lamassu/lamassu-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add lamassu-ca scripts

Browse source
This commit is contained in:
Josh Harvey 2017-12-11 01:25:19 +02:00
parent b612a83af8
commit 3e8e846d95
3 changed files with 208 additions and 280 deletions
Download patch file Download diff file Expand all files Collapse all files

6
lib/admin/admin-support.js
View file

@ -14,10 +14,6 @@ const logs = require('../logs')
const supportLogs = require('../support_logs')
const options = require('../options')
const caOptions = {
ca: '/etc/ssl/certs/Lamassu_CA.pem'
}
app.use(morgan('dev'))
app.use(helmet({noCache: true}))
app.use(cookieParser())
@ -29,7 +25,7 @@ app.use(serveStatic(path.resolve(__dirname, '..', '..', 'public'), {
const certOptions = {
key: fs.readFileSync(options.keyPath),
cert: fs.readFileSync(options.certPath),
ca: [fs.readFileSync(caOptions.ca)],
ca: [fs.readFileSync(options.lamassuCaPath)],
requestCert: true,
rejectUnauthorized: true
}

428
package-lock.json generated
View file

@ -1,6 +1,6 @@
{
"name": "lamassu-server",
"version": "5.5.21",
"version": "5.5.27",
"lockfileVersion": 1,
"requires": true,
"dependencies": {
@ -75,6 +75,13 @@
"resolved": "https://registry.npmjs.org/@fczbkk/uuid4/-/uuid4-3.0.0.tgz",
"integrity": "sha1-lksiHLlV4csPBEdnqWaCgCOjhLs="
},
"abbrev": {
"version": "1.1.1",
"resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.1.1.tgz",
"integrity": "sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q==",
"dev": true,
"optional": true
},
"accepts": {
"version": "1.3.3",
"resolved": "https://registry.npmjs.org/accepts/-/accepts-1.3.3.tgz",
@ -1184,6 +1191,15 @@
"resolved": "https://registry.npmjs.org/blob/-/blob-0.0.4.tgz",
"integrity": "sha1-vPEwUspURj8w+fx+lbmkdjCpSSE="
},
"block-stream": {
"version": "0.0.9",
"resolved": "https://registry.npmjs.org/block-stream/-/block-stream-0.0.9.tgz",
"integrity": "sha1-E+v+d4oDIFz+A3UUgeu0szAMEmo=",
"dev": true,
"requires": {
"inherits": "2.0.3"
}
},
"bluebird": {
"version": "3.5.0",
"resolved": "https://registry.npmjs.org/bluebird/-/bluebird-3.5.0.tgz",
@ -2219,6 +2235,13 @@
"repeating": "2.0.1"
}
},
"detect-libc": {
"version": "1.0.3",
"resolved": "https://registry.npmjs.org/detect-libc/-/detect-libc-1.0.3.tgz",
"integrity": "sha1-+hN8S9aY7fVc1c0CrFWfkaTEups=",
"dev": true,
"optional": true
},
"diff": {
"version": "3.2.0",
"resolved": "https://registry.npmjs.org/diff/-/diff-3.2.0.tgz",
@ -2983,7 +3006,7 @@
"optional": true,
"requires": {
"nan": "2.6.2",
"node-pre-gyp": "0.6.36"
"node-pre-gyp": "0.6.39"
},
"dependencies": {
"abbrev": {
@ -2998,10 +3021,6 @@
"json-stable-stringify": "1.0.1"
}
},
"ansi-regex": {
"version": "2.1.1",
"bundled": true
},
"aproba": {
"version": "1.1.1",
"bundled": true
@ -3016,10 +3035,6 @@
"version": "0.2.3",
"bundled": true
},
"assert-plus": {
"version": "0.2.0",
"bundled": true
},
"asynckit": {
"version": "0.4.0",
"bundled": true
@ -3036,27 +3051,6 @@
"version": "0.4.2",
"bundled": true
},
"bcrypt-pbkdf": {
"version": "1.0.1",
"bundled": true,
"requires": {
"tweetnacl": "0.14.5"
}
},
"block-stream": {
"version": "0.0.9",
"bundled": true,
"requires": {
"inherits": "2.0.3"
}
},
"boom": {
"version": "2.10.1",
"bundled": true,
"requires": {
"hoek": "2.16.3"
}
},
"brace-expansion": {
"version": "1.1.7",
"bundled": true,
@ -3076,17 +3070,6 @@
"version": "4.6.0",
"bundled": true
},
"code-point-at": {
"version": "1.1.0",
"bundled": true
},
"combined-stream": {
"version": "1.0.5",
"bundled": true,
"requires": {
"delayed-stream": "1.0.0"
}
},
"concat-map": {
"version": "0.0.1",
"bundled": true
@ -3099,26 +3082,6 @@
"version": "1.0.2",
"bundled": true
},
"cryptiles": {
"version": "2.0.5",
"bundled": true,
"requires": {
"boom": "2.10.1"
}
},
"dashdash": {
"version": "1.14.1",
"bundled": true,
"requires": {
"assert-plus": "1.0.0"
},
"dependencies": {
"assert-plus": {
"version": "1.0.0",
"bundled": true
}
}
},
"debug": {
"version": "2.6.8",
"bundled": true,
@ -3131,10 +3094,6 @@
"dev": true,
"optional": true
},
"delayed-stream": {
"version": "1.0.0",
"bundled": true
},
"delegates": {
"version": "1.0.0",
"bundled": true
@ -3152,10 +3111,6 @@
"dev": true,
"optional": true
},
"extsprintf": {
"version": "1.0.2",
"bundled": true
},
"forever-agent": {
"version": "0.6.1",
"bundled": true
@ -3170,20 +3125,6 @@
"version": "1.0.0",
"bundled": true
},
"fstream": {
"version": "1.0.11",
"bundled": true,
"dev": true
},
"fstream-ignore": {
"version": "1.0.5",
"bundled": true,
"requires": {
"fstream": "1.0.11",
"inherits": "2.0.3",
"minimatch": "3.0.4"
}
},
"gauge": {
"version": "2.7.4",
"bundled": true,
@ -3209,10 +3150,6 @@
"bundled": true,
"dev": true
},
"graceful-fs": {
"version": "4.1.11",
"bundled": true
},
"har-schema": {
"version": "1.0.5",
"bundled": true
@ -3227,52 +3164,10 @@
"version": "2.0.1",
"bundled": true
},
"hawk": {
"version": "3.1.3",
"bundled": true,
"requires": {
"boom": "2.10.1",
"cryptiles": "2.0.5",
"hoek": "2.16.3",
"sntp": "1.0.9"
}
},
"hoek": {
"version": "2.16.3",
"bundled": true
},
"http-signature": {
"version": "1.1.1",
"bundled": true,
"requires": {
"assert-plus": "0.2.0",
"jsprim": "1.4.0",
"sshpk": "1.13.0"
}
},
"inflight": {
"version": "1.0.6",
"bundled": true,
"requires": {
"once": "1.4.0",
"wrappy": "1.0.2"
}
},
"inherits": {
"version": "2.0.3",
"bundled": true
},
"ini": {
"version": "1.3.4",
"bundled": true
},
"is-fullwidth-code-point": {
"version": "1.0.0",
"bundled": true,
"requires": {
"number-is-nan": "1.0.1"
}
},
"is-typedarray": {
"version": "1.0.0",
"bundled": true
@ -3285,17 +3180,6 @@
"version": "0.1.2",
"bundled": true
},
"jodid25519": {
"version": "1.0.2",
"bundled": true,
"requires": {
"jsbn": "0.1.1"
}
},
"jsbn": {
"version": "0.1.1",
"bundled": true
},
"json-schema": {
"version": "0.2.3",
"bundled": true
@ -3315,20 +3199,6 @@
"version": "0.0.0",
"bundled": true
},
"jsprim": {
"version": "1.4.0",
"bundled": true,
"dev": true,
"optional": true,
"dependencies": {
"assert-plus": {
"version": "1.0.0",
"bundled": true,
"dev": true,
"optional": true
}
}
},
"mime-db": {
"version": "1.27.0",
"bundled": true,
@ -3339,34 +3209,12 @@
"bundled": true,
"dev": true
},
"minimatch": {
"version": "3.0.4",
"bundled": true,
"dev": true
},
"minimist": {
"version": "0.0.8",
"bundled": true
},
"mkdirp": {
"version": "0.5.1",
"bundled": true,
"requires": {
"minimist": "0.0.8"
}
},
"ms": {
"version": "2.0.0",
"bundled": true,
"dev": true,
"optional": true
},
"node-pre-gyp": {
"version": "0.6.36",
"bundled": true,
"dev": true,
"optional": true
},
"nopt": {
"version": "4.0.1",
"bundled": true,
@ -3379,10 +3227,6 @@
"dev": true,
"optional": true
},
"number-is-nan": {
"version": "1.0.1",
"bundled": true
},
"oauth-sign": {
"version": "0.8.2",
"bundled": true
@ -3391,13 +3235,6 @@
"version": "4.1.1",
"bundled": true
},
"once": {
"version": "1.4.0",
"bundled": true,
"requires": {
"wrappy": "1.0.2"
}
},
"os-homedir": {
"version": "1.0.2",
"bundled": true
@ -3426,10 +3263,6 @@
"version": "1.0.7",
"bundled": true
},
"punycode": {
"version": "1.4.1",
"bundled": true
},
"qs": {
"version": "6.4.0",
"bundled": true,
@ -3461,11 +3294,6 @@
"dev": true,
"optional": true
},
"rimraf": {
"version": "2.6.1",
"bundled": true,
"dev": true
},
"safe-buffer": {
"version": "5.0.1",
"bundled": true
@ -3482,88 +3310,31 @@
"version": "3.0.2",
"bundled": true
},
"sntp": {
"version": "1.0.9",
"bundled": true,
"requires": {
"hoek": "2.16.3"
}
},
"sshpk": {
"version": "1.13.0",
"bundled": true,
"dev": true,
"optional": true,
"dependencies": {
"assert-plus": {
"version": "1.0.0",
"bundled": true,
"dev": true,
"optional": true
}
}
},
"string_decoder": {
"version": "1.0.1",
"bundled": true,
"dev": true
},
"string-width": {
"version": "1.0.2",
"bundled": true,
"requires": {
"code-point-at": "1.1.0",
"is-fullwidth-code-point": "1.0.0",
"strip-ansi": "3.0.1"
}
},
"stringstream": {
"version": "0.0.5",
"bundled": true
},
"strip-ansi": {
"version": "3.0.1",
"bundled": true,
"requires": {
"ansi-regex": "2.1.1"
}
},
"strip-json-comments": {
"version": "2.0.1",
"bundled": true
},
"tar": {
"version": "2.2.1",
"bundled": true,
"requires": {
"block-stream": "0.0.9",
"fstream": "1.0.11",
"inherits": "2.0.3"
}
},
"tar-pack": {
"version": "3.4.0",
"bundled": true,
"dev": true,
"optional": true
},
"tough-cookie": {
"version": "2.3.2",
"bundled": true,
"requires": {
"punycode": "1.4.1"
}
},
"tunnel-agent": {
"version": "0.6.0",
"bundled": true,
"dev": true,
"optional": true
},
"tweetnacl": {
"version": "0.14.5",
"bundled": true
},
"uid-number": {
"version": "0.0.6",
"bundled": true
@ -3576,25 +3347,38 @@
"version": "3.0.1",
"bundled": true
},
"verror": {
"version": "1.3.6",
"bundled": true,
"requires": {
"extsprintf": "1.0.2"
}
},
"wide-align": {
"version": "1.1.2",
"bundled": true,
"dev": true,
"optional": true
},
"wrappy": {
"version": "1.0.2",
"bundled": true
}
}
},
"fstream": {
"version": "1.0.11",
"resolved": "https://registry.npmjs.org/fstream/-/fstream-1.0.11.tgz",
"integrity": "sha1-XB+x8RdHcRTwYyoOtLcbPLD9MXE=",
"dev": true,
"requires": {
"graceful-fs": "4.1.11",
"inherits": "2.0.3",
"mkdirp": "0.5.1",
"rimraf": "2.6.2"
}
},
"fstream-ignore": {
"version": "1.0.5",
"resolved": "https://registry.npmjs.org/fstream-ignore/-/fstream-ignore-1.0.5.tgz",
"integrity": "sha1-nDHa40dnAY/h0kmyTa2mfQktoQU=",
