Merge pull request #35 from gpproton/dev

Merge pending linux changes

.gitignore

@@ -1 +1,2 @@
 .env
+.vagrant

Vagrantfile

@@ -0,0 +1,45 @@
+default_box = 'generic/alma9'
+timeout = 1200
+nodes = [
+  { :hostname => 'alma-linux', :ip => '10.10.0.10', :box => default_box, :ram => 512, :cpus => 1 }
+]
+
+Vagrant.configure("2") do |config|
+  nodes.each do |node|
+    config.vm.define node[:hostname] do |nodeconfig|
+      nodeconfig.vm.boot_timeout = timeout
+      nodeconfig.vm.box = node[:box] ? node[:box] : default_box
+      nodeconfig.vm.hostname = node[:hostname] + ".shell-assist"
+      nodeconfig.vm.network :private_network, ip: node[:ip]
+      nodeconfig.vm.provider :libvirt do |vb|
+        vb.memory = node[:ram]
+        vb.cpus = node[:cpus]
+      end
+      memory = node[:ram]
+      nodeconfig.vm.provider :virtualbox do |vb|
+        vb.name = node[:hostname]
+        vb.linked_clone = true
+        vb.memory = node[:ram]
+        vb.cpus = node[:cpus]
+        vb.customize [
+          "modifyvm", :id,
+          "--cpuexecutioncap", "50",
+          "--memory", memory.to_s,
+        ]
+      end
+      nodeconfig.vm.provision :shell, inline: <<-SHELL
+        fi_username=vagrant
+        fi_password=vagrant
+        echo 'initializing...'
+        sleep 5
+        echo 'setting default password...'
+        usermod --password $(echo $fi_password | openssl passwd -1 -stdin) $fi_username
+        echo 'enabling password auth ...'
+        sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config
+        echo "restarting ssh service.."
+        systemctl restart sshd
+        rm -rf /tmp/*
+      SHELL
+    end
+  end
+end

alias/docker-stack.sh

@@ -1,16 +1,9 @@
-docker_utils="$(dirname $0)/../docker-utils.sh"
-if [ -f "$docker_utils" ]; then
-  source $docker_utils
-fi
-
+# source "$(dirname $0)/../util/docker-utils.sh"
 function dsd() {
-  unset ddir
-  ddir=${2:-${PWD##*/}}
-  fn-get-file $ddir $1
-  (
-    [ -f $env_file ] && export $(sed '/^#/d' $env_file)
-    docker stack deploy --prune --compose-file $compose_file $stack
-  )
+  stack=${2:-${PWD##*/}}
+  compose_file=${1:-docker-compose.yaml}
+  docker stack deploy -c <(echo -e "version: '3.9'"; docker compose -f "$compose_file" config | (sed "/published:/s/\"//g") | (sed "/^name:/d")) "$stack"
+  unset compose_file stack_name
 }
 
 alias dsrm="docker stack rm"

alias/general.sh

@@ -73,3 +73,11 @@ alias fastping='ping -c 100 -s.2'
 alias ports='netstat -tulanp'
 
 alias wget='wget -c'
+
+alias dev="cd $HOME/dev-box"
+alias sand="cd $HOME/dev-sandbox"
+alias dbox="cd $HOME/devilbox"
+alias ddocs="cd $HOME/dev-docs"
+alias drand="cd $HOME/dev-randoms"
+alias diot="cd $HOME/dev-iot"
+alias dmedia="cd $HOME/dev-media"

certificate/localhost.conf

@@ -1,11 +1,34 @@
+[ca]
+default_ca = CA_default
+[CA_default]
+default_days = 3650
+default_md = md5
+preserve = no
+email_in_dn = no
+nameopt = default_ca
+certopt = default_ca
+policy = policy_match
+[policy_match]
+countryName = match
+stateOrProvinceName = match
+organizationName = match
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
 [req]
 prompt = no
-default_bits = 2048
+default_bits = 4096
 distinguished_name = subject
 req_extensions = req_ext
 x509_extensions = x509_ext
 [subject]
 commonName = localhost
+0.organizationName = 11 Clouds
+organizationalUnitName = Development
+emailAddress = me@godwin.dev
+localityName = Aurora
+stateOrProvinceName = Carlifonia
+countryName = US
 [req_ext]
 basicConstraints = critical, CA:true
 subjectAltName = @alt_names

certificate/setup.sh

@@ -11,7 +11,7 @@ function setup_certificate() {
 
         if [[ -f $HOME/$certificate_config ]]; then
             echo "generating certificate keys"
-            openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \
+            openssl req -x509 -nodes -days 3650 -newkey rsa:4096 \
                 -keyout $certificate_root/localhost.key \
                 -out $certificate_root/localhost.crt \
                 -config $certificate_root/localhost.conf
@@ -22,9 +22,6 @@ function setup_certificate() {
         if [[ $os_type -eq "linux" ]]; then
             if [[ $os_variant -eq "opensuse" ]]; then
                 echo "apply private key for $os_variant"
-                ## posible cert locations
-                # 0: /usr/share/pki/trust/anchors
-                # 1: /etc/pki/trust/anchors
                 sudo cp $certificate_root/localhost.crt /etc/pki/trust/anchors
                 sudo update-ca-certificates
             fi

linux/dotnet.md

@@ -13,6 +13,8 @@ cat >>"$HOME/.bashrc" <<SHELL
 export DOTNET_ROOT=\$HOME/.dotnet
 export PATH=\$PATH:\$DOTNET_ROOT
 export PATH=\$PATH:\$DOTNET_ROOT/tools
+export ASPNETCORE_Kestrel__Certificates__Default__Password=""
+export ASPNETCORE_Kestrel__Certificates__Default__Path="\$HOME/localhost.pfx"
 ## end dotnet
 SHELL
 # source $HOME/.profile
@@ -26,4 +28,28 @@ dotnet --info
 ```bash
 dotnet dev-certs https --clean --import $HOME/localhost.pfx -p ""
 dotnet dev-certs https --trust
+dotnet dev-certs https -ep $HOME/certificate/localhost.crt --format PEM
+dotnet dev-certs https -ep $HOME/certificate/localhost.crt -p "" --trust --format PEM
+```
+
+```bash
+## setup nss-tools or mozilla-nss-tools
+cert_path=$HOME/certificate
+cert_name="localhost"
+
+## Chromium-based Browsers
+certutil -d sql:$HOME/.pki/nssdb -A -t "P,," -n ${cert_name} -i ${cert_path}/${cert_name}.crt
+certutil -d sql:$HOME/.pki/nssdb -A -t "C,," -n ${cert_name} -i ${cert_path}/${cert_name}.crt
+
+## Mozilla Firefox
+firefox_profile=""
+certutil -d sql:$HOME/.mozilla/firefox/${firefox_profile}/ -A -t "P,," -n ${cert_name} -i ${cert_path}/${cert_name}.crt
+certutil -d sql:$HOME/.mozilla/firefox/${firefox_profile}/ -A -t "C,," -n ${cert_name} -i ${cert_path}/${cert_name}.crt
+
+
+## Fix corrupted store
+mv ~/.pki/nssdb ~/.pki/nssdb.corrupted
+mkdir ~/.pki/nssdb
+chmod 700 ~/.pki/nssdb
+certutil -d sql:$HOME/.pki/nssdb -N
 ```

setup.sh

@@ -1,13 +1,11 @@
 #!/bin/bash
 
-os_defaults="$(dirname $0)/util/defaults.sh"
+source "$(dirname $0)/util/defaults.sh"
 
 # Load OS information
-if [ -f "$os_defaults" ]; then
-    source $os_defaults && load_os_information
-    load_environment_variables
-    load_shell_properties
-fi
+load_os_information
+load_environment_variables
+load_shell_properties
 
 function help_content() {
     cat <<-EOF