[#235]: Suppress output of certificates generation on make up
Signed-off-by: anastasia prasolova <anastasia@nspcc.ru>
This commit is contained in:
parent
a2de0822fa
commit
f7fb6d5142
4 changed files with 32 additions and 18 deletions
5
Makefile
5
Makefile
|
@ -75,8 +75,9 @@ up/basic: up/bootstrap
|
||||||
.PHONY: up/bootstrap
|
.PHONY: up/bootstrap
|
||||||
up/bootstrap: get vendor/hosts
|
up/bootstrap: get vendor/hosts
|
||||||
@$(foreach SVC, $(START_BOOTSTRAP), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d))
|
@$(foreach SVC, $(START_BOOTSTRAP), $(shell docker-compose -f services/$(SVC)/docker-compose.yml up -d))
|
||||||
@./vendor/neofs-adm --config neofs-adm.yml morph init --alphabet-wallets ./services/ir --contracts vendor/contracts || exit 1
|
@source ./bin/helper.sh
|
||||||
@for f in ./services/storage/wallet*.json; do echo "Transfer GAS to wallet $${f}" && ./vendor/neofs-adm -c neofs-adm.yml morph refill-gas --storage-wallet $${f} --gas 10.0 --alphabet-wallets services/ir || exit 1; done
|
@./vendor/neofs-adm --config neofs-adm.yml morph init --alphabet-wallets ./services/ir --contracts vendor/contracts || die "Failed to initialize Alphabet wallets"
|
||||||
|
@for f in ./services/storage/wallet*.json; do echo "Transfer GAS to wallet $${f}" && ./vendor/neofs-adm -c neofs-adm.yml morph refill-gas --storage-wallet $${f} --gas 10.0 --alphabet-wallets services/ir || die "Failed to transfer GAS to alphabet wallets"; done
|
||||||
@echo "NeoFS sidechain environment is deployed"
|
@echo "NeoFS sidechain environment is deployed"
|
||||||
|
|
||||||
# Build up certain service
|
# Build up certain service
|
||||||
|
|
|
@ -4,4 +4,4 @@ NATS_DIR=$(abspath services/nats)
|
||||||
|
|
||||||
get.nats:
|
get.nats:
|
||||||
@echo "⇒ Creating certs for NATS server and clients"
|
@echo "⇒ Creating certs for NATS server and clients"
|
||||||
${NATS_DIR}/generate_cert.sh ${LOCAL_DOMAIN}
|
${NATS_DIR}/generate_cert.sh ${LOCAL_DOMAIN} > /dev/null
|
||||||
|
|
|
@ -1,20 +1,7 @@
|
||||||
# Create new TLS certs to NeoFS node
|
# Create new TLS certs to NeoFS node
|
||||||
|
|
||||||
CURRENT_DIR=$(dir $(abspath $(lastword $(MAKEFILE_LIST))))
|
STORAGE_DIR=$(abspath services/storage)
|
||||||
STORAGE_DIR=$(patsubst %/,%,$(CURRENT_DIR))
|
|
||||||
SSL_CONFIG:=$(shell mktemp)
|
|
||||||
|
|
||||||
get.storage:
|
get.storage:
|
||||||
@echo "⇒ Creating TLS certs to NeoFS node"
|
@echo "⇒ Creating TLS certs to NeoFS node"
|
||||||
@(echo "[req]"; \
|
${STORAGE_DIR}/generate_cert.sh ${LOCAL_DOMAIN} > /dev/null
|
||||||
echo "distinguished_name=req"; \
|
|
||||||
echo "req_extensions=san"; \
|
|
||||||
echo "[san]"; \
|
|
||||||
echo "subjectAltName=DNS:s04.${LOCAL_DOMAIN}") > ${SSL_CONFIG}
|
|
||||||
@echo $(test -e "${STORAGE_DIR}/s04tls.key" && echo true)
|
|
||||||
@if [ ! -e "${STORAGE_DIR}/s04tls.key" ]; then \
|
|
||||||
openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes \
|
|
||||||
-subj "/C=RU/ST=SPB/L=St.Petersburg/O=NSPCC/OU=NSPCC/CN=s04.${LOCAL_DOMAIN}" \
|
|
||||||
-keyout "${STORAGE_DIR}/s04tls.key" -out "${STORAGE_DIR}/s04tls.crt" \
|
|
||||||
-extensions san -config "${SSL_CONFIG}" ; \
|
|
||||||
fi
|
|
||||||
|
|
26
services/storage/generate_cert.sh
Executable file
26
services/storage/generate_cert.sh
Executable file
|
@ -0,0 +1,26 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
source bin/helper.sh
|
||||||
|
|
||||||
|
WORKDIR=$(dirname "$0")
|
||||||
|
LOCAL_DOMAIN=$1
|
||||||
|
SSL_CONFIG=$(mktemp)
|
||||||
|
CERT="${WORKDIR}/s04tls.crt"
|
||||||
|
KEY="${WORKDIR}/s04tls.key"
|
||||||
|
|
||||||
|
|
||||||
|
if [[ ! -f ${CERT} ]]; then
|
||||||
|
(
|
||||||
|
echo "[req]"; \
|
||||||
|
echo "distinguished_name=req"; \
|
||||||
|
echo "req_extensions=san"; \
|
||||||
|
echo "[san]"; \
|
||||||
|
echo "subjectAltName=DNS:s04.${LOCAL_DOMAIN}"
|
||||||
|
) > ${SSL_CONFIG}
|
||||||
|
|
||||||
|
openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes \
|
||||||
|
-subj "/C=RU/ST=SPB/L=St.Petersburg/O=NSPCC/OU=NSPCC/CN=s04.${LOCAL_DOMAIN}" \
|
||||||
|
-keyout "${KEY}" -out "${CERT}" -extensions san -config "${SSL_CONFIG}" &> /dev/null || {
|
||||||
|
die "Failed to generate SSL certificate for s04"
|
||||||
|
}
|
||||||
|
fi
|
Loading…
Reference in a new issue