forked from hswaw/hscloud
env.sh: implement prod cert generation
This commit is contained in:
parent
c6fd662d4b
commit
a5be0d8384
9 changed files with 276 additions and 0 deletions
34
data/bc01n01.hswaw.net.crt
Normal file
34
data/bc01n01.hswaw.net.crt
Normal file
|
@ -0,0 +1,34 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIF4TCCA8kCCQCA8T/OXbv3BjANBgkqhkiG9w0BAQsFADCBtzELMAkGA1UEBhMC
|
||||
UEwxFDASBgNVBAgMC01hem93aWVja2llMREwDwYDVQQHDAhXYXJzemF3YTEuMCwG
|
||||
A1UECgwlU3Rvd2FyenlzemVuaWUgV2Fyc3phd3NraSBIYWNrZXJzcGFjZTEQMA4G
|
||||
A1UECwwHaHNjbG91ZDEaMBgGA1UEAwwRQm9vdHN0cmFwIE5vZGUgQ0ExITAfBgkq
|
||||
hkiG9w0BCQEWEnEza0BoYWNrZXJzcGFjZS5wbDAeFw0xODEyMjMwMDMzMzVaFw0x
|
||||
OTAxMjIwMDMzMzVaMIGsMQswCQYDVQQGEwJQTDEUMBIGA1UECAwLTWF6b3dpZWNr
|
||||
aWUxFDASBgNVBAcMC01hem93aWVja2llMS4wLAYDVQQKDCVTdG93YXJ6eXN6ZW5p
|
||||
ZSBXYXJzemF3c2tpIEhhY2tlcnNwYWNlMSMwIQYDVQQLDBpOb2RlIEJvb3RzdHJh
|
||||
cCBDZXJ0aWZpY2F0ZTEcMBoGA1UEAwwTIGJjMDFuMDEuaHN3YXcubmV0IDCCAiIw
|
||||
DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALQctVNm9zAfIPHSIiBNkf7UTYJZ
|
||||
0YtjKcKevCBW7GKHVaf/MT3Xrgnc2aK7rh6eftM/+UriRL4VnnGaqsmrFjlx0WTr
|
||||
9vVXO0IvC2TkIwUZsydxAzU/iQxbG9NILjlQS5dyDyUYdRgY6fAX3n6kJXTGKLcx
|
||||
rU2E28SqZxIYPBAaTt6j1LK7pTWj70Ib+v6e58QSbElLe2MEb567FNINntKYWq5l
|
||||
eGkJalpDLSNEQTkUI4L476ez8naNNdMhqX0MhFFNOEiLENQBrXjFwrGn8S7biFVc
|
||||
OYrHfTCINz+iPSmIjyHVBYa9XbvZyk8GQ9yDOgSAxzs7YYvDo7YoXRszl5vjph7Z
|
||||
QvItkrEgzVfnTlEPsMqzfTxUt67A7VhNgExQN3tA8UJW8Z+Z8F57f+FD15xwKnUg
|
||||
YvhDYTZ52gSMGllfC2jDoWlEZnCvi3LGFh9z0oX4vY5gMhJDO7QwFZK/d7UlSyQX
|
||||
2dkUqTHPv/SpjIiubZfFsuCM+DDpzd7XZNTuonbYbNWBtc4hn5/Kb2V9pcLTzl7P
|
||||
U7jJAOIsdWp8espfoZJXLOSdH3bLhyYDJhhYBHr0sVg5KNjhSGfYPvxrN/Rc/qf6
|
||||
OoCQH0b8u5n3Mm6lv2b7q3/nwGx+RdDLKjuaaP8StTnfVYtCWgSpedMuAM+DmOns
|
||||
WJLsZFSUyLAF5mm1AgMBAAEwDQYJKoZIhvcNAQELBQADggIBAH/LAOx1kVcHpJKv
|
||||
M67ycaHOr/T86Nx5HO//yiAGv9jT4pMlAixicwoogwVjO1Gpr/+CyAzT06RQI6uP
|
||||
4lOBcOi5eMZZAiDCV2XY0mEobcfdTXLfzxYQuYC5nHG+pDIXqHYvnMZe5dhh4Jrn
|
||||
iXzox9M8K1Fik6kCOVIYzKsUhLyp/znVt4WHZkNdN+1Y52KQ6MTJbpBnFzePHcdJ
|
||||
3D3RoFdRjH/ltCM1+zxqB6U+flvBhkEwIPEvdoBcc+IHxG1chf5o6l4ktXRZd0w6
|
||||
