enables TLS by default
All checks were successful
continuous-integration/drone/push Build is passing

* update to config file to use TLS
* generates self-signed certs if none exist and saves them in config dir
This commit is contained in:
Jeffrey Paul 2020-03-22 05:43:16 -07:00
parent d8eed67ef7
commit fb2bf698ca
2 changed files with 19 additions and 6 deletions

View File

@ -9,5 +9,11 @@ if [[ ! -d /config/scripts ]]; then
cp /usr/local/src/adchpp/plugins/Script/examples/*.lua /config/scripts
fi
cd /tmp
if [[ ! -d /config/certs ]]; then
mkdir -p /config/certs
cd /config/certs
bash /usr/local/src/adchpp/linux/generate_certs.sh
fi
cd /config
exec /usr/local/bin/adchppd -c /config

View File

@ -59,7 +59,6 @@
To create secure connections, set TLS="1" and define the following (preferably absolute)
paths: Certificate, PrivateKey, TrustedPath, DHParams. An example secure server setting:
<Server Port="2780" TLS="1" Certificate="certs/cacert.pem" PrivateKey="certs/privkey.pem" TrustedPath="certs/trusted/" DHParams="certs/dhparam.pem"/>
Simple OpenSSL commands to generate files used for secure connections:
openssl genrsa -out privkey.pem 2048
@ -69,8 +68,16 @@
Alternatively, you can use the cert generator contributed on
<http://launchpadlibrarian.net/31960965/Cert_Generator.7z>.
-->
<Server Port="2780"/>
-->
<Server
Port="2780"
TLS="1"
Certificate="/config/certs/cacert.pem"
PrivateKey="/config/certs/privkey.pem"
TrustedPath="/config/certs/trusted/"
DHParams="/config/certs/dhparam.pem"
/>
</Servers>
<!-- Instead of scripts, ADCH++ uses plugins. Plugins can do the same work