Skip to content
Snippets Groups Projects
Commit 1390ec7a authored by Bob Mottram's avatar Bob Mottram
Browse files

Switch xmpp to using email onion domain

parent 0a8f8d8f
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
src/freedombone-app-profanity
+ 2
2
View file @ 1390ec7a
...@@ -276,7 +276,7 @@ function install_profanity { ...@@ -276,7 +276,7 @@ function install_profanity {
mkdir -p "$XMPP_CLIENT_DIR" mkdir -p "$XMPP_CLIENT_DIR"
fi fi
XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_xmpp/hostname) XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_email/hostname)
#MY_GPG_PUBLIC_KEY_ID=$(gpg_pubkey_from_email "$MY_USERNAME" "$MY_USERNAME@$DEFAULT_DOMAIN_NAME") #MY_GPG_PUBLIC_KEY_ID=$(gpg_pubkey_from_email "$MY_USERNAME" "$MY_USERNAME@$DEFAULT_DOMAIN_NAME")
if [[ $ONION_ONLY == 'no' ]]; then if [[ $ONION_ONLY == 'no' ]]; then
...@@ -304,7 +304,7 @@ function install_profanity { ...@@ -304,7 +304,7 @@ function install_profanity {
fi fi
fi fi
if [ -f /var/lib/tor/hidden_service_xmpp/hostname ]; then if [ -f /var/lib/tor/hidden_service_email/hostname ]; then
echo "[${MY_USERNAME}@${XMPP_ONION_HOSTNAME}]" >> "$XMPP_CLIENT_ACCOUNTS" echo "[${MY_USERNAME}@${XMPP_ONION_HOSTNAME}]" >> "$XMPP_CLIENT_ACCOUNTS"
if [[ $ONION_ONLY == 'no' ]]; then if [[ $ONION_ONLY == 'no' ]]; then
echo 'enabled=false' >> "$XMPP_CLIENT_ACCOUNTS" echo 'enabled=false' >> "$XMPP_CLIENT_ACCOUNTS"
......
src/freedombone-app-xmpp
+ 25
18
View file @ 1390ec7a
...@@ -127,7 +127,7 @@ function xmpp_update_e2e_policy { ...@@ -127,7 +127,7 @@ function xmpp_update_e2e_policy {
fi fi
if [[ "$ONION_ONLY" != 'no' ]]; then if [[ "$ONION_ONLY" != 'no' ]]; then
XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_xmpp/hostname) XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_email/hostname)
sed -i "s|VirtualHost \".*.onion.*|VirtualHost \"${XMPP_ONION_HOSTNAME}\"|g" "$filename" sed -i "s|VirtualHost \".*.onion.*|VirtualHost \"${XMPP_ONION_HOSTNAME}\"|g" "$filename"
# TLS is not strictly needed for onion transport security # TLS is not strictly needed for onion transport security
sed -i 's|c2s_require_encryption =.*|c2s_require_encryption = false|g' "$filename" sed -i 's|c2s_require_encryption =.*|c2s_require_encryption = false|g' "$filename"
...@@ -306,7 +306,7 @@ function remove_user_xmpp { ...@@ -306,7 +306,7 @@ function remove_user_xmpp {
"${PROJECT_NAME}-pass" -u "$remove_username" --rmapp xmpp "${PROJECT_NAME}-pass" -u "$remove_username" --rmapp xmpp
if [[ "$ONION_ONLY" != "no" ]]; then if [[ "$ONION_ONLY" != "no" ]]; then
DOMAIN=$(cat /var/lib/tor/hidden_service_xmpp/hostname) DOMAIN=$(cat /var/lib/tor/hidden_service_email/hostname)
else else
DOMAIN=${HOSTNAME} DOMAIN=${HOSTNAME}
fi fi
...@@ -372,7 +372,7 @@ function add_user_xmpp { ...@@ -372,7 +372,7 @@ function add_user_xmpp {
new_username="$1" new_username="$1"
new_user_password="$2" new_user_password="$2"
XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_xmpp/hostname) XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_email/hostname)
"${PROJECT_NAME}-pass" -u "$new_username" -a xmpp -p "$new_user_password" "${PROJECT_NAME}-pass" -u "$new_username" -a xmpp -p "$new_user_password"
if [[ "$ONION_ONLY" != "no" ]]; then if [[ "$ONION_ONLY" != "no" ]]; then
...@@ -773,9 +773,6 @@ function remove_xmpp { ...@@ -773,9 +773,6 @@ function remove_xmpp {
firewall_remove 5280 tcp firewall_remove 5280 tcp
firewall_remove 5281 tcp firewall_remove 5281 tcp
function_check remove_onion_service
remove_onion_service xmpp 5222 5223 5269
$PACKAGE_UNHOLD prosody $PACKAGE_UNHOLD prosody
$REMOVE_PACKAGES_PURGE prosody $REMOVE_PACKAGES_PURGE prosody
rm /etc/cron.daily/prosody rm /etc/cron.daily/prosody
...@@ -1163,6 +1160,23 @@ function install_xmpp_nightly { ...@@ -1163,6 +1160,23 @@ function install_xmpp_nightly {
set_completion_param "prosody_filename" "${prosody_filename}" set_completion_param "prosody_filename" "${prosody_filename}"
} }
function add_xmpp_onion_to_email {
if ! grep -q 'hidden_service_xmpp' "/etc/torrc.d/${PROJECT_NAME}"; then
return
fi
# remove xmpp hidden service
sed -i "/hidden_service_xmpp/,+1 d" "/etc/torrc.d/${PROJECT_NAME}"
sed -i '/5222/d' "/etc/torrc.d/${PROJECT_NAME}"
sed -i '/5269/d' "/etc/torrc.d/${PROJECT_NAME}"
# add xmpp ports to email
sed -i '/ 465 /a HiddenServicePort 5269 127.0.0.1:5269' "/etc/torrc.d/${PROJECT_NAME}"
sed -i '/ 465 /a HiddenServicePort 5222 127.0.0.1:5222' "/etc/torrc.d/${PROJECT_NAME}"
systemctl restart tor
}
function install_xmpp { function install_xmpp {
if [ ! -d "$INSTALL_DIR" ]; then if [ ! -d "$INSTALL_DIR" ]; then
mkdir -p "$INSTALL_DIR" mkdir -p "$INSTALL_DIR"
...@@ -1332,22 +1346,12 @@ function install_xmpp { ...@@ -1332,22 +1346,12 @@ function install_xmpp {
echo $'No Tor installation found. xmpp onion site cannot be configured.' echo $'No Tor installation found. xmpp onion site cannot be configured.'
exit 877367 exit 877367
fi fi
if ! grep -q "hidden_service_xmpp" "$ONION_SERVICES_FILE"; then
{ echo 'HiddenServiceDir /var/lib/tor/hidden_service_xmpp/';
echo 'HiddenServiceVersion 3';
echo "HiddenServicePort 5222 127.0.0.1:5222";
echo "HiddenServicePort 5269 127.0.0.1:5269"; } >> "$ONION_SERVICES_FILE"
echo $'Added onion site for xmpp chat'
fi
onion_update if [ ! -f /var/lib/tor/hidden_service_email/hostname ]; then
wait_for_onion_service 'xmpp'
if [ ! -f /var/lib/tor/hidden_service_xmpp/hostname ]; then
echo $'xmpp onion site hostname not found' echo $'xmpp onion site hostname not found'
exit 65349 exit 65349
fi fi
XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_xmpp/hostname) XMPP_ONION_HOSTNAME=$(cat /var/lib/tor/hidden_service_email/hostname)
if ! grep -q "${XMPP_ONION_HOSTNAME}" /etc/prosody/conf.avail/xmpp.cfg.lua; then if ! grep -q "${XMPP_ONION_HOSTNAME}" /etc/prosody/conf.avail/xmpp.cfg.lua; then
{ echo ''; { echo '';
echo "VirtualHost \"${XMPP_ONION_HOSTNAME}\""; echo "VirtualHost \"${XMPP_ONION_HOSTNAME}\"";
...@@ -1403,6 +1407,9 @@ function install_xmpp { ...@@ -1403,6 +1407,9 @@ function install_xmpp {
fi fi
$PACKAGE_HOLD prosody $PACKAGE_HOLD prosody
add_xmpp_onion_to_email
systemctl restart prosody systemctl restart prosody
configure_xmppsend configure_xmppsend
......
