quotes
This commit is contained in:
parent
680312859f
commit
a1de6ba0c8
|
@ -482,12 +482,12 @@ function install_irc_server {
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# obtain a cert for the default domain
|
# obtain a cert for the default domain
|
||||||
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "0" ]]; then
|
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "0" ]]; then
|
||||||
echo $'Obtaining certificate for the main domain'
|
echo $'Obtaining certificate for the main domain'
|
||||||
create_site_certificate ${DEFAULT_DOMAIN_NAME} 'yes'
|
create_site_certificate ${DEFAULT_DOMAIN_NAME} 'yes'
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME}) == "0" ]]; then
|
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME})" == "0" ]]; then
|
||||||
${PROJECT_NAME}-addcert -h ngircd --dhkey ${DH_KEYLENGTH}
|
${PROJECT_NAME}-addcert -h ngircd --dhkey ${DH_KEYLENGTH}
|
||||||
function_check check_certificates
|
function_check check_certificates
|
||||||
check_certificates ngircd
|
check_certificates ngircd
|
||||||
|
|
|
@ -315,7 +315,7 @@ function install_xmpp_main {
|
||||||
|
|
||||||
if [[ $ONION_ONLY == 'no' ]]; then
|
if [[ $ONION_ONLY == 'no' ]]; then
|
||||||
# obtain a cert for the default domain
|
# obtain a cert for the default domain
|
||||||
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "0" ]]; then
|
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "0" ]]; then
|
||||||
echo $'Obtaining certificate for the main domain'
|
echo $'Obtaining certificate for the main domain'
|
||||||
create_site_certificate ${DEFAULT_DOMAIN_NAME} 'yes'
|
create_site_certificate ${DEFAULT_DOMAIN_NAME} 'yes'
|
||||||
fi
|
fi
|
||||||
|
@ -345,8 +345,8 @@ function install_xmpp_main {
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# create a certificate
|
# create a certificate
|
||||||
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "0" ]]; then
|
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "0" ]]; then
|
||||||
if [[ $(cert_exists xmpp) == "0" ]]; then
|
if [[ "$(cert_exists xmpp)" == "0" ]]; then
|
||||||
${PROJECT_NAME}-addcert -h xmpp --dhkey ${DH_KEYLENGTH}
|
${PROJECT_NAME}-addcert -h xmpp --dhkey ${DH_KEYLENGTH}
|
||||||
check_certificates xmpp
|
check_certificates xmpp
|
||||||
fi
|
fi
|
||||||
|
@ -362,7 +362,7 @@ function install_xmpp_main {
|
||||||
|
|
||||||
cp -a /etc/prosody/conf.avail/example.com.cfg.lua /etc/prosody/conf.avail/xmpp.cfg.lua
|
cp -a /etc/prosody/conf.avail/example.com.cfg.lua /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||||
|
|
||||||
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then
|
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
|
||||||
sed -i "s|/etc/prosody/certs/example.com.key|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
sed -i "s|/etc/prosody/certs/example.com.key|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||||
sed -i "s|/etc/prosody/certs/example.com.crt|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
sed -i "s|/etc/prosody/certs/example.com.crt|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||||
else
|
else
|
||||||
|
@ -370,7 +370,7 @@ function install_xmpp_main {
|
||||||
sed -i 's|/etc/prosody/certs/example.com.crt|/etc/prosody/certs/xmpp.crt|g' /etc/prosody/conf.avail/xmpp.cfg.lua
|
sed -i 's|/etc/prosody/certs/example.com.crt|/etc/prosody/certs/xmpp.crt|g' /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||||
fi
|
fi
|
||||||
if ! grep -q "xmpp.dhparam" /etc/prosody/conf.avail/xmpp.cfg.lua; then
|
if ! grep -q "xmpp.dhparam" /etc/prosody/conf.avail/xmpp.cfg.lua; then
|
||||||
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME}) == "1" ]]; then
|
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME})" == "1" ]]; then
|
||||||
