Switch xmpp cert path
This commit is contained in:
parent
4485d92021
commit
c85dc2e33c
|
@ -638,7 +638,7 @@ function xmpp_create_config {
|
|||
echo 'https_ports = { 5281 }' >> /etc/prosody/prosody.cfg.lua
|
||||
echo 'https_interfaces = { "*" }' >> /etc/prosody/prosody.cfg.lua
|
||||
echo 'https_ssl = {' >> /etc/prosody/prosody.cfg.lua
|
||||
if [ -f /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
||||
if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
||||
echo " certificate = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem\";" >> /etc/prosody/prosody.cfg.lua
|
||||
else
|
||||
echo " certificate = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt\";" >> /etc/prosody/prosody.cfg.lua
|
||||
|
@ -652,7 +652,7 @@ function xmpp_create_config {
|
|||
echo '' >> /etc/prosody/prosody.cfg.lua
|
||||
echo 'ssl = {' >> /etc/prosody/prosody.cfg.lua
|
||||
echo " key = \"/etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key\";" >> /etc/prosody/prosody.cfg.lua
|
||||
if [ -f /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
||||
if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
||||
echo " certificate = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem\";" >> /etc/prosody/prosody.cfg.lua
|
||||
else
|
||||
echo " certificate = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt\";" >> /etc/prosody/prosody.cfg.lua
|
||||
|
@ -686,17 +686,17 @@ function xmpp_create_config {
|
|||
echo "VirtualHost \"${DEFAULT_DOMAIN_NAME}\"" >> /etc/prosody/prosody.cfg.lua
|
||||
fi
|
||||
echo ' ssl = {' >> /etc/prosody/prosody.cfg.lua
|
||||
echo " key = \"/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key\";" >> /etc/prosody/prosody.cfg.lua
|
||||
if [ -f /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
||||
echo " certificate = \"/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem\";" >> /etc/prosody/prosody.cfg.lua
|
||||
echo " key = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.key\";" >> /etc/prosody/prosody.cfg.lua
|
||||
if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
|
||||
echo " certificate = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem\";" >> /etc/prosody/prosody.cfg.lua
|
||||
else
|
||||
echo " certificate = \"/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.crt\";" >> /etc/prosody/prosody.cfg.lua
|
||||
echo " certificate = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt\";" >> /etc/prosody/prosody.cfg.lua
|
||||
fi
|
||||
echo " curve = $XMPP_ECC_CURVE;" >> /etc/prosody/prosody.cfg.lua
|
||||
echo ' depth = "2";' >> /etc/prosody/prosody.cfg.lua
|
||||
echo " ciphers = $XMPP_CIPHERS;" >> /etc/prosody/prosody.cfg.lua
|
||||
echo ' options = {"no_sslv2", "no_sslv3" };' >> /etc/prosody/prosody.cfg.lua
|
||||
echo " dhparam = \"/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.dhparam\";" >> /etc/prosody/prosody.cfg.lua
|
||||
echo " dhparam = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam\";" >> /etc/prosody/prosody.cfg.lua
|
||||
echo ' }' >> /etc/prosody/prosody.cfg.lua
|
||||
echo '' >> /etc/prosody/prosody.cfg.lua
|
||||
echo 'Include "conf.d/*.cfg.lua"' >> /etc/prosody/prosody.cfg.lua
|
||||
|
@ -841,22 +841,19 @@ function install_xmpp {
|
|||
chown root:default /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.*
|
||||
|
||||
cp -a /etc/prosody/conf.avail/example.com.cfg.lua /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
if [ ! -d /etc/prosody/certs ]; then
|
||||
mkdir /etc/prosody/certs
|
||||
fi
|
||||
|
||||
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
|
||||
sed -i "s|/etc/prosody/certs/example.com.key|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
sed -i "s|/etc/prosody/certs/example.com.crt|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
sed -i "s|key =.*|key = /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
sed -i "s|certificate =.*|certificate = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
else
|
||||
sed -i 's|/etc/prosody/certs/example.com.key|/etc/prosody/certs/xmpp.key|g' /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
sed -i 's|/etc/prosody/certs/example.com.crt|/etc/prosody/certs/xmpp.crt|g' /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
sed -i "s|key =.*|key = /etc/ssl/privates/xmpp.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
sed -i "s|certificate =.*|certificate = /etc/ssl/certs/xmpp.crt|g" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
fi
|
||||
if ! grep -q "xmpp.dhparam" /etc/prosody/conf.avail/xmpp.cfg.lua; then
|
||||
if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME})" == "1" ]]; then
|
||||
sed -i "/certificate =/a\ dhparam = \"/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.dhparam\";" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
sed -i "/certificate =/a\ dhparam = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam\";" /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
else
|
||||
sed -i '/certificate =/a\ dhparam = "/etc/prosody/certs/xmpp.dhparam";' /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
sed -i '/certificate =/a\ dhparam = "/etc/ssl/certs/xmpp.dhparam";' /etc/prosody/conf.avail/xmpp.cfg.lua
|
||||
fi
|
||||
fi
|
||||
if ! grep -q 'options = {"no_sslv2", "no_sslv3" }' /etc/prosody/conf.avail/xmpp.cfg.lua; then
|
||||
|
@ -935,8 +932,6 @@ function install_xmpp {
|
|||
configure_firewall_for_xmpp
|
||||
xmpp_email_headers
|
||||
|
||||
cp /etc/ssl/certs/xmpp.* /etc/prosody/certs
|
||||
cp /etc/ssl/private/xmpp.* /etc/prosody/certs
|
||||
update_default_domain
|
||||
|
||||
xmpp_create_config
|
||||
|
|
Loading…
Reference in New Issue