Generate zkparams, unidentified access and GCP encryption keys correctly
signal server seems to actually start
This commit is contained in:
parent
84def01d68
commit
340b1722c6
5 changed files with 61 additions and 45 deletions
48
cmd/config-generator/jar_invoker.go
Normal file
48
cmd/config-generator/jar_invoker.go
Normal file
|
@ -0,0 +1,48 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"os"
|
||||
"os/exec"
|
||||
"strings"
|
||||
)
|
||||
|
||||
func TextSecureServer(command ...string) map[string]string {
|
||||
cmd := exec.Command("java", append([]string{"-jar", os.Getenv("TEXT_SECURE_SERVER_JAR")}, command...)...)
|
||||
var buf bytes.Buffer
|
||||
cmd.Stdout = &buf
|
||||
cmd.Stderr = os.Stderr
|
||||
err := cmd.Run()
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
out := make(map[string]string)
|
||||
for _, line := range strings.Split(buf.String(), "\n") {
|
||||
if len(line) == 0 {
|
||||
continue
|
||||
}
|
||||
parts := strings.SplitN(line, ":", 2)
|
||||
if len(parts) < 2 {
|
||||
continue
|
||||
}
|
||||
|
||||
out[strings.TrimSpace(parts[0])] = strings.TrimSpace(parts[1])
|
||||
}
|
||||
return out
|
||||
}
|
||||
|
||||
func GenerateZKConfig() (z ZKConfig) {
|
||||
params := TextSecureServer("zkparams")
|
||||
z.ServerPublic = params["Public"]
|
||||
z.ServerSecret = params["Private"]
|
||||
z.Enabled = false
|
||||
return
|
||||
}
|
||||
|
||||
func GenerateUnidentifiedDeliveryConfiguration() (u UnidentifiedDeliveryConfiguration) {
|
||||
unidentifiedCA := TextSecureServer("certificate", "--ca")
|
||||
unidentifiedKeyPair := TextSecureServer("certificate", "--key", unidentifiedCA["Private key"], "--id", "0")
|
||||
u.Certificate = unidentifiedKeyPair["Certificate"]
|
||||
u.PrivateKey = unidentifiedKeyPair["Private key"]
|
||||
return
|
||||
}
|
|
@ -94,11 +94,7 @@ func main() {
|
|||
APIKey: "fake.invalid",
|
||||
},
|
||||
APN: GenerateAPNConfiguration(),
|
||||
UnidentifiedDelivery: UnidentifiedDeliveryConfiguration{
|
||||
Certificate: "aaaa",
|
||||
PrivateKey: "YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWE=",
|
||||
ExpiresDays: 90,
|
||||
},
|
||||
UnidentifiedDelivery: GenerateUnidentifiedDeliveryConfiguration(),
|
||||
VoiceVerification: VoiceVerificationConfiguration{
|
||||
URL: "https://fake.invalid/voice",
|
||||
Locales: []string{"en"},
|
||||
|
|
|
@ -112,5 +112,14 @@ func GenerateGCPSigningKey() string {
|
|||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
return keyToPem(key)
|
||||
pkcs8, err := x509.MarshalPKCS8PrivateKey(key)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
block := &pem.Block{
|
||||
Type: "PRIVATE KEY",
|
||||
Bytes: pkcs8,
|
||||
}
|
||||
encoded := pem.EncodeToMemory(block)
|
||||
return string(encoded)
|
||||
}
|
||||
|
|
|
@ -1,37 +0,0 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"os"
|
||||
"os/exec"
|
||||
"strings"
|
||||
)
|
||||
|
||||
func GenerateZKConfig() (z ZKConfig) {
|
||||
z.Enabled = false
|
||||
|
||||
cmd := exec.Command("java", "-jar", "/usr/share/TextSecureServer.jar", "zkparams")
|
||||
var out bytes.Buffer
|
||||
cmd.Stdout = &out
|
||||
cmd.Stderr = os.Stderr
|
||||
err := cmd.Run()
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
for _, line := range strings.Split(out.String(), "\n") {
|
||||
if len(line) == 0 {
|
||||
continue
|
||||
}
|
||||
parts := strings.Split(line, ": ")
|
||||
if len(parts) != 2 {
|
||||
continue
|
||||
} else {
|
||||
}
|
||||
if parts[0] == "Public" {
|
||||
z.ServerPublic = parts[1]
|
||||
} else if parts[0] == "Private" {
|
||||
z.ServerSecret = parts[1]
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
|
@ -4,7 +4,7 @@ set -exu
|
|||
CONFIG_FILE="/etc/signal-server/config.yaml"
|
||||
|
||||
# generate config
|
||||
/usr/bin/config-generator | tee "${CONFIG_FILE}"
|
||||
TEXT_SECURE_SERVER_JAR=/usr/share/TextSecureServer.jar /usr/bin/config-generator "${CONFIG_FILE}"
|
||||
|
||||
for db in abusedb accountdb messagedb; do
|
||||
echo "Migrating $db"
|
||||
|
|
Loading…
Reference in a new issue