Checking that certs exist
This commit is contained in:
Bob Mottram
parent
1000297af0
commit
75b27e65dc
|
|
@ -310,7 +310,7 @@ function install_xmpp_main {
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# obtain a cert for the default domain
|
# obtain a cert for the default domain
|
||||||
if [ ! -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "0" ]]; then
|
||||||
echo $'Obtaining certificate for the main domain'
|
echo $'Obtaining certificate for the main domain'
|
||||||
create_site_certificate ${DEFAULT_DOMAIN_NAME} 'yes'
|
create_site_certificate ${DEFAULT_DOMAIN_NAME} 'yes'
|
||||||
fi
|
fi
|
||||||
|
|
@ -339,9 +339,9 @@ function install_xmpp_main {
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# create a certificate
|
# create a certificate
|
||||||
if [ ! -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "0" ]]; then
|
||||||
if [ ! -f /etc/ssl/certs/xmpp.dhparam ]; then
|
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} xmpp) == "0" ]]; then
|
||||||
${PROJECT_NAME}-addcert -h xmpp --dhkey $DH_KEYLENGTH
|
${PROJECT_NAME}-addcert -h xmpp --dhkey ${DH_KEYLENGTH}
|
||||||
check_certificates xmpp
|
check_certificates xmpp
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
@ -349,7 +349,7 @@ function install_xmpp_main {
|
||||||
chown prosody:prosody /etc/ssl/certs/xmpp.*
|
chown prosody:prosody /etc/ssl/certs/xmpp.*
|
||||||
cp -a /etc/prosody/conf.avail/example.com.cfg.lua /etc/prosody/conf.avail/xmpp.cfg.lua
|
cp -a /etc/prosody/conf.avail/example.com.cfg.lua /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||||
|
|
||||||
if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then
|
||||||
sed -i "s|/etc/prosody/certs/example.com.key|/etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
sed -i "s|/etc/prosody/certs/example.com.key|/etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||||
sed -i "s|/etc/prosody/certs/example.com.crt|/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
sed -i "s|/etc/prosody/certs/example.com.crt|/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||||
else
|
else
|
||||||
|
|
@ -357,7 +357,7 @@ function install_xmpp_main {
|
||||||
sed -i 's|/etc/prosody/certs/example.com.crt|/etc/ssl/certs/xmpp.crt|g' /etc/prosody/conf.avail/xmpp.cfg.lua
|
sed -i 's|/etc/prosody/certs/example.com.crt|/etc/ssl/certs/xmpp.crt|g' /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||||
fi
|
fi
|
||||||
if ! grep -q "xmpp.dhparam" /etc/prosody/conf.avail/xmpp.cfg.lua; then
|
if ! grep -q "xmpp.dhparam" /etc/prosody/conf.avail/xmpp.cfg.lua; then
|
||||||
if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam ]; then
|
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME}) == "1" ]]; then
|
||||||
sed -i "/certificate =/a\ dhparam = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam\";" /etc/prosody/conf.avail/xmpp.cfg.lua
|
sed -i "/certificate =/a\ dhparam = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam\";" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||||
else
|
else
|
||||||
sed -i '/certificate =/a\ dhparam = "/etc/ssl/certs/xmpp.dhparam";' /etc/prosody/conf.avail/xmpp.cfg.lua
|
sed -i '/certificate =/a\ dhparam = "/etc/ssl/certs/xmpp.dhparam";' /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||||
|
|
@ -451,6 +451,20 @@ function install_xmpp_main {
|
||||||
fi
|
fi
|
||||||
sed -i "s/example.com/$DEFAULT_DOMAIN_NAME/g" /etc/prosody/prosody.cfg.lua
|
sed -i "s/example.com/$DEFAULT_DOMAIN_NAME/g" /etc/prosody/prosody.cfg.lua
|
||||||
|
|
||||||
|
if [ $XMPP_DOMAIN_CODE ]; then
|
||||||
|
if [ ${#XMPP_DOMAIN_CODE} -gt 0 ]; then
|
||||||
|
if [[ $(cert_exists chat.${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then
|
||||||
|
sed -i 's|--Component "conference.|Component "chat.|g' /etc/prosody/prosody.cfg.lua
|
||||||
|
fi
|
||||||
|
if [[ $(cert_exists xmpp.${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then
|
||||||
|
sed -i 's|--Component "conference.|Component "xmpp.|g' /etc/prosody/prosody.cfg.lua
|
||||||
|
fi
|
||||||
|
if [[ $(cert_exists conference.${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then
|
||||||
|
sed -i 's|--Component "conference.|Component "conference.|g' /etc/prosody/prosody.cfg.lua
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
systemctl restart prosody
|
systemctl restart prosody
|
||||||
touch /home/$MY_USERNAME/README
|
touch /home/$MY_USERNAME/README
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -234,7 +234,7 @@ function create_site_certificate {
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ $ONION_ONLY == "no" ]]; then
|
if [[ $ONION_ONLY == "no" ]]; then
|
||||||
if [[ $(cert_exists) == "0" ]]; then
|
if [[ $(cert_exists $SITE_DOMAIN_NAME) == "0" ]]; then
|
||||||
if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then
|
if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then
|
||||||
create_self_signed_cert
|
create_self_signed_cert
|
||||||
else
|
else
|
||||||
|
|
@ -242,7 +242,7 @@ function create_site_certificate {
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
if [[ $LETSENCRYPT_ENABLED == "yes" ]]; then
|
if [[ $LETSENCRYPT_ENABLED == "yes" ]]; then
|
||||||
if [[ $(cert_exists pem) == "0" ]]; then
|
if [[ $(cert_exists $SITE_DOMAIN_NAME pem) == "0" ]]; then
|
||||||
create_letsencrypt_cert
|
create_letsencrypt_cert
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue