From e42c276dd7340a91418ccaa07bda6ed0b88dbf01 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Sun, 21 Jan 2018 00:09:20 +0000
Subject: [PATCH] Upgrade prosody certs when possible

---
 src/freedombone-app-xmpp | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/src/freedombone-app-xmpp b/src/freedombone-app-xmpp
index 62223377..cf1eddc0 100755
--- a/src/freedombone-app-xmpp
+++ b/src/freedombone-app-xmpp
@@ -407,6 +407,25 @@ function upgrade_xmpp {
     update_prosody_modules
     xmpp_onion_addresses /etc/prosody/prosody.cfg.lua
 
+    if grep -q "/etc/ssl/certs/xmpp.dhparam" /etc/prosody/prosody.cfg.lua; then
+        cp /etc/ssl/certs/xmpp.dhparam /etc/prosody/xmpp.dhparam
+        chown prosody:prosody /etc/prosody/xmpp.dhparam
+        sed -i 's|/etc/ssl/certs/xmpp.dhparam|/etc/prosody/xmpp.dhparam|g' /etc/prosody/prosody.cfg.lua
+        sed -i 's|/etc/ssl/certs/xmpp.dhparam|/etc/prosody/xmpp.dhparam|g' /etc/prosody/conf.avail/xmpp.cfg.lua
+    fi
+
+    if grep -q "/etc/ssl/private/xmpp.key" /etc/prosody/prosody.cfg.lua; then
+        if [ -f /etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/privkey.pem ]; then
+            sed -i "s|/etc/ssl/private/xmpp.key|/etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/privkey.pem|g" /etc/prosody/prosody.cfg.lua
+        fi
+    fi
+
+    if grep -q "/etc/ssl/certs/xmpp.crt" /etc/prosody/prosody.cfg.lua; then
+        if [ -f /etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem ]; then
+            sed -i "s|/etc/ssl/certs/xmpp.crt|/etc/letsencrypt/live/${DEFAULT_DOMAIN_NAME}/fullchain.pem|g" /etc/prosody/prosody.cfg.lua
+        fi
+    fi
+
     curr_prosody_filename=$(cat $COMPLETION_FILE | grep "prosody_filename" | awk -F ':' '{print $2}')
     if [[ "$curr_prosody_filename" != "$prosody_filename" ]]; then
         if [ -d ${INSTALL_DIR}/${prosody_filename} ]; then
@@ -1065,6 +1084,14 @@ function install_xmpp {
     if [ -d /etc/letsencrypt ]; then
         usermod -a -G ssl-cert prosody
     fi
+
+    if [ -f /etc/ssl/certs/xmpp.dhparam ]; then
+        cp /etc/ssl/certs/xmpp.dhparam /etc/prosody/xmpp.dhparam
+        chown prosody:prosody /etc/prosody/xmpp.dhparam
+        sed -i 's|/etc/ssl/certs/xmpp.dhparam|/etc/prosody/xmpp.dhparam|g' /etc/prosody/prosody.cfg.lua
+        sed -i 's|/etc/ssl/certs/xmpp.dhparam|/etc/prosody/xmpp.dhparam|g' /etc/prosody/conf.avail/xmpp.cfg.lua
+    fi
+
     apt-mark -q hold prosody
     systemctl restart prosody