diff options
6 files changed, 95 insertions, 0 deletions
diff --git a/meta-phosphor/recipes-phosphor/certificate/phosphor-certificate-manager/phosphor-certificate-manager@.service b/meta-phosphor/recipes-phosphor/certificate/phosphor-certificate-manager/phosphor-certificate-manager@.service new file mode 100644 index 000000000..d661b75c4 --- /dev/null +++ b/meta-phosphor/recipes-phosphor/certificate/phosphor-certificate-manager/phosphor-certificate-manager@.service @@ -0,0 +1,11 @@ +[Unit] +Description=Phosphor certificate manager for %I + +[Service] +EnvironmentFile={envfiledir}/obmc/cert/%I +ExecStart=/usr/bin/env phosphor-certificate-manager --endpoint=${{ENDPOINT}} --path=${{CERTPATH}} --unit=${{UNIT}} --type=${{TYPE}} +SyslogIdentifier=phosphor-certificate-manager +Restart=always + +[Install] +WantedBy={SYSTEMD_DEFAULT_TARGET} diff --git a/meta-phosphor/recipes-phosphor/certificate/phosphor-certificate-manager_git.bb b/meta-phosphor/recipes-phosphor/certificate/phosphor-certificate-manager_git.bb new file mode 100644 index 000000000..9dd6739dc --- /dev/null +++ b/meta-phosphor/recipes-phosphor/certificate/phosphor-certificate-manager_git.bb @@ -0,0 +1,30 @@ +SUMMARY = "Phosphor Certificate Manager" +DESCRIPTION = "Manages client and server certificates" +HOMEPAGE = "https://github.com/openbmc/phosphor-certificate-manager" + +PR = "r1" +PV = "0.1+git${SRCPV}" + +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327" + +SRC_URI = "git://github.com/openbmc/phosphor-certificate-manager" +SRCREV = "0aa0d11489cc8cfe4bf2662d138909eba96ccd04" + +inherit autotools \ + pkgconfig \ + obmc-phosphor-systemd + +DEPENDS = " \ + phosphor-logging \ + autoconf-archive-native \ + phosphor-dbus-interfaces \ + phosphor-dbus-interfaces-native \ + sdbusplus \ + sdbusplus-native \ + " + +S = "${WORKDIR}/git" + +CERT_TMPL = "phosphor-certificate-manager@.service" +SYSTEMD_SERVICE_${PN} = "${CERT_TMPL}" diff --git a/meta-phosphor/recipes-phosphor/certificate/phosphor-nginx-cert-config.bb b/meta-phosphor/recipes-phosphor/certificate/phosphor-nginx-cert-config.bb new file mode 100644 index 000000000..d34ea7ef1 --- /dev/null +++ b/meta-phosphor/recipes-phosphor/certificate/phosphor-nginx-cert-config.bb @@ -0,0 +1,15 @@ +SUMMARY = "Phosphor certificate manager configuration for an nginx certificate" + +PR = "r1" + +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://${PHOSPHORBASE}/LICENSE;md5=784eea0404d452a8b0d1966b14c37b5c" + +RRECOMMENDS_${PN} = "phosphor-certificate-manager" + +inherit allarch +inherit obmc-phosphor-systemd + +SYSTEMD_SERVICE_${PN} = "" +SYSTEMD_ENVIRONMENT_FILE_${PN} = "obmc/cert/nginx" +SYSTEMD_LINK_${PN} = "../phosphor-certificate-manager@.service:${SYSTEMD_DEFAULT_TARGET}.wants/phosphor-certificate-manager@nginx.service" diff --git a/meta-phosphor/recipes-phosphor/certificate/phosphor-nginx-cert-config/obmc/cert/nginx b/meta-phosphor/recipes-phosphor/certificate/phosphor-nginx-cert-config/obmc/cert/nginx new file mode 100644 index 000000000..62d8760fe --- /dev/null +++ b/meta-phosphor/recipes-phosphor/certificate/phosphor-nginx-cert-config/obmc/cert/nginx @@ -0,0 +1,12 @@ +#REST URI endpoint +#example: /xyz/openbmc_project/certs/server/https +ENDPOINT=https + +#Path for the certificate file +CERTPATH=/etc/ssl/certs/nginx/cert.pem + +#Units to restart +UNIT=nginx.service + +#Type of the service client/server +TYPE=server diff --git a/meta-phosphor/recipes-phosphor/certificate/phosphor-nslcd-cert-config.bb b/meta-phosphor/recipes-phosphor/certificate/phosphor-nslcd-cert-config.bb new file mode 100644 index 000000000..d6f579953 --- /dev/null +++ b/meta-phosphor/recipes-phosphor/certificate/phosphor-nslcd-cert-config.bb @@ -0,0 +1,15 @@ +SUMMARY = "Phosphor certificate manager configuration for an nslcd certificate" + +PR = "r1" + +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://${PHOSPHORBASE}/LICENSE;md5=784eea0404d452a8b0d1966b14c37b5c" + +RRECOMMENDS_${PN} = "phosphor-certificate-manager" + +inherit allarch +inherit obmc-phosphor-systemd + +SYSTEMD_SERVICE_${PN} = "" +SYSTEMD_ENVIRONMENT_FILE_${PN} = "obmc/cert/nslcd" +SYSTEMD_LINK_${PN} = "../phosphor-certificate-manager@.service:${SYSTEMD_DEFAULT_TARGET}.wants/phosphor-certificate-manager@nslcd.service" diff --git a/meta-phosphor/recipes-phosphor/certificate/phosphor-nslcd-cert-config/obmc/cert/nslcd b/meta-phosphor/recipes-phosphor/certificate/phosphor-nslcd-cert-config/obmc/cert/nslcd new file mode 100644 index 000000000..03fbec1a5 --- /dev/null +++ b/meta-phosphor/recipes-phosphor/certificate/phosphor-nslcd-cert-config/obmc/cert/nslcd @@ -0,0 +1,12 @@ +#REST URI endpoint +#example: /xyz/openbmc_project/certs/client/ldap +ENDPOINT=ldap + +#Path for the certificate file +CERTPATH=/etc/nslcd/certs/cert.pem + +#Units to restart +UNIT=nslcd.service + +#Type of the service client/server +TYPE=client |