forked from Deuxfleurs/nixcfg
48 lines
1.2 KiB
Bash
Executable file
48 lines
1.2 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
|
|
set -xe
|
|
|
|
# Enter proper cluster subdirectory
|
|
|
|
cd $(dirname $0)
|
|
|
|
CLUSTER="$1"
|
|
if [ ! -d "cluster/$CLUSTER" ]; then
|
|
echo "Usage: $0 <cluster name>"
|
|
echo "The cluster name must be the name of a subdirectory of cluster/"
|
|
exit 1
|
|
fi
|
|
|
|
PREFIX="deuxfleurs/cluster/$CLUSTER"
|
|
|
|
# Do actual stuff
|
|
|
|
#YEAR=$(date +%Y)
|
|
YEAR=2023
|
|
|
|
CERTDIR=$(mktemp -d)
|
|
|
|
_int() {
|
|
echo "Caught SIGINT signal!"
|
|
rm -rv $CERTDIR
|
|
kill -INT "$child1" 2>/dev/null
|
|
kill -INT "$child2" 2>/dev/null
|
|
}
|
|
|
|
trap _int SIGINT
|
|
|
|
pass $PREFIX/nomad$YEAR.crt > $CERTDIR/nomad.crt
|
|
pass $PREFIX/nomad$YEAR-client.crt > $CERTDIR/nomad-client.crt
|
|
pass $PREFIX/nomad$YEAR-client.key > $CERTDIR/nomad-client.key
|
|
pass $PREFIX/consul$YEAR.crt > $CERTDIR/consul.crt
|
|
pass $PREFIX/consul$YEAR-client.crt > $CERTDIR/consul-client.crt
|
|
pass $PREFIX/consul$YEAR-client.key > $CERTDIR/consul-client.key
|
|
|
|
socat -dd tcp-listen:4646,reuseaddr,fork,bind=localhost openssl:localhost:14646,cert=$CERTDIR/nomad-client.crt,key=$CERTDIR/nomad-client.key,cafile=$CERTDIR/nomad.crt,verify=0 &
|
|
child1=$!
|
|
|
|
socat -dd tcp-listen:8500,reuseaddr,fork,bind=localhost openssl:localhost:8501,cert=$CERTDIR/consul-client.crt,key=$CERTDIR/consul-client.key,cafile=$CERTDIR/consul.crt,verify=0 &
|
|
child2=$!
|
|
|
|
wait "$child1"
|
|
wait "$child2"
|