b5EAIa3azaCGuMKOYwrRR9pqdqKpTObu7VfNUO5HYPai3WRzHYjbMVzSScTg9yiA
|
||||
Pk2Suxo7ed99GKagAKlWxchVnaImWgLWNmioZdXWFVehCg0z0Pw83jKl3HsQLec7
|
||||
0XDxW7yUBf7ZQwdBctOyUgHJ+7Xg05eGB+TzYoqj8Oz7RZf65IswZgWOEDa5ojI/
|
||||
3qqbwm9QhPFD7T2PMmMU55QHb9w33I6RGuOiNocaTtyAcvhGYqc8EBMA7Mv0F0sy
|
||||
dIs6gmO6b090LDvsnyOCnxPWQeWLAECO/gpkMhlqFVrZFkYh5eXj4aGwIH02to8m
|
||||
zwd2YbAUjHOnWNirZ4hsZyy7zeY3odreqNiqQzHt4Jkme6uNloq6F0u2ZfTlkUN9
|
||||
ueExOYFcXTuMWxRynwWsnw3eLY1h
|
||||
-----END CERTIFICATE-----
|
34
data/bc01n02.hswaw.net.crt
Normal file
34
data/bc01n02.hswaw.net.crt
Normal file
|
@ -0,0 +1,34 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIF4TCCA8kCCQCA8T/OXbv3BzANBgkqhkiG9w0BAQsFADCBtzELMAkGA1UEBhMC
|
||||
UEwxFDASBgNVBAgMC01hem93aWVja2llMREwDwYDVQQHDAhXYXJzemF3YTEuMCwG
|
||||
A1UECgwlU3Rvd2FyenlzemVuaWUgV2Fyc3phd3NraSBIYWNrZXJzcGFjZTEQMA4G
|
||||
A1UECwwHaHNjbG91ZDEaMBgGA1UEAwwRQm9vdHN0cmFwIE5vZGUgQ0ExITAfBgkq
|
||||
hkiG9w0BCQEWEnEza0BoYWNrZXJzcGFjZS5wbDAeFw0xODEyMjMwMDMzNTVaFw0x
|
||||
OTAxMjIwMDMzNTVaMIGsMQswCQYDVQQGEwJQTDEUMBIGA1UECAwLTWF6b3dpZWNr
|
||||
aWUxFDASBgNVBAcMC01hem93aWVja2llMS4wLAYDVQQKDCVTdG93YXJ6eXN6ZW5p
|
||||
ZSBXYXJzemF3c2tpIEhhY2tlcnNwYWNlMSMwIQYDVQQLDBpOb2RlIEJvb3RzdHJh
|
||||
cCBDZXJ0aWZpY2F0ZTEcMBoGA1UEAwwTIGJjMDFuMDIuaHN3YXcubmV0IDCCAiIw
|
||||
DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALGikI7ZrkbeioBedyAFOszMSh/s
|
||||
eSadhsXhM1naDV6RASmD1xBrUbxRx4DKVBCQKidppbVIOE4vxULOIINc75JX+ZV3
|
||||
vsymNyfnOJXIeaxN5gYg5uGeE4LcvP2Qm5O9Bvo0YVWl6KPO5Xms/y/BAgDdFaO4
|
||||
3CCIJBZ/rw11HJB04qNlVvgk1df4VIo3kCOj9e3ZdahnZDJ0FpX3bQmMBXZljy6O
|
||||
cKE3fnmME81jjU9oAxjHTk+C61FHhaQ8KE00aSQhyAZC9V9fpwHlPy+Rn2V6pHzg
|
||||
dpxZMRSdj6wXz1cllSPxqtcm46tpRxClFNxLNmP9PvhwFH32b70+IxC7cpvOZGyV
|
||||
FPfISTGN7sTGirN2heQ2DaooEsDUOS/jJcrd5OBPaCWRS4HzrOkzg3RYYYQ65C1y
|
||||
ViX0QNKpzSKdIzfA3tYkGrbD07BgPA0FyaLPsTsi8D0fbFaNl1yIjeyovtg9gmSv
|
||||
augO16tPqltMURFb5aSQc/5xT2qhgbWFaYN4k0xXx2NI08j+6wjqsetF9B5J52KB
|
||||
oc/j2LSZa2mEuQBuWf1vI0K3XPL5vlQzPtye0shYIdL69Z9Yr1cELZywtvyM1glu
|
||||
jWiNo2myPjXQi+MWkxo1KArZKAOq17X5e2zFZaMCyiJfgUy1gbxJ9sih5s/M/DPM
|
||||
2it/iYLikKAoWzRXAgMBAAEwDQYJKoZIhvcNAQELBQADggIBADE//J9VLcYXOz/j
