diff options
| author | Vincent <vincent@deuxfleurs.fr> | 2024-03-16 18:53:11 +0100 |
|---|---|---|
| committer | Vincent <vincent@deuxfleurs.fr> | 2024-03-16 18:53:11 +0100 |
| commit | 18af71433091dcc65b6115f37e5bf8c44af795bc (patch) | |
| tree | 6716c856a3a711efbb27d2fda85933767b395b1f | |
| parent | f2285924730a574f29501bd21dfdc4f21fa433cb (diff) | |
| download | nixcfg-18af71433091dcc65b6115f37e5bf8c44af795bc.tar.gz nixcfg-18af71433091dcc65b6115f37e5bf8c44af795bc.zip | |
Fusion conflict
| -rw-r--r-- | cluster/staging/known_hosts | 4 | ||||
| -rw-r--r-- | cluster/staging/ssh_config | 1 | ||||
| -rwxr-xr-x | deploy_pki | 16 | ||||
| -rwxr-xr-x | tlsproxy | 3 |
4 files changed, 10 insertions, 14 deletions
diff --git a/cluster/staging/known_hosts b/cluster/staging/known_hosts index b6cb51d..d4cca40 100644 --- a/cluster/staging/known_hosts +++ b/cluster/staging/known_hosts @@ -11,8 +11,4 @@ df-pw5.machine.deuxfleurs.fr ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK/dJIxioCkfeeh 10.14.3.1 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnpO6zpLWsyyugOoOj+2bUow9TUrcWgURFGGaoyu+co 192.168.1.22 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMf/ioVSSb19Slu+HZLgKt4f1/XsL+K9uMxazSWb/+nQ 2a01:cb05:911e:ec00:223:24ff:feb0:ea82 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnpO6zpLWsyyugOoOj+2bUow9TUrcWgURFGGaoyu+co -carcajou.machine.staging.deuxfleurs.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMf/ioVSSb19Slu+HZLgKt4f1/XsL+K9uMxazSWb/+nQ -caribou.machine.staging.deuxfleurs.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPtsVFIoIu6tnYrzlcCbBiQXxNkFSWVMhMznUuSxGZ22 -df-pw5.machine.staging.deuxfleurs.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK/dJIxioCkfeehxeGiZR7qquYGoqEH/YrRJ/ukEcaLH -origan.machine.staging.deuxfleurs.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsZas74RT6lCZwuUOPR23nPdbSdpWORyAmRgjoiMVHK piranha.machine.staging.deuxfleurs.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnpO6zpLWsyyugOoOj+2bUow9TUrcWgURFGGaoyu+co diff --git a/cluster/staging/ssh_config b/cluster/staging/ssh_config index 607a08c..afcdce5 100644 --- a/cluster/staging/ssh_config +++ b/cluster/staging/ssh_config @@ -9,6 +9,7 @@ Host origan HostName origan.machine.staging.deuxfleurs.org Host piranha + HostName %h.machine.staging.deuxfleurs.org #HostName piranha.polyno.me #OR #ProxyJump caribou.machine.deuxfleurs.fr @@ -19,10 +19,10 @@ cmd ln -sf /var/lib/consul/pki/consul$YEAR.key /var/lib/consul/pki/consul.key cmd ln -sf /var/lib/consul/pki/consul$YEAR-client.crt /var/lib/consul/pki/consul-client.crt cmd ln -sf /var/lib/consul/pki/consul$YEAR-client.key /var/lib/consul/pki/consul-client.key -if [ ! "$CLUSTER" = "prod" ]; then - cmd systemctl restart consul - cmd sleep 10 -fi + +cmd systemctl reload consul +cmd sleep 10 + for file in nomad-ca.crt nomad$YEAR.crt nomad$YEAR.key \ nomad$YEAR-client.crt nomad$YEAR-client.key \ @@ -30,7 +30,9 @@ for file in nomad-ca.crt nomad$YEAR.crt nomad$YEAR.key \ do if pass $PKI/$file >/dev/null; then write_pass $PKI/$file /var/lib/nomad/pki/$file - cmd "chown \$(stat -c %u /var/lib/private/nomad/) /var/lib/nomad/pki/$file" + if [ "$CLUSTER" = "prod" ]; then + cmd "chown \$(stat -c %u /var/lib/private/nomad/) /var/lib/nomad/pki/$file" + fi fi done @@ -42,9 +44,7 @@ cmd ln -sf /var/lib/nomad/pki/consul$YEAR.crt /var/lib/nomad/pki/consul.crt cmd ln -sf /var/lib/nomad/pki/consul$YEAR-client.crt /var/lib/nomad/pki/consul-client.crt cmd ln -sf /var/lib/nomad/pki/consul$YEAR-client.key /var/lib/nomad/pki/consul-client.key -if [ ! "$CLUSTER" = "prod" ]; then - cmd systemctl restart nomad -fi +cmd systemctl reload nomad set_env CONSUL_HTTP_ADDR=https://localhost:8501 set_env CONSUL_CACERT=/var/lib/consul/pki/consul-ca.crt @@ -17,8 +17,7 @@ PREFIX="deuxfleurs/cluster/$CLUSTER" # Do actual stuff -#YEAR=$(date +%Y) -YEAR=2023 +YEAR=$(date +%Y) CERTDIR=$(mktemp -d) |