diff options
author | Alex Auvolat <alex@adnab.me> | 2022-04-20 15:29:24 +0200 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2022-04-20 15:29:24 +0200 |
commit | 226fbabf655656f16ca883c8489a2360abdb8367 (patch) | |
tree | 2983e42a4cdccc408f2added26d9df21342fdd7a /deploy_pki | |
parent | 7c1444b7143710066f5173119a529c3b5e101300 (diff) | |
download | nixcfg-226fbabf655656f16ca883c8489a2360abdb8367.tar.gz nixcfg-226fbabf655656f16ca883c8489a2360abdb8367.zip |
tlsproxy from pass; fix tls stuff
Diffstat (limited to 'deploy_pki')
-rwxr-xr-x | deploy_pki | 9 |
1 files changed, 7 insertions, 2 deletions
@@ -5,7 +5,9 @@ YEAR=$(date +%Y) cmd mkdir -p /var/lib/nomad/pki /var/lib/consul/pki -for file in consul-ca.crt consul$YEAR.crt consul$YEAR.key consul$YEAR-client.crt consul$YEAR-client.key; do +for file in consul-ca.crt consul$YEAR.crt consul$YEAR.key \ + consul$YEAR-client.crt consul$YEAR-client.key +do if pass $PKI/$file >/dev/null; then write_pass $PKI/$file /var/lib/consul/pki/$file cmd chown consul:root /var/lib/consul/pki/$file @@ -15,9 +17,12 @@ done cmd systemctl restart consul cmd sleep 10 -for file in nomad-ca.crt nomad$YEAR.crt nomad$YEAR.key; do +for file in nomad-ca.crt nomad$YEAR.crt nomad$YEAR.key \ + consul$YEAR.crt consul$YEAR-client.crt consul$YEAR-client.key +do if pass $PKI/$file >/dev/null; then write_pass $PKI/$file /var/lib/nomad/pki/$file + cmd "chown \$(stat -c %u /var/lib/private/nomad) /var/lib/nomad/pki/$file" fi done |