ソースを参照

Check that certificates are created

Bob Mottram 10 年 前
コミット
2ebf7f902a
共有1 個のファイルを変更した32 個の追加3 個の削除を含む
  1. 32
    3
      src/freedombone

+ 32
- 3
src/freedombone ファイルの表示

@@ -1225,6 +1225,25 @@ function read_configuration {
1225 1225
   fi
1226 1226
 }
1227 1227
 
1228
+# Checks whether certificates were generated for the given hostname
1229
+function check_certificates {
1230
+  if [ ! $1 ]; then
1231
+      return
1232
+  fi
1233
+  if [ ! -f /etc/ssl/private/$1.key ]; then
1234
+      echo "Private certificate for $CHECK_HOSTNAME was not created"
1235
+      exit 63959
1236
+  fi
1237
+  if [ ! -f /etc/ssl/certs/$1.crt ]; then
1238
+      echo "Public certificate for $CHECK_HOSTNAME was not created"
1239
+      exit 7679
1240
+  fi
1241
+  if [ ! -f /etc/ssl/certs/$1.dhparam ]; then
1242
+      echo "Diffie–Hellman parameters for $CHECK_HOSTNAME were not created"
1243
+      exit 5989
1244
+  fi
1245
+}
1246
+
1228 1247
 function install_not_on_BBB {
1229 1248
   if grep -Fxq "install_not_on_BBB" $COMPLETION_FILE; then
1230 1249
       return
@@ -2736,7 +2755,7 @@ function create_restore_script {
2736 2755
   echo '  rm -rf /root/tempvoip' >> /usr/bin/$RESTORE_SCRIPT_NAME
2737 2756
   echo 'fi' >> /usr/bin/$RESTORE_SCRIPT_NAME
2738 2757
   echo '' >> /usr/bin/$RESTORE_SCRIPT_NAME
2739
-  
2758
+
2740 2759
   echo 'sync' >> /usr/bin/$RESTORE_SCRIPT_NAME
2741 2760
   echo '' >> /usr/bin/$RESTORE_SCRIPT_NAME
2742 2761
   echo "# Unmount the USB drive" >> /usr/bin/$RESTORE_SCRIPT_NAME
@@ -3312,7 +3331,7 @@ function backup_to_friends_servers {
3312 3331
   echo 'fi' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
3313 3332
   echo '' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
3314 3333
 
3315
-  
3334
+
3316 3335
   if [[ $BACKUP_INCLUDES_DATABASES == "yes" ]]; then
3317 3336
       echo '# Mysql settings' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
3318 3337
       echo 'if [ ! -d $SERVER_DIRECTORY/backup/mariadb ]; then' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
@@ -3890,7 +3909,7 @@ function restore_from_friend {
3890 3909
   echo '  rm -rf /root/tempvoip' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
3891 3910
   echo 'fi' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
3892 3911
   echo '' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
3893
-  
3912
+
3894 3913
   echo 'if [ -d $SERVER_DIRECTORY/backup/mail ]; then' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
3895 3914
   echo '  echo "Restoring emails"' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
3896 3915
   echo '  mkdir /root/tempmail' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
@@ -4991,6 +5010,7 @@ function configure_email {
4991 5010
   # make a tls certificate for email
4992 5011
   if [ ! -f /etc/ssl/private/exim.key ]; then
4993 5012
       makecert exim
5013
+      check_certificates exim
4994 5014
   fi
4995 5015
   cp /etc/ssl/private/exim.key /etc/exim4
4996 5016
   cp /etc/ssl/certs/exim.crt /etc/exim4
@@ -5178,6 +5198,7 @@ function configure_imap {
5178 5198
 
