Enable xmpp via tor

This commit is contained in:
Bob Mottram 2016-01-01 11:30:30 +00:00
parent 16a2280360
commit ae79acb02b
1 changed files with 42 additions and 2 deletions

View File

@ -281,6 +281,9 @@ MARIADB_PASSWORD=
# Directory where XMPP settings are stored # Directory where XMPP settings are stored
XMPP_DIRECTORY="/var/lib/prosody" XMPP_DIRECTORY="/var/lib/prosody"
# port used for xmpp as an onion service
XMPP_ONION_PORT=8091
# file containing a list of remote locations to backup to # file containing a list of remote locations to backup to
# Format: [username@friendsdomain//home/username] [ssh_password] # Format: [username@friendsdomain//home/username] [ssh_password]
# With the only space character being between the server and the password # With the only space character being between the server and the password
@ -6722,13 +6725,29 @@ function install_xmpp {
return return
fi fi
apt-get -y install lua-sec apt-get -y install lua-sec
apt-get -y install prosody apt-get -y install prosody prosody-modules mercurial
if [ ! -d /etc/prosody ]; then if [ ! -d /etc/prosody ]; then
echo $"ERROR: prosody does not appear to have installed. $CHECK_MESSAGE" echo $"ERROR: prosody does not appear to have installed. $CHECK_MESSAGE"
exit 52 exit 52
fi fi
# obtain the prosody modules
cd $INSTALL_DIR
hg clone https://hg.prosody.im/prosody-modules/ prosody-modules
if [ ! -d $INSTALL_DIR/prosody-modules/mod_onions ]; then
echo $'mod_onions prosody module could not be found'
exit 73254
fi
# install the onions module
cp $INSTALL_DIR/prosody-modules/mod_onions/mod_onions.lua /usr/lib/prosody/modules/mod_onions.lua
if [ ! -f /usr/lib/prosody/modules/mod_onions.lua ]; then
echo $'mod_onions.lua could not be copied to the prosody modules directory'
exit 63952
fi
# create a certificate
if [ ! -f /etc/ssl/certs/xmpp.dhparam ]; then if [ ! -f /etc/ssl/certs/xmpp.dhparam ]; then
${PROJECT_NAME}-addcert -h xmpp --dhkey $DH_KEYLENGTH ${PROJECT_NAME}-addcert -h xmpp --dhkey $DH_KEYLENGTH
check_certificates xmpp check_certificates xmpp
@ -6764,6 +6783,7 @@ function install_xmpp {
echo ' "bosh"; -- Enable mod_bosh' >> /etc/prosody/conf.avail/xmpp.cfg.lua echo ' "bosh"; -- Enable mod_bosh' >> /etc/prosody/conf.avail/xmpp.cfg.lua
echo ' "tls"; -- Enable mod_tls' >> /etc/prosody/conf.avail/xmpp.cfg.lua echo ' "tls"; -- Enable mod_tls' >> /etc/prosody/conf.avail/xmpp.cfg.lua
echo ' "saslauth"; -- Enable mod_saslauth' >> /etc/prosody/conf.avail/xmpp.cfg.lua echo ' "saslauth"; -- Enable mod_saslauth' >> /etc/prosody/conf.avail/xmpp.cfg.lua
echo ' "onions"; -- Enable chat via onion service' >> /etc/prosody/conf.avail/xmpp.cfg.lua
echo '}' >> /etc/prosody/conf.avail/xmpp.cfg.lua echo '}' >> /etc/prosody/conf.avail/xmpp.cfg.lua
echo '' >> /etc/prosody/conf.avail/xmpp.cfg.lua echo '' >> /etc/prosody/conf.avail/xmpp.cfg.lua
echo 'c2s_require_encryption = true' >> /etc/prosody/conf.avail/xmpp.cfg.lua echo 'c2s_require_encryption = true' >> /etc/prosody/conf.avail/xmpp.cfg.lua
@ -6803,9 +6823,28 @@ function install_xmpp {
sed -i 's|certificate = "/etc/prosody/certs/example.com.crt"|certificate = "/etc/ssl/certs/xmpp.crt"|g' /etc/prosody/prosody.cfg.lua sed -i 's|certificate = "/etc/prosody/certs/example.com.crt"|certificate = "/etc/ssl/certs/xmpp.crt"|g' /etc/prosody/prosody.cfg.lua
sed -i "s/example.com/$DEFAULT_DOMAIN_NAME/g" /etc/prosody/prosody.cfg.lua sed -i "s/example.com/$DEFAULT_DOMAIN_NAME/g" /etc/prosody/prosody.cfg.lua
service prosody restart systemctl restart prosody
touch /home/$MY_USERNAME/README touch /home/$MY_USERNAME/README
if [ ! -d /var/lib/tor ]; then
echo $'No Tor installation found. XMPP onion site cannot be configured.'
exit 877367
fi
if ! grep -q "hidden_service_xmpp" /etc/tor/torrc; then
echo 'HiddenServiceDir /var/lib/tor/hidden_service_xmpp/' >> /etc/tor/torrc
echo "HiddenServicePort 5222 127.0.0.1:${XMPP_ONION_PORT}" >> /etc/tor/torrc
echo $'Added onion site for XMPP chat'
fi
systemctl restart tor
if [ ! -f /var/lib/tor/hidden_service_owncloud/hostname ]; then
echo $'XMPP onion site hostname not found'
exit 65349
fi
XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_xmpp/hostname)
echo "XMPP onion domain:${XMPP_ONION_HOSTNAME}" >> $COMPLETION_FILE
if ! grep -q "Your XMPP password is" /home/$MY_USERNAME/README; then if ! grep -q "Your XMPP password is" /home/$MY_USERNAME/README; then
if [ -f $IMAGE_PASSWORD_FILE ]; then if [ -f $IMAGE_PASSWORD_FILE ]; then
XMPP_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)" XMPP_PASSWORD="$(printf `cat $IMAGE_PASSWORD_FILE`)"
@ -6817,6 +6856,7 @@ function install_xmpp {
echo '' >> /home/$MY_USERNAME/README echo '' >> /home/$MY_USERNAME/README
echo $'XMPP' >> /home/$MY_USERNAME/README echo $'XMPP' >> /home/$MY_USERNAME/README
echo '====' >> /home/$MY_USERNAME/README echo '====' >> /home/$MY_USERNAME/README
echo $"XMPP onion domain: ${XMPP_ONION_HOSTNAME}" >> /home/$MY_USERNAME/README
echo $"Your XMPP password is: $XMPP_PASSWORD" >> /home/$MY_USERNAME/README echo $"Your XMPP password is: $XMPP_PASSWORD" >> /home/$MY_USERNAME/README
echo $'You can change it with: ' >> /home/$MY_USERNAME/README echo $'You can change it with: ' >> /home/$MY_USERNAME/README
echo '' >> /home/$MY_USERNAME/README echo '' >> /home/$MY_USERNAME/README