Fork of FusionPBX but with LDAP kinda working
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
#!/bin/sh
# FusionPBX - Install# Mark J Crane <markjcrane@fusionpbx.com># Copyright (C) 2018# All Rights Reserved. #move to script directory so all relative paths workcd "$(dirname "$0")"
#includes. ./config.sh
#Add dependenciesapt-get install -y curl
#remove dehyrdated letsencrypt scriptrm /usr/local/sbin/dehydratedrm -R /usr/src/dehydrated#rm -R /etc/dehydrated/#rm -R /usr/src/dns-01-manual#rm -R /var/www/dehydrated
#request the domain name, email address and wild card domainread -p 'Domain Name: ' domain_nameread -p 'Email Address: ' email_address
#get and install dehydratedcd /usr/src && git clone https://github.com/lukas2511/dehydrated.gitcd /usr/src/dehydratedcp dehydrated /usr/local/sbinmkdir -p /var/www/dehydratedmkdir -p /etc/dehydrated/certs
#wildcard detectionwildcard_domain=$(echo $domain_name | cut -c1-1)if [ "$wildcard_domain" = "*" ]; then wildcard_domain="true"else wildcard_domain="false"fi
#remove the wildcard and periodif [ .$wildcard_domain = ."true" ]; then domain_name=$(echo "$domain_name" | cut -c3-255)fi
#manual dns hookif [ .$wildcard_domain = ."true" ]; then cd /usr/src git clone https://github.com/gheja/dns-01-manual.git cd /usr/src/dns-01-manual/ cp hook.sh /etc/dehydrated/hook.sh chmod 755 /etc/dehydrated/hook.shfi
#copy config and hook.sh into /etc/dehydratedcd /usr/src/dehydratedcp docs/examples/config /etc/dehydrated#cp docs/examples/hook.sh /etc/dehydrated
#update the dehydrated config#sed "s#CONTACT_EMAIL=#CONTACT_EMAIL=$email_address" -i /etc/dehydrated/configsed -i 's/#CONTACT_EMAIL=/CONTACT_EMAIL="'"$email_address"'"/g' /etc/dehydrated/configsed -i 's/#WELLKNOWN=/WELLKNOWN=/g' /etc/dehydrated/config
#accept the terms./dehydrated --register --accept-terms --config /etc/dehydrated/config
#set the domain aliasdomain_alias=$(echo "$domain_name" | head -n1 | cut -d " " -f1)
#create an alias when using wildcard dnsif [ .$wildcard_domain = ."true" ]; then echo "*.$domain_name > $domain_name" > /etc/dehydrated/domains.txtfi
#add the domain name to domains.txtif [ .$wildcard_domain = ."false" ]; then echo "$domain_name" > /etc/dehydrated/domains.txtfi
#request the certificatesif [ .$wildcard_domain = ."true" ]; then ./dehydrated --cron --domain *.$domain_name --preferred-chain "ISRG Root X1" --algo rsa --alias $domain_alias --config /etc/dehydrated/config --out /etc/dehydrated/certs --challenge dns-01 --hook /etc/dehydrated/hook.shfiif [ .$wildcard_domain = ."false" ]; then ./dehydrated --cron --alias $domain_alias --preferred-chain "ISRG Root X1" --algo rsa --config /etc/dehydrated/config --config /etc/dehydrated/config --out /etc/dehydrated/certs --challenge http-01fi
#make sure the nginx ssl directory existsmkdir -p /etc/nginx/ssl
#update nginx configsed "s@ssl_certificate[ \t]*/etc/ssl/certs/nginx.crt;@ssl_certificate /etc/dehydrated/certs/$domain_alias/fullchain.pem;@g" -i /etc/nginx/sites-available/fusionpbxsed "s@ssl_certificate_key[ \t]*/etc/ssl/private/nginx.key;@ssl_certificate_key /etc/dehydrated/certs/$domain_alias/privkey.pem;@g" -i /etc/nginx/sites-available/fusionpbx
#read the config/usr/sbin/nginx -t && /usr/sbin/nginx -s reload
#setup freeswitch tlsif [ .$switch_tls = ."true" ]; then
#make sure the freeswitch directory exists mkdir -p /etc/freeswitch/tls
#make sure the freeswitch certificate directory is empty rm /etc/freeswitch/tls/*
#combine the certs into all.pem cat /etc/dehydrated/certs/$domain_alias/fullchain.pem > /etc/freeswitch/tls/all.pem cat /etc/dehydrated/certs/$domain_alias/privkey.pem >> /etc/freeswitch/tls/all.pem #cat /etc/dehydrated/certs/$domain_alias/chain.pem >> /etc/freeswitch/tls/all.pem
#copy the certificates cp /etc/dehydrated/certs/$domain_alias/cert.pem /etc/freeswitch/tls cp /etc/dehydrated/certs/$domain_alias/chain.pem /etc/freeswitch/tls cp /etc/dehydrated/certs/$domain_alias/fullchain.pem /etc/freeswitch/tls cp /etc/dehydrated/certs/$domain_alias/privkey.pem /etc/freeswitch/tls
#add symbolic links ln -s /etc/freeswitch/tls/all.pem /etc/freeswitch/tls/agent.pem ln -s /etc/freeswitch/tls/all.pem /etc/freeswitch/tls/tls.pem ln -s /etc/freeswitch/tls/all.pem /etc/freeswitch/tls/wss.pem ln -s /etc/freeswitch/tls/all.pem /etc/freeswitch/tls/dtls-srtp.pem
#set the permissions chown -R www-data:www-data /etc/freeswitch/tls
fi
|
