mistborn/scripts/subinstallers/openssl.sh

#!/bin/bash

KEY_FOLDER="/opt/mistborn_volumes/base/tls/"
CRT_FILE="cert.crt"
KEY_FILE="cert.key"

CRT_PATH="$KEY_FOLDER/$CRT_FILE"
KEY_PATH="$KEY_FOLDER/$KEY_FILE"

# ensure openssl installed
sudo -E apt-get install -y openssl

# make folder
sudo -E mkdir -p $KEY_FOLDER

# clean old crt and key
sudo -E rm -f ${KEY_FOLDER}/*

# generate crt and key
sudo -E openssl req -x509 -sha256 -nodes -days 397 -newkey rsa:4096 -keyout $KEY_PATH -out $CRT_PATH -addext "subjectAltName=DNS:*.mistborn,DNS:home.mistborn,DNS:jitsi.mistborn,DNS:bitwarden.mistborn,DNS:chat.mistborn,DNS:homeassistant.mistborn,DNS:jellyfin.mistborn,DNS:syncthing.mistborn,DNS:nextcloud.mistborn,DNS:onlyoffice.mistborn" -addext extendedKeyUsage=serverAuth -subj "/C=US/ST=New York/L=New York/O=cyber5k/OU=mistborn/CN=*.mistborn/emailAddress=mistborn@localhost"

# set permissions
sudo -E chown -R mistborn:mistborn ${KEY_FOLDER}
chmod 644 $CRT_PATH
chmod 600 $KEY_PATH
Resolve "Investigate adding Jitsi Meet as an extra service" 6 years ago			`#!/bin/bash`

Resolve "Stricter TLS requirements for iOS" 5 years ago			`KEY_FOLDER="/opt/mistborn_volumes/base/tls/"`
Resolve "Investigate adding Jitsi Meet as an extra service" 6 years ago			`CRT_FILE="cert.crt"`
			`KEY_FILE="cert.key"`

			`CRT_PATH="$KEY_FOLDER/$CRT_FILE"`
			`KEY_PATH="$KEY_FOLDER/$KEY_FILE"`

			`# ensure openssl installed`
Resolve "Debian-family Noninteractive scripts" 6 years ago			`sudo -E apt-get install -y openssl`
Resolve "Investigate adding Jitsi Meet as an extra service" 6 years ago
			`# make folder`
Resolve "Stricter TLS requirements for iOS" 5 years ago			`sudo -E mkdir -p $KEY_FOLDER`

			`# clean old crt and key`
			`sudo -E rm -f ${KEY_FOLDER}/*`
Resolve "Investigate adding Jitsi Meet as an extra service" 6 years ago
			`# generate crt and key`
Resolve "E: Package 'cockpit-docker' has no installation candidate" 5 years ago			`sudo -E openssl req -x509 -sha256 -nodes -days 397 -newkey rsa:4096 -keyout $KEY_PATH -out $CRT_PATH -addext "subjectAltName=DNS:.mistborn,DNS:home.mistborn,DNS:jitsi.mistborn,DNS:bitwarden.mistborn,DNS:chat.mistborn,DNS:homeassistant.mistborn,DNS:jellyfin.mistborn,DNS:syncthing.mistborn,DNS:nextcloud.mistborn,DNS:onlyoffice.mistborn" -addext extendedKeyUsage=serverAuth -subj "/C=US/ST=New York/L=New York/O=cyber5k/OU=mistborn/CN=.mistborn/emailAddress=mistborn@localhost"`
Resolve "Investigate adding Jitsi Meet as an extra service" 6 years ago
			`# set permissions`
Resolve "Stricter TLS requirements for iOS" 5 years ago			`sudo -E chown -R mistborn:mistborn ${KEY_FOLDER}`
Resolve "Investigate adding Jitsi Meet as an extra service" 6 years ago			`chmod 644 $CRT_PATH`
			`chmod 600 $KEY_PATH`