|
||||
30hSlvdYvefgzxvYeiUm769JZrh+Mj34DSmaXkt0gxPlRPTtTyemkZ3wk0nBVdyO
|
||||
iZQVERP6tq49jpmH9JGLNgn0SHHzLL5VcnUOvV0EPOZl9QEJtgN+kHFwHs4uPddX
|
||||
efxVJmmDE7n6nJq+ya6C9SEn9eMW2/2Yxi+ait8jbLtOvEnUDlnGCczkJwTEOgf6
|
||||
obCWiUs8Kw28v7FuFdC1GPxDw2XeaX1OYfQIViK//G51138ESh883cV45ZDhFvnf
|
||||
7cAfGk/o3SKRHXwyrgd3E8TvfSCCmhc2K56ebA9bfNgIZuctQaNfB7FO1BNGplxv
|
||||
D8aAkLQAlQzMHXcZWcVDq14wB5v/ATHUvJZtXe8+G555w2TlRy35OQXgv7BAyTQ/
|
||||
pxx9MTH/pAS5H889vK2IIxfiZB4fabFa7TmJwCtTl3yhX46iZE753J6MlsUoSwag
|
||||
R5N0ebLNZw7pW++IX4pclWag7PJLNrYtvNc3BHn+tSMjDxMrMsBwq4uOBKT20GQF
|
||||
KmaQl0zBV5PMC8k8uUy35ySzW/7yOoWaabsLNef6Y1zIeoAgv/AUpCABgyjBCBLM
|
||||
kp3jENn05dAdmElA54VnOhP2j69m0NH9XMf0O3sfN6JZjBCAEMVJChkIqWN00WZt
|
||||
pANtSKHTd3PLbs8A+Ix+XUHsl1m3
|
||||
-----END CERTIFICATE-----
|
34
data/bc01n03.hswaw.net.crt
Normal file
34
data/bc01n03.hswaw.net.crt
Normal file
|
@ -0,0 +1,34 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIF4TCCA8kCCQCA8T/OXbv3CDANBgkqhkiG9w0BAQsFADCBtzELMAkGA1UEBhMC
|
||||
UEwxFDASBgNVBAgMC01hem93aWVja2llMREwDwYDVQQHDAhXYXJzemF3YTEuMCwG
|
||||
A1UECgwlU3Rvd2FyenlzemVuaWUgV2Fyc3phd3NraSBIYWNrZXJzcGFjZTEQMA4G
|
||||
A1UECwwHaHNjbG91ZDEaMBgGA1UEAwwRQm9vdHN0cmFwIE5vZGUgQ0ExITAfBgkq
|
||||
hkiG9w0BCQEWEnEza0BoYWNrZXJzcGFjZS5wbDAeFw0xODEyMjMwMDM0MDRaFw0x
|
||||
OTAxMjIwMDM0MDRaMIGsMQswCQYDVQQGEwJQTDEUMBIGA1UECAwLTWF6b3dpZWNr
|
||||
aWUxFDASBgNVBAcMC01hem93aWVja2llMS4wLAYDVQQKDCVTdG93YXJ6eXN6ZW5p
|
||||
ZSBXYXJzemF3c2tpIEhhY2tlcnNwYWNlMSMwIQYDVQQLDBpOb2RlIEJvb3RzdHJh
|
||||
cCBDZXJ0aWZpY2F0ZTEcMBoGA1UEAwwTIGJjMDFuMDMuaHN3YXcubmV0IDCCAiIw
|
||||
DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAML9XvRVO84Wcqk0Ix2RhLoIme1F
|
||||
l0MUxx+LVQ+5oUm6TPO3s46cj+uTg0dhmbfrX54rRf+4lv/NG4tifzFSBx0nqVIw
|
||||
upklITanNgxto8Ga5m8GhoPZoR8nXuGujwUEbC6rqgqy9Vfc4gV5mUw+jzcEmjOD
|
||||
B1tDSs8c9cwfIYstuGOftXvjzcl/ajdS7tj+4PxLlsP6Fg0+ISIE1w8XPyyzHaPs
|
||||
yOt+4PUAkZDpc9FkePw0NIlVPRi+V8Y04556Vgk1SUxiEbcxvDsFxlK313NQOSxy
|
||||
7e2qSj4U1suce5Hlhjh/KltGZQLBZkADd2cGiUKK2RDsV1LIk+Qz+Gcx4PuYZ695
|
||||
fJjMreqn2MaW1fT5dlPLcPmVxU5w7bkeHP00p1064Vvv/iZdfrI9NuhYIiU/deyM
|
||||
