# Federated Computer functions # Define all services CORE_APPS=("pdnsmysql" "pdns" "pdnsadmin" "traefik" "postgresql" "ldap") EXTRA_APPS=("mail" "collabora" "authelia" "nextcloud" "matrix" "element" "listmonk" "vaultwarden" "panel" "wireguard" "jitsi" "baserow" "gitea" "caddy" "autodiscover" "castopod" "wordpress" "coturn" "bookstack" "freescout" "msp" "espocrm" "nginx" "matrixslack" "matrixsignal" "matrixwhatsapp" "dashboard" "jitsiopenid" "roundcube" "redis" "discourse" "wordpressshop" "plane" "calcom") SERVICES=("${CORE_APPS[@]}" "${EXTRA_APPS[@]}") failts() { echo "$*" >&2; exit 1; } run_command() { $1 &> /dev/null if [[ $? -ne 0 ]]; then echo "* FAILED - Couldn't run \"$1\"" >&2 else return 0 fi } fail() { echo -ne "FAILED\n\n$1\n\n" kill -9 $SPINPID &> /dev/null # [ -d "apps/dns" ] && rm -rf apps/dns # docker network rm fstack &> /dev/null exit 2; } failcheck() { echo -ne "\n\nFAILED - $1\n\n" exit 2; } cleanup() { kill -9 $SPINPID &> /dev/null exit 2; } spin() { spinner="/|\\-/|\\-" while : do for i in `seq 0 7` do echo -n "${spinner:$i:1}" echo -en "\010" sleep 1 done done } update_alpine() { apk update &> /dev/null [ $? -ne 0 ] && fail "Failed running apk update" apk upgrade &> /dev/null [ $? -ne 0 ] && fail "Failed running apk upgrade" } install_packages_alpine() { # Install docker packages apk add docker docker-cli-compose &> /dev/null [ $? -ne 0 ] && failcheck "Failed running apk add docker docker-cli-compose" # Start docker rc-update add docker default [ $? -ne 0 ] && failcheck "Failed running rc-update add docker default" service docker start [ $? -ne 0 ] && failcheck "Failed running service docker start" # Install extra packages apk add duplicity apache2-utils pipx curl htop bind-tools openssl &> /dev/null [ $? -ne 0 ] && failcheck "Failed running apk add duplicity apache2-utils pipx curl htop bind-tools openssl" # Install b2 through pipx pipx install b2 &> /dev/null [ $? -ne 0 ] && failcheck "Failed running pipx install b2" pipx ensurepath &> /dev/null [ $? -ne 0 ] && failcheck "Failed running pipx ensurepath" echo 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/root/.local/bin/' > /root/.bashrc # Install Traefik certs dumper curl -sfL https://raw.githubusercontent.com/ldez/traefik-certs-dumper/master/godownloader.sh | bash -s -- -b $(go env GOPATH 2>/dev/null)/bin v2.8.1 &> /dev/null [ $? -ne 0 ] && failcheck "Failed running curl to get traefik certs dumper" } send_alert_backups() { EXTERNALIP=`dig @resolver4.opendns.com myip.opendns.com +short 2> /dev/null` echo "Generated by /federated/bin/backuptool" > /federated/apps/mail/data/root/certs/mailfile docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"backuptool failed to run on $EXTERNALIP - low disk\" $ALERTS_EMAIL < /root/certs/mailfile" } send_alert_upgrade() { . /etc/federated EXTERNALIP=`dig @resolver4.opendns.com myip.opendns.com +short 2> /dev/null` echo "Generated by /federated/bin/upgrade" > /federated/apps/mail/data/root/certs/mailfile docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"upgrade failed to run on $EXTERNALIP - couldn't pull from git\" $ALERTS_EMAIL < /root/certs/mailfile" } add_cron() { cat > /etc/logrotate.d/federated </dev/null; echo "30 $CRONHOUR_BACKUP * * * date >> /federated/logs/backup.log && /federated/bin/backuptool -b all >> /federated/logs/backup.log 2>&1") | sort -u | crontab - (crontab -l 2>/dev/null; echo "0 2 * * * date >> /federated/logs/upgrade.log && /federated/bin/upgrade >> /federated/logs/upgrade.log 2>&1") | sort -u | crontab - (crontab -l 2>/dev/null; echo "0 3 * * * date >> /federated/logs/dumpcerts.log && /federated/bin/dumpcerts >> /federated/logs/dumpcerts.log 2>&1") | sort -u | crontab - if [[ "${PLUS}" != "true" ]]; then (crontab -l 2>/dev/null; echo "*/5 * * * * /usr/bin/docker exec -u 33 nextcloud php -f /var/www/html/cron.php") | sort -u | crontab - fi } install_federated() { # Check if Federated is already installed then install [ -d "/federated" ] && fail "Directory /federated already exists. Already installed?" API_TOKEN="6f3d11bee38b636e593aba295d661b9908b42134" git clone https://installcore:$API_TOKEN@code.federated.company/federatedcomputer/Core /federated } current_version() { local V="" if [ -e /federated/services/$1/service ]; then . /federated/services/$1/service V="$VERSION" fi if [ -z "$V" ]; then V="$(cat /federated/lib/latest-versions |grep "^$1=" |cut -d= -f2-)" fi echo $V } upgrade_federated() { echo -ne "\n* Updating federated install.." [ ! -d "/federated" ] && fail "Directory /federated doesn't exist." echo -ne "\n* Grabbing the latest version from Gitea.." API_TOKEN="6f3d11bee38b636e593aba295d661b9908b42134" cd /federated && git pull https://installcore:$API_TOKEN@code.federated.company/federatedcomputer/Core if [ $? -ne 0 ]; then send_alert_upgrade fail "Git pull not working on update of federated." fi echo -ne "\n* Checking installed app versions with latest-versions." APP_DOTS='......................' for i in /federated/apps/*; do APP=$(basename $i) VERSION="" if [ -e /federated/services/${APP}/service ]; then . /federated/services/${APP}/service if [ -z "$VERSION" ]; then echo "WARNING: No service file in ${APP} service file" >&2 VERSION="$(cat /federated/lib/latest-versions |grep ^${APP}= |cut -d= -f2-)" fi else echo "WARNING: No service file for ${APP} found" >&2 VERSION="$(cat /federated/lib/latest-versions |grep ^${APP}= |cut -d= -f2-)" fi if [ -z "$VERSION" ]; then echo "WARNING: No version information for ${APP} found" >&2 continue fi printf "\n%s %s" "$APP" "${APP_DOTS:${#APP}} " if [ -f "/federated/apps/$APP/.env" ]; then [[ $(grep IMAGE_VERSION_HOLD /federated/apps/$APP/.env) ]] && echo -ne "version hold found, skipping." && continue if [ "$APP" = "jitsi" ]; then if [ "$JITSI_SCALE" = "server" ]; then [[ "$(docker container inspect -f '{{.State.Status}}' jitsi-jvb-1 2>/dev/null)" != "running" ]] && APP_NOTRUNNING="true" else [[ "$(docker container inspect -f '{{.State.Status}}' jitsi-web-1 2>/dev/null)" != "running" ]] && APP_NOTRUNNING="true" fi else [[ "$(docker container inspect -f '{{.State.Status}}' $APP 2>/dev/null)" != "running" ]] && APP_NOTRUNNING="true" fi APP_VERSION_RAW=`grep IMAGE_VERSION /federated/apps/$APP/.env | awk -F= '{ print $2 }'` APP_VERSION="${APP_VERSION_RAW//\"}" if [ "$APP_VERSION" = "$VERSION" ]; then printf "%s" "is already at the latest version." else NC_COMMAND=`grep start_service /federated/lib/$APP.sh | awk -F\" '{ print $4 }'` echo -ne "upgrading to $VERSION..\n" if [[ ! "$APP_NOTRUNNING" ]]; then echo -ne "\n Shutting Down $APP.." cd /federated/apps/$APP && docker compose -f docker-compose.yml -p $APP down fi if [ "$APP" = "jitsi" ]; then sed -i "s/#JITSI_IMAGE_VERSION=.*/JITSI_IMAGE_VERSION=$VERSION/g" /federated/apps/$APP/.env sed -i "s/JITSI_IMAGE_VERSION=.*/JITSI_IMAGE_VERSION=$VERSION/g" /federated/apps/$APP/.env else sed -i "s#VERSION=.*#VERSION=$VERSION#g" /federated/apps/$APP/.env fi if [[ "$APP_NOTRUNNING" ]]; then echo -ne "$APP was already shut down so we won't be starting it.\n" else /federated/bin/start $APP echo -ne "Done upgrading $APP to $VERSION.