| 12345678910111213141516171819202122232425262728293031323334 |
- {% macro gen_keys(values) -%}
- #!/bin/sh
- set -e
- {%- set base_cmd = "/usr/local/concourse/bin/concourse generate-key -t" %}
- {%- set signing_key = "%s/session_signing_key" | format(values.consts.keys_path) %}
- {%- set tsa_host_key = "%s/tsa_host_key" | format(values.consts.keys_path) %}
- {%- set worker_key = "%s/worker_key" | format(values.consts.keys_path) %}
- {%- set authorized_keys = "%s/authorized_keys.pub" | format(values.consts.keys_path) %}
- [ ! -f "{{ signing_key }}" ] \
- && { echo "Generating session signing key..."; {{ base_cmd }} rsa -f {{ signing_key }}; } \
- || echo "Session signing key already exists."
- [ ! -f "{{ tsa_host_key }}" ] \
- && { echo "Generating TSA host key..."; {{ base_cmd }} ssh -f {{ tsa_host_key }}; } \
- || echo "TSA host key already exists."
- [ ! -f "{{ worker_key }}" ] \
- && { echo "Generating worker key..."; {{ base_cmd }} ssh -f {{ worker_key }}; } \
- || echo "Worker key already exists."
- [ ! -f "{{ authorized_keys }}" ] \
- && { echo "Creating authorized keys file..."; touch {{ authorized_keys }}; } \
- || echo "Authorized keys file already exists."
- worker_key=$(cat {{ worker_key }}.pub)
- grep -q "$worker_key" {{ authorized_keys }} \
- && echo "Worker key already exists in authorized keys." \
- || { echo "Adding worker key to authorized keys..."; echo "$worker_key" >> {{ authorized_keys }}; }
- echo "Done."
- {% endmacro %}
|
