From 968e8234c77087025b77be5f22a6268914d88e62 Mon Sep 17 00:00:00 2001
From: Boris Kolpackov <boris@codesynthesis.com>
Date: Mon, 5 Jun 2017 17:50:26 +0200
Subject: Add support for host key generation

---
 buildos | 6 ++++++
 init    | 8 ++++++++
 2 files changed, 14 insertions(+)

diff --git a/buildos b/buildos
index 692dc48..3657603 100755
--- a/buildos
+++ b/buildos
@@ -249,6 +249,11 @@ function print ()
 
     echo
   done
+
+  echo "host key:"
+  echo
+
+  openssl rsa -pubout -in /state/etc/host-key.pem 2>/dev/null
 }
 
 print | email "starting build os monitor"
@@ -760,6 +765,7 @@ function bbot_start () # <toolchain-name> <toolchain-index>
     #
     sed -i -r \
 	-e "s/%[iI]/$tn/g" \
+	-e "s#^(Environment=AUTH_KEY)=.*#\1=/state/etc/host-key.pem#" \
 	-e "s/^(Environment=CPU)=.*/\1=$cpu_slice/" \
 	-e "s/^(Environment=RAM)=.*/\1=$ram_slice/" \
 	-e "s/^(Environment=TOOLCHAIN_ID)=.*/\1=$ts/" \
diff --git a/init b/init
index 35838e5..83a4c27 100755
--- a/init
+++ b/init
@@ -383,6 +383,14 @@ o="nodev,noexec,nosuid,size=512M"
 o+=",mode=0755,uid=$(id -u build),gid=$(id -g build)"
 echo "tmpfs /build/tftp tmpfs $o 0 0" >>$fstab
 
+# Generate a host key. Used, for example, by the bbot agent to authenticate
+# with a controller.
+#
+mkdir -p /state/etc
+if [ ! -e /state/etc/host-key.pem ]; then
+  openssl genrsa 4096 >/state/etc/host-key.pem
+fi
+
 # Configure Postfix.
 #
 cat <<<"$hname" >/etc/mailname
-- 
cgit v1.1