Merge "[letsencrypt] Rename script for updating certificates"

This commit is contained in:
Zuul 2025-01-10 15:27:03 +00:00 committed by Gerrit Code Review
commit 744ba3b98e
3 changed files with 3 additions and 3 deletions

View File

@ -34,7 +34,7 @@ COPY extend_start.sh /usr/local/bin/kolla_extend_start
RUN chmod 644 /usr/local/bin/kolla_extend_start \
&& sed -ri 's/session(\s+)required(\s+)pam_loginuid.so/session\1optional\2pam_loginuid.so/' /etc/pam.d/sshd
COPY update-haproxy-cert.sh /usr/bin/update-haproxy-cert
COPY update-loadbalancer-cert.sh /usr/bin/update-loadbalancer-cert
{{ macros.kolla_patch_sources() }}

View File

@ -81,12 +81,12 @@ if [ "${INTERNAL_SET}" = "true" ] || [ "${EXTERNAL_SET}" = "true" ]; then
internal_cert_path=$(find /etc/letsencrypt/lego/internal/ -name '*.pem')
sed -i '/^$/d' ${internal_cert_path}
rsync -av -e "ssh -p ${port} -o StrictHostKeyChecking=no -o IdentityFile=/var/lib/letsencrypt/.ssh/id_rsa" ${internal_cert_path} haproxy@${server}:/var/lib/haproxy/haproxy-internal.pem --delete >/dev/null 2>&1
ssh -p ${port} -i /var/lib/letsencrypt/.ssh/id_rsa -o StrictHostKeyChecking=no haproxy@${server} "/usr/bin/update-haproxy-cert --internal"
ssh -p ${port} -i /var/lib/letsencrypt/.ssh/id_rsa -o StrictHostKeyChecking=no haproxy@${server} "/usr/bin/update-loadbalancer-cert --internal"
else
external_cert_path=$(find /etc/letsencrypt/lego/external/ -name '*.pem')
sed -i '/^$/d' ${external_cert_path}
rsync -av -e "ssh -p ${port} -o StrictHostKeyChecking=no -o IdentityFile=/var/lib/letsencrypt/.ssh/id_rsa" ${external_cert_path} haproxy@${server}:/var/lib/haproxy/haproxy.pem --delete >/dev/null 2>&1
ssh -p ${port} -i /var/lib/letsencrypt/.ssh/id_rsa -o StrictHostKeyChecking=no haproxy@${server} "/usr/bin/update-haproxy-cert --external"
ssh -p ${port} -i /var/lib/letsencrypt/.ssh/id_rsa -o StrictHostKeyChecking=no haproxy@${server} "/usr/bin/update-loadbalancer-cert --external"
fi
done