From 1dd6f8d3b4d7dc93095e662aaca190d3fe1be264 Mon Sep 17 00:00:00 2001
From: Soispha <soispha@vhack.eu>
Date: Wed, 4 Oct 2023 20:11:42 +0200
Subject: feat(system/services/taskserver): Integrate Let's Encrypt
 certificates

The current setup now runs the `taskserver.vhack.eu` domain with a
Let's Encrypt certificate and additionally uses a self-signed CA
certificate to validate clients.

The shell scripts used to generate the CA certificate and the derived
client certificate (and keys) are taken nearly unmodified from the
upstream repository [1].

[1]: https://github.com/GothenburgBitFactory/taskserver/tree/9794cff61e56bdfb193c6aa4cebb57970ac68aef/pki
---
 system/services/taskserver/certs/check_expire | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100755 system/services/taskserver/certs/check_expire

(limited to 'system/services/taskserver/certs/check_expire')

diff --git a/system/services/taskserver/certs/check_expire b/system/services/taskserver/certs/check_expire
new file mode 100755
index 0000000..59f9dc6
--- /dev/null
+++ b/system/services/taskserver/certs/check_expire
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+for cert in *.cert.pem; do
+	echo $cert
+	openssl x509 -noout -in $cert -dates
+	echo
+done
-- 
cgit 1.4.1