@drumee/setup-infra 1.0.12 → 1.0.14
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/init-acme +13 -5
- package/bin/init-private +40 -0
- package/bin/prosody +1 -1
- package/index.js +295 -162
- package/package.json +3 -4
- package/templates/etc/bind/named.conf.options +1 -1
- package/templates/etc/bind/named.conf.private +21 -0
- package/templates/etc/bind/{named.conf.local → named.conf.public} +2 -2
- package/templates/etc/dkimkeys/dkim.key +1 -1
- package/templates/etc/drumee/conf.d/myDrumee.json.tpl +1 -1
- package/templates/etc/drumee/dnsapi.sh.tpl +1 -1
- package/templates/etc/drumee/drumee.sh.tpl +24 -17
- package/templates/etc/drumee/env.json +1 -1
- package/templates/etc/drumee/infrastructure/routes/main.conf.tpl +23 -13
- package/templates/etc/drumee/ssl/{main.conf.tpl → private.conf.tpl} +2 -4
- package/templates/etc/drumee/ssl/public.conf.tpl +10 -0
- package/templates/etc/mysql/mariadb.conf.d/50-client.cnf +21 -0
- package/templates/etc/mysql/mariadb.conf.d/50-server.cnf +2 -1
- package/templates/etc/nginx/nginx.conf +1 -1
- package/templates/etc/nginx/sites-enabled/jitsi.conf.tpl +4 -4
- package/templates/etc/nginx/sites-enabled/{loopback.tpl → localhost.conf} +9 -10
- package/templates/etc/nginx/sites-enabled/pivate.jitsi.conf.tpl +28 -0
- package/templates/etc/nginx/sites-enabled/private.conf.tpl +40 -0
- package/templates/etc/nginx/sites-enabled/{drumee.conf.tpl → public.conf.tpl} +8 -8
- package/templates/etc/nginx/sites-enabled/public.jitsi.conf.tpl +28 -0
- package/templates/etc/postfix/main.cf +1 -1
- package/templates/etc/prosody/conf.d/private.cfg.lua.tpl +162 -0
- package/templates/etc/prosody/conf.d/public.cfg.lua.tpl +162 -0
- package/templates/index.js +19 -13
- package/templates/utils.js +192 -0
- package/templates/var/lib/bind/private-reverse.tpl +17 -0
- package/templates/var/lib/bind/prvate.tpl +70 -0
- /package/templates/var/lib/bind/{revserse.tpl → public-reverse.tpl} +0 -0
- /package/templates/var/lib/bind/{domain.tpl → public.tpl} +0 -0
package/bin/init-acme
CHANGED
|
@@ -1,4 +1,12 @@
|
|
|
1
1
|
#!/bin/bash
|
|
2
|
+
if [ "$DRUMEE_DOMAIN_NAME" = "" ]; then
|
|
3
|
+
echo "Public domain name not found. Will run only on private mode."
|
|
4
|
+
exit 0
|
|
5
|
+
fi
|
|
6
|
+
if [ "$OWN_CERTS_DIR" != "" ]; then
|
|
7
|
+
echo "OWN_CERTS_DIR was set to $OWN_CERTS_DIR. This means you will have to complete settings later."
|
|
8
|
+
exit 0
|
|
9
|
+
fi
|
|
2
10
|
|
|
3
11
|
echo "Configuring certificates..."
|
|
4
12
|
#-------------------
|
|
@@ -6,9 +14,9 @@ function make_certs(){
|
|
|
6
14
|
sum=0
|
|
7
15
|
dom=$1
|
|
8
16
|
echo Generating "${dom}" cetificates...
|
|
9
|
-
OPTIONS="--issue -d $dom -d "*.${dom}" --home $ACME_DIR --config-home $ACME_DIR/configs --cert-home $
|
|
17
|
+
OPTIONS="--issue -d $dom -d "*.${dom}" --home $ACME_DIR --config-home $ACME_DIR/configs --cert-home $CERTS_DIR --dns dns_nsupdate"
|
|
10
18
|
./acme.sh $OPTIONS
|
|
11
|
-
while [ ! -f ${
|
|
19
|
+
while [ ! -f ${CERTS_DIR}/${dom}_ecc/fullchain.cer ]; do
|
|
12
20
|
./acme.sh $OPTIONS
|
|
13
21
|
if [ $? = "0" ]; then
|
|
14
22
|
echo Certificate have been sucessfully created.
