#!/bin/sh if [ -f <%= @data_dir %>/tls.key ] ; then echo "[ok] TLS keys for https endpoint" else echo "[create] TLS keys for https endpoint" cat > <%= @data_dir %>/request.txt <.local [v3_req] keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment extendedKeyUsage = serverAuth subjectAltName = @alt_names [alt_names] DNS.1 = <%= @name %>.local DNS.2 = localhost IP.1 = 127.0.0.1 INNER_EOF openssl req -new -nodes -x509 -days 36500 -newkey rsa:2048 -keyout <%= @data_dir %>/tls.key -out <%= @data_dir %>/tls.crt -config <%= @data_dir %>/request.txt rm <%= @data_dir %>/request.txt chown -R <%= @user %>:<%= @group %> <%= @data_dir %> fi # Check if the secret-key is already set in @env_file if grep -q "CHANGE-ME" <%= @env_file %> ; then echo "[create] Secret-key for web server" SECRET_KEY="$( openssl rand -base64 128 | strings | grep -o '[[:alnum:]]' | head -n 64 | tr -d '\n'; echo )" sed -i '' -e "s/CHANGE-ME/${SECRET_KEY}/g" <%= @env_file %> else echo "[ok] Secret-key for web server" fi # Migrate database echo "[migrate] Database" <%= @app_dir %>/bin/<%= @name %> eval "Freedive.Release.migrate"