Commit 948a4b9f authored by Kazuhiko Shiozaki's avatar Kazuhiko Shiozaki

stack/caucase: make crt_path optional.

so that we can create caucase-updater for fetching CA / CRL only purpose.
parent 4a04e64a
...@@ -15,4 +15,4 @@ ...@@ -15,4 +15,4 @@
[caucase-jinja2-library] [caucase-jinja2-library]
filename = caucase.jinja2.library filename = caucase.jinja2.library
md5sum = 9a7247cdb2ee1d66c074b0660c54713f md5sum = 2e7e61bb0cf41c28d6d811a0283cf03e
...@@ -43,9 +43,9 @@ config-command = '{{ buildout_bin_directory }}/caucase-probe' 'http://{{ netloc ...@@ -43,9 +43,9 @@ config-command = '{{ buildout_bin_directory }}/caucase-probe' 'http://{{ netloc
updater_path, updater_path,
url, url,
data_dir, data_dir,
crt_path,
ca_path, ca_path,
crl_path, crl_path,
crt_path=None,
key_path=None, key_path=None,
on_renew=None, on_renew=None,
max_sleep=None, max_sleep=None,
...@@ -59,6 +59,7 @@ config-command = '{{ buildout_bin_directory }}/caucase-probe' 'http://{{ netloc ...@@ -59,6 +59,7 @@ config-command = '{{ buildout_bin_directory }}/caucase-probe' 'http://{{ netloc
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
data-dir = {{ data_dir }} data-dir = {{ data_dir }}
{% if crt_path %}
{% if template_csr_pem or template_csr -%} {% if template_csr_pem or template_csr -%}
[{{ prefix }}-provided-csr-content] [{{ prefix }}-provided-csr-content]
{% if template_csr_pem %} {% if template_csr_pem %}
...@@ -90,6 +91,7 @@ recipe = plone.recipe.command ...@@ -90,6 +91,7 @@ recipe = plone.recipe.command
command = '{{ openssl }}' req -newkey rsa:2048 -batch -new -nodes -subj /CN=example.com -keyout '{{ key_path or crt_path }}' -out '${:csr}' command = '{{ openssl }}' req -newkey rsa:2048 -batch -new -nodes -subj /CN=example.com -keyout '{{ key_path or crt_path }}' -out '${:csr}'
{%- endif %} {%- endif %}
csr = ${ {{- prefix }}-directory:data-dir}/good.csr.pem csr = ${ {{- prefix }}-directory:data-dir}/good.csr.pem
{%- endif %}
[{{ prefix }}] [{{ prefix }}]
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
...@@ -98,8 +100,8 @@ command-line = '{{ buildout_bin_directory }}/caucase-updater' ...@@ -98,8 +100,8 @@ command-line = '{{ buildout_bin_directory }}/caucase-updater'
--ca-url '{{ url }}' --ca-url '{{ url }}'
--cas-ca '${ {{- prefix }}-directory:data-dir}/cas.crt.pem' --cas-ca '${ {{- prefix }}-directory:data-dir}/cas.crt.pem'
--mode '{{ mode }}' --mode '{{ mode }}'
--csr '${ {{- prefix }}-csr:csr}' {% if crt_path %}--csr '${ {{- prefix }}-csr:csr}'
--crt '{{ crt_path }}' --crt '{{ crt_path }}' {%- endif %}
--ca '{{ ca_path }}' --ca '{{ ca_path }}'
--crl '{{ crl_path }}' --crl '{{ crl_path }}'
{% if key_path %}--key '{{ key_path }}' {%- endif %} {% if key_path %}--key '{{ key_path }}' {%- endif %}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment