container/molly-brown
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

prepare for k3s

Browse Source
This commit is contained in:
Sebastian Hugentobler 2021-09-28 17:10:49 +02:00
parent 41da8e5cec
commit 617e95ee16
Signed by: shu
GPG Key ID: BB32CF3CA052C2F0
2 changed files with 10 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@ -7,6 +7,16 @@ Needs to run with a tty.
- `/var/gemini/`: root directory for files - `/var/gemini/`: root directory for files
- `/etc/molly-brown/keys`: key files - `/etc/molly-brown/keys`: key files
# Files
## /etc/molly-brown/keys/key.pem, /etc/molly-brown/keys/cert.pem
```
openssl req -x509 -newkey rsa:4096 -keyout "./key.pem" -out "./cert.pem" -days 3650 -nodes -subj "/CN=$HOST_NAME"
cat ./key.pem
cat ./cert.pem
```
Do not forget to set a timer for when it expires.
# Environment Variables # Environment Variables
## HOST_NAME ## HOST_NAME
The hostname to respond to requests for. The hostname to respond to requests for.

21
rootfs/etc/cont-init.d/02-tls
View File

@ -1,21 +0,0 @@
#!/usr/bin/with-contenv sh
KEY="/etc/molly-brown/keys/$HOST_NAME-key.pem"
CERT="/etc/molly-brown/keys/$HOST_NAME-cert.pem"
if [ ! -f "$KEY" ] || [ ! -f "$CERT" ]; then
openssl req -x509 -newkey rsa:4096 -keyout "$KEY" -out "$CERT" -days 3650 -nodes -subj "/CN=$HOST_NAME"
fi
chown molly-brown:molly-brown "$KEY"
chown molly-brown:molly-brown "$CERT"
date_valid="$(openssl x509 -in "$CERT" -enddate -noout | sed "s/.*=\(.*\)/\1/")"
seconds_valid="$(date --date "$date_valid" +"%s")"
now="$(date "+%s")"
days="$(echo "($seconds_valid - $now)/(60 * 60 * 24)" | bc)"
if [ "$days" -lt 7 ]; then
echo "only $days to go, generating new certificate..."
openssl req -x509 -key "$KEY" -out "$CERT" -days 3650 -nodes -subj "/CN=$HOST_NAME"
fi