diff options
author | Michal Ptacek <m.ptacek@partner.samsung.com> | 2018-10-15 15:27:29 +0200 |
---|---|---|
committer | Michal Ptacek <m.ptacek@partner.samsung.com> | 2018-10-15 15:34:24 +0200 |
commit | 39d73bc539d9f3e72e167a51a6fecf58e04265ac (patch) | |
tree | 0fa9b9b499fb960524c9dee46174b73925a3c082 /onap-offline/bash/tools/certificates | |
parent | 0d41bc49d18ebf126faa9a709dbe59b2bccc8ee1 (diff) |
Core of ONAP offline installer
Seed code for ONAP offline installer. This includes core
of the installer without downloading parts. Those will
come in subsequent commits.
Change-Id: I0d5c8c3c8c911ae11a0e558d5df94b6889af4435
Signed-off-by: Michal Ptacek <m.ptacek@partner.samsung.com>
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
Issue-ID: INT-691
Diffstat (limited to 'onap-offline/bash/tools/certificates')
-rwxr-xr-x | onap-offline/bash/tools/certificates/2create_cert_for_nginx.sh | 47 | ||||
-rwxr-xr-x | onap-offline/bash/tools/certificates/self_extract_cacert.sh | 55 |
2 files changed, 102 insertions, 0 deletions
diff --git a/onap-offline/bash/tools/certificates/2create_cert_for_nginx.sh b/onap-offline/bash/tools/certificates/2create_cert_for_nginx.sh new file mode 100755 index 0000000..a9adb52 --- /dev/null +++ b/onap-offline/bash/tools/certificates/2create_cert_for_nginx.sh @@ -0,0 +1,47 @@ +#! /usr/bin/env bash + +# COPYRIGHT NOTICE STARTS HERE +# +# Copyright 2018 © Samsung Electronics Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# COPYRIGHT NOTICE ENDS HERE + + +# fail fast +set -e + +# boilerplate +RELATIVE_PATH=../ # relative path from this script to 'common-functions.sh' +if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then + SCRIPT_DIR=$(dirname "${0}") + LOCAL_PATH=$(readlink -f "$SCRIPT_DIR") + . "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh +fi + +message info "Reading configuration" +get_configuration + +update_hosts + +message info "Restarting dnsmasq" +systemctl enable dnsmasq +systemctl restart dnsmasq + +message info "Configure ssl certificates" +create_cert "nexus" + +message info "** Certificates finished **" + +docker restart nginx diff --git a/onap-offline/bash/tools/certificates/self_extract_cacert.sh b/onap-offline/bash/tools/certificates/self_extract_cacert.sh new file mode 100755 index 0000000..1e7a5ab --- /dev/null +++ b/onap-offline/bash/tools/certificates/self_extract_cacert.sh @@ -0,0 +1,55 @@ +#! /bin/sh + +# COPYRIGHT NOTICE STARTS HERE +# +# Copyright 2018 © Samsung Electronics Co., Ltd. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# COPYRIGHT NOTICE ENDS HERE + + + +extract_ca() { + cpath=$1 + sed '0,/^#EOF#$/d' $0 > $cpath; + echo "Certificate installed into: $cpath" +} + +OS_ID=$(awk -F= '/^ID=/{print $2}' /etc/os-release) +OS_ID="${OS_ID%\"}" +OS_ID="${OS_ID#\"}" + +if [ "$OS_ID" = "rhel" -o "$OS_ID" = "centos" ]; then + # for centos/ rhel + echo "Detected rhel like distribution" + + update-ca-trust force-enable + extract_ca /etc/pki/ca-trust/source/anchors/rootCAcert.crt + update-ca-trust extract + +elif [ "$OS_ID" = "ubuntu" ]; then + echo "Detected ubuntu distribution" + + mkdir -p /usr/local/share/ca-certificates/extra + extract_ca /usr/local/share/ca-certificates/extra/rootCAcert.crt + update-ca-certificates +else + echo "OS $OS_ID is not supported" + exit -2 +fi + +echo "** Please restart docker (because of reload new CA) **" + +exit 0 +#EOF# |