john/soteria
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

tweaked output

Browse Source
This commit is contained in:
John Lancaster
2025-12-30 00:34:27 -06:00
parent 4fbf229c0d
commit 39650c2122
1 changed files with 14 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
scripts/setup_wizard.sh
View File

@@ -141,25 +141,21 @@ else
log_success "Step CA installed\n" log_success "Step CA installed\n"
fi fi
# 1. Collect Inputs
# Example:
get_input "CERT_DIR" "Enter directory for certificates" "/var/lib/tls" "false" get_input "CERT_DIR" "Enter directory for certificates" "/var/lib/tls" "false"
get_input "CERT_FILENAME" "Name for cert file" "cert.pem" "false" get_input "CERT_FILENAME" "Name for cert file" "cert.pem" "false"
get_input "KEY_FILENAME" "Name for private key" "key.pem" "false" get_input "KEY_FILENAME" "Name for private key" "key.pem" "false"
# These need to get set so that they get filled into the service correctly.
export CERT_LOCATION=$(readlink -f ${CERT_DIR}/$CERT_FILENAME)
export KEY_LOCATION=$(readlink -f ${CERT_DIR}/$KEY_FILENAME)
# 2. Confirm
confirm_inputs "CERT_LOCATION" "KEY_LOCATION"
if [ ! -e "$CERT_DIR" ]; then if [ ! -e "$CERT_DIR" ]; then
(umask 077; mkdir -p "${CERT_DIR}") (umask 077; mkdir -p "${CERT_DIR}")
log_info "Created ${CERT_DIR}" log_info "Created ${CERT_DIR}"
fi fi
# These need to get set so that they get filled into the service correctly.
export CERT_LOCATION=$(readlink -f ${CERT_DIR}/$CERT_FILENAME)
export KEY_LOCATION=$(readlink -f ${CERT_DIR}/$KEY_FILENAME)
confirm_inputs "CERT_LOCATION" "KEY_LOCATION"
if [ ! -e "${CERT_DIR}/root_ca.crt" ]; then if [ ! -e "${CERT_DIR}/root_ca.crt" ]; then
step ca root "${CERT_DIR}/root_ca.crt" step ca root "${CERT_DIR}/root_ca.crt"
fi fi
@@ -175,18 +171,23 @@ if [ ! -f "$CERT_LOCATION" ] || [ ! -f "$KEY_LOCATION" ]; then
--provisioner admin --provisioner admin
fi fi
# 3. Configure echo "Cert information:"
echo "-----------------------------"
openssl x509 -noout -subject -issuer -ext extendedKeyUsage -ext subjectAltName -enddate -in "$CERT_LOCATION"
SERVICE_FILE="cert-renewer.service" SERVICE_FILE="cert-renewer.service"
TIMER_FILE="cert-renewer.timer" TIMER_FILE="cert-renewer.timer"
REPO_URL_BASE=https://gitea.john-stream.com/john/soteria/raw/branch/main/ REPO_URL_BASE=https://gitea.john-stream.com/john/soteria/raw/branch/main/
SERVICE_TEMPLATE_URL="${REPO_URL_BASE}systemd/${SERVICE_FILE}" SERVICE_TEMPLATE_URL="${REPO_URL_BASE}systemd/${SERVICE_FILE}"
TIMER_TEMPLATE_URL="${REPO_URL_BASE}systemd/${TIMER_FILE}" TIMER_TEMPLATE_URL="${REPO_URL_BASE}systemd/${TIMER_FILE}"
# 3. Execute echo "Installing rotation services"
# echo "Configuring $HOST_NAME..." echo "-----------------------------"
install_unit ${SERVICE_TEMPLATE_URL} install_unit ${SERVICE_TEMPLATE_URL}
install_unit ${TIMER_TEMPLATE_URL} install_unit ${TIMER_TEMPLATE_URL}
echo "Reloading services"
echo "-----------------------------"
systemctl daemon-reload systemctl daemon-reload
systemctl enable --now "${TIMER_FILE}" "${SERVICE_FILE}" systemctl enable --now "${TIMER_FILE}" "${SERVICE_FILE}"
systemctl list-unit-files $SERVICE_FILE $TIMER_FILE systemctl list-unit-files $SERVICE_FILE $TIMER_FILE