From ad6db2f1c502898e92fe377510dcf58b2d5ce6c9 Mon Sep 17 00:00:00 2001
From: Alex Auvolat <alex@adnab.me>
Date: Sun, 1 Jan 2023 19:38:28 +0100
Subject: Remove hardcoded years in deuxfleurs.nix

---
 deploy_pki | 29 +++++++++++++++++++++--------
 1 file changed, 21 insertions(+), 8 deletions(-)

(limited to 'deploy_pki')

diff --git a/deploy_pki b/deploy_pki
index d7f5832..f114901 100755
--- a/deploy_pki
+++ b/deploy_pki
@@ -14,6 +14,11 @@ do
 	fi
 done
 
+cmd ln -sf /var/lib/consul/pki/consul$YEAR.crt /var/lib/consul/pki/consul.crt
+cmd ln -sf /var/lib/consul/pki/consul$YEAR.key /var/lib/consul/pki/consul.key
+cmd ln -sf /var/lib/consul/pki/consul$YEAR-client.crt /var/lib/consul/pki/consul-client.crt
+cmd ln -sf /var/lib/consul/pki/consul$YEAR-client.key /var/lib/consul/pki/consul-client.key
+
 cmd systemctl restart consul
 cmd sleep 10
 
@@ -27,19 +32,27 @@ do
 	fi
 done
 
+cmd ln -sf /var/lib/nomad/pki/nomad$YEAR.crt /var/lib/nomad/pki/nomad.crt
+cmd ln -sf /var/lib/nomad/pki/nomad$YEAR.key /var/lib/nomad/pki/nomad.key
+cmd ln -sf /var/lib/nomad/pki/nomad$YEAR-client.crt /var/lib/nomad/pki/nomad-client.crt
+cmd ln -sf /var/lib/nomad/pki/nomad$YEAR-client.key /var/lib/nomad/pki/nomad-client.key
+cmd ln -sf /var/lib/nomad/pki/consul$YEAR.crt /var/lib/nomad/pki/consul.crt
+cmd ln -sf /var/lib/nomad/pki/consul$YEAR-client.crt /var/lib/nomad/pki/consul-client.crt
+cmd ln -sf /var/lib/nomad/pki/consul$YEAR-client.key /var/lib/nomad/pki/consul-client.key
+
 cmd systemctl restart nomad
 
 set_env CONSUL_HTTP_ADDR=https://localhost:8501
 set_env CONSUL_CACERT=/var/lib/consul/pki/consul-ca.crt
-set_env CONSUL_CLIENT_CERT=/var/lib/consul/pki/consul$YEAR-client.crt
-set_env CONSUL_CLIENT_KEY=/var/lib/consul/pki/consul$YEAR-client.key
+set_env CONSUL_CLIENT_CERT=/var/lib/consul/pki/consul-client.crt
+set_env CONSUL_CLIENT_KEY=/var/lib/consul/pki/consul-client.key
 
 cmd "consul kv put secrets/consul/consul-ca.crt - < /var/lib/consul/pki/consul-ca.crt"
-cmd "consul kv put secrets/consul/consul.crt - < /var/lib/consul/pki/consul$YEAR.crt"
-cmd "consul kv put secrets/consul/consul-client.crt - < /var/lib/consul/pki/consul$YEAR-client.crt"
-cmd "consul kv put secrets/consul/consul-client.key - < /var/lib/consul/pki/consul$YEAR-client.key"
+cmd "consul kv put secrets/consul/consul.crt - < /var/lib/consul/pki/consul.crt"
+cmd "consul kv put secrets/consul/consul-client.crt - < /var/lib/consul/pki/consul-client.crt"
+cmd "consul kv put secrets/consul/consul-client.key - < /var/lib/consul/pki/consul-client.key"
 
 cmd "consul kv put secrets/nomad/nomad-ca.crt - < /var/lib/nomad/pki/nomad-ca.crt"
-cmd "consul kv put secrets/nomad/nomad.crt - < /var/lib/nomad/pki/nomad$YEAR.crt"
-cmd "consul kv put secrets/nomad/nomad-client.crt - < /var/lib/nomad/pki/nomad$YEAR-client.crt"
-cmd "consul kv put secrets/nomad/nomad-client.key - < /var/lib/nomad/pki/nomad$YEAR-client.key"
+cmd "consul kv put secrets/nomad/nomad.crt - < /var/lib/nomad/pki/nomad.crt"
+cmd "consul kv put secrets/nomad/nomad-client.crt - < /var/lib/nomad/pki/nomad-client.crt"
+cmd "consul kv put secrets/nomad/nomad-client.key - < /var/lib/nomad/pki/nomad-client.key"
-- 
cgit v1.2.3