\n" fi fi APP_NOTRUNNING="" else printf "%s" "not installed." fi done echo -ne "\n" echo -ne "\n* Getting upgrade script from Upgrades repo.." curl -s -f https://$API_TOKEN@code.federated.company/federatedcomputer/Upgrades/raw/branch/master/upgrade.sh > /tmp/upgrade.sh if [ $? -ne 0 ]; then echo "not found." else echo -ne "\n* Found. Running /tmp/upgrade.sh..\n\n" chmod +x /tmp/upgrade.sh bash -c /tmp/upgrade.sh if [ $? -ne 0 ]; then rm /tmp/upgrade.sh fail "There was an error running /tmp/upgrade.sh" else rm /tmp/upgrade.sh echo -ne "\nDone.\n" fi fi } create_password() { # eval $1_var=$1 # echo "$postgres_var" SECRET=`tr -cd '[:alnum:]' < /dev/urandom | fold -w32 | head -n1` echo "$SECRET"; } get_externalip() { EXTERNALIP="$(dig @resolver4.opendns.com myip.opendns.com +short 2> /dev/null)" if [ -n "$EXTERNALIP" ]; then echo "$EXTERNALIP" else # Try to get a reasonable response even if opendns is down ip route list default |sed -e 's,.*src ,,;s, .*,,' fi } start_service_convert() { SERVICE="$1" COMMAND="$2" # Start /federated/apps/SERVICE with output to /dev/null echo -ne "\n* Starting /federated/apps/$SERVICE service.." docker compose -f /federated/apps/$SERVICE/docker-compose.yml -p $SERVICE up -d &> /dev/null # Keep trying service port to make sure it's up before # we proceed RETRY="40" while [ $RETRY -gt 0 ]; do bash -c "$COMMAND" &> /dev/null if [ $? -eq 0 ]; then break else if [ "$RETRY" == 1 ]; then docker compose -f /federated/apps/$SERVICE/docker-compose.yml -p $SERVICE down &> /dev/null fail "There was a problem starting service /federated/apps/$SERVICE\nCheck the output of 'docker logs $SERVICE' or turn on\ndebug with -d" fi ((RETRY--)) sleep 7 fi done } start_service_upgrade() { SERVICE="$1" COMMAND="$2" # Start /federated/apps/SERVICE with output to /dev/null echo -ne "\n* Starting /federated/apps/$SERVICE service.." if [ $DEBUG ]; then # Start /federated/apps/SERVICE with output to console for debug docker compose -f /federated/apps/$SERVICE/docker-compose.yml -p $SERVICE up [ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service /federated/apps/$SERVICE" else docker compose -f /federated/apps/$SERVICE/docker-compose.yml -p $SERVICE up -d &> /dev/null # Keep trying service port to make sure it's up before # we proceed RETRY="30" while [ $RETRY -gt 0 ]; do bash -c "$COMMAND" &> /dev/null if [ $? -eq 0 ]; then break else if [ "$RETRY" == 1 ]; then docker compose -f /federated/apps/$SERVICE/docker-compose.yml -p $SERVICE down &> /dev/null fail "There was a problem starting service /federated/apps/$SERVICE\nCheck the output of 'docker logs $SERVICE' or turn on\ndebug with -d" fi ((RETRY--)) sleep 7 fi done fi } start_service_withalert2() { SERVICE="$1" COMMAND="$2" RETRY="$3" ALERT="$4" # First start the service docker compose -f /federated/apps/$SERVICE/docker-compose.yml -p $SERVICE up -d &> /dev/null # Keep trying service COMMAND to make sure it's up before we proceed while [ "$RETRY" -gt "0" ]; do bash -c "eval $COMMAND" &> /dev/null if [ $? -eq 0 ]; then break else # When RETRY gets down to 1 then we have failed if [ "$RETRY" == 1 ]; then # disown $SPINPID &> /dev/null # kill -9 $SPINPID &> /dev/null FAILED="yes" if [ "$ALERT" = "yes" ]; then EXTERNALIP=`dig @resolver4.opendns.com myip.opendns.com +short 2> /dev/null` docker compose -f /federated/apps/$SERVICE/docker-compose.yml -p $SERVICE down &> /dev/null echo "Generated by /federated/bin/start" > /federated/apps/mail/data/root/certs/mailfile docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"$SERVICE failed to start on $EXTERNALIP\" $ALERTS_EMAIL < /root/certs/mailfile" echo -ne "\nThere was a problem starting service /federated/apps/$SERVICE\nCheck the output of 'docker logs $SERVICE' while starting or run\ndocker compose -f /federated/apps/$SERVICE/docker-compose.yml -p $SERVICE up\n" else docker compose -f /federated/apps/$SERVICE/docker-compose.yml -p $SERVICE down &> /dev/null echo -ne "\nThere was a problem starting service /federated/apps/$SERVICE\nCheck the output of 'docker logs $SERVICE' while starting or run\ndocker compose -f /federated/apps/$SERVICE/docker-compose.yml -p $SERVICE up\n" fi echo -ne "\n" fi ((RETRY--)) sleep 7 fi done } start_service_withalert() { SERVICE="$1" COMMAND="$2" RETRY="$3" ALERT="$4" echo -ne "* Starting $SERVICE.." docker compose -f /federated/apps/$SERVICE/docker-compose.yml -p $SERVICE up -d &> /dev/null # Keep trying service port to make sure it's up before # we proceed while [ $RETRY -gt 0 ]; do bash -c "eval $COMMAND" &> /dev/null if [ $? -eq 0 ]; then break else if [ "$RETRY" == 1 ]; then disown $SPINPID &> /dev/null kill -9 $SPINPID &> /dev/null FAILED="yes" if [ "$ALERT" = "yes" ]; then EXTERNALIP=`dig @resolver4.opendns.com myip.opendns.com +short 2> /dev/null` docker compose -f /federated/apps/$SERVICE/docker-compose.yml -p $SERVICE down &> /dev/null echo "Generated by /federated/bin/start" > /federated/apps/mail/data/root/certs/mailfile docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"$SERVICE failed to start on $EXTERNALIP\" $ALERTS_EMAIL < /root/certs/mailfile" echo -ne "\n\nThere was a problem starting service /federated/apps/$SERVICE\nCheck the output of 'docker logs $SERVICE' or turn on\ndebug with set -x\n\n" else docker compose -f /federated/apps/$SERVICE/docker-compose.yml -p $SERVICE down &> /dev/null echo -ne "\n\nThere was a problem starting service /federated/apps/$SERVICE\nCheck the output of 'docker logs $SERVICE' or turn on\ndebug with set -x\n\n" fi fi ((RETRY--)) sleep 7 fi done } start_service() { SERVICE="$1" COMMAND="$2" RETRY="$3" local DEPENDS="" # Start /federated/apps/SERVICE with output to /dev/null echo -ne "* Starting $SERVICE.." if [ -e /federated/services/$SERVICE/service ]; then . /federated/services/$SERVICE/service if [ -n "$DEPENDS" ]; then echo "Ensuring dependencies are up and running" local dep for dep in $DEPENDS; do echo "* ... $dep" if ! /federated/bin/check $dep; then /federated/bin/fix $dep fi done fi fi if [ $DEBUG ]; then # Start /federated/apps/SERVICE with output to console for debug docker compose -f /federated/apps/$SERVICE/docker-compose.yml -p $SERVICE up [ $? -eq 0 ] && echo -ne "done.\n" || fail "There was a problem starting service /federated/apps/$SERVICE" else docker compose -f /federated/apps/$SERVICE/docker-compose.yml -p $SERVICE up -d &>/dev/null # Keep trying service port to make sure it's up before # we proceed while [ $RETRY -gt 0 ]; do bash -c "$COMMAND" &> /dev/null if [ $? -eq 0 ]; then break else if [ "$RETRY" == 1 ]; then docker compose -f /federated/apps/$SERVICE/docker-compose.yml -p $SERVICE down &> /dev/null kill -9 $SPINPID &> /dev/null fail "There was a problem starting service /federated/apps/$SERVICE\nCheck the output of 'docker logs $SERVICE' or turn on\ndebug with set -x" fi if [ "$SERVICE" = "pdnsmysql" ]; then # Workaround for an obscure bug where network connections from the outside aren't # accepted until a network connection has been created from the inside. # Seems to occur at semi-random, more frequently with docker 27.5.1 # A simple ping -c1 1.1.1.1 would probably be sufficient, but ping and # friends don't exist in the mariadb container # FIXME we should fix this properly instead of applying this workaround # some time. docker exec $SERVICE apt update fi ((RETRY--)) sleep 7 fi done fi } print_details_migrated() { cat > /federated/apps/mail/data/root/certs/mailfile <