VhevhcoJUY7ZRRSoUUVnFs+LME/bXfEU+9BQdseQL/sr3HwNrh4F/03DTUllmTHg
|
||||
w8hMX/Le6uQC1mXMUx3MgkziOVyP4Lh+YtPDbHN6gQmqcffFjKsS7csPN2sdUoaO
|
||||
UMt33twQM6LL69C/YXvIj/Bns37MLyk0IOZdAfxbP9+eQRQan87yOazq08pBb2fo
|
||||
4juJkc6lpOPP8VNe+lT5yDGqEf3YHrYAe9fGwJNs7oL9nbjXaYAdQ3m8CKNdiil8
|
||||
3LOoVlvPUsd2jH8ZAgMBAAEwDQYJKoZIhvcNAQELBQADggIBACKOxecoz5rZJ8sc
|
||||
5x/NXZAxZKX99AX8OWFUyJ57UF9B8cPiv8JT3LQcUnUDpLT39sLjeUhWZOTvr2+R
|
||||
FomUNHSs2JzRHmoopZ+sNQcuZOhEkpqkCAf34lLY37K3Wl430EKd97nDCBN0JC/3
|
||||
CE5VPPpe38D2Ek/Sqj22LEKXuPkIjdE+QKKq/EbQaaTNNCPgA6qr8SLSbPSNhV5m
|
||||
nWJpZncqEy7i4+DTaJuczseGscm7uF4rLahd9sd2yhbVpP3b0ytCA7WNgAXnqKs0
|
||||
XEYQkmiGWMphTH2VCKKBT+LSlXtMjEjYIxIm/qOJ4E4Rdy6HfPAiI/tOS+V3skCm
|
||||
lSzUSs8nl21MvEeRvJ7iDZ2qKz6g+wdSNKgpc3uTwvb0DGjJjVKPOLyW5wcK+6zR
|
||||
c4I1JOUayhMAjt9rqmiyq/4utoToGVpe8NS1EbSrUaYkXUollmYOtdwiK0oHcgKp
|
||||
Xq0GMNlrujPaT00/N9ygMxwpYsolFu+ec2JGitjBPG9JM/R+TaTzmte5FckpL7/m
|
||||
oT12kDeBjaNUfkX+PYuxIzo6XP2IUzhUi+8mJxh3T7HxDMzOs7knF6JYZRF6C7oW
|
||||
7ZLT4a8iKVOuUrrpEpyx0r/SLT81eQm02Nj6wAPXjJLpyyFVQhHirG8ic1Jqb75g
|
||||
O2ybvWHjv0kozydE7/T+xwLeFkZM
|
||||
-----END CERTIFICATE-----
|
36
data/ca.crt
Normal file
36
data/ca.crt
Normal file
|
@ -0,0 +1,36 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIGQzCCBCugAwIBAgIJAIR4/5GzSsHkMA0GCSqGSIb3DQEBCwUAMIG3MQswCQYD
|
||||
VQQGEwJQTDEUMBIGA1UECAwLTWF6b3dpZWNraWUxETAPBgNVBAcMCFdhcnN6YXdh
|
||||
MS4wLAYDVQQKDCVTdG93YXJ6eXN6ZW5pZSBXYXJzemF3c2tpIEhhY2tlcnNwYWNl
|
||||
MRAwDgYDVQQLDAdoc2Nsb3VkMRowGAYDVQQDDBFCb290c3RyYXAgTm9kZSBDQTEh
|
||||
MB8GCSqGSIb3DQEJARYScTNrQGhhY2tlcnNwYWNlLnBsMB4XDTE4MTIyMzAwMTQz
|
||||
MloXDTE5MDEyMjAwMTQzMlowgbcxCzAJBgNVBAYTAlBMMRQwEgYDVQQIDAtNYXpv
|
||||
d2llY2tpZTERMA8GA1UEBwwIV2Fyc3phd2ExLjAsBgNVBAoMJVN0b3dhcnp5c3pl
|
||||
bmllIFdhcnN6YXdza2kgSGFja2Vyc3BhY2UxEDAOBgNVBAsMB2hzY2xvdWQxGjAY
|
||||
BgNVBAMMEUJvb3RzdHJhcCBOb2RlIENBMSEwHwYJKoZIhvcNAQkBFhJxM2tAaGFj
|
||||
a2Vyc3BhY2UucGwwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC5VHqM
|
||||
XleyNZZFA1sDJPf5o9PgdMobjetNAVe/3MSSEoJypmjNjdJRY18I91EoCk0KBL97
|
||||
5kb1/S1nSpMkAQSF+6EiaawQmVUcjfzHzBrScUwzPDeRevWLt79HRTKGuoNF6kWQ
|
||||
zO8ZJJN0wq6nGoaIM2jNkF9OYrSH2Ah9oQYANgSdivgBU6b+Iu66iwTQP/4XdoLX
