#!/bin/bash
##
#
# Vaisala software source code file
#
# Copyright (c) Vaisala Oyj 2014. All rights reserved.
#
##
set -euo pipefail

KEYDIR=/etc/vaisala/radarsw/webapp-proxy/certificates

if [ -r "${KEYDIR}/cert.pem" ]; then
    echo "${KEYDIR}/cert.pem exists, bailing out!" >&2
    exit 1
fi

openssl req -x509 \
    -subj '/CN=factory.default.certificate' \
    -nodes -days 90 \
    -newkey rsa:2048 \
    -keyout "${KEYDIR}/self-signed.key" \
    -out "${KEYDIR}/self-signed.crt"


cat "${KEYDIR}/self-signed.key" "${KEYDIR}/self-signed.crt" > "${KEYDIR}/cert.pem"

chown -R haproxy:root "${KEYDIR}"
chmod 400 "${KEYDIR}/self-signed.key"
chmod 400 "${KEYDIR}/self-signed.crt"
chmod 400 "${KEYDIR}/cert.pem"
