rilla
/
dags
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: refresh vault certificates on narwhal

main
Ricard Illa 2023-07-12 17:02:09 +02:00
parent 42aefc7b55
commit 4b029ed69a
1 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
narwhal/acme_renew/Makefile
View File

@ -14,7 +14,7 @@ FUGU_TRIGGER=$(WD)/fugu_trigger
LB_TRIGGER=$(WD)/lb_trigger
SURICATA_TRIGGER=$(WD)/suricata_trigger
all: renew_certs $(CALADAN_TRIGGER) $(FUGU_TRIGGER) $(LB_TRIGGER) $(SURICATA_TRIGGER) $(NGINX_RELOAD) refresh_pg
all: renew_certs $(CALADAN_TRIGGER) $(FUGU_TRIGGER) $(LB_TRIGGER) $(SURICATA_TRIGGER) $(NGINX_RELOAD) refresh_pg refresh_vault
###############################################################################
@ -152,3 +152,20 @@ $(PG_KEY): $(KEY)
rsync --copy-links $< $@
refresh_pg: $(PG_CERT) $(PG_KEY)
###############################################################################
# Copy Vault certificate
VAULT_DEST_PATH=/srv/certs/vault
VAULT_DEST_CERT=$(VAULT_DEST_PATH)/tls.crt
VAULT_DEST_KEY=$(VAULT_DEST_PATH)/tls.key
$(VAULT_DEST_CERT): $(VAULT_CERT)
mkdir -p $(@D)
install -o vault -g vault -m 600 $^ $@
$(VAULT_DEST_KEY): $(VAULT_KEY)
mkdir -p $(@D)
install -o vault -g vault -m 600 $^ $@
refresh_vault: $(VAULT_DEST_CERT) $(VAULT_DEST_KEY)