35 lines
1.1 KiB
Bash
35 lines
1.1 KiB
Bash
|
#!/bin/sh
|
||
|
|
|
||
|
|
WAYVNC_CONFIG_PATH=/etc/wayvnc
|
||
|
|
|
||
|
|
generate_rsa_key()
|
||
|
|
{
|
||
|
|
echo "Generating RSA key..."
|
||
|
|
KEY_FILE="$WAYVNC_CONFIG_PATH/rsa_key.pem"
|
||
|
|
ssh-keygen -m pem -f "$KEY_FILE" -t rsa -N "" >/dev/null
|
||
|
|
rm -f "$KEY_FILE.pub"
|
||
|
|
chown root:vnc "$KEY_FILE"
|
||
|
|
chmod 640 "$KEY_FILE"
|
||
|
|
echo "Done"
|
||
|
|
}
|
||
|
|
|
||
|
|
generate_tls_creds()
|
||
|
|
{
|
||
|
|
echo "Generating TLS Credentials..."
|
||
|
|
KEY_FILE="$WAYVNC_CONFIG_PATH/tls_key.pem"
|
||
|
|
CERT_FILE="$WAYVNC_CONFIG_PATH/tls_cert.pem"
|
||
|
|
HOSTNAME=$(cat /etc/hostname)
|
||
|
|
IP=$(ip a | awk '$1=="inet" && $2 != "127.0.0.1/8" {split($2, a, "/"); print a[1]}')
|
||
|
|
openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes \
|
||
|
|
-keyout "$KEY_FILE" -out "$CERT_FILE" -subj /CN=$HOSTNAME \
|
||
|
|
-addext subjectAltName=DNS:localhost,DNS:$HOSTNAME,IP:$IP 2>/dev/null
|
||
|
|
chown root:vnc "$KEY_FILE" "$CERT_FILE"
|
||
|
|
chmod 640 "$KEY_FILE" "$CERT_FILE"
|
||
|
|
echo "Done"
|
||
|
|
}
|
||
|
|
|
||
|
|
test -e "$WAYVNC_CONFIG_PATH" || mkdir -p "$WAYVNC_CONFIG_PATH"
|
||
|
|
test -e "$WAYVNC_CONFIG_PATH/rsa_key.pem" || generate_rsa_key
|
||
|
|
test -e "$WAYVNC_CONFIG_PATH/tls_key.pem" -a \
|
||
|
|
-e "$WAYVNC_CONFIG_PATH/tls_cert.pem" || generate_tls_creds
|