ferdzo/iotDashboard
1
0
Fork 0
mirror of https://github.com/ferdzo/iotDashboard.git synced 2026-04-05 09:06:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Added auth, environment brief, docker for db_migrations,frontend,backend.

Browse Source
This commit is contained in:
Andrej Mickov
2025-12-15 23:40:34 +01:00
parent 3ab81fad8c
commit 1a5bef277d
36 changed files with 1059 additions and 132 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
services/device_manager/generate_ca.sh
View File

@@ -1,34 +1,39 @@
#!/bin/bash
# Script to generate a Certificate Authority (CA) for IoT devices
CERT_DIR="certs"
CA_KEY="$CERT_DIR/ca.key"
CA_CERT="$CERT_DIR/ca.crt"
set -e
CERT_DIR="certs"
DOMAINS="${@:-localhost}"
# Create certs directory
mkdir -p "$CERT_DIR"
echo "Generating CA Certificate Authority..."
echo "Generating CA..."
openssl genrsa -out "$CERT_DIR/ca.key" 4096
openssl req -new -x509 -days 3650 -key "$CERT_DIR/ca.key" -out "$CERT_DIR/ca.crt" \
-subj "/C=MK/ST=State/L=City/O=IoTDashboard/OU=DeviceManager/CN=IoT Device CA"
# Generate CA private key (4096-bit RSA)
openssl genrsa -out "$CA_KEY" 4096
echo "Generated CA private key: $CA_KEY"
echo "Generating server certificate..."
openssl genrsa -out "$CERT_DIR/server.key" 4096
openssl req -new -key "$CERT_DIR/server.key" -out "$CERT_DIR/server.csr" \
-subj "/C=MK/ST=State/L=City/O=IoTDashboard/OU=MQTT/CN=${1:-localhost}"
# Generate CA certificate (valid for 10 years)
openssl req -new -x509 -days 3650 -key "$CA_KEY" -out "$CA_CERT" \
-subj "/C=US/ST=State/L=City/O=IoTDashboard/OU=DeviceManager/CN=IoT Device CA"
echo "Generated CA certificate: $CA_CERT"
echo "subjectAltName = @alt_names" > "$CERT_DIR/server.ext"
echo "[alt_names]" >> "$CERT_DIR/server.ext"
# Set secure permissions
chmod 600 "$CA_KEY"
chmod 644 "$CA_CERT"
INDEX=1
for DOMAIN in $DOMAINS; do
if [[ $DOMAIN =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "IP.$INDEX = $DOMAIN" >> "$CERT_DIR/server.ext"
else
echo "DNS.$INDEX = $DOMAIN" >> "$CERT_DIR/server.ext"
fi
INDEX=$((INDEX + 1))
done
echo ""
echo "CA Certificate Authority created successfully!"
echo ""
echo "CA Certificate Details:"
openssl x509 -in "$CA_CERT" -noout -text | grep -A 2 "Subject:"
echo ""
echo "Valid from:"
openssl x509 -in "$CA_CERT" -noout -startdate
echo "Valid until:"
openssl x509 -in "$CA_CERT" -noout -enddate
openssl x509 -req -in "$CERT_DIR/server.csr" -CA "$CERT_DIR/ca.crt" -CAkey "$CERT_DIR/ca.key" \
-CAcreateserial -out "$CERT_DIR/server.crt" -days 365 -sha256 -extfile "$CERT_DIR/server.ext"
rm "$CERT_DIR/server.csr" "$CERT_DIR/server.ext" "$CERT_DIR/ca.srl"
chmod 600 "$CERT_DIR/ca.key" "$CERT_DIR/server.key"
chmod 644 "$CERT_DIR/ca.crt" "$CERT_DIR/server.crt"
echo "Done! Server cert valid for: $DOMAINS"