Skip to content

Commit

Permalink
fixed cert perms
Browse files Browse the repository at this point in the history
  • Loading branch information
@mdevaev
mdevaev committed Feb 15, 2021
1 parent 058d82c commit 9911914
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 5 deletions.
10 changes: 6 additions & 4 deletions kvmd.install
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,10 +24,12 @@ post_upgrade() {
kvmd-gencert --do-the-thing --vnc
fi

chown root:root /etc/kvmd/vnc/ssl
chown root:root /etc/kvmd/nginx/ssl
chmod 755 /etc/kvmd/vnc/ssl
chmod 755 /etc/kvmd/nginx/ssl
for target in nginx vnc; do
chown root:root /etc/kvmd/$target/ssl
chown root:kvmd-$target /etc/kvmd/$target/ssl/*
chmod 440 /etc/kvmd/$target/ssl/server.key
chmod 444 /etc/kvmd/$target/ssl/server.crt
done

echo "==> Patching configs ..."
[ ! -f /boot/config.txt ] || sed -i -e 's/^dtoverlay=pi3-disable-bt$/dtoverlay=disable-bt/g' /boot/config.txt
Expand Down
2 changes: 1 addition & 1 deletion scripts/kvmd-gencert
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,6 @@ openssl req -new -x509 -sha256 -nodes -key server.key -out server.crt -days 3650
-subj "/C=RU/ST=Moscow/L=Moscow/O=Pi-KVM/OU=Pi-KVM/CN=localhost"

chown root:kvmd-$target /etc/kvmd/$target/ssl/*
chmod 400 server.key
chmod 440 server.key
chmod 444 server.crt
chmod 755 /etc/kvmd/$target/ssl

0 comments on commit 9911914

Please sign in to comment.