12345678910111213141516171819202122232425262728293031323334353637383940 |
- #!/bin/bash
-
- if [ ! -e "${TASKDDATA}/config" ]; then
-
- # Initialise
- taskd init
-
- # Create PKI directory and copy scripts
- mkdir "${TASKDDATA}/pki"
- cp /usr/share/taskd/pki/generate* "${TASKDDATA}/pki"
-
- # Write variables for PKI
- cat >"${TASKDDATA}/pki/vars" <<- EOF
- BITS=4096
- EXPIRATION_DAYS=365
- ORGANIZATION="${PKI_OU:-Unknown}"
- CN="${PKI_CN:-Unknown}"
- COUNTRY="${PKI_COUNTRY:-Unknown}"
- STATE="${PKI_STATE:-Unknown}"
- LOCALITY="${PKI_LOCALITY:-Unknown}"
- EOF
-
- # Generate certs
- cd "${TASKDDATA}/pki"
- ./generate
-
- # Configure the server to use the new certs
- taskd config --force client.cert "${TASKDDATA}/pki/client.cert.pem"
- taskd config --force client.key "${TASKDDATA}/pki/client.key.pem"
- taskd config --force server.cert "${TASKDDATA}/pki/server.cert.pem"
- taskd config --force server.key "${TASKDDATA}/pki/server.key.pem"
- taskd config --force server.crl "${TASKDDATA}/pki/server.crl.pem"
- taskd config --force ca.cert "${TASKDDATA}/pki/ca.cert.pem"
-
- # Listen on the default port
- taskd config --force server 0.0.0.0:53589
- fi
-
- taskd server --data "${TASKDDATA}"
|