Safe init: do not overwrite cert, key and config if present, close #400

If either key or cert is missing, both are regenerated
SerpicoProject · Feb 10, 2018 · 0214c1a · 0214c1a
1 parent fe9c493
commit 0214c1a
Showing 1 changed file with 44 additions and 35 deletions.
diff --git a/scripts/first_time.rb b/scripts/first_time.rb
@@ -203,43 +203,52 @@
 end
 
 # create the SSL cert
-puts "Creating self-signed SSL certificate, you should really have a legitimate one."
-
-name = "/C=US/ST=MD/L=MD/O=MD/CN=serpico"
-ca   = OpenSSL::X509::Name.parse(name)
-key = OpenSSL::PKey::RSA.new(1024)
-
-crt = OpenSSL::X509::Certificate.new
-crt.version = 2
-crt.serial  = rand(10**10)
-crt.subject = ca
-crt.issuer = ca
-crt.public_key = key.public_key
-crt.not_before = Time.now
-crt.not_after  = Time.now + 1 * 365 * 24 * 60 * 60 # 1 year
-
-ef = OpenSSL::X509::ExtensionFactory.new
-ef.subject_certificate = crt
-ef.issuer_certificate = crt
-crt.extensions = [
-ef.create_extension("basicConstraints","CA:TRUE", true),
-ef.create_extension("subjectKeyIdentifier", "hash"),
-]
-crt.add_extension ef.create_extension("authorityKeyIdentifier",
-"keyid:always,issuer:always")
-crt.sign key, OpenSSL::Digest::SHA1.new
-
-File.open("./cert.pem", "w") do |f|
-  f.write crt.to_pem
-end
 
-File.open("./key.pem", "w") do |f|
-  f.write key.to_pem
+if !File.exist?('./cert.pem') || !File.exist?('./key.pem')
+	puts "Creating self-signed SSL certificate, you should really have a legitimate one."
+
+	name = "/C=US/ST=MD/L=MD/O=MD/CN=serpico"
+	ca   = OpenSSL::X509::Name.parse(name)
+	key = OpenSSL::PKey::RSA.new(1024)
+
+	crt = OpenSSL::X509::Certificate.new
+	crt.version = 2
+	crt.serial  = rand(10**10)
+	crt.subject = ca
+	crt.issuer = ca
+	crt.public_key = key.public_key
+	crt.not_before = Time.now
+	crt.not_after  = Time.now + 1 * 365 * 24 * 60 * 60 # 1 year
+
+	ef = OpenSSL::X509::ExtensionFactory.new
+	ef.subject_certificate = crt
+	ef.issuer_certificate = crt
+	crt.extensions = [
+			ef.create_extension("basicConstraints","CA:TRUE", true),
+			ef.create_extension("subjectKeyIdentifier", "hash"),
+	]
+	crt.add_extension ef.create_extension("authorityKeyIdentifier",
+																				"keyid:always,issuer:always")
+	crt.sign key, OpenSSL::Digest::SHA1.new
+
+	File.open("./cert.pem", "w") do |f|
+		f.write crt.to_pem
+	end
+
+	File.open("./key.pem", "w") do |f|
+		f.write key.to_pem
+	end
+else
+  puts "Skipping SSL certificate creation, key.pem and cert.pem already exist."
 end
 
+
 # Copying the default configurations over
-puts "Copying configuration settings over."
-File.open("./config.json", "w") do |f|
-	f.write File.open("./config.json.defaults", "rb").read
+if !File.exist?('./config.json')
+	puts "Copying configuration settings over."
+	File.open("./config.json", "w") do |f|
+		f.write File.open("./config.json.defaults", "rb").read
+	end
+else
+  puts "Skipping creation of config.json, file exists."
 end
-