free
/
freedombone
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Fixing keyserver

Bob Mottram 8 years ago
parent
8c12c0f195
commit
342b1fc328
1 changed files with 34 additions and 8 deletions
Unified View Show Diff Stats
  1. 34
    8
      src/freedombone-app-keyserver

+ 34
- 8
src/freedombone-app-keyserver View File

346 
     sed -i "s|recon_port:.*|recon_port: 11370|g" $sksconf_file
 346 
     sed -i "s|recon_port:.*|recon_port: 11370|g" $sksconf_file
347 
     sed -i "s|#recon_address:.*|recon_address: 0.0.0.0|g" $sksconf_file
 347 
     sed -i "s|#recon_address:.*|recon_address: 0.0.0.0|g" $sksconf_file
348 
     sed -i "s|recon_address:.*|recon_address: 0.0.0.0|g" $sksconf_file
 348 
     sed -i "s|recon_address:.*|recon_address: 0.0.0.0|g" $sksconf_file
349 
-    sed -i 's|#hkp_address:.*|hkp_address: 0.0.0.0|g' $sksconf_file
350 
-    sed -i 's|hkp_address:.*|hkp_address: 0.0.0.0|g' $sksconf_file
349 
+    sed -i 's|#hkp_address:.*|hkp_address: 127.0.0.1|g' $sksconf_file
350 
+    sed -i 's|hkp_address:.*|hkp_address: 127.0.0.1|g' $sksconf_file
351 
+
352 
+    if ! grep -q "disable_mailsync" $sksconf_file; then
353 
+        echo 'disable_mailsync:' >> $sksconf_file
354 
+    else
355 
+        sed -i 's|#disable_mailsync:|disable_mailsync:|g' $sksconf_file
356 
+    fi
357 
+    if ! grep -q "membership_reload_interval:" $sksconf_file; then
358 
+        echo 'membership_reload_interval:     1' >> $sksconf_file
359 
+    else
360 
+        sed -i 's|#membership_reload_interval:.*|membership_reload_interval:     1|g' $sksconf_file
361 
+        sed -i 's|membership_reload_interval:.*|membership_reload_interval:     1|g' $sksconf_file
362 
+    fi
351 
     chown debian-sks: $sksconf_file
 363 
     chown debian-sks: $sksconf_file
352
364
353 
     if ! grep -q "hidden_service_sks" /etc/tor/torrc; then
 365 
     if ! grep -q "hidden_service_sks" /etc/tor/torrc; then
354 
         echo 'HiddenServiceDir /var/lib/tor/hidden_service_sks/' >> /etc/tor/torrc
 366 
         echo 'HiddenServiceDir /var/lib/tor/hidden_service_sks/' >> /etc/tor/torrc
355 
         echo "HiddenServicePort 11370 127.0.0.1:11370" >> /etc/tor/torrc
 367 
         echo "HiddenServicePort 11370 127.0.0.1:11370" >> /etc/tor/torrc
356 
-        echo "HiddenServicePort 11371 127.0.0.1:11373" >> /etc/tor/torrc
368 
+        echo "HiddenServicePort 11373 127.0.0.1:11371" >> /etc/tor/torrc
357 
         echo "HiddenServicePort 11372 127.0.0.1:11372" >> /etc/tor/torrc
 369 
         echo "HiddenServicePort 11372 127.0.0.1:11372" >> /etc/tor/torrc
358 
         echo $'Added onion site for sks'
 370 
         echo $'Added onion site for sks'
359 
     fi
 371 
     fi
375 
         nginx_http_redirect $KEYSERVER_DOMAIN_NAME
 387 
         nginx_http_redirect $KEYSERVER_DOMAIN_NAME
376 
         echo 'server {' >> $keyserver_nginx_site
 388 
         echo 'server {' >> $keyserver_nginx_site
377 
         echo '  listen 443 ssl;' >> $keyserver_nginx_site
 389 
         echo '  listen 443 ssl;' >> $keyserver_nginx_site
378 
-        echo '  listen 11372 ssl;' >> $keyserver_nginx_site
390 
+        echo '  listen 0.0.0.0:11372 ssl;' >> $keyserver_nginx_site
379 
         echo '  listen [::]:443 ssl;' >> $keyserver_nginx_site
 391 
         echo '  listen [::]:443 ssl;' >> $keyserver_nginx_site
380 
         echo "  server_name $KEYSERVER_DOMAIN_NAME;" >> $keyserver_nginx_site
 392 
         echo "  server_name $KEYSERVER_DOMAIN_NAME;" >> $keyserver_nginx_site
381 
         echo '' >> $keyserver_nginx_site
 393 
         echo '' >> $keyserver_nginx_site
394 
+        echo '  error_page 404 /404.html;' >> $keyserver_nginx_site
395 
+        echo '' >> $keyserver_nginx_site
396 
+        echo '  location ~ (.git|LICENSE|readme.md) {' >> $keyserver_nginx_site
397 
+        echo '    deny all;' >> $keyserver_nginx_site
398 
+        echo '    return 404;' >> $keyserver_nginx_site
399 
+        echo '  }' >> $keyserver_nginx_site
400 
+        echo '' >> $keyserver_nginx_site
382 
         echo '  # Security' >> $keyserver_nginx_site
 401 
         echo '  # Security' >> $keyserver_nginx_site
383 
         function_check nginx_ssl
 402 
         function_check nginx_ssl
384 
         nginx_ssl $KEYSERVER_DOMAIN_NAME
 403 
         nginx_ssl $KEYSERVER_DOMAIN_NAME
407 
         echo '  location /pks {' >> $keyserver_nginx_site
 426 
         echo '  location /pks {' >> $keyserver_nginx_site
408 
         echo "    proxy_pass         http://127.0.0.1:11373;" >> $keyserver_nginx_site
 427 
         echo "    proxy_pass         http://127.0.0.1:11373;" >> $keyserver_nginx_site
409 
         echo '    proxy_pass_header  Server;' >> $keyserver_nginx_site
 428 
         echo '    proxy_pass_header  Server;' >> $keyserver_nginx_site
410 
-        echo "    add_header         Via \"1.1 $KEYSERVER_DOMAIN_NAME:11373 (nginx)\";" >> $keyserver_nginx_site
429 
+        echo "    add_header         Via \"1.1 $KEYSERVER_DOMAIN_NAME:11372 (nginx)\";" >> $keyserver_nginx_site
411 
         echo '    proxy_ignore_client_abort on;' >> $keyserver_nginx_site
 430 
         echo '    proxy_ignore_client_abort on;' >> $keyserver_nginx_site
412 
         echo '    client_max_body_size 8m;' >> $keyserver_nginx_site
 431 
         echo '    client_max_body_size 8m;' >> $keyserver_nginx_site
413 
         echo '  }' >> $keyserver_nginx_site
 432 
         echo '  }' >> $keyserver_nginx_site
417 
         echo -n '' > $keyserver_nginx_site
 436 
         echo -n '' > $keyserver_nginx_site
418 
     fi
 437 
     fi
419 
     echo 'server {' >> $keyserver_nginx_site
 438 
     echo 'server {' >> $keyserver_nginx_site
420 
-    echo "    listen 127.0.0.1:$KEYSERVER_ONION_PORT default_server;" >> $keyserver_nginx_site
421 
-    echo "    server_name $KEYSERVER_ONION_HOSTNAME;" >> $keyserver_nginx_site
439 
+    echo "  listen 127.0.0.1:$KEYSERVER_ONION_PORT default_server;" >> $keyserver_nginx_site
440 
+    echo "  server_name $KEYSERVER_ONION_HOSTNAME;" >> $keyserver_nginx_site
441 
+    echo '' >> $keyserver_nginx_site
442 
+    echo '  error_page 404 /404.html;' >> $keyserver_nginx_site
443 
+    echo '' >> $keyserver_nginx_site
444 
+    echo '  location ~ (.git|LICENSE|readme.md) {' >> $keyserver_nginx_site
445 
+    echo '    deny all;' >> $keyserver_nginx_site
446 
+    echo '    return 404;' >> $keyserver_nginx_site
447 
+    echo '  }' >> $keyserver_nginx_site
422 
     echo '' >> $keyserver_nginx_site
 448 
     echo '' >> $keyserver_nginx_site
423 
     function_check nginx_disable_sniffing
 449 
     function_check nginx_disable_sniffing
424 
     nginx_disable_sniffing $KEYSERVER_DOMAIN_NAME
 450 
     nginx_disable_sniffing $KEYSERVER_DOMAIN_NAME
441 
     echo '  location /pks {' >> $keyserver_nginx_site
 467 
     echo '  location /pks {' >> $keyserver_nginx_site
442 
     echo "    proxy_pass         http://127.0.0.1:11373;" >> $keyserver_nginx_site
 468 
     echo "    proxy_pass         http://127.0.0.1:11373;" >> $keyserver_nginx_site
443 
     echo '    proxy_pass_header  Server;' >> $keyserver_nginx_site
 469 
     echo '    proxy_pass_header  Server;' >> $keyserver_nginx_site
444 
-    echo "    add_header         Via \"1.1 $KEYSERVER_DOMAIN_NAME:11373 (nginx)\";" >> $keyserver_nginx_site
470 
+    echo "    add_header         Via \"1.1 $KEYSERVER_DOMAIN_NAME:$KEYSERVER_ONION_PORT (nginx)\";" >> $keyserver_nginx_site
445 
     echo '    proxy_ignore_client_abort on;' >> $keyserver_nginx_site
 471 
     echo '    proxy_ignore_client_abort on;' >> $keyserver_nginx_site
446 
     echo '    client_max_body_size 8m;' >> $keyserver_nginx_site
 472 
     echo '    client_max_body_size 8m;' >> $keyserver_nginx_site
447 
     echo '  }' >> $keyserver_nginx_site
 473 
     echo '  }' >> $keyserver_nginx_site