diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2021-09-03 10:56:39 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2021-09-03 10:56:39 +0000 |
| commit | d2cc38cfddfe3ba8a028f071078c0015be64f51d (patch) | |
| tree | 073c04edacdc910e5479ed5b4e347a44de2ef7e8 | |
| parent | Parsing control file in rules to automatically enable packages. (diff) | |
| download | open-infrastructure-service-tools-d2cc38cfddfe3ba8a028f071078c0015be64f51d.tar.xz open-infrastructure-service-tools-d2cc38cfddfe3ba8a028f071078c0015be64f51d.zip | |
Adding remaining configuration options for dehydrated preseeding.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
| -rw-r--r-- | debian/open-infrastructure-dehydrated-tools.config | 27 | ||||
| -rwxr-xr-x | debian/open-infrastructure-dehydrated-tools.postinst | 52 | ||||
| -rw-r--r-- | debian/open-infrastructure-dehydrated-tools.templates | 24 |
3 files changed, 103 insertions, 0 deletions
diff --git a/debian/open-infrastructure-dehydrated-tools.config b/debian/open-infrastructure-dehydrated-tools.config index e795e68..28c38ed 100644 --- a/debian/open-infrastructure-dehydrated-tools.config +++ b/debian/open-infrastructure-dehydrated-tools.config @@ -21,6 +21,15 @@ db_settitle open-infrastructure-dehydrated-tools/title db_input low open-infrastructure-dehydrated-tools/ca || true db_go +if [ -n "${AUTO_CLEANUP}" ] +then + db_set open-infrastructure-dehydrated-tools/auto-cleanup "${AUTO_CLEANUP}" +fi + +db_settitle open-infrastructure-dehydrated-tools/title +db_input low open-infrastructure-dehydrated-tools/auto-cleanup || true +db_go + if [ -n "${CHALLENGETYPE}" ] then db_set open-infrastructure-dehydrated-tools/challengetype "${CHALLENGETYPE}" @@ -60,4 +69,22 @@ then db_go fi +if [ -n "${OCSP_FETCH}" ] +then + db_set open-infrastructure-dehydrated-tools/ocsp-fetch "${OCSP_FETCH}" +fi + +db_settitle open-infrastructure-dehydrated-tools/title +db_input low open-infrastructure-dehydrated-tools/ocsp-fetch || true +db_go + +if [ -n "${OCSP_MUST_STAPLE}" ] +then + db_set open-infrastructure-dehydrated-tools/ocsp-must-staple "${OCSP_MUST_STAPLE}" +fi + +db_settitle open-infrastructure-dehydrated-tools/title +db_input low open-infrastructure-dehydrated-tools/ocsp-must-staple || true +db_go + db_stop diff --git a/debian/open-infrastructure-dehydrated-tools.postinst b/debian/open-infrastructure-dehydrated-tools.postinst index e7e5ce5..5734044 100755 --- a/debian/open-infrastructure-dehydrated-tools.postinst +++ b/debian/open-infrastructure-dehydrated-tools.postinst @@ -86,6 +86,9 @@ case "${1}" in db_get open-infrastructure-dehydrated-tools/ca CA="${RET}" # select + db_get open-infrastructure-dehydrated-tools/auto-cleanup + AUTO_CLEANUP="${RET}" # boolean + db_get open-infrastructure-dehydrated-tools/challengetype CHALLENGETYPE="${RET}" # select @@ -101,11 +104,60 @@ case "${1}" in db_get open-infrastructure-dehydrated-tools/register REGISTER="${RET}" # boolean + db_get open-infrastructure-dehydrated-tools/ocsp-fetch + OCSP_FETCH="${RET}" # boolean + + db_get open-infrastructure-dehydrated-tools/ocsp-must-staple + OCSP_MUST_STAPLE="${RET}" # boolean + db_stop + case "${AUTO_CLEANUP}" in + true) + AUTO_CLEANUP="yes" + ;; + + false) + AUTO_CLEANUP="no" + ;; + esac + + case "${REGISTER}" in + true) + REGISTER="yes" + ;; + + false) + REGISTER="no" + ;; + esac + + case "${OCSP_FETCH}" in + true) + OCSP_FETCH="yes" + ;; + + false) + OCSP_FETCH="no" + ;; + esac + + case "${OCSP_MUST_STAPLE}" in + true) + OCSP_MUST_STAPLE="yes" + ;; + + false) + OCSP_MUST_STAPLE="no" + ;; + esac + Config /etc/dehydrated/conf.d/ca.sh CA ${CA} + Config /etc/dehydrated/conf.d/cleanup.sh AUTO_CLEANUP ${AUTO_CLEANUP} Config /etc/dehydrated/conf.d/challenge.sh CHALLENGETYPE ${CHALLENGETYPE} Config /etc/dehydrated/conf.d/contact.sh CONTACT_EMAIL ${CONTACT_EMAIL} + Config /etc/dehydrated/conf.d/ocsp.sh OCSP_FETCH ${OCSP_FETCH} + Config /etc/dehydrated/conf.d/ocsp.sh OCSP_MUST_STAPLE ${OCSP_MUST_STAPLE} for HOOK in $(cd /usr/share/dehydrated/hooks && find -maxdepth 1 -not -type d -printf '%P\n' | sort) do diff --git a/debian/open-infrastructure-dehydrated-tools.templates b/debian/open-infrastructure-dehydrated-tools.templates index 7f14cb9..e074de6 100644 --- a/debian/open-infrastructure-dehydrated-tools.templates +++ b/debian/open-infrastructure-dehydrated-tools.templates @@ -11,6 +11,14 @@ Description: dehydrated Certificate Authority (CA): . If unsure, use letsencrypt (default). +Template: open-infrastructure-dehydrated-tools/auto-clean +Type: boolean +Default: no +Description: dehydrated auto clean: + Please select the Certificate Authority to use with dehydrated. + . + If unsure, use letsencrypt (default). + Template: open-infrastructure-dehydrated-tools/challengetype Type: select Choices: dns-01, http-01 @@ -49,3 +57,19 @@ Default: false Description: dehydrated register: Should a 'dehydrated --register --accept-terms' be executed now to create an account for this system with your CA. + +Template: open-infrastructure-dehydrated-tools/ocsp-fetch +Type: boolean +Default: false +Description: dehydrated OCSP fetch: + Should dehydrated automatically fetch the OCSP signature? + . + If unsure, use 'no' (default). + +Template: open-infrastructure-dehydrated-tools/ocsp-must-staple +Type: boolean +Default: false +Description: dehydrated OCSP must staple: + Should dehydrated request certificates that must use OCSP stapling? + . + If unsure, use 'no' (default). |