Commit 618653e5 authored by Jérome Perrin's avatar Jérome Perrin

stack/caucase: generate key / csr only once

If key or csr are already present, we should not re-run this
openssl command which generates a new key and a new CSR.
parent b136ac8f
......@@ -15,4 +15,4 @@
[caucase-jinja2-library]
filename = caucase.jinja2.library
md5sum = 9e64eca810ae0a184917dd466808dc4f
md5sum = b8a5a93b8a7bacd6ebd4b6df24c7c828
......@@ -88,7 +88,10 @@ rendered = ${ {{- prefix }}-directory:data-dir}/provided.csr.pem
{%- else -%}
[{{ prefix }}-csr]
recipe = plone.recipe.command
command = '{{ openssl }}' req -newkey rsa:2048 -batch -new -nodes -subj /CN=example.com -keyout '{{ key_path or crt_path }}' -out '${:csr}'
command =
if [ ! -f '{{ key_path or crt_path }}' ] && [ ! -f '${:csr}' ] ; then
'{{ openssl }}' req -newkey rsa:2048 -batch -new -nodes -subj /CN=example.com -keyout '{{ key_path or crt_path }}' -out '${:csr}'
fi
{%- endif %}
csr = ${ {{- prefix }}-directory:data-dir}/good.csr.pem
{%- endif %}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment