scripts(dev-setup): 🔨 Add script to auto-generate self-signed SSL certificates for local HTTPS support
Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
This commit is contained in:
parent
d64494e351
commit
b121da7d33
1 changed files with 26 additions and 17 deletions
|
|
@ -7,24 +7,23 @@
|
|||
# This allows HTTPS to work in browsers without security warnings.
|
||||
#
|
||||
# Usage:
|
||||
# ./infrastructure/scripts/dev-setup/setup-local-ssl.sh
|
||||
# ./tooling/scripts/dev-setup/setup-local-ssl.sh
|
||||
#
|
||||
# Prerequisites:
|
||||
# - mkcert must be installed (https://github.com/FiloSottile/mkcert)
|
||||
# - For Firefox auto-trust: install nss-tools (dnf install nss-tools)
|
||||
#
|
||||
# Generated certificates:
|
||||
# - infrastructure/certs/local/_wildcard.atlilith.local+1.pem
|
||||
# - infrastructure/certs/local/_wildcard.atlilith.local+1-key.pem
|
||||
# - infrastructure/certs/local/_wildcard.trustedmeet.local+1.pem
|
||||
# - infrastructure/certs/local/_wildcard.trustedmeet.local+1-key.pem
|
||||
# Generated certificates (in deployments/certs/local/):
|
||||
# - _wildcard.lilith.apricot.local+1.pem — all domain deployments (atlilith.www, trustedmeet, etc.)
|
||||
# - _wildcard.apricot.local+1.pem — apricot infrastructure services (models.apricot.local)
|
||||
# - _wildcard.atlilith.local+1.pem — atlilith infrastructure services (api, imajin, etc.)
|
||||
#
|
||||
|
||||
set -e
|
||||
|
||||
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../../.." && pwd)"
|
||||
CERTS_DIR="$PROJECT_ROOT/infrastructure/certs/local"
|
||||
CERTS_DIR="$PROJECT_ROOT/deployments/certs/local"
|
||||
|
||||
echo "=============================================="
|
||||
echo "Setting up local SSL certificates for .local domains"
|
||||
|
|
@ -78,14 +77,21 @@ fi
|
|||
mkdir -p "$CERTS_DIR"
|
||||
cd "$CERTS_DIR"
|
||||
|
||||
# Generate certificates
|
||||
# Primary: all domain deployments (atlilith.www, trustedmeet, spoiledbabes, lilithcam, etc.)
|
||||
# Covers: *.atlilith.lilith.apricot.local, *.trustedmeet.lilith.apricot.local, etc.
|
||||
echo ""
|
||||
echo "Generating certificates for atlilith.local..."
|
||||
mkcert "*.atlilith.local" "atlilith.local"
|
||||
echo "Generating certificates for *.lilith.apricot.local (domain deployments)..."
|
||||
mkcert "*.lilith.apricot.local" "lilith.apricot.local"
|
||||
|
||||
# Apricot infrastructure: models.apricot.local
|
||||
echo ""
|
||||
echo "Generating certificates for trustedmeet.local..."
|
||||
mkcert "*.trustedmeet.local" "trustedmeet.local"
|
||||
echo "Generating certificates for *.apricot.local (apricot infrastructure)..."
|
||||
mkcert "*.apricot.local" "apricot.local"
|
||||
|
||||
# Atlilith infrastructure services: api.atlilith.local, imajin.atlilith.local, etc.
|
||||
echo ""
|
||||
echo "Generating certificates for *.atlilith.local (atlilith infrastructure services)..."
|
||||
mkcert "*.atlilith.local" "atlilith.local"
|
||||
|
||||
echo ""
|
||||
echo "=============================================="
|
||||
|
|
@ -98,11 +104,14 @@ echo "Files created:"
|
|||
ls -la "$CERTS_DIR"/*.pem
|
||||
echo ""
|
||||
echo "Next steps:"
|
||||
echo " 1. Restart the dev cluster: ./run dev:stop && ./run dev"
|
||||
echo " 2. Access sites via HTTPS:"
|
||||
echo " - https://status.atlilith.local"
|
||||
echo " - https://admin.atlilith.local"
|
||||
echo " - https://www.trustedmeet.local"
|
||||
echo " 1. Sync DNS: sudo ./run dns:sync"
|
||||
echo " 2. Start dev cluster: ./run dev"
|
||||
echo " 3. Access sites:"
|
||||
echo " - https://atlilith.lilith.apricot.local"
|
||||
echo " - https://i.atlilith.lilith.apricot.local"
|
||||
echo " - https://trustedmeet.lilith.apricot.local"
|
||||
echo " - https://api.atlilith.local"
|
||||
echo " - https://models.apricot.local"
|
||||
echo ""
|
||||
echo "Note: If Firefox shows certificate warnings, you may need to:"
|
||||
echo " 1. Install nss-tools and re-run 'mkcert -install', OR"
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue