free
/
freedombone
关注 1
点赞 0
派生 0
代码 工单 0 合并请求 0 版本发布 0 百科 动态
浏览代码

Check that certificates are created

Bob Mottram 10 年前
父节点
da8e8eca55
当前提交
2ebf7f902a
共有 1 个文件被更改,包括 32 次插入3 次删除
分列视图 显示文件统计
  1. 32
    3
      src/freedombone

+ 32
- 3
src/freedombone 查看文件 

@@ -1225,6 +1225,25 @@ function read_configuration {
1225 1225 
   fi
1226 1226 
 }
1227 1227
1228 
+# Checks whether certificates were generated for the given hostname
1229 
+function check_certificates {
1230 
+  if [ ! $1 ]; then
1231 
+      return
1232 
+  fi
1233 
+  if [ ! -f /etc/ssl/private/$1.key ]; then
1234 
+      echo "Private certificate for $CHECK_HOSTNAME was not created"
1235 
+      exit 63959
1236 
+  fi
1237 
+  if [ ! -f /etc/ssl/certs/$1.crt ]; then
1238 
+      echo "Public certificate for $CHECK_HOSTNAME was not created"
1239 
+      exit 7679
1240 
+  fi
1241 
+  if [ ! -f /etc/ssl/certs/$1.dhparam ]; then
1242 
+      echo "Diffie–Hellman parameters for $CHECK_HOSTNAME were not created"
1243 
+      exit 5989
1244 
+  fi
1245 
+}
1246 
+
1228 1247 
 function install_not_on_BBB {
1229 1248 
   if grep -Fxq "install_not_on_BBB" $COMPLETION_FILE; then
1230 1249 
       return
 
@@ -2736,7 +2755,7 @@ function create_restore_script {
2736 2755 
   echo '  rm -rf /root/tempvoip' >> /usr/bin/$RESTORE_SCRIPT_NAME
2737 2756 
   echo 'fi' >> /usr/bin/$RESTORE_SCRIPT_NAME
2738 2757 
   echo '' >> /usr/bin/$RESTORE_SCRIPT_NAME
2739 
-
2758 
+
2740 2759 
   echo 'sync' >> /usr/bin/$RESTORE_SCRIPT_NAME
2741 2760 
   echo '' >> /usr/bin/$RESTORE_SCRIPT_NAME
2742 2761 
   echo "# Unmount the USB drive" >> /usr/bin/$RESTORE_SCRIPT_NAME
 
@@ -3312,7 +3331,7 @@ function backup_to_friends_servers {
3312 3331 
   echo 'fi' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
3313 3332 
   echo '' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
3314 3333
3315 
-
3334 
+
3316 3335 
   if [[ $BACKUP_INCLUDES_DATABASES == "yes" ]]; then
3317 3336 
       echo '# Mysql settings' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
3318 3337 
       echo 'if [ ! -d $SERVER_DIRECTORY/backup/mariadb ]; then' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
 
@@ -3890,7 +3909,7 @@ function restore_from_friend {
3890 3909 
   echo '  rm -rf /root/tempvoip' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
3891 3910 
   echo 'fi' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
3892 3911 
   echo '' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
3893 
-
3912 
+
3894 3913 
   echo 'if [ -d $SERVER_DIRECTORY/backup/mail ]; then' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
3895 3914 
   echo '  echo "Restoring emails"' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
3896 3915 
   echo '  mkdir /root/tempmail' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
 
@@ -4991,6 +5010,7 @@ function configure_email {
4991 5010 
   # make a tls certificate for email
4992 5011 
   if [ ! -f /etc/ssl/private/exim.key ]; then
4993 5012 
       makecert exim
5013 
+      check_certificates exim
4994 5014 
   fi
4995 5015 
   cp /etc/ssl/private/exim.key /etc/exim4
4996 5016 
   cp /etc/ssl/certs/exim.crt /etc/exim4
 
