47 lines
1.4 KiB
Bash
47 lines
1.4 KiB
Bash
#!/bin/bash
|
|
|
|
set -e
|
|
{% set ns = namespace(tls_dir=None) %}
|
|
{% for machine in machined.machines %}
|
|
{% if not ns.tls_dir %}
|
|
{% set nor_machine = machine|normalize_family %}
|
|
{% set ns.tls_dir = machined['machine_' + nor_machine]['tls_dir_' + nor_machine] %}
|
|
{% endif %}
|
|
{% endfor %}
|
|
{% if ns.tls_dir %}
|
|
{% set dst_dir = machined['machine_' + rougail_variable|normalize_family]['config_dir_' + rougail_variable|normalize_family] %}
|
|
{% set src_dir = ns.tls_dir + "/machines/" + rougail_variable %}
|
|
{% if 'certificates' in extra_variables and rougail_variable in extra_variables['certificates'] %}
|
|
if [ -d "{{ dst_dir }}" ] && [ -d "{{ src_dir }}" ]; then
|
|
{% for certificate in extra_variables['certificates'][rougail_variable] %}
|
|
{% set files = [certificate.name] %}
|
|
{% if certificate.provider == 'self-signed' %}
|
|
{{ files.append(certificate.authority) }}
|
|
{% endif %}
|
|
{% if 'private' in certificate %}
|
|
{{ files.append(certificate.private) }}
|
|
{% endif %}
|
|
{% for file in files %}
|
|
src_file="{{ src_dir }}{{ file}}"
|
|
dst_file="{{dst_dir}}{{ file }}"
|
|
dst_dir=$(dirname "$dst_file")
|
|
mkdir -p "$dst_dir"
|
|
# ne fonctionne pas avec revprox :/
|
|
# a=1
|
|
# while [ ! -f "$src_file" ]; do
|
|
# a=$((a+1));
|
|
# if [ $a = 120 ]; then
|
|
# break
|
|
# fi
|
|
# sleep 1
|
|
# done
|
|
cp -f "$src_file" "$dst_file"
|
|
chown root: "$dst_file"
|
|
chmod 700 "$dst_file"
|
|
|
|
{% endfor %}
|
|
{% endfor %}
|
|
fi
|
|
{% endif %}
|
|
{% endif %}
|
|
exit 0
|