Create gpg key for server and move some gpg settings to gpg.conf.
This commit is contained in:
parent
c6dba01ab1
commit
c355c0e59a
|
@ -1,9 +1,9 @@
|
||||||
<?php
|
<?php
|
||||||
echo '<center>';
|
echo '<center>';
|
||||||
$pubkeyfile = getcwd().'/../tmp/pubkey.txt';
|
$pubkeyfile = '../tmp/server_pubkey.key';
|
||||||
if(is_file($pubkeyfile) && (isset($CONFIG['site_shortname']) && $CONFIG['site_shortname'] != '')) {
|
if(is_file($pubkeyfile)) {
|
||||||
echo '<font size="1.5em">';
|
echo '<font size="1.5em">';
|
||||||
echo '<a href="/tmp/pubkey.txt" target=_blank>'.$CONFIG['site_shortname'].'</a>';
|
echo '<a href="../tmp/server_pubkey.key" target=_blank>server_pubkey.key</a>';
|
||||||
echo '<br />';
|
echo '<br />';
|
||||||
echo '</font>';
|
echo '</font>';
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,16 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
/* Set 'enable' to '1' to verify you have configured
|
||||||
|
* this file, and are ready to enable gpg key creation
|
||||||
|
*/
|
||||||
|
$rslight_gpg['enable'] = '0';
|
||||||
|
|
||||||
|
/* YOU MUST CONFIGURE 'domain_name' to your site
|
||||||
|
* domain name
|
||||||
|
*/
|
||||||
|
$rslight_gpg['domain_name'] = "www.example.com";
|
||||||
|
|
||||||
|
/* Below settings need not be changed if you are
|
||||||
|
* ok with defaults
|
||||||
|
*/
|
||||||
|
$rslight_gpg['gnupghome'] = "$config_dir/.gnupg";
|
|
@ -0,0 +1,9 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
gnupghome="$1"
|
||||||
|
server_pub_key="$2"
|
||||||
|
domain="$3"
|
||||||
|
|
||||||
|
export GNUPGHOME=$gnupghome
|
||||||
|
gpg --batch --passphrase '' --quick-generate-key "$domain" rsa4096 cert 0
|
||||||
|
gpg --export -a $domain > $server_pub_key
|
|
@ -3,6 +3,7 @@
|
||||||
include "config.inc.php";
|
include "config.inc.php";
|
||||||
include "newsportal.php";
|
include "newsportal.php";
|
||||||
include $config_dir."/scripts/rslight-lib.php";
|
include $config_dir."/scripts/rslight-lib.php";
|
||||||
|
include $config_dir."/gpg.conf";
|
||||||
|
|
||||||
$menulist = file($config_dir."menu.conf", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
|
$menulist = file($config_dir."menu.conf", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
|
||||||
|
|
||||||
|
@ -55,7 +56,15 @@
|
||||||
touch($overview);
|
touch($overview);
|
||||||
@chown($overview, $uinfo["uid"]);
|
@chown($overview, $uinfo["uid"]);
|
||||||
@chgrp($overview, $uinfo["gid"]);
|
@chgrp($overview, $uinfo["gid"]);
|
||||||
|
|
||||||
|
if($rslight_gpg['enable'] == '1') {
|
||||||
|
$gnupg = $rslight_gpg['gnupghome'];
|
||||||
|
if(!is_dir($gnupg)) {
|
||||||
|
mkdir($gnupg, 0700);
|
||||||
|
chown($gnupg, $uinfo["uid"]);
|
||||||
|
chgrp($gnupg, $uinfo["gid"]);
|
||||||
|
}
|
||||||
|
}
|
||||||
/* Change to non root user */
|
/* Change to non root user */
|
||||||
change_identity($uinfo["uid"],$uinfo["gid"]);
|
change_identity($uinfo["uid"],$uinfo["gid"]);
|
||||||
/* Everything below runs as $CONFIG['webserver_user'] */
|
/* Everything below runs as $CONFIG['webserver_user'] */
|
||||||
|
@ -67,6 +76,14 @@ if(isset($CONFIG['enable_nocem']) && $CONFIG['enable_nocem'] == true) {
|
||||||
@mkdir($spooldir."nocem",0755,'recursive');
|
@mkdir($spooldir."nocem",0755,'recursive');
|
||||||
exec($CONFIG['php_exec']." ".$config_dir."/scripts/nocem.php");
|
exec($CONFIG['php_exec']." ".$config_dir."/scripts/nocem.php");
|
||||||
}
|
}
|
||||||
|
// Set up server gpg keys
|
||||||
|
if($rslight_gpg['enable'] == '1') {
|
||||||
|
if(!is_file($webtmp.'/server_pubkey.key')) {
|
||||||
|
$domain = 'rslight@'.$rslight_gpg['domain_name'];
|
||||||
|
$interBBS_mail = $config_dir.'/scripts/create_gpg_keys.sh "'.$gnupg.'" "'.$webtmp.'/server_pubkey.key" '.$domain;
|
||||||
|
exec($interBBS_mail);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
reset($menulist);
|
reset($menulist);
|
||||||
foreach($menulist as $menu) {
|
foreach($menulist as $menu) {
|
||||||
|
|
Loading…
Reference in New Issue