File: generate-keys.sh

package info (click to toggle)
rspamd 3.14.3-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 35,064 kB
  • sloc: ansic: 247,728; cpp: 107,741; javascript: 31,385; perl: 3,089; asm: 2,512; pascal: 1,625; python: 1,510; sh: 589; sql: 313; makefile: 195; xml: 74
file content (66 lines) | stat: -rwxr-xr-x 2,159 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
 
#!/bin/bash
# Generate encryption keys for Rspamd workers

set -e

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
ENV_FILE="$SCRIPT_DIR/../.env.keys"

echo "=== Generating Rspamd encryption keys ==="
echo ""

# Generate keypair for fuzzy worker (encryption)
echo "1. Fuzzy worker keypair (encryption)..."
rspamadm keypair -u > "$SCRIPT_DIR/fuzzy-keypair.tmp"
FUZZY_PRIVKEY=$(grep "privkey" "$SCRIPT_DIR/fuzzy-keypair.tmp" | cut -d'"' -f2)
FUZZY_PUBKEY=$(grep "pubkey" "$SCRIPT_DIR/fuzzy-keypair.tmp" | cut -d'"' -f2)
rm -f "$SCRIPT_DIR/fuzzy-keypair.tmp"

# Generate keypair for normal worker
echo "2. Normal worker keypair..."
rspamadm keypair -u > "$SCRIPT_DIR/worker-keypair.tmp"
WORKER_PRIVKEY=$(grep "privkey" "$SCRIPT_DIR/worker-keypair.tmp" | cut -d'"' -f2)
WORKER_PUBKEY=$(grep "pubkey" "$SCRIPT_DIR/worker-keypair.tmp" | cut -d'"' -f2)
rm -f "$SCRIPT_DIR/worker-keypair.tmp"

# Generate keypair for proxy worker
echo "3. Proxy worker keypair..."
rspamadm keypair -u > "$SCRIPT_DIR/proxy-keypair.tmp"
PROXY_PRIVKEY=$(grep "privkey" "$SCRIPT_DIR/proxy-keypair.tmp" | cut -d'"' -f2)
PROXY_PUBKEY=$(grep "pubkey" "$SCRIPT_DIR/proxy-keypair.tmp" | cut -d'"' -f2)
rm -f "$SCRIPT_DIR/proxy-keypair.tmp"

echo ""
echo "Keys generated successfully!"
echo ""

# Create .env.keys file for docker-compose
cat > "$ENV_FILE" <<EOF
# Rspamd integration test keys
# Generated at $(date)

# Fuzzy worker keypair
RSPAMD_FUZZY_WORKER_PRIVKEY=$FUZZY_PRIVKEY
RSPAMD_FUZZY_WORKER_PUBKEY=$FUZZY_PUBKEY

# Fuzzy check encryption key (same as fuzzy worker pubkey)
RSPAMD_FUZZY_ENCRYPTION_KEY=$FUZZY_PUBKEY

# Normal worker keypair (for encrypted inter-worker communication)
RSPAMD_WORKER_PRIVKEY=$WORKER_PRIVKEY
RSPAMD_WORKER_PUBKEY=$WORKER_PUBKEY

# Proxy worker keypair
RSPAMD_PROXY_PRIVKEY=$PROXY_PRIVKEY
RSPAMD_PROXY_PUBKEY=$PROXY_PUBKEY
EOF

echo "Environment variables saved to $ENV_FILE"
echo ""
echo "Summary:"
echo "  - Fuzzy worker: encrypted (pubkey used for client encryption)"
echo "  - Normal worker: encrypted"
echo "  - Proxy worker: encrypted"
echo ""
echo "Use these in configs with: {= env.VARIABLE_NAME =}"
echo "(without the RSPAMD_ prefix)"