mirror of
https://github.com/ublue-os/forge.git
synced 2025-04-12 09:43:44 +03:00
28 lines
1.1 KiB
Bash
28 lines
1.1 KiB
Bash
#!/bin/sh
|
|
## Create SSH keys and certificates for uBlue-OS Forge
|
|
|
|
CERTIFICATE_DIRECTORY="/certs"
|
|
SSH_KEY_NAME="ublue-os_forge-id_ed25519"
|
|
TLS_ROOT_CERTIFICATE_NAME="ublue-os_forge-root"
|
|
|
|
if [ ! -f ${CERTIFICATE_DIRECTORY}/ssh/${SSH_KEY_NAME} ];
|
|
then
|
|
echo "uBlue Forge SSH key not present. Creating new key..."
|
|
mkdir ${CERTIFICATE_DIRECTORY}/ssh -p
|
|
# Generate SSH key
|
|
ssh-keygen -o -a 100 -t ed25519 -f ${CERTIFICATE_DIRECTORY}/ssh/${SSH_KEY_NAME} -C "forge@ublue.local"
|
|
else
|
|
echo "Existing uBlue Forge SSH key found. Nothing to do..."
|
|
fi
|
|
|
|
# Creating TLS certificates
|
|
if [ ! -f ${CERTIFICATE_DIRECTORY}/tls/${TLS_ROOT_CERTIFICATE_NAME}.pem ];
|
|
then
|
|
echo "uBlue Forge TLS root not certificate present. Creating new certificates..."
|
|
mkdir ${CERTIFICATE_DIRECTORY}/tls -p
|
|
# Generate TLS certificates
|
|
minica --domains "*.ublue.local,ublue.local,localhost" --ip-addresses 127.0.0.1 -ca-cert "${CERTIFICATE_DIRECTORY}/tls/${TLS_ROOT_CERTIFICATE_NAME}.pem" -ca-key "${CERTIFICATE_DIRECTORY}/tls/${TLS_ROOT_CERTIFICATE_NAME}-key.pem"
|
|
else
|
|
echo "Existing uBlue Forge TLS root certificate found. Nothing to do..."
|
|
fi
|