This commit is contained in:
Bob Mottram 2016-10-30 19:59:40 +00:00
parent 680312859f
commit a1de6ba0c8
4 changed files with 19 additions and 19 deletions

View File

@ -482,12 +482,12 @@ function install_irc_server {
fi
# obtain a cert for the default domain
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "0" ]]; then
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "0" ]]; then
echo $'Obtaining certificate for the main domain'
create_site_certificate ${DEFAULT_DOMAIN_NAME} 'yes'
fi
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME}) == "0" ]]; then
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME})" == "0" ]]; then
${PROJECT_NAME}-addcert -h ngircd --dhkey ${DH_KEYLENGTH}
function_check check_certificates
check_certificates ngircd

View File

@ -315,7 +315,7 @@ function install_xmpp_main {
if [[ $ONION_ONLY == 'no' ]]; then
# obtain a cert for the default domain
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "0" ]]; then
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "0" ]]; then
echo $'Obtaining certificate for the main domain'
create_site_certificate ${DEFAULT_DOMAIN_NAME} 'yes'
fi
@ -345,8 +345,8 @@ function install_xmpp_main {
fi
# create a certificate
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "0" ]]; then
if [[ $(cert_exists xmpp) == "0" ]]; then
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "0" ]]; then
if [[ "$(cert_exists xmpp)" == "0" ]]; then
${PROJECT_NAME}-addcert -h xmpp --dhkey ${DH_KEYLENGTH}
check_certificates xmpp
fi
@ -362,7 +362,7 @@ function install_xmpp_main {
cp -a /etc/prosody/conf.avail/example.com.cfg.lua /etc/prosody/conf.avail/xmpp.cfg.lua
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
sed -i "s|/etc/prosody/certs/example.com.key|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua
sed -i "s|/etc/prosody/certs/example.com.crt|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/conf.avail/xmpp.cfg.lua
else
@ -370,7 +370,7 @@ function install_xmpp_main {
sed -i 's|/etc/prosody/certs/example.com.crt|/etc/prosody/certs/xmpp.crt|g' /etc/prosody/conf.avail/xmpp.cfg.lua
fi
if ! grep -q "xmpp.dhparam" /etc/prosody/conf.avail/xmpp.cfg.lua; then
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME}) == "1" ]]; then
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME})" == "1" ]]; then
sed -i "/certificate =/a\ dhparam = \"/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.dhparam\";" /etc/prosody/conf.avail/xmpp.cfg.lua
else
sed -i '/certificate =/a\ dhparam = "/etc/prosody/certs/xmpp.dhparam";' /etc/prosody/conf.avail/xmpp.cfg.lua

View File

@ -1219,14 +1219,14 @@ function configure_imap {
if [[ $ONION_ONLY == 'no' ]]; then
# obtain a cert for the default domain
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "0" ]]; then
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "0" ]]; then
echo $'Obtaining certificate for the main domain'
create_site_certificate ${DEFAULT_DOMAIN_NAME} 'yes'
fi
fi
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "0" ]]; then
if [[ $(cert_exists dovecot) == "0" ]]; then
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "0" ]]; then
if [[ "$(cert_exists dovecot)" == "0" ]]; then
${PROJECT_NAME}-addcert -h dovecot --dhkey $DH_KEYLENGTH
check_certificates dovecot
fi
@ -1246,7 +1246,7 @@ function configure_imap {
fi
sed -i 's|#ssl =.*|ssl = required|g' /etc/dovecot/conf.d/10-ssl.conf
sed -i 's|ssl =.*|ssl = required|g' /etc/dovecot/conf.d/10-ssl.conf
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
sed -i "s|#ssl_cert =.*|ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
sed -i "s|ssl_cert =.*|ssl_cert = </etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
else
@ -1255,7 +1255,7 @@ function configure_imap {
fi
sed -i "s|#ssl_key =.*|ssl_key = </etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/dovecot/conf.d/10-ssl.conf
sed -i "s|ssl_key =.*|ssl_key = </etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/dovecot/conf.d/10-ssl.conf
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME}) == "1" ]]; then
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME})" == "1" ]]; then
sed -i "s|#ssl_dh_parameters_length.*|ssl_dh_parameters_length = ${DH_KEYLENGTH}|g" /etc/dovecot/conf.d/10-ssl.conf
fi
sed -i 's/#ssl_prefer_server_ciphers.*/ssl_prefer_server_ciphers = yes/g' /etc/dovecot/conf.d/10-ssl.conf

View File

@ -242,7 +242,7 @@ function create_site_certificate {
fi
if [[ $ONION_ONLY == "no" ]]; then
if [[ $(cert_exists $SITE_DOMAIN_NAME) == "0" ]]; then
if [[ "$(cert_exists ${SITE_DOMAIN_NAME})" == "0" ]]; then
if [[ $LETSENCRYPT_ENABLED != "yes" ]]; then
create_self_signed_cert
else
@ -250,7 +250,7 @@ function create_site_certificate {
fi
else
if [[ $LETSENCRYPT_ENABLED == "yes" ]]; then
if [[ $(cert_exists $SITE_DOMAIN_NAME pem) == "0" ]]; then
if [[ "$(cert_exists ${SITE_DOMAIN_NAME} pem)" == "0" ]]; then
create_letsencrypt_cert
fi
fi
@ -657,13 +657,13 @@ function update_default_domain {
mkdir /etc/prosody/certs
fi
if [[ $(cert_exists chat.${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then
if [[ "$(cert_exists chat.${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
sed -i 's|--Component "conference.|Component "chat.|g' /etc/prosody/prosody.cfg.lua
fi
if [[ $(cert_exists xmpp.${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then
if [[ "$(cert_exists xmpp.${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
sed -i 's|--Component "conference.|Component "xmpp.|g' /etc/prosody/prosody.cfg.lua
fi
if [[ $(cert_exists conference.${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then
if [[ "$(cert_exists conference.${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
sed -i 's|--Component "conference.|Component "conference.|g' /etc/prosody/prosody.cfg.lua
fi
@ -688,7 +688,7 @@ function update_default_domain {
fi
if [ -d /var/lib/mumble-server ]; then
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem /var/lib/mumble-server/mumble.pem
cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam /var/lib/mumble-server/mumble.dhparam
cp /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key /var/lib/mumble-server/mumble.key
@ -702,7 +702,7 @@ function update_default_domain {
if [ -d /home/znc/.znc ]; then
echo $'znc found'
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
pkill znc
cat /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key > /home/znc/.znc/znc.pem
chown znc:znc /home/znc/.znc/znc.pem