You are now migrated to $DOMAIN

Credentials will be the same as the admin user and listmonk user in the original welcome e-mail.
Here is your applications reference chart with $DOMAIN:

Applications

Service Link User / Pass Access Docs Description
Panel panel.$DOMAIN admin@$DOMAIN
admin password above		 All users added in panel can access panel with their own user@$DOMAIN Click here Use panel to create user accounts for your team and change passwords
Email nextcloud.$DOMAIN
WebMail application		 admin@$DOMAIN
admin password above		 All users added in panel can access their own mail accounts through Nextcloud or mail client using user@$DOMAIN Click here This is your own private e-mail service accessed through Nextcloud webmail or configure a mail client with SMTP mail.$DOMAIN (port 465), and IMAP mail.$DOMAIN (port 993)
Nextcloud nextcloud.$DOMAIN admin@$DOMAIN
admin password above		 All users added in panel can access Nextcloud / Email with their own user@$DOMAIN account Click here The Nextcloud Suite replaces google workspace which provides mail, calendar, contacts, notes, tasks, files, word processing, spreadsheets, project management, slides, and pictures
Jitsi jitsi.$DOMAIN admin
admin password above		 All users added in panel can access Jitsi with their own user account using 'username' Click here Jitsi is a zoom replacement video conferencing solution
Element element.$DOMAIN admin@$DOMAIN
admin password above		 All users added in panel can access element / matrix with their own user@$DOMAIN account Click here Element (a Slack replacement) provides you the ability to chat with those on your team and outside of your team
Listmonk listmonk.$DOMAIN listmonk
listmonk password above		 User access is separate from panel. There is only the listmonk user Click here Listmonk is (a replacement for Mailchimp) is used to create e-mail subscription lists
Baserow baserow.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel. Use the admin account to login and then invite other users Click here Baserow (Air table replacement) allows you to create and customize databases without writing any code
Vaultwarden vaultwarden.$DOMAIN Create your own user User access is separate from panel. Create your own initial user Click here Vaultwarden is a password manager
Gitea gitea.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel Click here Gitea is a code repository system similar to GitHub
PowerDNS powerdns.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel Click here PowerDNS is a powerful tool for managing DNS of your domain
Castopod castopod.$DOMAIN/cp-auth/login admin@$DOMAIN
admin password above		 User access is separate from panel Click here Castopod is a full platform for hosting and delivering podcasts to your audience
Wordpress www.$DOMAIN/login admin@$DOMAIN
admin password above		 User access is separate from panel Click here Wordpress is a dynamic content management solution used by 10s of millions of websites around the globe
Autodiscovery autodiscover.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel Click here Auto discovery is a service to provide automatic mail configurations for mail clients
Bookstack bookstack.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel Click here Bookstack is a simple, open-source, self-hosted, easy-to-use platform (Wiki) for organising and storing information
Freescout freescout.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel Click here FreeScout is the super lightweight and powerful free open source help desk
Music Side Project msp.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel Click here Music Side Project Studio enables you to harness the potential of RSS feeds and the Lightning Network, allowing you to self-host your music and receive direct payment from your fans
EspoCRM espocrm.$DOMAIN admin@$DOMAIN
admin password above		 All users in panel can access EspoCRM using user@domain.com Click here EspoCRM is an Open Source CRM (Customer Relationship Management) software that allows you to see, enter and evaluate all your company relationships

Thanks for your support!

Thank you for your support of Federated Computer. We really appreciate it and hope you have a very successful time with Federated Core.

Again, if we can be of any assistance, please don't hesitate to get in touch.

Support: https://support.federated.computer
Phone: (970) 722-8715
Email: support@federated.computer

It's your computer. Let's make it work for you! EOF # Send out e-mail from mail container with details #docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"Migrated To $DOMAIN\" admin@$DOMAIN < /root/certs/mailfile" #docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"Migrated To $DOMAIN\" $EMAIL < /root/certs/mailfile" #cat /federated/apps/mail/data/root/certs/mailfile #rm /federated/apps/mail/data/root/certs/mailfile } print_details_creator() { cat > /federated/apps/mail/data/root/certs/mailfile <
Dear Federated Customer,

Please read this note in its entirety since it has some important information for you to get the best use out of your Federated Core. If you ever get stuck for whatever reason, please reach out to us for support:

Website: https://support.federated.computer
Phone: 970-722-8715
Email: support@federated.computer

We are here to help you, the Customer, get the most out of your Federated Core.

All documentation for your Federated Core can be found at https://documentation.federated.computer. There you'll find tips for how to use your Core and the various open source applications bundled with your Core.

Domain Information

This is your domain: $DOMAIN

If you just signed up for Federated Core, your domain is a temporary domain (example: starts with F...). Please do not change the admin password (see below) until you switch to your own domain name (example: mustache.com). We use the admin account and password for your temporary domain to re-configure all the software for your new/permanent domain. If you have a question about this, send us an email to support@federated.computer.

When you are ready to switch over to your own yourdomain.com send us an e-mail at support@federated.computer and let us know you are done migrating your data, have pointed DNS correctly, and ready for us to switch. We also need to know the yourdomain.com you will be using.

For setting DNS records you will need to set your glue records for your own yourdomain.com to be:

ns1.yourdomain.com - $EXTERNALIP
ns2.yourdomain.com - $EXTERNALIP

And your authoritative:

ns1.yourdomain.com
ns2.yourdomain.com

If you have questions about DNS records, please send us an email at support@federated.computer so that we can help you.

Admin User

There is an "admin" or administrative use that has access to everything on your Federated Core. Here are the credentials for that user.

