1
0
mirror of https://github.com/laurivosandi/certidude synced 2024-11-14 17:06:44 +00:00
certidude/doc/overlay/etc/uci-defaults/60-cron
Lauri Võsandi ce93fbb58b Several updates #4
* Improved offline install docs
* Migrated token mechanism backend to SQL
* Preliminary token mechanism frontend integration
* Add clock skew tolerance for OCSP
* Add 'ldap computer filter' support for Kerberized machine enroll
* Include OCSP and CRL URL-s in certificates, controlled by profile.conf
* Better certificate extension handling
* Place DH parameters file in /etc/ssl/dhparam.pem
* Always talk to CA over port 8443 for 'certidude enroll'
* Hardened frontend nginx config
* Separate log files for frontend nginx
* Better provisioning heuristics
* Add sample site.sh config for LEDE image builder
* Add more device profiles for LEDE image builder
* Various bugfixes and improvements
2018-05-15 07:45:29 +00:00

15 lines
390 B
Plaintext

# Randomize restart time
OFFSET=$(awk -v min=1 -v max=59 'BEGIN{srand(); print int(min+rand()*(max-min+1))}')
# wtf?! https://wiki.strongswan.org/issues/1501#note-7
cat << EOF > /etc/crontabs/root
#$OFFSET 2 * * * sleep 70 && touch /etc/banner && reboot
$OFFSET 2 * * * ipsec restart
5 1 1 */2 * /usr/bin/certidude-enroll-renew
EOF
chmod 0600 /etc/crontabs/root
/etc/init.d/cron enable