Add cert gen scripts

haohanyang · haohanyang · commit 117bd577c2ed · 2025-09-16T16:34:05.000+02:00
diff --git a/.gitignore b/.gitignore
@@ -43,4 +43,5 @@ venv/
 mongodb-datasource/
 grafana-storage/
 
-mongo-docs/
+mongo-docs/
+certs/
diff --git a/scripts/cert-gen.sh b/scripts/cert-gen.sh
@@ -0,0 +1,22 @@
+#/bin/bash
+# Generate keys and certs to test local MongoDB TLS connection
+
+set -e
+
+mkdir -p certs
+
+# Generate a Certificate Authority (CA)
+openssl genrsa -out certs/ca.key 4096
+openssl req -x509 -new -nodes -key certs/ca.key -sha256 -days 365 -out certs/ca.pem -subj "/CN=localhost"
+
+
+# Generate a Server Key and Certificate Signing Request (CSR)
+# Passphrase is set to 123
+openssl genrsa -out certs/mongodb.key -passout pass:123 4096
+openssl req -new -key certs/mongodb.key -out certs/mongodb.csr -subj "/CN=localhost"
+
+# Sign the Server Certificate with the CA
+openssl x509 -req -extfile <(printf "subjectAltName=DNS:localhost") -in certs/mongodb.csr -CA certs/ca.pem -CAkey certs/ca.key -CAcreateserial -out certs/mongodb.crt -days 365 -sha256
+
+# Combine Server Key and Certificate
+cat certs/mongodb.key certs/mongodb.crt > certs/mongodb.pem
diff --git a/scripts/start-mongo.sh b/scripts/start-mongo.sh
@@ -0,0 +1,13 @@
+#/bin/bash
+# Start MongoDB service with different configurations
+
+# --tls
+if [ "$1" == "--tls" ]; then
+    echo "Starting MongoDB with TLS..."
+    docker run --rm --name mongodb-ds-mongo-tls -v ./mongod.conf:/etc/mongo/mongod.conf \
+        -v ./certs:/certs -p 27017:27017 -d mongo --config /etc/mongo/mongod.conf
+# if no configuration is provided, start with default settings
+else
+    echo "Starting MongoDB with default settings..."
+    docker run --rm --name mongodb-ds-mongo -d mongo
+fi
