aboutsummaryrefslogtreecommitdiff
path: root/os/runners/bash/tlsproxy
diff options
context:
space:
mode:
Diffstat (limited to 'os/runners/bash/tlsproxy')
-rwxr-xr-xos/runners/bash/tlsproxy47
1 files changed, 47 insertions, 0 deletions
diff --git a/os/runners/bash/tlsproxy b/os/runners/bash/tlsproxy
new file mode 100755
index 0000000..7546b81
--- /dev/null
+++ b/os/runners/bash/tlsproxy
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+set -xe
+
+# Enter proper cluster subdirectory
+
+cd $(dirname $0)
+
+CLUSTER="$1"
+if [ ! -d "cluster/$CLUSTER" ]; then
+ echo "Usage: $0 <cluster name>"
+ echo "The cluster name must be the name of a subdirectory of cluster/"
+ exit 1
+fi
+
+PREFIX="deuxfleurs/cluster/$CLUSTER"
+
+# Do actual stuff
+
+YEAR=$(date +%Y)
+
+CERTDIR=$(mktemp -d)
+
+_int() {
+ echo "Caught SIGINT signal!"
+ rm -rv $CERTDIR
+ kill -INT "$child1" 2>/dev/null
+ kill -INT "$child2" 2>/dev/null
+}
+
+trap _int SIGINT
+
+pass $PREFIX/nomad$YEAR.crt > $CERTDIR/nomad.crt
+pass $PREFIX/nomad$YEAR-client.crt > $CERTDIR/nomad-client.crt
+pass $PREFIX/nomad$YEAR-client.key > $CERTDIR/nomad-client.key
+pass $PREFIX/consul$YEAR.crt > $CERTDIR/consul.crt
+pass $PREFIX/consul$YEAR-client.crt > $CERTDIR/consul-client.crt
+pass $PREFIX/consul$YEAR-client.key > $CERTDIR/consul-client.key
+
+socat -dd tcp4-listen:4646,reuseaddr,fork openssl:localhost:14646,cert=$CERTDIR/nomad-client.crt,key=$CERTDIR/nomad-client.key,cafile=$CERTDIR/nomad.crt &
+child1=$!
+
+socat -dd tcp4-listen:8500,reuseaddr,fork openssl:localhost:8501,cert=$CERTDIR/consul-client.crt,key=$CERTDIR/consul-client.key,cafile=$CERTDIR/consul.crt &
+child2=$!
+
+wait "$child1"
+wait "$child2"