ca acme avec le ca de la vm
This commit is contained in:
parent
c7e438d4ee
commit
4117afd993
@ -23,7 +23,7 @@ wget "https://dl.smallstep.com/gh-release/certificates/gh-release-header/v0.24.2
|
||||
dpkg -i step-ca_0.24.2_amd64.deb
|
||||
|
||||
echo "password" > /root/ca-passwordfile
|
||||
step ca init --deployment-type=standalone --name="Kaz CA" --dns="ca.mica.sns" --acme --address=":443" --provisioner="contact@kaz.sns" --password-file="/root/ca-passwordfile"
|
||||
step ca init --deployment-type=standalone --name="Kaz CA" --dns="ca.mica.sns" --acme --address=":443" --provisioner="contact@kaz.sns" --password-file="/root/ca-passwordfile" --root="letsencrypt/local/rootCA.pem" --key "letsencrypt/local/rootCA-key.pem"
|
||||
echo -e '#!/bin/sh\nstep-ca --password-file /root/ca-passwordfile' >> /etc/rc.local
|
||||
chmod +x /etc/rc.local
|
||||
|
||||
|
@ -222,6 +222,8 @@ auth:
|
||||
cp -ar /etc/letsencrypt /root/snster-kaz/hoster-a/kaz1/
|
||||
cp -ar /etc/letsencrypt /root/snster-kaz/isp-a/home/
|
||||
cp -ar /etc/letsencrypt /root/snster-kaz/hoster-b/kaz2/
|
||||
cp -ar /etc/letsencrypt /root/snster-kaz/mica/infra/
|
||||
|
||||
|
||||
# On lie le filesystem de kaz-prod dans le /kaz de la VM pour le dév
|
||||
ln -s /var/lib/lxc/kaz-hoster-a-kaz1/rootfs/ /kaz1-prod
|
||||
|
@ -15,9 +15,13 @@ git pull
|
||||
sed -i -e "s/template=self.template/template=self.template, bdevtype='btrfs'/" /usr/local/lib/python3.9/dist-packages/backends/LxcBackend.py
|
||||
|
||||
# On récupère le dernier kaz-vagrant
|
||||
if [ -z "${KAZBRANCH}" ] ; then
|
||||
KAZBRANCH="master"
|
||||
fi
|
||||
cd /tmp
|
||||
git clone https://git.kaz.bzh/KAZ/kaz-vagrant.git || (cd kaz-vagrant && git pull)
|
||||
git clone https://git.kaz.bzh/KAZ/kaz-vagrant.git || (cd kaz-vagrant && git fetch && git switch "${KAZBRANCH}" && git pull)
|
||||
cd /tmp/kaz-vagrant
|
||||
git switch "${KAZBRANCH}"
|
||||
|
||||
# On écrase les anciens fichiers
|
||||
cp -ar /tmp/kaz-vagrant/files/snster-kaz /root/
|
||||
@ -25,6 +29,7 @@ cp -ar /tmp/kaz-vagrant/files/snster-kaz /root/
|
||||
cp -ar /etc/letsencrypt /root/snster-kaz/hoster-a/kaz1/
|
||||
cp -ar /etc/letsencrypt /root/snster-kaz/hoster-b/kaz2/
|
||||
cp -ar /etc/letsencrypt /root/snster-kaz/isp-a/home/
|
||||
cp -ar /etc/letsencrypt /root/snster-kaz/mica/infra/
|
||||
|
||||
# On détruit et reconstruit tout sauf kaz-prod
|
||||
SNSTER="snster -c /root/snster-kaz"
|
||||
|
Loading…
Reference in New Issue
Block a user