sed -i "/certificate =/a\ dhparam = \"/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.dhparam\";" /etc/prosody/conf.avail/xmpp.cfg.lua
|
sed -i "/certificate =/a\ dhparam = \"/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.dhparam\";" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||||
else
|
else
|
||||||
sed -i '/certificate =/a\ dhparam = "/etc/prosody/certs/xmpp.dhparam";' /etc/prosody/conf.avail/xmpp.cfg.lua
|
sed -i '/certificate =/a\ dhparam = "/etc/prosody/certs/xmpp.dhparam";' /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||||
|
|
|
@ -1219,14 +1219,14 @@ function configure_imap {
|
||||||
|
|
||||||
if [[ $ONION_ONLY == 'no' ]]; then
|
if [[ $ONION_ONLY == 'no' ]]; then
|
||||||
# obtain a cert for the default domain
|
# obtain a cert for the default domain
|
||||||
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "0" ]]; then
|
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "0" ]]; then
|
||||||
echo $'Obtaining certificate for the main domain'
|
echo $'Obtaining certificate for the main domain'
|
||||||
create_site_certificate ${DEFAULT_DOMAIN_NAME} 'yes'
|
create_site_certificate ${DEFAULT_DOMAIN_NAME} 'yes'
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "0" ]]; then
|
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "0" ]]; then
|
||||||
if [[ $(cert_exists dovecot) == "0" ]]; then
|
if [[ "$(cert_exists dovecot)" == "0" ]]; then
|
||||||
${PROJECT_NAME}-addcert -h dovecot --dhkey $DH_KEYLENGTH
|
${PROJECT_NAME}-addcert -h dovecot --dhkey $DH_KEYLENGTH
|
||||||
check_certificates dovecot
|
check_certificates dovecot
|
||||||
fi
|
fi
|
||||||
|
@ -1246,7 +1246,7 @@ function configure_imap {
|
||||||
fi
|
fi
|
||||||
sed -i 's|#ssl =.*|ssl = required|g' /etc/dovecot/conf.d/10-ssl.conf
|
sed -i 's|#ssl =.*|ssl = required|g' /etc/dovecot/conf.d/10-ssl.conf
|
||||||
sed -i 's|ssl =.*|ssl = required|g' /etc/dovecot/conf.d/10-ssl.conf
|
sed -i 's|ssl =.*|ssl = required|g' /etc/dovecot/conf.d/10-ssl.conf
|
||||||
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then
|
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
|
||||||
sed -i "s|#ssl_cert =.*|ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
|
sed -i "s|#ssl_cert =.*|ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
|
||||||
sed -i "s|ssl_cert =.*|ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
|
sed -i "s|ssl_cert =.*|ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
|
||||||
else
|
else
|
||||||
|
@ -1255,7 +1255,7 @@ function configure_imap {
|
||||||
fi
|
fi
|
||||||
sed -i "s|#ssl_key =.*|ssl_key = </etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/dovecot/conf.d/10-ssl.conf
|
sed -i "s|#ssl_key =.*|ssl_key = </etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/dovecot/conf.d/10-ssl.conf
|
||||||
sed -i "s|ssl_key =.*|ssl_key = </etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/dovecot/conf.d/10-ssl.conf
|
sed -i "s|ssl_key =.*|ssl_key = </etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/dovecot/conf.d/10-ssl.conf
|
||||||
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME}) == "1" ]]; then
|
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME})" == "1" ]]; then
|
||||||
sed -i "s|#ssl_dh_parameters_length.*|ssl_dh_parameters_length = ${DH_KEYLENGTH}|g" /etc/dovecot/conf.d/10-ssl.conf
|
sed -i "s|#ssl_dh_parameters_length.*|ssl_dh_parameters_length = ${DH_KEYLENGTH}|g" /etc/dovecot/conf.d/10-ssl.conf
|
||||||
fi
|
fi
|
||||||
sed -i 's/#ssl_prefer_server_ciphers.*/ssl_prefer_server_ciphers = yes/g' /etc/dovecot/conf.d/10-ssl.conf
|
sed -i 's/#ssl_prefer_server_ciphers.*/ssl_prefer_server_ciphers = yes/g' /etc/dovecot/conf.d/10-ssl.conf
|
||||||
|
|
|
@ -242,7 +242,7 @@ function create_site_certificate {