src/freedombone-base-email
+ 5
3
View file @ 1390ec7a
...@@ -224,12 +224,14 @@ function email_create_template { ...@@ -224,12 +224,14 @@ function email_create_template {
function create_email_onion_address { function create_email_onion_address {
email_hostname='/var/lib/tor/hidden_service_email/hostname' email_hostname='/var/lib/tor/hidden_service_email/hostname'
if ! grep -q "hidden_service_email" $ONION_SERVICES_FILE; then if ! grep -q "hidden_service_email" "$ONION_SERVICES_FILE"; then
{ echo 'HiddenServiceDir /var/lib/tor/hidden_service_email/'; { echo 'HiddenServiceDir /var/lib/tor/hidden_service_email/';
echo 'HiddenServiceVersion 3'; echo 'HiddenServiceVersion 3';
echo 'HiddenServicePort 25 127.0.0.1:25'; echo 'HiddenServicePort 25 127.0.0.1:25';
echo 'HiddenServicePort 587 127.0.0.1:587'; echo 'HiddenServicePort 587 127.0.0.1:587';
echo 'HiddenServicePort 465 127.0.0.1:465'; } >> $ONION_SERVICES_FILE echo 'HiddenServicePort 465 127.0.0.1:465';
echo "HiddenServicePort 5222 127.0.0.1:5222";
echo "HiddenServicePort 5269 127.0.0.1:5269"; } >> "$ONION_SERVICES_FILE"
function_check onion_update function_check onion_update
onion_update onion_update
...@@ -301,7 +303,7 @@ function configure_email_onion { ...@@ -301,7 +303,7 @@ function configure_email_onion {
echo " route_data = \${perl{onionLookup}{$RISEUP_EMAIL_ONION}}" echo " route_data = \${perl{onionLookup}{$RISEUP_EMAIL_ONION}}"
echo " no_more"; } > /etc/exim4/conf.d/router/905_exim4-config-riseup echo " no_more"; } > /etc/exim4/conf.d/router/905_exim4-config-riseup
if ! grep -q "*.onion" /etc/exim4/conf.d/router/200_exim4-config_primary; then if ! grep -q '\*.onion' /etc/exim4/conf.d/router/200_exim4-config_primary; then
sed -i 's|domains = ! +local_domains|domains = ! +local_domains : ! *.onion : ! riseup.net|g' /etc/exim4/conf.d/router/200_exim4-config_primary sed -i 's|domains = ! +local_domains|domains = ! +local_domains : ! *.onion : ! riseup.net|g' /etc/exim4/conf.d/router/200_exim4-config_primary
fi fi
......
src/freedombone-upgrade
+ 1
0
View file @ 1390ec7a
...@@ -138,6 +138,7 @@ if [ -d "$PROJECT_DIR" ]; then ...@@ -138,6 +138,7 @@ if [ -d "$PROJECT_DIR" ]; then
#rebuild_exim_with_socks #rebuild_exim_with_socks
install_dynamicdns install_dynamicdns
torrc_migrate torrc_migrate
add_xmpp_onion_to_email
nodejs_upgrade nodejs_upgrade
$INSTALL_PACKAGES_BACKPORTS certbot $INSTALL_PACKAGES_BACKPORTS certbot
email_install_tls email_install_tls
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment