Added data and new functions for ssl creation and other things.

2020-05-29 00:02:23 -04:00 · 2020-05-29 00:02:23 -04:00 · 6e2865982d
commit 6e2865982d
parent 23f2dd4aa2
3 changed files with 80 additions and 12 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,4 @@
 errors
 .eslintrc.json
 gitlab_read.pat
+ssl.*
--- a/broker.sh
+++ b/broker.sh
@ -409,6 +409,48 @@ setup_local () {
 	setup_env $*
 }

+######################################################################
+# Security
+
+# $1: string to generate key
+# $2: fully-qualified domain name of host
+cert_gen_self_signed () {
+	local pass_str="$1"
+	local fqdn="$2"
+	local dir="ssl.$fqdn"
+	local owd=`pwd`
+	mkdir -p $dir
+	cd $dir
+	if [[ $(basename $(pwd)) == "$dir" ]]; then
+		openssl genrsa -des3 \
+			-passout pass:$pass_str \
+			-out $fqdn.pass.key 2048
+		openssl rsa \
+			-passin pass:$pass_str \
+			-in $fqdn.pass.key \
+			-out $fqdn.key
+		rm $fqdn.pass.key
+		# writing RSA key
+		openssl req -new \
+			-key $fqdn.key \
+			-out $fqdn.csr
+		# ...
+		openssl x509 -req -sha256 -days 365 \
+			-in $fqdn.csr \
+			-signkey $fqdn.key \
+			-out server.crt
+		rm $fqdn.csr
+	else
+		echo "Problem accessing subdir."
+	fi
+	cd $owd
+	return
+}
+
+
+
+
+
 ######################################################################
 # Global constructions.

@ -489,7 +531,6 @@ construct_deal_info () {
 	return 0
 }

-
 clear_host_list () {
 	unset cluster_name cluster_size
 	host_list=()
@ -916,7 +957,7 @@ run_apt () {
 }

 docker_run_from_data () {
-	dealkeypath="$*"
+	local dealkeypath="$*"
 	# env exported here since this is for bootstrapping
 	export_env
 	if construct_deal_info $dealkeypath; then
@ -1157,6 +1198,7 @@ scp_contents_to_host () {
 		if [[ $TESTING_MODE == "TRUE" ]]; then
 			:
 		else
+			ssh_tty_to_host $host "mkdir -p ${target_dir}"
 			scp -r -o port=${port} $source_dir/* \
 				"${user}@${fqdn}:${target_dir}/"
 		fi
@ -1253,6 +1295,16 @@ execute_on_nodes () {
 	done
 }

+# $1: host deal
+# $2: docker deal
+docker_bash_on_host () {
+	local host=$1; shift
+	local dealkeypath="$*"
+	if construct_deal_info $dealkeypath; then
+		ssh_tty_to_host $host "docker exec -it $deal_name /bin/bash"
+	fi
+}
+
 docker_run_from_data_on_host () {
 	local host=$1
 	shift
--- a/data.json
+++ b/data.json
@ -52,7 +52,7 @@
 		  		["--hostname","gitlab.adamo.network"],
 		  		[
 		  			"-e",
-		  			"GITLAB_OMNIBUS_CONFIG=\"external_url 'http://gitlab.adamo.network:45080'; gitlab_rails['gitlab_shell_ssh_port'] = 45022\""
+		  			"GITLAB_OMNIBUS_CONFIG=\"external_url 'https://gitlab.adamo.network:45443'; gitlab_rails['gitlab_shell_ssh_port'] = 45022\""
 		  		]
 			]
 		},
@ -166,17 +166,32 @@
 		]
 	},
 	"adamonet": {
-		"britannia": {
-			"remote": {
-				"host": "britannia.adamonet",
-				"ports": {
-					"ssh": 22,
-					"znc": 31415
+		"atlas": {
+			"britannia": {
+				"remote": {
+					"host": "britannia.adamonet",
+					"ports": {
+						"ssh": 22,
+						"znc": 31415
+					}
+				},
+				"local": {
+					"host": "localhost",
+					"ipv4": "207.148.15.96"
 				}
 			},
-			"local": {
-				"host": "localhost",
-				"ipv4": "207.148.15.96"
+			"espana": {
+				"remote": {
+					"host": "espana",
+					"ports": {
+						"ssh": 22
+					},
+					"user": "rancher"
+				},
+				"local": {
+					"ipv4": "10.",
+					"host": "localhost"
+				}
 			}
 		},
 		"internum": {