summaryrefslogtreecommitdiffstats
path: root/meta-agl-html5-demo/recipes-core/nss
diff options
context:
space:
mode:
Diffstat (limited to 'meta-agl-html5-demo/recipes-core/nss')
-rw-r--r--meta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.service12
-rwxr-xr-xmeta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.sh19
-rw-r--r--meta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db_git.bb32
3 files changed, 63 insertions, 0 deletions
diff --git a/meta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.service b/meta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.service
new file mode 100644
index 000000000..40818cf2b
--- /dev/null
+++ b/meta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=Deploy Kuksa certificates to /home/agl-driver/.pki/
+After=local-fs.target
+Before=multi-user.target
+ConditionPathExists=!/home/agl-driver/.pki
+
+[Service]
+User=agl-driver
+ExecStart=/usr/sbin/nss-agl-driver-db.sh
+
+[Install]
+WantedBy=multi-user.target
diff --git a/meta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.sh b/meta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.sh
new file mode 100755
index 000000000..1a8351bf9
--- /dev/null
+++ b/meta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+set -e
+
+# TLDR we need this file for chromium to connect back to kuksa.
+
+# check if directory already exists and bail out
+if test -d /home/agl-driver/.pki/nssdb ; then
+ echo "Directory already exists! Doing nothing."
+ exit 127
+fi
+
+# setup empty db in subfolder
+mkdir -p /home/agl-driver/.pki/nssdb
+certutil -N -d /home/agl-driver/.pki/nssdb --empty-password
+
+# deploy cert into local db
+certutil -A -d /home/agl-driver/.pki/nssdb -n "KuksaRootCA" -t "pC,," -i /etc/kuksa-val/CA.pem
+
+#chown -R agl-driver:agl-driver /home/agl-driver/.pki/nssdb
diff --git a/meta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db_git.bb b/meta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db_git.bb
new file mode 100644
index 000000000..b2fb40340
--- /dev/null
+++ b/meta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db_git.bb
@@ -0,0 +1,32 @@
+SUMMARY = "Custom nss db hosting the kuksa certificates"
+DESCRIPTION = "Custom nss db hosting the kuksa certificates for chromium"
+AUTHOR = "Jan-Simon Moeller <jsmoeller@linuxfoundation.org>"
+HOMEPAGE = "https://git.automotivelinux.org"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+
+PV = "0.1"
+
+SRC_URI = "file://${BPN}.service \
+ file://${BPN}.sh \
+ "
+
+inherit systemd
+
+SYSTEMD_SERVICE:${PN} = "${BPN}.service"
+
+do_configure[noexec] = "1"
+do_compile[noexec] = "1"
+
+do_install() {
+ if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
+ install -d ${D}${systemd_system_unitdir}
+ install -d ${D}${sbindir}
+ install -m 0644 ${WORKDIR}/${BPN}.service ${D}${systemd_system_unitdir}
+ install -m 0755 ${WORKDIR}/${BPN}.sh ${D}${sbindir}
+ fi
+}
+
+FILES:${PN} += "${systemd_system_unitdir} ${sbindir}"
+
+RDEPENDS:${PN} += "nss agl-users kuksa-val-certificates-client bash"