forked from hswaw/hscloud
env.sh: implement prod cert generation
parent
c6fd662d4b
commit
a5be0d8384
|
@ -0,0 +1,34 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIF4TCCA8kCCQCA8T/OXbv3BjANBgkqhkiG9w0BAQsFADCBtzELMAkGA1UEBhMC
|
||||||
|
UEwxFDASBgNVBAgMC01hem93aWVja2llMREwDwYDVQQHDAhXYXJzemF3YTEuMCwG
|
||||||
|
A1UECgwlU3Rvd2FyenlzemVuaWUgV2Fyc3phd3NraSBIYWNrZXJzcGFjZTEQMA4G
|
||||||
|
A1UECwwHaHNjbG91ZDEaMBgGA1UEAwwRQm9vdHN0cmFwIE5vZGUgQ0ExITAfBgkq
|
||||||
|
hkiG9w0BCQEWEnEza0BoYWNrZXJzcGFjZS5wbDAeFw0xODEyMjMwMDMzMzVaFw0x
|
||||||
|
OTAxMjIwMDMzMzVaMIGsMQswCQYDVQQGEwJQTDEUMBIGA1UECAwLTWF6b3dpZWNr
|
||||||
|
aWUxFDASBgNVBAcMC01hem93aWVja2llMS4wLAYDVQQKDCVTdG93YXJ6eXN6ZW5p
|
||||||
|
ZSBXYXJzemF3c2tpIEhhY2tlcnNwYWNlMSMwIQYDVQQLDBpOb2RlIEJvb3RzdHJh
|
||||||
|
cCBDZXJ0aWZpY2F0ZTEcMBoGA1UEAwwTIGJjMDFuMDEuaHN3YXcubmV0IDCCAiIw
|
||||||
|
DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALQctVNm9zAfIPHSIiBNkf7UTYJZ
|
||||||
|
0YtjKcKevCBW7GKHVaf/MT3Xrgnc2aK7rh6eftM/+UriRL4VnnGaqsmrFjlx0WTr
|
||||||
|
9vVXO0IvC2TkIwUZsydxAzU/iQxbG9NILjlQS5dyDyUYdRgY6fAX3n6kJXTGKLcx
|
||||||
|
rU2E28SqZxIYPBAaTt6j1LK7pTWj70Ib+v6e58QSbElLe2MEb567FNINntKYWq5l
|
||||||
|
eGkJalpDLSNEQTkUI4L476ez8naNNdMhqX0MhFFNOEiLENQBrXjFwrGn8S7biFVc
|
||||||
|
OYrHfTCINz+iPSmIjyHVBYa9XbvZyk8GQ9yDOgSAxzs7YYvDo7YoXRszl5vjph7Z
|
||||||
|
QvItkrEgzVfnTlEPsMqzfTxUt67A7VhNgExQN3tA8UJW8Z+Z8F57f+FD15xwKnUg
|
||||||
|
YvhDYTZ52gSMGllfC2jDoWlEZnCvi3LGFh9z0oX4vY5gMhJDO7QwFZK/d7UlSyQX
|
||||||
|
2dkUqTHPv/SpjIiubZfFsuCM+DDpzd7XZNTuonbYbNWBtc4hn5/Kb2V9pcLTzl7P
|
||||||
|
U7jJAOIsdWp8espfoZJXLOSdH3bLhyYDJhhYBHr0sVg5KNjhSGfYPvxrN/Rc/qf6
|
||||||
|
OoCQH0b8u5n3Mm6lv2b7q3/nwGx+RdDLKjuaaP8StTnfVYtCWgSpedMuAM+DmOns
|
||||||
|
WJLsZFSUyLAF5mm1AgMBAAEwDQYJKoZIhvcNAQELBQADggIBAH/LAOx1kVcHpJKv
|
||||||
|
M67ycaHOr/T86Nx5HO//yiAGv9jT4pMlAixicwoogwVjO1Gpr/+CyAzT06RQI6uP
|
||||||
|
4lOBcOi5eMZZAiDCV2XY0mEobcfdTXLfzxYQuYC5nHG+pDIXqHYvnMZe5dhh4Jrn
|
||||||
|
iXzox9M8K1Fik6kCOVIYzKsUhLyp/znVt4WHZkNdN+1Y52KQ6MTJbpBnFzePHcdJ
|
||||||
|
3D3RoFdRjH/ltCM1+zxqB6U+flvBhkEwIPEvdoBcc+IHxG1chf5o6l4ktXRZd0w6
|
||||||
|
b5EAIa3azaCGuMKOYwrRR9pqdqKpTObu7VfNUO5HYPai3WRzHYjbMVzSScTg9yiA
|
||||||
|
Pk2Suxo7ed99GKagAKlWxchVnaImWgLWNmioZdXWFVehCg0z0Pw83jKl3HsQLec7
|
||||||
|