|
||||
zPNFLqOCl/KDL3NtrSPuw5iz8ibGhJfBTnbh4p6VVQOr26x+wsutadoqAgb5xWoi
|
||||
/K2ldpEPL/J0Zd17D9f38ByvsX2Uew0awBpuoFlQG4cjw5HlOrNPZ0BdX81fY8om
|
||||
MOY2QRmr7ejpOV8GJNGRXlqZbKysFG3l5Oif6J3vPI/pC6y3UJC290Ez0gZwHHUj
|
||||
gZ/8KdwCMhjnEaijEBvhPPOPdzFv4QTzBfiRrlgfvWYK34+Qn2dQYcHKLSpCjzai
|
||||
/2DlePcdm1kCiGeITdisH0IWktIbopiWpGGjTJGQDkhPcJXFXYqWc9f/aenKPiDs
|
||||
w4zszG6/lJ5uWvbjAhjVSG5oQIJ916ZwDGrWgW2snAw70sfPlnKzPeTvuc3UUkxj
|
||||
5FMRQo2+WbYjZ8ALYxYrYVPGGm1dJLUaI8Uz3+m6aPyknkgaZXGcVFNtMM5gxXjD
|
||||
Sj7X8PHn+8SRzmi4Fm9PMXv2DCiaEMoCzdgBxwIDAQABo1AwTjAdBgNVHQ4EFgQU
|
||||
isQ9M9yBZWr3splDukgQMf33d4cwHwYDVR0jBBgwFoAUisQ9M9yBZWr3splDukgQ
|
||||
Mf33d4cwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEANwjM1UVvnfyM
|
||||
f05yL1zGDHn9AF5MGWBbUynlY0uFAY9SIiRtFGTeDhnHaWLrSzrxHF2gshziapQC
|
||||
qNvsPT7VN2rjm3F/L61O9iywtuY/xj2TkTykv3BUFKpZAN8iXXUZQ7EZjnKTejpH
|
||||
Rvn69BwQWLdRFgZSvaAMuvR+Jx+Klbg4To1cEEIn01WiRFqEEaXPcD01XpaoCcRj
|
||||
2xshfl5H0EpVdYbuESjeMxcU4DDM0aLrEbX9c9gVxhi5SyWm8V7ZLnik4K90FP5Z
|
||||
KZhXhyf2vUhtHyypeucmetxAuMAJ57CqC7Zx8FC/z6XlsYDjkZkbSjxILsEuWOaS
|
||||
golo9ZeoxnARa8OWdfFFpdOUjdrLgJkMYaQZyZN/gfHtmr7yL+T3Exltl8sc99TJ
|
||||
CmB0b7/zFjhQNwtOrmvBkF7L5P7Z2f4foAGU3eTOibwhL4DyaWVatD9HDFCTYfNf
|
||||
q6L6E4yqc9rVo9wQeYMqx0PhDZmZ9s5/1NVVYwOEjCHssN+FowxVLvn47PyCFm0K
|
||||
EkhoLUoHIPU5eV5PQtn+mXE2dTqPIq5VbpmU7cv0axmzoRhQSoDppJuaRW6ATpRU
|
||||
e5JTZmZqqyewEs/7KPLr5REbiFB6ZM+xUy3sYorLm4/MgT+ivlKi7bfVwyVuL0wz
|
||||
uZA9DdBd/8pAPg/7hiLypsUzIQSzZdU=
|
||||
-----END CERTIFICATE-----
|
1
data/ca.srl
Normal file
1
data/ca.srl
Normal file
|
@ -0,0 +1 @@
|
|||
80F13FCE5DBBF708
|
42
env.sh
42
env.sh
|
@ -25,6 +25,48 @@ hscloud-pki-dev() {
|
|||
)
|
||||
}
|
||||
|
||||
hscloud-node-push-certs() {
|
||||
(
|
||||
set -e
|
||||
|
||||
if [ -z "$1" ]; then
|
||||
echo >&2 "Usage: hscloud-node-push-certs node.fqdn.com"
|
||||
exit 1
|
||||
fi
|
||||
fqdn="$1"
|
||||
|
||||
echo "Checking node livenes..."
|
||||
ssh root@$fqdn uname -a
|
||||
|
||||
echo "Checking if node already has key..."
|
||||
ssh root@$fqdn stat /opt/hscloud/node.key || (
|
||||
echo "Generating key..."
