Added data and new functions for ssl creation and other things.
This commit is contained in:
parent
23f2dd4aa2
commit
6e2865982d
1
.gitignore
vendored
1
.gitignore
vendored
@ -1,3 +1,4 @@
|
||||
errors
|
||||
.eslintrc.json
|
||||
gitlab_read.pat
|
||||
ssl.*
|
||||
|
56
broker.sh
56
broker.sh
@ -409,6 +409,48 @@ setup_local () {
|
||||
setup_env $*
|
||||
}
|
||||
|
||||
######################################################################
|
||||
# Security
|
||||
|
||||
# $1: string to generate key
|
||||
# $2: fully-qualified domain name of host
|
||||
cert_gen_self_signed () {
|
||||
local pass_str="$1"
|
||||
local fqdn="$2"
|
||||
local dir="ssl.$fqdn"
|
||||
local owd=`pwd`
|
||||
mkdir -p $dir
|
||||
cd $dir
|
||||
if [[ $(basename $(pwd)) == "$dir" ]]; then
|
||||
openssl genrsa -des3 \
|
||||
-passout pass:$pass_str \
|
||||
-out $fqdn.pass.key 2048
|
||||
openssl rsa \
|
||||
-passin pass:$pass_str \
|
||||
-in $fqdn.pass.key \
|
||||
-out $fqdn.key
|
||||
rm $fqdn.pass.key
|
||||
# writing RSA key
|
||||
openssl req -new \
|
||||
-key $fqdn.key \
|
||||
-out $fqdn.csr
|
||||
# ...
|
||||
openssl x509 -req -sha256 -days 365 \
|
||||
-in $fqdn.csr \
|
||||
-signkey $fqdn.key \
|
||||
-out server.crt
|
||||
rm $fqdn.csr
|
||||
else
|
||||
echo "Problem accessing subdir."
|
||||
fi
|
||||
cd $owd
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
######################################################################
|
||||
# Global constructions.
|
||||
|
||||
@ -489,7 +531,6 @@ construct_deal_info () {
|
||||
return 0
|
||||
}
|
||||
|
||||
|
||||
clear_host_list () {
|
||||
unset cluster_name cluster_size
|
||||
host_list=()
|
||||
@ -916,7 +957,7 @@ run_apt () {
|
||||
}
|
||||
|
||||
docker_run_from_data () {
|
||||
dealkeypath="$*"
|
||||
local dealkeypath="$*"
|
||||
# env exported here since this is for bootstrapping
|
||||
export_env
|
||||
if construct_deal_info $dealkeypath; then
|
||||
@ -1157,6 +1198,7 @@ scp_contents_to_host () {
|
||||
if [[ $TESTING_MODE == "TRUE" ]]; then
|
||||
:
|
||||
else
|
||||
ssh_tty_to_host $host "mkdir -p ${target_dir}"
|
||||
scp -r -o port=${port} $source_dir/* \
|
||||
"${user}@${fqdn}:${target_dir}/"
|
||||
fi
|
||||
@ -1253,6 +1295,16 @@ execute_on_nodes () {
|
||||
done
|
||||
}
|
||||
|
||||
# $1: host deal
|
||||
# $2: docker deal
|
||||
docker_bash_on_host () {
|
||||
local host=$1; shift
|
||||
local dealkeypath="$*"
|
||||
if construct_deal_info $dealkeypath; then
|
||||
ssh_tty_to_host $host "docker exec -it $deal_name /bin/bash"
|
||||
fi
|
||||
}
|
||||
|
||||
docker_run_from_data_on_host () {
|
||||
local host=$1
|
||||
shift
|
||||
|
17
data.json
17
data.json
@ -52,7 +52,7 @@
|
||||
["--hostname","gitlab.adamo.network"],
|
||||
[
|
||||
"-e",
|
||||
"GITLAB_OMNIBUS_CONFIG=\"external_url 'http://gitlab.adamo.network:45080'; gitlab_rails['gitlab_shell_ssh_port'] = 45022\""
|
||||
"GITLAB_OMNIBUS_CONFIG=\"external_url 'https://gitlab.adamo.network:45443'; gitlab_rails['gitlab_shell_ssh_port'] = 45022\""
|
||||
]
|
||||
]
|
||||
},
|
||||
@ -166,6 +166,7 @@
|
||||
]
|
||||
},
|
||||
"adamonet": {
|
||||
"atlas": {
|
||||
"britannia": {
|
||||
"remote": {
|
||||
"host": "britannia.adamonet",
|
||||
@ -179,6 +180,20 @@
|
||||
"ipv4": "207.148.15.96"
|
||||
}
|
||||
},
|
||||
"espana": {
|
||||
"remote": {
|
||||
"host": "espana",
|
||||
"ports": {
|
||||
"ssh": 22
|
||||
},
|
||||
"user": "rancher"
|
||||
},
|
||||
"local": {
|
||||
"ipv4": "10.",
|
||||
"host": "localhost"
|
||||
}
|
||||
}
|
||||
},
|
||||
"internum": {
|
||||
"clusterio": {
|
||||
"integer": {
|
||||
|
Loading…
Reference in New Issue
Block a user