[ARVADOS] updated: 2.1.0-2034-g0e2f3e506
Git user
git at public.arvados.org
Fri Mar 4 23:16:33 UTC 2022
Summary of changes:
.../local.params.example.single_host_single_hostname | 4 ++--
tools/salt-install/provision.sh | 20 ++++++--------------
2 files changed, 8 insertions(+), 16 deletions(-)
via 0e2f3e506566b1ceb54bd764d3f32c004e45f8b3 (commit)
via e07aa2904986362d5881353eee1df8f2a61a82e4 (commit)
via 8d6ce7ff455e74f7656795040745f239979f0ffa (commit)
via f99fae0bdfdec6a5aa40aee2df67a0de710f7892 (commit)
from c110a9aeed738f1b2dd456950a8ee3018cd97fed (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit 0e2f3e506566b1ceb54bd764d3f32c004e45f8b3
Merge: c110a9aee e07aa2904
Author: Javier Bértoli <jbertoli at curii.com>
Date: Fri Mar 4 20:15:52 2022 -0300
Merge branch '18682-use-keyrings-instead-of-key-ids'
closes #18682
Arvados-DCO-1.1-Signed-off-by: Javier Bértoli <jbertoli at curii.com>
diff --cc tools/salt-install/provision.sh
index 644b87cbb,67a171fc4..27dada1ea
--- a/tools/salt-install/provision.sh
+++ b/tools/salt-install/provision.sh
@@@ -557,25 -533,18 +557,17 @@@ if [ -z "${ROLES}" ]; the
echo " - nginx_workbench_configuration" >> ${P_DIR}/top.sls
echo " - postgresql" >> ${P_DIR}/top.sls
- # Currently, only available on config_examples/multi_host/aws
- if [ "x${USE_LETSENCRYPT}" = "xyes" ]; then
- if [ "x${USE_LETSENCRYPT_IAM_USER}" != "xyes" ]; then
+ if [ "${SSL_MODE}" = "lets-encrypt" ]; then
+ if [ "${USE_LETSENCRYPT_ROUTE53}" = "yes" ]; then
grep -q "aws_credentials" ${P_DIR}/top.sls || echo " - aws_credentials" >> ${P_DIR}/top.sls
fi
- grep -q "letsencrypt" ${P_DIR}/top.sls || echo " - letsencrypt" >> ${P_DIR}/top.sls
+ grep -q "letsencrypt" ${P_DIR}/top.sls || echo " - letsencrypt" >> ${P_DIR}/top.sls
# As the pillar differ whether we use LE or custom certs, we need to do a final edition on them
- for c in controller websocket workbench workbench2 webshell keepweb keepproxy; do
- if [ "${USE_SINGLE_HOSTNAME}" = "yes" ]; then
- # Are we in a single-host-single-hostname env?
- CERT_NAME=${HOSTNAME_EXT}
- else
- # We are in a single-host-multiple-hostnames env
- CERT_NAME=${c}.${CLUSTER}.${DOMAIN}
- fi
-
- sed -i "s/__CERT_REQUIRES__/cmd: create-initial-cert-${CERT_NAME}*/g;
- s#__CERT_PEM__#/etc/letsencrypt/live/${CERT_NAME}/fullchain.pem#g;
- s#__CERT_KEY__#/etc/letsencrypt/live/${CERT_NAME}/privkey.pem#g" \
+ for c in controller websocket workbench workbench2 webshell download collections keepproxy; do
+ sed -i "s/__CERT_REQUIRES__/cmd: create-initial-cert-${c}.${CLUSTER}.${DOMAIN}*/g;
+ s#__CERT_PEM__#/etc/letsencrypt/live/${c}.${CLUSTER}.${DOMAIN}/fullchain.pem#g;
+ s#__CERT_KEY__#/etc/letsencrypt/live/${c}.${CLUSTER}.${DOMAIN}/privkey.pem#g" \
${P_DIR}/nginx_${c}_configuration.sls
done
else
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list