|
||||
ssh root@$fqdn -- mkdir -p /opt/hscloud
|
||||
ssh root@$fqdn -- nix-shell -p openssl --command "\"openssl genrsa -out /opt/hscloud/node.key 4096\""
|
||||
ssh root@$fqdn -- chmod 400 /opt/hscloud/node.key
|
||||
)
|
||||
|
||||
echo "Checking if node already has cert..."
|
||||
ssh root@$fqdn stat /opt/hscloud/node.crt && exit 0
|
||||
echo "No cert, will generate..."
|
||||
|
||||
cd "$hscloud_root"
|
||||
secrets="$hscloud_root/secrets"
|
||||
ca="$secrets/plain/ca.key"
|
||||
[ ! -f "$ca" ] && ( scripts/secretstore decrypt "$secrets/cipher/ca.key" > $ca )
|
||||
|
||||
ssh root@$fqdn -- nix-shell -p openssl --command "\"openssl req -new -key /opt/hscloud/node.key -out /opt/hscloud/node.csr -subj '/C=PL/ST=Mazowieckie/L=Mazowieckie/O=Stowarzyszenie Warszawski Hackerspace/OU=Node Bootstrap Certificate/CN=" $fqdn "'\""
|
||||
scp root@$fqdn:/opt/hscloud/node.csr .
|
||||
openssl x509 -req -in node.csr -CA data/ca.crt -CAkey "$ca" -CAcreateserial -out "data/${fqdn}.crt"
|
||||
|
||||
scp "data/${fqdn}.crt" root@$fqdn:/opt/hscloud/node.crt
|
||||
scp "data/ca.crt" root@$fqdn:/opt/hscloud/ca.crt
|
||||
ssh root@$fqdn -- chmod 444 /opt/hscloud/node.crt /opt/hscloud/ca.crt
|
||||
rm node.csr
|
||||
)
|
||||
}
|
||||
|
||||
echo "Now playing:"
|
||||
echo " hscloud-dc - run docker-compose"
|
||||
echo " hscloud-pki-dev - generate dev PKI certs"
|
||||
echo " hscloud-node-push-certs - push a node cert to the node"
|
||||
|
|
31
scripts/secretstore
Executable file
31
scripts/secretstore
Executable file
|
@ -0,0 +1,31 @@
|
|||
#!/usr/bin/env python3
|
||||
|
||||
# A little tool to encrypt/decrypt git secrets. Kinda like password-store, but more purpose specific and portable.
|
||||
|
||||
import sys
|
||||
import subprocess
|
||||
|
||||
keys = [
|
||||
"63DFE737F078657CC8A51C00C29ADD73B3563D82" # q3k
|
||||
]
|
||||
|
||||
def main():
|
||||
if len(sys.argv) < 3 or sys.argv[1] not in ('encrypt', 'decrypt'):
|
||||
raise Exception("Usage: {} encrypt/decrypt file".format(sys.argv[0]))
|
||||
|
||||
action = sys.argv[1]
|
||||
src = sys.argv[2]
|
||||
|
||||
if action == 'encrypt':
|
||||
cmd = ['gpg' , '--encrypt', '--armor', '--batch', '--yes', '--output', '-']
|
||||
for k in keys:
|
||||
cmd.append('--recipient')
|
||||
cmd.append(k)
|
||||
cmd.append(src)
|
||||
subprocess.check_call(cmd)
|
||||
else:
|
||||
