forked from Deuxfleurs/nixcfg
48 lines
1.2 KiB
Text
48 lines
1.2 KiB
Text
|
#!/bin/sh
|
||
|
|
||
|
set -xe
|
||
|
|
||
|
# Enter proper cluster subdirectory
|
||
|
|
||
|
cd $(dirname $0)
|
||
|
|
||
|
CLUSTER="$1"
|
||
|
if [ ! -d "cluster/$CLUSTER" ]; then
|
||
|
echo "Usage: $0 <cluster name>"
|
||
|
echo "The cluster name must be the name of a subdirectory of cluster/"
|
||
|
exit 1
|
||
|
fi
|
||
|
|
||
|
PREFIX="deuxfleurs/cluster/$CLUSTER"
|
||
|
|
||
|
# Do actual stuff
|
||
|
|
||
|
YEAR=$(date +%Y)
|
||
|
|
||
|
CERTDIR=$(mktemp -d)
|
||
|
|
||
|
_int() {
|
||
|
echo "Caught SIGINT signal!"
|
||
|
rm -rv $CERTDIR
|
||
|
kill -INT "$child1" 2>/dev/null
|
||
|
kill -INT "$child2" 2>/dev/null
|
||
|
}
|
||
|
|
||
|
trap _int SIGINT
|
||
|
|
||
|
pass $PREFIX/nomad$YEAR.crt > $CERTDIR/nomad.crt
|
||
|
pass $PREFIX/nomad$YEAR-client.crt > $CERTDIR/nomad-client.crt
|
||
|
pass $PREFIX/nomad$YEAR-client.key > $CERTDIR/nomad-client.key
|
||
|
pass $PREFIX/consul$YEAR.crt > $CERTDIR/consul.crt
|
||
|
pass $PREFIX/consul$YEAR-client.crt > $CERTDIR/consul-client.crt
|
||
|
pass $PREFIX/consul$YEAR-client.key > $CERTDIR/consul-client.key
|
||
|
|
||
|
socat -dd tcp4-listen:4646,reuseaddr,fork openssl:localhost:14646,cert=$CERTDIR/nomad-client.crt,key=$CERTDIR/nomad-client.key,cafile=$CERTDIR/nomad.crt &
|
||
|
child1=$!
|
||
|
|
||
|
socat -dd tcp4-listen:8500,reuseaddr,fork openssl:localhost:8501,cert=$CERTDIR/consul-client.crt,key=$CERTDIR/consul-client.key,cafile=$CERTDIR/consul.crt &
|
||
|
child2=$!
|
||
|
|
||
|
wait "$child1"
|
||
|
wait "$child2"
|