Skip to content
This repository was archived by the owner on May 3, 2020. It is now read-only.

Commit f8f74ad

Browse files
schrnzschrnz
committed
Safe init: do not overwrite cert, key and config if present, close #400 
1 parent fe9c493 commit f8f74ad

File tree

1 file changed

+44
-35
lines changed

1 file changed

+44
-35
lines changed

scripts/first_time.rb

Lines changed: 44 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -203,43 +203,52 @@
203203
end
204204

205205
# create the SSL cert
206-
puts "Creating self-signed SSL certificate, you should really have a legitimate one."
207-
208-
name = "/C=US/ST=MD/L=MD/O=MD/CN=serpico"
209-
ca = OpenSSL::X509::Name.parse(name)
210-
key = OpenSSL::PKey::RSA.new(1024)
211-
212-
crt = OpenSSL::X509::Certificate.new
213-
crt.version = 2
214-
crt.serial = rand(10**10)
215-
crt.subject = ca
216-
crt.issuer = ca
217-
crt.public_key = key.public_key
218-
crt.not_before = Time.now
219-
crt.not_after = Time.now + 1 * 365 * 24 * 60 * 60 # 1 year
220-
221-
ef = OpenSSL::X509::ExtensionFactory.new
222-
ef.subject_certificate = crt
223-
ef.issuer_certificate = crt
224-
crt.extensions = [
225-
ef.create_extension("basicConstraints","CA:TRUE", true),
226-
ef.create_extension("subjectKeyIdentifier", "hash"),
227-
]
228-
crt.add_extension ef.create_extension("authorityKeyIdentifier",
229-
"keyid:always,issuer:always")
230-
crt.sign key, OpenSSL::Digest::SHA1.new
231-
232-
File.open("./cert.pem", "w") do |f|
233-
f.write crt.to_pem
234-
end
235206

236-
File.open("./key.pem", "w") do |f|
237-
f.write key.to_pem
207+
if !File.exist?('cert.pem') || !File.exist?('key.pem')
208+
puts "Creating self-signed SSL certificate, you should really have a legitimate one."
209+
210+
name = "/C=US/ST=MD/L=MD/O=MD/CN=serpico"
211+
ca = OpenSSL::X509::Name.parse(name)
212+
key = OpenSSL::PKey::RSA.new(1024)
213+
214+
crt = OpenSSL::X509::Certificate.new
215+
crt.version = 2
216+
crt.serial = rand(10**10)
217+
crt.subject = ca
218+
crt.issuer = ca
219+
crt.public_key = key.public_key
220+
crt.not_before = Time.now
221+
crt.not_after = Time.now + 1 * 365 * 24 * 60 * 60 # 1 year
222+
223+
ef = OpenSSL::X509::ExtensionFactory.new
224+
ef.subject_certificate = crt
225+
ef.issuer_certificate = crt
226+
crt.extensions = [
227+
ef.create_extension("basicConstraints","CA:TRUE", true),
228+
ef.create_extension("subjectKeyIdentifier", "hash"),
229+
]
230+
crt.add_extension ef.create_extension("authorityKeyIdentifier",
231+
"keyid:always,issuer:always")
232+
crt.sign key, OpenSSL::Digest::SHA1.new
233+
234+
File.open("./cert.pem", "w") do |f|
235+
f.write crt.to_pem
236+
end
237+
238+
File.open("./key.pem", "w") do |f|
239+
f.write key.to_pem
240+
end
241+
else
242+
puts "Skipping SSL certificate creation, key.pem and cert.pem already exist."
238243
end
239244

245+
240246
# Copying the default configurations over
241-
puts "Copying configuration settings over."
242-
File.open("./config.json", "w") do |f|
243-
f.write File.open("./config.json.defaults", "rb").read
247+
if !File.exist?('cert.pem')
248+
puts "Copying configuration settings over."
249+
File.open("./config.json", "w") do |f|
250+
f.write File.open("./config.json.defaults", "rb").read
251+
end
252+
else
253+
puts "Skipping creation of config.json, file exists."
244254
end
245-

0 commit comments

Comments
 (0)