irc configuration for onion only systems
This commit is contained in:
Bob Mottram
parent
9ec2bf6cbd
commit
6aa70353bf
|
|
@ -97,11 +97,12 @@ function create_irssi_config {
|
|||
echo ' },' >> /home/${new_username}/.irssi/config
|
||||
echo ' {' >> /home/${new_username}/.irssi/config
|
||||
echo " address = \"127.0.0.1\";" >> /home/${new_username}/.irssi/config
|
||||
echo ' use_ssl = "yes";' >> /home/${new_username}/.irssi/config
|
||||
echo ' ssl_verify = "no";' >> /home/${new_username}/.irssi/config
|
||||
if [[ ${ONION_ONLY} == 'no' ]]; then
|
||||
echo ' use_ssl = "yes";' >> /home/${new_username}/.irssi/config
|
||||
echo " port = \"${IRC_BOUNCER_PORT}\";" >> /home/${new_username}/.irssi/config
|
||||
else
|
||||
echo ' use_ssl = "no";' >> /home/${new_username}/.irssi/config
|
||||
IRC_ONION_HOSTNAME=$(cat ${COMPLETION_FILE} | grep "irc onion domain" | head -n 1 | awk -F ':' '{print $2}')
|
||||
echo " port = \"${IRC_ONION_PORT}\";" >> /home/${new_username}/.irssi/config
|
||||
fi
|
||||
|
|
@ -517,15 +518,17 @@ function install_irc_server {
|
|||
sed -i "s/irc.example.net/$DEFAULTDOMAIN/g" /etc/ngircd/ngircd.conf
|
||||
sed -i "s|Yet another IRC Server running on Debian GNU/Linux|IRC Server of $DEFAULTDOMAIN|g" /etc/ngircd/ngircd.conf
|
||||
sed -i 's/;Password = wealllikedebian/Password =/g' /etc/ngircd/ngircd.conf
|
||||
if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
||||
sed -i "s|;CertFile = /etc/ssl/certs/server.crt|CertFile = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/ngircd/ngircd.conf
|
||||
else
|
||||
sed -i "s|;CertFile = /etc/ssl/certs/server.crt|CertFile = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt|g" /etc/ngircd/ngircd.conf
|
||||
fi
|
||||
sed -i "s|;DHFile = /etc/ngircd/dhparams.pem|DHFile = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam|g" /etc/ngircd/ngircd.conf
|
||||
sed -i "s|;KeyFile = /etc/ssl/private/server.key|KeyFile = /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/ngircd/ngircd.conf
|
||||
sed -i "s/;Ports =.*/Ports = ${IRC_PORT}/1" /etc/ngircd/ngircd.conf
|
||||
sed -i "s/;Ports =.*/Ports = ${IRC_PORT}/2" /etc/ngircd/ngircd.conf
|
||||
if [[ $ONION_ONLY == 'no' ]]; then
|
||||
if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
||||
sed -i "s|;CertFile = /etc/ssl/certs/server.crt|CertFile = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/ngircd/ngircd.conf
|
||||
else
|
||||
sed -i "s|;CertFile = /etc/ssl/certs/server.crt|CertFile = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt|g" /etc/ngircd/ngircd.conf
|
||||
fi
|
||||
sed -i "s|;DHFile = /etc/ngircd/dhparams.pem|DHFile = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam|g" /etc/ngircd/ngircd.conf
|
||||
sed -i "s|;KeyFile = /etc/ssl/private/server.key|KeyFile = /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/ngircd/ngircd.conf
|
||||
sed -i "s/;Ports =.*/Ports = ${IRC_PORT}/2" /etc/ngircd/ngircd.conf
|
||||
fi
|
||||
sed -i "s/;Name = #ngircd/Name = #${PROJECT_NAME}/g" /etc/ngircd/ngircd.conf
|
||||
sed -i "s/;Topic = Our ngircd testing channel/Topic = ${PROJECT_NAME} chat channel/g" /etc/ngircd/ngircd.conf
|
||||
sed -i 's/;MaxUsers = 23/MaxUsers = 23/g' /etc/ngircd/ngircd.conf
|
||||
|
|
@ -607,7 +610,11 @@ function install_irc_bouncer {
|
|||
echo ' IPv4 = true' >> /home/znc/.znc/configs/znc.conf
|
||||
echo ' IPv6 = true' >> /home/znc/.znc/configs/znc.conf
|
||||
echo ' Port = 6697' >> /home/znc/.znc/configs/znc.conf
|
||||
echo ' SSL = true' >> /home/znc/.znc/configs/znc.conf
|
||||
if [[ ${ONION_ONLY} == 'no' ]]; then
|
||||
echo ' SSL = true' >> /home/znc/.znc/configs/znc.conf
|
||||
else
|
||||
echo ' SSL = false' >> /home/znc/.znc/configs/znc.conf
|
||||
fi
|
||||
echo ' URIPrefix = /' >> /home/znc/.znc/configs/znc.conf
|
||||
echo '</Listener>' >> /home/znc/.znc/configs/znc.conf
|
||||
echo '' >> /home/znc/.znc/configs/znc.conf
|
||||
|
|
|
|||
|
|
