free
/
freedombone
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Command option to register a website with monkeysphere

Bob Mottram 8 years ago
parent
428e42c4bc
commit
a7572eabc1
1 changed files with 28 additions and 1 deletions
Split View Show Diff Stats
  1. 28
    1
      src/freedombone-sec

+ 28
- 1
src/freedombone-sec View File 

@@ -352,6 +352,7 @@ function regenerate_ssh_host_keys {
352 352 
 	  monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key ssh://$DEFAULT_DOMAIN_NAME
353 353 
 	  SSH_ONION_HOSTNAME=$(cat ${COMPLETION_FILE} | grep 'ssh onion domain' | awk -F ':' '{print $2}')
354 354 
 	  monkeysphere-host import-key /etc/ssh/ssh_host_rsa_key ssh://$SSH_ONION_HOSTNAME
355 
+	  monkeysphere-host publish-key --all
355 356 
 	  echo $'updated monkeysphere ssh host key'
356 357 
 	  systemctl restart ssh
357 358 
   fi
 
@@ -617,7 +618,7 @@ function enable_monkeysphere {
617 618 
 		# The admin user is the identity certifier
618 619 
 		fpr=$(gpg --with-colons --fingerprint $MY_GPG_PUBLIC_KEY_ID | grep fpr | head -n 1 | awk -F ':' '{print $10}')
619 620 
 		monkeysphere-authentication add-identity-certifier $fpr
620 
-		monkeysphere-host publish-key
621 
+		monkeysphere-host publish-key --all
621 622 
 	else
622 623 
 		sed -i 's|#AuthorizedKeysFile|AuthorizedKeysFile|g' /etc/ssh/sshd_config
623 624 
 		sed -i 's|AuthorizedKeysFile.*|AuthorizedKeysFile %h/.ssh/authorized_keys|g' /etc/ssh/sshd_config
 
@@ -861,6 +862,25 @@ function refresh_gpg_keys {
861 862 
 	exit 0
862 863 
 }
863 864
865 
+function register_website {
866 
+	domain="$1"
867 
+	if [[ ${domain} == *".local" ]]; then
868 
+		echo $"Can't register local domains"
869 
+		exit 82438
870 
+	fi
871 
+	if [ ! -f /etc/ssl/private/${domain}.key ]; then
872 
+		echo $"No SSL/TLS private key found for ${domain}"
873 
+		exit 62852
874 
+	fi
875 
+	if [ ! -f /etc/nginx/sites-available/${domain} ]; then
876 
+		echo $"No virtual host found for ${domain}"
877 
+		exit 25625
878 
+	fi
879 
+	monkeysphere-host import-key /etc/ssl/private/${domain}.key https://${domain}
880 
+	monkeysphere-host publish-key
881 
+	exit 0
882 
+}
883 
+
864 884 
 function show_help {
865 885 
   echo ''
866 886 
   echo "${PROJECT_NAME}-sec"
 
@@ -872,6 +892,7 @@ function show_help {
872 892 
   echo $'  -e --export           Export security settings to a file'
873 893 
   echo $'  -i --import           Import security settings from a file'
874 894 
   echo $'  -r --refresh          Refresh GPG keys for all users'
895 
+  echo $'  --register [domain]   Register a https domain with monkeysphere'
875 896 
   echo ''
876 897 
   exit 0
877 898 
 }
 
@@ -898,8 +919,14 @@ case $key in
898 919 
 	;;
899 920 
 	# Refresh GPG keys
900 921 
 	-r|--refresh)
922 
+	shift
901 923 
 	refresh_gpg_keys
902 924 
 	;;
925 
+	# register a website
926 
+	--register|--reg|--site)
927 
+	shift
928 
+	register_website "$1"
929 
+	;;
903 930 
 	*)
904 931 
 	# unknown option
905 932 
 	;;