|
|
@@ -52,7 +60,7 @@ cd $ACME_DIR
|
|
|
52
60
|
|
|
53
61
|
failed=0
|
|
54
62
|
|
|
55
|
-
./acme.sh --register-account -m $ACME_EMAIL_ACCOUNT --home $ACME_DIR --config-home $ACME_DIR/configs --cert-home $
|
|
63
|
+
./acme.sh --register-account -m $ACME_EMAIL_ACCOUNT --home $ACME_DIR --config-home $ACME_DIR/configs --cert-home $CERTS_DIR
|
|
56
64
|
|
|
57
65
|
|
|
58
66
|
make_certs $DRUMEE_DOMAIN_NAME
|
|
@@ -64,8 +72,8 @@ usermod -a -G $DRUMEE_SYSTEM_GROUP jicofo
|
|
|
64
72
|
usermod -a -G $DRUMEE_SYSTEM_GROUP turnserver
|
|
65
73
|
usermod -a -G $DRUMEE_SYSTEM_GROUP postfix
|
|
66
74
|
|
|
67
|
-
if [ -d "$
|
|
68
|
-
chown -R $DRUMEE_SYSTEM_USER:$DRUMEE_SYSTEM_GROUP $
|
|
75
|
+
if [ -d "$CERTS_DIR" ]; then
|
|
76
|
+
chown -R $DRUMEE_SYSTEM_USER:$DRUMEE_SYSTEM_GROUP $CERTS_DIR
|
|
69
77
|
fi
|
|
70
78
|
|
|
71
79
|
echo "ACME has been successfuly installed!"
|
package/bin/init-private
ADDED
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
#!/bin/bash
|
|
2
|
+
set -e
|
|
3
|
+
source /etc/drumee/drumee.sh
|
|
4
|
+
|
|
5
|
+
echo "Configuring private domain name..."
|
|
6
|
+
|
|
7
|
+
if [ "$DRUMEE_PRIVATE_DOMAIN" = "" ]; then
|
|
8
|
+
if [ "$DRUMEE_DOMAIN_NAME" = "" ]; then
|
|
9
|
+
export DRUMEE_PRIVATE_DOMAIN=drumee.local
|
|
10
|
+
else
|
|
11
|
+
echo "Private domain name not found. Will run only on public mode."
|
|
12
|
+
exit 0
|
|
13
|
+
fi
|
|
14
|
+
fi
|
|
15
|
+
|
|
16
|
+
mydomain=$DRUMEE_PRIVATE_DOMAIN
|
|
17
|
+
outdir=${CERTS_DIR}/${mydomain}_ecc
|
|
18
|
+
|
|
19
|
+
key=${outdir}/${mydomain}.key
|
|
20
|
+
csr=${outdir}/${mydomain}.csr
|
|
21
|
+
cer=${outdir}/${mydomain}.cer
|
|
22
|
+
|
|
23
|
+
mkir -p $outdir
|
|
24
|
+
|
|
25
|
+
C=$(locale --all | grep utf8 | tail -1 | sed -E "s/^(.+_)|(\..+)$//g")
|
|
26
|
+
if [ "$C" = "" ]; then
|
|
27
|
+
C=XX
|
|
28
|
+
fi
|
|
29
|
+
|
|
30
|
+
openssl genpkey -algorithm RSA -out $key
|
|
31
|
+
|
|
32
|
+
openssl req -new -key $key -out $csr -subj "/C=${C}/ST= /L=Local Domain /O=${DRUMEE_DESCRIPTION} /OU=${DRUMEE_DESCRIPTION} /CN=*.${mydomain} /emailAddress=${ADMIN_EMAIL}"
|
|
33
|
+
|
|
34
|
+
openssl x509 -req -in $csr -signkey $key -out $cer
|
|
35
|
+
|
|
36
|
+
openssl x509 -in $cer -noout -text
|
|
37
|
+
|
|
38
|
+
cp $cer /etc/ssl/certs/
|
|
39
|
+
|
|
40
|
+
exit 0
|
package/bin/prosody
CHANGED
|
@@ -11,7 +11,7 @@ function setup_dirs() {
|
|
|
11
11
|
ca_dir=/usr/local/share/ca-certificates
|
|
12
12
|
mkdir -p $ca_dir
|
|
13
13
|
|
|
14
|
-
cert_file="${
|
|
14
|
+
cert_file="${CERTS_DIR}/${JITSI_DOMAIN}_ecc/${JITSI_DOMAIN}"
|
|
15
15
|
target="${ca_dir}/auth.${JITSI_DOMAIN}"
|
|
16
16
|
|
|
17
17
|
if [ -f "${cert_file}.cer" ]; then
|