diff options
author | Marri Devender Rao <devenrao@in.ibm.com> | 2018-09-03 14:00:39 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2018-09-28 05:00:53 +0300 |
commit | c8267c3a9c09abf38cad806c5690d19346735eac (patch) | |
tree | 44188d671f91852db2b2cc0b35fdf480cbddcd34 /meta-phosphor | |
parent | 00975f5e57f183c0fdd4ff1d39b8a96859484c9b (diff) | |
download | openbmc-c8267c3a9c09abf38cad806c5690d19346735eac.tar.xz |
phosphor-certificate-manager: Add recipe and certificate service
Add recipe and service files to start/stop nginx and nslcd services
To start/stop nginx service use
systemctl stop phosphor-certificate-manager@nginx.service
systemctl start phosphor-certificate-manager@nginx.service
To start/stop nslcd service use
systemctl stop phosphor-certificate-manager@nslcd.service
systemctl start phosphor-certificate-manager@nslcd.service
(From meta-phosphor rev: 08b55912f01f7a2b53ccc11fb8e508c9c8bc8a14)
Change-Id: Ie55613f8da061f9f948d645086db12be8239beea
Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'meta-phosphor')
6 files changed, 95 insertions, 0 deletions
diff --git a/meta-phosphor/recipes-phosphor/certificate/phosphor-certificate-manager/phosphor-certificate-manager@.service b/meta-phosphor/recipes-phosphor/certificate/phosphor-certificate-manager/phosphor-certificate-manager@.service new file mode 100644 index 000000000..d661b75c4 --- /dev/null +++ b/meta-phosphor/recipes-phosphor/certificate/phosphor-certificate-manager/phosphor-certificate-manager@.service @@ -0,0 +1,11 @@ +[Unit] +Description=Phosphor certificate manager for %I + +[Service] +EnvironmentFile={envfiledir}/obmc/cert/%I +ExecStart=/usr/bin/env phosphor-certificate-manager --endpoint=${{ENDPOINT}} --path=${{CERTPATH}} --unit=${{UNIT}} --type=${{TYPE}} +SyslogIdentifier=phosphor-certificate-manager +Restart=always + +[Install] +WantedBy={SYSTEMD_DEFAULT_TARGET} diff --git a/meta-phosphor/recipes-phosphor/certificate/phosphor-certificate-manager_git.bb b/meta-phosphor/recipes-phosphor/certificate/phosphor-certificate-manager_git.bb new file mode 100644 index 000000000..9dd6739dc --- /dev/null +++ b/meta-phosphor/recipes-phosphor/certificate/phosphor-certificate-manager_git.bb @@ -0,0 +1,30 @@ +SUMMARY = "Phosphor Certificate Manager" +DESCRIPTION = "Manages client and server certificates" +HOMEPAGE = "https://github.com/openbmc/phosphor-certificate-manager" + +PR = "r1" +PV = "0.1+git${SRCPV}" + +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327" + +SRC_URI = "git://github.com/openbmc/phosphor-certificate-manager" +SRCREV = "0aa0d11489cc8cfe4bf2662d138909eba96ccd04" + +inherit autotools \ + pkgconfig \ + obmc-phosphor-systemd + +DEPENDS = " \ + phosphor-logging \ + autoconf-archive-native \ + phosphor-dbus-interfaces \ + phosphor-dbus-interfaces-native \ + sdbusplus \ + sdbusplus-native \ + " + +S = "${WORKDIR}/git" + +CERT_TMPL = "phosphor-certificate-manager@.service" +SYSTEMD_SERVICE_${PN} = "${CERT_TMPL}" diff --git a/meta-phosphor/recipes-phosphor/certificate/phosphor-nginx-cert-config.bb b/meta-phosphor/recipes-phosphor/certificate/phosphor-nginx-cert-config.bb new file mode 100644 index 000000000..d34ea7ef1 --- /dev/null +++ b/meta-phosphor/recipes-phosphor/certificate/phosphor-nginx-cert-config.bb @@ -0,0 +1,15 @@ +SUMMARY = "Phosphor certificate manager configuration for an nginx certificate" + +PR = "r1" + +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://${PHOSPHORBASE}/LICENSE;md5=784eea0404d452a8b0d1966b14c37b5c" + +RRECOMMENDS_${PN} = "phosphor-certificate-manager" + +inherit allarch +inherit obmc-phosphor-systemd + +SYSTEMD_SERVICE_${PN} = "" +SYSTEMD_ENVIRONMENT_FILE_${PN} = "obmc/cert/nginx" +SYSTEMD_LINK_${PN} = "../phosphor-certificate-manager@.service:${SYSTEMD_DEFAULT_TARGET}.wants/phosphor-certificate-manager@nginx.service" diff --git a/meta-phosphor/recipes-phosphor/certificate/phosphor-nginx-cert-config/obmc/cert/nginx b/meta-phosphor/recipes-phosphor/certificate/phosphor-nginx-cert-config/obmc/cert/nginx new file mode 100644 index 000000000..62d8760fe --- /dev/null +++ b/meta-phosphor/recipes-phosphor/certificate/phosphor-nginx-cert-config/obmc/cert/nginx @@ -0,0 +1,12 @@ +#REST URI endpoint +#example: /xyz/openbmc_project/certs/server/https +ENDPOINT=https + +#Path for the certificate file +CERTPATH=/etc/ssl/certs/nginx/cert.pem + +#Units to restart +UNIT=nginx.service + +#Type of the service client/server +TYPE=server diff --git a/meta-phosphor/recipes-phosphor/certificate/phosphor-nslcd-cert-config.bb b/meta-phosphor/recipes-phosphor/certificate/phosphor-nslcd-cert-config.bb new file mode 100644 index 000000000..d6f579953 --- /dev/null +++ b/meta-phosphor/recipes-phosphor/certificate/phosphor-nslcd-cert-config.bb @@ -0,0 +1,15 @@ +SUMMARY = "Phosphor certificate manager configuration for an nslcd certificate" + +PR = "r1" + +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://${PHOSPHORBASE}/LICENSE;md5=784eea0404d452a8b0d1966b14c37b5c" + +RRECOMMENDS_${PN} = "phosphor-certificate-manager" + +inherit allarch +inherit obmc-phosphor-systemd + +SYSTEMD_SERVICE_${PN} = "" +SYSTEMD_ENVIRONMENT_FILE_${PN} = "obmc/cert/nslcd" +SYSTEMD_LINK_${PN} = "../phosphor-certificate-manager@.service:${SYSTEMD_DEFAULT_TARGET}.wants/phosphor-certificate-manager@nslcd.service" diff --git a/meta-phosphor/recipes-phosphor/certificate/phosphor-nslcd-cert-config/obmc/cert/nslcd b/meta-phosphor/recipes-phosphor/certificate/phosphor-nslcd-cert-config/obmc/cert/nslcd new file mode 100644 index 000000000..03fbec1a5 --- /dev/null +++ b/meta-phosphor/recipes-phosphor/certificate/phosphor-nslcd-cert-config/obmc/cert/nslcd @@ -0,0 +1,12 @@ +#REST URI endpoint +#example: /xyz/openbmc_project/certs/client/ldap +ENDPOINT=ldap + +#Path for the certificate file +CERTPATH=/etc/nslcd/certs/cert.pem + +#Units to restart +UNIT=nslcd.service + +#Type of the service client/server +TYPE=client |