Bob Mottram 10 лет назад
Родитель
Сommit
19d38eaa47
1 измененных файлов: 72 добавлений и 0 удалений
  1. 72
    0
      install-freedombone.sh

+ 72
- 0
install-freedombone.sh Просмотреть файл

@@ -690,6 +690,24 @@ function configure_firewall_for_dns {
690 690
   echo 'configure_firewall_for_dns' >> $COMPLETION_FILE
691 691
 }
692 692
 
693
+function configure_firewall_for_xmpp {
694
+  if [ ! -d /etc/prosody ]; then
695
+      return
696
+  fi
697
+  if grep -Fxq "configure_firewall_for_xmpp" $COMPLETION_FILE; then
698
+      return
699
+  fi
700
+  if [[ $INSTALLED_WITHIN_DOCKER == "yes" ]]; then
701
+      # docker does its own firewalling
702
+      return
703
+  fi
704
+  iptables -A INPUT -i eth0 -p tcp --dport 5222:5223 -j ACCEPT
705
+  iptables -A INPUT -i eth0 -p tcp --dport 5269 -j ACCEPT
706
+  iptables -A INPUT -i eth0 -p tcp --dport 5280:5281 -j ACCEPT
707
+  save_firewall_settings
708
+  echo 'configure_firewall_for_xmpp' >> $COMPLETION_FILE
709
+}
710
+
693 711
 function configure_firewall_for_ftp {
694 712
   if grep -Fxq "configure_firewall_for_ftp" $COMPLETION_FILE; then
695 713
       return
@@ -1443,6 +1461,9 @@ function import_email {
1443 1461
 }
1444 1462
 
1445 1463
 function install_web_server {
1464
+  if [[ $SYSTEM_TYPE == "chat" ]]; then
1465
+      return
1466
+  fi
1446 1467
   if grep -Fxq "install_web_server" $COMPLETION_FILE; then
1447 1468
       return
1448 1469
   fi
@@ -1657,6 +1678,55 @@ function install_owncloud {
1657 1678
   fi
1658 1679
 }
1659 1680
 
1681
+function install_xmpp {
1682
+  if [[ $SYSTEM_TYPE == "writer" || $SYSTEM_TYPE == "email" || $SYSTEM_TYPE == "mailbox" || $SYSTEM_TYPE == "cloud" || $SYSTEM_TYPE == "social" ]]; then
1683
+      return
1684
+  fi
1685
+  if grep -Fxq "install_xmpp" $COMPLETION_FILE; then
1686
+      return
1687
+  fi
1688
+  apt-get -y --force-yes install prosody
1689
+  makecert xmpp
1690
+  chown prosody:prosody /etc/ssl/private/xmpp.key
1691
+  chown prosody:prosody /etc/ssl/certs/xmpp.*
1692
+  cp -a /etc/prosody/conf.avail/example.com.cfg.lua /etc/prosody/conf.avail/xmpp.cfg.lua
1693
+
1694
+  sed -i 's|/etc/prosody/certs/example.com.key|/etc/ssl/private/xmpp.key|g' /etc/prosody/conf.avail/xmpp.cfg.lua
1695
+  sed -i 's|/etc/prosody/certs/example.com.crt|/etc/ssl/certs/xmpp.crt|g' /etc/prosody/conf.avail/xmpp.cfg.lua
1696
+  if ! grep -q "xmpp.dhparam" /etc/prosody/conf.avail/xmpp.cfg.lua; then
1697
+      sed -i '/certificate =/a\              dhparam = "/etc/ssl/certs/xmpp.dhparam";' /etc/prosody/conf.avail/xmpp.cfg.lua
1698
+  fi
1699
+  sed -i "s/example.com/$DOMAIN_NAME/g" /etc/prosody/conf.avail/xmpp.cfg.lua
1700
+  sed -i 's/enabled = false -- Remove this line to enable this host//g' /etc/prosody/conf.avail/xmpp.cfg.lua
1701
+
1702
+  if ! grep -q "modules_enabled" /etc/prosody/conf.avail/xmpp.cfg.lua; then
1703
+      echo '' >> /etc/prosody/conf.avail/xmpp.cfg.lua
1704
+      echo 'modules_enabled = {' >> /etc/prosody/conf.avail/xmpp.cfg.lua
1705
+      echo '  "bosh"; -- Enable mod_bosh' >> /etc/prosody/conf.avail/xmpp.cfg.lua
1706
+      echo '  "tls"; -- Enable mod_tls' >> /etc/prosody/conf.avail/xmpp.cfg.lua
1707
+      echo '}' >> /etc/prosody/conf.avail/xmpp.cfg.lua
1708
+      echo '' >> /etc/prosody/conf.avail/xmpp.cfg.lua
1709
+      echo 'c2s_require_encryption = true' >> /etc/prosody/conf.avail/xmpp.cfg.lua
1710
+      echo 's2s_require_encryption = true' >> /etc/prosody/conf.avail/xmpp.cfg.lua
1711
+  fi
1712
+  ln -sf /etc/prosody/conf.avail/xmpp.cfg.lua /etc/prosody/conf.d/xmpp.cfg.lua
1713
+
1714
+  sed -i 's|/etc/prosody/certs/localhost.key|/etc/ssl/private/xmpp.key|g' /etc/prosody/prosody.cfg.lua
1715
+  sed -i 's|/etc/prosody/certs/localhost.crt|/etc/ssl/certs/xmpp.crt|g' /etc/prosody/prosody.cfg.lua
1716
+  if ! grep -q "xmpp.dhparam" /etc/prosody/prosody.cfg.lua; then
1717
+      sed -i '/certificate =/a\      dhparam = "/etc/ssl/certs/xmpp.dhparam";' /etc/prosody/prosody.cfg.lua
1718
+  fi
1719
+  sed -i 's/c2s_require_encryption = false/c2s_require_encryption = true/g' /etc/prosody/prosody.cfg.lua
1720
+  if ! grep -q "s2s_require_encryption" /etc/prosody/prosody.cfg.lua; then
1721
+      sed -i '/c2s_require_encryption/a\s2s_require_encryption = true' /etc/prosody/prosody.cfg.lua
1722
+  fi
1723
+  sed -i 's/--"bosh";/"bosh";/g' /etc/prosody/prosody.cfg.lua
1724
+
1725
+  prosodyctl adduser $MY_USERNAME@$DOMAIN_NAME
1726
+  service prosody restart
1727
+  echo 'install_xmpp' >> $COMPLETION_FILE
1728
+}
1729
+
1660 1730
 function install_final {
1661 1731
   if grep -Fxq "install_final" $COMPLETION_FILE; then
1662 1732
       return
@@ -1711,6 +1781,8 @@ import_email
1711 1781
 install_web_server
1712 1782
 configure_firewall_for_web_server
1713 1783
 install_owncloud
1784
+install_xmpp
1785
+configure_firewall_for_xmpp
1714 1786
 install_final
1715 1787
 echo 'Freedombone installation is complete'
1716 1788
 exit 0