summaryrefslogtreecommitdiffstats
path: root/recipes-core/nss/nss-agl-driver-db
diff options
context:
space:
mode:
Diffstat (limited to 'recipes-core/nss/nss-agl-driver-db')
-rw-r--r--recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.service12
-rwxr-xr-xrecipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.sh19
2 files changed, 31 insertions, 0 deletions
diff --git a/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.service b/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.service
new file mode 100644
index 00000000..48eca392
--- /dev/null
+++ b/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=Deploy Kuksa certificates to /home/agl-driver/.pki/
+After=local-fs.target
+Before=agl-session@agl-driver.service
+ConditionPathExists=!/home/agl-driver/.pki
+
+[Service]
+User=agl-driver
+ExecStart=/usr/sbin/nss-agl-driver-db.sh
+
+[Install]
+WantedBy=multi-user.target
diff --git a/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.sh b/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.sh
new file mode 100755
index 00000000..1a8351bf
--- /dev/null
+++ b/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+set -e
+
+# TLDR we need this file for chromium to connect back to kuksa.
+
+# check if directory already exists and bail out
+if test -d /home/agl-driver/.pki/nssdb ; then
+ echo "Directory already exists! Doing nothing."
+ exit 127
+fi
+
+# setup empty db in subfolder
+mkdir -p /home/agl-driver/.pki/nssdb
+certutil -N -d /home/agl-driver/.pki/nssdb --empty-password
+
+# deploy cert into local db
+certutil -A -d /home/agl-driver/.pki/nssdb -n "KuksaRootCA" -t "pC,," -i /etc/kuksa-val/CA.pem
+
+#chown -R agl-driver:agl-driver /home/agl-driver/.pki/nssdb