Now apache.pem is always set
* We can configure apache2, postfix, proftpd, dovevot with tls features by default
This commit is contained in:
cam.lafit
parent
719e1539b0
commit
1bc8b59da9
|
|
@ -0,0 +1,5 @@
|
||||||
|
# Don't change this file, it will be overwriten by alternc.install.
|
||||||
|
# Change ssl parameters in a file named 99_ssl.conf instead"
|
||||||
|
|
||||||
|
ssl_cert = </etc/alternc/apache.pem
|
||||||
|
ssl_key = </etc/alternc/apache.pem
|
||||||
|
|
@ -310,12 +310,11 @@ if [ -x /usr/sbin/apache2 ]; then
|
||||||
run-parts --arg=apache2 /usr/lib/alternc/install.d
|
run-parts --arg=apache2 /usr/lib/alternc/install.d
|
||||||
a2enmod mpm_itk
|
a2enmod mpm_itk
|
||||||
|
|
||||||
s=""
|
s="apache2"
|
||||||
# unused from AlternC 1.0, FIXME: remove it later
|
# unused from AlternC 1.0, FIXME: remove it later
|
||||||
if [ -L /etc/apache2/mods-enabled/vhost_alias.load ]
|
if [ -L /etc/apache2/mods-enabled/vhost_alias.load ]
|
||||||
then
|
then
|
||||||
a2dismod vhost_alias
|
a2dismod vhost_alias
|
||||||
s="apache2"
|
|
||||||
fi
|
fi
|
||||||
if ! [ -L /etc/apache2/mods-enabled/php$php.load ]
|
if ! [ -L /etc/apache2/mods-enabled/php$php.load ]
|
||||||
then
|
then
|
||||||
|
|
@ -325,46 +324,12 @@ if [ -x /usr/sbin/apache2 ]; then
|
||||||
then
|
then
|
||||||
a2enmod rewrite
|
a2enmod rewrite
|
||||||
fi
|
fi
|
||||||
if [ -e /etc/alternc/apache.pem ]; then
|
|
||||||
# We enable proftpd tls module
|
|
||||||
cat /etc/proftpd/modules.conf | sed -e 's/^#LoadModule mod_tls.c/LoadModule mod_tls.c/' > /etc/proftpd/modules.conf.alternc-new
|
|
||||||
mv /etc/proftpd/modules.conf.alternc-new /etc/proftpd/modules.conf
|
|
||||||
cp /etc/proftpd/modules.conf /etc/alternc/templates/proftpd/
|
|
||||||
# We enable apache2 SSL :
|
|
||||||
if [ ! -L /etc/apache2/mods-enabled/ssl.load ] ; then
|
|
||||||
a2enmod ssl
|
|
||||||
s="apache2"
|
|
||||||
fi
|
|
||||||
if [ ! -h /etc/apache2/conf-available/alternc-ssl.conf ] && [ -e /etc/apache2/conf-available/ ]; then
|
|
||||||
ln -sf /etc/alternc/apache2-ssl.conf /etc/apache2/conf-available/alternc-ssl.conf
|
|
||||||
a2enconf alternc-ssl
|
|
||||||
s="apache2"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# We enable dovecot SSL certificate instructions: (on wheezy we should use a new file in /etc/dovecot/conf.d/ )
|
if [ ! -h /etc/apache2/conf-available/alternc-ssl.conf ] && [ -e /etc/apache2/conf-available/ ]; then
|
||||||
( echo "# Don't change this file, it will be overwriten by alternc.install. Change ssl parameters in a file named 99_ssl.conf instead" ; echo "ssl_cert = </etc/alternc/apache.pem" ; echo "ssl_key = </etc/alternc/apache.pem" ) >/etc/dovecot/conf.d/96_ssl.conf
|
ln -sf /etc/alternc/apache2-ssl.conf /etc/apache2/conf-available/alternc-ssl.conf
|
||||||
|
a2enconf alternc-ssl
|
||||||
else
|
|
||||||
# We disable proftpd tls module
|
|
||||||
cat /etc/proftpd/modules.conf | sed -e 's/^LoadModule mod_tls.c/#LoadModule mod_tls.c/' > /etc/proftpd/modules.conf.alternc-new
|
|
||||||
mv /etc/proftpd/modules.conf.alternc-new /etc/proftpd/modules.conf
|
|
||||||
cp /etc/proftpd/modules.conf /etc/alternc/templates/proftpd/
|
|
||||||
|
|
||||||
# We disable dovecot SSL certificate instructions: (on wheezy we should remove a file in /etc/dovecot/conf.d/ )
|
|
||||||
( echo "# Don't change this file, it will be overwriten by alternc.install. Change ssl parameters in a file named 99_ssl.conf instead" ; echo "ssl_cert = </etc/ssl/certs/ssl-cert-snakeoil.pem" ; echo "ssl_key = </etc/ssl/private/ssl-cert-snakeoil.key" ) >/etc/dovecot/conf.d/96_ssl.conf
|
|
||||||
|
|
||||||
echo "SSL not configured"
|
|
||||||
echo "create a certificate in /etc/alternc/apache.pem and rerun alternc.install"
|
|
||||||
fi
|
|
||||||
if [ ! -h /etc/apache2/conf-available/alternc.conf ] && [ -e /etc/apache2/conf-available/ ]; then
|
|
||||||
ln -sf /etc/alternc/apache2.conf /etc/apache2/conf-available/alternc.conf
|
|
||||||
a2enconf alternc.conf
|
|
||||||
s="apache2"
|
|
||||||
fi
|
|
||||||
if [ -e /etc/apache2/sites-enabled/000-default.conf ]; then
|
|
||||||
a2dissite 000-default
|
|
||||||
s="apache2"
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
SERVICES="$SERVICES $s"
|
SERVICES="$SERVICES $s"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
@ -424,28 +389,7 @@ else
|
||||||
postfix_conf=/etc/alternc/postfix/postfix.cf
|
postfix_conf=/etc/alternc/postfix/postfix.cf
|
||||||
fi
|
fi
|
||||||
grep -v '^\ *#' $postfix_conf |while read line ; do
|
grep -v '^\ *#' $postfix_conf |while read line ; do
|
||||||
if echo "$line" | grep -qi '^smtpd_tls_dcert_file' ;then
|
postconf -e "$line"
|
||||||
line_strip=`echo "$line"|tr -d '[:blank:]'`
|
|
||||||
pattern="*="
|
|
||||||
cert_file=${line_strip#$pattern}
|
|
||||||
echo $cert_file
|
|
||||||
echo $line
|
|
||||||
echo $line_strip
|
|
||||||
if [ -e $cert_file ];then
|
|
||||||
postconf -e "$line"
|
|
||||||
else
|
|
||||||
echo -e "\033[31m*****************************************************"
|
|
||||||
echo "* The certificate file : $cert_file does not exists *"
|
|
||||||
echo "* If you want to be able to use SSL/TLS *"
|
|
||||||
echo "* please go to https://alternc.com/SSL *"
|
|
||||||
echo "* to get information on how to create a certificate *"
|
|
||||||
echo "* Finally relaunch alternc.install *"
|
|
||||||
echo "*****************************************************"
|
|
||||||
echo -e "\033[0m"
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
postconf -e "$line"
|
|
||||||
fi
|
|
||||||
done
|
done
|
||||||
|
|
||||||
# Conviguring delivery used by Postfix
|
# Conviguring delivery used by Postfix
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue