From 1dd6f8d3b4d7dc93095e662aaca190d3fe1be264 Mon Sep 17 00:00:00 2001
From: Soispha <soispha@vhack.eu>
Date: Wed, 4 Oct 2023 20:11:42 +0200
Subject: feat(system/services/taskserver): Integrate Let's Encrypt
 certificates

The current setup now runs the `taskserver.vhack.eu` domain with a
Let's Encrypt certificate and additionally uses a self-signed CA
certificate to validate clients.

The shell scripts used to generate the CA certificate and the derived
client certificate (and keys) are taken nearly unmodified from the
upstream repository [1].

[1]: https://github.com/GothenburgBitFactory/taskserver/tree/9794cff61e56bdfb193c6aa4cebb57970ac68aef/pki
---
 system/services/taskserver/certs/vars | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 system/services/taskserver/certs/vars

(limited to 'system/services/taskserver/certs/vars')

diff --git a/system/services/taskserver/certs/vars b/system/services/taskserver/certs/vars
new file mode 100644
index 0000000..50d753a
--- /dev/null
+++ b/system/services/taskserver/certs/vars
@@ -0,0 +1,7 @@
+SEC_PARAM=ultra
+EXPIRATION_DAYS=365
+ORGANIZATION="Vhack"
+CN=taskserver.vhack.eu
+COUNTRY=EU
+#STATE="Germany"
+#LOCALITY="Göteborg"
-- 
cgit 1.4.1