| #!/bin/bash |
| # |
| # Default CA config |
| # |
| CFSSL_DEFAULT_CACERT="${CONTAINER_SERVICE_DIR}/:ssl-tools/assets/default-ca/default-ca.pem" |
| CFSSL_DEFAULT_CA_KEY="${CONTAINER_SERVICE_DIR}/:ssl-tools/assets/default-ca/default-ca-key.pem" |
| CFSSL_DEFAULT_CA_CONFIG="${CONTAINER_SERVICE_DIR}/:ssl-tools/assets/default-ca/config/ca-config.json" |
| CFSSL_DEFAULT_CSR="${CONTAINER_SERVICE_DIR}/:ssl-tools/assets/default-ca/config/req-csr.json.tmpl" |
| |
| # default csr file params |
| CFSSL_DEFAULT_CA_CSR_CN=${CFSSL_DEFAULT_CA_CSR_CN:-${HOSTNAME}} |
| |
| CFSSL_DEFAULT_CA_CSR_KEY_ALGO=${CFSSL_DEFAULT_CA_CSR_KEY_ALGO:-"ecdsa"} |
| CFSSL_DEFAULT_CA_CSR_KEY_SIZE=${CFSSL_DEFAULT_CA_CSR_KEY_SIZE:-384} |
| |
| CFSSL_DEFAULT_CA_CSR_ORGANIZATION=${CFSSL_DEFAULT_CA_CSR_ORGANIZATION:-"A1A Car Wash"} |
| CFSSL_DEFAULT_CA_CSR_ORGANIZATION_UNIT=${CFSSL_DEFAULT_CA_CSR_ORGANIZATION_UNIT:-"Information Technology Dep."} |
| CFSSL_DEFAULT_CA_CSR_LOCATION=${CFSSL_DEFAULT_CA_CSR_LOCATION:-"Albuquerque"} |
| CFSSL_DEFAULT_CA_CSR_STATE=${CFSSL_DEFAULT_CA_CSR_STATE:-"New Mexico"} |
| CFSSL_DEFAULT_CA_CSR_COUNTRY=${CFSSL_DEFAULT_CA_CSR_COUNTRY:-"US"} |
| |
| # |
| # General CFSSL config |
| # |
| |
| CFSSL_RETRY=${CFSSL_RETRY:-3} |
| CFSSL_RETRY_DELAY=${CFSSL_RETRY_DELAY:-1} |
| |
| # remote config |
| CFSSL_REMOTE=${CFSSL_REMOTE:-} |
| CFSSL_REMOTE_HTTPS_CA_CERT=${CFSSL_REMOTE_HTTPS_CA_CERT:-} |
| |
| # local config |
| CFSSL_CA_CERT=${CFSSL_CA_CERT:-${CFSSL_DEFAULT_CACERT}} |
| CFSSL_CA_KEY=${CFSSL_CA_KEY:-${CFSSL_DEFAULT_CA_KEY}} |
| |
| # gencert |
| CFSSL_CSR=${CFSSL_CSR:-${CFSSL_DEFAULT_CSR}} |
| CFSSL_CSR_JSON=${CFSSL_CSR_JSON:-} |
| CFSSL_CONFIG=${CFSSL_CONFIG:-${CFSSL_CA_CONFIG}} |
| CFSSL_CONFIG_JSON=${CFSSL_CONFIG_JSON:-${CFSSL_CA_CONFIG_JSON}} |
| CFSSL_HOSTNAME=${CFSSL_HOSTNAME:-${HOSTNAME}} |
| CFSSL_PROFILE=${CFSSL_PROFILE:-} |
| CFSSL_LABEL=${CFSSL_LABEL:-} |