Remove old way of doing email certs (self-signed)

2022-12-25 23:03:37 +01:00 · 2022-12-25 23:03:37 +01:00 · 40f5670753
commit 40f5670753
parent 2bbf540945
4 changed files with 0 additions and 49 deletions
--- a/cluster/prod/app/email/config/dovecot/certs.gen
+++ b/cluster/prod/app/email/config/dovecot/certs.gen
@ -1,13 +0,0 @@
-#!/bin/bash
-
-TLSINFO="/C=FR/ST=Bretagne/L=Rennes/O=Deuxfleurs/CN=imap.deuxfleurs.fr"
-openssl req \
-  -new \
-  -newkey rsa:4096 \
-  -days 3650 \
-  -nodes \
-  -x509 \
-  -subj ${TLSINFO} \
-  -keyout dovecot.key \
-  -out dovecot.crt
-
--- a/cluster/prod/app/email/config/postfix/certs.gen
+++ b/cluster/prod/app/email/config/postfix/certs.gen
@ -1,13 +0,0 @@
-#!/bin/bash
-
-TLSINFO="/C=FR/ST=Bretagne/L=Rennes/O=Deuxfleurs/CN=smtp.deuxfleurs.fr"
-openssl req \
-  -new \
-  -newkey rsa:4096 \
-  -days 3650 \
-  -nodes \
-  -x509 \
-  -subj ${TLSINFO} \
-  -keyout postfix.key \
-  -out postfix.crt
-
--- a/cluster/prod/app/email/deploy/email.hcl
+++ b/cluster/prod/app/email/deploy/email.hcl
@ -150,13 +150,11 @@ job "email" {

      # ----- secrets ------
      template {
-        # data = "{{ key \"secrets/email/dovecot/dovecot.crt\" }}"
        data = "{{ with $d := key \"tricot/certs/imap.deuxfleurs.fr\" | parseJSON }}{{ $d.cert_pem }}{{ end }}"
        destination = "secrets/ssl/certs/dovecot.crt"
        perms = "400"
      }
      template {
-        # data = "{{ key \"secrets/email/dovecot/dovecot.key\" }}"
        data = "{{ with $d := key \"tricot/certs/imap.deuxfleurs.fr\" | parseJSON }}{{ $d.key_pem }}{{ end }}"
        destination = "secrets/ssl/private/dovecot.key"
        perms = "400"
@ -381,14 +379,12 @@ job "email" {

      # --- secrets ---
      template {
-        # data = "{{ key \"secrets/email/postfix/postfix.crt\" }}"
        data = "{{ with $d := key \"tricot/certs/smtp.deuxfleurs.fr\" | parseJSON }}{{ $d.cert_pem }}{{ end }}"
        destination = "secrets/ssl/postfix.crt"
        perms = "400"
      }

      template {
-        # data = "{{ key \"secrets/email/postfix/postfix.key\" }}"
        data = "{{ with $d := key \"tricot/certs/smtp.deuxfleurs.fr\" | parseJSON }}{{ $d.key_pem }}{{ end }}"
        destination = "secrets/ssl/postfix.key"
        perms = "400"
--- a/cluster/prod/app/email/secrets.toml
+++ b/cluster/prod/app/email/secrets.toml
@ -1,14 +1,5 @@
 # ---- POSTFIX ----

-[secrets."email/postfix/postfix.key"]
-type = 'SSL_KEY'
-name = 'postfix'
-
-[secrets."email/postfix/postfix.crt"]
-type = 'SSL_CERT'
-name = 'postfix'
-cert_domains = "['deuxfleurs.fr']"
-
 [secrets."email/dkim/smtp.private"]
 type = 'RSA_PRIVATE_KEY'
 name = 'dkim'
@ -20,16 +11,6 @@ dn_secret = "email/dovecot/ldap_binddn"
 password_secret = "email/dovecot/ldap_bindpwd"


-[secrets."email/dovecot/dovecot.key"]
-type = 'SSL_KEY'
-name = 'dovecot'
-
-[secrets."email/dovecot/dovecot.crt"]
-type = 'SSL_CERT'
-name = 'dovecot'
-cert_domains = "['deuxfleurs.fr']"
-
-
 # ---- SOGO ----

 [service_users."sogo"]