Username = "admin@$DOMAIN"
Password = "$ADMINPASS"

Applications

Service Link User / Pass Access Docs Description
Panel panel.$DOMAIN admin@$DOMAIN
admin password above		 All users in panel have access using user@$DOMAIN Click here Use panel to create user accounts for your team and change passwords
Email nextcloud.$DOMAIN
WebMail application		 admin@$DOMAIN
admin password above		 All users in panel can access their own mail accounts through Nextcloud or mail client using user@$DOMAIN Click here This is your own private e-mail service accessed through Nextcloud webmail or configure a mail client with SMTP mail.$DOMAIN (port 465), and IMAP mail.$DOMAIN (port 993)
Nextcloud nextcloud.$DOMAIN admin@$DOMAIN
admin password above		 All users in panel have access using user@$DOMAIN Click here The Nextcloud Suite replaces google workspace which provides mail, calendar, contacts, notes, tasks, files, word processing, spreadsheets, project management, slides, and pictures
Autodiscovery autodiscover.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel Click here Auto discovery is a service to provide automatic mail configurations for mail clients
Vaultwarden vaultwarden.$DOMAIN Create your own user User access is separate from panel. Create your own initial user Click here Vaultwarden is a password manager
PowerDNS powerdns.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel Click here PowerDNS is a powerful tool for managing DNS of your domain
Element element.$DOMAIN admin@$DOMAIN
admin password above		 All users added in panel can access element / matrix with their own user@$DOMAIN account Click here Element (a Slack replacement) provides you the ability to chat with those on your team and outside of your team
Wordpress www.$DOMAIN/login admin@$DOMAIN
admin password above		 User access is separate from panel Click here Wordpress is a dynamic content management solution used by 10s of millions of websites around the globe

Thanks for your support!

Thank you for your support of Federated Computer. We really appreciate it and hope you have a very successful time with Federated Core.

Again, if we can be of any assistance, please don't hesitate to get in touch.

Support: https://support.federated.computer
Phone: (970) 722-8715
Email: support@federated.computer

It's your computer. Let's make it work for you! EOF # Send out e-mail from mail container with details #docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"Welcome to Federated\" admin@$DOMAIN < /root/certs/mailfile" #docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"Welcome to Federated\" $EMAIL < /root/certs/mailfile" #cat /federated/apps/mail/data/root/certs/mailfile #rm /federated/apps/mail/data/root/certs/mailfile } print_details_team() { cat > /federated/apps/mail/data/root/certs/mailfile <
Dear Federated Customer,

Please read this note in its entirety since it has some important information for you to get the best use out of your Federated Core. If you ever get stuck for whatever reason, please reach out to us for support:

Website: https://support.federated.computer
Phone: 970-722-8715
Email: support@federated.computer

We are here to help you, the Customer, get the most out of your Federated Core.

All documentation for your Federated Core can be found at https://documentation.federated.computer. There you'll find tips for how to use your Core and the various open source applications bundled with your Core.

Domain Information

This is your domain: $DOMAIN

If you just signed up for Federated Core, your domain is a temporary domain (example: starts with F...). Please do not change the admin password (see below) until you switch to your own domain name (example: mustache.com). We use the admin account and password for your temporary domain to re-configure all the software for your new/permanent domain. If you have a question about this, send us an email to support@federated.computer.

When you are ready to switch over to your own yourdomain.com send us an e-mail at support@federated.computer and let us know you are done migrating your data, have pointed DNS correctly, and ready for us to switch. We also need to know the yourdomain.com you will be using.

For setting DNS records you will need to set your glue records for your own yourdomain.com to be:

ns1.yourdomain.com - $EXTERNALIP
ns2.yourdomain.com - $EXTERNALIP

And your authoritative:

ns1.yourdomain.com
ns2.yourdomain.com

If you have questions about DNS records, please send us an email at support@federated.computer so that we can help you.

Admin User

There is an "admin" or administrative use that has access to everything on your Federated Core. Here are the credentials for that user.

Username = "admin@$DOMAIN"
Password = "$ADMINPASS"

Applications

Service Link User / Pass Access Docs Description
Panel panel.$DOMAIN admin@$DOMAIN
admin password above		 All users in panel have access using user@$DOMAIN Click here Use panel to create user accounts for your team and change passwords
Email nextcloud.$DOMAIN
WebMail application		 admin@$DOMAIN
admin password above		 All users in panel can access their own mail accounts through Nextcloud or mail client using user@$DOMAIN Click here This is your own private e-mail service accessed through Nextcloud webmail or configure a mail client with SMTP mail.$DOMAIN (port 465), and IMAP mail.$DOMAIN (port 993)
Nextcloud nextcloud.$DOMAIN admin@$DOMAIN
admin password above		 All users in panel have access using user@$DOMAIN Click here The Nextcloud Suite replaces google workspace which provides mail, calendar, contacts, notes, tasks, files, word processing, spreadsheets, project management, slides, and pictures
Autodiscovery autodiscover.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel Click here Auto discovery is a service to provide automatic mail configurations for mail clients
Vaultwarden vaultwarden.$DOMAIN Create your own user User access is separate from panel. Create your own initial user Click here Vaultwarden is a password manager
PowerDNS powerdns.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel Click here PowerDNS is a powerful tool for managing DNS of your domain
Element element.$DOMAIN admin@$DOMAIN
admin password above		 All users added in panel can access element / matrix with their own user@$DOMAIN account Click here Element (a Slack replacement) provides you the ability to chat with those on your team and outside of your team
Wordpress www.$DOMAIN/login admin@$DOMAIN
admin password above		 User access is separate from panel Click here Wordpress is a dynamic content management solution used by 10s of millions of websites around the globe
Freescout freescout.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel Click here FreeScout is the super lightweight and powerful free open source help desk
EspoCRM espocrm.$DOMAIN admin@$DOMAIN
admin password above		 All users in panel can access EspoCRM using user@$DOMAIN Click here EspoCRM is an Open Source CRM (Customer Relationship Management) software that allows you to see, enter and evaluate all your company relationships

Thanks for your support!

Thank you for your support of Federated Computer. We really appreciate it and hope you have a very successful time with Federated Core.

Again, if we can be of any assistance, please don't hesitate to get in touch.

Support: https://support.federated.computer
Phone: (970) 722-8715
Email: support@federated.computer

It's your computer. Let's make it work for you! EOF # Send out e-mail from mail container with details #docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"Welcome to Federated\" admin@$DOMAIN < /root/certs/mailfile" #docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"Welcome to Federated\" $EMAIL < /root/certs/mailfile" #cat /federated/apps/mail/data/root/certs/mailfile #rm /federated/apps/mail/data/root/certs/mailfile } print_details_starter() { cat > /federated/apps/mail/data/root/certs/mailfile <
Dear Federated Customer,

Please read this note in its entirety since it has some important information for you to get the best use out of your Federated Core. If you ever get stuck for whatever reason, please reach out to us for support:

Website: https://support.federated.computer
Phone: 970-722-8715
Email: support@federated.computer

We are here to help you, the Customer, get the most out of your Federated Core.

All documentation for your Federated Core can be found at https://documentation.federated.computer. There you'll find tips for how to use your Core and the various open source applications bundled with your Core.

Domain Information

This is your domain: $DOMAIN

If you just signed up for Federated Core, your domain is a temporary domain (example: starts with F...). Please do not change the admin password (see below) until you switch to your own domain name (example: mustache.com). We use the admin account and password for your temporary domain to re-configure all the software for your new/permanent domain. If you have a question about this, send us an email to support@federated.computer.

When you are ready to switch over to your own yourdomain.com send us an e-mail at support@federated.computer and let us know you are done migrating your data, have pointed DNS correctly, and ready for us to switch. We also need to know the yourdomain.com you will be using.

For setting DNS records you will need to set your glue records for your own yourdomain.com to be:

ns1.yourdomain.com - $EXTERNALIP
ns2.yourdomain.com - $EXTERNALIP

And your authoritative:

ns1.yourdomain.com
ns2.yourdomain.com

If you have questions about DNS records, please send us an email at support@federated.computer so that we can help you.

Admin User

There is an "admin" or administrative use that has access to everything on your Federated Core. Here are the credentials for that user.

Username = "admin@$DOMAIN"
Password = "$ADMINPASS"

Applications

Service Link User / Pass Access Docs Description
Panel panel.$DOMAIN admin@$DOMAIN
admin password above		 All users in panel have access using user@$DOMAIN Click here Use panel to create user accounts for your team and change passwords
Email nextcloud.$DOMAIN
WebMail application		 admin@$DOMAIN
admin password above		 All users in panel can access their own mail accounts through Nextcloud or mail client using user@$DOMAIN Click here This is your own private e-mail service accessed through Nextcloud webmail or configure a mail client with SMTP mail.$DOMAIN (port 465), and IMAP mail.$DOMAIN (port 993)
Nextcloud nextcloud.$DOMAIN admin@$DOMAIN
admin password above		 All users in panel have access using user@$DOMAIN Click here The Nextcloud Suite replaces google workspace which provides mail, calendar, contacts, notes, tasks, files, word processing, spreadsheets, project management, slides, and pictures
Autodiscovery autodiscover.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel Click here Auto discovery is a service to provide automatic mail configurations for mail clients
Vaultwarden vaultwarden.$DOMAIN Create your own user User access is separate from panel. Create your own initial user Click here Vaultwarden is a password manager
PowerDNS powerdns.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel Click here PowerDNS is a powerful tool for managing DNS of your domain

Thanks for your support!

Thank you for your support of Federated Computer. We really appreciate it and hope you have a very successful time with Federated Core.

Again, if we can be of any assistance, please don't hesitate to get in touch.

Support: https://support.federated.computer
Phone: (970) 722-8715
Email: support@federated.computer

It's your computer. Let's make it work for you! EOF # Send out e-mail from mail container with details #docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"Welcome to Federated\" admin@$DOMAIN < /root/certs/mailfile" #docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"Welcome to Federated\" $EMAIL < /root/certs/mailfile" #cat /federated/apps/mail/data/root/certs/mailfile #rm /federated/apps/mail/data/root/certs/mailfile } print_details() { cat > /federated/apps/mail/data/root/certs/mailfile <
Dear Federated Customer,

Please read this note in its entirety since it has some important information for you to get the best use out of your Federated Core. If you ever get stuck for whatever reason, please reach out to us for support:

Website: https://support.federated.computer
Phone: 970-722-8715
Email: support@federated.computer

We are here to help you, the Customer, get the most out of your Federated Core.

All documentation for your Federated Core can be found at https://documentation.federated.computer. There you'll find tips for how to use your Core and the various open source applications bundled with your Core.

Domain Information

This is your domain: $DOMAIN

If you just signed up for Federated Core, your domain is a temporary domain (example: starts with F...). Please do not change the admin password (see below) until you switch to your own domain name (example: mustache.com). We use the admin account and password for your temporary domain to re-configure all the software for your new/permanent domain. If you have a question about this, send us an email to support@federated.computer.

When you are ready to switch over to your own yourdomain.com send us an e-mail at support@federated.computer and let us know you are done migrating your data, have pointed DNS correctly, and ready for us to switch. We also need to know the yourdomain.com you will be using.

For setting DNS records you will need to set your glue records for your own yourdomain.com to be:

ns1.yourdomain.com - $EXTERNALIP
ns2.yourdomain.com - $EXTERNALIP

And your authoritative:

ns1.yourdomain.com
ns2.yourdomain.com

If you have questions about DNS records, please send us an email at support@federated.computer so that we can help you.

Admin User

There is an "admin" or administrative use that has access to everything on your Federated Core. Here are the credentials for that user.

Username = "admin@$DOMAIN"
Password = "$ADMINPASS"

Applications

Service Link User / Pass Access Docs Description
Panel panel.$DOMAIN admin@$DOMAIN
admin password above		 All users in panel have access using user@$DOMAIN Click here Use panel to create user accounts for your team and change passwords
Email nextcloud.$DOMAIN
WebMail application		 admin@$DOMAIN
admin password above		 All users in panel can access their own mail accounts through Nextcloud or mail client using user@$DOMAIN Click here This is your own private e-mail service accessed through Nextcloud webmail or configure a mail client with SMTP mail.$DOMAIN (port 465), and IMAP mail.$DOMAIN (port 993)
Nextcloud nextcloud.$DOMAIN admin@$DOMAIN
admin password above		 All users in panel have access using user@$DOMAIN Click here The Nextcloud Suite replaces google workspace which provides mail, calendar, contacts, notes, tasks, files, word processing, spreadsheets, project management, slides, and pictures
Jitsi jitsi.$DOMAIN admin@$DOMAIN
admin password above		 All users in panel have access using user@$DOMAIN Click here Jitsi is a zoom replacement video conferencing solution
Element element.$DOMAIN admin@$DOMAIN
admin password above		 All users in panel have access using user@$DOMAIN Click here Element (a Slack replacement) provides you the ability to chat with those on your team and outside of your team
Listmonk listmonk.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel. Click here Listmonk is (a replacement for Mailchimp) is used to create e-mail subscription lists
Baserow baserow.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel. Use the admin account to login and then invite other users Click here Baserow (Air table replacement) allows you to create and customize databases without writing any code
Vaultwarden vaultwarden.$DOMAIN Create your own user User access is separate from panel. Create your own initial user Click here Vaultwarden is a password manager
Gitea gitea.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel Click here Gitea is a code repository system similar to GitHub
PowerDNS powerdns.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel Click here PowerDNS is a powerful tool for managing DNS of your domain
Castopod castopod.$DOMAIN/cp-auth/login admin@$DOMAIN
admin password above		 User access is separate from panel Click here Castopod is a full platform for hosting and delivering podcasts to your audience
Wordpress www.$DOMAIN/login admin@$DOMAIN
admin password above		 User access is separate from panel Click here Wordpress is a dynamic content management solution used by 10s of millions of websites around the globe
Autodiscovery autodiscover.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel Click here Auto discovery is a service to provide automatic mail configurations for mail clients
Bookstack bookstack.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel Click here Bookstack is a simple, open-source, self-hosted, easy-to-use platform (Wiki) for organising and storing information
Freescout freescout.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel Click here FreeScout is the super lightweight and powerful free open source help desk
Music Side Project msp.$DOMAIN admin@$DOMAIN
admin password above		 User access is separate from panel Click here Music Side Project Studio enables you to harness the potential of RSS feeds and the Lightning Network, allowing you to self-host your music and receive direct payment from your fans
EspoCRM espocrm.$DOMAIN admin@$DOMAIN
admin password above		 All users in panel have access using user@$DOMAIN Click here EspoCRM is an Open Source CRM (Customer Relationship Management) software that allows you to see, enter and evaluate all your company relationships

VPN

Your core comes with a very powerful VPN solution built using Wireguard. The following information is needed by your users so that they can use the VPN. Please treat this information as a very important secret. There are two important parts of the VPN:

Here is your VPN configuration:
EOF sed "s/$/
/" /federated/apps/wireguard/data/config/peer1/peer1.conf >> /federated/apps/mail/data/root/certs/mailfile cat >> /federated/apps/mail/data/root/certs/mailfile <

Thanks for your support!

Thank you for your support of Federated Computer. We really appreciate it and hope you have a very successful time with Federated Core.

Again, if we can be of any assistance, please don't hesitate to get in touch.

