From 70629e547e92e411542efaafc8e941d51c24ce71 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Mon, 16 Dec 2024 23:50:28 +0000
Subject: [PATCH] sshca: Remove unused signcert script

---
 roles/sshca/files/signcert.sh | 26 --------------------------
 roles/sshca/tasks/main.yml    |  8 --------
 2 files changed, 34 deletions(-)
 delete mode 100755 roles/sshca/files/signcert.sh

diff --git a/roles/sshca/files/signcert.sh b/roles/sshca/files/signcert.sh
deleted file mode 100755
index 3d237dd..0000000
--- a/roles/sshca/files/signcert.sh
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/sh
-
-set -eu
-
-umask 022
-
-if [ $# -ne 1 ]; then
-    echo "Usage: $(basename "$0") <pubkey>" 1>&2
-    exit 1
-fi
-
-_basedir="/srv/sshca"
-_name="$1"
-
-if ! echo "$_name" | grep -Eq '.foo.sh$'; then
-    echo "ERROR: Only '*.foo.sh' certificates are allowed" 1>&2
-    exit 1
-fi
-
-if [ ! -f "/srv/ansible/facts/${_name}" ]; then
-    echo "ERROR: Cannot find host '${_name}'" 1>&2
-    exit 1
-fi
-
-ssh-keygen -s "${_basedir}/ca/ca" -I "$_name" -n "$_name" -V -5m:+365d -h \
-    "${_basedir}/pubkeys/${_name}.pub"
diff --git a/roles/sshca/tasks/main.yml b/roles/sshca/tasks/main.yml
index d55c742..41edb8b 100644
--- a/roles/sshca/tasks/main.yml
+++ b/roles/sshca/tasks/main.yml
@@ -34,11 +34,3 @@
     mode: "0755"
     owner: root
     group: "{{ ansible_wheel }}"
-
-- name: Copy signing script
-  ansible.builtin.copy:
-    dest: /srv/sshca/signcert.sh
-    src: signcert.sh
-    mode: "0755"
-    owner: root
-    group: "{{ ansible_wheel }}"