#!/bin/sh # usage: genconfig.sh <template> <apikeydir> <logpublickeyfile> <cacertfile> <logadminkey> <destination> BINDIR=$(dirname $0) template=$1 apikeydir=$2 logpublickeyfile=$3 cacertfile=$4 logadminkey=$5 destination=$6 nodenames=$($BINDIR/compileconfig.py --config=${template} --getnodenames) cat ${template} > ${destination} echo "apikeys:" >> ${destination} for node in ${nodenames}; do \ apipk=$(grep -v '^-----' ${apikeydir}/${node}.pem | tr '\n' ' ') echo " - nodename: ${node}" >> ${destination} echo " publickey: ${apipk}" >> ${destination} done if [ -f ${destination}.version ]; then oldversion=$(cat ${destination}.version) version=$(expr $oldversion + 1) else version=1 fi echo ${version} > ${destination}.version cafingerprint=$(openssl x509 -in ${cacertfile} -noout -sha256 -fingerprint | sed -e 's/.*=//' -e 's/://g') logpk=$(grep -v '^-----' ${logpublickeyfile} | tr '\n' ' ') echo "logpublickey: ${logpk}" >> ${destination} echo "cafingerprint: ${cafingerprint}" >> ${destination} echo "version: ${version}" >> ${destination} openssl dgst -sha256 -sign ${logadminkey} -out ${destination}.sig ${destination}