From dcdbfd0cbea5523061eade80b164a358e4f10074 Mon Sep 17 00:00:00 2001
From: Max Christian Pohle <max@entwicklerseite.de>
Date: Mon, 27 Feb 2023 10:27:44 +0100
Subject: [PATCH] Added support to deploy minio certs

---
 deploy/minio.sh | 43 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100755 deploy/minio.sh

diff --git a/deploy/minio.sh b/deploy/minio.sh
new file mode 100755
index 00000000..6d0a0831
--- /dev/null
+++ b/deploy/minio.sh
@@ -0,0 +1,43 @@
+#!/usr/bin/env sh
+#
+# Here is a script to deploy cert to minio server. This script can be called
+# directly to test its configuration and see if its dependencies are installed.
+# It requires the environment variable MINIO_CERTS_PATH to be set to the path
+# where minio stores its certificates (--certs-dir). These must be supported by
+# go. The documentation has recommendations under #supported-tls-cipher-suites,
+# see: https://min.io/docs/minio/linux/operations/network-encryption.html
+#
+#
+# MINIO_CERTS_PATH defaults to:
+# * FreeBSD: /usr/local/etc/minio/certs/
+# * Linux: ${HOME}/.minio/certs
+#
+## public functions ####################
+
+minio_test() {
+	test "$MINIO_CERTS_PATH" ||
+		(echo 'environment variable MINIO_CERTS_PATH is required.' && kill $$)
+
+	test -x "$(which openssl)" ||
+		(echo 'no openssl installed, but required.' && kill $$)
+
+	echo "All tests ok."
+}
+
+# $1=domain $2=keyfile $3=certfile $4=cafile $5=fullchain
+minio_deploy() {
+	openssl x509 \
+		-in "$3" \
+		-outform PEM \
+		-out "$MINIO_CERTS_PATH/public.crt" ||
+		return 1
+
+	openssl ec \
+		-in "$2" \
+		-out "$MINIO_CERTS_PATH/private.key" ||
+		return 1
+
+	return 0
+}
+
+minio_test