diff --git a/bundles/letsencrypt/files/domains.txt b/bundles/letsencrypt/files/domains.txt index ea7e427..d9d7824 100644 --- a/bundles/letsencrypt/files/domains.txt +++ b/bundles/letsencrypt/files/domains.txt @@ -1,3 +1,5 @@ +${node.metadata['hostname']} + % for domain, aliases in sorted(node.metadata.get('letsencrypt/domains', {}).items()): ${domain} ${' '.join(sorted(aliases))} % endfor diff --git a/bundles/letsencrypt/files/letsencrypt-ensure-some-certificate b/bundles/letsencrypt/files/letsencrypt-ensure-some-certificate index e0248cb..45f474a 100644 --- a/bundles/letsencrypt/files/letsencrypt-ensure-some-certificate +++ b/bundles/letsencrypt/files/letsencrypt-ensure-some-certificate @@ -6,7 +6,7 @@ just_check=$2 cert_path="/var/lib/dehydrated/certs/$domain" already_exists=false -if [ -f "$cert_path/privkey.pem" -a -f "$cert_path/fullchain.pem" -a -f "$cert_path/chain.pem" ] +if [ -f "$cert_path/privkey.pem" -a -f "$cert_path/fullchain.pem" ] then already_exists=true fi @@ -23,7 +23,6 @@ fi if [ "$already_exists" != true ] then - rm -r "$cert_path" mkdir -p "$cert_path" openssl req -x509 -newkey rsa:4096 -nodes -days 3650 -subj "/CN=$domain" -keyout "$cert_path/privkey.pem" -out "$cert_path/fullchain.pem" chmod 0600 "$cert_path/privkey.pem" diff --git a/bundles/postfix/metadata.py b/bundles/postfix/metadata.py index 9899988..4399e3b 100644 --- a/bundles/postfix/metadata.py +++ b/bundles/postfix/metadata.py @@ -49,7 +49,7 @@ else: 'letsencrypt/reload_after', ) def letsencrypt(metadata): - if not node.has_bundle('letsencrypt') or not node.has_bundle('postfixadmin'): + if not node.has_bundle('letsencrypt'): raise DoNotRunAgain result = { @@ -58,9 +58,12 @@ def letsencrypt(metadata): }, } - result['domains'] = { - metadata.get('postfix/myhostname', metadata.get('hostname')): set(), - } + myhostname = metadata.get('postfix/myhostname', None) + + if myhostname and myhostname != metadata.get('hostname'): + result['domains'] = { + myhostname: set(), + } return { 'letsencrypt': result, diff --git a/bundles/postgresql/items.py b/bundles/postgresql/items.py index f48ad74..f1d2953 100644 --- a/bundles/postgresql/items.py +++ b/bundles/postgresql/items.py @@ -25,10 +25,10 @@ directories = { }, # This is needed so the above purge does not remove the version # currently installed. - '/etc/postgresql/{}/main'.format(postgresql_version): { - 'owner': 'postgres', - 'group': 'postgres', - 'mode': '0755', + '/etc/postgresql/{}'.format(postgresql_version): { + 'owner': None, + 'group': None, + 'mode': None, }, } diff --git a/bundles/systemd-networkd/items.py b/bundles/systemd-networkd/items.py index aa2084c..6d068d4 100644 --- a/bundles/systemd-networkd/items.py +++ b/bundles/systemd-networkd/items.py @@ -1,5 +1,11 @@ assert node.has_bundle('systemd') +pkg_apt = { + 'resolvconf': { + 'installed': False, + }, +} + files = { '/etc/network/interfaces': { 'delete': True, diff --git a/bundles/systemd-networkd/metadata.py b/bundles/systemd-networkd/metadata.py index e8dff0e..54579e4 100644 --- a/bundles/systemd-networkd/metadata.py +++ b/bundles/systemd-networkd/metadata.py @@ -1,14 +1,3 @@ -defaults = { - 'apt': { - 'packages': { - 'resolvconf': { - 'installed': False, - }, - }, - }, -} - - @metadata_reactor.provides( 'interfaces', ) diff --git a/bundles/zfs/items.py b/bundles/zfs/items.py index 1322250..ad09841 100644 --- a/bundles/zfs/items.py +++ b/bundles/zfs/items.py @@ -19,7 +19,6 @@ actions = { 'zfs_dataset:', 'zfs_pool:', }, - 'comment': 'If this fails, do a dist-upgrade, reinstall zfs-dkms, reboot', }, } diff --git a/nodes/htz/ex42-1048908.py b/nodes/htz/ex42-1048908.py index a408cf2..247534c 100644 --- a/nodes/htz/ex42-1048908.py +++ b/nodes/htz/ex42-1048908.py @@ -49,7 +49,6 @@ nodes['htz.ex42-1048908'] = { # No need to create a bundle just to install packages, # configs will be managed by users nevertheless. - 'mosh': {}, 'weechat': {}, 'weechat-core': {}, 'weechat-curses': {},