2024-10-10 16:14:32 -05:00
|
|
|
# https://wiki.libvirt.org/TLSDaemonConfiguration.html
|
|
|
|
|
2024-10-10 15:14:25 -05:00
|
|
|
STAMP = $(shell date +%Y%m%d.%H%M%S)
|
2024-10-10 14:39:52 -05:00
|
|
|
|
2024-10-10 14:06:46 -05:00
|
|
|
ls:
|
2024-10-10 15:14:25 -05:00
|
|
|
@echo "make all # will make the cert file and debian package"
|
2024-10-10 14:06:46 -05:00
|
|
|
|
2024-10-10 14:30:40 -05:00
|
|
|
all:
|
|
|
|
make make-ca-private-key
|
|
|
|
make make-Certificate-Authority-Certificate-file
|
2024-10-10 15:14:25 -05:00
|
|
|
cd farm && make all
|
2024-10-10 17:14:28 -05:00
|
|
|
cd client && make all
|
2024-10-10 14:30:40 -05:00
|
|
|
make create
|
|
|
|
|
2024-10-10 16:16:00 -05:00
|
|
|
tag:
|
2024-10-10 17:31:25 -05:00
|
|
|
git tag -m 'maybe works' v0.0.2
|
2024-10-10 16:16:00 -05:00
|
|
|
git push --tags
|
|
|
|
|
2024-10-10 14:06:46 -05:00
|
|
|
make-ca-private-key:
|
|
|
|
certtool --generate-privkey > certificate_authority_key.pem
|
|
|
|
# umask 277 certificate_authority_key.pem
|
|
|
|
make ls
|
|
|
|
|
|
|
|
make-Certificate-Authority-Certificate-file:
|
|
|
|
certtool --generate-self-signed \
|
|
|
|
--template certificate_authority_template.info \
|
|
|
|
--load-privkey certificate_authority_key.pem \
|
|
|
|
--outfile certificate_authority_certificate.pem
|
2024-10-10 14:30:40 -05:00
|
|
|
|
|
|
|
create:
|
|
|
|
mkdir -p debian/DEBIAN
|
|
|
|
cp control debian/DEBIAN/
|
2024-10-10 15:14:25 -05:00
|
|
|
echo "Version: 0."$(STAMP) >> debian/DEBIAN/control
|
2024-10-10 14:30:40 -05:00
|
|
|
echo "2.0" > debian/debian-binary
|
2024-10-10 16:35:49 -05:00
|
|
|
mkdir -p debian/files/etc/pki/CA/
|
2024-10-10 16:42:59 -05:00
|
|
|
cp Makefile debian/files/etc/pki/CA/
|
2024-10-10 16:35:49 -05:00
|
|
|
cp *.pem debian/files/etc/pki/CA/
|
|
|
|
cp farm/*.pem debian/files/etc/pki/CA/
|
2024-10-10 17:14:28 -05:00
|
|
|
cp client/*.pem debian/files/etc/pki/CA/
|
2024-10-10 15:14:25 -05:00
|
|
|
chmod 444 debian/files/etc/pki/CA/*.pem
|
2024-10-10 16:42:59 -05:00
|
|
|
cd debian/files/ && md5sum etc/pki/CA/* > ../DEBIAN/md5sum
|
2024-10-10 14:30:40 -05:00
|
|
|
cd debian/DEBIAN && tar --ignore-failed-read -cvJf ../control.tar.xz {post,pre}{inst,rm} md5sums control
|
|
|
|
cd debian/files && tar -cvJf ../data.tar.xz .
