diff options
| author | Soispha <soispha@vhack.eu> | 2023-11-07 16:44:08 +0100 |
|---|---|---|
| committer | Soispha <soispha@vhack.eu> | 2023-11-07 16:44:08 +0100 |
| commit | 961729eed1540a7633f5200c63dcf8650d35c56f (patch) | |
| tree | 71e84be3ddd87068c45698c0c43dd3227e20c7b3 /system/services/taskserver/certs/generate.client | |
| parent | chore(version): v0.17.0 (diff) | |
| download | nixos-server-961729eed1540a7633f5200c63dcf8650d35c56f.tar.gz nixos-server-961729eed1540a7633f5200c63dcf8650d35c56f.zip | |
fix(system/services/taskserver/certs): Move cert generation to script
This fully removes the human-factor and allows it to just run `./generate` to generate all required certificates and keys (with the needed extra keys and certificates)
Diffstat (limited to 'system/services/taskserver/certs/generate.client')
| -rwxr-xr-x | system/services/taskserver/certs/generate.client | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/system/services/taskserver/certs/generate.client b/system/services/taskserver/certs/generate.client index 976cb82..4f0e503 100755 --- a/system/services/taskserver/certs/generate.client +++ b/system/services/taskserver/certs/generate.client @@ -16,21 +16,21 @@ then NAME=$1 fi -if ! [ -f ${NAME}.key.pem ] +if ! [ -f "$NAME".key.pem ] then # Create a client key. $CERTTOOL \ --generate-privkey \ --sec-param $SEC_PARAM \ - --outfile ${NAME}.key.pem + --outfile "$NAME".key.pem fi -chmod 600 ${NAME}.key.pem +chmod 600 "$NAME".key.pem -if ! [ -f ${NAME}.template ] +if ! [ -f "$NAME".template ] then # Sign a client cert with the key. - cat <<EOF >${NAME}.template + cat <<EOF >"$NAME".template organization = $ORGANIZATION cn = $CN expiration_days = $EXPIRATION_DAYS @@ -40,15 +40,15 @@ signing_key EOF fi -if ! [ -f ${NAME}.cert.pem ] || [ ${NAME}.template -nt ${NAME}.cert.pem ] +if ! [ -f "$NAME".cert.pem ] then $CERTTOOL \ --generate-certificate \ - --load-privkey ${NAME}.key.pem \ + --load-privkey "$NAME".key.pem \ --load-ca-certificate ca.cert.pem \ --load-ca-privkey ca.key.pem \ - --template ${NAME}.template \ - --outfile ${NAME}.cert.pem + --template "$NAME".template \ + --outfile "$NAME".cert.pem fi -chmod 600 ${NAME}.cert.pem +chmod 600 "$NAME".cert.pem |