authentic.postinst: generate key material at install

debian/authentic2.postinst

@@ -55,9 +55,14 @@ case "$1" in
             dbc_go authentic2 $@
         fi
 
-        echo -n "Generating static files.." >&2
-        su authentic -p -c "/usr/bin/authentic2-ctl collectstatic --noinput --traceback" >&2
-        echo "..done" >&2
+        if [ ! -f /etc/authentic2/cert.pem -a ! -f /etc/authentic2/key.pem ]; then
+            echo -n "Generating key material..." >&2
+            openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_bits:2048 -out /etc/authentic2/key.pem >&2
+            openssl req -x509 -new -out /etc/authentic2/cert.pem -subj '/CN=whocares' -key /etc/authentic2/key.pem -days 3650 >&2
+            chown $AUTHENTIC_USER.$AUTHENTIC_GROUP /etc/authentic2/cert.pem /etc/authentic2/key.pem
+            chmod 640 /etc/authentic2/cert.pem /etc/authentic2/key.pem
+            echo "..done" >&2
+        fi
         ;;
 
     reconfigure|abort-upgrade|abort-remove|abort-deconfigure)

debian/conf/authentic.conf

@@ -21,8 +21,8 @@ export ALLOWED_HOSTS='*'
 # you can generate this key with this commands :
 # openssl genrsa -out saml.key 2048
 # openssl rsa -in saml.key -pubout -out saml.pub
-#export SAML_SIGNATURE_PUBLIC_KEY=""
-#export SAML_SIGNATURE_PRIVATE_KEY=""
+export SAML_SIGNATURE_PUBLIC_KEY="`cat /etc/authentic2/cert.pem`"
+export SAML_SIGNATURE_PRIVATE_KEY="`cat /etc/authentic2/key.pem`"
 
 # Cache configuration
 #export USE_MEMCACHED=yes # required python-memcache memcached

debian/control

@@ -10,7 +10,7 @@ X-Python-Version: >= 2.6
 
 Package: python-authentic2
 Architecture: all
-Pre-Depends: python-django (>= 1.5), python-django (< 1.6)
+Pre-Depends: python-django (>= 1.5), python-django (< 1.6), openssl
 Depends: ${misc:Depends}, ${python:Depends},
     python-django-registration (>= 1.0),
     python-requests,