[WebAuthn] update mailcow.conf
parent
0f464658cc
commit
8ae2fe0cf2
20
update.sh
20
update.sh
|
@ -307,6 +307,7 @@ CONFIG_ARRAY=(
|
||||||
"ADDITIONAL_SERVER_NAMES"
|
"ADDITIONAL_SERVER_NAMES"
|
||||||
"ACME_CONTACT"
|
"ACME_CONTACT"
|
||||||
"WATCHDOG_VERBOSE"
|
"WATCHDOG_VERBOSE"
|
||||||
|
"WEBAUTHN_DISABLE_ROOTCA"
|
||||||
)
|
)
|
||||||
|
|
||||||
sed -i --follow-symlinks '$a\' mailcow.conf
|
sed -i --follow-symlinks '$a\' mailcow.conf
|
||||||
|
@ -514,6 +515,25 @@ for option in ${CONFIG_ARRAY[@]}; do
|
||||||
echo '# https://mailcow.github.io/mailcow-dockerized-docs/debug-reset-tls/' >> mailcow.conf
|
echo '# https://mailcow.github.io/mailcow-dockerized-docs/debug-reset-tls/' >> mailcow.conf
|
||||||
echo 'ACME_CONTACT=' >> mailcow.conf
|
echo 'ACME_CONTACT=' >> mailcow.conf
|
||||||
fi
|
fi
|
||||||
|
elif [[ ${option} == "WEBAUTHN_DISABLE_ROOTCA" ]]; then
|
||||||
|
if ! grep -q ${option} mailcow.conf; then
|
||||||
|
echo "# Disable including device root ca's for WebAuthn" >> mailcow.conf
|
||||||
|
echo '# setting WEBAUTHN_DISABLE_ROOTCA=y will allow you to use Fido2 devices from untrusted Manufacturers' >> mailcow.conf
|
||||||
|
echo '# It will solve "Error: invalid root certificate" at TFA device registration' >> mailcow.conf
|
||||||
|
echo '# Suported devices are' >> mailcow.conf
|
||||||
|
echo '# solo certified' >> mailcow.conf
|
||||||
|
echo '# apple certified' >> mailcow.conf
|
||||||
|
echo '# nitro certified' >> mailcow.conf
|
||||||
|
echo '# yubico certified' >> mailcow.conf
|
||||||
|
echo '# hypersecu certified' >> mailcow.conf
|
||||||
|
echo '# globalSign certified' >> mailcow.conf
|
||||||
|
echo '# googleHardware certified' >> mailcow.conf
|
||||||
|
echo '# microsoftTpmCollection certified' >> mailcow.conf
|
||||||
|
echo '# huawei certified' >> mailcow.conf
|
||||||
|
echo '# trustkey certified' >> mailcow.conf
|
||||||
|
echo '# bsi certified' >> mailcow.conf
|
||||||
|
echo 'WEBAUTHN_DISABLE_ROOTCA=' >> mailcow.conf
|
||||||
|
fi
|
||||||
elif [[ ${option} == "WATCHDOG_VERBOSE" ]]; then
|
elif [[ ${option} == "WATCHDOG_VERBOSE" ]]; then
|
||||||
if ! grep -q ${option} mailcow.conf; then
|
if ! grep -q ${option} mailcow.conf; then
|
||||||
echo '# Enable watchdog verbose logging' >> mailcow.conf
|
echo '# Enable watchdog verbose logging' >> mailcow.conf
|
||||||
|
|
Loading…
Reference in New Issue