configDao.findOne({name: 'certificationAuthority'}, function (err, ca) {
if (ca) {
var parameters = {
tmp_directory: config.serviceTmpDir,
password: ca.private_key.passphrase,
agent_id: agentId,
validity: ca.crt_validity,
cert_filename: ca.certificate.filename,
key_filename: ca.private_key.filename
};
dbCommander.command('init-agent', parameters, function(result) {
if (result.code == 0) {
var split = result.data.split('-----END RSA PRIVATE KEY-----');
var key = split[0] + '-----END RSA PRIVATE KEY-----';
var cert = split[1];
installsDao.update(agentId, {private_key: key, certificate: cert}, function (err, result) {
if (!result || result !== 1) {
if (callback) callback(new Error('[CA] Unable to update agent in DB'));
} else {
if (callback) callback(null);
}
});
} else {
if (callback) callback(new Error('[CA] Unable to create agent credentials: code = ' + result.code + ', output = ' + result.data));
}
});
} else {
if (callback) callback(new Error('[CA] No configuration found in database for the certification authority'));
}
});
var createMaintenanceUserKeys = function (callback) {
// Create ssh keys if not exists
if (!config.maintenancePrivateKey) {
// Key filename
var key = config.serverTmpDir + 'key';
// Execute command
dbCommander.command('create-ssh-keys', {filename: key}, function (result) {
if (result.code !== 0) {
throw new Error('[Bootstrap] Unable to create ssh keys for maintenance user');
}
var data = {
'config.maintenanceUser': '******',
'config.maintenancePublicKey': fs.readFileSync(key + '.pub').toString(),
'config.maintenancePrivateKey': fs.readFileSync(key).toString()
};
serversDao.update(config.serverId, data, function () {
// Remove key files
fs.unlinkSync(key + '.pub');
fs.unlinkSync(key);
// Reload config to add keys
config.reload(function (err) {
// Callback
logger.info('[Bootstrap] Maintenance user ready to connect : keys generated');
if (callback) callback(err);
});
});
});
} else {
if (callback) callback(null);
}
};
configDao.findOne({name: 'certificationAuthority'}, function (err, ca) {
if (ca) {
var parameters = {
tmp_directory: config.serviceTmpDir,
password: ca.private_key.passphrase,
validity: ca.crt_validity,
cert_filename: ca.certificate.filename,
key_filename: ca.private_key.filename,
index: index
};
dbCommander.command('generate-crl', parameters, function (result) {
configDao.update(ca._id, {'crl.contents' : result.data, 'crl.last_generation' : new Date().getTime()}, function (err, result) {
if (!result || result !== 1) {
if (callback) callback(new Error('[CA] Unable to update CRL in DB'));
} else {
logger.info('[CA] CRL generated: ' + result.data);
if (callback) callback(null);
}
});
});
} else {
if (callback) callback(new Error('[CA] No configuration found in database for the certification authority'));
}
});