From 26b9c978cbae93a5a083c40eb3c53567a5c7a292 Mon Sep 17 00:00:00 2001
From: Silvio Rhatto <rhatto@riseup.net>
Date: Thu, 12 May 2016 12:00:01 -0300
Subject: Deploy: copy hiera-eyaml keys

---
 TODO.md            |  2 +-
 lib/hydra/deploy   | 19 +++++++++++++++++++
 share/hydra/deploy |  6 ++++++
 3 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/TODO.md b/TODO.md
index ae1762d..672a77e 100644
--- a/TODO.md
+++ b/TODO.md
@@ -11,7 +11,7 @@ Hydra
 - init: version control in the superproject?
 - deploy:
   - lockfile.
-  - keys, certs and secrets.
+  - keys and certs.
   - fix /etc/puppet permissions.
   - check hostname and required node configuration.
   - log applied version and date (in the node and also in the repo?).
diff --git a/lib/hydra/deploy b/lib/hydra/deploy
index 26c28d0..4c6d967 100644
--- a/lib/hydra/deploy
+++ b/lib/hydra/deploy
@@ -110,6 +110,25 @@ function hydra_deploy_mkdirs {
   $DEPLOY_COMMAND chmod -R 640   /etc/puppet
 }
 
+# Copy keys
+function hydra_deploy_copy_keys {
+  local location="$1"
+
+  if [ -z "$location" ]; then
+    location="remote"
+  fi
+
+  $DEPLOY_COMMAND mkdir -p $FOLDER/etc/puppet/keys
+
+  if [ -e "$HYDRA_FOLDER/puppet/keys/private_key.pkcs7.pem" ]; then
+    hydra_deploy_copy $location $HYDRA_FOLDER/puppet/keys/private_key.pkcs7.pem $DEPLOY_DEST/etc/puppet/keys/private_key.pkcs7.pem
+  fi
+
+  if [ -e "$HYDRA_FOLDER/puppet/keys/public_key.pkcs7.pem" ]; then
+    hydra_deploy_copy $location $HYDRA_FOLDER/puppet/keys/public_key.pkcs7.pem $DEPLOY_DEST/etc/puppet/keys/public_key.pkcs7.pem
+  fi
+}
+
 # Copy config secrets
 function hydra_deploy_copy_secrets {
   local location="$1"
diff --git a/share/hydra/deploy b/share/hydra/deploy
index 1321a06..1307802 100755
--- a/share/hydra/deploy
+++ b/share/hydra/deploy
@@ -65,6 +65,9 @@ for node in $NODES; do
     echo "Syncing configuration..."
     $DEPLOY_RSYNC "$RSYNC_PATH" $DEPLOY_OPTS
 
+    # Copy keys
+    hydra_deploy_copy_keys folder
+
     # Copy config configuration
     hydra_deploy_copy_secrets folder
 
@@ -110,6 +113,9 @@ EOF
     echo "Syncing configuration..."
     $DEPLOY_RSYNC "$RSYNC_PATH" $DEPLOY_OPTS
 
+    # Copy keys
+    hydra_deploy_copy_keys remote
+
     # Copy configuration
     hydra_deploy_copy_secrets remote
 
-- 
cgit v1.2.3