deathbybandaid/template_setup
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

freeipa as a CA

Browse Source
This commit is contained in:
deathbybandaid 2023-04-04 17:53:48 -04:00
parent 6ad51ad907
commit 5a76584aa8
1 changed files with 19 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
50-Checking_IPA_Realm_Join_Status.sh
View File

@ -20,7 +20,7 @@ fi
## FreeIPA Realm Join ## FreeIPA Realm Join
if [ "$realm_join" == 1 ]; then if [ "$realm_join" == 1 ]; then
if (whiptail --title "FreeIPA Relam Join" --yes-button "yes" --no-button "no" --yesno "Do You want to join a FreeIPA Realm?" 10 80) if (whiptail --title "FreeIPA Realm Join" --yes-button "yes" --no-button "no" --yesno "Do You want to join a FreeIPA Realm?" 10 80)
then then
if [[ $HOSTNAME == *template* ]]; then if [[ $HOSTNAME == *template* ]]; then
@ -38,3 +38,21 @@ if [ "$realm_join" == 1 ]; then
printf "$COL_CYAN" "** Skipping realm joining" printf "$COL_CYAN" "** Skipping realm joining"
fi fi
fi fi
if [[ ! -f /var/lib/ipa-client/sysrestore/sysrestore.state ]]
then
printf "$COL_YELLOW" "** $HOSTNAME appears to not be joined to FreeIPA Server Realm, skipping Cert Question"
else
printf "$COL_GREEN" "** $HOSTNAME appears to be joined to FreeIPA Server Realm, Checking if user wants a cert."
if (whiptail --title "FreeIPA CA" --yes-button "yes" --no-button "no" --yesno "Do You want to use FreeIPA as a CA and get a certificate?" 10 80)
then
mkdir -p /etc/certmonger/certs
ipa-getcert request -f /etc/certmonger/certs/app.crt -k /etc/certmonger/certs/app.key -K HTTP/$(hostname -f) -D $(hostname -f) -N $(hostname -f)
sudo getcert list
else
printf "$COL_CYAN" "** Skipping Cert Grabbing"
fi
fi