diff options
author | Ramón M. Gómez <ramongomez@us.es> | 2019-06-13 11:05:35 +0200 |
---|---|---|
committer | Ramón M. Gómez <ramongomez@us.es> | 2019-06-13 11:05:35 +0200 |
commit | 505085017506c883ba0d38feaeca66ef7a327a63 (patch) | |
tree | 4c8deea8aebd548104ff4aa34b7202dceb7d951f /installer | |
parent | 676dd3cbc175b4840b66315269458c9f12f9ea51 (diff) |
#802: Creating certificate to sign boot loaders.
Diffstat (limited to 'installer')
-rwxr-xr-x | installer/opengnsys_installer.sh | 16 | ||||
-rwxr-xr-x | installer/opengnsys_update.sh | 20 |
2 files changed, 33 insertions, 3 deletions
diff --git a/installer/opengnsys_installer.sh b/installer/opengnsys_installer.sh index 66cf0ad8..b62b0f50 100755 --- a/installer/opengnsys_installer.sh +++ b/installer/opengnsys_installer.sh @@ -1376,6 +1376,7 @@ function copyInterfaceAdm () return $hayErrores } + #################################################################### ### Funciones instalacion cliente opengnsys #################################################################### @@ -1409,6 +1410,18 @@ function copyClientFiles() } +# Crear certificados para la firma de cargadores de arranque. +function createCerts () +{ + local SSLCFGDIR=$INSTALL_TARGET/client/etc/ssl + echoAndLog "${FUNCNAME}(): creating certificate files" + mkdir -p $SSLCFGDIR/{certs,private} + openssl req -new -x509 -newkey rsa:2048 -keyout $SSLCFGDIR/private/opengnsys.key -out $SSLCFGDIR/certs/opengnsys.crt -nodes -days 3650 -subj "/CN=OpenGnsys/" + openssl x509 -in $SSLCFGDIR/certs/opengnsys.crt -out $SSLCFGDIR/certs/opengnsys.cer -outform DER + echoAndLog "${FUNCNAME}(): certificate successfully created" +} + + # Crear cliente OpenGnsys. function clientCreate() { @@ -1803,6 +1816,9 @@ if [ $? -ne 0 ]; then errorAndLog "Error creating client structure" fi +# Crear certificado para firmar cargadores +createCerts + # Crear la estructura del cliente de OpenGnsys. for i in $OGLIVE; do if ! clientCreate "$i"; then diff --git a/installer/opengnsys_update.sh b/installer/opengnsys_update.sh index 1e58bfe6..f8cee6eb 100755 --- a/installer/opengnsys_update.sh +++ b/installer/opengnsys_update.sh @@ -169,7 +169,7 @@ function autoConfigure() : fi for service in apache2 httpd; do - [ -d /etc/$service ] && APACHECFGDIR="/etc/$service" + [ -d "/etc/$service" ] && APACHECFGDIR="/etc/$service" if $SERVICESTATUS &>/dev/null; then APACHESERV="$service"; fi done for service in dhcpd dhcpd3-server isc-dhcp-server; do @@ -546,6 +546,19 @@ EOT echoAndLog "${FUNCNAME}(): client files successfully updated" } +# Crear certificado para la firma de cargadores de arranque, si es necesario. +function createCerts () +{ + local SSLCFGDIR=$INSTALL_TARGET/client/etc/ssl + mkdir -p $SSLCFGDIR/{certs,private} + if [ ! -f $SSLCFGDIR/private/opengnsys.key ]; then + echoAndLog "${FUNCNAME}(): creating certificate files" + openssl req -new -x509 -newkey rsa:2048 -keyout $SSLCFGDIR/private/opengnsys.key -out $SSLCFGDIR/certs/opengnsys.crt -nodes -days 3650 -subj "/CN=OpenGnsys/" + openssl x509 -in $SSLCFGDIR/certs/opengnsys.crt -out $SSLCFGDIR/certs/opengnsys.cer -outform DER + echoAndLog "${FUNCNAME}(): certificate successfully created" + fi +} + # Configurar HTTPS y exportar usuario y grupo del servicio Apache. function apacheConfiguration () { @@ -1215,11 +1228,12 @@ fi # Configurar Rsync. rsyncConfigure -# Actualizar ficheros del cliente +# Actualizar ficheros del cliente. updateClientFiles +createCerts updateInterfaceAdm -# Actualizar páqinas web +# Actualizar páqinas web. apacheConfiguration updateWebFiles if [ $? -ne 0 ]; then |