diff options
author | Anton Gerasimov <anton@advancedtelematic.com> | 2018-02-15 18:17:36 +0100 |
---|---|---|
committer | Anton Gerasimov <anton@advancedtelematic.com> | 2018-02-15 18:17:36 +0100 |
commit | c6876b9c0a3b5109b21ff6a7169471511f7c2200 (patch) | |
tree | 2995d17ee30ae763665bcf011abc08c4cd8759bb | |
parent | e9886a382edfe447880aec3a2ca4a08f65892181 (diff) | |
download | meta-updater-wip/cacert.tar.gz |
Add provisioning with CAwip/cacert
-rw-r--r-- | recipes-sota/aktualizr/aktualizr-implicit-prov.bb | 39 | ||||
-rw-r--r-- | recipes-sota/aktualizr/aktualizr-mock-implicit-prov.bb | 33 |
2 files changed, 68 insertions, 4 deletions
diff --git a/recipes-sota/aktualizr/aktualizr-implicit-prov.bb b/recipes-sota/aktualizr/aktualizr-implicit-prov.bb index cf3d22c..c8d0c7e 100644 --- a/recipes-sota/aktualizr/aktualizr-implicit-prov.bb +++ b/recipes-sota/aktualizr/aktualizr-implicit-prov.bb | |||
@@ -5,7 +5,7 @@ SECTION = "base" | |||
5 | LICENSE = "MPL-2.0" | 5 | LICENSE = "MPL-2.0" |
6 | LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" | 6 | LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" |
7 | 7 | ||
8 | DEPENDS = "aktualizr-native" | 8 | DEPENDS = "aktualizr-native openssl-native" |
9 | RDEPENDS_${PN} = "aktualizr" | 9 | RDEPENDS_${PN} = "aktualizr" |
10 | 10 | ||
11 | SRC_URI = " \ | 11 | SRC_URI = " \ |
@@ -17,12 +17,43 @@ PR = "1" | |||
17 | require environment.inc | 17 | require environment.inc |
18 | require credentials.inc | 18 | require credentials.inc |
19 | 19 | ||
20 | export SOTA_CACERT_PATH | ||
21 | export SOTA_CAKEY_PATH | ||
20 | do_install() { | 22 | do_install() { |
21 | install -d ${D}${libdir}/sota | 23 | install -d ${D}${libdir}/sota |
22 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | 24 | |
23 | aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} \ | 25 | if [ -z ${SOTA_CACERT_PATH} ]; then |
24 | -i ${STAGING_DIR_NATIVE}${libdir}/sota/sota_implicit_prov.toml -o ${D}${libdir}/sota/sota.toml -p ${D} | 26 | SOTA_CACERT_PATH=${DEPLOY_DIR_IMAGE}/CA/cacert.pem |
27 | SOTA_CAKEY_PATH=${DEPLOY_DIR_IMAGE}/CA/ca.private.pem | ||
28 | mkdir -p ${DEPLOY_DIR_IMAGE}/CA | ||
29 | bbwarn "SOTA_CACERT_PATH is not specified, use default one at $SOTA_CACERT_PATH" | ||
30 | |||
31 | if [ ! -f ${SOTA_CACERT_PATH} ]; then | ||
32 | bbwarn "${SOTA_CACERT_PATH} doesn't exist, generate a new CA" | ||
33 | SOTA_CACERT_DIR_PATH="$(dirname "$SOTA_CACERT_PATH")" | ||
34 | openssl genrsa -out ${SOTA_CERTCA_DIR_PATH}/ca.private.pem 4096 | ||
35 | openssl req -key ${SOTA_CERTCA_DIR_PATH}/ca.private.pem -new -x509 -days 7300 -out ${SOTA_CACERT_PATH} -subj "/C=DE/ST=Berlin/O=Reis und Kichererbsen e.V/commonName=meta-updater" -batch | ||
36 | bbwarn "${SOTA_CACERT_PATH} has been created, you'll need to upload it to the server" | ||
37 | fi | ||
38 | fi | ||
39 | |||
40 | if [ -z ${SOTA_CAKEY_PATH} ]; then | ||
41 | bberror "SOTA_CAKEY_PATH should be set when using implicit provisioning" | ||
25 | fi | 42 | fi |
43 | |||
44 | if [ -z "${SOTA_PACKED_CREDENTIALS}" ]; then | ||
45 | bberror "SOTA_PACKED_CREDENTIALS are required for implicit provisioning" | ||
46 | fi | ||
47 | |||
48 | install -d ${D}${libdir}/sota | ||
49 | install -d ${D}${localstatedir}/sota | ||
50 | install -m 0644 ${STAGING_DIR_NATIVE}${libdir}/sota/sota_implicit_prov.toml ${D}${libdir}/sota/sota.toml | ||
51 | aktualizr_cert_provider --credentials ${SOTA_PACKED_CREDENTIALS} \ | ||
52 | --device-ca ${SOTA_CACERT_PATH} \ | ||
53 | --device-ca-key ${SOTA_CAKEY_PATH} \ | ||
54 | -r \ | ||
55 | --local ${D}${localstatedir}/sota \ | ||
56 | --config ${D}{libdir}/sota/sota.toml | ||
26 | } | 57 | } |
27 | 58 | ||
28 | FILES_${PN} = " \ | 59 | FILES_${PN} = " \ |
diff --git a/recipes-sota/aktualizr/aktualizr-mock-implicit-prov.bb b/recipes-sota/aktualizr/aktualizr-mock-implicit-prov.bb new file mode 100644 index 0000000..cf3d22c --- /dev/null +++ b/recipes-sota/aktualizr/aktualizr-mock-implicit-prov.bb | |||
@@ -0,0 +1,33 @@ | |||
1 | SUMMARY = "Aktualizr configuration for implicit provisioning" | ||
2 | DESCRIPTION = "Systemd service and configurations for implicitly provisioning Aktualizr, the SOTA Client application written in C++" | ||
3 | HOMEPAGE = "https://github.com/advancedtelematic/aktualizr" | ||
4 | SECTION = "base" | ||
5 | LICENSE = "MPL-2.0" | ||
6 | LIC_FILES_CHKSUM = "file://${WORKDIR}/LICENSE;md5=9741c346eef56131163e13b9db1241b3" | ||
7 | |||
8 | DEPENDS = "aktualizr-native" | ||
9 | RDEPENDS_${PN} = "aktualizr" | ||
10 | |||
11 | SRC_URI = " \ | ||
12 | file://LICENSE \ | ||
13 | " | ||
14 | PV = "1.0" | ||
15 | PR = "1" | ||
16 | |||
17 | require environment.inc | ||
18 | require credentials.inc | ||
19 | |||
20 | do_install() { | ||
21 | install -d ${D}${libdir}/sota | ||
22 | if [ -n "${SOTA_PACKED_CREDENTIALS}" ]; then | ||
23 | aktualizr_implicit_writer -c ${SOTA_PACKED_CREDENTIALS} \ | ||
24 | -i ${STAGING_DIR_NATIVE}${libdir}/sota/sota_implicit_prov.toml -o ${D}${libdir}/sota/sota.toml -p ${D} | ||
25 | fi | ||
26 | } | ||
27 | |||
28 | FILES_${PN} = " \ | ||
29 | ${libdir}/sota/sota.toml \ | ||
30 | ${libdir}/sota/root.crt \ | ||
31 | " | ||
32 | |||
33 | # vim:set ts=4 sw=4 sts=4 expandtab: | ||