Merge "Add ssl-ca configuration option"
This commit is contained in:
commit
5b5df7fe7f
|
@ -37,3 +37,8 @@ options:
|
||||||
default: ""
|
default: ""
|
||||||
description: >-
|
description: >-
|
||||||
The SSL key, base64-encoded.
|
The SSL key, base64-encoded.
|
||||||
|
ssl-ca:
|
||||||
|
type: string
|
||||||
|
default: ""
|
||||||
|
description: >-
|
||||||
|
The SSL Root CA certificate, base64-encoded.
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
import base64
|
import base64
|
||||||
import psycopg2
|
import psycopg2
|
||||||
|
import subprocess
|
||||||
|
|
||||||
from charmhelpers.contrib.charmsupport.nrpe import (
|
from charmhelpers.contrib.charmsupport.nrpe import (
|
||||||
NRPE,
|
NRPE,
|
||||||
|
@ -174,6 +175,13 @@ def configure_ssl():
|
||||||
set_state('vault.ssl.available')
|
set_state('vault.ssl.available')
|
||||||
else:
|
else:
|
||||||
remove_state('vault.ssl.available')
|
remove_state('vault.ssl.available')
|
||||||
|
|
||||||
|
if c['ssl-ca']:
|
||||||
|
ssl_ca = base64.decodestring(c['ssl-ca'].encode())
|
||||||
|
write_file('/usr/local/share/ca-certificates/vault-ca.crt',
|
||||||
|
ssl_ca, perms=0o644)
|
||||||
|
subprocess.check_call(['update-ca-certificates', '--fresh'])
|
||||||
|
|
||||||
set_state('vault.ssl.configured')
|
set_state('vault.ssl.configured')
|
||||||
status_set('active', 'SSL key and cert installed')
|
status_set('active', 'SSL key and cert installed')
|
||||||
remove_state('configured')
|
remove_state('configured')
|
||||||
|
@ -194,6 +202,11 @@ def ssl_key_changed():
|
||||||
remove_state('vault.ssl.configured')
|
remove_state('vault.ssl.configured')
|
||||||
|
|
||||||
|
|
||||||
|
@when('config.changed.ssl-ca')
|
||||||
|
def ssl_ca_changed():
|
||||||
|
remove_state('vault.ssl.configured')
|
||||||
|
|
||||||
|
|
||||||
@when('configured')
|
@when('configured')
|
||||||
@when('nrpe-external-master.available')
|
@when('nrpe-external-master.available')
|
||||||
@when_not('vault.nrpe.configured')
|
@when_not('vault.nrpe.configured')
|
||||||
|
|
Loading…
Reference in New Issue