#!/usr/bin/env bash set -xe # Enter proper cluster subdirectory cd $(dirname $0) CLUSTER="$1" if [ ! -d "cluster/$CLUSTER" ] || [ -z "$CLUSTER" ]; then echo "Usage: $0 <cluster name>" echo "The cluster name must be the name of a subdirectory of cluster/" exit 1 fi PREFIX="deuxfleurs/cluster/$CLUSTER" # Do actual stuff YEAR=$(date +%Y) CERTDIR=$(mktemp -d) _int() { echo "Caught SIGINT signal!" rm -rv $CERTDIR kill -INT "$child1" 2>/dev/null kill -INT "$child2" 2>/dev/null } trap _int SIGINT pass $PREFIX/nomad$YEAR.crt > $CERTDIR/nomad.crt pass $PREFIX/nomad$YEAR-client.crt > $CERTDIR/nomad-client.crt pass $PREFIX/nomad$YEAR-client.key > $CERTDIR/nomad-client.key pass $PREFIX/consul$YEAR.crt > $CERTDIR/consul.crt pass $PREFIX/consul$YEAR-client.crt > $CERTDIR/consul-client.crt pass $PREFIX/consul$YEAR-client.key > $CERTDIR/consul-client.key socat -dd tcp-listen:4646,reuseaddr,fork,bind=127.0.0.1 openssl:localhost:14646,cert=$CERTDIR/nomad-client.crt,key=$CERTDIR/nomad-client.key,cafile=$CERTDIR/nomad.crt,verify=0 & child1=$! socat -dd tcp-listen:8500,reuseaddr,fork,bind=127.0.0.1 openssl:localhost:8501,cert=$CERTDIR/consul-client.crt,key=$CERTDIR/consul-client.key,cafile=$CERTDIR/consul.crt,verify=0 & child2=$! wait "$child1" wait "$child2"