Merge pull request #24 from Xboarder56/master

add: certificate renewal support
2024-04-24 21:00:54 -04:00
parent 0591078ac3 a1d60ecda3
commit 150fdc5c91
2 changed files with 11 additions and 1 deletions
--- a/2
+++ b/2
@@ -19,7 +19,7 @@ RUN chmod +x entrypoint && \
    wget -O /opt/velociraptor/windows/velociraptor_client.exe "$WINDOWS_EXE" && \
    wget -O /opt/velociraptor/windows/velociraptor_client.msi "$WINDOWS_MSI" && \
    # Clean up 
-    apt-get remove -y --purge curl wget jq && \
+    apt-get remove -y --purge wget && \
    apt-get clean
 WORKDIR /velociraptor 
 CMD ["/entrypoint"]
--- a/10
+++ b/10
@@ -21,6 +21,16 @@ if [ ! -f server.config.yaml ]; then
 	./velociraptor --config server.config.yaml user add $VELOX_USER $VELOX_PASSWORD --role $VELOX_ROLE
 fi
 # Check Server Certificate Status, Re-generate if it's expiring in 24-hours or less
 if true | ./velociraptor --config server.config.yaml config show --json | jq -r .Frontend.certificate | openssl x509 -text -enddate -noout -checkend 86400 >/dev/null; then
  echo "Skipping renewal, certificate is not expired"
 else
  echo "Certificate is expired, rotating certificate."
  ./velociraptor --config ./server.config.yaml config rotate_key > /tmp/server.config.yaml
  cp ./server.config.yaml ./server.config.yaml.bak
  mv /tmp/server.config.yaml /velociraptor/.
 fi
 # Re-generate client config in case server config changed
 ./velociraptor --config server.config.yaml config client > client.config.yaml