invirt-vnc-server should depend on openssl.
[invirt/packages/invirt-vnc-server.git] / debian / invirt-vnc-server.postinst
index 12f3616..f1919ae 100755 (executable)
@@ -20,18 +20,18 @@ set -e
 
 case "$1" in
     configure)
-        mkdir -p /etc/invirt/secrets
-        if ! [ -e /etc/invirt/secrets/vnc.pem ]; then
-            openssl genrsa -out /etc/invirt/secrets/vnc.pem 1024 >/dev/null
+        mkdir -p /etc/invirt/vnc
+        if ! [ -e /etc/invirt/vnc/server.pem ]; then
+            openssl genrsa -out /etc/invirt/vnc/server.pem 1024 >/dev/null
         fi
         
-        if ! [ -e /etc/invirt/secrets/vnc.crt ]; then
-            openssl req -new -x509 -nodes -sha1 -subj '/' -key /etc/invirt/secrets/vnc.pem \
-                > /etc/invirt/secrets/vnc.crt
+        if ! [ -e /etc/invirt/vnc/server.crt ]; then
+            openssl req -new -x509 -nodes -sha1 -days 730 -subj "/CN=$(hostname -f)" -key /etc/invirt/vnc/server.pem \
+                > /etc/invirt/vnc/server.crt
         fi
         
-        if ! [ -e /etc/invirt/secrets/vnc-key ]; then
-            openssl rand -base64 33 >/etc/invirt/secrets/vnc-key
+        if ! [ -e /etc/invirt/vnc/token-key ]; then
+            openssl rand -base64 33 >/etc/invirt/vnc/token-key
         fi
     ;;