5179 5199
   if [ ! -f /etc/ssl/private/dovecot.key ]; then
5180 5200
       makecert dovecot
5201
+      check_certificates dovecot
5181 5202
   fi
5182 5203
   chown root:dovecot /etc/ssl/certs/dovecot.*
5183 5204
   chown root:dovecot /etc/ssl/private/dovecot.*
@@ -6492,6 +6513,7 @@ quit" > $INSTALL_DIR/batch.sql
6492 6513
 
6493 6514
   if [ ! -f /etc/ssl/private/$OWNCLOUD_DOMAIN_NAME.key ]; then
6494 6515
       makecert $OWNCLOUD_DOMAIN_NAME
6516
+      check_certificates $OWNCLOUD_DOMAIN_NAME
6495 6517
   fi
6496 6518
 
6497 6519
   # Ensure that the database gets backed up locally, if remote
@@ -6568,6 +6590,7 @@ function install_xmpp {
6568 6590
 
6569 6591
   if [ ! -f "/etc/ssl/private/xmpp.key" ]; then
6570 6592
       makecert xmpp
6593
+      check_certificates xmpp
6571 6594
   fi
6572 6595
   chown prosody:prosody /etc/ssl/private/xmpp.key
6573 6596
   chown prosody:prosody /etc/ssl/certs/xmpp.*
@@ -6691,6 +6714,7 @@ function install_irc_server {
6691 6714
 
6692 6715
   if [ ! -f /etc/ssl/private/ngircd.key ]; then
6693 6716
       makecert ngircd
6717
+      check_certificates ngircd
6694 6718
   fi
6695 6719
 
6696 6720
   echo '**************************************************' > /etc/ngircd/motd
@@ -6779,6 +6803,7 @@ function install_wiki {
6779 6803
   fi
6780 6804
   if [ ! -f /etc/ssl/private/$WIKI_DOMAIN_NAME.key ]; then
6781 6805
       makecert $WIKI_DOMAIN_NAME
6806
+      check_certificates $WIKI_DOMAIN_NAME
6782 6807
   fi
6783 6808
 
6784 6809
   ln -s /usr/share/dokuwiki /var/www/$WIKI_DOMAIN_NAME/htdocs
@@ -7056,6 +7081,7 @@ function install_blog {
7056 7081
 
7057 7082
   if [ ! -f /etc/ssl/private/$FULLBLOG_DOMAIN_NAME.key ]; then
7058 7083
       makecert $FULLBLOG_DOMAIN_NAME
7084
+      check_certificates $FULLBLOG_DOMAIN_NAME
7059 7085
   fi
7060 7086
 
7061 7087
   echo 'server {' > /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
@@ -7415,6 +7441,7 @@ quit" > $INSTALL_DIR/batch.sql
7415 7441
 
7416 7442
   if [ ! -f /etc/ssl/private/$MICROBLOG_DOMAIN_NAME.key ]; then
7417 7443
       makecert $MICROBLOG_DOMAIN_NAME
7444
+      check_certificates $MICROBLOG_DOMAIN_NAME
7418 7445
   fi
7419 7446
 
7420 7447
   # Ensure that the database gets backed up locally, if remote
@@ -7686,6 +7713,7 @@ quit" > $INSTALL_DIR/batch.sql
7686 7713
 
7687 7714
   if [ ! -f /etc/ssl/private/$REDMATRIX_DOMAIN_NAME.key ]; then
7688 7715
       makecert $REDMATRIX_DOMAIN_NAME
7716
+      check_certificates $REDMATRIX_DOMAIN_NAME
7689 7717
   fi
7690 7718
 
7691 7719
   if [ ! -d /var/www/$REDMATRIX_DOMAIN_NAME/htdocs/view/tpl/smarty3 ]; then
@@ -8585,6 +8613,7 @@ function install_voip {
8585 8613
   # Make an ssl cert for the server
8586 8614
   if [ ! -f /etc/ssl/certs/mumble.crt ]; then
8587 8615
       makecert mumble
8616
+      check_certificates mumble
8588 8617
   fi
8589 8618
 
8590 8619
   # Check that the cert was created