From 617e95ee166c612f55baa7cc9875d831f52ece79 Mon Sep 17 00:00:00 2001
From: Sebastian Hugentobler <sebastian@vanwa.ch>
Date: Tue, 28 Sep 2021 17:10:49 +0200
Subject: [PATCH] prepare for k3s

---
 README.md                     | 10 ++++++++++
 rootfs/etc/cont-init.d/02-tls | 21 ---------------------
 2 files changed, 10 insertions(+), 21 deletions(-)
 delete mode 100644 rootfs/etc/cont-init.d/02-tls

diff --git a/README.md b/README.md
index 94c852e..b02aaf0 100644
--- a/README.md
+++ b/README.md
@@ -7,6 +7,16 @@ Needs to run with a tty.
 - `/var/gemini/`: root directory for files
 - `/etc/molly-brown/keys`: key files
 
+# Files
+## /etc/molly-brown/keys/key.pem, /etc/molly-brown/keys/cert.pem
+```
+openssl req -x509 -newkey rsa:4096 -keyout "./key.pem" -out "./cert.pem" -days 3650 -nodes -subj "/CN=$HOST_NAME"
+cat ./key.pem
+cat ./cert.pem
+```
+
+Do not forget to set a timer for when it expires.
+
 # Environment Variables
 ## HOST_NAME
 The hostname to respond to requests for.
diff --git a/rootfs/etc/cont-init.d/02-tls b/rootfs/etc/cont-init.d/02-tls
deleted file mode 100644
index a9fb050..0000000
--- a/rootfs/etc/cont-init.d/02-tls
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/usr/bin/with-contenv sh
-
-KEY="/etc/molly-brown/keys/$HOST_NAME-key.pem"
-CERT="/etc/molly-brown/keys/$HOST_NAME-cert.pem"
-
-if [ ! -f "$KEY" ] || [ ! -f "$CERT" ]; then
-    openssl req -x509 -newkey rsa:4096 -keyout "$KEY" -out "$CERT" -days 3650 -nodes -subj "/CN=$HOST_NAME"
-fi
-
-chown molly-brown:molly-brown "$KEY"
-chown molly-brown:molly-brown "$CERT"
-
-date_valid="$(openssl x509 -in "$CERT" -enddate -noout | sed "s/.*=\(.*\)/\1/")"
-seconds_valid="$(date --date "$date_valid" +"%s")"
-now="$(date "+%s")"
-days="$(echo "($seconds_valid - $now)/(60 * 60 * 24)" | bc)"
-
-if [ "$days" -lt 7 ]; then
-    echo "only $days to go, generating new certificate..."
-    openssl req -x509 -key "$KEY" -out "$CERT" -days 3650 -nodes -subj "/CN=$HOST_NAME"
-fi