Move tls function to be accessible to upgrade
This commit is contained in:
parent
e24f7303aa
commit
8a88f5ff35
|
@ -119,45 +119,6 @@ function email_create_template {
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function email_install_tls {
|
|
||||||
tls_config_file=/etc/exim4/conf.d/main/03_exim4-config_tlsoptions
|
|
||||||
tls_auth_config_file=/etc/exim4/conf.d/auth/30_exim4-config_examples
|
|
||||||
|
|
||||||
if [ ! -f $tls_config_file ]; then
|
|
||||||
tls_config_file=/etc/exim4/exim4.conf.template
|
|
||||||
tls_auth_config_file=$tls_config_file
|
|
||||||
fi
|
|
||||||
if [ ! -f /etc/ssl/certs/exim.dhparam ]; then
|
|
||||||
${PROJECT_NAME}-addcert -h exim --dhkey $DH_KEYLENGTH
|
|
||||||
check_certificates exim
|
|
||||||
cp /etc/ssl/certs/exim.dhparam /etc/exim4
|
|
||||||
chown root:Debian-exim /etc/exim4/exim.dhparam
|
|
||||||
chmod 640 /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
|
|
||||||
fi
|
|
||||||
if ! grep -q 'MAIN_TLS_ENABLE = true' $tls_config_file; then
|
|
||||||
sed -i "/.ifdef MAIN_HARDCODE_PRIMARY_HOSTNAME/i\MAIN_HARDCODE_PRIMARY_HOSTNAME =\nMAIN_TLS_ENABLE = true" $tls_config_file
|
|
||||||
fi
|
|
||||||
if ! grep -q "tls_on_connect_ports=465" $tls_config_file; then
|
|
||||||
sed -i '/SSL configuration for exim/i\tls_on_connect_ports=465' $tls_config_file
|
|
||||||
fi
|
|
||||||
if grep -q '# login_saslauthd_server' $tls_auth_config_file; then
|
|
||||||
sed -i '/login_saslauthd_server/,/.endif/ s/# *//' $tls_auth_config_file
|
|
||||||
fi
|
|
||||||
if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
|
||||||
if ! grep -q "MAIN_TLS_CERTKEY = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem" $tls_config_file; then
|
|
||||||
sed -i "/.ifdef MAIN_TLS_CERTKEY/i\MAIN_TLS_CERTKEY = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem" $tls_config_file
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
if [ -f /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key ]; then
|
|
||||||
if ! grep -q "MAIN_TLS_PRIVATEKEY = /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key" $tls_config_file; then
|
|
||||||
sed -i "/.ifdef MAIN_TLS_PRIVATEKEY/i\MAIN_TLS_PRIVATEKEY = /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key" $tls_config_file
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
if ! grep -q "SMTPLISTENEROPTIONS='-oX 465:25:587" /etc/default/exim4; then
|
|
||||||
sed -i "s|SMTPLISTENEROPTIONS=.*|SMTPLISTENEROPTIONS='-oX 465:25:587 -oP /var/run/exim4/exim.pid'|g" /etc/default/exim4
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
function configure_email_onion {
|
function configure_email_onion {
|
||||||
if [[ $(is_completed $FUNCNAME) == "1" ]]; then
|
if [[ $(is_completed $FUNCNAME) == "1" ]]; then
|
||||||
return
|
return
|
||||||
|
|
|
@ -968,4 +968,43 @@ function install_composer {
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function email_install_tls {
|
||||||
|
tls_config_file=/etc/exim4/conf.d/main/03_exim4-config_tlsoptions
|
||||||
|
tls_auth_config_file=/etc/exim4/conf.d/auth/30_exim4-config_examples
|
||||||
|
|
||||||
|
if [ ! -f $tls_config_file ]; then
|
||||||
|
tls_config_file=/etc/exim4/exim4.conf.template
|
||||||
|
tls_auth_config_file=$tls_config_file
|
||||||
|
fi
|
||||||
|
if [ ! -f /etc/ssl/certs/exim.dhparam ]; then
|
||||||
|
${PROJECT_NAME}-addcert -h exim --dhkey $DH_KEYLENGTH
|
||||||
|
check_certificates exim
|
||||||
|
cp /etc/ssl/certs/exim.dhparam /etc/exim4
|
||||||
|
chown root:Debian-exim /etc/exim4/exim.dhparam
|
||||||
|
chmod 640 /etc/exim4/exim.key /etc/exim4/exim.crt /etc/exim4/exim.dhparam
|
||||||
|
fi
|
||||||
|
if ! grep -q 'MAIN_TLS_ENABLE = true' $tls_config_file; then
|
||||||
|
sed -i "/.ifdef MAIN_HARDCODE_PRIMARY_HOSTNAME/i\MAIN_HARDCODE_PRIMARY_HOSTNAME =\nMAIN_TLS_ENABLE = true" $tls_config_file
|
||||||
|
fi
|
||||||
|
if ! grep -q "tls_on_connect_ports=465" $tls_config_file; then
|
||||||
|
sed -i '/SSL configuration for exim/i\tls_on_connect_ports=465' $tls_config_file
|
||||||
|
fi
|
||||||
|
if grep -q '# login_saslauthd_server' $tls_auth_config_file; then
|
||||||
|
sed -i '/login_saslauthd_server/,/.endif/ s/# *//' $tls_auth_config_file
|
||||||
|
fi
|
||||||
|
if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
||||||
|
if ! grep -q "MAIN_TLS_CERTKEY = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem" $tls_config_file; then
|
||||||
|
sed -i "/.ifdef MAIN_TLS_CERTKEY/i\MAIN_TLS_CERTKEY = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem" $tls_config_file
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
if [ -f /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key ]; then
|
||||||
|
if ! grep -q "MAIN_TLS_PRIVATEKEY = /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key" $tls_config_file; then
|
||||||
|
sed -i "/.ifdef MAIN_TLS_PRIVATEKEY/i\MAIN_TLS_PRIVATEKEY = /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key" $tls_config_file
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
if ! grep -q "SMTPLISTENEROPTIONS='-oX 465:25:587" /etc/default/exim4; then
|
||||||
|
sed -i "s|SMTPLISTENEROPTIONS=.*|SMTPLISTENEROPTIONS='-oX 465:25:587 -oP /var/run/exim4/exim.pid'|g" /etc/default/exim4
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
# NOTE: deliberately no exit 0
|
# NOTE: deliberately no exit 0
|
||||||
|
|
Loading…
Reference in New Issue