Remove TODO and genkeys.sh

This commit is contained in:
Alex Auvolat 2021-12-06 13:15:50 +01:00
parent 7f26ed55cd
commit ccce75bc25
No known key found for this signature in database
GPG Key ID: EDABF9711E244EB1
2 changed files with 0 additions and 110 deletions

27
TODO
View File

@ -1,27 +0,0 @@
Testing
-------
How are we going to test that our replication method works correctly?
We will have to introduce lots of dummy data and then add/remove nodes many times.
Attaining S3 compatibility
--------------------------
- test multipart uploads
- get ranges
- fix sync not working in some cases ? (when starting from empty?)
- api_server following the S3 semantics for head/get/put/list/delete: verify more that it works as intended
- PUT requests: verify content-md5 if provided
- possibly other necessary endpoints ?
Lower priority
--------------
- less a priority: hinted handoff
- repair: re-propagate block ref table to rc
- FIXME in rpc_server when garage shuts down and futures can be interrupted
(tokio::spawn should be replaced by a new function background::spawn_joinable)

View File

@ -1,83 +0,0 @@
#!/bin/bash
set -xe
cd $(dirname $0)
mkdir -p pki
cd pki
# Create a certificate authority that both the client side and the server side of
# the RPC protocol will use to authenticate the other side.
if [ ! -f garage-ca.key ]; then
echo "Generating Garage CA keys..."
openssl genpkey -algorithm ED25519 -out garage-ca.key
openssl req -x509 -new -nodes -key garage-ca.key -sha256 -days 3650 -out garage-ca.crt -subj "/C=FR/O=Garage"
fi
# Generate a certificate that can be used either as a server certificate
# or a client certificate. This is what the RPC client and server will use
# to prove that they are authenticated by the CA.
if [ ! -f garage.crt ]; then
echo "Generating Garage agent keys..."
if [ ! -f garage.key ]; then
openssl genpkey -algorithm ED25519 -out garage.key
fi
openssl req -new -sha256 -key garage.key -subj "/C=FR/O=Garage/CN=garage" \
-out garage.csr
openssl req -in garage.csr -noout -text
openssl x509 -req -in garage.csr \
-extensions v3_req \
-extfile <(cat <<EOF
[req]
distinguished_name = req_distinguished_name
req_extensions = v3_req
prompt = no
[req_distinguished_name]
C = FR
O = Garage
CN = garage
[v3_req]
keyUsage = keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth, clientAuth
subjectAltName = @alt_names
[alt_names]
DNS.1 = garage
EOF
) \
-CA garage-ca.crt -CAkey garage-ca.key -CAcreateserial \
-out garage.crt -days 365
fi
# Client-only certificate used for the CLI
if [ ! -f garage-client.crt ]; then
echo "Generating Garage client keys..."
if [ ! -f garage-client.key ]; then
openssl genpkey -algorithm ED25519 -out garage-client.key
fi
openssl req -new -sha256 -key garage-client.key -subj "/C=FR/O=Garage" \
-out garage-client.csr
openssl req -in garage-client.csr -noout -text
openssl x509 -req -in garage-client.csr \
-extensions v3_req \
-extfile <(cat <<EOF
[req]
distinguished_name = req_distinguished_name
req_extensions = v3_req
prompt = no
[req_distinguished_name]
C = FR
O = Garage
[v3_req]
keyUsage = keyEncipherment, dataEncipherment
extendedKeyUsage = clientAuth
EOF
) \
-CA garage-ca.crt -CAkey garage-ca.key -CAcreateserial \
-out garage-client.crt -days 365
fi