Support: https://support.federated.computer
Phone: (970) 722-8715
Email: support@federated.computer

It's your computer. Let's make it work for you! EOF # Send out e-mail from mail container with details #docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"Welcome to Federated\" admin@$DOMAIN < /root/certs/mailfile" #docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"Welcome to Federated\" $EMAIL < /root/certs/mailfile" #cat /federated/apps/mail/data/root/certs/mailfile #rm /federated/apps/mail/data/root/certs/mailfile } check_docker() { OSRELEASE=`cat /etc/os-release|grep ^ID= |cut -d= -f2 |sed -e 's,^",,;s,"$,,'` echo -ne "\n* Updating OS with the latest patches.." if [ "$OSRELEASE" = "ubuntu" ]; then # Update OS with latest patches sudo apt-get update -y &> /dev/null [ $? -ne 0 ] && failcheck "Couldn't run sudo apt-get update" NEEDRESTART_MODE=a apt-get upgrade -y &> /dev/null [ $? -ne 0 ] && failcheck "Couldn't run sudo apt-get upgrade" elif [ "$OSRELEASE" = "openmandriva" ]; then dnf -y --refresh distro-sync &>/dev/null [ $? -ne 0 ] && failcheck "Couldn't run dnf distro-sync" fi kill -9 $SPINPID &> /dev/null echo -ne "done." # Install docker if not found if ! command -v docker &> /dev/null; then echo -ne "\n* Couldn't find docker, installing.." spin & SPINPID=$! # Install Docker on Ubuntu if [ $OSRELEASE == "ubuntu" ]; then # Update list of packages sudo apt-get update -y &> /dev/null [ $? -ne 0 ] && failcheck "Couldn't run sudo apt-get update" # Install packages which let apt use packages over HTTPS sudo apt install apt-transport-https ca-certificates curl software-properties-common -y &> /dev/null [ $? -ne 0 ] && failcheck "Couldn't run sudo apt install for https packages" # Add GPG key for the official Docker repository to this system curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - &> /dev/null [ $? -ne 0 ] && failcheck "Couldn't run curl to add Docker GPG key" # Add the docker repository to our APT sources list sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu jammy stable" -y &> /dev/null [ $? -ne 0 ] && failcheck "Couldn't run sudo add-apt-repository" # Install docker packages sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin docker-compose -y &> /dev/null [ $? -ne 0 ] && failcheck "Couldn't run sudo apt install docker packages" # Install extra packages sudo apt-get install duplicity python3-b2sdk uuid apache2-utils -y &> /dev/null [ $? -ne 0 ] && failcheck "Couldn't run sudo apt install extra packages" # Put in log rotation fix for docker container logs cat > /etc/docker/daemon.json </dev/null)/bin v2.8.1 &> /dev/null [ $? -ne 0 ] && failcheck "Couldn't install traefik certs dumper" # Restart docker daemon systemctl restart docker elif [ "$OSRELEASE" = "openmandriva" ]; then dnf -y --refresh install curl traefik-certs-dumper duplicity duplicity-backend-b2 duplicity-backend-local duplicity-backend-s3_boto3 duplicity-backend-ssh_paramiko python-b2 if [ "$USE_PODMAN" = "true" ]; then dnf -y --refresh install podman podman-compose crun iptables # We want to run a real DNS, can't block port 53 rpm -e aardvark-dns ln -s podman /usr/bin/docker ln -s podman-compose /usr/bin/docker-compose systemctl --user start podman.socket systemctl --user enable podman.socket mkdir -p /var/run ln -s /run/user/0/podman/podman.sock /var/run/docker.sock else dnf -y --refresh install docker docker-compose sed -i -e "s,^OPTIONS=.*,OPTIONS=''," /etc/sysconfig/docker echo 'DOCKER_STORAGE_OPTIONS = --storage-driver btrfs' >>/etc/sysconfig/docker-storage # Put in log rotation fix for docker container logs cat > /etc/docker/daemon.json < /dev/null echo -ne "done." fi if ! command -v docker-compose &> /dev/null; then echo -ne "\n* Couldn't find docker-compose, installing.." spin & SPINPID=$! # Install Docker compose on Ubuntu if [ $OSRELEASE == "ubuntu" ]; then sudo apt-get install docker-compose -y &> /dev/null elif [ $OSRELEASE = "openmandriva" ]; then sudo dnf -y --refresh install docker-compose &>/dev/null fi kill -9 $SPINPID &> /dev/null echo -ne "done." fi } check_ports() { EXTERNALIP=`dig @resolver4.opendns.com myip.opendns.com +short 2> /dev/null` [ $? -ne 0 ] && failcheck "Couldn't run dig, dns is not working" # Check if ss command exists if command -v ss &> /dev/null; then # Check every port we need if it's in use (only if we have never run before) if [ $(ls /federated/apps | wc -l) -eq "0" ]; then for i in 25 53 80 143 389 587 993 8000; do SS=`ss -tulwn | grep LISTEN | awk '{ print $5 }' | awk -F: '{ print $NF }' | grep "^$i$" | head -1` # If port 53 (dns) in use by system-resolvd (Ubuntu) then auto fix if [ "$SS" == 53 ]; then echo -ne "\n* Port 53 in use by systemd-resolved, fixing.." spin & SPINPID=$! if [ $OSRELEASE == "ubuntu" ]; then if [ `pgrep -x systemd-resolve` ]; then # Install resolvconf to fix sudo apt install resolvconf -y &> /dev/null [ $? -eq 0 ] && echo -ne "." || failcheck "Failed running sudo apt install resolvconf" else echo -ne "\nFAILED - Port 53 (dns) is already in use\n\n" && exit 2 fi elif [ $OSRELEASE == "openmandriva" ]; then systemctl disable --now systemd-resolved fi # Shut down systemd-resolved systemctl stop systemd-resolved &> /dev/null [ $? -ne 0 ] && failcheck "Failed running systemctl stop systemd-resolved" systemctl disable systemd-resolved &> /dev/null [ $? -ne 0 ] && failcheck "Failed running systemctl disable systemd-resolved" # Put nameserver entries so will exist on reboot rm /etc/resolv.conf echo "nameserver 1.1.1.1" >> /etc/resolv.conf echo "nameserver 1.0.0.1" >> /etc/resolv.conf kill -9 $SPINPID &> /dev/null echo -ne "done." elif [ "$SS" == "$i" ]; then failcheck "FAILED - Port $i is already in use" fi done fi fi } check_os() { OSRELEASE=`cat /etc/os-release|grep ^ID= |cut -d= -f2 |sed -e 's,^",,;s,"$,,'` VERSIONID=`grep "VERSION_ID=" /etc/os-release | awk -F\" '{ print $2 }'` if [ "$OSRELEASE" = "ubuntu" -a "$VERSIONID" != "22.04" ]; then echo -ne "\nFederated requires a minimum of 4G of RAM and 25G of storage\n \ running Ubuntu 22.04 LTS. Your system is not supported. Please contact\n \ Federated @ support@federated.computer for assistance or choose our\n \ cloud offerings at https://cloud.federated.computer.