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ $ONION_ONLY == "no" ]]; then
|
if [[ $ONION_ONLY == "no" ]]; then
|
||||||
if [[ $(cert_exists $SITE_DOMAIN_NAME) == "0" ]]; then
|
if [[ "$(cert_exists ${SITE_DOMAIN_NAME})" == "0" ]]; then
|
||||||
if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then
|
if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then
|
||||||
create_self_signed_cert
|
create_self_signed_cert
|
||||||
else
|
else
|
||||||
|
@ -250,7 +250,7 @@ function create_site_certificate {
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
if [[ $LETSENCRYPT_ENABLED == "yes" ]]; then
|
if [[ $LETSENCRYPT_ENABLED == "yes" ]]; then
|
||||||
if [[ $(cert_exists $SITE_DOMAIN_NAME pem) == "0" ]]; then
|
if [[ "$(cert_exists ${SITE_DOMAIN_NAME} pem)" == "0" ]]; then
|
||||||
create_letsencrypt_cert
|
create_letsencrypt_cert
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
@ -657,13 +657,13 @@ function update_default_domain {
|
||||||
mkdir /etc/prosody/certs
|
mkdir /etc/prosody/certs
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ $(cert_exists chat.${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then
|
if [[ "$(cert_exists chat.${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
|
||||||
sed -i 's|--Component "conference.|Component "chat.|g' /etc/prosody/prosody.cfg.lua
|
sed -i 's|--Component "conference.|Component "chat.|g' /etc/prosody/prosody.cfg.lua
|
||||||
fi
|
fi
|
||||||
if [[ $(cert_exists xmpp.${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then
|
if [[ "$(cert_exists xmpp.${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
|
||||||
sed -i 's|--Component "conference.|Component "xmpp.|g' /etc/prosody/prosody.cfg.lua
|
sed -i 's|--Component "conference.|Component "xmpp.|g' /etc/prosody/prosody.cfg.lua
|
||||||
fi
|
fi
|
||||||
if [[ $(cert_exists conference.${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then
|
if [[ "$(cert_exists conference.${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
|
||||||
sed -i 's|--Component "conference.|Component "conference.|g' /etc/prosody/prosody.cfg.lua
|
sed -i 's|--Component "conference.|Component "conference.|g' /etc/prosody/prosody.cfg.lua
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -688,7 +688,7 @@ function update_default_domain {
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -d /var/lib/mumble-server ]; then
|
if [ -d /var/lib/mumble-server ]; then
|
||||||
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then
|
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
|
||||||
cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem /var/lib/mumble-server/mumble.pem
|
cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem /var/lib/mumble-server/mumble.pem
|
||||||
cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam /var/lib/mumble-server/mumble.dhparam
|
cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam /var/lib/mumble-server/mumble.dhparam
|
||||||
cp /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key /var/lib/mumble-server/mumble.key
|
cp /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key /var/lib/mumble-server/mumble.key
|
||||||
|
@ -702,7 +702,7 @@ function update_default_domain {
|
||||||
|
|
||||||
if [ -d /home/znc/.znc ]; then
|
if [ -d /home/znc/.znc ]; then
|
||||||
echo $'znc found'
|
echo $'znc found'
|
||||||
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then
|
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
|
||||||
pkill znc
|
pkill znc
|
||||||
cat /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key > /home/znc/.znc/znc.pem
|
cat /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key > /home/znc/.znc/znc.pem
|
||||||
chown znc:znc /home/znc/.znc/znc.pem
|
chown znc:znc /home/znc/.znc/znc.pem
|
||||||
|
|
Loading…
Reference in New Issue