Fix script & test
This commit is contained in:
Semen Bezrukov
parent
6bd208b9d8
commit
b3a4ec2085
18
.travis.yml
18
.travis.yml
|
|
@ -14,8 +14,18 @@ env:
|
||||||
POSTGRES_DB: mydb
|
POSTGRES_DB: mydb
|
||||||
POSTGRES_USER: myuser
|
POSTGRES_USER: myuser
|
||||||
|
|
||||||
# certificates
|
# no certificates
|
||||||
- config: certs.yml
|
- config: certs.yml
|
||||||
|
ssl: false
|
||||||
|
|
||||||
|
# certificates (default tls if onlyoffice not exists)
|
||||||
|
- config: certs.yml
|
||||||
|
|
||||||
|
# old certificates path (default onlyoffice if exists)
|
||||||
|
- config: certs.yml
|
||||||
|
private_key: onlyoffice.key
|
||||||
|
certificate_request: onlyoffice.csr
|
||||||
|
certificate: onlyoffice.crt
|
||||||
|
|
||||||
# custom certificates path
|
# custom certificates path
|
||||||
- config: certs.yml
|
- config: certs.yml
|
||||||
|
|
@ -25,12 +35,6 @@ env:
|
||||||
SSL_CERTIFICATE_PATH: /var/www/onlyoffice/Data/certs/mycert.crt
|
SSL_CERTIFICATE_PATH: /var/www/onlyoffice/Data/certs/mycert.crt
|
||||||
SSL_KEY_PATH: /var/www/onlyoffice/Data/certs/mycert.key
|
SSL_KEY_PATH: /var/www/onlyoffice/Data/certs/mycert.key
|
||||||
|
|
||||||
# old certificates path
|
|
||||||
- config: certs.yml
|
|
||||||
private_key: onlyoffice.key
|
|
||||||
certificate_request: onlyoffice.csr
|
|
||||||
certificate: onlyoffice.crt
|
|
||||||
|
|
||||||
# deprecated variables
|
# deprecated variables
|
||||||
- config: postgres-old.yml
|
- config: postgres-old.yml
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,32 +1,31 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
url=${url:-"https://localhost"}
|
ssl=${ssl:-true}
|
||||||
private_key=tls.key
|
private_key=${private_key:-tls.key}
|
||||||
certificate_request=tls.csr
|
certificate_request=${certificate_request:-tls.csr}
|
||||||
certificate=tls.crt
|
certificate=${certificate:-tls.crt}
|
||||||
|
|
||||||
# Generate certificate
|
# Generate certificate
|
||||||
openssl genrsa -out ${private_key} 2048
|
if [[ $ssl == "true" ]]; then
|
||||||
openssl req \
|
url=${url:-"https://localhost"}
|
||||||
|
|
||||||
|
mkdir -p data/certs
|
||||||
|
pushd data/certs
|
||||||
|
|
||||||
|
openssl genrsa -out ${private_key} 2048
|
||||||
|
openssl req \
|
||||||
-new \
|
-new \
|
||||||
-subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=backendserver-address" \
|
-subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com" \
|
||||||
-key ${private_key} \
|
-key ${private_key} \
|
||||||
-out ${certificate_request}
|
-out ${certificate_request}
|
||||||
openssl x509 \
|
openssl x509 -req -days 365 -in ${certificate_request} -signkey ${private_key} -out ${certificate}
|
||||||
-req \
|
openssl dhparam -out dhparam.pem 2048
|
||||||
-days 365 \
|
chmod 400 ${private_key}
|
||||||
-in ${certificate_request} \
|
|
||||||
-signkey ${private_key} \
|
|
||||||
-out ${certificate}
|
|
||||||
|
|
||||||
# Strengthening the server security
|
popd
|
||||||
openssl dhparam -out dhparam.pem 2048
|
else
|
||||||
|
url=${url:-"http://localhost"}
|
||||||
mkdir -p data/certs
|
fi
|
||||||
cp $private_key data/certs/
|
|
||||||
cp $certificate data/certs/
|
|
||||||
cp dhparam.pem data/certs/
|
|
||||||
chmod 400 data/certs/$private_key
|
|
||||||
|
|
||||||
# Check if the yml exists
|
# Check if the yml exists
|
||||||
if [[ ! -f $config ]]; then
|
if [[ ! -f $config ]]; then
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue