diff --git a/bin/cert-gen.sh b/bin/cert-gen.sh index 030854c3..4daf40c2 100755 --- a/bin/cert-gen.sh +++ b/bin/cert-gen.sh @@ -4,11 +4,13 @@ set -e DOMAIN=localhost +CONFIG_DIR=$HOME/.lamassu LOG_FILE=/tmp/cert-gen.log CERT_DIR=$PWD/certs KEY_DIR=$PWD/certs - -CONFIG_DIR=$HOME/.lamassu +LAMASSU_CA_PATH=$PWD/Lamassu_CA.pem +MIGRATE_STATE_PATH=$CONFIG_DIR/.migrate +POSTGRES_PASS=postgres123 mkdir -p $CERT_DIR mkdir -p $CONFIG_DIR >> $LOG_FILE 2>&1 @@ -49,11 +51,7 @@ openssl genrsa \ openssl req -new \ -key $SERVER_KEY_PATH \ -out /tmp/Lamassu_OP.csr.pem \ - -subj "/C=IS/ST=/L=Reykjavik/O=Lamassu Operator/CN=$IP" \ - -reqexts SAN \ - -sha256 \ - -config <(cat /etc/ssl/openssl.cnf \ - <(printf "[SAN]\nsubjectAltName=IP.1:$IP")) \ + -subj "/C=IS/ST=/L=Reykjavik/O=Lamassu Operator/CN=$DOMAIN" \ >> $LOG_FILE 2>&1 openssl x509 \ @@ -62,22 +60,22 @@ openssl x509 \ -CAkey $CA_KEY_PATH \ -CAcreateserial \ -out $SERVER_CERT_PATH \ - -extfile <(cat /etc/ssl/openssl.cnf \ - <(printf "[SAN]\nsubjectAltName=IP.1:$IP")) \ - -extensions SAN \ -days 3650 >> $LOG_FILE 2>&1 rm /tmp/Lamassu_OP.csr.pem cat < $CONFIG_DIR/lamassu.json { - "postgresql": "psql://lamassu:lamassu@localhost/lamassu", + "postgresql": "psql://postgres:$POSTGRES_PASS@localhost/lamassu", "seedPath": "$SEED_FILE", "caPath": "$CA_PATH", "certPath": "$SERVER_CERT_PATH", "keyPath": "$SERVER_KEY_PATH", "hostname": "$DOMAIN", - "logLevel": "debug" + "logLevel": "debug", + "lamassuCaPath": "$LAMASSU_CA_PATH", + "lamassuServerPath": "$PWD", + "migrateStatePath": "$MIGRATE_STATE_PATH" } EOF