[arvados] updated: 2.4.0-66-ga0303b5c8

git repository hosting git at public.arvados.org
Wed Jun 1 15:55:20 UTC 2022 

Summary of changes:
 tools/salt-install/provision.sh | 26 +++++++++++++++++++++-----
 1 file changed, 21 insertions(+), 5 deletions(-)

       via  a0303b5c8ccd702e50da6d891ab30818aaf54fdb (commit)
      from  b44e400ed2d1e1970c70e2df9fb8202d051469a0 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit a0303b5c8ccd702e50da6d891ab30818aaf54fdb
Author: Ward Vandewege <ward at curii.com>
Date:   Wed Jun 1 10:15:23 2022 -0400

    provision script: fix single host/single hostname letsencrypt.
    
    refs #19169
    
    Arvados-DCO-1.1-Signed-off-by: Ward Vandewege <ward at curii.com>

diff --git a/tools/salt-install/provision.sh b/tools/salt-install/provision.sh
index ccc991f2a..9fb740728 100755
--- a/tools/salt-install/provision.sh
+++ b/tools/salt-install/provision.sh
@@ -582,11 +582,27 @@ if [ -z "${ROLES}" ]; then
     fi
     grep -q "letsencrypt" ${P_DIR}/top.sls || echo "    - letsencrypt" >> ${P_DIR}/top.sls
 
-    # As the pillar differ whether we use LE or custom certs, we need to do a final edition on them
-    for c in controller websocket workbench workbench2 webshell download collections keepproxy; do
-      sed -i "s/__CERT_REQUIRES__/cmd: create-initial-cert-${c}.${CLUSTER}.${DOMAIN}*/g;
-              s#__CERT_PEM__#/etc/letsencrypt/live/${c}.${CLUSTER}.${DOMAIN}/fullchain.pem#g;
-              s#__CERT_KEY__#/etc/letsencrypt/live/${c}.${CLUSTER}.${DOMAIN}/privkey.pem#g" \
+    hosts=("controller" "websocket" "workbench" "workbench2" "webshell" "keepproxy")
+    if [ ${USE_SINGLE_HOSTNAME} = "no" ]; then
+      hosts+=("download" "collections")
+    else
+      hosts+=("keepweb")
+    fi
+
+    for c in "${hosts[@]}"; do
+      # Are we in a single-host-single-hostname env?
+      if [ "${USE_SINGLE_HOSTNAME}" = "yes" ]; then
+        # Are we in a single-host-single-hostname env?
+        CERT_NAME=${HOSTNAME_EXT}
+      else
+        # We are in a multiple-hostnames env
+        CERT_NAME=${c}.${CLUSTER}.${DOMAIN}
+      fi
+
+      # As the pillar differs whether we use LE or custom certs, we need to do a final edition on them
+      sed -i "s/__CERT_REQUIRES__/cmd: create-initial-cert-${CERT_NAME}*/g;
+              s#__CERT_PEM__#/etc/letsencrypt/live/${CERT_NAME}/fullchain.pem#g;
+              s#__CERT_KEY__#/etc/letsencrypt/live/${CERT_NAME}/privkey.pem#g" \
       ${P_DIR}/nginx_${c}_configuration.sls
     done
   else

-----------------------------------------------------------------------


hooks/post-receive
--

More information about the arvados-commits mailing list