"dev": true,
"optional": true,
"requires": {
"fstream": "1.0.11",
"inherits": "2.0.3",
"minimatch": "3.0.4"
}
},
"ftp": {
"version": "0.3.10",
"resolved": "https://registry.npmjs.org/ftp/-/ftp-0.3.10.tgz",
@ -4569,8 +4353,7 @@
"jsbn": {
"version": "0.1.1",
"resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz",
"integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=",
"optional": true
"integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM="
},
"jschardet": {
"version": "1.5.1",
@ -5162,11 +4945,51 @@
"superagent-proxy": "1.0.2"
}
},
"node-pre-gyp": {
"version": "0.6.39",
"resolved": "https://registry.npmjs.org/node-pre-gyp/-/node-pre-gyp-0.6.39.tgz",
"integrity": "sha512-OsJV74qxnvz/AMGgcfZoDaeDXKD3oY3QVIbBmwszTFkRisTSXbMQyn4UWzUMOtA5SVhrBZOTp0wcoSBgfMfMmQ==",
"dev": true,
"optional": true,
"requires": {
"detect-libc": "1.0.3",
"hawk": "3.1.3",
"mkdirp": "0.5.1",
"nopt": "4.0.1",
"npmlog": "4.1.2",
"rc": "1.2.1",
"request": "2.81.0",
"rimraf": "2.6.2",
"semver": "5.4.1",
"tar": "2.2.1",
"tar-pack": "3.4.1"
},
"dependencies": {
"semver": {
"version": "5.4.1",
"resolved": "https://registry.npmjs.org/semver/-/semver-5.4.1.tgz",
"integrity": "sha512-WfG/X9+oATh81XtllIo/I8gOiY9EXRdv1cQdyykeXK17YcUW3EXUAi2To4pcH6nZtJPr7ZOpM5OMyWJZm+8Rsg==",
"dev": true,
"optional": true
}
}
},
"noop-logger": {
"version": "0.1.1",
"resolved": "https://registry.npmjs.org/noop-logger/-/noop-logger-0.1.1.tgz",
"integrity": "sha1-lKKxYzxPExdVMAfYlm/Q6EG2pMI="
},
"nopt": {
"version": "4.0.1",
"resolved": "https://registry.npmjs.org/nopt/-/nopt-4.0.1.tgz",
"integrity": "sha1-0NRoWv1UFRk8jHUFYC0NF81kR00=",
"dev": true,
"optional": true,
"requires": {
"abbrev": "1.1.1",
"osenv": "0.1.4"
}
},
"normalize-package-data": {
"version": "2.4.0",
"resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.4.0.tgz",
@ -5326,6 +5149,17 @@
"resolved": "https://registry.npmjs.org/os-tmpdir/-/os-tmpdir-1.0.2.tgz",
"integrity": "sha1-u+Z0BseaqFxc/sdm/lc0VV36EnQ="
},
"osenv": {
"version": "0.1.4",
"resolved": "https://registry.npmjs.org/osenv/-/osenv-0.1.4.tgz",
"integrity": "sha1-Qv5tWVPfBsgGS+bxdsPQWqqjRkQ=",
"dev": true,
"optional": true,
"requires": {
"os-homedir": "1.0.2",
"os-tmpdir": "1.0.2"
}
},
"p-cancelable": {
"version": "0.3.0",
"resolved": "https://registry.npmjs.org/p-cancelable/-/p-cancelable-0.3.0.tgz",
@ -6317,6 +6151,15 @@
"signal-exit": "3.0.2"
}
},
"rimraf": {
"version": "2.6.2",
"resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.6.2.tgz",
"integrity": "sha512-lreewLK/BlghmxtfH36YYVg1i8IAce4TI7oao75I1g245+6BctqTVQiBP3YUJ9C6DQOXJmkYR9X9fCLtCOJc5w==",
"dev": true,
"requires": {
"glob": "7.1.2"
}
},
"ripemd160": {
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/ripemd160/-/ripemd160-2.0.1.tgz",
@ -6906,14 +6749,6 @@
"resolved": "https://registry.npmjs.org/statuses/-/statuses-1.3.1.tgz",
"integrity": "sha1-+vUbnrdKrvOzrPStX2Gr8ky3uT4="
},
"string_decoder": {
"version": "1.0.3",
"resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.0.3.tgz",
"integrity": "sha512-4AH6Z5fzNNBcH+6XDMfA/BTt87skxqJlO0lAh3Dker5zThcAxG6mKz+iGu308UKoPPQ8Dcqx/4JhujzltRa+hQ==",
