verbis-admin
/
bridgehead
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Certificate enrollment

This commit is contained in:
Martin Lablans 2022-10-17 10:01:01 +02:00
parent 36d5206259
commit 1a9d8bf17b
3 changed files with 19 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
bridgehead
View File

@ -78,12 +78,16 @@ case "$ACTION" in
exec ./lib/remove-bridgehead-units.sh $PROJECT
;;
enroll)
if [ -e /etc/pki/${SITE_ID}.pem ]; then
echo "Private key already exists at /etc/pki/${SITE_ID}.pem. Please delete first to proceed."
if [ -e /etc/bridgehead/pki/${SITE_ID}.priv.pem ]; then
echo "Private key already exists at /etc/bridgehead/pki/${SITE_ID}.priv.pem. Please delete first to proceed."
exit 1
fi
docker run --rm -ti -v /etc/bridgehead/pki:/pki samply/beam-enroll:latest --admin-email $OPERATOR_EMAIL --output-
path /pki --proxy-id $PROXY_ID
OPTS=""
if [ -n "$OPERATOR_EMAIL" ]; then
OPTS+="--admin-email $OPERATOR_EMAIL"
fi
docker run --rm -ti -v /etc/bridgehead/pki:/pki samply/beam-enroll:latest --output-path /pki --proxy-id $PROXY_ID $OPTS
;;
preRun | preUpdate)
fixPermissions
;;

2
lib/functions.sh
View File

@ -19,7 +19,7 @@ checkOwner(){
}
printUsage() {
echo "Usage: bridgehead start|stop|update|install|uninstall PROJECTNAME"
echo "Usage: bridgehead start|stop|update|install|uninstall|enroll PROJECTNAME"
echo "PROJECTNAME should be one of ccp|nngm|gbn"
}

11
lib/prerequisites.sh
View File

@ -43,7 +43,7 @@ fi
# TODO: Make sure you're in the right directory, or, even better, be independent from the working directory.
log INFO "Checking ssl cert"
log INFO "Checking ssl cert for accessing bridgehead via https"
if [ ! -d "certs" ]; then
log WARN "TLS cert missing, we'll now create a self-signed one. Please consider getting an officially signed one (e.g. via Let's Encrypt ...)"
@ -60,6 +60,15 @@ if [ -e /etc/bridgehead/vault.conf ]; then
fi
fi
log INFO "Checking your beam proxy private key"
if [ -e /etc/bridgehead/pki/${SITE_ID}.priv.pem ]; then
log INFO "Success - private key found."
else
log ERROR "Unable to find private key at /etc/bridgehead/pki/${SITE_ID}.priv.pem. To fix, please run bridgehead enroll ${PROJECT} and follow the instructions".
exit 1
fi
log INFO "Success - all prerequisites are met!"
hc_send log "Success - all prerequisites are met!"