free
/
freedombone
Tarkkaile 1
Äänestä 0
Fork 0
Koodi Ongelmat 0 Pull-pyynnöt 0 Julkaisut 0 Wiki Activity
Selaa lähdekoodia

Permissions and certs for prosody

Bob Mottram 8 vuotta sitten
vanhempi
1a3b57b0f0
commit
6a176f021e
2 muutettua tiedostoa jossa 17 lisäystä ja 3 poistoa
Yhdistetty näkymä Näytä diff tilastot
  1. 10
    2
      src/freedombone-app-xmpp
  2. 7
    1
      src/freedombone-utils-web

+ 10
- 2
src/freedombone-app-xmpp Näytä tiedosto

371 
     chown root:default /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.*
 371 
     chown root:default /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.*
372
372
373 
     cp -a /etc/prosody/conf.avail/example.com.cfg.lua /etc/prosody/conf.avail/xmpp.cfg.lua
 373 
     cp -a /etc/prosody/conf.avail/example.com.cfg.lua /etc/prosody/conf.avail/xmpp.cfg.lua
374 
+    if [ ! -d /etc/prosody/certs ]; then
375 
+        mkdir /etc/prosody/certs
376 
+    fi
374
377
375 
     if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
 378 
     if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
376 
         sed -i "s|/etc/prosody/certs/example.com.key|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua
 379 
         sed -i "s|/etc/prosody/certs/example.com.key|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua
474 
     fi
 477 
     fi
475 
     sed -i "s/example.com/$DEFAULT_DOMAIN_NAME/g" /etc/prosody/prosody.cfg.lua
 478 
     sed -i "s/example.com/$DEFAULT_DOMAIN_NAME/g" /etc/prosody/prosody.cfg.lua
476
479
477 
-    update_default_domain
478 
-
479 
     if [ ! -d /var/lib/tor ]; then
 480 
     if [ ! -d /var/lib/tor ]; then
480 
         echo $'No Tor installation found. xmpp onion site cannot be configured.'
 481 
         echo $'No Tor installation found. xmpp onion site cannot be configured.'
481 
         exit 877367
 482 
         exit 877367
517 
     configure_firewall_for_xmpp
 518 
     configure_firewall_for_xmpp
518 
     xmpp_email_headers
 519 
     xmpp_email_headers
519
520
521 
+    cp /etc/ssl/certs/xmpp.* /etc/prosody/certs
522 
+    cp /etc/ssl/private/xmpp.* /etc/prosody/certs
523 
+    chown -R prosody:default /etc/prosody
524 
+    update_default_domain
525 
+
526 
+    systemctl restart prosody
527 
+
520 
     install_completed xmpp_main
 528 
     install_completed xmpp_main
521 
 }
 529 
 }
522
530

+ 7
- 1
src/freedombone-utils-web Näytä tiedosto

714 
             cp /etc/ssl/private/${DEFAULT_DOMAIN_NAME}* /etc/prosody/certs
 714 
             cp /etc/ssl/private/${DEFAULT_DOMAIN_NAME}* /etc/prosody/certs
715 
             cp /etc/ssl/certs/xmpp* /etc/prosody/certs
 715 
             cp /etc/ssl/certs/xmpp* /etc/prosody/certs
716 
             cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}* /etc/prosody/certs
 716 
             cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}* /etc/prosody/certs
717 
+            if [ ! -f /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.dhparam ]; then
718 
+                if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam ]; then
719 
+                    cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.dhparam
720 
+                fi
721 
+            fi
717 
             if [ ! /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
 722 
             if [ ! /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
718 
                 if [ ! /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.crt ]; then
 723 
                 if [ ! /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.crt ]; then
719 
                     mv /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.crt /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem
 724 
                     mv /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.crt /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem
725 
                 sed -i "s|/etc/prosody/certs/xmpp.key|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/prosody.cfg.lua
 730 
                 sed -i "s|/etc/prosody/certs/xmpp.key|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/prosody.cfg.lua
726 
                 sed -i "s|/etc/prosody/certs/xmpp.crt|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/prosody.cfg.lua
 731 
                 sed -i "s|/etc/prosody/certs/xmpp.crt|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/prosody.cfg.lua
727 
             fi
 732 
             fi
728 
-            chown -R prosody:prosody /etc/prosody
733 
+            chown -R prosody:default /etc/prosody
729 
             chmod -R 700 /etc/prosody/certs/*
 734 
             chmod -R 700 /etc/prosody/certs/*
735 
+            chmod 600 /etc/prosody/prosody.cfg.lua
730 
             systemctl reload prosody
 736 
             systemctl reload prosody
731 
         fi
 737 
         fi
732
738