aboutsummaryrefslogtreecommitdiff
path: root/deploy_pki
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2023-01-02 13:51:13 +0100
committerAlex Auvolat <alex@adnab.me>2023-01-02 13:51:13 +0100
commitaf73126f45ddbaa9a285cda91160026330f54f00 (patch)
tree7d2effbe4966c094f3ee9e4c65da2daa0f84c4d3 /deploy_pki
parentd588764748f00d1b96fe6bc6873ff0b0fc4e11a4 (diff)
downloadnixcfg-af73126f45ddbaa9a285cda91160026330f54f00.tar.gz
nixcfg-af73126f45ddbaa9a285cda91160026330f54f00.zip
fix deploy_pki
Diffstat (limited to 'deploy_pki')
-rwxr-xr-xdeploy_pki12
1 files changed, 8 insertions, 4 deletions
diff --git a/deploy_pki b/deploy_pki
index f114901..471ff63 100755
--- a/deploy_pki
+++ b/deploy_pki
@@ -19,8 +19,10 @@ cmd ln -sf /var/lib/consul/pki/consul$YEAR.key /var/lib/consul/pki/consul.key
cmd ln -sf /var/lib/consul/pki/consul$YEAR-client.crt /var/lib/consul/pki/consul-client.crt
cmd ln -sf /var/lib/consul/pki/consul$YEAR-client.key /var/lib/consul/pki/consul-client.key
-cmd systemctl restart consul
-cmd sleep 10
+if [ ! "$CLUSTER" = "prod" ]; then
+ cmd systemctl restart consul
+ cmd sleep 10
+fi
for file in nomad-ca.crt nomad$YEAR.crt nomad$YEAR.key \
nomad$YEAR-client.crt nomad$YEAR-client.key \
@@ -28,7 +30,7 @@ for file in nomad-ca.crt nomad$YEAR.crt nomad$YEAR.key \
do
if pass $PKI/$file >/dev/null; then
write_pass $PKI/$file /var/lib/nomad/pki/$file
- cmd "chown \$(stat -c %u /var/lib/nomad) /var/lib/nomad/pki/$file"
+ cmd "chown \$(stat -c %u /var/lib/nomad/client/client-id) /var/lib/nomad/pki/$file"
fi
done
@@ -40,7 +42,9 @@ cmd ln -sf /var/lib/nomad/pki/consul$YEAR.crt /var/lib/nomad/pki/consul.crt
cmd ln -sf /var/lib/nomad/pki/consul$YEAR-client.crt /var/lib/nomad/pki/consul-client.crt
cmd ln -sf /var/lib/nomad/pki/consul$YEAR-client.key /var/lib/nomad/pki/consul-client.key
-cmd systemctl restart nomad
+if [ ! "$CLUSTER" = "prod" ]; then
+ cmd systemctl restart nomad
+fi
set_env CONSUL_HTTP_ADDR=https://localhost:8501
set_env CONSUL_CACERT=/var/lib/consul/pki/consul-ca.crt