john/soteria
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added spiffe identity

Browse Source
This commit is contained in:
John Lancaster
2026-01-01 15:29:14 -06:00
parent eb37a1992a
commit 3d377634aa
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
scripts/setup_wizard.sh
View File

@@ -144,6 +144,8 @@ fi
get_input "CERT_DIR" "Enter directory for certificates" "/var/lib/tls" "false" get_input "CERT_DIR" "Enter directory for certificates" "/var/lib/tls" "false"
get_input "CERT_FILENAME" "Name for cert file" "cert.pem" "false" get_input "CERT_FILENAME" "Name for cert file" "cert.pem" "false"
get_input "KEY_FILENAME" "Name for private key" "key.pem" "false" get_input "KEY_FILENAME" "Name for private key" "key.pem" "false"
get_input "SPIFFE" "SPIFFE identity" "node" "false"
if [ ! -e "$CERT_DIR" ]; then if [ ! -e "$CERT_DIR" ]; then
(umask 077; mkdir -p "${CERT_DIR}") (umask 077; mkdir -p "${CERT_DIR}")
@@ -168,6 +170,7 @@ if [ ! -f "$CERT_LOCATION" ] || [ ! -f "$KEY_LOCATION" ]; then
--san "$hostname" \ --san "$hostname" \
--san "$hostname.john-stream.com" \ --san "$hostname.john-stream.com" \
--san "$ip_address" \ --san "$ip_address" \
--san "spiffe://john-stream.com/$SPIFFE" \
--provisioner admin --provisioner admin
fi fi