cb601/edh-keygen
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f67991ab87dea48d993bdfe585de917c492fd281
edh-keygen/README.md
Stephan Düsterhaupt f67991ab87 Initial commit
2025-05-18 14:56:41 +02:00

3.1 KiB
Raw Blame History

edh-keygen

Automated Diffie-Hellman key generation and service management script with flexible configuration and systemd integration and RPM packaging.

Outline

  1. Features
  2. Installation
  3. Configuration
  4. Directory Layout
  5. CRON Job Example
  6. License
  7. Authors
  8. Project Home

Features

  • Generates DH parameters for secure services
  • Supports service restarts for root and non-root systemd users
  • Configurable per-service and global settings via config file
  • Customizable sync paths, ownership, and permissions for DH keys
  • Weekly cron job integration for automated key regeneration
  • RPM packaging for easy deployment

Installation

  1. Install required packages
sudo dnf install git rpm-build rpmdevtools yum-utils -y
  1. Clone the Repository
git clone https://dev.town-square.de/cb601/edh-keygen.git

cd edh-keygen
  1. Build the RPM package

You can use the provided Makefile:

make clean
make rpm
  1. Install the RPM package
sudo yum localinstall rpmbuild/RPMS/noarch/edh-keygen-1.0-1.noarch.rpm
  1. Verify the Installation
ls -l /opt/edh-keygen

You should see:

-rwxr-x--- 1 root root ... edh-keygen.sh
-rw-r----- 1 root root ... edh-keygen.conf

Check RPM info:

rpm -qil edh-keygen

Configuration

The configuration file (edh-keygen.conf or edh-keygen.local) supports both global path settings and per-service lines. See the file itself for detailed documentation and examples.

Directory Layout

Path Purpose
/opt/edh-keygen/edh-keygen.sh Main script
/opt/edh-keygen/edh-keygen.conf Overwritten config (always)
/opt/edh-keygen/edh-keygen.local User config (never overwritten)
/etc/cron.weekly/edh-keygen Cron job script (optional)

CRON Job Example

To run the key generator weekly, you have two options:

1. Crontab

You can add a weekly cron job directly to the root user's crontab:

Open the root crontab for editing:

sudo crontab -e

Add the following line to run the script every Sunday at 3:30 AM:

30 3 * * 0 /opt/edh-keygen/edh-keygen.sh

(Adjust the schedule as needed. This example runs the script weekly on Sunday.)

2. System Cron Weekly Directory

Create a script as /etc/cron.weekly/edh-keygen:

#!/bin/sh

/opt/edh-keygen/edh-keygen.sh

exit 0

Ensure the script is executable:

chmod 750 /etc/cron.weekly/edh-keygen

License

MIT

Authors

CB-601 - the open tec Elevator

Project Home

Project Home: https://dev.town-square.de/cb601/edh-keygen

Reference in New Issue View Git Blame Copy Permalink