ssh-ca/Makefile

USER     := sshca
HOME     := /srv/sshca
BINDIR   := $(HOME)/bin
DATADIR  := $(HOME)/.local/ssh-ca
PKIDIR   := $(DATADIR)/pubs
CONFDIR  := $(HOME)/.config/ssh-ca
CONFFILE := $(CONFDIR)/ssh-ca.conf

all: ssh-ca.conf help
help:
	@echo "Depends on ruby"
	@echo "Run `make install` for installation."
	@echo "If you want to define some default, delete ssh-ca.conf and run `make USER=sshca HOME=/srv/sshca`"
	@echo "You have to install the user manually:"
	@echo "  useradd -H /srv/sshca sshca"
	@echo "And needed gems:"
	@echo "  gem install activesupport"

install: $(BINDIR)/ssh-ca $(CONFFILE) $(PKIDIR) $(HOME)/.ssh/authorized_keys $(DATADIR)/serial

$(HOME):
	useradd --system --no-user-group --shell /bin/sh --create-home --home-dir /srv/sshca sshca

$(BINDIR): $(HOME)
	install -o $(USER) -m 0755 -d $@

$(BINDIR)/ssh-ca: ssh-ca $(BINDIR)
	install -o $(USER) -m 0755 $^ $@

$(CONFFILE): ssh-ca.conf $(CONFDIR)
	if ! test -f $@; then install -o $(USER) -m 0600 $^ $@; fi

$(CONFDIR) $(DATADIR) $(HOME)/.ssh: $(HOME)
	install -o $(USER) -m 0700 -d $@

$(HOME)/.ssh/authorized_keys: $(HOME)/.ssh
	umask 0177; touch $@; chmod 0600 $@; chown $(USER) $@

$(DATADIR)/serial: $(DATADIR)
	if ! test -f $@; then echo '0' > $@; chown $(USER) $@; chmod 0600 $@; fi

$(DATADIR)/ca: $(DATADIR)
	if ! test -f $@; then ssh-keygen -t ed25519 -C "CA" -N '' -f $@; chown $(USER) $@ $@.pub; chmod 0400 $@ $@.pub; fi

.PHONY: all help install
init 2022-02-27 11:25:21 +01:00			`USER := sshca`
			`HOME := /srv/sshca`
			`BINDIR := $(HOME)/bin`
			`DATADIR := $(HOME)/.local/ssh-ca`
			`PKIDIR := $(DATADIR)/pubs`
			`CONFDIR := $(HOME)/.config/ssh-ca`
			`CONFFILE := $(CONFDIR)/ssh-ca.conf`

			`all: ssh-ca.conf help`
			`help:`
			`@echo "Depends on ruby"`
			@echo "Run `make install` for installation."
			@echo "If you want to define some default, delete ssh-ca.conf and run `make USER=sshca HOME=/srv/sshca`"
			`@echo "You have to install the user manually:"`
			`@echo " useradd -H /srv/sshca sshca"`
			`@echo "And needed gems:"`
			`@echo " gem install activesupport"`

			`install: $(BINDIR)/ssh-ca $(CONFFILE) $(PKIDIR) $(HOME)/.ssh/authorized_keys $(DATADIR)/serial`

			`$(HOME):`
			`useradd --system --no-user-group --shell /bin/sh --create-home --home-dir /srv/sshca sshca`

			`$(BINDIR): $(HOME)`
			`install -o $(USER) -m 0755 -d $@`

			`$(BINDIR)/ssh-ca: ssh-ca $(BINDIR)`
			`install -o $(USER) -m 0755 $^ $@`

			`$(CONFFILE): ssh-ca.conf $(CONFDIR)`
			`if ! test -f $@; then install -o $(USER) -m 0600 $^ $@; fi`

			`$(CONFDIR) $(DATADIR) $(HOME)/.ssh: $(HOME)`
			`install -o $(USER) -m 0700 -d $@`

			`$(HOME)/.ssh/authorized_keys: $(HOME)/.ssh`
			`umask 0177; touch $@; chmod 0600 $@; chown $(USER) $@`

			`$(DATADIR)/serial: $(DATADIR)`
			`if ! test -f $@; then echo '0' > $@; chown $(USER) $@; chmod 0600 $@; fi`

			`$(DATADIR)/ca: $(DATADIR)`
			`if ! test -f $@; then ssh-keygen -t ed25519 -C "CA" -N '' -f $@; chown $(USER) $@ $@.pub; chmod 0400 $@ $@.pub; fi`

			`.PHONY: all help install`