Use letsencrypt cert with mumble

This commit is contained in:
Bob Mottram 2016-10-28 13:19:08 +01:00
parent d2f0444328
commit f40d44e6b2
2 changed files with 17 additions and 1 deletions

View File

@ -228,6 +228,9 @@ function install_mumble {
fi fi
cp /etc/ssl/certs/mumble.* /var/lib/mumble-server cp /etc/ssl/certs/mumble.* /var/lib/mumble-server
cp /etc/ssl/private/mumble.key /var/lib/mumble-server cp /etc/ssl/private/mumble.key /var/lib/mumble-server
if [ ! -f /var/lib/mumble-server/mumble.pem ]; then
mv /var/lib/mumble-server/mumble.crt /var/lib/mumble-server/mumble.pem
fi
chown -R mumble-server:mumble-server /var/lib/mumble-server chown -R mumble-server:mumble-server /var/lib/mumble-server
sed -i "s|welcometext=.*|welcometext=\"<br />Welcome to $DEFAULT_DOMAIN_NAME <b>mumble</b>.<br />Chat freely!<br />\"|g" /etc/mumble-server.ini sed -i "s|welcometext=.*|welcometext=\"<br />Welcome to $DEFAULT_DOMAIN_NAME <b>mumble</b>.<br />Chat freely!<br />\"|g" /etc/mumble-server.ini
@ -245,7 +248,7 @@ function install_mumble {
echo 'allowping=False' >> /etc/mumble-server.ini echo 'allowping=False' >> /etc/mumble-server.ini
fi fi
sed -i 's|allowping=.*|allowping=False|g' /etc/mumble-server.ini sed -i 's|allowping=.*|allowping=False|g' /etc/mumble-server.ini
sed -i 's|#sslCert=.*|sslCert=/var/lib/mumble-server/mumble.crt|g' /etc/mumble-server.ini sed -i 's|#sslCert=.*|sslCert=/var/lib/mumble-server/mumble.pem|g' /etc/mumble-server.ini
sed -i 's|#sslKey=.*|sslKey=/var/lib/mumble-server/mumble.key|g' /etc/mumble-server.ini sed -i 's|#sslKey=.*|sslKey=/var/lib/mumble-server/mumble.key|g' /etc/mumble-server.ini
sed -i 's|#certrequired=.*|certrequired=True|g' /etc/mumble-server.ini sed -i 's|#certrequired=.*|certrequired=True|g' /etc/mumble-server.ini
sed -i 's|users=100|users=10|g' /etc/mumble-server.ini sed -i 's|users=100|users=10|g' /etc/mumble-server.ini
@ -259,6 +262,7 @@ function install_mumble {
MUMBLE_ONION_HOSTNAME=$(add_onion_service mumble ${MUMBLE_PORT} ${MUMBLE_PORT}) MUMBLE_ONION_HOSTNAME=$(add_onion_service mumble ${MUMBLE_PORT} ${MUMBLE_PORT})
update_default_domain
systemctl restart mumble-server systemctl restart mumble-server
if ! grep -q $"Mumble Server" /home/$MY_USERNAME/README; then if ! grep -q $"Mumble Server" /home/$MY_USERNAME/README; then

View File

@ -676,6 +676,18 @@ function update_default_domain {
chmod -R 700 /etc/prosody/certs/* chmod -R 700 /etc/prosody/certs/*
systemctl restart prosody systemctl restart prosody
fi fi
if [ -d /var/lib/mumble-server ]; then
if [[ $(cert_exists ${DEFAULT_DOMAIN_NAME} pem) == "1" ]]; then
cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem /var/lib/mumble-server/mumble.pem
cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam /var/lib/mumble-server/mumble.dhparam
cp /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key /var/lib/mumble-server/mumble.key
chown -R mumble-server:mumble-server /var/lib/mumble-server
chmod -R 700 /var/lib/mumble-server/${DEFAULT_DOMAIN_NAME}.pem
chmod -R 700 /var/lib/mumble-server/${DEFAULT_DOMAIN_NAME}.key
chmod -R 700 /var/lib/mumble-server/${DEFAULT_DOMAIN_NAME}.dhparam
fi
fi
} }
# NOTE: deliberately no exit 0 # NOTE: deliberately no exit 0