phosphor-certificate-manager: Add recipe and certificate service
Add recipe and service files to start/stop nginx and nslcd services
To start/stop nginx service use
systemctl stop phosphor-certificate-manager@nginx.service
systemctl start phosphor-certificate-manager@nginx.service
To start/stop nslcd service use
systemctl stop phosphor-certificate-manager@nslcd.service
systemctl start phosphor-certificate-manager@nslcd.service
Change-Id: I81c544ea9290792df0d9d2e5afb4ea2614f8e306
Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
diff --git a/recipes-phosphor/certificate/phosphor-certificate-manager/phosphor-certificate-manager@.service b/recipes-phosphor/certificate/phosphor-certificate-manager/phosphor-certificate-manager@.service
new file mode 100644
index 0000000..d661b75
--- /dev/null
+++ b/recipes-phosphor/certificate/phosphor-certificate-manager/phosphor-certificate-manager@.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=Phosphor certificate manager for %I
+
+[Service]
+EnvironmentFile={envfiledir}/obmc/cert/%I
+ExecStart=/usr/bin/env phosphor-certificate-manager --endpoint=${{ENDPOINT}} --path=${{CERTPATH}} --unit=${{UNIT}} --type=${{TYPE}}
+SyslogIdentifier=phosphor-certificate-manager
+Restart=always
+
+[Install]
+WantedBy={SYSTEMD_DEFAULT_TARGET}
diff --git a/recipes-phosphor/certificate/phosphor-certificate-manager_git.bb b/recipes-phosphor/certificate/phosphor-certificate-manager_git.bb
new file mode 100644
index 0000000..9dd6739
--- /dev/null
+++ b/recipes-phosphor/certificate/phosphor-certificate-manager_git.bb
@@ -0,0 +1,30 @@
+SUMMARY = "Phosphor Certificate Manager"
+DESCRIPTION = "Manages client and server certificates"
+HOMEPAGE = "https://github.com/openbmc/phosphor-certificate-manager"
+
+PR = "r1"
+PV = "0.1+git${SRCPV}"
+
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327"
+
+SRC_URI = "git://github.com/openbmc/phosphor-certificate-manager"
+SRCREV = "0aa0d11489cc8cfe4bf2662d138909eba96ccd04"
+
+inherit autotools \
+ pkgconfig \
+ obmc-phosphor-systemd
+
+DEPENDS = " \
+ phosphor-logging \
+ autoconf-archive-native \
+ phosphor-dbus-interfaces \
+ phosphor-dbus-interfaces-native \
+ sdbusplus \
+ sdbusplus-native \
+ "
+
+S = "${WORKDIR}/git"
+
+CERT_TMPL = "phosphor-certificate-manager@.service"
+SYSTEMD_SERVICE_${PN} = "${CERT_TMPL}"
diff --git a/recipes-phosphor/certificate/phosphor-nginx-cert-config.bb b/recipes-phosphor/certificate/phosphor-nginx-cert-config.bb
new file mode 100644
index 0000000..d34ea7e
--- /dev/null
+++ b/recipes-phosphor/certificate/phosphor-nginx-cert-config.bb
@@ -0,0 +1,15 @@
+SUMMARY = "Phosphor certificate manager configuration for an nginx certificate"
+
+PR = "r1"
+
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://${PHOSPHORBASE}/LICENSE;md5=784eea0404d452a8b0d1966b14c37b5c"
+
+RRECOMMENDS_${PN} = "phosphor-certificate-manager"
+
+inherit allarch
+inherit obmc-phosphor-systemd
+
+SYSTEMD_SERVICE_${PN} = ""
+SYSTEMD_ENVIRONMENT_FILE_${PN} = "obmc/cert/nginx"
+SYSTEMD_LINK_${PN} = "../phosphor-certificate-manager@.service:${SYSTEMD_DEFAULT_TARGET}.wants/phosphor-certificate-manager@nginx.service"
diff --git a/recipes-phosphor/certificate/phosphor-nginx-cert-config/obmc/cert/nginx b/recipes-phosphor/certificate/phosphor-nginx-cert-config/obmc/cert/nginx
new file mode 100644
index 0000000..62d8760
--- /dev/null
+++ b/recipes-phosphor/certificate/phosphor-nginx-cert-config/obmc/cert/nginx
@@ -0,0 +1,12 @@
+#REST URI endpoint
+#example: /xyz/openbmc_project/certs/server/https
+ENDPOINT=https
+
+#Path for the certificate file
+CERTPATH=/etc/ssl/certs/nginx/cert.pem
+
+#Units to restart
+UNIT=nginx.service
+
+#Type of the service client/server
+TYPE=server
diff --git a/recipes-phosphor/certificate/phosphor-nslcd-cert-config.bb b/recipes-phosphor/certificate/phosphor-nslcd-cert-config.bb
new file mode 100644
index 0000000..d6f5799
--- /dev/null
+++ b/recipes-phosphor/certificate/phosphor-nslcd-cert-config.bb
@@ -0,0 +1,15 @@
+SUMMARY = "Phosphor certificate manager configuration for an nslcd certificate"
+
+PR = "r1"
+
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://${PHOSPHORBASE}/LICENSE;md5=784eea0404d452a8b0d1966b14c37b5c"
+
+RRECOMMENDS_${PN} = "phosphor-certificate-manager"
+
+inherit allarch
+inherit obmc-phosphor-systemd
+
+SYSTEMD_SERVICE_${PN} = ""
+SYSTEMD_ENVIRONMENT_FILE_${PN} = "obmc/cert/nslcd"
+SYSTEMD_LINK_${PN} = "../phosphor-certificate-manager@.service:${SYSTEMD_DEFAULT_TARGET}.wants/phosphor-certificate-manager@nslcd.service"
diff --git a/recipes-phosphor/certificate/phosphor-nslcd-cert-config/obmc/cert/nslcd b/recipes-phosphor/certificate/phosphor-nslcd-cert-config/obmc/cert/nslcd
new file mode 100644
index 0000000..03fbec1
--- /dev/null
+++ b/recipes-phosphor/certificate/phosphor-nslcd-cert-config/obmc/cert/nslcd
@@ -0,0 +1,12 @@
+#REST URI endpoint
+#example: /xyz/openbmc_project/certs/client/ldap
+ENDPOINT=ldap
+
+#Path for the certificate file
+CERTPATH=/etc/nslcd/certs/cert.pem
+
+#Units to restart
+UNIT=nslcd.service
+
+#Type of the service client/server
+TYPE=client