From f620c729c783ef49d686f752dbda133d0d389ad1 Mon Sep 17 00:00:00 2001
From: "kali kaneko (leap communications)" <kali@leap.se>
Date: Fri, 21 Feb 2020 19:42:34 +0100
Subject: [testing] add demo configuration

---
 Makefile                |  1 +
 config/demo.yaml        |  6 +++---
 test/simple-ca/Makefile | 28 ++++++++++++++++++++++++++++
 3 files changed, 32 insertions(+), 3 deletions(-)
 create mode 100644 test/simple-ca/Makefile

diff --git a/Makefile b/Makefile
index 680414d..a435bcd 100644
--- a/Makefile
+++ b/Makefile
@@ -19,6 +19,7 @@ gen-provider:
 	mkdir -p deploy/public/3
 	@python3 scripts/simplevpn.py --file=eip --config=$(CONFIG) --template=$(EIP_TEMPLATE) --obfs4_state deploy/shapeshifter-state > $(EIP_SERVICE) || echo "ERROR: see $(EIP_SERVICE) for output"
 	@python3 scripts/simplevpn.py --file=provider --config=$(CONFIG) --template=$(PROVIDER_TEMPLATE) > $(PROVIDER) || echo "ERROR: see $(PROVIDER) for output"
+	rsync -ra deploy/public/ public/
 populate:
 	cp test/1/* public/1/
 	cp test/files/ca.crt public/
diff --git a/config/demo.yaml b/config/demo.yaml
index 92b68ba..5f05dc0 100644
--- a/config/demo.yaml
+++ b/config/demo.yaml
@@ -37,6 +37,6 @@ gateways:
 provider:
     - name: "demo provider"
     - description: "this is a demo provider"
-    - domain: pt.demo.bitmask.net:8000
-    - api_uri: pt.demo.bitmask.net:8000
-    - fingerprint: "SHA256: 13A6456F7A303E55B8E575D7C53A967C6A524307E69A47A86DA232830AD283DB"
+    - domain: demo.bitmask.net:9000
+    - api_uri: demo.bitmask.net:9000
+    - fingerprint: "SHA256: F3340B115F69B16C1B7C52C85A0A4A752C64B10670109B4032BA612B782D8753"
diff --git a/test/simple-ca/Makefile b/test/simple-ca/Makefile
new file mode 100644
index 0000000..122f08b
--- /dev/null
+++ b/test/simple-ca/Makefile
@@ -0,0 +1,28 @@
+CERTTOOL=certtool
+CAKEY=ca-key.pem
+CATEMPL=ca.cfg
+SRVTEMPL=server-cert.cfg
+DEPLOY=certs
+
+usage:
+	@echo "Use 'make ca' for creating a new disposable ca, or 'make cert' for creating a new cert"
+
+clean:
+	rm -f tls-key.pem tls-cert.pem ca-key.pem ca.crt request.pem
+
+ca:
+	$(CERTTOOL) --generate-privkey --outfile $(CAKEY)
+	$(CERTTOOL) --generate-self-signed --load-privkey ca-key.pem --outfile ca.crt --template $(CATEMPL)
+
+cert:
+	$(CERTTOOL) --generate-privkey --outfile tls-key.pem --template $(SRVTEMPL)
+	$(CERTTOOL) --generate-request --load-privkey tls-key.pem --outfile request.pem --template $(SRVTEMPL)
+	$(CERTTOOL) --generate-certificate --load-privkey tls-key.pem \
+		    --template $(SRVTEMPL) --outfile tls-cert.pem \
+		    --load-ca-certificate ca.crt --load-ca-privkey $(CAKEY)
+deploy:
+	@rm -rf $(DEPLOY)
+	@mkdir $(DEPLOY)
+	@cp ca.crt tls-key.pem tls-cert.pem $(DEPLOY)
+	@echo "done"
+
-- 
cgit v1.2.3