Added auth, environment brief, docker for db_migrations,frontend,backend.

services/device_manager/.dockerignore

@@ -6,4 +6,5 @@ __pycache__/
 *.pyd
 *.crl
 *.crt
-*.pem
+*.pem
+*.sh

services/device_manager/gen_ca.sh

@@ -0,0 +1,34 @@
+#!/bin/bash
+set -e
+
+CERT_DIR="certs"
+SERVER_IP="${1:-localhost}"
+
+mkdir -p "$CERT_DIR"
+
+openssl genrsa -out "$CERT_DIR/ca.key" 4096
+openssl req -new -x509 -days 3650 -key "$CERT_DIR/ca.key" -out "$CERT_DIR/ca.crt" \
+    -subj "/C=MK/ST=State/L=City/O=IoTDashboard/OU=DeviceManager/CN=IoT Device CA"
+
+openssl genrsa -out "$CERT_DIR/server.key" 4096
+openssl req -new -key "$CERT_DIR/server.key" -out "$CERT_DIR/server.csr" \
+    -subj "/C=MK/ST=State/L=City/O=IoTDashboard/OU=MQTT/CN=$SERVER_IP"
+
+cat > "$CERT_DIR/server.ext" << EOF
+subjectAltName = @alt_names
+[alt_names]
+IP.1 = $SERVER_IP
+DNS.1 = localhost
+EOF
+
+openssl x509 -req -in "$CERT_DIR/server.csr" -CA "$CERT_DIR/ca.crt" -CAkey "$CERT_DIR/ca.key" \
+    -CAcreateserial -out "$CERT_DIR/server.crt" -days 365 -sha256 -extfile "$CERT_DIR/server.ext"
+
+rm "$CERT_DIR/server.csr" "$CERT_DIR/server.ext" "$CERT_DIR/ca.srl"
+
+chmod 600 "$CERT_DIR/ca.key" "$CERT_DIR/server.key"
+chmod 644 "$CERT_DIR/ca.crt" "$CERT_DIR/server.crt"
+
+echo "Certificates created:"
+echo "  CA: $CERT_DIR/ca.crt"
+echo "  Server: $CERT_DIR/server.crt (valid for $SERVER_IP)"

services/device_manager/generate_ca.sh

@@ -1,34 +1,39 @@
 #!/bin/bash
-# Script to generate a Certificate Authority (CA) for IoT devices
-CERT_DIR="certs"
-CA_KEY="$CERT_DIR/ca.key"
-CA_CERT="$CERT_DIR/ca.crt"
+set -e
+
+CERT_DIR="certs"
+DOMAINS="${@:-localhost}"
 
-# Create certs directory
 mkdir -p "$CERT_DIR"
 
-echo "Generating CA Certificate Authority..."
+echo "Generating CA..."
+openssl genrsa -out "$CERT_DIR/ca.key" 4096
+openssl req -new -x509 -days 3650 -key "$CERT_DIR/ca.key" -out "$CERT_DIR/ca.crt" \
+    -subj "/C=MK/ST=State/L=City/O=IoTDashboard/OU=DeviceManager/CN=IoT Device CA"
 
-# Generate CA private key (4096-bit RSA)
-openssl genrsa -out "$CA_KEY" 4096
-echo "Generated CA private key: $CA_KEY"
+echo "Generating server certificate..."
+openssl genrsa -out "$CERT_DIR/server.key" 4096
+openssl req -new -key "$CERT_DIR/server.key" -out "$CERT_DIR/server.csr" \
+    -subj "/C=MK/ST=State/L=City/O=IoTDashboard/OU=MQTT/CN=${1:-localhost}"
 
-# Generate CA certificate (valid for 10 years)
-openssl req -new -x509 -days 3650 -key "$CA_KEY" -out "$CA_CERT" \
-    -subj "/C=US/ST=State/L=City/O=IoTDashboard/OU=DeviceManager/CN=IoT Device CA"
-echo "Generated CA certificate: $CA_CERT"
+echo "subjectAltName = @alt_names" > "$CERT_DIR/server.ext"
+echo "[alt_names]" >> "$CERT_DIR/server.ext"
 
-# Set secure permissions
-chmod 600 "$CA_KEY"
-chmod 644 "$CA_CERT"
+INDEX=1
+for DOMAIN in $DOMAINS; do
+    if [[ $DOMAIN =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+        echo "IP.$INDEX = $DOMAIN" >> "$CERT_DIR/server.ext"
+    else
+        echo "DNS.$INDEX = $DOMAIN" >> "$CERT_DIR/server.ext"
+    fi
+    INDEX=$((INDEX + 1))
+done
 
-echo ""
-echo "CA Certificate Authority created successfully!"
-echo ""
-echo "CA Certificate Details:"
-openssl x509 -in "$CA_CERT" -noout -text | grep -A 2 "Subject:"
-echo ""
-echo "Valid from:"
-openssl x509 -in "$CA_CERT" -noout -startdate
-echo "Valid until:"
-openssl x509 -in "$CA_CERT" -noout -enddate
+openssl x509 -req -in "$CERT_DIR/server.csr" -CA "$CERT_DIR/ca.crt" -CAkey "$CERT_DIR/ca.key" \
+    -CAcreateserial -out "$CERT_DIR/server.crt" -days 365 -sha256 -extfile "$CERT_DIR/server.ext"
+
+rm "$CERT_DIR/server.csr" "$CERT_DIR/server.ext" "$CERT_DIR/ca.srl"
+chmod 600 "$CERT_DIR/ca.key" "$CERT_DIR/server.key"
+chmod 644 "$CERT_DIR/ca.crt" "$CERT_DIR/server.crt"
+
+echo "Done! Server cert valid for: $DOMAINS"