# https://wiki.libvirt.org/TLSDaemonConfiguration.html

STAMP = $(shell date +%Y%m%d.%H%M%S)

ls:
	@echo "make all   # will make the cert file and debian package"

all:
	make make-ca-private-key
	make make-Certificate-Authority-Certificate-file
	cd farm && make all
	cd client && make all
	make create

tag:
	git tag -m 'first tag' v0.0.1
	git push --tags

make-ca-private-key:
	certtool --generate-privkey > certificate_authority_key.pem
	# umask 277 certificate_authority_key.pem
	make ls

make-Certificate-Authority-Certificate-file:
	certtool --generate-self-signed \
		--template certificate_authority_template.info \
		--load-privkey certificate_authority_key.pem \
		--outfile certificate_authority_certificate.pem

create:
	mkdir -p debian/DEBIAN
	cp control debian/DEBIAN/
	echo "Version: 0."$(STAMP) >> debian/DEBIAN/control
	echo "2.0" > debian/debian-binary
	mkdir -p debian/files/etc/pki/CA/
	cp Makefile debian/files/etc/pki/CA/
	cp *.pem debian/files/etc/pki/CA/
	cp farm/*.pem debian/files/etc/pki/CA/
	cp client/*.pem debian/files/etc/pki/CA/
	chmod 444 debian/files/etc/pki/CA/*.pem
	cd debian/files/ && md5sum etc/pki/CA/* > ../DEBIAN/md5sum
	cd debian/DEBIAN && tar --ignore-failed-read -cvJf ../control.tar.xz {post,pre}{inst,rm} md5sums control
	cd debian/files && tar -cvJf ../data.tar.xz .
	cd debian && ar rcs ../wit-libvirt-tls-cert.$(STAMP).deb debian-binary control.tar.xz data.tar.xz
	dpkg-deb -I wit*.deb

clean:
	rm -f *.pem
	rm -f *.deb
	rm -rf debian/
	cd farm && make clean
	cd client && make clean

farm01:
	cp /etc/pki/CA/certificate_authority_certificate.pem /etc/pki/CA/cacert.pem
	mkdir -p /etc/pki/libvirt/private/
	cp /etc/pki/CA/farm01_server_certificate.pem /etc/pki/libvirt/servercert.pem
	cp /etc/pki/CA/farm01_server_key.pem /etc/pki/libvirt/private/serverkey.pem
	cp /etc/pki/CA/farm01_client_certificate.pem /etc/pki/libvirt/clientcert.pem
	cp /etc/pki/CA/farm01_client_key.pem /etc/pki/libvirt/private/clientkey.pem

farm02:
	cp /etc/pki/CA/certificate_authority_certificate.pem /etc/pki/CA/cacert.pem
	mkdir -p /etc/pki/libvirt/private/
	cp /etc/pki/CA/farm02_server_certificate.pem /etc/pki/libvirt/servercert.pem
	cp /etc/pki/CA/farm02_server_key.pem /etc/pki/libvirt/private/serverkey.pem
	cp /etc/pki/CA/farm02_client_certificate.pem /etc/pki/libvirt/clientcert.pem
	cp /etc/pki/CA/farm02_client_key.pem /etc/pki/libvirt/private/clientkey.pem