updated version of secretmgr #5

Merged
lx merged 10 commits from new-secretmgr into main 2023-01-01 18:47:34 +00:00
4 changed files with 0 additions and 49 deletions
Showing only changes of commit 40f5670753 - Show all commits

View file

@ -1,13 +0,0 @@
#!/bin/bash
TLSINFO="/C=FR/ST=Bretagne/L=Rennes/O=Deuxfleurs/CN=imap.deuxfleurs.fr"
openssl req \
-new \
-newkey rsa:4096 \
-days 3650 \
-nodes \
-x509 \
-subj ${TLSINFO} \
-keyout dovecot.key \
-out dovecot.crt

View file

@ -1,13 +0,0 @@
#!/bin/bash
TLSINFO="/C=FR/ST=Bretagne/L=Rennes/O=Deuxfleurs/CN=smtp.deuxfleurs.fr"
openssl req \
-new \
-newkey rsa:4096 \
-days 3650 \
-nodes \
-x509 \
-subj ${TLSINFO} \
-keyout postfix.key \
-out postfix.crt

View file

@ -150,13 +150,11 @@ job "email" {
# ----- secrets ------
template {
# data = "{{ key \"secrets/email/dovecot/dovecot.crt\" }}"
data = "{{ with $d := key \"tricot/certs/imap.deuxfleurs.fr\" | parseJSON }}{{ $d.cert_pem }}{{ end }}"
destination = "secrets/ssl/certs/dovecot.crt"
perms = "400"
}
template {
# data = "{{ key \"secrets/email/dovecot/dovecot.key\" }}"
data = "{{ with $d := key \"tricot/certs/imap.deuxfleurs.fr\" | parseJSON }}{{ $d.key_pem }}{{ end }}"
destination = "secrets/ssl/private/dovecot.key"
perms = "400"
@ -381,14 +379,12 @@ job "email" {
# --- secrets ---
template {
# data = "{{ key \"secrets/email/postfix/postfix.crt\" }}"
data = "{{ with $d := key \"tricot/certs/smtp.deuxfleurs.fr\" | parseJSON }}{{ $d.cert_pem }}{{ end }}"
destination = "secrets/ssl/postfix.crt"
perms = "400"
}
template {
# data = "{{ key \"secrets/email/postfix/postfix.key\" }}"
data = "{{ with $d := key \"tricot/certs/smtp.deuxfleurs.fr\" | parseJSON }}{{ $d.key_pem }}{{ end }}"
destination = "secrets/ssl/postfix.key"
perms = "400"

View file

@ -1,14 +1,5 @@
# ---- POSTFIX ----
[secrets."email/postfix/postfix.key"]
type = 'SSL_KEY'
name = 'postfix'
[secrets."email/postfix/postfix.crt"]
type = 'SSL_CERT'
name = 'postfix'
cert_domains = "['deuxfleurs.fr']"
[secrets."email/dkim/smtp.private"]
type = 'RSA_PRIVATE_KEY'
name = 'dkim'
@ -20,16 +11,6 @@ dn_secret = "email/dovecot/ldap_binddn"
password_secret = "email/dovecot/ldap_bindpwd"
[secrets."email/dovecot/dovecot.key"]
type = 'SSL_KEY'
name = 'dovecot'
[secrets."email/dovecot/dovecot.crt"]
type = 'SSL_CERT'
name = 'dovecot'
cert_domains = "['deuxfleurs.fr']"
# ---- SOGO ----
[service_users."sogo"]