From c85dc2e33cdeef7fce9c43d61405e5bbf9823bc2 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Wed, 17 May 2017 19:05:32 +0100
Subject: [PATCH] Switch xmpp cert path

---
 src/freedombone-app-xmpp | 31 +++++++++++++------------------
 1 file changed, 13 insertions(+), 18 deletions(-)

diff --git a/src/freedombone-app-xmpp b/src/freedombone-app-xmpp
index d84c0dcc..0b788fcf 100755
--- a/src/freedombone-app-xmpp
+++ b/src/freedombone-app-xmpp
@@ -638,7 +638,7 @@ function xmpp_create_config {
     echo 'https_ports = { 5281 }' >> /etc/prosody/prosody.cfg.lua
     echo 'https_interfaces = { "*" }' >> /etc/prosody/prosody.cfg.lua
     echo 'https_ssl = {' >> /etc/prosody/prosody.cfg.lua
-    if [ -f /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
+    if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
         echo "    certificate = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem\";" >> /etc/prosody/prosody.cfg.lua
     else
         echo "    certificate = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt\";" >> /etc/prosody/prosody.cfg.lua
@@ -652,7 +652,7 @@ function xmpp_create_config {
     echo '' >> /etc/prosody/prosody.cfg.lua
     echo 'ssl = {' >> /etc/prosody/prosody.cfg.lua
     echo "    key = \"/etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key\";" >> /etc/prosody/prosody.cfg.lua
-    if [ -f /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
+    if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
         echo "    certificate = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem\";" >> /etc/prosody/prosody.cfg.lua
     else
         echo "    certificate = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt\";" >> /etc/prosody/prosody.cfg.lua
@@ -686,17 +686,17 @@ function xmpp_create_config {
         echo "VirtualHost \"${DEFAULT_DOMAIN_NAME}\"" >> /etc/prosody/prosody.cfg.lua
     fi
     echo '    ssl = {' >> /etc/prosody/prosody.cfg.lua
-    echo "        key = \"/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key\";" >> /etc/prosody/prosody.cfg.lua
-    if [ -f /etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
-        echo "        certificate = \"/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem\";" >> /etc/prosody/prosody.cfg.lua
+    echo "        key = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.key\";" >> /etc/prosody/prosody.cfg.lua
+    if [ -f /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem ]; then
+        echo "        certificate = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem\";" >> /etc/prosody/prosody.cfg.lua
     else
-        echo "        certificate = \"/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.crt\";" >> /etc/prosody/prosody.cfg.lua
+        echo "        certificate = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.crt\";" >> /etc/prosody/prosody.cfg.lua
     fi
     echo "        curve = $XMPP_ECC_CURVE;" >> /etc/prosody/prosody.cfg.lua
     echo '        depth = "2";' >> /etc/prosody/prosody.cfg.lua
     echo "        ciphers = $XMPP_CIPHERS;" >> /etc/prosody/prosody.cfg.lua
     echo '        options = {"no_sslv2", "no_sslv3" };' >> /etc/prosody/prosody.cfg.lua
-    echo "        dhparam = \"/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.dhparam\";" >> /etc/prosody/prosody.cfg.lua
+    echo "        dhparam = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam\";" >> /etc/prosody/prosody.cfg.lua
     echo '    }' >> /etc/prosody/prosody.cfg.lua
     echo '' >> /etc/prosody/prosody.cfg.lua
     echo 'Include "conf.d/*.cfg.lua"' >> /etc/prosody/prosody.cfg.lua
@@ -841,22 +841,19 @@ function install_xmpp {
     chown root:default /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.*
 
     cp -a /etc/prosody/conf.avail/example.com.cfg.lua /etc/prosody/conf.avail/xmpp.cfg.lua
-    if [ ! -d /etc/prosody/certs ]; then
-        mkdir /etc/prosody/certs
-    fi
 
     if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME} pem)" == "1" ]]; then
-        sed -i "s|/etc/prosody/certs/example.com.key|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua
-        sed -i "s|/etc/prosody/certs/example.com.crt|/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/conf.avail/xmpp.cfg.lua
+        sed -i "s|key =.*|key = /etc/ssl/private/${DEFAULT_DOMAIN_NAME}.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua
+        sed -i "s|certificate =.*|certificate = /etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.pem|g" /etc/prosody/conf.avail/xmpp.cfg.lua
     else
-        sed -i 's|/etc/prosody/certs/example.com.key|/etc/prosody/certs/xmpp.key|g' /etc/prosody/conf.avail/xmpp.cfg.lua
-        sed -i 's|/etc/prosody/certs/example.com.crt|/etc/prosody/certs/xmpp.crt|g' /etc/prosody/conf.avail/xmpp.cfg.lua
+        sed -i "s|key =.*|key = /etc/ssl/privates/xmpp.key|g" /etc/prosody/conf.avail/xmpp.cfg.lua
+        sed -i "s|certificate =.*|certificate = /etc/ssl/certs/xmpp.crt|g" /etc/prosody/conf.avail/xmpp.cfg.lua
     fi
     if ! grep -q "xmpp.dhparam" /etc/prosody/conf.avail/xmpp.cfg.lua; then
         if [[ "$(cert_exists ${DEFAULT_DOMAIN_NAME})" == "1" ]]; then
-            sed -i "/certificate =/a\        dhparam = \"/etc/prosody/certs/${DEFAULT_DOMAIN_NAME}.dhparam\";" /etc/prosody/conf.avail/xmpp.cfg.lua
+            sed -i "/certificate =/a\        dhparam = \"/etc/ssl/certs/${DEFAULT_DOMAIN_NAME}.dhparam\";" /etc/prosody/conf.avail/xmpp.cfg.lua
         else
-            sed -i '/certificate =/a\        dhparam = "/etc/prosody/certs/xmpp.dhparam";' /etc/prosody/conf.avail/xmpp.cfg.lua
+            sed -i '/certificate =/a\        dhparam = "/etc/ssl/certs/xmpp.dhparam";' /etc/prosody/conf.avail/xmpp.cfg.lua
         fi
     fi
     if ! grep -q 'options = {"no_sslv2", "no_sslv3" }' /etc/prosody/conf.avail/xmpp.cfg.lua; then
@@ -935,8 +932,6 @@ function install_xmpp {
     configure_firewall_for_xmpp
     xmpp_email_headers
 
-    cp /etc/ssl/certs/xmpp.* /etc/prosody/certs
-    cp /etc/ssl/private/xmpp.* /etc/prosody/certs
     update_default_domain
 
     xmpp_create_config