|
|
@@ -1285,24 +1285,11 @@ function configure_imap {
|
|
1285
|
1285
|
exit 48
|
|
1286
|
1286
|
fi
|
|
1287
|
1287
|
|
|
1288
|
|
- if [[ $ONION_ONLY == 'no' ]]; then
|
|
1289
|
|
- # obtain a cert for the default domain
|
|
1290
|
|
- if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "0" ]]; then
|
|
1291
|
|
- echo $'Obtaining certificate for the main domain'
|
|
1292
|
|
- create_site_certificate ${DEFAULT_DOMAIN_NAME} 'yes'
|
|
1293
|
|
- fi
|
|
1294
|
|
- else
|
|
|
1288
|
+ if [[ "$(cert_exists dovecot)" == "0" ]]; then
|
|
1295
|
1289
|
${PROJECT_NAME}-addcert -h dovecot --dhkey $DH_KEYLENGTH
|
|
1296
|
1290
|
check_certificates dovecot
|
|
1297
|
1291
|
fi
|
|
1298
|
1292
|
|
|
1299
|
|
- if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "0" ]]; then
|
|
1300
|
|
- if [[ "$(cert_exists dovecot)" == "0" ]]; then
|
|
1301
|
|
- ${PROJECT_NAME}-addcert -h dovecot --dhkey $DH_KEYLENGTH
|
|
1302
|
|
- check_certificates dovecot
|
|
1303
|
|
- fi
|
|
1304
|
|
- fi
|
|
1305
|
|
-
|
|
1306
|
1293
|
chmod 600 /etc/shadow
|
|
1307
|
1294
|
chmod 600 /etc/gshadow
|
|
1308
|
1295
|
groupadd default
|
|
|
@@ -1321,25 +1308,11 @@ function configure_imap {
|
|
1321
|
1308
|
fi
|
|
1322
|
1309
|
sed -i 's|#ssl =.*|ssl = required|g' /etc/dovecot/conf.d/10-ssl.conf
|
|
1323
|
1310
|
sed -i 's|ssl =.*|ssl = required|g' /etc/dovecot/conf.d/10-ssl.conf
|
|
1324
|
|
- if [[ $ONION_ONLY == 'no' ]]; then
|
|
1325
|
|
- if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
|
|
1326
|
|
- sed -i "s|#ssl_cert =.*|ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
|
|
1327
|
|
- sed -i "s|ssl_cert =.*|ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
|
|
1328
|
|
- else
|
|
1329
|
|
- sed -i "s|#ssl_cert =.*|ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt|g" /etc/dovecot/conf.d/10-ssl.conf
|
|
1330
|
|
- sed -i "s|ssl_cert =.*|ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt|g" /etc/dovecot/conf.d/10-ssl.conf
|
|
1331
|
|
- fi
|
|
1332
|
|
- sed -i "s|#ssl_key =.*|ssl_key = </etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/dovecot/conf.d/10-ssl.conf
|
|
1333
|
|
- sed -i "s|ssl_key =.*|ssl_key = </etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/dovecot/conf.d/10-ssl.conf
|
|
1334
|
|
- else
|
|
1335
|
|
- sed -i "s|#ssl_cert =.*|ssl_cert = </etc/ssl/certs/dovecot.crt|g" /etc/dovecot/conf.d/10-ssl.conf
|
|
1336
|
|
- sed -i "s|ssl_cert =.*|ssl_cert = </etc/ssl/certs/dovecot.crt|g" /etc/dovecot/conf.d/10-ssl.conf
|
|
1337
|
|
- sed -i "s|#ssl_key =.*|ssl_key = </etc/ssl/private/dovecot.key|g" /etc/dovecot/conf.d/10-ssl.conf
|
|
1338
|
|
- sed -i "s|ssl_key =.*|ssl_key = </etc/ssl/private/dovecot.key|g" /etc/dovecot/conf.d/10-ssl.conf
|
|
1339
|
|
- fi
|
|
1340
|
|
- if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME})" == "1" ]]; then
|
|
1341
|
|
- sed -i "s|#ssl_dh_parameters_length.*|ssl_dh_parameters_length = ${DH_KEYLENGTH}|g" /etc/dovecot/conf.d/10-ssl.conf
|
|
1342
|
|
- fi
|
|
|
1311
|
+ sed -i "s|#ssl_cert =.*|ssl_cert = </etc/ssl/certs/dovecot.crt|g" /etc/dovecot/conf.d/10-ssl.conf
|
|
|
1312
|
+ sed -i "s|ssl_cert =.*|ssl_cert = </etc/ssl/certs/dovecot.crt|g" /etc/dovecot/conf.d/10-ssl.conf
|
|
|
1313
|
+ sed -i "s|#ssl_key =.*|ssl_key = </etc/ssl/private/dovecot.key|g" /etc/dovecot/conf.d/10-ssl.conf
|
|
|
1314
|
+ sed -i "s|ssl_key =.*|ssl_key = </etc/ssl/private/dovecot.key|g" /etc/dovecot/conf.d/10-ssl.conf
|
|
|
1315
|
+ sed -i "s|#ssl_dh_parameters_length.*|ssl_dh_parameters_length = ${DH_KEYLENGTH}|g" /etc/dovecot/conf.d/10-ssl.conf
|
|
1343
|
1316
|
sed -i 's/#ssl_prefer_server_ciphers.*/ssl_prefer_server_ciphers = yes/g' /etc/dovecot/conf.d/10-ssl.conf
|
|
1344
|
1317
|
sed -i "s|#ssl_protocols =.*|ssl_protocols = '$SSL_PROTOCOLS'|g" /etc/dovecot/conf.d/10-ssl.conf
|
|
1345
|
1318
|
sed -i "s|ssl_protocols =.*|ssl_protocols = '$SSL_PROTOCOLS'|g" /etc/dovecot/conf.d/10-ssl.conf
|
Bob Mottram
7 年 前