2018-11-09 08:02:59 +01:00
|
|
|
#!/bin/sh
|
|
|
|
|
|
|
|
|
|
set -e
|
|
|
|
|
|
2020-06-24 10:58:08 +02:00
|
|
|
if ! grep -q "Photon" /etc/lsb-release; then
|
|
|
|
|
echo "Current OS is not Photon, skip appending ca bundle"
|
|
|
|
|
exit 0
|
|
|
|
|
fi
|
|
|
|
|
|
2020-12-17 17:30:15 +01:00
|
|
|
ORIGINAL_LOCATION=$(dirname "$0")
|
|
|
|
|
|
|
|
|
|
if [ ! -f $ORIGINAL_LOCATION/ca-bundle.crt.original ]; then
|
|
|
|
|
cp /etc/pki/tls/certs/ca-bundle.crt $ORIGINAL_LOCATION/ca-bundle.crt.original
|
2018-11-09 08:02:59 +01:00
|
|
|
fi
|
|
|
|
|
|
2020-12-17 17:30:15 +01:00
|
|
|
cp $ORIGINAL_LOCATION/ca-bundle.crt.original /etc/pki/tls/certs/ca-bundle.crt
|
2019-10-17 09:28:53 +02:00
|
|
|
|
2020-06-24 10:58:08 +02:00
|
|
|
# Install /etc/harbor/ssl/{component}/ca.crt to trust CA.
|
|
|
|
|
echo "Appending internal tls trust CA to ca-bundle ..."
|
|
|
|
|
for caFile in `find /etc/harbor/ssl -maxdepth 2 -name ca.crt`; do
|
|
|
|
|
cat $caFile >> /etc/pki/tls/certs/ca-bundle.crt
|
|
|
|
|
echo "Internal tls trust CA $caFile appended ..."
|
|
|
|
|
done
|
|
|
|
|
echo "Internal tls trust CA appending is Done."
|
|
|
|
|
|
|
|
|
|
if [[ -d /harbor_cust_cert && -n "$(ls -A /harbor_cust_cert)" ]]; then
|
|
|
|
|
echo "Appending trust CA to ca-bundle ..."
|
|
|
|
|
for z in /harbor_cust_cert/*; do
|
|
|
|
|
case ${z} in
|
|
|
|
|
*.crt | *.ca | *.ca-bundle | *.pem)
|
|
|
|
|
if [ -d "$z" ]; then
|
2020-10-14 08:34:35 +02:00
|
|
|
echo "$z is directory, skip it ..."
|
2020-06-24 10:58:08 +02:00
|
|
|
else
|
|
|
|
|
cat $z >> /etc/pki/tls/certs/ca-bundle.crt
|
|
|
|
|
echo " $z Appended ..."
|
|
|
|
|
fi
|
|
|
|
|
;;
|
|
|
|
|
*) echo "$z is Not ca file ..." ;;
|
|
|
|
|
esac
|
|
|
|
|
done
|
|
|
|
|
echo "CA appending is Done."
|
2019-10-17 09:28:53 +02:00
|
|
|
fi
|