\n\n" exit 2; fi } check_memory() { MEMTOTAL=`awk '/MemTotal/ { printf "%.3d \n", $2/1024 }' /proc/meminfo` if [ "$MEMTOTAL" -lt "3700" ]; then echo -ne "\nFederated requires a minimum of 4G of RAM and 25G of storage\n \ running Ubuntu 22.04 LTS. Your system is not supported. Please contact\n \ Federated @ support@federated.computer for assistance or choose our\n \ cloud offerings at https://cloud.federated.computer.\n\n" exit 2; fi } get_installedapps() { SERVICES=( $(ls -d /federated/apps/* | awk -F/ '{ print $4 }') ) } get_appvars() { BUNDLE=$(egrep "TIER|BUNDLE" /etc/federated | awk -F\" '{ print $2 }') [[ -d "/federated/apps/ldap" ]] && LDAP_SECRET=`cat /federated/apps/ldap/.ldap.secret` EXTERNALIP=$(get_externalip) [[ -d "/federated/apps/pdnsmysql" ]] && MYSQL_ROOTPASSWORD=`cat /federated/apps/pdnsmysql/.env | grep MYSQL_ROOT_PASSWORD | awk -F= '{ print $2 }'` # If ADMINPASS doesn't exist in /etc/federated then use nextcloud to get it. Otherwise get it from /etc/federated # [[ ! $(grep ADMINPASS /etc/federated | awk -F\" '{ print $2 }') ]] && ADMINPASS=$(cat /federated/apps/nextcloud/.nextcloud.secret) || ADMINPASS=$(grep ADMINPASS /etc/federated | awk -F\" '{ print $2 }') # If ADMINPASS doesn't exist in /etc/federated then use nextcloud to get it. If Nextcloud secret isn't there then use panel. # If ADMINPASS exists in /etc/federated then get it from /etc/federated if [[ ! $(grep ADMINPASS /etc/federated | awk -F\" '{ print $2 }') ]]; then if [[ -f "/federated/apps/nextcloud/.nextcloud.secret" ]]; then ADMINPASS=$(cat /federated/apps/nextcloud/.nextcloud.secret) else ADMINPASS=$(grep SMTP_PASSWORD /federated/apps/panel/.env | awk -F= '{ print $2 }') fi else ADMINPASS=$(grep ADMINPASS /etc/federated | awk -F\" '{ print $2 }') fi # If COTURN_MATRIX_SECRET exists in turnserver.conf then use it, otherwise create the password [[ $(grep static-auth-secret /federated/apps/coturn/data/etc/turnserver.conf 2>/dev/null | awk -F= '{ print $2 }') ]] && COTURN_MATRIX_SECRET=$(grep static-auth-secret /federated/apps/coturn/data/etc/turnserver.conf 2>/dev/null | awk -F= '{ print $2 }') || COTURN_MATRIX_SECRET=$(create_password); # If LISTMONKPASS doesn't exist in /etc/federated then create it. Otherwise get it from /etc/federated [[ ! $(grep LISTMONKPASS /etc/federated | awk -F\" '{ print $2 }') ]] && LISTMONKPASS=$(create_password) || LISTMONKPASS=$(grep LISTMONKPASS /etc/federated | awk -F\" '{ print $2 }') # If gitea token file exists then set it as the variable. Otherwise create it. Used for caddy / gitea webhook [[ -f "/federated/apps/gitea/.gitea.token.1" ]] && GITEA_TOKEN_1=$(cat /federated/apps/gitea/.gitea.token.1) || GITEA_TOKEN_1=$(create_password) # If webhook file exists then set it as the variable. Otherwise create it. Used for caddy / gitea webhook if [[ -f "/federated/apps/gitea/.webhook.secret" ]]; then WEBHOOK_SECRET=$(cat /federated/apps/gitea/.webhook.secret) else WEBHOOK_SECRET=$(create_password) if [[ -d "/federated/apps/gitea" ]]; then echo "$WEBHOOK_SECRET" > /federated/apps/gitea/.webhook.secret fi fi # Get LDAP DOMAIN from ldap its self and setup variables for each part [[ -d "/federated/apps/ldap" ]] && LDAP_DOMAIN=$(docker exec ldap slapcat | grep "dn:" | head -1 | awk -F: '{ print $2 }') # Setup LDAP_DOMAIN variable for domain or subdomain LDAP_DOMAIN_ARRAY=(${LDAP_DOMAIN//,/ }) if [ "${#LDAP_DOMAIN_ARRAY[@]}" -eq "2" ]; then LDAP_DOMAIN_FIRST=$(echo "${LDAP_DOMAIN_ARRAY[0]}" | awk -F= '{ print $2 }') LDAP_DOMAIN_LAST=$(echo "${LDAP_DOMAIN_ARRAY[1]}" | awk -F= '{ print $2 }') elif [ "${#LDAP_DOMAIN_ARRAY[@]}" -eq "3" ]; then LDAP_DOMAIN_FIRST=$(echo "${LDAP_DOMAIN_ARRAY[0]}" | awk -F= '{ print $2 }') LDAP_DOMAIN_MIDDLE=$(echo "${LDAP_DOMAIN_ARRAY[1]}" | awk -F= '{ print $2 }') LDAP_DOMAIN_LAST=$(echo "${LDAP_DOMAIN_ARRAY[2]}" | awk -F= '{ print $2 }') fi # Set SMTP user based on if fcore or admin exists if [[ -d "/federated/apps/ldap" ]]; then if [[ $(docker exec ldap slapcat | grep fcore) ]]; then SMTPUSER="fcore" elif [[ $(docker exec ldap slapcat | grep admin) ]]; then SMTPUSER="admin" else SMTPUSER="fcore" fi else SMTPUSER="fcore" fi } get_appvars_old() { LDAP_SECRET=`cat /federated/apps/ldap/.ldap.secret` EXTERNALIP=$(get_externalip); MYSQL_ROOTPASSWORD=`cat /federated/apps/pdnsmysql/.env | grep MYSQL_ROOT_PASSWORD | awk -F= '{ print $2 }'` # If ADMINPASS doesn't exist in /etc/federated then use nextcloud to get it. Otherwise get it from /etc/federated [[ ! $(grep ADMINPASS /etc/federated | awk -F\" '{ print $2 }') ]] && ADMINPASS=$(cat /federated/apps/nextcloud/.nextcloud.secret) || ADMINPASS=$(grep ADMINPASS /etc/federated | awk -F\" '{ print $2 }') # If COTURN_MATRIX_SECRET exists in turnserver.conf then use it, otherwise create the password [[ $(grep static-auth-secret /federated/apps/coturn/data/etc/turnserver.conf 2>/dev/null | awk -F= '{ print $2 }') ]] && COTURN_MATRIX_SECRET=$(grep static-auth-secret /federated/apps/coturn/data/etc/turnserver.conf 2>/dev/null | awk -F= '{ print $2 }') || COTURN_MATRIX_SECRET=$(create_password); # Set SMTP user based on if fcore exists [[ $(docker exec ldap slapcat | grep fcore) ]] && SMTPUSER="fcore" || SMTPUSER="admin" } get_ldapdomain() { # Get LDAP DOMAIN from ldap its self and setup variables for each part LDAP_DOMAIN=$(docker exec ldap slapcat | grep "dn:" | head -1 | awk -F: '{ print $2 }') # Setup LDAP_DOMAIN variable for domain or subdomain LDAP_DOMAIN_ARRAY=(${LDAP_DOMAIN//,/ }) if [ "${#LDAP_DOMAIN_ARRAY[@]}" -eq "2" ]; then LDAP_DOMAIN_FIRST=$(echo "${LDAP_DOMAIN_ARRAY[0]}" | awk -F= '{ print $2 }') LDAP_DOMAIN_LAST=$(echo "${LDAP_DOMAIN_ARRAY[1]}" | awk -F= '{ print $2 }') elif [ "${#LDAP_DOMAIN_ARRAY[@]}" -eq "3" ]; then LDAP_DOMAIN_FIRST=$(echo "${LDAP_DOMAIN_ARRAY[0]}" | awk -F= '{ print $2 }') LDAP_DOMAIN_MIDDLE=$(echo "${LDAP_DOMAIN_ARRAY[1]}" | awk -F= '{ print $2 }') LDAP_DOMAIN_LAST=$(echo "${LDAP_DOMAIN_ARRAY[2]}" | awk -F= '{ print $2 }') fi } create_email_withoutvpn() { cat > /federated/apps/mail/data/root/certs/mailfile <
Dear Federated Customer,

Please read this note in its entirety since it has some important information for you to get the best use out of your Federated Core. If you ever get stuck for whatever reason, please reach out to us for support:

Website: https://support.federated.computer
Phone: 970-722-8715
Email: support@federated.computer

We are here to help you, the Customer, get the most out of your Federated Core.

