Commit ce2f1c28 authored by Łukasz Nowak's avatar Łukasz Nowak Committed by Łukasz Nowak

caddy-frontend: Adapt IP certificate to new directory structure

parent fa8a4f73
......@@ -22,7 +22,7 @@ md5sum = c801b7f9f11f0965677c22e6bbe9281b
[template-apache-frontend]
filename = instance-apache-frontend.cfg.in
md5sum = 87558ff8adfebac0e53ebc797b5cdffa
md5sum = ef1a1b0c1f2466ff81b8d19c212187cf
[template-apache-replicate]
filename = instance-apache-replicate.cfg.in
......
......@@ -117,21 +117,21 @@ recipe = plone.recipe.command
update-command = ${:command}
ipv6 = ${slap-network-information:global-ipv6}
ipv4 = {{instance_parameter['ipv4-random']}}
key = ${caddy-directory:vh-ssl}/ip-access-${:ipv6}-${:ipv4}.key
certificate = ${caddy-directory:vh-ssl}/ip-access-${:ipv6}-${:ipv4}.crt
key = ${caddy-directory:master-autocert-dir}/ip-access-${:ipv6}-${:ipv4}.key
certificate = ${caddy-directory:master-autocert-dir}/ip-access-${:ipv6}-${:ipv4}.crt
stop-on-error = True
command =
[ -f ${:key} ] && [ -f ${:certificate} ] && exit 0
rm -f ${:key} ${:certificate}
/bin/bash -c ' \
{{ parameter_dict['openssl'] }}/bin/openssl req \
{{ parameter_dict['openssl'] }} req \
-new -newkey rsa:2048 -sha256 \
-nodes -x509 -days 36500 \
-keyout ${:key} \
-subj "/CN=Self Signed IP Access" \
-reqexts SAN \
-extensions SAN \
-config <(cat {{ parameter_dict['openssl'] }}/etc/ssl/openssl.cnf \
-config <(cat {{ parameter_dict['openssl_cnf'] }} \
<(printf "\n[SAN]\nsubjectAltName=IP:${:ipv6},IP:${:ipv4}")) \
-out ${:certificate}'
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment