diff options
| author | Alex Auvolat <alex@adnab.me> | 2022-04-20 15:03:04 +0200 |
|---|---|---|
| committer | Alex Auvolat <alex@adnab.me> | 2022-04-20 15:03:04 +0200 |
| commit | 7c1444b7143710066f5173119a529c3b5e101300 (patch) | |
| tree | ec5206aa0986e070b2ebae5fdbea8b385fa01875 /deploy_pki | |
| parent | a8717f9bf5dbc9b102d872678f4e5d3d2790a408 (diff) | |
| download | nixcfg-7c1444b7143710066f5173119a529c3b5e101300.tar.gz nixcfg-7c1444b7143710066f5173119a529c3b5e101300.zip | |
Move pki to pass
Diffstat (limited to 'deploy_pki')
| -rwxr-xr-x | deploy_pki | 10 |
1 files changed, 5 insertions, 5 deletions
@@ -1,13 +1,13 @@ #!/usr/bin/env ./sshtool -PKI=cluster/$CLUSTER/secrets/pki +PKI=deuxfleurs/cluster/$CLUSTER YEAR=$(date +%Y) cmd mkdir -p /var/lib/nomad/pki /var/lib/consul/pki for file in consul-ca.crt consul$YEAR.crt consul$YEAR.key consul$YEAR-client.crt consul$YEAR-client.key; do - if [ -f "$PKI/$file" ]; then - copy_secret $PKI/$file /var/lib/consul/pki/$file + if pass $PKI/$file >/dev/null; then + write_pass $PKI/$file /var/lib/consul/pki/$file cmd chown consul:root /var/lib/consul/pki/$file fi done @@ -16,8 +16,8 @@ cmd systemctl restart consul cmd sleep 10 for file in nomad-ca.crt nomad$YEAR.crt nomad$YEAR.key; do - if [ -f "$PKI/$file" ]; then - copy_secret $PKI/$file /var/lib/nomad/pki/$file + if pass $PKI/$file >/dev/null; then + write_pass $PKI/$file /var/lib/nomad/pki/$file fi done |