Fix jwt-token

2025-09-06 20:06:03 +02:00
parent b6c46d370b
commit cfbc0ae0c6
2 changed files with 186 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -3,6 +3,8 @@
 A comprehensive real-time drone detection and monitoring system with SMS alerts, real-time mapping, and advanced analytics.

 ## Features
+notif ethernet https://yourserver.com/path/to/script
+coords <lat> <lon>

 ### Core Functionality
 - **Real-time Drone Detection**: Receive and process drone detection data from hardware sensors
--- a/generate-ssl-cert.sh
+++ b/generate-ssl-cert.sh
@@ -0,0 +1,184 @@
+#!/bin/bash
+
+# Self-Signed Certificate Generator for Uggla Drone Detection System
+# Creates a 10-year certificate with interactive domain configuration
+
+set -e
+
+# Colors for output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+BLUE='\033[0;34m'
+NC='\033[0m' # No Color
+
+# Certificate configuration
+CERT_DIR="./docker/ssl"
+CERT_NAME="uggla"
+CERT_KEY="${CERT_DIR}/${CERT_NAME}.key"
+CERT_CRT="${CERT_DIR}/${CERT_NAME}.crt"
+CERT_CSR="${CERT_DIR}/${CERT_NAME}.csr"
+CERT_CONF="${CERT_DIR}/${CERT_NAME}.conf"
+DAYS=3650  # 10 years
+
+echo -e "${BLUE}======================================${NC}"
+echo -e "${BLUE}  Uggla SSL Certificate Generator${NC}"
+echo -e "${BLUE}======================================${NC}"
+echo
+
+# Create SSL directory if it doesn't exist
+mkdir -p "${CERT_DIR}"
+
+echo -e "${YELLOW}This script will generate a self-signed SSL certificate valid for 10 years.${NC}"
+echo -e "${YELLOW}You'll need to provide certificate details and domain names.${NC}"
+echo
+
+# Collect certificate information
+echo -e "${GREEN}Enter certificate information:${NC}"
+read -p "Country (2 letter code) [SE]: " COUNTRY
+COUNTRY=${COUNTRY:-SE}
+
+read -p "State/Province [Stockholm]: " STATE
+STATE=${STATE:-Stockholm}
+
+read -p "City [Stockholm]: " CITY
+CITY=${CITY:-Stockholm}
+
+read -p "Organization [Uggla Systems]: " ORG
+ORG=${ORG:-"Uggla Systems"}
+
+read -p "Organizational Unit [IT Department]: " OU
+OU=${OU:-"IT Department"}
+
+read -p "Common Name (main domain) [localhost]: " CN
+CN=${CN:-localhost}
+
+echo
+echo -e "${GREEN}Enter Subject Alternative Names (SANs):${NC}"
+echo -e "${YELLOW}Press Enter after each domain. Enter empty line when done.${NC}"
+echo -e "${YELLOW}Examples: example.com, www.example.com, 192.168.1.100, localhost${NC}"
+echo
+
+# Collect SANs
+SANS=()
+SANS+=("DNS:${CN}")  # Add CN as first SAN
+SANS+=("DNS:localhost")
+SANS+=("IP:127.0.0.1")
+SANS+=("IP:::1")
+
+echo "Default SANs added: ${CN}, localhost, 127.0.0.1, ::1"
+echo "Enter additional domains/IPs:"
+
+while true; do
+    read -p "Domain or IP: " DOMAIN
+    if [[ -z "$DOMAIN" ]]; then
+        break
+    fi
+    
+    # Determine if it's an IP or domain
+    if [[ $DOMAIN =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]] || [[ $DOMAIN =~ ^[0-9a-fA-F:]+$ ]]; then
+        SANS+=("IP:${DOMAIN}")
+        echo "Added IP: ${DOMAIN}"
+    else
+        SANS+=("DNS:${DOMAIN}")
+        echo "Added domain: ${DOMAIN}"
+    fi
