# # simple-pki - scripts to handle a simple pki # # Copyright (c) 2019 Erich Eckner # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, # USA. # DESTDIR = ETCDIR = /etc BINDIR = /usr/bin LIBDIR = /usr/lib MANDIR = /usr/share/man VERSION = 0.0 all: rotate-keys rotate-keys.service sign-ca sign-ca.service sign-request etc/ca-ssl.conf %: %.in sed " \ s/#VERSION#/$(VERSION)/; \ s@#BINDIR#@$(BINDIR)@g; \ s@#ETCDIR#@$(ETCDIR)@g; \ s@#HELPTEXT#\(\s\+\)#@ --help \1display this help and exit\n --version\1display version and exit@; \ " $< > $@ [ "$@" = "sign-ca" ] && chmod +x "$@" || true [ "$@" = "rotate-keys" ] && chmod +x "$@" || true .PHONY: install-ca install-cb dist clean install-ca: install -D -m0755 -t $(DESTDIR)$(BINDIR) sign-ca sign-request install -D -m0644 -t $(DESTDIR)$(ETCDIR)/simple-pki etc/ca.conf etc/ca-ssl.conf install -D -m0644 -t $(DESTDIR)$(LIBDIR)/systemd/system sign-ca.service sign-ca.timer install -d -m0755 $(DESTDIR)$(ETCDIR)/simple-pki/ca/root-ca/db $(DESTDIR)$(ETCDIR)/simple-pki/ca/signing-ca/db $(DESTDIR)$(ETCDIR)/simple-pki/crl $(DESTDIR)$(ETCDIR)/simple-pki/certs install -d -m0700 $(DESTDIR)$(ETCDIR)/simple-pki/ca/root-ca/private $(DESTDIR)$(ETCDIR)/simple-pki/ca/signing-ca/private install -m 644 -t $(DESTDIR)$(ETCDIR)/simple-pki/ca/root-ca/db/root-ca.db /dev/null install -m 644 -t $(DESTDIR)$(ETCDIR)/simple-pki/ca/signing-ca/db/signing-ca.db /dev/null install -m 644 -t $(DESTDIR)$(ETCDIR)/simple-pki/ca/root-ca/db/root-ca.db.attr /dev/null install -m 644 -t $(DESTDIR)$(ETCDIR)/simple-pki/ca/signing-ca/db/signing-ca.db.attr /dev/null echo 01 | install -m 644 -t $(DESTDIR)$(ETCDIR)/simple-pki/ca/root-ca/db/root-ca.crt.srl /dev/stdin echo 01 | install -m 644 -t $(DESTDIR)$(ETCDIR)/simple-pki/ca/signing-ca/db/signing-ca.crt.srl /dev/stdin echo 01 | install -m 644 -t $(DESTDIR)$(ETCDIR)/simple-pki/ca/root-ca/db/root-ca.crl.srl /dev/stdin echo 01 | install -m 644 -t $(DESTDIR)$(ETCDIR)/simple-pki/ca/signing-ca/db/signing-ca.crl.srl /dev/stdin install-cb: install -D -m0755 -t $(DESTDIR)$(BINDIR) rotate-keys install -D -m0644 -t $(DESTDIR)$(ETCDIR)/simple-pki etc/cb.conf server-ssl.conf install -D -m0644 -t $(DESTDIR)$(LIBDIR)/systemd/system rotate-keys.service rotate-keys.timer clean: ls -A | \ grep "^\($(shell sed 's|\.|\\.|; s|\*|.*|; s|$$|\\|' .gitignore | tr '\n' '\|')\)\$$" | \ xargs -r rm dist: clean git status --porcelain 2> /dev/null | grep -q "\S" && (git add .; git commit -m"neue Version: $(VERSION)") || true ! git tag -d v$(VERSION) 2> /dev/null git tag v$(VERSION) git push git push --tags # End of file