cmd = ['gpg', '--decrypt', '--output', '-', src]
|
||||
subprocess.check_call(cmd)
|
||||
|
||||
if __name__ == '__main__':
|
||||
sys.exit(main() or 0)
|
63
secrets/cipher/ca.key
Normal file
63
secrets/cipher/ca.key
Normal file
|
@ -0,0 +1,63 @@
|
|||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQEMAzhuiT4RC8VbAQgAkKl/HHWSy4UVqcrZ+8wew1XLHq1iz/vBZ8PC0nRzlYpm
|
||||
wHysvfOWI53mfDcpbza0JzC9UJbno7BKCUHLSs0cyU5dRnh4D5QI4w6lMA0CAhL/
|
||||
muic9zz3XnTQbE1uxyMGiQxkYWxRbYyBRL3gO7AlAV/xKUukUSjm/T8jdxGl4K9N
|
||||
jEszfioDzmlDbxrR3NgcJ1ZTBchxUzE9qcc3OTggl0KnYdj+Q+DPuzlrChHU5lgn
|
||||
bwjeu6TEFDtwFabd2qAwlqRy29tsjVIYD1334dVb0KorKnJ2BwT3AWp+ibDj/MhY
|
||||
z9IcFmV3Ns0ch9OOCDuqDVX7xvaRzZSNbZdIaRb0W9LrAdaLw8rtgbu1lNtnxZcI
|
||||
sIeuRNvB+NaAlJ57h0kNvasX4Lmd9U0eB3SKIs6CPqHWNzeZu2vgeIT3MS/le5uf
|
||||
73gBG7C5pO/6Nmam6zRbG2LinD+saeIMNFNWc3+gebD2GAFNQQrPm02FEO4Zou29
|
||||
vtG5SXBCKHeZ4Q2TSBb/2UvM7n/mLA+BQVObOtGNUpVyy/+PrCItmXXFtLd4m7Yh
|
||||
0llnz4e16Zz4d8P34srqQM1vNSn7p8WZyHOVaDEOm2/HBOxRyNzWvUfgvUzfGIh4
|
||||
u7mh9XRyldPYfD2654EWh/QvFphurEeXd00eVp9I/JIOLPvx0ISX+Z9/EcnsREPz
|
||||
bc9ZxQfifpaatN7/EhKPv5KXkf+8vNujH9BgEwvTrGkJqZzu+SFTcGcfPHmU1uZV
|
||||
nnAg3SQRnGmPXO2zsQFtGrG/xgG+tizjVwHRpWtfzA3VHhAHieGof8ysDx9yu8xA
|
||||
NafYDXK/nk1klXcvk0k1H1bwC/gD1UW1UsK8UtEaJyHUrb2yRhyZ6Xt4tQn4pHCI
|
||||
eRuguWhOLdzDK4MsTLG0/tWO1L07LT6cpYweqSIOFw8MaArtSeQ5rp9KXiFKv8nA
|
||||
8XbHeb6UJSo5bZvWNAwGc8KmyhSLWafOPF4oghdBUQPFeV7fHREhbCVUF0hdL2qr
|
||||
EI2up0HShliv1EVKxCFMqpY1RKHbtmUQgYBk0CIvE3eRRUW2rUH+e3hYZ3DiDydH
|
||||
UtuQmks/tkGzoIt+yqG9Ef4Zw3UUV1K/W4AzKkGMZa+w9LkbRMSD90IhfcIB7+59
|
||||
/eVWjaUu+IW/S9fd4J8qXZhCXChjk4VDQ1K3mSl2k85fkyEP5vjjXpkVZ1qR+BMz
|
||||
JjgxAKmMano23JbPwu6PKdKCBSBXiX5SqW5ei0CMKmZdFv2k29PDBYvYHIq1r/3V
|
||||
YujCWr+G9y6MHN3k2L8Zgp55Mm9g2LKdJ7y1V2g0k6Odw9P9uQewNsziyV3uInSP
|
||||
QLuV4NZ8bvAF0lH/D/9kxcqr7ICuyBFVbp7qoh0r4bbKyoSzUo+OVeSsO4HOhAOS
|
||||
iVm3PlhvKPQb6QRvGboVKji+N5TxO1lsgeYTh9Ry6cSwpaq81l1JzQ3IoIt9xuLX
|
||||
7v/y1HevfwRl5FUnAvFTvLXQzgcBLPa87BZiAqDJRMFzd3ijwuMR+mXA91oyT+fT
|
||||
pRNoUqExfeMAq2ODS/onvZqcMsXt5XpONxTpNJuksjw7d4CwAyt1hNNWPlJXnHah
|
||||
OiT2tAeEtjaf9albkbYwzlUVWoVOhBt+Cr1rjJJlcgJ4i/EMqmp+ukMmCo+GEgZS
|
||||
rex+YorLpNTRC+IKqZf/VJJcrMOkkul/sOdwGALlkDl+27baPnmV3PYSFzI7ciIP
|
||||
xyatf4LwDVu6RDAD1tv3KsMtS1BlsJQT34I3+CWtpZ9HDWPxk30LFoFrs6zv5Ajm
|
||||
gjVsT0bUQfvxJX3Kp0aqT1cquSI2m/Gf6rhp8l6zRoYCtalnoxXJeOurrmh3P6KA
