il y a 8 ans · 4c3fb79caf
--- a/src/freedombone-app-mailpile
+++ b/src/freedombone-app-mailpile
 
															     adduser --system --home=/var/www/$MAILPILE_DOMAIN_NAME/mail/ --group mailpile
														
 
															     adduser mailpile debian-tor
														
 
															+    adduser mailpile www-data
														
 
															     chown -R mailpile: /var/www/$MAILPILE_DOMAIN_NAME/mail/
														
 
															     # create folders and tags
														
 
															     disable_email_encryption_at_rest
														
 
															+    # if strict https is enforced then buttons don't work. This is probably a security bug
														
 
															+    sed -i "s/Content-Security-Policy/d" $mailpile_nginx_site
														
 
															+
														
 
															     systemctl enable mailpile
														
 
															     systemctl daemon-reload
														
 
															     systemctl start mailpile
														
--- a/src/freedombone-base-email
+++ b/src/freedombone-base-email
 
															     sed -i 's|#ssl =.*|ssl = required|g' /etc/dovecot/conf.d/10-ssl.conf
														
 
															     sed -i 's|ssl =.*|ssl = required|g' /etc/dovecot/conf.d/10-ssl.conf
														
 
															     if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
														
 
															-        sed -i "s|#ssl_cert =.*|ssl_cert = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
														
 
															-        sed -i "s|ssl_cert =.*|ssl_cert = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
														
 
															+        sed -i "s|#ssl_cert =.*|ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
														
 
															+        sed -i "s|ssl_cert =.*|ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
														
 
															     else
														
 
															-        sed -i "s|#ssl_cert =.*|ssl_cert = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt|g" /etc/dovecot/conf.d/10-ssl.conf
														
 
															-        sed -i "s|ssl_cert =.*|ssl_cert = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt|g" /etc/dovecot/conf.d/10-ssl.conf
														
 
															+        sed -i "s|#ssl_cert =.*|ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt|g" /etc/dovecot/conf.d/10-ssl.conf
														
 
															+        sed -i "s|ssl_cert =.*|ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt|g" /etc/dovecot/conf.d/10-ssl.conf
														
 
															     fi
														
 
															-    sed -i "s|#ssl_key =.*|ssl_key = /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/dovecot/conf.d/10-ssl.conf
														
 
															-    sed -i "s|ssl_key =.*|ssl_key = /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/dovecot/conf.d/10-ssl.conf
														
 
															+    sed -i "s|#ssl_key =.*|ssl_key = </etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/dovecot/conf.d/10-ssl.conf
														
 
															+    sed -i "s|ssl_key =.*|ssl_key = </etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/dovecot/conf.d/10-ssl.conf
														
 
															     if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME})" == "1" ]]; then
														
 
															         sed -i "s|#ssl_dh_parameters_length.*|ssl_dh_parameters_length = ${DH_KEYLENGTH}|g" /etc/dovecot/conf.d/10-ssl.conf
														
 
															     fi