@@ -5178,6 +5198,7 @@ function configure_imap {
5178 5198
5179 5199 
   if [ ! -f /etc/ssl/private/dovecot.key ]; then
5180 5200 
       makecert dovecot
5201 
+      check_certificates dovecot
5181 5202 
   fi
5182 5203 
   chown root:dovecot /etc/ssl/certs/dovecot.*
5183 5204 
   chown root:dovecot /etc/ssl/private/dovecot.*
 
@@ -6492,6 +6513,7 @@ quit" > $INSTALL_DIR/batch.sql
6492 6513
6493 6514 
   if [ ! -f /etc/ssl/private/$OWNCLOUD_DOMAIN_NAME.key ]; then
6494 6515 
       makecert $OWNCLOUD_DOMAIN_NAME
6516 
+      check_certificates $OWNCLOUD_DOMAIN_NAME
6495 6517 
   fi
6496 6518
6497 6519 
   # Ensure that the database gets backed up locally, if remote
 
@@ -6568,6 +6590,7 @@ function install_xmpp {
6568 6590
6569 6591 
   if [ ! -f "/etc/ssl/private/xmpp.key" ]; then
6570 6592 
       makecert xmpp
6593 
+      check_certificates xmpp
6571 6594 
   fi
6572 6595 
   chown prosody:prosody /etc/ssl/private/xmpp.key
6573 6596 
   chown prosody:prosody /etc/ssl/certs/xmpp.*
 
@@ -6691,6 +6714,7 @@ function install_irc_server {
6691 6714
6692 6715 
   if [ ! -f /etc/ssl/private/ngircd.key ]; then
6693 6716 
       makecert ngircd
6717 
+      check_certificates ngircd
6694 6718 
   fi
6695 6719
6696 6720 
   echo '**************************************************' > /etc/ngircd/motd
 
@@ -6779,6 +6803,7 @@ function install_wiki {
6779 6803 
   fi
6780 6804 
   if [ ! -f /etc/ssl/private/$WIKI_DOMAIN_NAME.key ]; then
6781 6805 
       makecert $WIKI_DOMAIN_NAME
6806 
+      check_certificates $WIKI_DOMAIN_NAME
6782 6807 
   fi
6783 6808
6784 6809 
   ln -s /usr/share/dokuwiki /var/www/$WIKI_DOMAIN_NAME/htdocs
 
@@ -7056,6 +7081,7 @@ function install_blog {
7056 7081
7057 7082 
   if [ ! -f /etc/ssl/private/$FULLBLOG_DOMAIN_NAME.key ]; then
7058 7083 
       makecert $FULLBLOG_DOMAIN_NAME
7084 
+      check_certificates $FULLBLOG_DOMAIN_NAME
7059 7085 
   fi
7060 7086
7061 7087 
   echo 'server {' > /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
 
@@ -7415,6 +7441,7 @@ quit" > $INSTALL_DIR/batch.sql
7415 7441
7416 7442 
   if [ ! -f /etc/ssl/private/$MICROBLOG_DOMAIN_NAME.key ]; then
7417 7443 
       makecert $MICROBLOG_DOMAIN_NAME
7444 
+      check_certificates $MICROBLOG_DOMAIN_NAME
7418 7445 
   fi
7419 7446
7420 7447 
   # Ensure that the database gets backed up locally, if remote
 
@@ -7686,6 +7713,7 @@ quit" > $INSTALL_DIR/batch.sql
7686 7713
7687 7714 
   if [ ! -f /etc/ssl/private/$REDMATRIX_DOMAIN_NAME.key ]; then
7688 7715 
       makecert $REDMATRIX_DOMAIN_NAME
7716 
+      check_certificates $REDMATRIX_DOMAIN_NAME
7689 7717 
   fi
7690 7718
7691 7719 
   if [ ! -d /var/www/$REDMATRIX_DOMAIN_NAME/htdocs/view/tpl/smarty3 ]; then
 
@@ -8585,6 +8613,7 @@ function install_voip {
8585 8613 
   # Make an ssl cert for the server
8586 8614 
   if [ ! -f /etc/ssl/certs/mumble.crt ]; then
8587 8615 
       makecert mumble
8616 
+      check_certificates mumble
8588 8617 
   fi
8589 8618
8590 8619 
   # Check that the cert was created