From a627be89ba2f5f8c9f233144474da112320678b4 Mon Sep 17 00:00:00 2001 From: Natalia Serrano Date: Fri, 16 May 2025 15:37:08 +0200 Subject: [PATCH] refs #2026 add template for stunnel config --- chroot-tasks.py | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/chroot-tasks.py b/chroot-tasks.py index 8b75937..2a4486e 100755 --- a/chroot-tasks.py +++ b/chroot-tasks.py @@ -108,6 +108,22 @@ def updateCaCertificates(): print ('Updating CA trust Store', file=sys.stderr) utils.run (['update-ca-certificates']) +def configure_stunnel(): + with open ('/etc/stunnel/menu.conf', 'w') as fd: + fd.write ('setuid = stunnel4\n') + fd.write ('setgid = stunnel4\n') + fd.write ('pid = /var/run/stunnel4/menu.pid\n') + fd.write ('\n') + fd.write ('[menu]\n') + fd.write ('client = yes\n') + fd.write ('accept = 127.0.0.1:81\n') + fd.write ('connect = __OGCORE_IP__:__OGCORE_PORT__\n') + fd.write ('cert = /opt/opengnsys/etc/ogagent.crt\n') + fd.write ('key = /opt/opengnsys/etc/ogagent.key\n') + fd.write ('CAfile = /opt/opengnsys/etc/ca.crt\n') + fd.write ('requireCert = yes\n') + fd.write ('verifyChain = yes\n') + def boottoolsPythonModules(): utils.run (['pip3', 'install', 'pyblkid', '--break-system-packages']) @@ -158,6 +174,7 @@ if __name__ == '__main__': debconf_settings = config['General'].get ('debconf_settings') updateCaCertificates() + configure_stunnel() setup_resolvconf() boottoolsSoftwareInstall (args.osarch, args.osrelease) boottoolsSoftwareCompile()