about summary refs log tree commit diff stats
path: root/tests/common/acme/certs/generate
diff options
context:
space:
mode:
authorBenedikt Peetz <benedikt.peetz@b-peetz.de>2025-04-12 16:25:53 +0200
committerBenedikt Peetz <benedikt.peetz@b-peetz.de>2025-04-22 21:35:30 +0200
commit7d3c1bd972c67af3f5006bd02e8ed3655f16bfc7 (patch)
treeb636d166aeee551c0d1088ae821ae593f8110cb5 /tests/common/acme/certs/generate
parentupdate.sh: Also run `nix flake update` (diff)
downloadnixos-server-7d3c1bd972c67af3f5006bd02e8ed3655f16bfc7.zip
tests/email-dns: Factor out all of the secrets/acme stuff into a common dir
This makes it easier to re-use this test data for various tests.
Diffstat (limited to 'tests/common/acme/certs/generate')
-rwxr-xr-xtests/common/acme/certs/generate66
1 files changed, 66 insertions, 0 deletions
diff --git a/tests/common/acme/certs/generate b/tests/common/acme/certs/generate
new file mode 100755
index 0000000..0d6258e
--- /dev/null
+++ b/tests/common/acme/certs/generate
@@ -0,0 +1,66 @@
+#! /usr/bin/env nix-shell
+#! nix-shell -p gnutls -p dash -i dash --impure
+# shellcheck shell=dash
+
+# For development and testing.
+# Create a CA key and cert, and use that to generate a server key and cert.
+# Creates:
+#   ca.key.pem
+#   ca.cert.pem
+#   server.key.pem
+#   server.cert.pem
+
+export SEC_PARAM=ultra
+export EXPIRATION_DAYS=123456
+export ORGANIZATION="Vhack.eu Test Keys"
+export COUNTRY=EU
+export SAN="acme.test"
+export KEY_TYPE="ed25519"
+
+BASEDIR="$(dirname "$0")"
+GENERATION_LOCATION="$BASEDIR/output"
+cd "$BASEDIR" || {
+    echo "(BUG?) No basedir ('$BASEDIR')" 1>&2
+    exit 1
+}
+
+ca=false
+clients=false
+
+usage() {
+    echo "Usage: $0 --ca|--clients"
+    exit 2
+}
+
+if [ "$#" -eq 0 ]; then
+    usage
+fi
+
+for arg in "$@"; do
+    case "$arg" in
+    "--ca")
+        ca=true
+        ;;
+    "--clients")
+        clients=true
+        ;;
+    *)
+        usage
+        ;;
+    esac
+done
+
+[ -d "$GENERATION_LOCATION" ] || mkdir --parents "$GENERATION_LOCATION"
+cd "$GENERATION_LOCATION" || echo "(BUG?) No generation location fould!" 1>&2
+
+[ "$ca" = true ] && ../generate.ca
+
+# Creates:
+#   <client_name>.key.pem
+#   <client_name>.cert.pem
+#
+[ "$clients" = true ] && ../generate.client "acme.test"
+
+echo "(INFO) Look for the keys at: $GENERATION_LOCATION"
+
+# vim: ft=sh
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-04-24 19:56:53 +0000