3232 enc_file .chmod (0o400 )
3333
3434# Create audit keys if not exists
35+ priv_key_path = os .environ .get ('PI_AUDIT_KEY_PRIVATE' , '/privacyidea/etc/persistent/private.pem' )
36+ pub_key_path = os .environ .get ('PI_AUDIT_KEY_PUBLIC' , '/privacyidea/etc/persistent/public.pem' )
37+
3538if not os .path .exists ('/privacyidea/etc/persistent/private.pem' ):
36-
37- priv_key = pathlib . Path ( os . environ [ 'PI_AUDIT_KEY_PRIVATE' ])
39+ priv_key = pathlib . Path ( priv_key_path )
40+
3841 if not priv_key .is_file ():
39- new_key = rsa .generate_private_key (public_exponent = 65537 ,
40- key_size = 2048 ,
41- backend = default_backend ())
42+ new_key = rsa .generate_private_key (
43+ public_exponent = 65537 ,
44+ key_size = 2048 ,
45+ backend = default_backend ()
46+ )
4247 priv_pem = new_key .private_bytes (
4348 encoding = serialization .Encoding .PEM ,
4449 format = serialization .PrivateFormat .TraditionalOpenSSL ,
45- encryption_algorithm = serialization .NoEncryption ())
50+ encryption_algorithm = serialization .NoEncryption ()
51+ )
4652 with open (priv_key , "wb" ) as f :
4753 f .write (priv_pem )
4854
49- pub_key = pathlib .Path (os . environ [ 'PI_AUDIT_KEY_PUBLIC' ] )
55+ pub_key = pathlib .Path (pub_key_path )
5056 public_key = new_key .public_key ()
5157 pub_pem = public_key .public_bytes (
5258 encoding = serialization .Encoding .PEM ,
53- format = serialization .PublicFormat .SubjectPublicKeyInfo )
59+ format = serialization .PublicFormat .SubjectPublicKeyInfo
60+ )
5461 with open (pub_key , "wb" ) as f :
5562 f .write (pub_pem )
56-
57-
63+
5864# Bootstrap database
5965if os .path .exists ('/privacyidea/etc/persistent/enckey' ) and not os .path .exists ('/privacyidea/etc/persistent/dbcreated' ):
6066 with app .app_context ():
7278 "privacyidea.app:create_app(config_name='production',config_file='/privacyidea/etc/pi.cfg')"
7379]
7480
75- os .execvp ('python' , cmd )
81+ os .execvp ('python' , cmd )
0 commit comments