|
@@ -46,7 +46,8 @@ xmpp_variables=(ONION_ONLY
|
46
|
46
|
XMPP_ECC_CURVE
|
47
|
47
|
XMPP_ECC_CURVE
|
48
|
48
|
MY_USERNAME
|
49
|
|
- DEFAULT_DOMAIN_NAME)
|
|
49
|
+ DEFAULT_DOMAIN_NAME
|
|
50
|
+ XMPP_DOMAIN_CODE)
|
50
|
51
|
|
51
|
52
|
function remove_user_xmpp {
|
52
|
53
|
remove_username="$1"
|
|
@@ -312,7 +313,7 @@ function install_xmpp_main {
|
312
|
313
|
|
313
|
314
|
if [ ! -d /etc/prosody ]; then
|
314
|
315
|
echo $"ERROR: prosody does not appear to have installed. $CHECK_MESSAGE"
|
315
|
|
- exit 52
|
|
316
|
+ exit 52367
|
316
|
317
|
fi
|
317
|
318
|
|
318
|
319
|
# obtain the prosody modules
|
|
@@ -331,18 +332,29 @@ function install_xmpp_main {
|
331
|
332
|
fi
|
332
|
333
|
|
333
|
334
|
# create a certificate
|
334
|
|
- if [ ! -f /etc/ssl/certs/xmpp.dhparam ]; then
|
335
|
|
- ${PROJECT_NAME}-addcert -h xmpp --dhkey $DH_KEYLENGTH
|
336
|
|
- check_certificates xmpp
|
|
335
|
+ if [ ! -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
|
336
|
+ if [ ! -f /etc/ssl/certs/xmpp.dhparam ]; then
|
|
337
|
+ ${PROJECT_NAME}-addcert -h xmpp --dhkey $DH_KEYLENGTH
|
|
338
|
+ check_certificates xmpp
|
|
339
|
+ fi
|
337
|
340
|
fi
|
338
|
341
|
chown prosody:prosody /etc/ssl/private/xmpp.key
|
339
|
342
|
chown prosody:prosody /etc/ssl/certs/xmpp.*
|
340
|
343
|
cp -a /etc/prosody/conf.avail/example.com.cfg.lua /etc/prosody/conf.avail/xmpp.cfg.lua
|
341
|
344
|
|
342
|
|
- sed -i 's|/etc/prosody/certs/example.com.key|/etc/ssl/private/xmpp.key|g' /etc/prosody/conf.avail/xmpp.cfg.lua
|
343
|
|
- sed -i 's|/etc/prosody/certs/example.com.crt|/etc/ssl/certs/xmpp.crt|g' /etc/prosody/conf.avail/xmpp.cfg.lua
|
|
345
|
+ if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
|
346
|
+ sed -i "s|/etc/prosody/certs/example.com.key|/etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
|
347
|
+ sed -i "s|/etc/prosody/certs/example.com.crt|/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
|
348
|
+ else
|
|
349
|
+ sed -i 's|/etc/prosody/certs/example.com.key|/etc/ssl/private/xmpp.key|g' /etc/prosody/conf.avail/xmpp.cfg.lua
|
|
350
|
+ sed -i 's|/etc/prosody/certs/example.com.crt|/etc/ssl/certs/xmpp.crt|g' /etc/prosody/conf.avail/xmpp.cfg.lua
|
|
351
|
+ fi
|
344
|
352
|
if ! grep -q "xmpp.dhparam" /etc/prosody/conf.avail/xmpp.cfg.lua; then
|
345
|
|
- sed -i '/certificate =/a\ dhparam = "/etc/ssl/certs/xmpp.dhparam";' /etc/prosody/conf.avail/xmpp.cfg.lua
|
|
353
|
+ if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam ]; then
|
|
354
|
+ sed -i "/certificate =/a\ dhparam = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam\";" /etc/prosody/conf.avail/xmpp.cfg.lua
|
|
355
|
+ else
|
|
356
|
+ sed -i '/certificate =/a\ dhparam = "/etc/ssl/certs/xmpp.dhparam";' /etc/prosody/conf.avail/xmpp.cfg.lua
|
|
357
|
+ fi
|
346
|
358
|
fi
|
347
|
359
|
if ! grep -q 'options = {"no_sslv2", "no_sslv3" }' /etc/prosody/conf.avail/xmpp.cfg.lua; then
|
348
|
360
|
sed -i '/certificate =/a\ options = {"no_sslv2", "no_sslv3" };' /etc/prosody/conf.avail/xmpp.cfg.lua
|
|
@@ -386,10 +398,19 @@ function install_xmpp_main {
|
386
|
398
|
fi
|
387
|
399
|
ln -sf /etc/prosody/conf.avail/xmpp.cfg.lua /etc/prosody/conf.d/xmpp.cfg.lua
