-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: create ssh key for automation tasks
includes refactoring for build process
- Loading branch information
Showing
5 changed files
with
50 additions
and
17 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,10 +1,13 @@ | ||
| # Source Image | ||
| FROM docker.io/library/golang:1.20 | ||
|
|
||
| # Copy script | ||
| WORKDIR /certs | ||
| COPY certificates.sh . | ||
| RUN chmod +x ./certificates.sh | ||
|
|
||
| # Install minica | ||
| RUN go install github.com/jsha/minica@latest | ||
|
|
||
| # Generate wildcard certificate | ||
| WORKDIR /certs | ||
| RUN minica --domains "*.ublue.local,ublue.local,localhost" \ | ||
| --ip-addresses 127.0.0.1 | ||
| # Container start command | ||
| CMD ["/certs/certificates.sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| #!/bin/sh | ||
| ## Create SSH keys and certificates for uBlue-OS Forge | ||
|
|
||
| CERTIFICATE_DIRECTORY="/certs" | ||
| SSH_KEY_NAME="ublue-os_forge-id_ed25519" | ||
| TLS_ROOT_CERTIFICATE_NAME="ublue-os_forge-root" | ||
|
|
||
| if [ ! -f ${CERTIFICATE_DIRECTORY}/ssh/${SSH_KEY_NAME} ]; | ||
| then | ||
| echo "uBlue Forge SSH key not present. Creating new key..." | ||
| mkdir ${CERTIFICATE_DIRECTORY}/ssh -p | ||
| mkdir ${CERTIFICATE_DIRECTORY}/tls -p | ||
| # Generate SSH key | ||
| ssh-keygen -o -a 100 -t ed25519 -f ${CERTIFICATE_DIRECTORY}/ssh/${SSH_KEY_NAME} -C "[email protected]" | ||
| else | ||
| echo "Existing uBlue Forge SSH key found. Nothing to do..." | ||
| fi | ||
|
|
||
| # Creating TLS certificates | ||
| echo "Creating / Updating TLS certificate..." | ||
| minica --domains "*.ublue.local,ublue.local,localhost" --ip-addresses 127.0.0.1 -ca-cert "${CERTIFICATE_DIRECTORY}/tls/${TLS_ROOT_CERTIFICATE_NAME}.pem" -ca-key "${CERTIFICATE_DIRECTORY}/tls/${TLS_ROOT_CERTIFICATE_NAME}-key.pem" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,11 +1,11 @@ | ||
| # Source Image | ||
| FROM docker.io/library/python:alpine3.17 | ||
|
|
||
| # Install forge setup project | ||
| COPY ./ansible /ansible | ||
| RUN pip3 install -r /ansible/requirements.txt | ||
| RUN chmod +x /ansible/startup.sh | ||
|
|
||
| # Run starup script | ||
| # Install ansible setup project | ||
| WORKDIR /ansible | ||
| CMD ["./startup.sh"] | ||
| COPY ./ansible . | ||
| RUN pip3 install -r ./requirements.txt | ||
| RUN chmod +x ./startup.sh | ||
|
|
||
| # Container start command | ||
| CMD ["/ansible/startup.sh"] |