Generate the VNC server certificates at install time

[invirt/packages/invirt-vnc-server.git] / debian / invirt-vnc-server.postinst

diff --git a/debian/invirt-vnc-server.postinst b/debian/invirt-vnc-server.postinst
old mode 100644 (file)
new mode 100755 (executable)
index c7e3d1f..12f3616
--- a/debian/invirt-vnc-server.postinst
+++ b/debian/invirt-vnc-server.postinst
@@ -20,9 +20,19 @@ set -e
 
 case "$1" in
     configure)
-       if [ -z "$2" ]; then
-           echo "Please be sure to copy vncproxy.crt and vncproxykey.pem into /usr/share/invirt-vnc-server/"
-       fi
+        mkdir -p /etc/invirt/secrets
+        if ! [ -e /etc/invirt/secrets/vnc.pem ]; then
+            openssl genrsa -out /etc/invirt/secrets/vnc.pem 1024 >/dev/null
+        fi
+        
+        if ! [ -e /etc/invirt/secrets/vnc.crt ]; then
+            openssl req -new -x509 -nodes -sha1 -subj '/' -key /etc/invirt/secrets/vnc.pem \
+                > /etc/invirt/secrets/vnc.crt
+        fi
+        
+        if ! [ -e /etc/invirt/secrets/vnc-key ]; then
+            openssl rand -base64 33 >/etc/invirt/secrets/vnc-key
+        fi
     ;;
 
     abort-upgrade|abort-remove|abort-deconfigure)