Compare commits
6 commits
194de9ef2d
...
9b7454b57c
Author | SHA1 | Date | |
---|---|---|---|
9b7454b57c | |||
5433859a86 | |||
e2d7d05783 | |||
ad5c8cc0ab | |||
97a1b3ae85 | |||
1c0a3ee8e7 |
8 changed files with 23 additions and 20 deletions
|
@ -1,5 +1,3 @@
|
||||||
${node.metadata['hostname']}
|
|
||||||
|
|
||||||
% for domain, aliases in sorted(node.metadata.get('letsencrypt/domains', {}).items()):
|
% for domain, aliases in sorted(node.metadata.get('letsencrypt/domains', {}).items()):
|
||||||
${domain} ${' '.join(sorted(aliases))}
|
${domain} ${' '.join(sorted(aliases))}
|
||||||
% endfor
|
% endfor
|
||||||
|
|
|
@ -6,7 +6,7 @@ just_check=$2
|
||||||
cert_path="/var/lib/dehydrated/certs/$domain"
|
cert_path="/var/lib/dehydrated/certs/$domain"
|
||||||
|
|
||||||
already_exists=false
|
already_exists=false
|
||||||
if [ -f "$cert_path/privkey.pem" -a -f "$cert_path/fullchain.pem" ]
|
if [ -f "$cert_path/privkey.pem" -a -f "$cert_path/fullchain.pem" -a -f "$cert_path/chain.pem" ]
|
||||||
then
|
then
|
||||||
already_exists=true
|
already_exists=true
|
||||||
fi
|
fi
|
||||||
|
@ -23,6 +23,7 @@ fi
|
||||||
|
|
||||||
if [ "$already_exists" != true ]
|
if [ "$already_exists" != true ]
|
||||||
then
|
then
|
||||||
|
rm -r "$cert_path"
|
||||||
mkdir -p "$cert_path"
|
mkdir -p "$cert_path"
|
||||||
openssl req -x509 -newkey rsa:4096 -nodes -days 3650 -subj "/CN=$domain" -keyout "$cert_path/privkey.pem" -out "$cert_path/fullchain.pem"
|
openssl req -x509 -newkey rsa:4096 -nodes -days 3650 -subj "/CN=$domain" -keyout "$cert_path/privkey.pem" -out "$cert_path/fullchain.pem"
|
||||||
chmod 0600 "$cert_path/privkey.pem"
|
chmod 0600 "$cert_path/privkey.pem"
|
||||||
|
|
|
@ -49,7 +49,7 @@ else:
|
||||||
'letsencrypt/reload_after',
|
'letsencrypt/reload_after',
|
||||||
)
|
)
|
||||||
def letsencrypt(metadata):
|
def letsencrypt(metadata):
|
||||||
if not node.has_bundle('letsencrypt'):
|
if not node.has_bundle('letsencrypt') or not node.has_bundle('postfixadmin'):
|
||||||
raise DoNotRunAgain
|
raise DoNotRunAgain
|
||||||
|
|
||||||
result = {
|
result = {
|
||||||
|
@ -58,12 +58,9 @@ def letsencrypt(metadata):
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
myhostname = metadata.get('postfix/myhostname', None)
|
result['domains'] = {
|
||||||
|
metadata.get('postfix/myhostname', metadata.get('hostname')): set(),
|
||||||
if myhostname and myhostname != metadata.get('hostname'):
|
}
|
||||||
result['domains'] = {
|
|
||||||
myhostname: set(),
|
|
||||||
}
|
|
||||||
|
|
||||||
return {
|
return {
|
||||||
'letsencrypt': result,
|
'letsencrypt': result,
|
||||||
|
|
|
@ -25,10 +25,10 @@ directories = {
|
||||||
},
|
},
|
||||||
# This is needed so the above purge does not remove the version
|
# This is needed so the above purge does not remove the version
|
||||||
# currently installed.
|
# currently installed.
|
||||||
'/etc/postgresql/{}'.format(postgresql_version): {
|
'/etc/postgresql/{}/main'.format(postgresql_version): {
|
||||||
'owner': None,
|
'owner': 'postgres',
|
||||||
'group': None,
|
'group': 'postgres',
|
||||||
'mode': None,
|
'mode': '0755',
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,11 +1,5 @@
|
||||||
assert node.has_bundle('systemd')
|
assert node.has_bundle('systemd')
|
||||||
|
|
||||||
pkg_apt = {
|
|
||||||
'resolvconf': {
|
|
||||||
'installed': False,
|
|
||||||
},
|
|
||||||
}
|
|
||||||
|
|
||||||
files = {
|
files = {
|
||||||
'/etc/network/interfaces': {
|
'/etc/network/interfaces': {
|
||||||
'delete': True,
|
'delete': True,
|
||||||
|
|
|
@ -1,3 +1,14 @@
|
||||||
|
defaults = {
|
||||||
|
'apt': {
|
||||||
|
'packages': {
|
||||||
|
'resolvconf': {
|
||||||
|
'installed': False,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
@metadata_reactor.provides(
|
@metadata_reactor.provides(
|
||||||
'interfaces',
|
'interfaces',
|
||||||
)
|
)
|
||||||
|
|
|
@ -19,6 +19,7 @@ actions = {
|
||||||
'zfs_dataset:',
|
'zfs_dataset:',
|
||||||
'zfs_pool:',
|
'zfs_pool:',
|
||||||
},
|
},
|
||||||
|
'comment': 'If this fails, do a dist-upgrade, reinstall zfs-dkms, reboot',
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -49,6 +49,7 @@ nodes['htz.ex42-1048908'] = {
|
||||||
|
|
||||||
# No need to create a bundle just to install packages,
|
# No need to create a bundle just to install packages,
|
||||||
# configs will be managed by users nevertheless.
|
# configs will be managed by users nevertheless.
|
||||||
|
'mosh': {},
|
||||||
'weechat': {},
|
'weechat': {},
|
||||||
'weechat-core': {},
|
'weechat-core': {},
|
||||||
'weechat-curses': {},
|
'weechat-curses': {},
|
||||||
|
|
Loading…
Reference in a new issue