2023-09-05 10:07:45 +02:00
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
|
|
set -e
|
|
|
|
|
DEBUG=
|
|
|
|
|
SILENT="-s"
|
|
|
|
|
QUIET="-q"
|
2023-09-05 10:16:44 +02:00
|
|
|
for param in $1 $2 $3 ; do
|
2023-09-05 10:07:45 +02:00
|
|
|
if [ $param ] ; then
|
|
|
|
|
case $param in
|
|
|
|
|
debug )
|
|
|
|
|
DEBUG="debug" ;;
|
2023-09-05 10:16:44 +02:00
|
|
|
perms=* )
|
|
|
|
|
NEW_PERMS=${param#*=} ;;
|
2023-09-05 10:07:45 +02:00
|
|
|
* )
|
|
|
|
|
NEW_USER=$param ;;
|
|
|
|
|
esac
|
|
|
|
|
else
|
|
|
|
|
break
|
|
|
|
|
fi
|
|
|
|
|
done
|
|
|
|
|
|
|
|
|
|
if [ $DEBUG ] ; then
|
|
|
|
|
set -xe
|
|
|
|
|
SILENT=
|
|
|
|
|
QUIET="-v"
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# load required parameters
|
|
|
|
|
SCRIPT_DIR="$(echo ~)/bin"
|
|
|
|
|
if [ ! -f "$SCRIPT_DIR"/koji-parameters.sh ] ; then
|
|
|
|
|
echo "$SCRIPT_DIR/koji-parameters.sh NOT found - aborting"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
source "$SCRIPT_DIR"/koji-parameters.sh
|
|
|
|
|
KOJI_HUB_FQDN="$(hostname -f)"
|
|
|
|
|
|
|
|
|
|
# pull down any required scripts
|
|
|
|
|
if [ ! -d $SCRIPT_DIR ] ; then mkdir -p $SCRIPT_DIR ; fi
|
|
|
|
|
if [ ! -f $SCRIPT_DIR/koji-gencert.sh ] ; then
|
|
|
|
|
curl $SILENT $SCRIPT_GIT/koji-gencert.sh > $SCRIPT_DIR/koji-gencert.sh
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# Add the new user into the database
|
|
|
|
|
sudo -u kojiadmin koji add-user "$NEW_USER"
|
2023-09-05 10:16:44 +02:00
|
|
|
if [ $NEW_PERMS ] ; then
|
|
|
|
|
sudo -u kojiadmin koji grant-permission --new $NEW_PERMS $NEW_USER
|
|
|
|
|
fi
|
2023-09-05 10:07:45 +02:00
|
|
|
# Generate a certificate for the user
|
|
|
|
|
pushd "$KOJI_PKI_DIR"
|
|
|
|
|
$SCRIPT_DIR/koji-gencert.sh "$NEW_USER" "/C=$COUNTRY_CODE/ST=$STATE/L=$LOCATION/O=$ORGANIZATION/CN=$NEW_USER"
|
|
|
|
|
popd
|
|
|
|
|
|
|
|
|
|
echo "The Koji CLI key for $NEW_USER is $KOJI_PKI_DIR/$NEW_USER.pem and the browser key $KOJI_PKI_DIR/certs/$NEW_USER_browser_cert.p12"
|
