diff --git a/ct/alpine-step-ca.sh b/ct/alpine-step-ca.sh index 3f5b3835..ed76d4c8 100644 --- a/ct/alpine-step-ca.sh +++ b/ct/alpine-step-ca.sh @@ -52,9 +52,9 @@ function update_script() { done } -function caDetails() { +function ca_settings() { + whiptail --backtitle "Proxmox VE Helper Scripts" --msgbox --title "Configure Certificate Authority" "Now that we defined the container we need to configure the certificate authority." 8 58 - if CA_NAME=$(whiptail --backtitle "Proxmox VE Helper Scripts" --inputbox "Name of certificate authority" 8 58 "$DEFAULT_CA_NAME" --title "Configure Certificate Authority" 3>&1 1>&2 2>&3); then if [ -z "$CA_NAME" ]; then CA_NAME="$DEFAULT_CA_NAME" @@ -63,35 +63,36 @@ function caDetails() { exit fi - CA_DNS=() + CA_DNS_ENTRIES=() DEFAULT_CA_DNS_ENTRY="${HN}.local" if CA_DNS_ENTRY=$(whiptail --backtitle "Proxmox VE Helper Scripts" --inputbox "DNS entry of Certificate Authority" 8 58 "$DEFAULT_CA_DNS_ENTRY" --title "Configure Certificate Authority" 3>&1 1>&2 2>&3); then if [ -z "$CA_DNS_ENTRY" ]; then - CA_DNS+=("$DEFAULT_CA_DNS_ENTRY") + CA_DNS_ENTRIES+=("--dns=\"$DEFAULT_CA_DNS_ENTRY\"") else - CA_DNS+=("$CA_DNS_ENTRY") + CA_DNS_ENTRIES+=("--dns=\"$CA_DNS_ENTRY\"") fi else exit fi while whiptail --backtitle "Proxmox VE Helper Scripts" --defaultno --title "Configure Certificate Authority" --yesno "Do you want to add another DNS entry?" 10 72 ; do - if CA_DNS_ENTRY=$(whiptail --backtitle "Proxmox VE Helper Scripts" --inputbox "DNS entry of Certificate Authority" 8 58 "" --title "Configure Certificate Authority" 3>&1 1>&2 2>&3); then if [ -n "$CA_DNS_ENTRY" ]; then - CA_DNS+=("$CA_DNS_ENTRY") + CA_DNS_ENTRIES+=(" --dns=\"$CA_DNS_ENTRY\"") fi fi done - echo -e "${CONTAINERID}${BOLD}${DGN}Name of CA: ${BGN}$CA_NAME${CL}" - echo -e "CA DNS entries:" - for DNS_ENTRY in ${CA_DNS[*]}; do - echo -e "- $DNS_ENTRY" - done + if [ "$VERBOSE" = "yes" ]; then + echo -e "${DEFAULT}${BOLD}${DGN}Name of CA: ${BGN}$CA_NAME${CL}" + echo -e "${DEFAULT}${BOLD}${DGN}DNS entries of CA:${CL}" + for DNS_ENTRY in ${CA_DNS_ENTRIES[*]}; do + echo -e "- $DNS_ENTRY" + done + fi export CA_NAME - export CA_DNS + export CA_DNS=${CA_DNS_ENTRIES[@]}; } start diff --git a/install/alpine-step-ca-install.sh b/install/alpine-step-ca-install.sh index a4b8b631..d3bc5307 100644 --- a/install/alpine-step-ca-install.sh +++ b/install/alpine-step-ca-install.sh @@ -22,6 +22,11 @@ $STD apk add openssl msg_info "Preparing environment" $STD echo "export STEPPATH=/etc/step-ca" > ~/.profile +$STD export STEPPATH=/etc/step-ca + +if [ "$VERBOSE" = "yes" ]; then + env #Display environment details +fi msg_ok "Environment prepared" msg_info "Installing Alpine Step-CA" @@ -30,9 +35,6 @@ msg_ok "Installed Alpine Step-CA" # Initialize CA config_dir="/etc/step-ca" -log_dir="/var/log/step-ca" -profile_file="${config_dir}/.profile" -ca_file="${config_dir}/config/ca.json" passwd_file="${config_dir}/password.txt" msg_info "Generate CA secret" @@ -40,16 +42,11 @@ CA_PASS="$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | cut -c1-13)" $STD cat <${passwd_file} ${CA_PASS} EOF -msg_ok "Generated CA secret in ${passwd_file} - ${CA_PASS}" +msg_ok "Generated CA secret stored in ${passwd_file}" msg_info "Initialize CA" -env -DNS_FLAT="" -for DNS_ENTRY in ${CA_DNS[*]}; do - DNS_FLAT="$DNS_FLAT --dns=\"$DNS_ENTRY\"" -done -$STD step ca init --name="$CA_NAME" $DNS_FLAT --password-file=/etc/step-ca/password.txt --acme --deployment-type=standalone --address=0.0.0.0:443 --provisioner=acme +$STD step ca init --name="$CA_NAME" $CA_DNS --password-file=/etc/step-ca/password.txt --acme --deployment-type=standalone --address=0.0.0.0:443 --provisioner=acme $STD step ca provisioner update acme --x509-min-dur=20m --x509-max-dur=32h --x509-default-dur=24h msg_ok "Finished initialization of CA"