diff options
author | Quentin Dufour <quentin@deuxfleurs.fr> | 2022-04-21 22:57:55 +0200 |
---|---|---|
committer | Quentin Dufour <quentin@deuxfleurs.fr> | 2022-04-21 22:57:55 +0200 |
commit | c430d8eaf1d091ad27e842c0000b77d87d791da6 (patch) | |
tree | c50e276da7fbe7a9b81548e65b72e3bf2a3621a1 /os/runners/bash/tlsproxy | |
parent | c99c0ffd30c3a6f3ea67323437f1a9773c3e283e (diff) | |
download | nixcfg-c430d8eaf1d091ad27e842c0000b77d87d791da6.tar.gz nixcfg-c430d8eaf1d091ad27e842c0000b77d87d791da6.zip |
Start refactor
Diffstat (limited to 'os/runners/bash/tlsproxy')
-rwxr-xr-x | os/runners/bash/tlsproxy | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/os/runners/bash/tlsproxy b/os/runners/bash/tlsproxy new file mode 100755 index 0000000..7546b81 --- /dev/null +++ b/os/runners/bash/tlsproxy @@ -0,0 +1,47 @@ +#!/bin/sh + +set -xe + +# Enter proper cluster subdirectory + +cd $(dirname $0) + +CLUSTER="$1" +if [ ! -d "cluster/$CLUSTER" ]; then + echo "Usage: $0 <cluster name>" + echo "The cluster name must be the name of a subdirectory of cluster/" + exit 1 +fi + +PREFIX="deuxfleurs/cluster/$CLUSTER" + +# Do actual stuff + +YEAR=$(date +%Y) + +CERTDIR=$(mktemp -d) + +_int() { + echo "Caught SIGINT signal!" + rm -rv $CERTDIR + kill -INT "$child1" 2>/dev/null + kill -INT "$child2" 2>/dev/null +} + +trap _int SIGINT + +pass $PREFIX/nomad$YEAR.crt > $CERTDIR/nomad.crt +pass $PREFIX/nomad$YEAR-client.crt > $CERTDIR/nomad-client.crt +pass $PREFIX/nomad$YEAR-client.key > $CERTDIR/nomad-client.key +pass $PREFIX/consul$YEAR.crt > $CERTDIR/consul.crt +pass $PREFIX/consul$YEAR-client.crt > $CERTDIR/consul-client.crt +pass $PREFIX/consul$YEAR-client.key > $CERTDIR/consul-client.key + +socat -dd tcp4-listen:4646,reuseaddr,fork openssl:localhost:14646,cert=$CERTDIR/nomad-client.crt,key=$CERTDIR/nomad-client.key,cafile=$CERTDIR/nomad.crt & +child1=$! + +socat -dd tcp4-listen:8500,reuseaddr,fork openssl:localhost:8501,cert=$CERTDIR/consul-client.crt,key=$CERTDIR/consul-client.key,cafile=$CERTDIR/consul.crt & +child2=$! + +wait "$child1" +wait "$child2" |