0XDxW7yUBf7ZQwdBctOyUgHJ+7Xg05eGB+TzYoqj8Oz7RZf65IswZgWOEDa5ojI/
|
||||||
|
3qqbwm9QhPFD7T2PMmMU55QHb9w33I6RGuOiNocaTtyAcvhGYqc8EBMA7Mv0F0sy
|
||||||
|
dIs6gmO6b090LDvsnyOCnxPWQeWLAECO/gpkMhlqFVrZFkYh5eXj4aGwIH02to8m
|
||||||
|
zwd2YbAUjHOnWNirZ4hsZyy7zeY3odreqNiqQzHt4Jkme6uNloq6F0u2ZfTlkUN9
|
||||||
|
ueExOYFcXTuMWxRynwWsnw3eLY1h
|
||||||
|
-----END CERTIFICATE-----
|
|
@ -0,0 +1,34 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIF4TCCA8kCCQCA8T/OXbv3BzANBgkqhkiG9w0BAQsFADCBtzELMAkGA1UEBhMC
|
||||||
|
UEwxFDASBgNVBAgMC01hem93aWVja2llMREwDwYDVQQHDAhXYXJzemF3YTEuMCwG
|
||||||
|
A1UECgwlU3Rvd2FyenlzemVuaWUgV2Fyc3phd3NraSBIYWNrZXJzcGFjZTEQMA4G
|
||||||
|
A1UECwwHaHNjbG91ZDEaMBgGA1UEAwwRQm9vdHN0cmFwIE5vZGUgQ0ExITAfBgkq
|
||||||
|
hkiG9w0BCQEWEnEza0BoYWNrZXJzcGFjZS5wbDAeFw0xODEyMjMwMDMzNTVaFw0x
|
||||||
|
OTAxMjIwMDMzNTVaMIGsMQswCQYDVQQGEwJQTDEUMBIGA1UECAwLTWF6b3dpZWNr
|
||||||
|
aWUxFDASBgNVBAcMC01hem93aWVja2llMS4wLAYDVQQKDCVTdG93YXJ6eXN6ZW5p
|
||||||
|
ZSBXYXJzemF3c2tpIEhhY2tlcnNwYWNlMSMwIQYDVQQLDBpOb2RlIEJvb3RzdHJh
|
||||||
|
cCBDZXJ0aWZpY2F0ZTEcMBoGA1UEAwwTIGJjMDFuMDIuaHN3YXcubmV0IDCCAiIw
|
||||||
|
DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALGikI7ZrkbeioBedyAFOszMSh/s
|
||||||
|
eSadhsXhM1naDV6RASmD1xBrUbxRx4DKVBCQKidppbVIOE4vxULOIINc75JX+ZV3
|
||||||
|
vsymNyfnOJXIeaxN5gYg5uGeE4LcvP2Qm5O9Bvo0YVWl6KPO5Xms/y/BAgDdFaO4
|
||||||
|
3CCIJBZ/rw11HJB04qNlVvgk1df4VIo3kCOj9e3ZdahnZDJ0FpX3bQmMBXZljy6O
|
||||||
|
cKE3fnmME81jjU9oAxjHTk+C61FHhaQ8KE00aSQhyAZC9V9fpwHlPy+Rn2V6pHzg
|
||||||
|
dpxZMRSdj6wXz1cllSPxqtcm46tpRxClFNxLNmP9PvhwFH32b70+IxC7cpvOZGyV
|
||||||
|
FPfISTGN7sTGirN2heQ2DaooEsDUOS/jJcrd5OBPaCWRS4HzrOkzg3RYYYQ65C1y
|
||||||
|
ViX0QNKpzSKdIzfA3tYkGrbD07BgPA0FyaLPsTsi8D0fbFaNl1yIjeyovtg9gmSv
|
||||||
|
augO16tPqltMURFb5aSQc/5xT2qhgbWFaYN4k0xXx2NI08j+6wjqsetF9B5J52KB
|
||||||
|
oc/j2LSZa2mEuQBuWf1vI0K3XPL5vlQzPtye0shYIdL69Z9Yr1cELZywtvyM1glu
|
||||||
|
jWiNo2myPjXQi+MWkxo1KArZKAOq17X5e2zFZaMCyiJfgUy1gbxJ9sih5s/M/DPM
|
||||||
|
2it/iYLikKAoWzRXAgMBAAEwDQYJKoZIhvcNAQELBQADggIBADE//J9VLcYXOz/j
|
||||||
|
30hSlvdYvefgzxvYeiUm769JZrh+Mj34DSmaXkt0gxPlRPTtTyemkZ3wk0nBVdyO
|
||||||
|
iZQVERP6tq49jpmH9JGLNgn0SHHzLL5VcnUOvV0EPOZl9QEJtgN+kHFwHs4uPddX
|
||||||
|
efxVJmmDE7n6nJq+ya6C9SEn9eMW2/2Yxi+ait8jbLtOvEnUDlnGCczkJwTEOgf6