|
388
|
400
|
|
389
|
|
- sed -i 's|/etc/prosody/certs/localhost.key|/etc/ssl/private/xmpp.key|g' /etc/prosody/prosody.cfg.lua
|
390
|
|
- sed -i 's|/etc/prosody/certs/localhost.crt|/etc/ssl/certs/xmpp.crt|g' /etc/prosody/prosody.cfg.lua
|
|
401
|
+ if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
|
402
|
+ sed -i "s|/etc/prosody/certs/localhost.key|/etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/prosody.cfg.lua
|
|
403
|
+ sed -i "s|/etc/prosody/certs/localhost.crt|/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/prosody.cfg.lua
|
|
404
|
+ else
|
|
405
|
+ sed -i 's|/etc/prosody/certs/localhost.key|/etc/ssl/private/xmpp.key|g' /etc/prosody/prosody.cfg.lua
|
|
406
|
+ sed -i 's|/etc/prosody/certs/localhost.crt|/etc/ssl/certs/xmpp.crt|g' /etc/prosody/prosody.cfg.lua
|
|
407
|
+ fi
|
391
|
408
|
if ! grep -q "xmpp.dhparam" /etc/prosody/prosody.cfg.lua; then
|
392
|
|
- sed -i '/certificate =/a\ dhparam = "/etc/ssl/certs/xmpp.dhparam";' /etc/prosody/prosody.cfg.lua
|
|
409
|
+ if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam ]; then
|
|
410
|
+ sed -i "/certificate =/a\ dhparam = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam\";" /etc/prosody/prosody.cfg.lua
|
|
411
|
+ else
|
|
412
|
+ sed -i '/certificate =/a\ dhparam = "/etc/ssl/certs/xmpp.dhparam";' /etc/prosody/prosody.cfg.lua
|
|
413
|
+ fi
|
393
|
414
|
fi
|
394
|
415
|
if ! grep -q 'options = {"no_sslv2", "no_sslv3" }' /etc/prosody/prosody.cfg.lua; then
|
395
|
416
|
sed -i '/certificate =/a\ options = {"no_sslv2", "no_sslv3" };' /etc/prosody/prosody.cfg.lua
|
|
@@ -413,8 +434,14 @@ function install_xmpp_main {
|
413
|
434
|
sed -i 's/--"bosh";/"bosh";/g' /etc/prosody/prosody.cfg.lua
|
414
|
435
|
sed -i 's/authentication = "internal_plain"/authentication = "internal_hashed"/g' /etc/prosody/prosody.cfg.lua
|
415
|
436
|
sed -i 's/enabled = false -- Remove this line to enable this host//g' /etc/prosody/prosody.cfg.lua
|
416
|
|
- sed -i 's|key = "/etc/prosody/certs/example.com.key"|key = "/etc/ssl/private/xmpp.key"|g' /etc/prosody/prosody.cfg.lua
|
417
|
|
- sed -i 's|certificate = "/etc/prosody/certs/example.com.crt"|certificate = "/etc/ssl/certs/xmpp.crt"|g' /etc/prosody/prosody.cfg.lua
|
|
437
|
+ if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
|
438
|
+ # use an existing cert if possible
|
|
439
|
+ sed -i "s|key = \"/etc/prosody/certs/example.com.key\"|key = \"/etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key\"|g" /etc/prosody/prosody.cfg.lua
|
|
440
|
+ sed -i "s|certificate = \"/etc/prosody/certs/example.com.crt\"|certificate = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem\"|g" /etc/prosody/prosody.cfg.lua
|
|
441
|
+ else
|
|
442
|
+ sed -i 's|key = "/etc/prosody/certs/example.com.key"|key = "/etc/ssl/private/xmpp.key"|g' /etc/prosody/prosody.cfg.lua
|
|
443
|
+ sed -i 's|certificate = "/etc/prosody/certs/example.com.crt"|certificate = "/etc/ssl/certs/xmpp.crt"|g' /etc/prosody/prosody.cfg.lua
|
|
444
|
+ fi
|
418
|
445
|
sed -i "s/example.com/$DEFAULT_DOMAIN_NAME/g" /etc/prosody/prosody.cfg.lua
|
419
|
446
|
|
420
|
447
|
systemctl restart prosody
|