|
2024-10-10 14:39:52 -05:00
|
|
|
cd debian && ar rcs ../wit-libvirt-tls-cert.$(STAMP).deb debian-binary control.tar.xz data.tar.xz
|
2024-10-10 15:14:25 -05:00
|
|
|
dpkg-deb -I wit*.deb
|
2024-10-10 14:30:40 -05:00
|
|
|
|
|
|
|
clean:
|
|
|
|
rm -f *.pem
|
|
|
|
rm -f *.deb
|
|
|
|
rm -rf debian/
|
2024-10-10 15:14:25 -05:00
|
|
|
cd farm && make clean
|
2024-10-10 17:14:28 -05:00
|
|
|
cd client && make clean
|
2024-10-10 16:42:59 -05:00
|
|
|
|
|
|
|
farm01:
|
|
|
|
cp /etc/pki/CA/certificate_authority_certificate.pem /etc/pki/CA/cacert.pem
|
|
|
|
mkdir -p /etc/pki/libvirt/private/
|
|
|
|
cp /etc/pki/CA/farm01_server_certificate.pem /etc/pki/libvirt/servercert.pem
|
|
|
|
cp /etc/pki/CA/farm01_server_key.pem /etc/pki/libvirt/private/serverkey.pem
|
2024-10-10 17:14:28 -05:00
|
|
|
cp /etc/pki/CA/farm01_client_certificate.pem /etc/pki/libvirt/clientcert.pem
|
|
|
|
cp /etc/pki/CA/farm01_client_key.pem /etc/pki/libvirt/private/clientkey.pem
|
2024-10-10 16:42:59 -05:00
|
|
|
|
|
|
|
farm02:
|
|
|
|
cp /etc/pki/CA/certificate_authority_certificate.pem /etc/pki/CA/cacert.pem
|
|
|
|
mkdir -p /etc/pki/libvirt/private/
|
|
|
|
cp /etc/pki/CA/farm02_server_certificate.pem /etc/pki/libvirt/servercert.pem
|
|
|
|
cp /etc/pki/CA/farm02_server_key.pem /etc/pki/libvirt/private/serverkey.pem
|
2024-10-10 17:14:28 -05:00
|
|
|
cp /etc/pki/CA/farm02_client_certificate.pem /etc/pki/libvirt/clientcert.pem
|
|
|
|
cp /etc/pki/CA/farm02_client_key.pem /etc/pki/libvirt/private/clientkey.pem
|
2024-10-10 17:24:57 -05:00
|
|
|
|
2024-10-10 17:31:25 -05:00
|
|
|
farm03:
|
|
|
|
cp /etc/pki/CA/certificate_authority_certificate.pem /etc/pki/CA/cacert.pem
|
|
|
|
mkdir -p /etc/pki/libvirt/private/
|
|
|
|
cp /etc/pki/CA/farm03_server_certificate.pem /etc/pki/libvirt/servercert.pem
|
|
|
|
cp /etc/pki/CA/farm03_server_key.pem /etc/pki/libvirt/private/serverkey.pem
|
|
|
|
cp /etc/pki/CA/farm03_client_certificate.pem /etc/pki/libvirt/clientcert.pem
|
|
|
|
cp /etc/pki/CA/farm03_client_key.pem /etc/pki/libvirt/private/clientkey.pem
|
|
|
|
|
|
|
|
farm04:
|
|
|
|
cp /etc/pki/CA/certificate_authority_certificate.pem /etc/pki/CA/cacert.pem
|
|
|
|
mkdir -p /etc/pki/libvirt/private/
|
|
|
|
cp /etc/pki/CA/farm04_server_certificate.pem /etc/pki/libvirt/servercert.pem
|
|
|
|
cp /etc/pki/CA/farm04_server_key.pem /etc/pki/libvirt/private/serverkey.pem
|
2024-10-10 18:19:12 -05:00
|
|
|
#cp /etc/pki/CA/farm04_client_certificate.pem /etc/pki/libvirt/clientcert.pem
|
|
|
|
#cp /etc/pki/CA/farm04_client_key.pem /etc/pki/libvirt/private/clientkey.pem
|
2024-10-10 17:31:25 -05:00
|
|
|
|
|
|
|
farm05:
|
|
|
|
cp /etc/pki/CA/certificate_authority_certificate.pem /etc/pki/CA/cacert.pem
|
|
|
|
mkdir -p /etc/pki/libvirt/private/
|
|
|
|
cp /etc/pki/CA/farm05_server_certificate.pem /etc/pki/libvirt/servercert.pem
|
|
|
|
cp /etc/pki/CA/farm05_server_key.pem /etc/pki/libvirt/private/serverkey.pem
|
2024-10-10 18:19:12 -05:00
|
|
|
#cp /etc/pki/CA/farm05_client_certificate.pem /etc/pki/libvirt/clientcert.pem
|
|
|
|
#cp /etc/pki/CA/farm05_client_key.pem /etc/pki/libvirt/private/clientkey.pem
|
2024-10-10 17:31:25 -05:00
|
|
|
|
2024-10-10 17:24:57 -05:00
|
|
|
list-farm01:
|
|
|
|
virsh -c qemu://farm01/system list
|
|
|
|
|
|
|
|
list-farm02:
|
2024-10-10 18:19:12 -05:00
|
|
|
virsh -c qemu://farm02.wit.com/system list
|
2024-10-10 17:31:25 -05:00
|
|
|
|
|
|
|
list-farm03:
|
2024-10-10 18:19:12 -05:00
|
|
|
virsh -c qemu://farm03.wit.com/system list
|
2024-10-10 17:31:25 -05:00
|
|
|
|
|
|
|
list-farm04:
|
|
|
|
virsh -c qemu://farm04/system list
|
|
|
|
|
|
|
|
list-farm05:
|
|
|
|
virsh -c qemu://farm05/system list
|