#!/bin/sh

KEY="/etc/partimaged/partimaged.key"
CNF="/etc/partimaged/servercert.cnf"
CSR="/etc/partimaged/partimaged.csr"
CERT="/etc/partimaged/partimaged.cert"

if [ ! -f "$KEY" ]; then
	openssl genrsa -out "$KEY" 1024
	chmod 600 "$KEY"
	chown partimag:root "$KEY"
fi

if [ ! -f "$CSR" ]; then
	openssl req -new -x509 -outform PEM -out "$CSR" -key "$KEY" -config "$CNF"
	chmod 644 "$CSR"
	chown root:root "$CSR"
fi

if [ ! -f "$CERT" ]; then
	openssl x509 -in "$CSR" -out "$CERT" -signkey "$KEY"
	chmod 600 "$CERT"
	chown partimag:root "$CERT"
fi

exit 0