x.509/Makefile-link: Add a basic Makefile for linking wildcard certs

author W. Trevor King <wking@tremily.us>

Sat, 15 Feb 2014 02:43:52 +0000 (18:43 -0800)

committer W. Trevor King <wking@tremily.us>

Sat, 15 Feb 2014 02:43:52 +0000 (18:43 -0800)
author W. Trevor King <wking@tremily.us>
Sat, 15 Feb 2014 02:43:52 +0000 (18:43 -0800)
committer W. Trevor King <wking@tremily.us>
Sat, 15 Feb 2014 02:43:52 +0000 (18:43 -0800)
diff --git a/x.509/Makefile-link b/x.509/Makefile-link

new file mode 100644 (file)

index 0000000..c73b4b7
--- /dev/null
+++ b/x.509/Makefile-link
@@ -0,0 +1,29 @@
+# Create links to a wildcard certificate on the fly
+#
+# This is useful for testing with the nginx-proxy container, but note
+# that functional wildcard certificates are only one subdomain level
+# deep (e.g. *.example.com matches www.example.com but not
+# www.beta.example.com) [1].
+#
+# [1]: http://en.wikipedia.org/wiki/Wildcard_certificate
+
+DOMAIN ?= example.com
+HOSTS ?= www static media kibana es
+
+WILDCARD_KEY ?= /etc/ssl/$(DOMAIN)/wildcard.$(DOMAIN).key
+WILDCARD_CERT_CHAIN ?= /etc/ssl/$(DOMAIN)/wildcard.$(DOMAIN)-chain.crt
+
+FQDNS = $(patsubst %, %.$(DOMAIN), $(HOSTS)) nginx
+KEYS = $(patsubst %, %.key, $(FQDNS))
+CERTS = $(patsubst %, %.pem, $(FQDNS))
+
+all: $(KEYS) $(CERTS)
+
+clean:
+       rm -f *.key *.pem
+
+$(KEYS): %.key: | $(WILDCARD_KEY)
+       ln -s "$(WILDCARD_KEY)" "$@"
+
+$(CERTS): %.pem: | $(WILDCARD_CERT_CHAIN)
+       ln -s "$(WILDCARD_CERT_CHAIN)" "$@"
author	W. Trevor King <wking@tremily.us>
	Sat, 15 Feb 2014 02:43:52 +0000 (18:43 -0800)
committer	W. Trevor King <wking@tremily.us>
	Sat, 15 Feb 2014 02:43:52 +0000 (18:43 -0800)