37 lines
1.1 KiB
Bash
37 lines
1.1 KiB
Bash
#!/bin/bash
|
|
|
|
## Script Location
|
|
SCRIPTDIR=$(dirname $0)
|
|
source "$SCRIPTDIR/common/colors.sh"
|
|
source "$SCRIPTDIR/common/functions.sh"
|
|
source "$SCRIPTDIR/common/load-defaults.sh"
|
|
|
|
printf "$COL_LIGHT_BLUE" "* Checking if system already contains Membership to FreeIPA Realm"
|
|
realm_get_ca=0
|
|
if [[ ! -f /var/lib/ipa-client/sysrestore/sysrestore.state ]]
|
|
then
|
|
printf "$COL_YELLOW" "** $HOSTNAME appears to not be joined to FreeIPA Server Realm"
|
|
else
|
|
printf "$COL_GREEN" "** $HOSTNAME appears to already be joined to FreeIPA Server Realm"
|
|
realm_get_ca=$freeipa_ca
|
|
fi
|
|
|
|
if [ "$freeipa_ca" == "ask" ]; then
|
|
if (whiptail --title "FreeIPA Realm Join" --yes-button "yes" --no-button "no" --yesno "Do You want to use FreeIPA as a CA and get a certificate?" 10 80)
|
|
then
|
|
realm_get_ca=1
|
|
else
|
|
realm_get_ca=0
|
|
fi
|
|
fi
|
|
|
|
## FreeIPA get ca
|
|
if [ "$realm_get_ca" == 1 ]; then
|
|
printf "$COL_YELLOW" "** Grabbing Cert"
|
|
mkdir -p /etc/certmonger/certs
|
|
ipa-getcert request -f /etc/certmonger/certs/app.crt -k /etc/certmonger/certs/app.key -K HTTP/$(hostname -f) -D $(hostname -f) -N $(hostname -f)
|
|
sudo getcert list
|
|
else
|
|
printf "$COL_CYAN" "** Skipping Cert Grabbing"
|
|
fi
|