free
/
freedombone
Segui 1
Vota 0
Forka 0
Codice Problemi 0 Pull Requests 0 Rilasci 0 Wiki Activity
Sfoglia il codice sorgente

Use letsencrypt cert with mumble

Bob Mottram 9 anni fa
parent
d2f0444328
commit
f40d44e6b2
2 ha cambiato i file con 17 aggiunte e 1 eliminazioni
Visualizzazione unificata Mostra Diff Stats
  1. 5
    1
      src/freedombone-app-mumble
  2. 12
    0
      src/freedombone-utils-web

+ 5
- 1
src/freedombone-app-mumble Vedi File

228 
     fi
 228 
     fi
229 
     cp /etc/ssl/certs/mumble.* /var/lib/mumble-server
 229 
     cp /etc/ssl/certs/mumble.* /var/lib/mumble-server
230 
     cp /etc/ssl/private/mumble.key /var/lib/mumble-server
 230 
     cp /etc/ssl/private/mumble.key /var/lib/mumble-server
231 
+    if [ ! -f /var/lib/mumble-server/mumble.pem ]; then
232 
+        mv /var/lib/mumble-server/mumble.crt /var/lib/mumble-server/mumble.pem
233 
+    fi
231 
     chown -R mumble-server:mumble-server /var/lib/mumble-server
 234 
     chown -R mumble-server:mumble-server /var/lib/mumble-server
232
235
233 
     sed -i "s|welcometext=.*|welcometext=\"<br />Welcome to $DEFAULT_DOMAIN_NAME <b>mumble</b>.<br />Chat freely!<br />\"|g" /etc/mumble-server.ini
 236 
     sed -i "s|welcometext=.*|welcometext=\"<br />Welcome to $DEFAULT_DOMAIN_NAME <b>mumble</b>.<br />Chat freely!<br />\"|g" /etc/mumble-server.ini
245 
         echo 'allowping=False' >> /etc/mumble-server.ini
 248 
         echo 'allowping=False' >> /etc/mumble-server.ini
246 
     fi
 249 
     fi
247 
     sed -i 's|allowping=.*|allowping=False|g' /etc/mumble-server.ini
 250 
     sed -i 's|allowping=.*|allowping=False|g' /etc/mumble-server.ini
248 
-    sed -i 's|#sslCert=.*|sslCert=/var/lib/mumble-server/mumble.crt|g' /etc/mumble-server.ini
251 
+    sed -i 's|#sslCert=.*|sslCert=/var/lib/mumble-server/mumble.pem|g' /etc/mumble-server.ini
249 
     sed -i 's|#sslKey=.*|sslKey=/var/lib/mumble-server/mumble.key|g' /etc/mumble-server.ini
 252 
     sed -i 's|#sslKey=.*|sslKey=/var/lib/mumble-server/mumble.key|g' /etc/mumble-server.ini
250 
     sed -i 's|#certrequired=.*|certrequired=True|g' /etc/mumble-server.ini
 253 
     sed -i 's|#certrequired=.*|certrequired=True|g' /etc/mumble-server.ini
251 
     sed -i 's|users=100|users=10|g' /etc/mumble-server.ini
 254 
     sed -i 's|users=100|users=10|g' /etc/mumble-server.ini
259
262
260 
     MUMBLE_ONION_HOSTNAME=$(add_onion_service mumble ${MUMBLE_PORT} ${MUMBLE_PORT})
 263 
     MUMBLE_ONION_HOSTNAME=$(add_onion_service mumble ${MUMBLE_PORT} ${MUMBLE_PORT})
261
264
265 
+    update_default_domain
262 
     systemctl restart mumble-server
 266 
     systemctl restart mumble-server
263
267
264 
     if ! grep -q $"Mumble Server" /home/$MY_USERNAME/README; then
 268 
     if ! grep -q $"Mumble Server" /home/$MY_USERNAME/README; then

+ 12
- 0
src/freedombone-utils-web Vedi File

676 
         chmod -R 700 /etc/prosody/certs/*
 676 
         chmod -R 700 /etc/prosody/certs/*
677 
         systemctl restart prosody
 677 
         systemctl restart prosody
678 
     fi
 678 
     fi
679 
+
680 
+    if [ -d /var/lib/mumble-server ]; then
681 
+        if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then
682 
+            cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem /var/lib/mumble-server/mumble.pem
683 
+            cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam /var/lib/mumble-server/mumble.dhparam
684 
+            cp /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key /var/lib/mumble-server/mumble.key
685 
+            chown -R mumble-server:mumble-server /var/lib/mumble-server
686 
+            chmod -R 700 /var/lib/mumble-server/${DEFAULT_DOMAIN_NAME}.pem
687 
+            chmod -R 700 /var/lib/mumble-server/${DEFAULT_DOMAIN_NAME}.key
688 
+            chmod -R 700 /var/lib/mumble-server/${DEFAULT_DOMAIN_NAME}.dhparam
689 
+        fi
690 
+    fi
679 
 }
 691 
 }
680
692
681 
 # NOTE: deliberately no exit 0
 693 
 # NOTE: deliberately no exit 0