free
/
freedombone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Check that certificates are created

This commit is contained in:
Bob Mottram 2015-01-27 20:11:41 +00:00
parent da8e8eca55
commit 2ebf7f902a
1 changed files with 32 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
src/freedombone
View File

@ -1225,6 +1225,25 @@ function read_configuration {
fi fi
} }
# Checks whether certificates were generated for the given hostname
function check_certificates {
if [ ! $1 ]; then
return
fi
if [ ! -f /etc/ssl/private/$1.key ]; then
echo "Private certificate for $CHECK_HOSTNAME was not created"
exit 63959
fi
if [ ! -f /etc/ssl/certs/$1.crt ]; then
echo "Public certificate for $CHECK_HOSTNAME was not created"
exit 7679
fi
if [ ! -f /etc/ssl/certs/$1.dhparam ]; then
echo "DiffieHellman parameters for $CHECK_HOSTNAME were not created"
exit 5989
fi
}
function install_not_on_BBB { function install_not_on_BBB {
if grep -Fxq "install_not_on_BBB" $COMPLETION_FILE; then if grep -Fxq "install_not_on_BBB" $COMPLETION_FILE; then
return return
@ -2736,7 +2755,7 @@ function create_restore_script {
echo ' rm -rf /root/tempvoip' >> /usr/bin/$RESTORE_SCRIPT_NAME echo ' rm -rf /root/tempvoip' >> /usr/bin/$RESTORE_SCRIPT_NAME
echo 'fi' >> /usr/bin/$RESTORE_SCRIPT_NAME echo 'fi' >> /usr/bin/$RESTORE_SCRIPT_NAME
echo '' >> /usr/bin/$RESTORE_SCRIPT_NAME echo '' >> /usr/bin/$RESTORE_SCRIPT_NAME
echo 'sync' >> /usr/bin/$RESTORE_SCRIPT_NAME echo 'sync' >> /usr/bin/$RESTORE_SCRIPT_NAME
echo '' >> /usr/bin/$RESTORE_SCRIPT_NAME echo '' >> /usr/bin/$RESTORE_SCRIPT_NAME
echo "# Unmount the USB drive" >> /usr/bin/$RESTORE_SCRIPT_NAME echo "# Unmount the USB drive" >> /usr/bin/$RESTORE_SCRIPT_NAME
@ -3312,7 +3331,7 @@ function backup_to_friends_servers {
echo 'fi' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME echo 'fi' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
echo '' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME echo '' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
if [[ $BACKUP_INCLUDES_DATABASES == "yes" ]]; then if [[ $BACKUP_INCLUDES_DATABASES == "yes" ]]; then
echo '# Mysql settings' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME echo '# Mysql settings' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
echo 'if [ ! -d $SERVER_DIRECTORY/backup/mariadb ]; then' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME echo 'if [ ! -d $SERVER_DIRECTORY/backup/mariadb ]; then' >> /usr/bin/$BACKUP_TO_FRIENDS_SCRIPT_NAME
@ -3890,7 +3909,7 @@ function restore_from_friend {
echo ' rm -rf /root/tempvoip' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME echo ' rm -rf /root/tempvoip' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
echo 'fi' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME echo 'fi' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
echo '' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME echo '' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
echo 'if [ -d $SERVER_DIRECTORY/backup/mail ]; then' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME echo 'if [ -d $SERVER_DIRECTORY/backup/mail ]; then' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
echo ' echo "Restoring emails"' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME echo ' echo "Restoring emails"' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
echo ' mkdir /root/tempmail' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME echo ' mkdir /root/tempmail' >> /usr/bin/$RESTORE_FROM_FRIEND_SCRIPT_NAME
@ -4991,6 +5010,7 @@ function configure_email {
# make a tls certificate for email # make a tls certificate for email
if [ ! -f /etc/ssl/private/exim.key ]; then if [ ! -f /etc/ssl/private/exim.key ]; then
