#!/bin/sh
# BEGIN COPYRIGHT BLOCK
# (C) 2010 Red Hat, Inc.
# All rights reserved.
# END COPYRIGHT BLOCK

##  Always switch into this base directory
##  prior to script execution so that all
##  of its output is written to this directory

cd `dirname $0`


##
##  This script MUST be run as root!
##

ROOTUID=0

OS=`uname`
if [ "${OS}" = "Linux" ] ; then
    MY_EUID=`/usr/bin/id -u`
    MY_UID=`/usr/bin/id -ur`
    USERNAME=`/usr/bin/id -un`
else
    printf "ERROR:  Unsupported operating system '${OS}'!\n"
    exit 255
fi

if [ "${MY_UID}"  != "${ROOTUID}" ] &&
   [ "${MY_EUID}" != "${ROOTUID}" ] ; then
    printf "ERROR:  The '$0' script must be run as root!\n"
    exit 255
fi



##
##  Define DEFAULT PKI Instances
##

pkicreate -pki_instance_root=/var/lib        \
          -pki_instance_name=pki-ca          \
          -subsystem_type=ca                 \
          -agent_secure_port=9443            \
          -ee_secure_port=9444               \
          -ee_secure_client_auth_port=9446   \
          -admin_secure_port=9445            \
          -unsecure_port=9180                \
          -tomcat_server_port=9701           \
          -user=pkiuser                      \
          -group=pkiuser                     \
          -redirect conf=/etc/pki-ca         \
          -redirect logs=/var/log/pki-ca     \
          -verbose

pkicreate -pki_instance_root=/var/lib        \
          -pki_instance_name=pki-kra         \
          -subsystem_type=kra                \
          -agent_secure_port=10443           \
          -ee_secure_port=10444              \
          -admin_secure_port=10445           \
          -unsecure_port=10180               \
          -tomcat_server_port=10701          \
          -user=pkiuser                      \
          -group=pkiuser                     \
          -redirect conf=/etc/pki-kra        \
          -redirect logs=/var/log/pki-kra    \
          -verbose

pkicreate -pki_instance_root=/var/lib        \
          -pki_instance_name=pki-ocsp        \
          -subsystem_type=ocsp               \
          -agent_secure_port=11443           \
          -ee_secure_port=11444              \
          -admin_secure_port=11445           \
          -unsecure_port=11180               \
          -tomcat_server_port=11701          \
          -user=pkiuser                      \
          -group=pkiuser                     \
          -redirect conf=/etc/pki-ocsp       \
          -redirect logs=/var/log/pki-ocsp   \
          -verbose

pkicreate -pki_instance_root=/var/lib        \
          -pki_instance_name=pki-tks         \
          -subsystem_type=tks                \
          -agent_secure_port=13443           \
          -ee_secure_port=13444              \
          -admin_secure_port=13445           \
          -unsecure_port=13180               \
          -tomcat_server_port=13701          \
          -user=pkiuser                      \
          -group=pkiuser                     \
          -redirect conf=/etc/pki-tks        \
          -redirect logs=/var/log/pki-tks    \
          -verbose

pkicreate -pki_instance_root=/var/lib        \
          -pki_instance_name=pki-ra          \
          -subsystem_type=ra                 \
          -secure_port=12889                 \
          -non_clientauth_secure_port=12890  \
          -unsecure_port=12888               \
          -user=pkiuser                      \
          -group=pkiuser                     \
          -redirect conf=/etc/pki-ra         \
          -redirect logs=/var/log/pki-ra     \
          -verbose

pkicreate -pki_instance_root=/var/lib        \
          -pki_instance_name=pki-tps         \
          -subsystem_type=tps                \
          -secure_port=7889                  \
          -non_clientauth_secure_port=7890   \
          -unsecure_port=7888                \
          -user=pkiuser                      \
          -group=pkiuser                     \
          -redirect conf=/etc/pki-tps        \
          -redirect logs=/var/log/pki-tps    \
          -verbose

