free
/
freedombone
Следить 1
В избранное 0
Форкнуть 0
Код Задачи 0 Pull Request'ы 0 Релизы 0 Вики Активность
Просмотр исходного кода

Unfortunately, copying of tls keys for exim seems like the only option

Bob Mottram 7 лет назад
Родитель
e9015ac426
Сommit
2db60740d6
2 измененных файлов: 36 добавлений и 10 удалений
Единый вид Показать статистику Diff
  1. 3
    0
      src/freedombone-app-fedwiki
  2. 33
    10
      src/freedombone-utils-web

+ 3
- 0
src/freedombone-app-fedwiki Просмотреть файл

448 
     echo '[Install]' >> /etc/systemd/system/fedwiki.service
 448 
     echo '[Install]' >> /etc/systemd/system/fedwiki.service
449 
     echo 'WantedBy=multi-user.target' >> /etc/systemd/system/fedwiki.service
 449 
     echo 'WantedBy=multi-user.target' >> /etc/systemd/system/fedwiki.service
450
450
451 
+    if [ ! -d ${FEDWIKI_DATA}/status ]; then
452 
+        mkdir -p ${FEDWIKI_DATA}/status
453 
+    fi
451 
     fedwiki_auth_file=${FEDWIKI_DATA}/status/owner.json
 454 
     fedwiki_auth_file=${FEDWIKI_DATA}/status/owner.json
452 
     echo '{' > $fedwiki_auth_file
 455 
     echo '{' > $fedwiki_auth_file
453 
     echo "  \"name\": \"${MY_USERNAME}\"," >> $fedwiki_auth_file
 456 
     echo "  \"name\": \"${MY_USERNAME}\"," >> $fedwiki_auth_file

+ 33
- 10
src/freedombone-utils-web Просмотреть файл

861 
             fi
 861 
             fi
862 
         fi
 862 
         fi
863
863
864 
-        if [ -d /etc/dovecot ]; then
865 
-            if [ ${#DEFAULT_DOMAIN_NAME} -gt 0 ]; then
866 
-                if ! grep -q "ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem" /etc/dovecot/conf.d/10-ssl.conf; then
867 
-                    sed -i "s|#ssl_cert =.*|ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
868 
-                    sed -i "s|ssl_cert =.*|ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
869 
-                    systemctl restart dovecot
864 
+        if [ ${#DEFAULT_DOMAIN_NAME} -gt 0 ]; then
865 
+            if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
866 
+                if [ -d /etc/dovecot ]; then
867 
+                    if ! grep -q "ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem" /etc/dovecot/conf.d/10-ssl.conf; then
868 
+                        sed -i "s|#ssl_cert =.*|ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
869 
+                        sed -i "s|ssl_cert =.*|ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
870 
+                        systemctl restart dovecot
871 
+                    fi
872 
+                fi
873 
+
874 
+                if [ -d /etc/exim4 ]; then
875 
+                    cp /etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/{fullchain,privkey}.pem /etc/exim4/
876 
+                    chown root:Debian-exim /etc/exim4/*.pem
877 
+                    chmod 640 /etc/exim4/*.pem
878 
+
879 
+                    sed -i "s|MAIN_TLS_CERTKEY =.*|MAIN_TLS_CERTKEY = /etc/exim4/fullchain.pem|g" /etc/exim4/conf.d/main/03_exim4-config_tlsoptions
880 
+                    sed -i "s|MAIN_TLS_CERTKEY =.*|MAIN_TLS_CERTKEY = /etc/exim4/fullchain.pem|g" /etc/exim4/exim4.conf.template
881 
+                    sed -i "s|MAIN_TLS_PRIVATEKEY =.*|MAIN_TLS_PRIVATEKEY = /etc/exim4/privkey.pem|g" /etc/exim4/conf.d/main/03_exim4-config_tlsoptions
882 
+                    sed -i "s|MAIN_TLS_PRIVATEKEY =.*|MAIN_TLS_PRIVATEKEY = /etc/exim4/privkey.pem|g" /etc/exim4/exim4.conf.template
883 
+
884 
+                    systemctl restart exim4
870 
                 fi
 885 
                 fi
871 
             fi
 886 
             fi
872 
         fi
 887 
         fi
1026 
         email_config_changed=1
 1041 
         email_config_changed=1
1027 
     fi
 1042 
     fi
1028 
     if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
 1043 
     if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
1029 
-        if ! grep -q "MAIN_TLS_CERTKEY = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem" $tls_config_file; then
1030 
-            sed -i "/.ifdef MAIN_TLS_CERTKEY/i\MAIN_TLS_CERTKEY = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem" $tls_config_file
1044 
+        cp /etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem /etc/exim4/
1045 
+        chown root:Debian-exim /etc/exim4/*.pem
1046 
+        chmod 640 /etc/exim4/*.pem
1047 
+
1048 
+        if ! grep -q "MAIN_TLS_CERTKEY = /etc/exim4/fullchain.pem" $tls_config_file; then
1049 
+            sed -i "/.ifdef MAIN_TLS_CERTKEY/i\MAIN_TLS_CERTKEY = /etc/exim4/fullchain.pem" $tls_config_file
1031 
             email_config_changed=1
 1050 
             email_config_changed=1
1032 
         fi
 1051 
         fi
1033 
     fi
 1052 
     fi
1034 
     if [ -f /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key ]; then
 1053 
     if [ -f /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key ]; then
1035 
-        if ! grep -q "MAIN_TLS_PRIVATEKEY = /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key" $tls_config_file; then
1036 
-            sed -i "/.ifndef MAIN_TLS_PRIVATEKEY/i\MAIN_TLS_PRIVATEKEY = /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key" $tls_config_file
1054 
+        cp /etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/privkey.pem /etc/exim4/
1055 
+        chown root:Debian-exim /etc/exim4/*.pem
1056 
+        chmod 640 /etc/exim4/*.pem
1057 
+
1058 
+        if ! grep -q "MAIN_TLS_PRIVATEKEY = /etc/exim4/privkey.pem" $tls_config_file; then
1059 
+            sed -i "/.ifndef MAIN_TLS_PRIVATEKEY/i\MAIN_TLS_PRIVATEKEY = /etc/exim4/privkey.pem" $tls_config_file
1037 
             email_config_changed=1
 1060 
             email_config_changed=1
1038 
         fi
 1061 
         fi
1039 
     fi
 1062 
     fi