|
||||||
|
obCWiUs8Kw28v7FuFdC1GPxDw2XeaX1OYfQIViK//G51138ESh883cV45ZDhFvnf
|
||||||
|
7cAfGk/o3SKRHXwyrgd3E8TvfSCCmhc2K56ebA9bfNgIZuctQaNfB7FO1BNGplxv
|
||||||
|
D8aAkLQAlQzMHXcZWcVDq14wB5v/ATHUvJZtXe8+G555w2TlRy35OQXgv7BAyTQ/
|
||||||
|
pxx9MTH/pAS5H889vK2IIxfiZB4fabFa7TmJwCtTl3yhX46iZE753J6MlsUoSwag
|
||||||
|
R5N0ebLNZw7pW++IX4pclWag7PJLNrYtvNc3BHn+tSMjDxMrMsBwq4uOBKT20GQF
|
||||||
|
KmaQl0zBV5PMC8k8uUy35ySzW/7yOoWaabsLNef6Y1zIeoAgv/AUpCABgyjBCBLM
|
||||||
|
kp3jENn05dAdmElA54VnOhP2j69m0NH9XMf0O3sfN6JZjBCAEMVJChkIqWN00WZt
|
||||||
|
pANtSKHTd3PLbs8A+Ix+XUHsl1m3
|
||||||
|
-----END CERTIFICATE-----
|
|
@ -0,0 +1,34 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIF4TCCA8kCCQCA8T/OXbv3CDANBgkqhkiG9w0BAQsFADCBtzELMAkGA1UEBhMC
|
||||||
|
UEwxFDASBgNVBAgMC01hem93aWVja2llMREwDwYDVQQHDAhXYXJzemF3YTEuMCwG
|
||||||
|
A1UECgwlU3Rvd2FyenlzemVuaWUgV2Fyc3phd3NraSBIYWNrZXJzcGFjZTEQMA4G
|
||||||
|
A1UECwwHaHNjbG91ZDEaMBgGA1UEAwwRQm9vdHN0cmFwIE5vZGUgQ0ExITAfBgkq
|
||||||
|
hkiG9w0BCQEWEnEza0BoYWNrZXJzcGFjZS5wbDAeFw0xODEyMjMwMDM0MDRaFw0x
|
||||||
|
OTAxMjIwMDM0MDRaMIGsMQswCQYDVQQGEwJQTDEUMBIGA1UECAwLTWF6b3dpZWNr
|
||||||
|
aWUxFDASBgNVBAcMC01hem93aWVja2llMS4wLAYDVQQKDCVTdG93YXJ6eXN6ZW5p
|
||||||
|
ZSBXYXJzemF3c2tpIEhhY2tlcnNwYWNlMSMwIQYDVQQLDBpOb2RlIEJvb3RzdHJh
|
||||||
|
cCBDZXJ0aWZpY2F0ZTEcMBoGA1UEAwwTIGJjMDFuMDMuaHN3YXcubmV0IDCCAiIw
|
||||||
|
DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAML9XvRVO84Wcqk0Ix2RhLoIme1F
|
||||||
|
l0MUxx+LVQ+5oUm6TPO3s46cj+uTg0dhmbfrX54rRf+4lv/NG4tifzFSBx0nqVIw
|
||||||
|
upklITanNgxto8Ga5m8GhoPZoR8nXuGujwUEbC6rqgqy9Vfc4gV5mUw+jzcEmjOD
|
||||||
|
B1tDSs8c9cwfIYstuGOftXvjzcl/ajdS7tj+4PxLlsP6Fg0+ISIE1w8XPyyzHaPs
|
||||||
|
yOt+4PUAkZDpc9FkePw0NIlVPRi+V8Y04556Vgk1SUxiEbcxvDsFxlK313NQOSxy
|
||||||
|
7e2qSj4U1suce5Hlhjh/KltGZQLBZkADd2cGiUKK2RDsV1LIk+Qz+Gcx4PuYZ695
|
||||||
|
fJjMreqn2MaW1fT5dlPLcPmVxU5w7bkeHP00p1064Vvv/iZdfrI9NuhYIiU/deyM
|
||||||
|
VhevhcoJUY7ZRRSoUUVnFs+LME/bXfEU+9BQdseQL/sr3HwNrh4F/03DTUllmTHg
|
||||||
|
w8hMX/Le6uQC1mXMUx3MgkziOVyP4Lh+YtPDbHN6gQmqcffFjKsS7csPN2sdUoaO
|
||||||
|
UMt33twQM6LL69C/YXvIj/Bns37MLyk0IOZdAfxbP9+eQRQan87yOazq08pBb2fo
|
||||||
|
4juJkc6lpOPP8VNe+lT5yDGqEf3YHrYAe9fGwJNs7oL9nbjXaYAdQ3m8CKNdiil8
|
||||||
|
3LOoVlvPUsd2jH8ZAgMBAAEwDQYJKoZIhvcNAQELBQADggIBACKOxecoz5rZJ8sc
|
||||||
|
5x/NXZAxZKX99AX8OWFUyJ57UF9B8cPiv8JT3LQcUnUDpLT39sLjeUhWZOTvr2+R
|
||||||
|
FomUNHSs2JzRHmoopZ+sNQcuZOhEkpqkCAf34lLY37K3Wl430EKd97nDCBN0JC/3
|
||||||
|
CE5VPPpe38D2Ek/Sqj22LEKXuPkIjdE+QKKq/EbQaaTNNCPgA6qr8SLSbPSNhV5m
|
||||||
|
nWJpZncqEy7i4+DTaJuczseGscm7uF4rLahd9sd2yhbVpP3b0ytCA7WNgAXnqKs0
|
||||||
|
XEYQkmiGWMphTH2VCKKBT+LSlXtMjEjYIxIm/qOJ4E4Rdy6HfPAiI/tOS+V3skCm
|
||||||
|
lSzUSs8nl21MvEeRvJ7iDZ2qKz6g+wdSNKgpc3uTwvb0DGjJjVKPOLyW5wcK+6zR
|
||||||
|
c4I1JOUayhMAjt9rqmiyq/4utoToGVpe8NS1EbSrUaYkXUollmYOtdwiK0oHcgKp
|
||||||
|
Xq0GMNlrujPaT00/N9ygMxwpYsolFu+ec2JGitjBPG9JM/R+TaTzmte5FckpL7/m
|
||||||
|
oT12kDeBjaNUfkX+PYuxIzo6XP2IUzhUi+8mJxh3T7HxDMzOs7knF6JYZRF6C7oW
|
||||||
|
7ZLT4a8iKVOuUrrpEpyx0r/SLT81eQm02Nj6wAPXjJLpyyFVQhHirG8ic1Jqb75g
|
||||||
|
O2ybvWHjv0kozydE7/T+xwLeFkZM
|
||||||
|
-----END CERTIFICATE-----
|
|
@ -0,0 +1,36 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIGQzCCBCugAwIBAgIJAIR4/5GzSsHkMA0GCSqGSIb3DQEBCwUAMIG3MQswCQYD
|
||||||
|
VQQGEwJQTDEUMBIGA1UECAwLTWF6b3dpZWNraWUxETAPBgNVBAcMCFdhcnN6YXdh
|
||||||
|
MS4wLAYDVQQKDCVTdG93YXJ6eXN6ZW5pZSBXYXJzemF3c2tpIEhhY2tlcnNwYWNl
|
||||||
|
MRAwDgYDVQQLDAdoc2Nsb3VkMRowGAYDVQQDDBFCb290c3RyYXAgTm9kZSBDQTEh
|
||||||
|
MB8GCSqGSIb3DQEJARYScTNrQGhhY2tlcnNwYWNlLnBsMB4XDTE4MTIyMzAwMTQz
|
||||||
|
MloXDTE5MDEyMjAwMTQzMlowgbcxCzAJBgNVBAYTAlBMMRQwEgYDVQQIDAtNYXpv
|
||||||
|
d2llY2tpZTERMA8GA1UEBwwIV2Fyc3phd2ExLjAsBgNVBAoMJVN0b3dhcnp5c3pl
|
||||||
|
bmllIFdhcnN6YXdza2kgSGFja2Vyc3BhY2UxEDAOBgNVBAsMB2hzY2xvdWQxGjAY
|
||||||
|
BgNVBAMMEUJvb3RzdHJhcCBOb2RlIENBMSEwHwYJKoZIhvcNAQkBFhJxM2tAaGFj
|
||||||
|
a2Vyc3BhY2UucGwwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC5VHqM
|
||||||
|
XleyNZZFA1sDJPf5o9PgdMobjetNAVe/3MSSEoJypmjNjdJRY18I91EoCk0KBL97
|
||||||
|
5kb1/S1nSpMkAQSF+6EiaawQmVUcjfzHzBrScUwzPDeRevWLt79HRTKGuoNF6kWQ
|
||||||
|
zO8ZJJN0wq6nGoaIM2jNkF9OYrSH2Ah9oQYANgSdivgBU6b+Iu66iwTQP/4XdoLX
|
||||||
|
zPNFLqOCl/KDL3NtrSPuw5iz8ibGhJfBTnbh4p6VVQOr26x+wsutadoqAgb5xWoi
|
||||||
|
/K2ldpEPL/J0Zd17D9f38ByvsX2Uew0awBpuoFlQG4cjw5HlOrNPZ0BdX81fY8om
|
||||||
|
MOY2QRmr7ejpOV8GJNGRXlqZbKysFG3l5Oif6J3vPI/pC6y3UJC290Ez0gZwHHUj
|
||||||
|
gZ/8KdwCMhjnEaijEBvhPPOPdzFv4QTzBfiRrlgfvWYK34+Qn2dQYcHKLSpCjzai
|
||||||
|
/2DlePcdm1kCiGeITdisH0IWktIbopiWpGGjTJGQDkhPcJXFXYqWc9f/aenKPiDs
|
||||||
|
w4zszG6/lJ5uWvbjAhjVSG5oQIJ916ZwDGrWgW2snAw70sfPlnKzPeTvuc3UUkxj
|
||||||
|
5FMRQo2+WbYjZ8ALYxYrYVPGGm1dJLUaI8Uz3+m6aPyknkgaZXGcVFNtMM5gxXjD
|
||||||
|
Sj7X8PHn+8SRzmi4Fm9PMXv2DCiaEMoCzdgBxwIDAQABo1AwTjAdBgNVHQ4EFgQU
|
||||||
|
isQ9M9yBZWr3splDukgQMf33d4cwHwYDVR0jBBgwFoAUisQ9M9yBZWr3splDukgQ
|
||||||
|
Mf33d4cwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEANwjM1UVvnfyM
|
||||||
|
f05yL1zGDHn9AF5MGWBbUynlY0uFAY9SIiRtFGTeDhnHaWLrSzrxHF2gshziapQC
|
||||||
|
qNvsPT7VN2rjm3F/L61O9iywtuY/xj2TkTykv3BUFKpZAN8iXXUZQ7EZjnKTejpH
|
||||||
|
Rvn69BwQWLdRFgZSvaAMuvR+Jx+Klbg4To1cEEIn01WiRFqEEaXPcD01XpaoCcRj
|
||||||
|
2xshfl5H0EpVdYbuESjeMxcU4DDM0aLrEbX9c9gVxhi5SyWm8V7ZLnik4K90FP5Z
|
||||||
|
KZhXhyf2vUhtHyypeucmetxAuMAJ57CqC7Zx8FC/z6XlsYDjkZkbSjxILsEuWOaS
|
||||||
|
golo9ZeoxnARa8OWdfFFpdOUjdrLgJkMYaQZyZN/gfHtmr7yL+T3Exltl8sc99TJ
|
||||||
|
CmB0b7/zFjhQNwtOrmvBkF7L5P7Z2f4foAGU3eTOibwhL4DyaWVatD9HDFCTYfNf
|
||||||
|
q6L6E4yqc9rVo9wQeYMqx0PhDZmZ9s5/1NVVYwOEjCHssN+FowxVLvn47PyCFm0K
|
||||||
|
EkhoLUoHIPU5eV5PQtn+mXE2dTqPIq5VbpmU7cv0axmzoRhQSoDppJuaRW6ATpRU
|
||||||
|
e5JTZmZqqyewEs/7KPLr5REbiFB6ZM+xUy3sYorLm4/MgT+ivlKi7bfVwyVuL0wz
|
||||||
|
uZA9DdBd/8pAPg/7hiLypsUzIQSzZdU=
|
||||||
|
-----END CERTIFICATE-----
|
|
@ -0,0 +1 @@
|
||||||
|
80F13FCE5DBBF708
|
42
env.sh
42
env.sh
|
@ -25,6 +25,48 @@ hscloud-pki-dev() {
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
hscloud-node-push-certs() {
|
||||||
|
(
|
||||||
|
set -e
|
||||||
|
|
||||||
|
if [ -z "$1" ]; then
|
||||||
|
echo >&2 "Usage: hscloud-node-push-certs node.fqdn.com"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fqdn="$1"
|
||||||
|
|
||||||
|
echo "Checking node livenes..."
|
||||||
|
ssh root@$fqdn uname -a
|
||||||
|
|
||||||
|
echo "Checking if node already has key..."
|
||||||
|
ssh root@$fqdn stat /opt/hscloud/node.key || (
|
||||||
|
echo "Generating key..."
|
||||||
|
ssh root@$fqdn -- mkdir -p /opt/hscloud
|
||||||
|
ssh root@$fqdn -- nix-shell -p openssl --command "\"openssl genrsa -out /opt/hscloud/node.key 4096\""
|
||||||
|
ssh root@$fqdn -- chmod 400 /opt/hscloud/node.key
|
||||||
|
)
|
||||||
|
|
||||||
|
echo "Checking if node already has cert..."
