b813360bf6
This patchset adds more Fernet token implementation: 1. Adds a cron job to rotate / sync keys to other units. 2. Adds additional tests around gating on config. 3. Adds rotation / syncing with more robust key handling. Change-Id: Ied021ad83c241f241dbb5f9acdede9045e43a8a3
10 lines
533 B
Plaintext
10 lines
533 B
Plaintext
# call the rotate and sync function at 5 min intervals. The actual function
|
|
# works out when to do the rotate and sync of the keys.
|
|
{% if enabled -%}
|
|
{% if use_syslog -%}
|
|
{{ minute }} * * * * root /usr/bin/juju-run {{ unit_name }} {{ charm_dir }}/scripts/fernet_rotate_and_sync.py 2>&1 | logger -t keystone-fernet-rotate-sync
|
|
{% else -%}
|
|
{{ minute }} * * * * root /usr/bin/juju-run {{ unit_name }} {{ charm_dir }}/scripts/fernet_rotate_and_sync.py >> /var/log/keystone/keystone-fernet-rotate-sync.log 2>&1
|
|
{% endif -%}
|
|
{% endif -%}
|