|
||||
xlmv2CGpxUwB+5G5k2bFR/mQeur2HNM13fu3twNCjqtgTSvxXztP2tpWaxdGUFqt
|
||||
U8xkSZrjwlgpwwtL+Zx3++8n4YAGhxRxtiKVxU28w9Db4h3WybPPEg7MwFu+Bhyf
|
||||
ZB+MlaAfVLqH1RKpeOs4AI5Xnfh0xtYi2coDECs/8rnbnJNCfMCgYUZ37B+RBcxo
|
||||
qPgZK5RvGPz1sN4uoW16MTgD3He8aYX/ytrt8GPEQ5zJuwroJ1kdCsZ89YvdG8IG
|
||||
eD9JXd/DSw0X8CNBKgyB3JnUgy+VqTrwkjwB00aHv5NMe+R9pdrHnBCdWPdcIZTQ
|
||||
uzJfjH0GNUrU/ay0fo1094Ankwt/v9iRu2xXsvM06JTtKRJF/ep3U+MRaPaMyZfu
|
||||
gVqtyERyqj5HJiFBkts9jjcE+i74VuvIytadlhnuS3Na6cfXpckIg8605LirqO1O
|
||||
I9Wu17ih1KIusBIGmVPJL9ecfCm4cP6n9nSDNzFfwYRjGMuTLP06nbb3LZ27DfoC
|
||||
He5vscMnQ0cNxd1fvl8+GCuWM20eOSze4Ks7n66c7pVLMMhoSoD+bU8j6Sser4U7
|
||||
0lVrXxkdcGxxACKvCrEgxIyPVhWKkQum4QeXamFBf1NhrOSw5LI3/pbtPPbGdeVg
|
||||
WRWStMANB7zZxdBCbYKU6OW48MqVkWNZwLSOjvRVogMdty3vrmDCbGLtahOY5B3F
|
||||
7FuFKP22wzrP0LVB2PzUftBe/uFXISdSsDx877CM+KhbTG58gw6JHhF6ydrigpHF
|
||||
zZbXSl75x116igonpgEj1iJ6rDG2w4fYeTGscZgKkWOBM2EPIAhp9nMXi/PN68Lb
|
||||
iMbfz0FZCf9lWsSruGZUKs2odpIipLOWlLfPOFQr8ObSKNcP7H43OFcn9cxwo9OK
|
||||
05dicPXXYE14h073LXzrDwesAbuQEOmNvKrvgCyNU+36s+DoJsb4LNEyragS66gK
|
||||
xunEaDbtIy52p7XX2h7/1Fa4ukIgP/bed0p3ADpiT5GX6USiw4kNOto04wfb3QNn
|
||||
ZXsjUck5WxA5SLfBQjXlU58jcCb9wFAYrc2+Iqg6aRl5d8dcKcx1dh7/8cG4sPuG
|
||||
Dtpk0QYHxI8K4ZQsrRnHfgSIwR+AKMIpk8UPVUTiFSgqCaisxIDo03aLP7GJ91Eo
|
||||
Vo3EgMRivSldvQV0Xiowc+3ppcA0CCxrSVhyXfxu/Wd7UdvavTKxhtUmoRr35mH4
|
||||
sAu/CpKLQd/hnUy5tszrPR/BMRXD8lW63XZQjZbsZ1leujrQ5DpIQmHgyi8k56kn
|
||||
FzSz38uhNHyMcYv+xA0HAGygcG7xiOYJ2wKL5yDMVf41nz37qXzrBqVH8CxgsmYp
|
||||
BWKE1rL+TmsFUoBCzPMV/fewf0Dp8BqPHZH9Va5lmcBMqu+/hS2RBPSbupyn6Y5B
|
||||
2YY42b758hhNIHaNYDmwMWrHCDg5FNipqMbmR0q32PCv2FNaK3chtoYMaC01ZmJS
|
||||
EA53nPMg3TE4AHcRGeP12swh3T7yeaFN8puRkLIXL625bksn7JsTy21Yvnq2K13Z
|
||||
rNAzSJdPAXBLYydyDwYBqs3epo37C2h/j2R5Edtj4OEgzrTlyM0gL1j+EKo0J1fl
|
||||
tBUdO+SIxwsFaCq7NiYQpPetT956peVTGMh6qXr/S/rV03hQcsXDNAkn+nE3JO0p
|
||||
bmbPv7CY+FZyLtSj3/yG1z3EOAWBxYQeU16xUvbaoYW0DzfOra09iRWPxcSGuNV1
|
||||
NF7XZ+KaT7ergVMBN5QWCoHFYZqFustvuUhkVe/xxR80F9qTJDzo9HF7xOR//Eiy
|
||||
lMA5XRtYtuUJ8fK2ZuGb3pFoBY4hQ4FbDP5genVmBwQrxGfRmIuSG3Mn9XfA0tEb
|
||||
ESP0tC22YNW+pltTfDU44+gK3g4GywiIYEAjoQhjIS5/YW7F
|
||||
=6950
|
||||
-----END PGP MESSAGE-----
|
1
secrets/plain/.gitignore
vendored
Normal file
1
secrets/plain/.gitignore
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
*
|
Loading…
Reference in a new issue