git » kxd » master » tree

[master] / scripts / kxc-add-key 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
#!/bin/bash
#
# Add a new key to kxc's configuration (initializing it if necessary).
#
# If /etc/kxc is missing, this script creates it, as well as the required
# client certificates.
#
# Then, it adds configuration for fetching a given key.

set -e

SERVER="$1"
KEYNAME="$2"

if [ "$SERVER" = "" ] || [ "$KEYNAME" = "" ]; then
	echo "
Usage: kxc-add-key <server hostname> <key name>

This command adds a new key to kxc's configuration, initializing it if
necessary.
"
	exit 1
fi


# Create the base configuration directory.
echo "Creating directories (/etc/kxc/)"
mkdir -p /etc/kxc/

# Create a private key for the client.
if ! [ -e /etc/kxc/key.pem ]; then
	kxgencert \
		-organization "kxc@$HOSTNAME" \
		-key /etc/kxc/key.pem \
		-cert /etc/kxc/cert.pem
	chmod 400 /etc/kxc/key.pem
else
	echo "Private key already exists (/etc/kxc/key.pem)"
fi

echo "Setting URL to kxd://$SERVER/$HOSTNAME/$KEYNAME"
echo "kxd://$SERVER/$HOSTNAME/$KEYNAME" > "/etc/kxc/${KEYNAME}.url"

echo
echo
echo "YOU need to copy the server certificate to"
echo "/etc/kxc/${KEYNAME}.server_cert.pem. For example, using:"
echo
echo "  $ scp $SERVER:/etc/kxd/cert.pem /etc/kxc/${KEYNAME}.server_cert.pem"
echo