diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-05-19 22:05:02 +0200 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-05-19 22:05:02 +0200 |
commit | 84f2affd66a0ff3947b91a30308cb8e6a8ff7594 (patch) | |
tree | 4b05057b68ef6c9e8766b80927221b360d13d167 /hosts/surtr/email/spm/provision/Spm/Provision.hs | |
parent | 8f0bf6945a24ea8dac4e8395461bb92f22ab71a0 (diff) | |
download | nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar.gz nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar.bz2 nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.tar.xz nixos-84f2affd66a0ff3947b91a30308cb8e6a8ff7594.zip |
surtr: ...
Diffstat (limited to 'hosts/surtr/email/spm/provision/Spm/Provision.hs')
-rw-r--r-- | hosts/surtr/email/spm/provision/Spm/Provision.hs | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/hosts/surtr/email/spm/provision/Spm/Provision.hs b/hosts/surtr/email/spm/provision/Spm/Provision.hs new file mode 100644 index 00000000..ff18baa0 --- /dev/null +++ b/hosts/surtr/email/spm/provision/Spm/Provision.hs | |||
@@ -0,0 +1,46 @@ | |||
1 | module Spm.Provision | ||
2 | ( main | ||
3 | ) where | ||
4 | |||
5 | import Prelude | ||
6 | import Options.Applicative | ||
7 | import Control.Monad | ||
8 | |||
9 | import qualified Data.Text.IO as Text | ||
10 | |||
11 | import qualified Data.UUID as UUID | ||
12 | import qualified Data.UUID.V4 as UUID | ||
13 | |||
14 | import Crypto.JOSE.JWK | ||
15 | |||
16 | import qualified Data.ByteString.Lazy.Char8 as CLBS | ||
17 | import qualified Data.Aeson as JSON | ||
18 | |||
19 | import Control.Lens | ||
20 | |||
21 | |||
22 | data Command | ||
23 | = InstanceId | ||
24 | | JwkSet | ||
25 | deriving stock (Eq, Ord, Read, Show) | ||
26 | |||
27 | cmdInstanceId :: IO () | ||
28 | cmdInstanceId = Text.putStrLn . UUID.toText =<< UUID.nextRandom | ||
29 | |||
30 | cmdJwkSet :: IO () | ||
31 | cmdJwkSet = do | ||
32 | k' <- genJWK (OKPGenParam Ed25519) | ||
33 | kid <- UUID.nextRandom | ||
34 | let k = k' & jwkKid ?~ UUID.toText kid | ||
35 | & jwkUse ?~ Sig | ||
36 | & jwkKeyOps ?~ [Sign, Verify] | ||
37 | CLBS.putStrLn . JSON.encode . JWKSet $ pure k | ||
38 | |||
39 | opts :: Parser (IO ()) | ||
40 | opts = subparser $ | ||
41 | command "instance-id" (info (pure cmdInstanceId) idm) | ||
42 | <> command "jwk-set" (info (pure cmdJwkSet) idm) | ||
43 | |||
44 | |||
45 | main :: IO () | ||
46 | main = join $ execParser (info opts idm) | ||