All documentation for your Federated Core can be found at https://documentation.federated.computer. There you'll find tips for how to use your Core and the various open source applications bundled with your Core.

Domain Information

This is your domain: $DOMAIN

If you just signed up for Federated Core, your domain is a temporary domain (example: starts with F...). Please do not change the admin password (see below) until you switch to your own domain name (example: mustache.com). We use the admin account and password for your temporary domain to re-configure all the software for your new/permanent domain. If you have a question about this, send us an email to support@federated.computer.

When you are ready to switch over to your own yourdomain.com send us an e-mail at support@federated.computer and let us know you are done migrating your data, have pointed DNS correctly, and ready for us to switch. We also need to know the yourdomain.com you will be using.

For setting DNS records you will need to set your glue records for your own yourdomain.com to be:

ns1.yourdomain.com - $EXTERNALIP
ns2.yourdomain.com - $EXTERNALIP

And your authoritative:

ns1.yourdomain.com
ns2.yourdomain.com

If you have questions about DNS records, please check https://www.federated.computer/support for videos on pointing your DNS correctly. For further help please send us an email at support@federated.computer so that we can assist you.

Admin User

There is an "admin" or administrative use that has access to everything on your Federated Core. Here are the credentials for that user.

Username = "admin@$DOMAIN"
Password = "$ADMINPASS"

Dashboard

Visit https://dashboard.$DOMAIN to access all of your applications using the admin user and password above. You can use dashboard as a launching pad for your applications.

Thanks for your support!

Thank you for your support of Federated Computer. We really appreciate it and hope you have a very successful time with Federated Core.

Again, if we can be of any assistance, please don't hesitate to get in touch.

Support: https://support.federated.computer
Phone: (970) 722-8715
Email: support@federated.computer

It's your computer. Let's make it work for you! EOF # Send out e-mail from mail container with details #docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"Welcome to Federated\" admin@$DOMAIN < /root/certs/mailfile" #docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"Welcome to Federated\" $EMAIL < /root/certs/mailfile" #cat /federated/apps/mail/data/root/certs/mailfile #rm /federated/apps/mail/data/root/certs/mailfile } create_email_withvpn() { cat > /federated/apps/mail/data/root/certs/mailfile <
Dear Federated Customer,

Please read this note in its entirety since it has some important information for you to get the best use out of your Federated Core. If you ever get stuck for whatever reason, please reach out to us for support:

Website: https://support.federated.computer
Phone: 970-722-8715
Email: support@federated.computer

We are here to help you, the Customer, get the most out of your Federated Core.

All documentation for your Federated Core can be found at https://documentation.federated.computer. There you'll find tips for how to use your Core and the various open source applications bundled with your Core.

Domain Information

This is your domain: $DOMAIN

If you just signed up for Federated Core, your domain is a temporary domain (example: starts with F...). Please do not change the admin password (see below) until you switch to your own domain name (example: mustache.com). We use the admin account and password for your temporary domain to re-configure all the software for your new/permanent domain. If you have a question about this, send us an email to support@federated.computer.

When you are ready to switch over to your own yourdomain.com send us an e-mail at support@federated.computer and let us know you are done migrating your data, have pointed DNS correctly, and ready for us to switch. We also need to know the yourdomain.com you will be using.

For setting DNS records you will need to set your glue records for your own yourdomain.com to be:

ns1.yourdomain.com - $EXTERNALIP
ns2.yourdomain.com - $EXTERNALIP

And your authoritative:

ns1.yourdomain.com
ns2.yourdomain.com

If you have questions about DNS records, please check https://www.federated.computer/support for videos on pointing your DNS correctly. For further help please send us an email at support@federated.computer so that we can assist you.

Admin User

There is an "admin" or administrative use that has access to everything on your Federated Core. Here are the credentials for that user.

Username = "admin@$DOMAIN"
Password = "$ADMINPASS"

IMPORTANT: When logging into Nextcloud using normal login (NOT Login with Authelia), you need to use the system username from panel, not user@domain.com. This includes the admin user.

Dashboard

Visit https://dashboard.$DOMAIN to access all of your applications using the admin user and password above. You can use dashboard as a launching pad for your applications.

VPN

Your core comes with a very powerful VPN solution built using Wireguard. The following information is needed by your users so that they can use the VPN. Please treat this information as a very important secret. There are two important parts of the VPN:

Here is your VPN configuration:
EOF sed "s/$/
/" /federated/apps/wireguard/data/config/peer1/peer1.conf >> /federated/apps/mail/data/root/certs/mailfile cat >> /federated/apps/mail/data/root/certs/mailfile <

Thanks for your support!

Thank you for your support of Federated Computer. We really appreciate it and hope you have a very successful time with Federated Core.

Again, if we can be of any assistance, please don't hesitate to get in touch.

Support: https://support.federated.computer
Phone: (970) 722-8715
Email: support@federated.computer

It's your computer. Let's make it work for you! EOF # Send out e-mail from mail container with details #docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"Welcome to Federated\" admin@$DOMAIN < /root/certs/mailfile" #docker exec mail bash -c "mail -r admin@$DOMAIN -a \"Content-type: text/html\" -s \"Welcome to Federated\" $EMAIL < /root/certs/mailfile" #cat /federated/apps/mail/data/root/certs/mailfile #rm /federated/apps/mail/data/root/certs/mailfile } create_email_migrated() { cat > /federated/apps/mail/data/root/certs/mailfile <

You are now migrated to $DOMAIN

Credentials will be the same as the admin user in the original welcome e-mail.

Dashboard

Visit https://dashboard.$DOMAIN to access all of your applications using the admin user and password. You can use dashboard as a launching pad for your applications.

Thanks for your support!

Thank you for your support of Federated Computer. We really appreciate it and hope you have a very successful time with Federated Core.

Again, if we can be of any assistance, please don't hesitate to get in touch.

Support: https://support.federated.computer
Phone: (970) 722-8715
Email: support@federated.computer

It's your computer. Let's make it work for you! EOF } config_network() { echo -ne "\n* Configuring core network.." spin & SPINPID=$! if [ ! `docker network ls -q --filter name=core` ]; then docker network create --subnet 192.168.0.0/16 core &> /dev/null [ $? -ne 0 ] && fail "Couldn't run docker network create" fi echo -ne "done." kill -9 $SPINPID &> /dev/null } run_finishtasks() { if [[ "${PLUS}" != "true" ]]; then docker exec -u 33 nextcloud php -f /var/www/html/cron.php docker exec -u 33 nextcloud truncate /var/www/html/data/nextcloud.log --size 0 docker exec -u 33 nextcloud php -f /var/www/html/cron.php docker exec -u 33 nextcloud truncate /var/www/html/data/nextcloud.log --size 0 fi docker system prune -a -f } add_authelia_config_to_dockercompose() { if [[ ! $(grep authelia /federated/apps/$1/docker-compose.yml) ]]; then if [[ $(grep extra_hosts /federated/apps/$1/docker-compose.yml) ]]; then sed -i "/extra_hosts/a \ - \"authelia.$DOMAIN:$2\"" /federated/apps/$1/docker-compose.yml else sed -i "/restart: always/a \ extra_hosts:\n\ - \"authelia.$DOMAIN:$2\"" /federated/apps/$1/docker-compose.yml fi fi }