jfinn
/
jitsi_corner8
Beobachten 1
Favorisieren 0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 0 Wiki Aktivität
Quellcode durchsuchen

Changes owner to prosody of newly created certificates. Fixes #2244.

j8
damencho vor 8 Jahren
Ursprung
0d4dcffbac
Commit
94813bc0fd
1 geänderte Dateien mit 8 neuen und 18 gelöschten Zeilen
Geteilte Ansicht Diff-Statistik anzeigen
  1. 8
    18
      debian/jitsi-meet-prosody.postinst

+ 8
- 18
debian/jitsi-meet-prosody.postinst Datei anzeigen 

@@ -112,29 +112,19 @@ case "$1" in
112 112 
         fi
113 113
114 114 
         if [ ! -f /var/lib/prosody/$JVB_HOSTNAME.crt ]; then
115 
-            HOST="$( (hostname -s; echo localhost) | head -n 1)"
116 
-            DOMAIN="$( (hostname -d; echo localdomain) | head -n 1)"
117 
-            openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -subj \
118 
-                "/O=$DOMAIN/OU=$HOST/CN=$JVB_HOSTNAME/emailAddress=webmaster@$HOST.$DOMAIN" \
119 
-                -keyout /var/lib/prosody/$JVB_HOSTNAME.key \
120 
-                -out /var/lib/prosody/$JVB_HOSTNAME.crt
115 
+            # prosodyctl takes care for the permissions
116 
+            prosodyctl cert generate $JVB_HOSTNAME
117 
+
121 118 
             ln -sf /var/lib/prosody/$JVB_HOSTNAME.key /etc/prosody/certs/$JVB_HOSTNAME.key
122 119 
             ln -sf /var/lib/prosody/$JVB_HOSTNAME.crt /etc/prosody/certs/$JVB_HOSTNAME.crt
123 120 
         fi
124 121
125 122 
         if [ ! -f /var/lib/prosody/$JICOFO_AUTH_DOMAIN.crt ]; then
126 
-            HOST="$( (hostname -s; echo localhost) | head -n 1)"
127 
-            DOMAIN="$( (hostname -d; echo localdomain) | head -n 1)"
128 
-            openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -subj \
129 
-                "/O=$DOMAIN/OU=$HOST/CN=$JICOFO_AUTH_DOMAIN/emailAddress=webmaster@$HOST.$DOMAIN" \
130 
-                -keyout /var/lib/prosody/$JICOFO_AUTH_DOMAIN.key \
131 
-                -out /var/lib/prosody/$JICOFO_AUTH_DOMAIN.crt
132 
-
133 
-            AUTH_KEY_FILE="/etc/prosody/certs/$JICOFO_AUTH_DOMAIN.key"
134 
-            AUTH_CRT_FILE="/etc/prosody/certs/$JICOFO_AUTH_DOMAIN.crt"
135 
-
136 
-            ln -sf /var/lib/prosody/$JICOFO_AUTH_DOMAIN.key $AUTH_KEY_FILE
137 
-            ln -sf /var/lib/prosody/$JICOFO_AUTH_DOMAIN.crt $AUTH_CRT_FILE
123 
+            # prosodyctl takes care for the permissions
124 
+            prosodyctl cert generate $JICOFO_AUTH_DOMAIN
125 
+
126 
+            ln -sf /var/lib/prosody/$JICOFO_AUTH_DOMAIN.key /etc/prosody/certs/$JICOFO_AUTH_DOMAIN.key
127 
+            ln -sf /var/lib/prosody/$JICOFO_AUTH_DOMAIN.crt /etc/prosody/certs/$JICOFO_AUTH_DOMAIN.crt
138 128 
             ln -sf /var/lib/prosody/$JICOFO_AUTH_DOMAIN.crt /usr/local/share/ca-certificates/$JICOFO_AUTH_DOMAIN.crt
139 129
140 130 
             update-ca-certificates

Verfassen Vorschau
Laden…
Abbrechen
Speichern