john/soteria
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

more file checks

Browse Source
This commit is contained in:
John Lancaster
2025-12-30 00:25:38 -06:00
parent f9347eb2bc
commit 4fbf229c0d
1 changed files with 15 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
scripts/setup_wizard.sh
View File

@@ -124,9 +124,6 @@ echo "-----------------------------"
# Verify required external binaries # Verify required external binaries
if ! command -v step >/dev/null 2>&1; then if ! command -v step >/dev/null 2>&1; then
echo "" >&2
log_error "Required binary 'step' not found in PATH."
# Prompt the user to install the step CLI # Prompt the user to install the step CLI
get_input "INSTALL_STEP" "The 'step' CLI was not found. Install now? (y/n)" "y" "false" get_input "INSTALL_STEP" "The 'step' CLI was not found. Install now? (y/n)" "y" "false"
@@ -148,24 +145,33 @@ fi
# 1. Collect Inputs # 1. Collect Inputs
# Example: # Example:
get_input "CERT_DIR" "Enter directory for certificates" "/var/lib/tls" "false" get_input "CERT_DIR" "Enter directory for certificates" "/var/lib/tls" "false"
get_input "CERT_LOCATION" "Name for cert file" "cert.pem" "false" get_input "CERT_FILENAME" "Name for cert file" "cert.pem" "false"
get_input "KEY_LOCATION" "Name for private key" "key.pem" "false" get_input "KEY_FILENAME" "Name for private key" "key.pem" "false"
export CERT_LOCATION=$(readlink -f ${CERT_DIR}/$CERT_LOCATION) # These need to get set so that they get filled into the service correctly.
export KEY_LOCATION=$(readlink -f ${CERT_DIR}/$KEY_LOCATION) export CERT_LOCATION=$(readlink -f ${CERT_DIR}/$CERT_FILENAME)
export KEY_LOCATION=$(readlink -f ${CERT_DIR}/$KEY_FILENAME)
# 2. Confirm # 2. Confirm
confirm_inputs "CERT_LOCATION" "KEY_LOCATION" confirm_inputs "CERT_LOCATION" "KEY_LOCATION"
if [ ! -f "$CERT_LOCATION" ] || [ ! -f "$KEY_LOCATION" ]; then if [ ! -e "$CERT_DIR" ]; then
(umask 077; mkdir -p "${CERT_DIR}") (umask 077; mkdir -p "${CERT_DIR}")
log_info "Created ${CERT_DIR}"
fi
if [ ! -e "${CERT_DIR}/root_ca.crt" ]; then
step ca root "${CERT_DIR}/root_ca.crt" step ca root "${CERT_DIR}/root_ca.crt"
fi
if [ ! -f "$CERT_LOCATION" ] || [ ! -f "$KEY_LOCATION" ]; then
hostname=$(hostname -s) hostname=$(hostname -s)
ip_address=$(ip -4 addr show dev eth0 | awk '/inet /{print $2}' | cut -d/ -f1)
step ca certificate "$hostname" \ step ca certificate "$hostname" \
"${CERT_DIR}/cert.pem" "${CERT_DIR}/key.pem" \ "${CERT_DIR}/cert.pem" "${CERT_DIR}/key.pem" \
--san "$hostname" \ --san "$hostname" \
--san "$hostname.john-stream.com" \ --san "$hostname.john-stream.com" \
--san "$IP_ADDRESS" \ --san "$ip_address" \
--provisioner admin --provisioner admin
fi fi