|
||||||
|
ssh root@$fqdn stat /opt/hscloud/node.crt && exit 0
|
||||||
|
echo "No cert, will generate..."
|
||||||
|
|
||||||
|
cd "$hscloud_root"
|
||||||
|
secrets="$hscloud_root/secrets"
|
||||||
|
ca="$secrets/plain/ca.key"
|
||||||
|
[ ! -f "$ca" ] && ( scripts/secretstore decrypt "$secrets/cipher/ca.key" > $ca )
|
||||||
|
|
||||||
|
ssh root@$fqdn -- nix-shell -p openssl --command "\"openssl req -new -key /opt/hscloud/node.key -out /opt/hscloud/node.csr -subj '/C=PL/ST=Mazowieckie/L=Mazowieckie/O=Stowarzyszenie Warszawski Hackerspace/OU=Node Bootstrap Certificate/CN=" $fqdn "'\""
|
||||||
|
scp root@$fqdn:/opt/hscloud/node.csr .
|
||||||
|
openssl x509 -req -in node.csr -CA data/ca.crt -CAkey "$ca" -CAcreateserial -out "data/${fqdn}.crt"
|
||||||
|
|
||||||
|
scp "data/${fqdn}.crt" root@$fqdn:/opt/hscloud/node.crt
|
||||||
|
scp "data/ca.crt" root@$fqdn:/opt/hscloud/ca.crt
|
||||||
|
ssh root@$fqdn -- chmod 444 /opt/hscloud/node.crt /opt/hscloud/ca.crt
|
||||||
|
rm node.csr
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
echo "Now playing:"
|
echo "Now playing:"
|
||||||
echo " hscloud-dc - run docker-compose"
|
echo " hscloud-dc - run docker-compose"
|
||||||
echo " hscloud-pki-dev - generate dev PKI certs"
|
echo " hscloud-pki-dev - generate dev PKI certs"
|
||||||
|
echo " hscloud-node-push-certs - push a node cert to the node"
|
||||||
|
|
|
@ -0,0 +1,31 @@
|
||||||
|
#!/usr/bin/env python3
|
||||||
|
|
||||||
|
# A little tool to encrypt/decrypt git secrets. Kinda like password-store, but more purpose specific and portable.
|
||||||
|
|
||||||
|
import sys
|
||||||
|
import subprocess
|
||||||
|
|
||||||
|
keys = [
|
||||||
|
"63DFE737F078657CC8A51C00C29ADD73B3563D82" # q3k
|
||||||
|
]
|
||||||
|
|
||||||
|
def main():
|
||||||
|
if len(sys.argv) < 3 or sys.argv[1] not in ('encrypt', 'decrypt'):
|
||||||
|
raise Exception("Usage: {} encrypt/decrypt file".format(sys.argv[0]))
|
||||||
|
|
||||||
|
action = sys.argv[1]
|
||||||
|
src = sys.argv[2]
|
||||||
|
|
||||||
|
if action == 'encrypt':
|
||||||
|
cmd = ['gpg' , '--encrypt', '--armor', '--batch', '--yes', '--output', '-']
|
||||||
|
for k in keys:
|
||||||
|
cmd.append('--recipient')
|
||||||
|
cmd.append(k)
|
||||||
|
cmd.append(src)
|
||||||
|
subprocess.check_call(cmd)
|
||||||
|
else:
|
||||||
|
cmd = ['gpg', '--decrypt', '--output', '-', src]
|
||||||
|
