blob: 18fdcd134c5b7410d33316386bd7233d6229457e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
# vim: ft=sh ts=4 sw=4 et
# _create_tls_cert() {
# if [ -f /var/lib/openbao/tls/tls.crt ] && [ -f /var/lib/openbao/tls/tls.key ]; then
# echo "OpenBao TLS key and certificate already exist."
# return
# fi
# if ! [ -x /usr/bin/openssl ]; then
# echo "openssl is not installed, skipping tls generation"
# return
# fi
# umask 0077
# mkdir -p /var/lib/openbao/tls /var/lib/openbao/data
#
# pushd /var/lib/openbao/tls
# openssl req -out tls.crt -new \
# -keyout tls.key -newkey rsa:4096 \
# -nodes -sha256 \
# -x509 -subj "/O=OpenBao/CN=OpenBao" \
# -days 1095 # 3 years
# chown --recursive openbao:openbao /var/lib/openbao
# popd
# }
post_install() {
setcap cap_ipc_lock=+ep /usr/bin/bao
}
post_upgrade() {
setcap cap_ipc_lock=+ep /usr/bin/bao
}
|