@ -652,78 +652,79 @@ function configure_firewall_for_web_access {
|
|||
|
||||
function update_default_domain {
|
||||
echo $'Updating default domain'
|
||||
|
||||
if [ -d /etc/prosody ]; then
|
||||
if [ ! -d /etc/prosody/certs ]; then
|
||||
mkdir /etc/prosody/certs
|
||||
fi
|
||||
|
||||
if [[ "$(cert_exists chat.${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
|
||||
sed -i 's|--Component "conference.|Component "chat.|g' /etc/prosody/prosody.cfg.lua
|
||||
fi
|
||||
if [[ "$(cert_exists xmpp.${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
|
||||
sed -i 's|--Component "conference.|Component "xmpp.|g' /etc/prosody/prosody.cfg.lua
|
||||
fi
|
||||
if [[ "$(cert_exists conference.${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
|
||||
sed -i 's|--Component "conference.|Component "conference.|g' /etc/prosody/prosody.cfg.lua
|
||||
fi
|
||||
|
||||
cp /etc/ssl/private/xmpp* /etc/prosody/certs
|
||||
cp /etc/ssl/private/${DEFAULT_DOMAIN_NAME}* /etc/prosody/certs
|
||||
cp /etc/ssl/certs/xmpp* /etc/prosody/certs
|
||||
cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}* /etc/prosody/certs
|
||||
if [ ! /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
||||
if [ ! /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.crt ]; then
|
||||
mv /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.crt /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem
|
||||
if [[ $ONION_ONLY == 'no' ]]; then
|
||||
if [ -d /etc/prosody ]; then
|
||||
if [ ! -d /etc/prosody/certs ]; then
|
||||
mkdir /etc/prosody/certs
|
||||
fi
|
||||
else
|
||||
sed -i "s|/etc/prosody/certs/xmpp.key|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
sed -i "s|/etc/prosody/certs/xmpp.crt|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
|
||||
sed -i "s|/etc/prosody/certs/xmpp.key|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/prosody.cfg.lua
|
||||
sed -i "s|/etc/prosody/certs/xmpp.crt|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/prosody.cfg.lua
|
||||
if [[ "$(cert_exists chat.${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
|
||||
sed -i 's|--Component "conference.|Component "chat.|g' /etc/prosody/prosody.cfg.lua
|
||||
fi
|
||||
if [[ "$(cert_exists xmpp.${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
|
||||
sed -i 's|--Component "conference.|Component "xmpp.|g' /etc/prosody/prosody.cfg.lua
|
||||
fi
|
||||
if [[ "$(cert_exists conference.${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
|
||||
sed -i 's|--Component "conference.|Component "conference.|g' /etc/prosody/prosody.cfg.lua
|
||||
fi
|
||||
|
||||
cp /etc/ssl/private/xmpp* /etc/prosody/certs
|
||||
cp /etc/ssl/private/${DEFAULT_DOMAIN_NAME}* /etc/prosody/certs
|
||||
cp /etc/ssl/certs/xmpp* /etc/prosody/certs
|
||||
cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}* /etc/prosody/certs
|
||||
if [ ! /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
||||
if [ ! /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.crt ]; then
|
||||
mv /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.crt /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem
|
||||
fi
|
||||
else
|
||||
sed -i "s|/etc/prosody/certs/xmpp.key|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
sed -i "s|/etc/prosody/certs/xmpp.crt|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
|
||||
sed -i "s|/etc/prosody/certs/xmpp.key|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/prosody.cfg.lua
|
||||
sed -i "s|/etc/prosody/certs/xmpp.crt|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/prosody.cfg.lua
|
||||
fi
|
||||
chown -R prosody:prosody /etc/prosody
|
||||
chmod -R 700 /etc/prosody/certs/*
|
||||
systemctl reload prosody
|
||||
fi
|
||||
chown -R prosody:prosody /etc/prosody
|
||||
chmod -R 700 /etc/prosody/certs/*
|
||||
systemctl reload prosody
|
||||
fi
|
||||
|
||||
if [ -d /var/lib/mumble-server ]; then
|
||||
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
|
||||
cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem /var/lib/mumble-server/mumble.pem
|
||||
cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam /var/lib/mumble-server/mumble.dhparam
|
||||
cp /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key /var/lib/mumble-server/mumble.key
|
||||
chown -R mumble-server:mumble-server /var/lib/mumble-server
|
||||
chmod -R 700 /var/lib/mumble-server/${DEFAULT_DOMAIN_NAME}.pem
|
||||
chmod -R 700 /var/lib/mumble-server/${DEFAULT_DOMAIN_NAME}.key
|
||||
chmod -R 700 /var/lib/mumble-server/${DEFAULT_DOMAIN_NAME}.dhparam
|
||||
systemctl reload mumble
|
||||
if [ -d /var/lib/mumble-server ]; then
|
||||
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
|
||||
cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem /var/lib/mumble-server/mumble.pem
|
||||
cp /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam /var/lib/mumble-server/mumble.dhparam
|
||||
cp /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key /var/lib/mumble-server/mumble.key
|
||||
chown -R mumble-server:mumble-server /var/lib/mumble-server
|
||||
chmod -R 700 /var/lib/mumble-server/${DEFAULT_DOMAIN_NAME}.pem
|
||||
chmod -R 700 /var/lib/mumble-server/${DEFAULT_DOMAIN_NAME}.key
|
||||
chmod -R 700 /var/lib/mumble-server/${DEFAULT_DOMAIN_NAME}.dhparam
|
||||
systemctl reload mumble
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -d /home/znc/.znc ]; then
|
||||
echo $'znc found'
|
||||
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
|
||||
pkill znc
|
||||
cat /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key > /home/znc/.znc/znc.pem
|
||||
chown znc:znc /home/znc/.znc/znc.pem
|
||||
chmod 700 /home/znc/.znc/znc.pem
|
||||
if [ -d /home/znc/.znc ]; then
|
||||
echo $'znc found'
|
||||
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
|
||||
pkill znc
|
||||
cat /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key > /home/znc/.znc/znc.pem
|
||||
chown znc:znc /home/znc/.znc/znc.pem
|
||||
chmod 700 /home/znc/.znc/znc.pem
|
||||
|
||||
sed -i "s|CertFile =.*|CertFile = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem" /etc/ngircd/ngircd.conf
|
||||
sed -i "s|DHFile =.*|DHFile = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam" /etc/ngircd/ngircd.conf
|
||||
sed -i "s|KeyFile =.*|KeyFile = /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key" /etc/ngircd/ngircd.conf
|
||||
echo $'irc certificates updated'
|
||||
sed -i "s|CertFile =.*|CertFile = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem" /etc/ngircd/ngircd.conf
|
||||
sed -i "s|DHFile =.*|DHFile = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam" /etc/ngircd/ngircd.conf
|
||||
sed -i "s|KeyFile =.*|KeyFile = /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key" /etc/ngircd/ngircd.conf
|
||||
echo $'irc certificates updated'
|
||||
|
||||
systemctl restart ngircd
|
||||
su -c 'znc' - znc
|
||||
systemctl restart ngircd
|
||||
su -c 'znc' - znc
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -d /etc/dovecot ]; then
|
||||
if ! grep -q "ssl_cert = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem" /etc/dovecot/conf.d/10-ssl.conf; then
|
||||
sed -i "s|#ssl_cert =.*|ssl_cert = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
|
||||
sed -i "s|ssl_cert =.*|ssl_cert = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
|
||||
systemctl restart dovecot
|
||||
if [ -d /etc/dovecot ]; then
|
||||
if ! grep -q "ssl_cert = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem" /etc/dovecot/conf.d/10-ssl.conf; then
|
||||
sed -i "s|#ssl_cert =.*|ssl_cert = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
|
||||
sed -i "s|ssl_cert =.*|ssl_cert = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/dovecot/conf.d/10-ssl.conf
|
||||
systemctl restart dovecot
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue