diff --git a/container/env b/container/env deleted file mode 100644 index 4f94e66..0000000 --- a/container/env +++ /dev/null @@ -1,4 +0,0 @@ -POSTGRES_USER=koji -POSTGRES_PASSWORD=kojipass -POSTGRES_DB=koji -POSTGRES_HOST=localhost diff --git a/container/ssl-ca.sh b/container/ssl-ca.sh deleted file mode 100755 index 885c67f..0000000 --- a/container/ssl-ca.sh +++ /dev/null @@ -1,42 +0,0 @@ -#!/bin/bash -set -eux - -HOME=pki/koji -CONF=ssl.cnf - -# prepare the directories -mkdir -p ${HOME}/{certs,private,confs} - -touch "$HOME/index.txt" -echo 01 > "$HOME/serial" - - -# private key -openssl genrsa -out "$HOME/private/koji_ca_cert.key" 2048 - -# CA -openssl req -config $CONF \ - -new -x509 \ - -subj "/C=DE/ST=BE/L=BE/O=RH/CN=koji" \ - -days 3650 \ - -key "${HOME}/private/koji_ca_cert.key" \ - -out "${HOME}/koji_ca_cert.crt" \ - -extensions v3_ca - -# -openssl genrsa -out "${HOME}/private/kojihub.key" 2048 - -openssl req -new -sha256 \ - -config $CONF \ - -key "${HOME}/private/kojihub.key" \ - -out "${HOME}/certs/kojihub.csr" \ - -subj "/C=DE/ST=BE/L=BE/O=RH/CN=localhost" - -openssl x509 -req \ - -sha256 \ - -in "${HOME}/certs/kojihub.csr" \ - -CA "$HOME/koji_ca_cert.crt" \ - -CAkey "$HOME/private/koji_ca_cert.key" \ - -CAcreateserial \ - -out "${HOME}/certs/kojihub.crt" - diff --git a/container/ssl-user.sh b/container/ssl-user.sh deleted file mode 100755 index 50f6a9a..0000000 --- a/container/ssl-user.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/bash -set -eux - -USER=$1 -PASS="pass" -CONF=ssl.cnf -CACERT="koji_ca_cert.crt" -CAKEY="koji_ca_cert.key" - -SSLHOME=pki/koji - -openssl genrsa -out ${SSLHOME}/private/${USER}.key 2048 - -openssl req \ - -config ${CONF} \ - -new -nodes \ - -out ${SSLHOME}/certs/${USER}.csr \ - -key ${SSLHOME}/private/${USER}.key \ - -subj "/C=DE/ST=BE/L=BE/O=RH/CN=${USER}/emailAddress=${USER}@kojihub.local" - -openssl ca \ - -config ${CONF} \ - -batch \ - -keyfile ${SSLHOME}/private/${CAKEY} \ - -cert ${SSLHOME}/${CACERT} \ - -out ${SSLHOME}/certs/${USER}.crt \ - -outdir ${SSLHOME}/certs \ - -infiles ${SSLHOME}/certs/${USER}.csr - -cat ${SSLHOME}/certs/${USER}.crt ${SSLHOME}/private/${USER}.key > ${SSLHOME}/certs/${USER}.pem - -CLIHOME=ssl/${USER} -rm -rf ${CLIHOME} -mkdir -p ${CLIHOME} - -cp ${SSLHOME}/certs/${USER}.crt ${CLIHOME}/client.crt -cp ${SSLHOME}/certs/${USER}.pem ${CLIHOME}/client.pem -cp ${SSLHOME}/${CACERT} ${CLIHOME}/clientca.crt -cp ${SSLHOME}/${CACERT} ${CLIHOME}/serverca.crt - diff --git a/container/ssl.cnf b/container/ssl.cnf deleted file mode 100644 index d208d92..0000000 --- a/container/ssl.cnf +++ /dev/null @@ -1,75 +0,0 @@ -HOME = . -RANDFILE = .rand - -[ca] -default_ca = ca_default - -[ca_default] -dir = pki/koji -certs = $dir/certs -crl_dir = $dir/crl -database = $dir/index.txt -new_certs_dir = $dir/newcerts -certificate = $dir/%s_ca_cert.pem -private_key = $dir/private/%s_ca_key.pem -serial = $dir/serial -crl = $dir/crl.pem -x509_extensions = usr_cert -name_opt = ca_default -cert_opt = ca_default -default_days = 3650 -default_crl_days = 30 -default_md = sha256 -preserve = no -policy = policy_match - -[policy_match] -countryName = match -stateOrProvinceName = match -organizationName = match -organizationalUnitName = optional -commonName = supplied -emailAddress = optional - -[req] -default_bits = 2048 -default_keyfile = privkey.pem -default_md = sha256 -distinguished_name = req_distinguished_name -attributes = req_attributes -x509_extensions = v3_ca # The extensions to add to the self signed cert -string_mask = MASK:0x2002 - -[req_distinguished_name] -countryName = Country Name (2 letter code) -countryName_default = DE -countryName_min = 2 -countryName_max = 2 -stateOrProvinceName = Berlin -stateOrProvinceName_default = Berlin -localityName = Locality Name (eg, city) -localityName_default = Berlin -0.organizationName = Berlin -0.organizationName_default = Red Hat -organizationalUnitName = Red Hat -commonName = Common Name (eg, your name or your server\'s hostname) -commonName_max = 64 -emailAddress = Email Address -emailAddress_max = 64 - -[req_attributes] -challengePassword = A challenge password -challengePassword_min = 4 -challengePassword_max = 20 -unstructuredName = An optional company name - -[usr_cert] -basicConstraints = CA:FALSE -nsComment = "OpenSSL Generated Certificate" -subjectKeyIdentifier = hash -authorityKeyIdentifier = keyid,issuer:always - -[v3_ca] -subjectKeyIdentifier = hash -authorityKeyIdentifier = keyid:always,issuer:always -basicConstraints = CA:true \ No newline at end of file diff --git a/env b/env deleted file mode 100644 index 4f94e66..0000000 --- a/env +++ /dev/null @@ -1,4 +0,0 @@ -POSTGRES_USER=koji -POSTGRES_PASSWORD=kojipass -POSTGRES_DB=koji -POSTGRES_HOST=localhost diff --git a/run.sh b/run.sh deleted file mode 100755 index cbf38d8..0000000 --- a/run.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/usr/bin/bash -set -eux - -shutdown () { - EXIT_CODE=$? - - echo "Shutting down containers, please wait..." - - podman stop koji.db || true - podman stop koji.hub || true - podman pod rm -f koji || true - - exit $EXIT_CODE -} - -trap shutdown EXIT - -mkdir -p mnt/koji - -podman pod create --name koji -p 5432 -p 8080:80 -p 8081:443 - -podman run -d --rm \ - --env-file container/env \ - --pod koji \ - --name koji.db \ - postgres:12-alpine - -podman run -it --rm \ - --env-file container/env \ - --pod koji \ - -v $(pwd)/container/pki/koji:/etc/pki/koji:Z \ - -v $(pwd)/mnt:/mnt:Z \ - --name koji.hub \ - koji-server - -echo "Running, press CTRL+C to stop..." -sleep infinity