chore: bootstrap lean sysadmin-chronicles repo

Import the runnable game code, content, docs, scripts, and repo guidance while leaving local agent state, dependency installs, build output, and backup copies out of the published tree.
2026-05-02 11:49:07 -04:00
commit 0265afa054
252 changed files with 37574 additions and 0 deletions
@@ -0,0 +1,48 @@
+#!/usr/bin/env bash
+# Generates a self-signed CA and server certificate for Sysadmin Chronicles TLS.
+# Idempotent — skips if certs already exist.
+# Run this before building VMs. Called by install.sh automatically.
+set -euo pipefail
+
+SC_CERT_DIR="${SC_CERT_DIR:-$HOME/.local/share/sysadmin-chronicles/certs}"
+mkdir -p "$SC_CERT_DIR"
+chmod 700 "$SC_CERT_DIR"
+
+if [[ -f "$SC_CERT_DIR/server.crt" && -f "$SC_CERT_DIR/server.key" && -f "$SC_CERT_DIR/ca.crt" ]]; then
+  echo "TLS certs already exist at $SC_CERT_DIR — skipping."
+  exit 0
+fi
+
+echo "Generating Axiom Works internal CA..."
+openssl genrsa -out "$SC_CERT_DIR/ca.key" 4096 2>/dev/null
+openssl req -new -x509 -days 3650 \
+  -key "$SC_CERT_DIR/ca.key" \
+  -out "$SC_CERT_DIR/ca.crt" \
+  -subj "/CN=Axiom Works Internal CA/O=Axiom Works" 2>/dev/null
+
+echo "Generating server certificate..."
+openssl genrsa -out "$SC_CERT_DIR/server.key" 4096 2>/dev/null
+openssl req -new \
+  -key "$SC_CERT_DIR/server.key" \
+  -out "$SC_CERT_DIR/server.csr" \
+  -subj "/CN=portal.axiomworks.internal/O=Axiom Works" 2>/dev/null
+
+cat > "$SC_CERT_DIR/server.ext" <<'EXTEOF'
+subjectAltName=DNS:portal.axiomworks.internal,DNS:sage.axiomworks.internal,DNS:axiomworks.corp,DNS:www.axiomworks.corp,DNS:*.axiomworks.internal,DNS:*.axiomworks.corp
+EXTEOF
+
+openssl x509 -req -days 3650 \
+  -in "$SC_CERT_DIR/server.csr" \
+  -CA "$SC_CERT_DIR/ca.crt" \
+  -CAkey "$SC_CERT_DIR/ca.key" \
+  -CAcreateserial \
+  -out "$SC_CERT_DIR/server.crt" \
+  -extfile "$SC_CERT_DIR/server.ext" 2>/dev/null
+
+chmod 600 "$SC_CERT_DIR/ca.key" "$SC_CERT_DIR/server.key"
+rm -f "$SC_CERT_DIR/server.csr" "$SC_CERT_DIR/server.ext"
+
+echo "TLS certs generated at $SC_CERT_DIR"
+echo "  CA cert:     $SC_CERT_DIR/ca.crt"
+echo "  Server cert: $SC_CERT_DIR/server.crt"
+echo "  Server key:  $SC_CERT_DIR/server.key"