mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-25 11:46:43 +01:00
add crt 0600
This commit is contained in:
parent
e6380567d4
commit
ec06bd2073
3
Makefile
3
Makefile
@ -266,7 +266,10 @@ modify_composefile:
|
|||||||
modify_sourcefiles:
|
modify_sourcefiles:
|
||||||
@echo "change mode of source files."
|
@echo "change mode of source files."
|
||||||
@chmod 600 $(MAKEPATH)/common/templates/notary/notary-signer.key
|
@chmod 600 $(MAKEPATH)/common/templates/notary/notary-signer.key
|
||||||
|
@chmod 600 $(MAKEPATH)/common/templates/notary/notary-signer.crt
|
||||||
|
@chmod 600 $(MAKEPATH)/common/templates/notary/notary-signer-ca.crt
|
||||||
@chmod 600 $(MAKEPATH)/common/templates/ui/private_key.pem
|
@chmod 600 $(MAKEPATH)/common/templates/ui/private_key.pem
|
||||||
|
@chmod 600 $(MAKEPATH)/common/templates/registry/root.crt
|
||||||
|
|
||||||
install: compile build modify_sourcefiles prepare modify_composefile start
|
install: compile build modify_sourcefiles prepare modify_composefile start
|
||||||
|
|
||||||
|
@ -305,6 +305,7 @@ if customize_crt == 'on' and openssl_installed():
|
|||||||
root_crt = os.path.join(config_dir, "registry", "root.crt")
|
root_crt = os.path.join(config_dir, "registry", "root.crt")
|
||||||
create_root_cert(empty_subj, key_path=private_key_pem, cert_path=root_crt)
|
create_root_cert(empty_subj, key_path=private_key_pem, cert_path=root_crt)
|
||||||
os.chmod(private_key_pem, 0600)
|
os.chmod(private_key_pem, 0600)
|
||||||
|
os.chmod(root_crt, 0600)
|
||||||
else:
|
else:
|
||||||
print("Copied configuration file: %s" % ui_config_dir + "private_key.pem")
|
print("Copied configuration file: %s" % ui_config_dir + "private_key.pem")
|
||||||
shutil.copyfile(os.path.join(templates_dir, "ui", "private_key.pem"), os.path.join(ui_config_dir, "private_key.pem"))
|
shutil.copyfile(os.path.join(templates_dir, "ui", "private_key.pem"), os.path.join(ui_config_dir, "private_key.pem"))
|
||||||
@ -332,8 +333,10 @@ if args.notary_mode:
|
|||||||
create_root_cert(ca_subj, key_path=signer_ca_key, cert_path=signer_ca_cert)
|
create_root_cert(ca_subj, key_path=signer_ca_key, cert_path=signer_ca_cert)
|
||||||
create_cert(cert_subj, signer_ca_key, signer_ca_cert, key_path=signer_key_path, cert_path=signer_cert_path)
|
create_cert(cert_subj, signer_ca_key, signer_ca_cert, key_path=signer_key_path, cert_path=signer_cert_path)
|
||||||
print("Copying certs for notary signer")
|
print("Copying certs for notary signer")
|
||||||
shutil.copy2(signer_cert_path, notary_config_dir)
|
os.chmod(signer_cert_path, 0600)
|
||||||
os.chmod(signer_key_path, 0600)
|
os.chmod(signer_key_path, 0600)
|
||||||
|
os.chmod(signer_ca_path, 0600)
|
||||||
|
shutil.copy2(signer_cert_path, notary_config_dir)
|
||||||
shutil.copy2(signer_key_path, notary_config_dir)
|
shutil.copy2(signer_key_path, notary_config_dir)
|
||||||
shutil.copy2(signer_ca_cert, notary_config_dir)
|
shutil.copy2(signer_ca_cert, notary_config_dir)
|
||||||
finally:
|
finally:
|
||||||
|
Loading…
Reference in New Issue
Block a user