subprocess.check_call(cmd)
|
||||||
|
|
||||||
|
if __name__ == '__main__':
|
||||||
|
sys.exit(main() or 0)
|
|
@ -0,0 +1,63 @@
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
hQEMAzhuiT4RC8VbAQgAkKl/HHWSy4UVqcrZ+8wew1XLHq1iz/vBZ8PC0nRzlYpm
|
||||||
|
wHysvfOWI53mfDcpbza0JzC9UJbno7BKCUHLSs0cyU5dRnh4D5QI4w6lMA0CAhL/
|
||||||
|
muic9zz3XnTQbE1uxyMGiQxkYWxRbYyBRL3gO7AlAV/xKUukUSjm/T8jdxGl4K9N
|
||||||
|
jEszfioDzmlDbxrR3NgcJ1ZTBchxUzE9qcc3OTggl0KnYdj+Q+DPuzlrChHU5lgn
|
||||||
|
bwjeu6TEFDtwFabd2qAwlqRy29tsjVIYD1334dVb0KorKnJ2BwT3AWp+ibDj/MhY
|
||||||
|
z9IcFmV3Ns0ch9OOCDuqDVX7xvaRzZSNbZdIaRb0W9LrAdaLw8rtgbu1lNtnxZcI
|
||||||
|
sIeuRNvB+NaAlJ57h0kNvasX4Lmd9U0eB3SKIs6CPqHWNzeZu2vgeIT3MS/le5uf
|
||||||
|
73gBG7C5pO/6Nmam6zRbG2LinD+saeIMNFNWc3+gebD2GAFNQQrPm02FEO4Zou29
|
||||||
|
vtG5SXBCKHeZ4Q2TSBb/2UvM7n/mLA+BQVObOtGNUpVyy/+PrCItmXXFtLd4m7Yh
|
||||||
|
0llnz4e16Zz4d8P34srqQM1vNSn7p8WZyHOVaDEOm2/HBOxRyNzWvUfgvUzfGIh4
|
||||||
|
u7mh9XRyldPYfD2654EWh/QvFphurEeXd00eVp9I/JIOLPvx0ISX+Z9/EcnsREPz
|
||||||
|
bc9ZxQfifpaatN7/EhKPv5KXkf+8vNujH9BgEwvTrGkJqZzu+SFTcGcfPHmU1uZV
|
||||||
|
nnAg3SQRnGmPXO2zsQFtGrG/xgG+tizjVwHRpWtfzA3VHhAHieGof8ysDx9yu8xA
|
||||||
|
NafYDXK/nk1klXcvk0k1H1bwC/gD1UW1UsK8UtEaJyHUrb2yRhyZ6Xt4tQn4pHCI
|
||||||
|
eRuguWhOLdzDK4MsTLG0/tWO1L07LT6cpYweqSIOFw8MaArtSeQ5rp9KXiFKv8nA
|
||||||
|
8XbHeb6UJSo5bZvWNAwGc8KmyhSLWafOPF4oghdBUQPFeV7fHREhbCVUF0hdL2qr
|
||||||
|
EI2up0HShliv1EVKxCFMqpY1RKHbtmUQgYBk0CIvE3eRRUW2rUH+e3hYZ3DiDydH
|
||||||
|
UtuQmks/tkGzoIt+yqG9Ef4Zw3UUV1K/W4AzKkGMZa+w9LkbRMSD90IhfcIB7+59
|
||||||
|
/eVWjaUu+IW/S9fd4J8qXZhCXChjk4VDQ1K3mSl2k85fkyEP5vjjXpkVZ1qR+BMz
|
||||||
|
JjgxAKmMano23JbPwu6PKdKCBSBXiX5SqW5ei0CMKmZdFv2k29PDBYvYHIq1r/3V
|
||||||
|
YujCWr+G9y6MHN3k2L8Zgp55Mm9g2LKdJ7y1V2g0k6Odw9P9uQewNsziyV3uInSP
|
||||||
|
QLuV4NZ8bvAF0lH/D/9kxcqr7ICuyBFVbp7qoh0r4bbKyoSzUo+OVeSsO4HOhAOS
|
||||||
|
iVm3PlhvKPQb6QRvGboVKji+N5TxO1lsgeYTh9Ry6cSwpaq81l1JzQ3IoIt9xuLX
|
||||||
|
7v/y1HevfwRl5FUnAvFTvLXQzgcBLPa87BZiAqDJRMFzd3ijwuMR+mXA91oyT+fT
|
||||||
|
pRNoUqExfeMAq2ODS/onvZqcMsXt5XpONxTpNJuksjw7d4CwAyt1hNNWPlJXnHah
|
||||||
|
OiT2tAeEtjaf9albkbYwzlUVWoVOhBt+Cr1rjJJlcgJ4i/EMqmp+ukMmCo+GEgZS
|
||||||
|
rex+YorLpNTRC+IKqZf/VJJcrMOkkul/sOdwGALlkDl+27baPnmV3PYSFzI7ciIP
|
||||||
|
xyatf4LwDVu6RDAD1tv3KsMtS1BlsJQT34I3+CWtpZ9HDWPxk30LFoFrs6zv5Ajm
|
||||||
|
gjVsT0bUQfvxJX3Kp0aqT1cquSI2m/Gf6rhp8l6zRoYCtalnoxXJeOurrmh3P6KA
|
