diff --git a/README.md b/README.md index f9e274e..120169e 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,8 @@ A comprehensive real-time drone detection and monitoring system with SMS alerts, real-time mapping, and advanced analytics. ## Features +notif ethernet https://yourserver.com/path/to/script +coords ### Core Functionality - **Real-time Drone Detection**: Receive and process drone detection data from hardware sensors diff --git a/generate-ssl-cert.sh b/generate-ssl-cert.sh new file mode 100644 index 0000000..f2bd8de --- /dev/null +++ b/generate-ssl-cert.sh @@ -0,0 +1,184 @@ +#!/bin/bash + +# Self-Signed Certificate Generator for Uggla Drone Detection System +# Creates a 10-year certificate with interactive domain configuration + +set -e + +# Colors for output +RED='\033[0;31m' +GREEN='\033[0;32m' +YELLOW='\033[1;33m' +BLUE='\033[0;34m' +NC='\033[0m' # No Color + +# Certificate configuration +CERT_DIR="./docker/ssl" +CERT_NAME="uggla" +CERT_KEY="${CERT_DIR}/${CERT_NAME}.key" +CERT_CRT="${CERT_DIR}/${CERT_NAME}.crt" +CERT_CSR="${CERT_DIR}/${CERT_NAME}.csr" +CERT_CONF="${CERT_DIR}/${CERT_NAME}.conf" +DAYS=3650 # 10 years + +echo -e "${BLUE}======================================${NC}" +echo -e "${BLUE} Uggla SSL Certificate Generator${NC}" +echo -e "${BLUE}======================================${NC}" +echo + +# Create SSL directory if it doesn't exist +mkdir -p "${CERT_DIR}" + +echo -e "${YELLOW}This script will generate a self-signed SSL certificate valid for 10 years.${NC}" +echo -e "${YELLOW}You'll need to provide certificate details and domain names.${NC}" +echo + +# Collect certificate information +echo -e "${GREEN}Enter certificate information:${NC}" +read -p "Country (2 letter code) [SE]: " COUNTRY +COUNTRY=${COUNTRY:-SE} + +read -p "State/Province [Stockholm]: " STATE +STATE=${STATE:-Stockholm} + +read -p "City [Stockholm]: " CITY +CITY=${CITY:-Stockholm} + +read -p "Organization [Uggla Systems]: " ORG +ORG=${ORG:-"Uggla Systems"} + +read -p "Organizational Unit [IT Department]: " OU +OU=${OU:-"IT Department"} + +read -p "Common Name (main domain) [localhost]: " CN +CN=${CN:-localhost} + +echo +echo -e "${GREEN}Enter Subject Alternative Names (SANs):${NC}" +echo -e "${YELLOW}Press Enter after each domain. Enter empty line when done.${NC}" +echo -e "${YELLOW}Examples: example.com, www.example.com, 192.168.1.100, localhost${NC}" +echo + +# Collect SANs +SANS=() +SANS+=("DNS:${CN}") # Add CN as first SAN +SANS+=("DNS:localhost") +SANS+=("IP:127.0.0.1") +SANS+=("IP:::1") + +echo "Default SANs added: ${CN}, localhost, 127.0.0.1, ::1" +echo "Enter additional domains/IPs:" + +while true; do + read -p "Domain or IP: " DOMAIN + if [[ -z "$DOMAIN" ]]; then + break + fi + + # Determine if it's an IP or domain + if [[ $DOMAIN =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]] || [[ $DOMAIN =~ ^[0-9a-fA-F:]+$ ]]; then + SANS+=("IP:${DOMAIN}") + echo "Added IP: ${DOMAIN}" + else + SANS+=("DNS:${DOMAIN}") + echo "Added domain: ${DOMAIN}" + fi +done + +echo +echo -e "${BLUE}Certificate Configuration Summary:${NC}" +echo "Country: ${COUNTRY}" +echo "State: ${STATE}" +echo "City: ${CITY}" +echo "Organization: ${ORG}" +echo "Organizational Unit: ${OU}" +echo "Common Name: ${CN}" +echo "SANs: ${SANS[*]}" +echo "Validity: ${DAYS} days (10 years)" +echo "Output directory: ${CERT_DIR}" +echo + +read -p "Continue with certificate generation? (y/N): " CONFIRM +if [[ ! $CONFIRM =~ ^[Yy]$ ]]; then + echo "Certificate generation cancelled." + exit 1 +fi + +echo +echo -e "${GREEN}Generating certificate...${NC}" + +# Create OpenSSL configuration file +cat > "${CERT_CONF}" << EOF +[req] +default_bits = 4096 +prompt = no +default_md = sha256 +distinguished_name = dn +req_extensions = v3_req + +[dn] +C=${COUNTRY} +ST=${STATE} +L=${CITY} +O=${ORG} +OU=${OU} +CN=${CN} + +[v3_req] +basicConstraints = CA:FALSE +keyUsage = nonRepudiation, digitalSignature, keyEncipherment +subjectAltName = @alt_names + +[alt_names] +EOF + +# Add SANs to config +for i in "${!SANS[@]}"; do + echo "${SANS[$i]}" | sed 's/DNS:/DNS.'$((i+1))' = /' | sed 's/IP:/IP.'$((i+1))' = /' >> "${CERT_CONF}" +done + +echo -e "${YELLOW}Step 1/3: Generating private key...${NC}" +openssl genrsa -out "${CERT_KEY}" 4096 + +echo -e "${YELLOW}Step 2/3: Generating certificate signing request...${NC}" +openssl req -new -key "${CERT_KEY}" -out "${CERT_CSR}" -config "${CERT_CONF}" + +echo -e "${YELLOW}Step 3/3: Generating self-signed certificate...${NC}" +openssl x509 -req -in "${CERT_CSR}" -signkey "${CERT_KEY}" -out "${CERT_CRT}" -days "${DAYS}" -extensions v3_req -extfile "${CERT_CONF}" + +# Set appropriate permissions +chmod 600 "${CERT_KEY}" +chmod 644 "${CERT_CRT}" + +# Clean up temporary files +rm "${CERT_CSR}" "${CERT_CONF}" + +echo +echo -e "${GREEN}======================================${NC}" +echo -e "${GREEN} Certificate Generation Complete!${NC}" +echo -e "${GREEN}======================================${NC}" +echo +echo -e "${GREEN}Certificate files created:${NC}" +echo "Private Key: ${CERT_KEY}" +echo "Certificate: ${CERT_CRT}" +echo +echo -e "${BLUE}Certificate Information:${NC}" +openssl x509 -in "${CERT_CRT}" -text -noout | grep -A 5 "Subject:" +openssl x509 -in "${CERT_CRT}" -text -noout | grep -A 10 "Subject Alternative Name" +echo +echo -e "${BLUE}Certificate validity:${NC}" +openssl x509 -in "${CERT_CRT}" -dates -noout + +echo +echo -e "${YELLOW}Next steps:${NC}" +echo "1. Update your nginx configuration to use these certificates" +echo "2. In docker/nginx/default.conf, add SSL configuration:" +echo " ssl_certificate /etc/nginx/ssl/${CERT_NAME}.crt;" +echo " ssl_certificate_key /etc/nginx/ssl/${CERT_NAME}.key;" +echo "3. Mount the SSL directory in docker-compose.yml (already configured)" +echo "4. Restart your Docker containers" +echo +echo -e "${RED}Warning: This is a self-signed certificate.${NC}" +echo -e "${RED}Browsers will show security warnings. Add to trusted certificates if needed.${NC}" +echo +echo -e "${GREEN}Certificate generation completed successfully!${NC}"