From 66e1c35fcba21b64e8835b4506e5f64f61ceebb3 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Sat, 16 Feb 2019 20:28:27 +0000
Subject: [PATCH] Generate self-signed cert for onion matrix install

---
 src/freedombone-app-matrix | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/src/freedombone-app-matrix b/src/freedombone-app-matrix
index f8ac7ca2b..d6a2a8eba 100755
--- a/src/freedombone-app-matrix
+++ b/src/freedombone-app-matrix
@@ -74,6 +74,21 @@ matrix_variables=(ONION_ONLY
                   MATRIX_EXPIRE_MONTHS
                   MATRIX_CODE)
 
+function matrix_generate_certs_for_onion {
+    if [[ "$ONION_ONLY" == 'no' ]]; then
+        return
+    fi
+    # generate self-signed certs for onion installs
+    "${PROJECT_NAME}-addcert" -h matrix
+    cp /etc/ssl/certs/matrix* /var/lib/matrix
+    cp /etc/ssl/private/matrix* /var/lib/matrix
+    chown -R matrix:matrix /var/lib/matrix/*
+    sed -i 's|tls_certificate_path:.*|tls_certificate_path: "/var/lib/matrix/matrix.crt"|g' /var/lib/matrix/homeserver.yaml
+    sed -i 's|tls_private_key_path:.*|tls_private_key_path: "/var/lib/matrix/matrix.key"|g' /var/lib/matrix/homeserver.yaml
+    rm /etc/ssl/certs/matrix*
+    rm /etc/ssl/private/matrix*
+}
+
 function change_default_domain_name_matrix {
     new_default_domain_name="$1"
 
@@ -1170,8 +1185,14 @@ function install_matrix {
         sed -i "s|server_name: .*|server_name: \"${MATRIX_ONION_HOSTNAME}\"|g" "${MATRIX_DATA_DIR}/homeserver.yaml"
     fi
 
+    matrix_generate_certs_for_onion
+
+    increment_app_install_progress
+
     systemctl restart matrix
 
+    increment_app_install_progress
+
     matrix_wait_for_database
 
     increment_app_install_progress
-- 
GitLab