Merge pull request #33 from gpproton/dev

certificate setup for openSUSE
gpproton · Jul 16, 2023 · 5a6c3a9 · 5a6c3a9
2 parents 0a6d501 + 1173a2e
commit 5a6c3a9
Show file tree

Hide file tree

Showing 4 changed files with 87 additions and 13 deletions.
diff --git a/certificate/setup.sh b/certificate/setup.sh
@@ -6,28 +6,42 @@ function setup_certificate() {
     certificate_config="certificate/localhost.conf"
 
     if [[ -d $HOME/certificate ]]; then
-        echo "$(dirname $0)/$certificate_config"
+        rm -rf $certificate_root/*
         cp "$(dirname $0)/$certificate_config" $HOME/$certificate_config
 
         if [[ -f $HOME/$certificate_config ]]; then
             echo "generating certificate keys"
-            openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
+            openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \
                 -keyout $certificate_root/localhost.key \
                 -out $certificate_root/localhost.crt \
                 -config $certificate_root/localhost.conf
+            echo "converting crt file to pem"
+            openssl x509 -inform pem -in $certificate_root/localhost.crt -out $certificate_root/localhost.pem
         fi
 
-        if [[ $os_variant == "openSUSE" ]]; then
-            echo "apply private key for $os_variant"
-            sudo cp $certificate_root/localhost.crt /usr/share/pki/trust/anchors
-            sudo update-ca-certificates
-        fi
+        if [[ $os_type -eq "linux" ]]; then
+            if [[ $os_variant -eq "opensuse" ]]; then
+                echo "apply private key for $os_variant"
+                ## posible cert locations
+                # 0: /usr/share/pki/trust/anchors
+                # 1: /etc/pki/trust/anchors
+                sudo cp $certificate_root/localhost.crt /etc/pki/trust/anchors
+                sudo update-ca-certificates
+            fi
 
-        if [[ -f $certificate_root/localhost.crt ]]; then
-            echo verifing generated certificate..
-            openssl verify $certificate_root/localhost.crt
-        fi
+            if [[ -f $certificate_root/localhost.crt ]]; then
+                echo "======================================"
+                echo "verifing generated certificate.."
+                openssl verify -CAfile $certificate_root/localhost.pem $certificate_root/localhost.crt
 
+                echo "genrtate combined certificate file"
+                rm -rf $HOME/localhost.pfx
+                openssl pkcs12 -export \
+                    -passout 'pass:' \
+                    -out $HOME/localhost.pfx \
+                    -inkey $certificate_root/localhost.key \
+                    -in $certificate_root/localhost.crt
+            fi
+        fi
     fi
-
 }
diff --git a/linux/dotnet.md b/linux/dotnet.md
@@ -0,0 +1,29 @@
+# dotnet related tops and tricks
+
+## un-proviledged setup script
+
+```bash
+mkdir -p $HOME/.dotnet
+curl "https://dotnet.microsoft.com/download/dotnet/scripts/v1/dotnet-install.sh" -o $HOME/.dotnet/dotnet-install
+chmod +x $HOME/.dotnet/dotnet-install
+$HOME/.dotnet/dotnet-install -c LTS --install-dir $HOME/.dotnet
+
+cat >>"$HOME/.bashrc" <<SHELL
+## start dotnet
+export DOTNET_ROOT=\$HOME/.dotnet
+export PATH=\$PATH:\$DOTNET_ROOT
+export PATH=\$PATH:\$DOTNET_ROOT/tools
+## end dotnet
+SHELL
+# source $HOME/.profile
+## or
+## source $HOME/.zshrc
+dotnet --info
+```
+
+## import certificates
+
+```bash
+dotnet dev-certs https --clean --import $HOME/localhost.pfx -p ""
+dotnet dev-certs https --trust
+```
diff --git a/setup.sh b/setup.sh
@@ -57,7 +57,7 @@ case $1 in
 "docker")
     echo "Starting docker setup..."
     ;;
-"certificate")
+"cert")
     echo "Starting self signed certificate setup..."
     certificate="$(dirname $0)/certificate/setup.sh"
     if [ -f $certificate ]; then source $certificate && setup_certificate; fi

diff --git a/test.ps1 b/test.ps1
@@ -0,0 +1,31 @@
+param(
+    [Parameter(Mandatory=$False, Position=0, ValueFromPipeline=$false)]
+    [System.String]
+    $Param1="help",
+
+    [Parameter(Mandatory=$False, Position=1, ValueFromPipeline=$false)]
+    [System.String]
+    $Param2="xx-xx-xx"
+)
+
+Write-Host $Param2
+
+if ($Param1 -eq "help") {
+    Write-Host $Param1
+}
+
+# $isAdmin=([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)
+# if (!$isAdmin) { 
+#     # Start-Process pwsh "-NoLogo -ExecutionPolicy Bypass -Command $PSCommandPath -Param1 $Param1 -Param2 $Param2" -Verb RunAs; # //Run this script as Administrator.
+#     # exit # //Exit from this non elevated context.
+# }
+# Write-Host $isAdmin
+
+# function Test-Admin {
+#     $currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent())
+#     $currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
+# }
+# # If we are in a non-admin execution. Execute this script as admin
+# if ((Test-Admin) -eq $false) {
+#     exit
+# }