#!/bin/bash
###################################
############ by Sthope ############
###################################

#### USAGE
# bash -c "$(wget -qLO - https://git.sthope.dev/sthope/sthope-examples/raw/branch/master/docker_portainer_stacks/portainer/setup-dockerapi-notls)"
#

findRandomTcpPort(){
	port=$(( 100+( $(od -An -N2 -i /dev/random) )%(1023+1) ))
	while :
	do
		(echo >/dev/tcp/localhost/$port) &>/dev/null &&  port=$(( 100+( $(od -An -N2 -i /dev/random) )%(1023+1) )) || break
	done
	echo "$port"
}
p=$(findRandomTcpPort)

# MY_HOSTNAME=$(getent hosts $(hostname) | awk '{print $2}')
# MY_HOSTNAME=$(getent hosts $(hostname) | awk '{print $1}')
MY_IP=$(ip -4 route get 8.8.8.8 | awk {'print $7'} | tr -d '\n')

function openssl_genrsa_pass {
    LC_ALL=C tr -dc A-Za-z0-9 </dev/urandom | head -c 64 > remember2delete
}

$(openssl_genrsa_pass);cat remember2delete

openssl genrsa -aes256  -passout file:remember2delete -out ca-key.pem 4096

openssl req -new -x509 -days 365 -key ca-key.pem -sha256 -out ca.pem -passin file:remember2delete \
 -subj "/C=US/CN=$MY_IP"

openssl genrsa -out server-key.pem 4096

echo subjectAltName = DNS:$MY_IP,IP:10.0.0.200,IP:127.0.0.1 >> extfile.cnf
echo extendedKeyUsage = serverAuth >> extfile.cnf

openssl x509 -req -days 365 -sha256 -in server.csr -CA ca.pem -CAkey ca-key.pem \
  -CAcreateserial -out server-cert.pem -extfile extfile.cnf

clear
echo "##########################################################"
echo "Save this password and delete the file: ";cat remember2delete; echo "                  "
echo "##########################################################"
echo "############################# by Sthope ##################"
echo "##########################################################"
rm ./.bash_history