provision "shell", inline: <<-SHELL
|
|
|
|
DEBIAN_FRONTEND=noniteracactive\
|
|
apt-get update && apt-get install -y \
|
|
gcc \
|
|
build-essential \
|
|
openssh-server \
|
|
libcurl4-openssl-dev \
|
|
libpam0g-dev \
|
|
libssl-dev \
|
|
git \
|
|
rapidjson-dev \
|
|
cmake
|
|
|
|
# get dependencies
|
|
git clone --recurse-submodules https://github.com/socketio/socket.io-client-cpp.git
|
|
mkdir socket.io-client-cpp/build; cd socket.io-client-cpp/build
|
|
cmake -DCMAKE_POSITION_INDEPENDENT_CODE=ON -DCMAKE_BUILD_TYPE=Release ..
|
|
cmake --build . --target install
|
|
|
|
# Build project
|
|
cd /home/vagrant/Rublon-Linux
|
|
cmake -B buildir && cmake --build buildir
|
|
|
|
# Install
|
|
sudo cmake --install buildir
|
|
sudo install -m 644 rsc/rublon.config.defaults /etc/rublon.config
|
|
|
|
# Register Rublon pam
|
|
SSHD_CONF=/etc/ssh/sshd_config
|
|
SSHD_PAM_CONF=/etc/pam.d/sshd
|
|
|
|
grep -qe "^PasswordAuthentication" $SSHD_CONF && sed -i 's/^#*PasswordAuthentication[[:space:]]\+.*/PasswordAuthentication yes/' $SSHD_CONF || echo "PasswordAuthentication yes" >> $SSHD_CONF
|
|
grep -qe "^ChallengeResponseAuthentication" $SSHD_CONF && sed -i 's/^#*ChallengeResponseAuthentication[[:space:]]\+.*/ChallengeResponseAuthentication yes/' $SSHD_CONF || echo "ChallengeResponseAuthentication yes" >> $SSHD_CONF
|
|
grep -qe "^UsePAM" $SSHD_CONF && sed -i 's/^#*UsePAM[[:space:]]\+.*/UsePAM yes/' $SSHD_CONF || echo "UsePAM yes" >> $SSHD_CONF
|
|
|
|
grep -qe 'auth required pam_rublon.so' $SSHD_PAM_CONF || sed -i '\$aauth required pam_rublon.so' $SSHD_PAM_CONF
|
|
grep -qe 'account required pam_rublon.so' $SSHD_PAM_CONF || sed -i '\$aaccount required pam_rublon.so' $SSHD_PAM_CONF
|
|
|
|
useradd -s /bin/bash -m bwi
|
|
echo "bwi:bwi"|chpasswd
|
|
|
|
service sshd restart
|
|
SHELL
|
|
end
|