Adds check to skip generate certs if they already exists on update.

2014-09-03 12:51:46 +03:00 · 2014-09-03 12:51:46 +03:00 · cfa6ae33ee
parent c5edb4b5a3
commit cfa6ae33ee
1 changed files with 27 additions and 28 deletions
--- a/debian/jitsi-meet.postinst
+++ b/debian/jitsi-meet.postinst
@ -34,35 +34,34 @@ case "$1" in
            sed -i "s/#\ server_names_hash_bucket_size\ 64/\ server_names_hash_bucket_size\ 64/" /etc/nginx/nginx.conf
        fi
-        # loading debconf
+        if [ ! -f /etc/ssl/$JVB_HOSTNAME.key] || [ ! -f /etc/ssl/$JVB_HOSTNAME.crt]; then
-        . /usr/share/debconf/confmodule
+            # loading debconf
            . /usr/share/debconf/confmodule
-        # SSL for nginx
+            # SSL for nginx
-        db_get jitsi-meet/cert-choice
+            db_get jitsi-meet/cert-choice
-        CERT_CHOICE="$RET"
+            CERT_CHOICE="$RET"
-        if [ "$CERT_CHOICE" = 'I want a generated self-signed certificate' ]; then
+            if [ "$CERT_CHOICE" = 'I have a certificate and will upload the files on the server' ]; then
-            # self-signed certificate is already in place for prosody
+                db_set jitsi-meet/cert-path-key "/etc/ssl/$JVB_HOSTNAME.key"
-            :
+                db_input critical jitsi-meet/cert-path-key || true
-        elif [ "$CERT_CHOICE" = 'I have a certificate and will upload the files on the server' ]; then
+                db_go
-            db_set jitsi-meet/cert-path-key "/etc/ssl/$JVB_HOSTNAME.key"
+                db_get jitsi-meet/cert-path-key
-            db_input critical jitsi-meet/cert-path-key || true
+                CERT_KEY="$RET"
-            db_go
+                db_set jitsi-meet/cert-path-crt "/etc/ssl/$JVB_HOSTNAME.crt"
-            db_get jitsi-meet/cert-path-key
+                db_input critical jitsi-meet/cert-path-crt || true
-            CERT_KEY="$RET"
+                db_go
-            db_set jitsi-meet/cert-path-crt "/etc/ssl/$JVB_HOSTNAME.crt"
+                db_get jitsi-meet/cert-path-crt
-            db_input critical jitsi-meet/cert-path-crt || true
+                CERT_CRT="$RET"
-            db_go
+                # replace self-signed certificate paths with user provided ones
-            db_get jitsi-meet/cert-path-crt
+                CERT_KEY_ESC=$(echo $CERT_KEY | sed 's/\./\\\./g')
-            CERT_CRT="$RET"
+                CERT_KEY_ESC=$(echo $CERT_KEY_ESC | sed 's/\//\\\//g')
-            # replace self-signed certificate paths with user provided ones
+                sed -i "s/ssl_certificate_key\ \/var\/lib\/prosody\/.*key/ssl_certificate_key\ $CERT_KEY_ESC/g" \
-            CERT_KEY_ESC=$(echo $CERT_KEY | sed 's/\./\\\./g')
+                    /etc/nginx/sites-available/$JVB_HOSTNAME.conf
-            CERT_KEY_ESC=$(echo $CERT_KEY_ESC | sed 's/\//\\\//g')
+                CERT_CRT_ESC=$(echo $CERT_CRT | sed 's/\./\\\./g')
-            sed -i "s/ssl_certificate_key\ \/var\/lib\/prosody\/.*key/ssl_certificate_key\ $CERT_KEY_ESC/g" \
+                CERT_CRT_ESC=$(echo $CERT_CRT_ESC | sed 's/\//\\\//g')
-                /etc/nginx/sites-available/$JVB_HOSTNAME.conf
+                sed -i "s/ssl_certificate\ \/var\/lib\/prosody\/.*crt/ssl_certificate\ $CERT_CRT_ESC/g" \
-            CERT_CRT_ESC=$(echo $CERT_CRT | sed 's/\./\\\./g')
+                    /etc/nginx/sites-available/$JVB_HOSTNAME.conf
-            CERT_CRT_ESC=$(echo $CERT_CRT_ESC | sed 's/\//\\\//g')
+            fi
            sed -i "s/ssl_certificate\ \/var\/lib\/prosody\/.*crt/ssl_certificate\ $CERT_CRT_ESC/g" \
                /etc/nginx/sites-available/$JVB_HOSTNAME.conf
        fi
        # and we're done with debconf