haskal
/
jiti-meet
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Changes owner to prosody of newly created certificates. Fixes #2244.

This commit is contained in:
damencho 2017-12-04 23:27:28 -06:00 committed by bgrozev
parent 0d4dcffbac
commit 94813bc0fd
1 changed files with 7 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
debian/jitsi-meet-prosody.postinst vendored
View File

@ -112,29 +112,19 @@ case "$1" in
fi fi
if [ ! -f /var/lib/prosody/$JVB_HOSTNAME.crt ]; then if [ ! -f /var/lib/prosody/$JVB_HOSTNAME.crt ]; then
HOST="$( (hostname -s; echo localhost) | head -n 1)" # prosodyctl takes care for the permissions
DOMAIN="$( (hostname -d; echo localdomain) | head -n 1)" prosodyctl cert generate $JVB_HOSTNAME
openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -subj \
"/O=$DOMAIN/OU=$HOST/CN=$JVB_HOSTNAME/emailAddress=webmaster@$HOST.$DOMAIN" \
-keyout /var/lib/prosody/$JVB_HOSTNAME.key \
-out /var/lib/prosody/$JVB_HOSTNAME.crt
ln -sf /var/lib/prosody/$JVB_HOSTNAME.key /etc/prosody/certs/$JVB_HOSTNAME.key ln -sf /var/lib/prosody/$JVB_HOSTNAME.key /etc/prosody/certs/$JVB_HOSTNAME.key
ln -sf /var/lib/prosody/$JVB_HOSTNAME.crt /etc/prosody/certs/$JVB_HOSTNAME.crt ln -sf /var/lib/prosody/$JVB_HOSTNAME.crt /etc/prosody/certs/$JVB_HOSTNAME.crt
fi fi
if [ ! -f /var/lib/prosody/$JICOFO_AUTH_DOMAIN.crt ]; then if [ ! -f /var/lib/prosody/$JICOFO_AUTH_DOMAIN.crt ]; then
HOST="$( (hostname -s; echo localhost) | head -n 1)" # prosodyctl takes care for the permissions
DOMAIN="$( (hostname -d; echo localdomain) | head -n 1)" prosodyctl cert generate $JICOFO_AUTH_DOMAIN
openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -subj \
"/O=$DOMAIN/OU=$HOST/CN=$JICOFO_AUTH_DOMAIN/emailAddress=webmaster@$HOST.$DOMAIN" \
-keyout /var/lib/prosody/$JICOFO_AUTH_DOMAIN.key \
-out /var/lib/prosody/$JICOFO_AUTH_DOMAIN.crt
AUTH_KEY_FILE="/etc/prosody/certs/$JICOFO_AUTH_DOMAIN.key" ln -sf /var/lib/prosody/$JICOFO_AUTH_DOMAIN.key /etc/prosody/certs/$JICOFO_AUTH_DOMAIN.key
AUTH_CRT_FILE="/etc/prosody/certs/$JICOFO_AUTH_DOMAIN.crt" ln -sf /var/lib/prosody/$JICOFO_AUTH_DOMAIN.crt /etc/prosody/certs/$JICOFO_AUTH_DOMAIN.crt
ln -sf /var/lib/prosody/$JICOFO_AUTH_DOMAIN.key $AUTH_KEY_FILE
ln -sf /var/lib/prosody/$JICOFO_AUTH_DOMAIN.crt $AUTH_CRT_FILE
ln -sf /var/lib/prosody/$JICOFO_AUTH_DOMAIN.crt /usr/local/share/ca-certificates/$JICOFO_AUTH_DOMAIN.crt ln -sf /var/lib/prosody/$JICOFO_AUTH_DOMAIN.crt /usr/local/share/ca-certificates/$JICOFO_AUTH_DOMAIN.crt
update-ca-certificates update-ca-certificates