"requires": {
"safe-buffer": "5.1.1"
}
},
"string-width": {
"version": "1.0.2",
"resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.2.tgz",
@ -6924,6 +6759,14 @@
"strip-ansi": "3.0.1"
}
},
"string_decoder": {
"version": "1.0.3",
"resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.0.3.tgz",
"integrity": "sha512-4AH6Z5fzNNBcH+6XDMfA/BTt87skxqJlO0lAh3Dker5zThcAxG6mKz+iGu308UKoPPQ8Dcqx/4JhujzltRa+hQ==",
"requires": {
"safe-buffer": "5.1.1"
}
},
"stringstream": {
"version": "0.0.5",
"resolved": "https://registry.npmjs.org/stringstream/-/stringstream-0.0.5.tgz",
@ -7010,6 +6853,17 @@
"integrity": "sha1-lag9smGG1q9+ehjb2XYKL4bQj0A=",
"dev": true
},
"tar": {
"version": "2.2.1",
"resolved": "https://registry.npmjs.org/tar/-/tar-2.2.1.tgz",
"integrity": "sha1-jk0qJWwOIYXGsYrWlK7JaLg8sdE=",
"dev": true,
"requires": {
"block-stream": "0.0.9",
"fstream": "1.0.11",
"inherits": "2.0.3"
}
},
"tar-fs": {
"version": "1.15.3",
"resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-1.15.3.tgz",
@ -7021,6 +6875,23 @@
"tar-stream": "1.5.4"
}
},
"tar-pack": {
"version": "3.4.1",
"resolved": "https://registry.npmjs.org/tar-pack/-/tar-pack-3.4.1.tgz",
"integrity": "sha512-PPRybI9+jM5tjtCbN2cxmmRU7YmqT3Zv/UDy48tAh2XRkLa9bAORtSWLkVc13+GJF+cdTh1yEnHEk3cpTaL5Kg==",
"dev": true,
"optional": true,
"requires": {
"debug": "2.6.8",
"fstream": "1.0.11",
"fstream-ignore": "1.0.5",
"once": "1.4.0",
"readable-stream": "2.3.3",
"rimraf": "2.6.2",
"tar": "2.2.1",
"uid-number": "0.0.6"
}
},
"tar-stream": {
"version": "1.5.4",
"resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-1.5.4.tgz",
@ -7245,6 +7116,13 @@
"inherits": "2.0.3"
}
},
"uid-number": {
"version": "0.0.6",
"resolved": "https://registry.npmjs.org/uid-number/-/uid-number-0.0.6.tgz",
"integrity": "sha1-DqEOgDXo61uOREnwbaHHMGY7qoE=",
"dev": true,
"optional": true
},
"uid2": {
"version": "0.0.3",
"resolved": "https://registry.npmjs.org/uid2/-/uid2-0.0.3.tgz",

54
tools/create-lamassu-ca.sh Normal file
View file

@ -0,0 +1,54 @@
#!/usr/bin/env bash
# This is for setting up cryptographic certificates for a development environment
set -e
LOG_FILE=/tmp/cert-gen.log
CERT_DIR=$PWD/certs
KEY_DIR=$PWD/certs
mkdir -p $CERT_DIR
echo "Generating Lamassu SSL certificates..."
CA_KEY_PATH=$KEY_DIR/Lamassu_CA.key
CA_PATH=$CERT_DIR/Lamassu_CA.pem
SERVER_KEY_PATH=$KEY_DIR/Lamassu.key
SERVER_CERT_PATH=$CERT_DIR/Lamassu.pem
openssl genrsa \
-out $CA_KEY_PATH \
4096 >> $LOG_FILE 2>&1
openssl req \
-x509 \
-sha256 \
-new \
-nodes \
-key $CA_KEY_PATH \
-days 3560 \
-out $CA_PATH \
-subj "/C=IS/ST=/L=Reykjavik/O=Lamassu CA/CN=lamassu.is" \
>> $LOG_FILE 2>&1
openssl genrsa \
-out $SERVER_KEY_PATH \
4096 >> $LOG_FILE 2>&1
openssl req -new \
-key $SERVER_KEY_PATH \
-out /tmp/Lamassu.csr.pem \
-subj "/C=IS/ST=/L=Reykjavik/O=Lamassu support client/CN=support@lamassu.is" \
-sha256 \
>> $LOG_FILE 2>&1
openssl x509 \
-req -in /tmp/Lamassu.csr.pem \
-CA $CA_PATH \
-CAkey $CA_KEY_PATH \
-CAcreateserial \
-out $SERVER_CERT_PATH \
-days 3650 >> $LOG_FILE 2>&1
rm /tmp/Lamassu.csr.pem
echo "Done."