From 51c75cb933688ad1411fb1a6a8b429820b8c18e8 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Mon, 16 May 2016 12:00:30 -0300 Subject: Deploy: enhance eyaml localhost keypair logic --- lib/hydra/deploy | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) (limited to 'lib') diff --git a/lib/hydra/deploy b/lib/hydra/deploy index 196b944..70a8a67 100644 --- a/lib/hydra/deploy +++ b/lib/hydra/deploy @@ -9,6 +9,9 @@ function hydra_deploy_setup { DEPLOY_RSYNC="rsync -CrltDvpq --no-owner --exclude=/ssl --exclude=keys --exclude=site_keys --exclude=config/secrets --delete --rsync-path" RSYNC_PATH="rsync -q" + # Ensure keystore existence + mkdir -p $HYDRA_FOLDER/puppet/keys + if [ "$1" == "remote" ]; then # Deploy in a remote host if [ ! -z "$2" ]; then @@ -59,12 +62,17 @@ function hydra_deploy_setup { PUPPET_OPTS="--confdir=$HYDRA_FOLDER/puppet --modulepath=$HYDRA_FOLDER/puppet/modules" hydra_deploy_set_manifest $HYDRA_FOLDER - # Fix eyaml keys - mkdir -p $HYDRA_FOLDER/puppet/keys - rm -f $HYDRA_FOLDER/puppet/keys/private_key.pkcs7.pem - rm -f $HYDRA_FOLDER/puppet/keys/public_key.pkcs7.pem - ln -sf $HYDRA_FOLDER/puppet/keys/$FQDN/eyaml/private_key.pkcs7.pem $HYDRA_FOLDER/puppet/keys/private_key.pkcs7.pem - ln -sf $HYDRA_FOLDER/puppet/keys/$FQDN/eyaml/public_key.pkcs7.pem $HYDRA_FOLDER/puppet/keys/public_key.pkcs7.pem + # Remove old eyaml symlinks if exists + if [ -h "$HYDRA_FOLDER/puppet/keys/private_key.pkcs7.pem" ]; then + rm -f $HYDRA_FOLDER/puppet/keys/private_key.pkcs7.pem + rm -f $HYDRA_FOLDER/puppet/keys/public_key.pkcs7.pem + fi + + # Use eyaml keypair from the current hostname + if [ ! -e "$HYDRA_FOLDER/puppet/keys/private_key.pkcs7.pem" ]; then + ln -sf $HYDRA_FOLDER/puppet/keys/$FQDN/eyaml/private_key.pkcs7.pem $HYDRA_FOLDER/puppet/keys/private_key.pkcs7.pem + ln -sf $HYDRA_FOLDER/puppet/keys/$FQDN/eyaml/public_key.pkcs7.pem $HYDRA_FOLDER/puppet/keys/public_key.pkcs7.pem + fi fi # Common parameters -- cgit v1.2.3