@@ -12,7 +12,10 @@ chmod 750 ${MITM_CERTS} || die "Error setting permissions on ${MITM_CERTS}" | |||||
chmod -R 440 ${MITM_CERTS}/* || die "Error setting permissions on ${MITM_CERTS} files" | chmod -R 440 ${MITM_CERTS}/* || die "Error setting permissions on ${MITM_CERTS} files" | ||||
CERTS_DIR=/home/bubble/cacerts | CERTS_DIR=/home/bubble/cacerts | ||||
MITM_BASE_NAME="bubble-ca" | |||||
CERT_BASE="${1:?no cert base provided}" | |||||
MITM_BASE_NAME="${CERT_BASE}-ca" | |||||
mkdir -p ${CERTS_DIR} || die "Error creating cacerts dir" | mkdir -p ${CERTS_DIR} || die "Error creating cacerts dir" | ||||
cp ${MITM_CERTS}/${MITM_BASE_NAME}-cert.pem ${CERTS_DIR} || die "Error copying pem cert" | cp ${MITM_CERTS}/${MITM_BASE_NAME}-cert.pem ${CERTS_DIR} || die "Error copying pem cert" | ||||
cp ${MITM_CERTS}/${MITM_BASE_NAME}-cert.pem.crt ${CERTS_DIR}/${MITM_BASE_NAME}-cert.crt || die "Error copying crt cert" | cp ${MITM_CERTS}/${MITM_BASE_NAME}-cert.pem.crt ${CERTS_DIR}/${MITM_BASE_NAME}-cert.crt || die "Error copying crt cert" | ||||
@@ -23,7 +23,7 @@ | |||||
when: install_type == 'node' | when: install_type == 'node' | ||||
- name: Install mitmproxy public certs in bubble dir | - name: Install mitmproxy public certs in bubble dir | ||||
shell: /usr/local/bin/copy_certs_to_bubble.sh | |||||
shell: /usr/local/bin/copy_certs_to_bubble.sh {{ server_alias }} | |||||
when: install_type == 'node' | when: install_type == 'node' | ||||
- name: Install bubble supervisor conf file | - name: Install bubble supervisor conf file | ||||
@@ -64,7 +64,6 @@ public class ApiConstants { | |||||
public static final String HOME_DIR = System.getProperty("user.home"); | public static final String HOME_DIR = System.getProperty("user.home"); | ||||
public static final File CACERTS_DIR = new File(HOME_DIR, "cacerts"); | public static final File CACERTS_DIR = new File(HOME_DIR, "cacerts"); | ||||
public static final String MITMPROXY_CA_CERT_BASE = "bubble-ca-cert."; | |||||
public static final File MITMPROXY_CERT_DIR = new File(HOME_DIR, "mitm_certs"); | public static final File MITMPROXY_CERT_DIR = new File(HOME_DIR, "mitm_certs"); | ||||
public static final String META_PROP_BUBBLE_VERSION = "bubble.version"; | public static final String META_PROP_BUBBLE_VERSION = "bubble.version"; | ||||
@@ -452,7 +452,9 @@ public class AuthResource { | |||||
@QueryParam("type") CertType type) { | @QueryParam("type") CertType type) { | ||||
final Account caller = optionalUserPrincipal(ctx); | final Account caller = optionalUserPrincipal(ctx); | ||||
if (type == null) type = CertType.pem; | if (type == null) type = CertType.pem; | ||||
final File certFile = new File(CACERTS_DIR, MITMPROXY_CA_CERT_BASE+type.name()); | |||||
final BubbleNetwork thisNet = configuration.getThisNetwork(); | |||||
if (thisNet == null) return die("getCaCert: thisNetwork was null"); | |||||
final File certFile = new File(CACERTS_DIR, thisNet.getNetworkDomain()+"."+type.name()); | |||||
if (!certFile.exists()) return notFound(type.name()); | if (!certFile.exists()) return notFound(type.name()); | ||||
return send(new FileSendableResource(certFile).setForceDownload(true)); | return send(new FileSendableResource(certFile).setForceDownload(true)); | ||||
} | } | ||||
@@ -12,7 +12,6 @@ import bubble.server.BubbleConfiguration; | |||||
import bubble.service.boot.SelfNodeService; | import bubble.service.boot.SelfNodeService; | ||||
import bubble.service.cloud.NetworkMonitorService; | import bubble.service.cloud.NetworkMonitorService; | ||||
import lombok.extern.slf4j.Slf4j; | import lombok.extern.slf4j.Slf4j; | ||||
import org.cobbzilla.wizard.dao.AbstractDAO; | |||||
import org.cobbzilla.wizard.server.RestServer; | import org.cobbzilla.wizard.server.RestServer; | ||||
import org.cobbzilla.wizard.server.RestServerLifecycleListenerBase; | import org.cobbzilla.wizard.server.RestServerLifecycleListenerBase; | ||||
@@ -54,11 +53,13 @@ public class NodeInitializerListener extends RestServerLifecycleListenerBase<Bub | |||||
final BubbleConfiguration c = (BubbleConfiguration) server.getConfiguration(); | final BubbleConfiguration c = (BubbleConfiguration) server.getConfiguration(); | ||||
// ensure all search views can be created | // ensure all search views can be created | ||||
if (!c.testMode()) { | |||||
c.getAllDAOs().stream() | |||||
.filter(dao -> dao instanceof AbstractDAO) | |||||
.forEach(dao -> ((AbstractDAO) dao).getSearchView()); | |||||
} | |||||
// disabled for now, slows down startup time and consumes much memory. | |||||
// Most search views will probably not need to be instantiated anyway | |||||
// if (!c.testMode()) { | |||||
// c.getAllDAOs().stream() | |||||
// .filter(dao -> dao instanceof AbstractDAO) | |||||
// .forEach(dao -> ((AbstractDAO) dao).getSearchView()); | |||||
// } | |||||
// ensure system configs can be loaded properly | // ensure system configs can be loaded properly | ||||
final Map<String, Object> configs = c.getPublicSystemConfigs(); | final Map<String, Object> configs = c.getPublicSystemConfigs(); | ||||