diff options
| author | Alex Auvolat <alex@adnab.me> | 2023-01-02 13:51:13 +0100 |
|---|---|---|
| committer | Alex Auvolat <alex@adnab.me> | 2023-01-02 13:51:13 +0100 |
| commit | af73126f45ddbaa9a285cda91160026330f54f00 (patch) | |
| tree | 7d2effbe4966c094f3ee9e4c65da2daa0f84c4d3 | |
| parent | d588764748f00d1b96fe6bc6873ff0b0fc4e11a4 (diff) | |
| download | nixcfg-af73126f45ddbaa9a285cda91160026330f54f00.tar.gz nixcfg-af73126f45ddbaa9a285cda91160026330f54f00.zip | |
fix deploy_pki
| -rwxr-xr-x | deploy_pki | 12 |
1 files changed, 8 insertions, 4 deletions
@@ -19,8 +19,10 @@ cmd ln -sf /var/lib/consul/pki/consul$YEAR.key /var/lib/consul/pki/consul.key cmd ln -sf /var/lib/consul/pki/consul$YEAR-client.crt /var/lib/consul/pki/consul-client.crt cmd ln -sf /var/lib/consul/pki/consul$YEAR-client.key /var/lib/consul/pki/consul-client.key -cmd systemctl restart consul -cmd sleep 10 +if [ ! "$CLUSTER" = "prod" ]; then + cmd systemctl restart consul + cmd sleep 10 +fi for file in nomad-ca.crt nomad$YEAR.crt nomad$YEAR.key \ nomad$YEAR-client.crt nomad$YEAR-client.key \ @@ -28,7 +30,7 @@ for file in nomad-ca.crt nomad$YEAR.crt nomad$YEAR.key \ do if pass $PKI/$file >/dev/null; then write_pass $PKI/$file /var/lib/nomad/pki/$file - cmd "chown \$(stat -c %u /var/lib/nomad) /var/lib/nomad/pki/$file" + cmd "chown \$(stat -c %u /var/lib/nomad/client/client-id) /var/lib/nomad/pki/$file" fi done @@ -40,7 +42,9 @@ cmd ln -sf /var/lib/nomad/pki/consul$YEAR.crt /var/lib/nomad/pki/consul.crt cmd ln -sf /var/lib/nomad/pki/consul$YEAR-client.crt /var/lib/nomad/pki/consul-client.crt cmd ln -sf /var/lib/nomad/pki/consul$YEAR-client.key /var/lib/nomad/pki/consul-client.key -cmd systemctl restart nomad +if [ ! "$CLUSTER" = "prod" ]; then + cmd systemctl restart nomad +fi set_env CONSUL_HTTP_ADDR=https://localhost:8501 set_env CONSUL_CACERT=/var/lib/consul/pki/consul-ca.crt |