2015-05-23 01:39:45 +02:00
|
|
|
#!/bin/sh
|
2015-05-27 02:50:27 +02:00
|
|
|
set -e
|
2015-05-23 01:39:45 +02:00
|
|
|
|
2016-03-30 22:55:24 +02:00
|
|
|
hostname="localregistry"
|
|
|
|
authhostname="auth.$hostname"
|
|
|
|
|
|
|
|
set_etc_hosts() {
|
|
|
|
hostentry=$1
|
|
|
|
IP=$(ifconfig eth0|grep "inet addr:"| cut -d: -f2 | awk '{ print $1}')
|
|
|
|
echo "$IP $hostentry" >> /etc/hosts
|
|
|
|
# TODO: Check if record already exists in /etc/hosts
|
|
|
|
}
|
|
|
|
|
|
|
|
install_ca() {
|
|
|
|
mkdir -p $1/$hostname:$2
|
|
|
|
cp ./nginx/ssl/registry-ca+ca.pem $1/$hostname:$2/ca.crt
|
|
|
|
if [ "$3" != "" ]; then
|
|
|
|
cp ./nginx/ssl/registry-$3+client-cert.pem $1/$hostname:$2/client.cert
|
|
|
|
cp ./nginx/ssl/registry-$3+client-key.pem $1/$hostname:$2/client.key
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
|
|
install_test_certs() {
|
|
|
|
install_ca $1 5440
|
|
|
|
install_ca $1 5441
|
|
|
|
install_ca $1 5442 ca
|
|
|
|
install_ca $1 5443 noca
|
|
|
|
install_ca $1 5444 ca
|
|
|
|
install_ca $1 5447 ca
|
|
|
|
# For test remove CA
|
|
|
|
rm $1/${hostname}:5447/ca.crt
|
|
|
|
install_ca $1 5448
|
|
|
|
}
|
|
|
|
|
|
|
|
set_etc_hosts $hostname
|
|
|
|
set_etc_hosts $authhostname
|
|
|
|
|
|
|
|
install_test_certs /etc/docker/certs.d
|
|
|
|
install_test_certs /root/.docker/tls
|
|
|
|
|
|
|
|
# Malevolent server
|
|
|
|
mkdir -p /etc/docker/certs.d/$hostname:6666
|
|
|
|
cp ./malevolent-certs/ca.pem /etc/docker/certs.d/$hostname:6666/ca.crt
|
|
|
|
|
|
|
|
# Token server
|
|
|
|
install_file ./tokenserver/certs/ca.pem $1 5555
|
|
|
|
install_file ./tokenserver/certs/ca.pem $1 5554
|
|
|
|
install_file ./tokenserver/certs/ca.pem $1 5557
|
|
|
|
install_file ./tokenserver/certs/ca.pem $1 5558
|