makecert exim makecert exim
check_certificates exim
fi fi
cp /etc/ssl/private/exim.key /etc/exim4 cp /etc/ssl/private/exim.key /etc/exim4
cp /etc/ssl/certs/exim.crt /etc/exim4 cp /etc/ssl/certs/exim.crt /etc/exim4
@ -5178,6 +5198,7 @@ function configure_imap {
if [ ! -f /etc/ssl/private/dovecot.key ]; then if [ ! -f /etc/ssl/private/dovecot.key ]; then
makecert dovecot makecert dovecot
check_certificates dovecot
fi fi
chown root:dovecot /etc/ssl/certs/dovecot.* chown root:dovecot /etc/ssl/certs/dovecot.*
chown root:dovecot /etc/ssl/private/dovecot.* chown root:dovecot /etc/ssl/private/dovecot.*
@ -6492,6 +6513,7 @@ quit" > $INSTALL_DIR/batch.sql
if [ ! -f /etc/ssl/private/$OWNCLOUD_DOMAIN_NAME.key ]; then if [ ! -f /etc/ssl/private/$OWNCLOUD_DOMAIN_NAME.key ]; then
makecert $OWNCLOUD_DOMAIN_NAME makecert $OWNCLOUD_DOMAIN_NAME
check_certificates $OWNCLOUD_DOMAIN_NAME
fi fi
# Ensure that the database gets backed up locally, if remote # Ensure that the database gets backed up locally, if remote
@ -6568,6 +6590,7 @@ function install_xmpp {
if [ ! -f "/etc/ssl/private/xmpp.key" ]; then if [ ! -f "/etc/ssl/private/xmpp.key" ]; then
makecert xmpp makecert xmpp
check_certificates xmpp
fi fi
chown prosody:prosody /etc/ssl/private/xmpp.key chown prosody:prosody /etc/ssl/private/xmpp.key
chown prosody:prosody /etc/ssl/certs/xmpp.* chown prosody:prosody /etc/ssl/certs/xmpp.*
@ -6691,6 +6714,7 @@ function install_irc_server {
if [ ! -f /etc/ssl/private/ngircd.key ]; then if [ ! -f /etc/ssl/private/ngircd.key ]; then
makecert ngircd makecert ngircd
check_certificates ngircd
fi fi
echo '**************************************************' > /etc/ngircd/motd echo '**************************************************' > /etc/ngircd/motd
@ -6779,6 +6803,7 @@ function install_wiki {
fi fi
if [ ! -f /etc/ssl/private/$WIKI_DOMAIN_NAME.key ]; then if [ ! -f /etc/ssl/private/$WIKI_DOMAIN_NAME.key ]; then
makecert $WIKI_DOMAIN_NAME makecert $WIKI_DOMAIN_NAME
check_certificates $WIKI_DOMAIN_NAME
fi fi
ln -s /usr/share/dokuwiki /var/www/$WIKI_DOMAIN_NAME/htdocs ln -s /usr/share/dokuwiki /var/www/$WIKI_DOMAIN_NAME/htdocs
@ -7056,6 +7081,7 @@ function install_blog {
if [ ! -f /etc/ssl/private/$FULLBLOG_DOMAIN_NAME.key ]; then if [ ! -f /etc/ssl/private/$FULLBLOG_DOMAIN_NAME.key ]; then
makecert $FULLBLOG_DOMAIN_NAME makecert $FULLBLOG_DOMAIN_NAME
check_certificates $FULLBLOG_DOMAIN_NAME
fi fi
echo 'server {' > /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME echo 'server {' > /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
@ -7415,6 +7441,7 @@ quit" > $INSTALL_DIR/batch.sql
if [ ! -f /etc/ssl/private/$MICROBLOG_DOMAIN_NAME.key ]; then if [ ! -f /etc/ssl/private/$MICROBLOG_DOMAIN_NAME.key ]; then
makecert $MICROBLOG_DOMAIN_NAME makecert $MICROBLOG_DOMAIN_NAME
check_certificates $MICROBLOG_DOMAIN_NAME
fi fi
# Ensure that the database gets backed up locally, if remote # Ensure that the database gets backed up locally, if remote
@ -7686,6 +7713,7 @@ quit" > $INSTALL_DIR/batch.sql
if [ ! -f /etc/ssl/private/$REDMATRIX_DOMAIN_NAME.key ]; then if [ ! -f /etc/ssl/private/$REDMATRIX_DOMAIN_NAME.key ]; then
makecert $REDMATRIX_DOMAIN_NAME makecert $REDMATRIX_DOMAIN_NAME
check_certificates $REDMATRIX_DOMAIN_NAME
fi fi
if [ ! -d /var/www/$REDMATRIX_DOMAIN_NAME/htdocs/view/tpl/smarty3 ]; then if [ ! -d /var/www/$REDMATRIX_DOMAIN_NAME/htdocs/view/tpl/smarty3 ]; then
@ -8585,6 +8613,7 @@ function install_voip {
# Make an ssl cert for the server # Make an ssl cert for the server
if [ ! -f /etc/ssl/certs/mumble.crt ]; then if [ ! -f /etc/ssl/certs/mumble.crt ]; then
makecert mumble makecert mumble
check_certificates mumble
fi fi
# Check that the cert was created # Check that the cert was created