||||||
|
xlmv2CGpxUwB+5G5k2bFR/mQeur2HNM13fu3twNCjqtgTSvxXztP2tpWaxdGUFqt
|
||||||
|
U8xkSZrjwlgpwwtL+Zx3++8n4YAGhxRxtiKVxU28w9Db4h3WybPPEg7MwFu+Bhyf
|
||||||
|
ZB+MlaAfVLqH1RKpeOs4AI5Xnfh0xtYi2coDECs/8rnbnJNCfMCgYUZ37B+RBcxo
|
||||||
|
qPgZK5RvGPz1sN4uoW16MTgD3He8aYX/ytrt8GPEQ5zJuwroJ1kdCsZ89YvdG8IG
|
||||||
|
eD9JXd/DSw0X8CNBKgyB3JnUgy+VqTrwkjwB00aHv5NMe+R9pdrHnBCdWPdcIZTQ
|
||||||
|
uzJfjH0GNUrU/ay0fo1094Ankwt/v9iRu2xXsvM06JTtKRJF/ep3U+MRaPaMyZfu
|
||||||
|
gVqtyERyqj5HJiFBkts9jjcE+i74VuvIytadlhnuS3Na6cfXpckIg8605LirqO1O
|
||||||
|
I9Wu17ih1KIusBIGmVPJL9ecfCm4cP6n9nSDNzFfwYRjGMuTLP06nbb3LZ27DfoC
|
||||||
|
He5vscMnQ0cNxd1fvl8+GCuWM20eOSze4Ks7n66c7pVLMMhoSoD+bU8j6Sser4U7
|
||||||
|
0lVrXxkdcGxxACKvCrEgxIyPVhWKkQum4QeXamFBf1NhrOSw5LI3/pbtPPbGdeVg
|
||||||
|
WRWStMANB7zZxdBCbYKU6OW48MqVkWNZwLSOjvRVogMdty3vrmDCbGLtahOY5B3F
|
||||||
|
7FuFKP22wzrP0LVB2PzUftBe/uFXISdSsDx877CM+KhbTG58gw6JHhF6ydrigpHF
|
||||||
|
zZbXSl75x116igonpgEj1iJ6rDG2w4fYeTGscZgKkWOBM2EPIAhp9nMXi/PN68Lb
|
||||||
|
iMbfz0FZCf9lWsSruGZUKs2odpIipLOWlLfPOFQr8ObSKNcP7H43OFcn9cxwo9OK
|
||||||
|
05dicPXXYE14h073LXzrDwesAbuQEOmNvKrvgCyNU+36s+DoJsb4LNEyragS66gK
|
||||||
|
xunEaDbtIy52p7XX2h7/1Fa4ukIgP/bed0p3ADpiT5GX6USiw4kNOto04wfb3QNn
|
||||||
|
ZXsjUck5WxA5SLfBQjXlU58jcCb9wFAYrc2+Iqg6aRl5d8dcKcx1dh7/8cG4sPuG
|
||||||
|
Dtpk0QYHxI8K4ZQsrRnHfgSIwR+AKMIpk8UPVUTiFSgqCaisxIDo03aLP7GJ91Eo
|
||||||
|
Vo3EgMRivSldvQV0Xiowc+3ppcA0CCxrSVhyXfxu/Wd7UdvavTKxhtUmoRr35mH4
|
||||||
|
sAu/CpKLQd/hnUy5tszrPR/BMRXD8lW63XZQjZbsZ1leujrQ5DpIQmHgyi8k56kn
|
||||||
|
FzSz38uhNHyMcYv+xA0HAGygcG7xiOYJ2wKL5yDMVf41nz37qXzrBqVH8CxgsmYp
|
||||||
|
BWKE1rL+TmsFUoBCzPMV/fewf0Dp8BqPHZH9Va5lmcBMqu+/hS2RBPSbupyn6Y5B
|
||||||
|
2YY42b758hhNIHaNYDmwMWrHCDg5FNipqMbmR0q32PCv2FNaK3chtoYMaC01ZmJS
|
||||||
|
EA53nPMg3TE4AHcRGeP12swh3T7yeaFN8puRkLIXL625bksn7JsTy21Yvnq2K13Z
|
||||||
|
rNAzSJdPAXBLYydyDwYBqs3epo37C2h/j2R5Edtj4OEgzrTlyM0gL1j+EKo0J1fl
|
||||||
|
tBUdO+SIxwsFaCq7NiYQpPetT956peVTGMh6qXr/S/rV03hQcsXDNAkn+nE3JO0p
|
||||||
|
bmbPv7CY+FZyLtSj3/yG1z3EOAWBxYQeU16xUvbaoYW0DzfOra09iRWPxcSGuNV1
|
||||||
|
NF7XZ+KaT7ergVMBN5QWCoHFYZqFustvuUhkVe/xxR80F9qTJDzo9HF7xOR//Eiy
|
||||||
|
lMA5XRtYtuUJ8fK2ZuGb3pFoBY4hQ4FbDP5genVmBwQrxGfRmIuSG3Mn9XfA0tEb
|
||||||
|
ESP0tC22YNW+pltTfDU44+gK3g4GywiIYEAjoQhjIS5/YW7F
|
||||||
|
=6950
|
||||||
|
-----END PGP MESSAGE-----
|
|
@ -0,0 +1 @@
|
||||||
|
*
|
Loading…
Reference in New Issue