diff --git a/bundles/letsencrypt/files/domains.txt b/bundles/letsencrypt/files/domains.txt index d9d7824..ea7e427 100644 --- a/bundles/letsencrypt/files/domains.txt +++ b/bundles/letsencrypt/files/domains.txt @@ -1,5 +1,3 @@ -${node.metadata['hostname']} - % for domain, aliases in sorted(node.metadata.get('letsencrypt/domains', {}).items()): ${domain} ${' '.join(sorted(aliases))} % endfor diff --git a/bundles/letsencrypt/files/letsencrypt-ensure-some-certificate b/bundles/letsencrypt/files/letsencrypt-ensure-some-certificate index 45f474a..e0248cb 100644 --- a/bundles/letsencrypt/files/letsencrypt-ensure-some-certificate +++ b/bundles/letsencrypt/files/letsencrypt-ensure-some-certificate @@ -6,7 +6,7 @@ just_check=$2 cert_path="/var/lib/dehydrated/certs/$domain" already_exists=false -if [ -f "$cert_path/privkey.pem" -a -f "$cert_path/fullchain.pem" ] +if [ -f "$cert_path/privkey.pem" -a -f "$cert_path/fullchain.pem" -a -f "$cert_path/chain.pem" ] then already_exists=true fi @@ -23,6 +23,7 @@ fi if [ "$already_exists" != true ] then + rm -r "$cert_path" mkdir -p "$cert_path" openssl req -x509 -newkey rsa:4096 -nodes -days 3650 -subj "/CN=$domain" -keyout "$cert_path/privkey.pem" -out "$cert_path/fullchain.pem" chmod 0600 "$cert_path/privkey.pem" diff --git a/bundles/postfix/metadata.py b/bundles/postfix/metadata.py index 4399e3b..9899988 100644 --- a/bundles/postfix/metadata.py +++ b/bundles/postfix/metadata.py @@ -49,7 +49,7 @@ else: 'letsencrypt/reload_after', ) def letsencrypt(metadata): - if not node.has_bundle('letsencrypt'): + if not node.has_bundle('letsencrypt') or not node.has_bundle('postfixadmin'): raise DoNotRunAgain result = { @@ -58,12 +58,9 @@ def letsencrypt(metadata): }, } - myhostname = metadata.get('postfix/myhostname', None) - - if myhostname and myhostname != metadata.get('hostname'): - result['domains'] = { - myhostname: set(), - } + result['domains'] = { + metadata.get('postfix/myhostname', metadata.get('hostname')): set(), + } return { 'letsencrypt': result, diff --git a/bundles/postgresql/items.py b/bundles/postgresql/items.py index f1d2953..f48ad74 100644 --- a/bundles/postgresql/items.py +++ b/bundles/postgresql/items.py @@ -25,10 +25,10 @@ directories = { }, # This is needed so the above purge does not remove the version # currently installed. - '/etc/postgresql/{}'.format(postgresql_version): { - 'owner': None, - 'group': None, - 'mode': None, + '/etc/postgresql/{}/main'.format(postgresql_version): { + 'owner': 'postgres', + 'group': 'postgres', + 'mode': '0755', }, } diff --git a/bundles/systemd-networkd/items.py b/bundles/systemd-networkd/items.py index 6d068d4..aa2084c 100644 --- a/bundles/systemd-networkd/items.py +++ b/bundles/systemd-networkd/items.py @@ -1,11 +1,5 @@ assert node.has_bundle('systemd') -pkg_apt = { - 'resolvconf': { - 'installed': False, - }, -} - files = { '/etc/network/interfaces': { 'delete': True, diff --git a/bundles/systemd-networkd/metadata.py b/bundles/systemd-networkd/metadata.py index 54579e4..e8dff0e 100644 --- a/bundles/systemd-networkd/metadata.py +++ b/bundles/systemd-networkd/metadata.py @@ -1,3 +1,14 @@ +defaults = { + 'apt': { + 'packages': { + 'resolvconf': { + 'installed': False, + }, + }, + }, +} + + @metadata_reactor.provides( 'interfaces', ) diff --git a/bundles/zfs/items.py b/bundles/zfs/items.py index ad09841..1322250 100644 --- a/bundles/zfs/items.py +++ b/bundles/zfs/items.py @@ -19,6 +19,7 @@ actions = { 'zfs_dataset:', 'zfs_pool:', }, + 'comment': 'If this fails, do a dist-upgrade, reinstall zfs-dkms, reboot', }, } diff --git a/nodes/htz/ex42-1048908.py b/nodes/htz/ex42-1048908.py index 247534c..a408cf2 100644 --- a/nodes/htz/ex42-1048908.py +++ b/nodes/htz/ex42-1048908.py @@ -49,6 +49,7 @@ nodes['htz.ex42-1048908'] = { # No need to create a bundle just to install packages, # configs will be managed by users nevertheless. + 'mosh': {}, 'weechat': {}, 'weechat-core': {}, 'weechat-curses': {},