postinst 1.86 KB
Newer Older
1
#!/bin/sh
Steve Kemp's avatar
Added  
Steve Kemp committed
2
3
4
5
6
7
8
9
10
11
12

set -e

#
# Skip, if we are not in "configure" state
#
if [ "$1" != "configure" ]; then
        echo "I: Skipping configuration"
        exit 0
fi

13
14
15
16
if [ ! -f /etc/ssl/private/pure-ftpd-dhparams.pem ] ; then
  #
  # generate dhparams if they don't exist already
  #
Paul Cammish's avatar
Paul Cammish committed
17
  /etc/cron.weekly/sympl-ftp --verbose
18
19
fi

Patrick J Cherry's avatar
Patrick J Cherry committed
20
21
22
23
24
25
26
27
28
29
#
#  Remove existing PAMAuthentication setup,
#
find /etc/pure-ftpd/auth/ -lname "*/PAMAuthentication"  -exec rm -f \{\} \;
find /etc/pure-ftpd/auth/ -lname "*/UnixAuthentication" -exec rm -f \{\} \;

#
# Edit our defaults to set it to "standalone"
#
if [ -f /etc/default/pure-ftpd-common ] ; then
30
  sed -i -e 's/^STANDALONE_OR_INETD=.*$/STANDALONE_OR_INETD=standalone/' /etc/default/pure-ftpd-common
Patrick J Cherry's avatar
Patrick J Cherry committed
31
32
33
fi

#
Patrick J Cherry's avatar
Patrick J Cherry committed
34
# Disable any inetd service
Patrick J Cherry's avatar
Patrick J Cherry committed
35
36
37
38
39
#
if [ -f /etc/inetd.conf -a -x /usr/sbin/update-inetd ] ; then
  update-inetd --disable ftp
  # Don't really care if this errors.
  invoke-rc.d  openbsd-inetd restart || true
Steve Kemp's avatar
Added  
Steve Kemp committed
40
41
fi

42
##
43
# SSL cert generation now in sympl-common
44
##
Steve Kemp's avatar
Added  
Steve Kemp committed
45
46
47
48
49
50
51
52

#
#  Link in the certificate if we have one.
#
if [ ! -e /etc/ssl/private/pure-ftpd.pem ]; then
    ln -s /etc/ssl/ssl.combined /etc/ssl/private/pure-ftpd.pem
fi

Paul Cammish's avatar
Paul Cammish committed
53
54
55
56
57
58
#
# Adjust config to allow UIDs lower than 1000
#
echo '33' > /etc/pure-ftpd/conf/MinUID


Patrick J Cherry's avatar
Patrick J Cherry committed
59
60
if [ -e /etc/ssl/private/pure-ftpd.pem ] ; then
  #
61
  #  TLS should be enforced if we did the linking.
Patrick J Cherry's avatar
Patrick J Cherry committed
62
  #
63
  echo '2' > /etc/pure-ftpd/conf/TLS
64

Paul Cammish's avatar
Paul Cammish committed
65
66
67
  # Set the TLS cipher suite
  echo 'HIGH:!TLSv1' > /etc/pure-ftpd/conf/TLSCipherSuite

Patrick J Cherry's avatar
Patrick J Cherry committed
68
fi
Steve Kemp's avatar
Added  
Steve Kemp committed
69
70

#DEBHELPER#
71

72
73
74
#
# Add symlinks for the monit script

75
monit_dir="/etc/sympl/monit.d"
76
77
78
mkdir -p "$monit_dir"

for i in pure-ftpd; do
79
  monit_script="/usr/share/sympl/monit/checks/$i"
telyn's avatar
telyn committed
80
  link_target="$monit_dir/$i"
81
82

  if [ -x "$monit_script" ] && [ ! -e "$link_target" ]; then
Paul Cammish's avatar
Paul Cammish committed
83
    echo "I: Adding symlink for Sympl Monit script for $i"
84
85
86
87
    ln -s "$monit_script" "$link_target" || true
  fi
done

88
invoke-rc.d pure-ftpd restart
89

Steve Kemp's avatar
Added  
Steve Kemp committed
90
exit 0