linux-deployment-scripts/configs/scripts/ca.sh

#!/bin/bash

# This file is part of VM-Experiments.
# Licensed under the GPL-3.0-or-later. See LICENSE for details.

trap '' SIGINT SIGTERM
rm /etc/nginx/sites-enabled/default
tar -xzf /root/deployment.tar.gz -C /root
openssl genrsa -out /root/ca.key 4096
chmod 400 /root/ca.key
mkdir -p /etc/ssl/certs/
mkdir -p /etc/ssl/private/
openssl req -x509 -new -nodes -key /root/ca.key -sha256 -days 1024 -out /etc/ssl/certs/ca.crt -config /root/ca.cnf
cp /etc/ssl/certs/ca.crt /root
cp /etc/ssl/certs/ca.crt /usr/local/share/ca-certificates/
chown -R www-data:www-data /etc/ssl/private/
chown -R www-data:www-data /etc/ssl/certs/
chmod 600 -R /etc/ssl/private/
chmod 644 -R /etc/ssl/certs/ca.crt
update-ca-certificates
additions for ca deployment 2024-11-14 15:22:39 +01:00			`#!/bin/bash`

			`# This file is part of VM-Experiments.`
			`# Licensed under the GPL-3.0-or-later. See LICENSE for details.`

			`trap '' SIGINT SIGTERM`
			`rm /etc/nginx/sites-enabled/default`
			`tar -xzf /root/deployment.tar.gz -C /root`
ca fix 2024-11-15 21:19:24 +01:00			`openssl genrsa -out /root/ca.key 4096`
additions for ca deployment 2024-11-14 15:22:39 +01:00			`chmod 400 /root/ca.key`
			`mkdir -p /etc/ssl/certs/`
			`mkdir -p /etc/ssl/private/`
ca fix 2024-11-15 21:19:24 +01:00			`openssl req -x509 -new -nodes -key /root/ca.key -sha256 -days 1024 -out /etc/ssl/certs/ca.crt -config /root/ca.cnf`
additions for ca deployment 2024-11-14 15:22:39 +01:00			`cp /etc/ssl/certs/ca.crt /root`
			`cp /etc/ssl/certs/ca.crt /usr/local/share/ca-certificates/`
			`chown -R www-data:www-data /etc/ssl/private/`
			`chown -R www-data:www-data /etc/ssl/certs/`
			`chmod 600 -R /etc/ssl/private/`
			`chmod 644 -R /etc/ssl/certs/ca.crt`
			`update-ca-certificates`