+done
+
+echo
+echo -e "${BLUE}Certificate Configuration Summary:${NC}"
+echo "Country: ${COUNTRY}"
+echo "State: ${STATE}"
+echo "City: ${CITY}"
+echo "Organization: ${ORG}"
+echo "Organizational Unit: ${OU}"
+echo "Common Name: ${CN}"
+echo "SANs: ${SANS[*]}"
+echo "Validity: ${DAYS} days (10 years)"
+echo "Output directory: ${CERT_DIR}"
+echo
+
+read -p "Continue with certificate generation? (y/N): " CONFIRM
+if [[ ! $CONFIRM =~ ^[Yy]$ ]]; then
+    echo "Certificate generation cancelled."
+    exit 1
+fi
+
+echo
+echo -e "${GREEN}Generating certificate...${NC}"
+
+# Create OpenSSL configuration file
+cat > "${CERT_CONF}" << EOF
+[req]
+default_bits = 4096
+prompt = no
+default_md = sha256
+distinguished_name = dn
+req_extensions = v3_req
+
+[dn]
+C=${COUNTRY}
+ST=${STATE}
+L=${CITY}
+O=${ORG}
+OU=${OU}
+CN=${CN}
+
+[v3_req]
+basicConstraints = CA:FALSE
+keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+subjectAltName = @alt_names
+
+[alt_names]
+EOF
+
+# Add SANs to config
+for i in "${!SANS[@]}"; do
+    echo "${SANS[$i]}" | sed 's/DNS:/DNS.'$((i+1))' = /' | sed 's/IP:/IP.'$((i+1))' = /' >> "${CERT_CONF}"
+done
+
+echo -e "${YELLOW}Step 1/3: Generating private key...${NC}"
+openssl genrsa -out "${CERT_KEY}" 4096
+
+echo -e "${YELLOW}Step 2/3: Generating certificate signing request...${NC}"
+openssl req -new -key "${CERT_KEY}" -out "${CERT_CSR}" -config "${CERT_CONF}"
+
+echo -e "${YELLOW}Step 3/3: Generating self-signed certificate...${NC}"
+openssl x509 -req -in "${CERT_CSR}" -signkey "${CERT_KEY}" -out "${CERT_CRT}" -days "${DAYS}" -extensions v3_req -extfile "${CERT_CONF}"
+
+# Set appropriate permissions
+chmod 600 "${CERT_KEY}"
+chmod 644 "${CERT_CRT}"
+
+# Clean up temporary files
+rm "${CERT_CSR}" "${CERT_CONF}"
+
+echo
+echo -e "${GREEN}======================================${NC}"
+echo -e "${GREEN}  Certificate Generation Complete!${NC}"
+echo -e "${GREEN}======================================${NC}"
+echo
+echo -e "${GREEN}Certificate files created:${NC}"
+echo "Private Key: ${CERT_KEY}"
+echo "Certificate: ${CERT_CRT}"
+echo
+echo -e "${BLUE}Certificate Information:${NC}"
+openssl x509 -in "${CERT_CRT}" -text -noout | grep -A 5 "Subject:"
+openssl x509 -in "${CERT_CRT}" -text -noout | grep -A 10 "Subject Alternative Name"
+echo
+echo -e "${BLUE}Certificate validity:${NC}"
+openssl x509 -in "${CERT_CRT}" -dates -noout
+
+echo
+echo -e "${YELLOW}Next steps:${NC}"
+echo "1. Update your nginx configuration to use these certificates"
+echo "2. In docker/nginx/default.conf, add SSL configuration:"
+echo "   ssl_certificate /etc/nginx/ssl/${CERT_NAME}.crt;"
+echo "   ssl_certificate_key /etc/nginx/ssl/${CERT_NAME}.key;"
+echo "3. Mount the SSL directory in docker-compose.yml (already configured)"
+echo "4. Restart your Docker containers"
+echo
+echo -e "${RED}Warning: This is a self-signed certificate.${NC}"
+echo -e "${RED}Browsers will show security warnings. Add to trusted certificates if needed.${NC}"
+echo
+echo -e "${GREEN}Certificate generation completed successfully!${NC}"