free
/
freedomboneeee
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Permissions and certs for prosody

This commit is contained in:
Bob Mottram 2016-11-22 11:02:50 +00:00
parent 1a3b57b0f0
commit 6a176f021e
2 changed files with 17 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/freedombone-app-xmpp
View File

@ -371,6 +371,9 @@ function install_xmpp_main {
chown root:default /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.* chown root:default /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.*
cp -a /etc/prosody/conf.avail/example.com.cfg.lua /etc/prosody/conf.avail/xmpp.cfg.lua cp -a /etc/prosody/conf.avail/example.com.cfg.lua /etc/prosody/conf.avail/xmpp.cfg.lua
if [ ! -d /etc/prosody/certs ]; then
mkdir /etc/prosody/certs
fi
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
sed -i "s|/etc/prosody/certs/example.com.key|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua sed -i "s|/etc/prosody/certs/example.com.key|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua
@ -474,8 +477,6 @@ function install_xmpp_main {
fi fi
sed -i "s/example.com/$DEFAULT_DOMAIN_NAME/g" /etc/prosody/prosody.cfg.lua sed -i "s/example.com/$DEFAULT_DOMAIN_NAME/g" /etc/prosody/prosody.cfg.lua
update_default_domain
if [ ! -d /var/lib/tor ]; then if [ ! -d /var/lib/tor ]; then
echo $'No Tor installation found. xmpp onion site cannot be configured.' echo $'No Tor installation found. xmpp onion site cannot be configured.'
exit 877367 exit 877367
@ -517,6 +518,13 @@ function install_xmpp_main {
configure_firewall_for_xmpp configure_firewall_for_xmpp
xmpp_email_headers xmpp_email_headers
cp /etc/ssl/certs/xmpp.* /etc/prosody/certs
cp /etc/ssl/private/xmpp.* /etc/prosody/certs
chown -R prosody:default /etc/prosody
update_default_domain
systemctl restart prosody
install_completed xmpp_main install_completed xmpp_main
} }

8
src/freedombone-utils-web
View File

@ -714,6 +714,11 @@ function update_default_domain {
cp /etc/ssl/private/${DEFAULT_DOMAIN_NAME}* /etc/prosody/certs cp /etc/ssl/private/${DEFAULT_DOMAIN_NAME}* /etc/prosody/certs
cp /etc/ssl/certs/xmpp* /etc/prosody/certs cp /etc/ssl/certs/xmpp* /etc/prosody/certs
cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}* /etc/prosody/certs cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}* /etc/prosody/certs
if [ ! -f /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.dhparam ]; then
if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam ]; then
cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.dhparam
fi
fi
if [ ! /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then if [ ! /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
if [ ! /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.crt ]; then if [ ! /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.crt ]; then
mv /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.crt /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem mv /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.crt /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem
@ -725,8 +730,9 @@ function update_default_domain {
sed -i "s|/etc/prosody/certs/xmpp.key|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/prosody.cfg.lua sed -i "s|/etc/prosody/certs/xmpp.key|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/prosody.cfg.lua
sed -i "s|/etc/prosody/certs/xmpp.crt|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/prosody.cfg.lua sed -i "s|/etc/prosody/certs/xmpp.crt|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/prosody.cfg.lua
fi fi
chown -R prosody:prosody /etc/prosody chown -R prosody:default /etc/prosody
chmod -R 700 /etc/prosody/certs/* chmod -R 700 /etc/prosody/certs/*
chmod 600 /etc/prosody/prosody.cfg.lua
systemctl reload prosody systemctl reload prosody
fi fi