-
Notifications
You must be signed in to change notification settings - Fork 0
/
buildlab.ps1
executable file
·80 lines (54 loc) · 1.45 KB
/
buildlab.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
#! /snap/bin/pwsh
Param
(
[ValidateSet("main", "mtls")]
[string]$BuildType = "main"
)
& apt update -y
& apt-get upgrade -y
& apt autoremove -y
& apt upgrade -y
#& curl https://get.acme.sh | sh
& snap install core; snap refresh core
& snap install --classic certbot
& apt install python3-pip -y
& pip install mock
& pip install cryptography --upgrade
& python3 -m pip install --upgrade pyopenssl
& apt install awscli -y
& apt install nginx -y
& apt-get install nginx-extras -y
& apt install net-tools
cd ..
& git clone https://github.com/markgamache/labPkiPy.git
& mkdir /etc/nginx/pki
& mkdir /etc/nginx/labpki
& mkdir /etc/nginx/sites-enabled
cd ./BadPkiServers/
& cp ./options-ssl-nginx.conf /etc/nginx/labpki/
& cp ./ssl-dhparams.pem /etc/nginx/labpki/
#used by no apt install of nginx
#& cp ./default /etc/nginx/sites-enabled/default
#& Copy-Item -Force ./nginx.conf /etc/nginx/nginx.conf
if($BuildType -eq "main")
{
./intCertRollOut.ps1
cd ..
cd ./BadPkiServers/
./buildConf.ps1
./setupFolders.ps1
$baseP = "/etc/nginx/pki"
$artifacts = $baseP + "/artifacts/"
mkdir /var/www/pki.pkilab.markgamache.com
Copy-Item /etc/nginx/pki/artifacts/*.* /var/www/pki.pkilab.markgamache.com/
}
else
{
& aws s3 sync s3://certsync/pki /etc/nginx/pki/
& chmod -R 777 /etc/nginx/pki/*
./buildMTLSConf.ps1
}
& systemctl unmask nginx.service
& systemctl reload nginx
Start-Sleep -Seconds 2
& systemctl start nginx