ca acme avec le ca de la vm
This commit is contained in:
Francois Lesueur
parent
c7e438d4ee
commit
4117afd993
@ -23,7 +23,7 @@ wget "https://dl.smallstep.com/gh-release/certificates/gh-release-header/v0.24.2
|
|||||||
dpkg -i step-ca_0.24.2_amd64.deb
|
dpkg -i step-ca_0.24.2_amd64.deb
|
||||||
|
|
||||||
echo "password" > /root/ca-passwordfile
|
echo "password" > /root/ca-passwordfile
|
||||||
step ca init --deployment-type=standalone --name="Kaz CA" --dns="ca.mica.sns" --acme --address=":443" --provisioner="contact@kaz.sns" --password-file="/root/ca-passwordfile"
|
step ca init --deployment-type=standalone --name="Kaz CA" --dns="ca.mica.sns" --acme --address=":443" --provisioner="contact@kaz.sns" --password-file="/root/ca-passwordfile" --root="letsencrypt/local/rootCA.pem" --key "letsencrypt/local/rootCA-key.pem"
|
||||||
echo -e '#!/bin/sh\nstep-ca --password-file /root/ca-passwordfile' >> /etc/rc.local
|
echo -e '#!/bin/sh\nstep-ca --password-file /root/ca-passwordfile' >> /etc/rc.local
|
||||||
chmod +x /etc/rc.local
|
chmod +x /etc/rc.local
|
||||||
|
|
||||||
|
|||||||
@ -222,6 +222,8 @@ auth:
|
|||||||
cp -ar /etc/letsencrypt /root/snster-kaz/hoster-a/kaz1/
|
cp -ar /etc/letsencrypt /root/snster-kaz/hoster-a/kaz1/
|
||||||
cp -ar /etc/letsencrypt /root/snster-kaz/isp-a/home/
|
cp -ar /etc/letsencrypt /root/snster-kaz/isp-a/home/
|
||||||
cp -ar /etc/letsencrypt /root/snster-kaz/hoster-b/kaz2/
|
cp -ar /etc/letsencrypt /root/snster-kaz/hoster-b/kaz2/
|
||||||
|
cp -ar /etc/letsencrypt /root/snster-kaz/mica/infra/
|
||||||
|
|
||||||
|
|
||||||
# On lie le filesystem de kaz-prod dans le /kaz de la VM pour le dév
|
# On lie le filesystem de kaz-prod dans le /kaz de la VM pour le dév
|
||||||
ln -s /var/lib/lxc/kaz-hoster-a-kaz1/rootfs/ /kaz1-prod
|
ln -s /var/lib/lxc/kaz-hoster-a-kaz1/rootfs/ /kaz1-prod
|
||||||
|
|||||||
@ -15,9 +15,13 @@ git pull
|
|||||||
sed -i -e "s/template=self.template/template=self.template, bdevtype='btrfs'/" /usr/local/lib/python3.9/dist-packages/backends/LxcBackend.py
|
sed -i -e "s/template=self.template/template=self.template, bdevtype='btrfs'/" /usr/local/lib/python3.9/dist-packages/backends/LxcBackend.py
|
||||||
|
|
||||||
# On récupère le dernier kaz-vagrant
|
# On récupère le dernier kaz-vagrant
|
||||||
|
if [ -z "${KAZBRANCH}" ] ; then
|
||||||
|
KAZBRANCH="master"
|
||||||
|
fi
|
||||||
cd /tmp
|
cd /tmp
|
||||||
git clone https://git.kaz.bzh/KAZ/kaz-vagrant.git || (cd kaz-vagrant && git pull)
|
git clone https://git.kaz.bzh/KAZ/kaz-vagrant.git || (cd kaz-vagrant && git fetch && git switch "${KAZBRANCH}" && git pull)
|
||||||
cd /tmp/kaz-vagrant
|
cd /tmp/kaz-vagrant
|
||||||
|
git switch "${KAZBRANCH}"
|
||||||
|
|
||||||
# On écrase les anciens fichiers
|
# On écrase les anciens fichiers
|
||||||
cp -ar /tmp/kaz-vagrant/files/snster-kaz /root/
|
cp -ar /tmp/kaz-vagrant/files/snster-kaz /root/
|
||||||
@ -25,6 +29,7 @@ cp -ar /tmp/kaz-vagrant/files/snster-kaz /root/
|
|||||||
cp -ar /etc/letsencrypt /root/snster-kaz/hoster-a/kaz1/
|
cp -ar /etc/letsencrypt /root/snster-kaz/hoster-a/kaz1/
|
||||||
cp -ar /etc/letsencrypt /root/snster-kaz/hoster-b/kaz2/
|
cp -ar /etc/letsencrypt /root/snster-kaz/hoster-b/kaz2/
|
||||||
cp -ar /etc/letsencrypt /root/snster-kaz/isp-a/home/
|
cp -ar /etc/letsencrypt /root/snster-kaz/isp-a/home/
|
||||||
|
cp -ar /etc/letsencrypt /root/snster-kaz/mica/infra/
|
||||||
|
|
||||||
# On détruit et reconstruit tout sauf kaz-prod
|
# On détruit et reconstruit tout sauf kaz-prod
|
||||||
SNSTER="snster -c /root/snster-kaz"
|
SNSTER="snster -c /root/snster-kaz"
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user