|
@@ -46,6 +46,16 @@ keyserver_variables=(ONION_ONLY
|
46
|
46
|
KEYSERVER_DOMAIN_NAME
|
47
|
47
|
KEYSERVER_CODE)
|
48
|
48
|
|
|
49
|
+function configure_firewall_for_keyserver {
|
|
50
|
+ if [[ $ONION_ONLY != "no" ]]; then
|
|
51
|
+ return
|
|
52
|
+ fi
|
|
53
|
+ firewall_add keyserver 11370 tcp
|
|
54
|
+ firewall_add keyserver 11371 tcp
|
|
55
|
+ firewall_add keyserver 11372 tcp
|
|
56
|
+ mark_completed $FUNCNAME
|
|
57
|
+}
|
|
58
|
+
|
49
|
59
|
function logging_on_keyserver {
|
50
|
60
|
echo -n ''
|
51
|
61
|
}
|
|
@@ -133,6 +143,10 @@ function remove_keyserver {
|
133
|
143
|
remove_onion_service keyserver ${KEYSERVER_ONION_PORT}
|
134
|
144
|
remove_completion_param "install_keyserver"
|
135
|
145
|
|
|
146
|
+ firewall_remove 11370 tcp
|
|
147
|
+ firewall_remove 11371 tcp
|
|
148
|
+ firewall_remove 11372 tcp
|
|
149
|
+
|
136
|
150
|
sed -i '/keyserver/d' $COMPLETION_FILE
|
137
|
151
|
if [ -d /var/lib/sks ]; then
|
138
|
152
|
rm -rf /var/lib/sks
|
|
@@ -373,6 +387,8 @@ function install_keyserver {
|
373
|
387
|
function_check nginx_ensite
|
374
|
388
|
nginx_ensite $KEYSERVER_DOMAIN_NAME
|
375
|
389
|
|
|
390
|
+ configure_firewall_for_keyserver
|
|
391
|
+
|
376
|
392
|
systemctl restart nginx
|
377
|
393
|
|
378
|
394
|
set_completion_param "keyserver domain" "$KEYSERVER_DOMAIN_NAME"
|