tixie/nixcfg
1
0
Fork 0
forked from Deuxfleurs/nixcfg
Code Pull requests Activity

fix deploy_pki

Browse source
This commit is contained in:
Alex 2023-01-02 13:51:13 +01:00
parent d588764748
commit af73126f45
Signed by untrusted user: lx
GPG key ID: 0E496D15096376BE
1 changed files with 8 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
deploy_pki
View file

@ -19,8 +19,10 @@ cmd ln -sf /var/lib/consul/pki/consul$YEAR.key /var/lib/consul/pki/consul.key
cmd ln -sf /var/lib/consul/pki/consul$YEAR-client.crt /var/lib/consul/pki/consul-client.crt
cmd ln -sf /var/lib/consul/pki/consul$YEAR-client.key /var/lib/consul/pki/consul-client.key
cmd systemctl restart consul
cmd sleep 10
if [ ! "$CLUSTER" = "prod" ]; then
cmd systemctl restart consul
cmd sleep 10
fi
for file in nomad-ca.crt nomad$YEAR.crt nomad$YEAR.key \
nomad$YEAR-client.crt nomad$YEAR-client.key \
@ -28,7 +30,7 @@ for file in nomad-ca.crt nomad$YEAR.crt nomad$YEAR.key \
do
if pass $PKI/$file >/dev/null; then
write_pass $PKI/$file /var/lib/nomad/pki/$file
cmd "chown \$(stat -c %u /var/lib/nomad) /var/lib/nomad/pki/$file"
cmd "chown \$(stat -c %u /var/lib/nomad/client/client-id) /var/lib/nomad/pki/$file"
fi
done
@ -40,7 +42,9 @@ cmd ln -sf /var/lib/nomad/pki/consul$YEAR.crt /var/lib/nomad/pki/consul.crt
cmd ln -sf /var/lib/nomad/pki/consul$YEAR-client.crt /var/lib/nomad/pki/consul-client.crt
cmd ln -sf /var/lib/nomad/pki/consul$YEAR-client.key /var/lib/nomad/pki/consul-client.key
cmd systemctl restart nomad
if [ ! "$CLUSTER" = "prod" ]; then
cmd systemctl restart nomad
fi
set_env CONSUL_HTTP_ADDR=https://localhost:8501
set_env CONSUL_CACERT=/var/lib/consul/pki/consul-ca.crt