Compare commits
3 Commits
8e4e0e548e
...
ecd289ac70
| Author | SHA1 | Date | |
|---|---|---|---|
|
ecd289ac70 | ||
|
|
c732b28f21 | ||
|
|
2b7de3eda5 |
@ -1,6 +1,7 @@
|
||||
#!/bin/sh
|
||||
sqldb="ejabberd"
|
||||
sqlusername="ejabberd"
|
||||
ejabberdtlsdir="/var/lib/ejabberd"
|
||||
|
||||
pacman -S --noconfirm ejabberd
|
||||
|
||||
@ -8,6 +9,7 @@ read -p "Enter your domain: " domain
|
||||
|
||||
domains=("conference.$domain" "proxy.$domain" "pubsub.$domain" "upload.$domain")
|
||||
certdirs=("/etc/letsencrypt/live/$domain" "/etc/letsencrypt/live/${domains[0]}" "/etc/letsencrypt/live/${domains[1]}" "/etc/letsencrypt/live/${domains[2]}" "/etc/letsencrypt/live/${domains[3]}")
|
||||
ejabberdcertdirs=("${ejabberdtlsdir}/${domain}.pem" "${ejabberdtlsdir}/${domains[0]}.pem" "${ejabberdtlsdir}/${domains[1]}.pem" "${ejabberdtlsdir}/${domains[2]}.pem" "${ejabberdtlsdir}/${domains[3]}.pem")
|
||||
|
||||
index=0
|
||||
|
||||
@ -52,6 +54,22 @@ while read -p "$sqlpassword is this correct? (y/n): " confirm; do
|
||||
fi
|
||||
done
|
||||
|
||||
index=0
|
||||
|
||||
echo "Creating ejabberd TLS cert files..." # we have to create special TLS
|
||||
# certs just for ejabberd because
|
||||
# it's a special snowflake who
|
||||
# reads the guardian
|
||||
for vhost in ${certdirs[@]}; do # for each vhost
|
||||
# concatenate the private key and fullchain into one file
|
||||
cat ${certdirs[$index]}/privkey.pem ${certdirs[$index]}/fullchain.pem > ${ejabberdtlsdir}/${vhost}.pem
|
||||
# update file perms
|
||||
chown jabber:jabber ${ejabberdtlsdir}/${vhost}.pem
|
||||
chmod 700 ${ejabberdtlsdir}/${vhost}.pem
|
||||
done
|
||||
|
||||
echo "Setting up ejabberd SQL database..."
|
||||
|
||||
mariadb -e "CREATE DATABASE $sqldb; CREATE USER $sqlusername@localhost IDENTIFIED BY '$sqlpassword'; GRANT ALL ON ejabberd.* TO $sqlusername@localhost"
|
||||
|
||||
echo """
|
||||
@ -595,10 +613,11 @@ acme:
|
||||
auto: false
|
||||
|
||||
certfiles:
|
||||
- ${domains[0]}
|
||||
- ${domains[1]}
|
||||
- ${domains[2]}
|
||||
- ${domains[3]}
|
||||
- ${ejabberdtlsdirs[0]}
|
||||
- ${ejabberdtlsdirs[1]}
|
||||
- ${ejabberdtlsdirs[2]}
|
||||
- ${ejabberdtlsdirs[3]}
|
||||
- ${ejabberdtlsdirs[4]}
|
||||
|
||||
c2s_ciphers: TLS_CIPHERS
|
||||
c2s_protocol_options: TLS_OPTIONS
|
||||
@ -730,7 +749,7 @@ api_permissions:
|
||||
|
||||
shaper:
|
||||
normal:
|
||||
rate: 1000000 # monal (iOS XMPP client) only has 30 seconds to load messages (of which there could be many) from a push notification, hence the high rate
|
||||
rate: 1000000 # monal (iOS XMPP client) only has 30 seconds to load messages (of which there could be many) from a push notification, hence the high rate
|
||||
burst_size: 5000000 # see above
|
||||
fast: 50000000
|
||||
|
||||
@ -839,8 +858,11 @@ modules:
|
||||
### End:
|
||||
### vim: set filetype=yaml tabstop=8""" > /etc/ejabberd/ejabberd.yml
|
||||
|
||||
chown jabber:jabber /etc/ejabberd/ejabberd.yml
|
||||
chmod 700 /etc/ejabberd/ejabberd.yml
|
||||
|
||||
systemctl start ejabberd && systemctl enable ejabberd
|
||||
|
||||
echo "Installing nginx upload vhost file..."
|
||||
|
||||
echo "
|
||||
|
||||
Loading…
Reference in New Issue
Block a user