Merge "Add ssl-ca configuration option"
This commit is contained in:
commit
5b5df7fe7f
|
@ -37,3 +37,8 @@ options:
|
|||
default: ""
|
||||
description: >-
|
||||
The SSL key, base64-encoded.
|
||||
ssl-ca:
|
||||
type: string
|
||||
default: ""
|
||||
description: >-
|
||||
The SSL Root CA certificate, base64-encoded.
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
import base64
|
||||
import psycopg2
|
||||
import subprocess
|
||||
|
||||
from charmhelpers.contrib.charmsupport.nrpe import (
|
||||
NRPE,
|
||||
|
@ -174,6 +175,13 @@ def configure_ssl():
|
|||
set_state('vault.ssl.available')
|
||||
else:
|
||||
remove_state('vault.ssl.available')
|
||||
|
||||
if c['ssl-ca']:
|
||||
ssl_ca = base64.decodestring(c['ssl-ca'].encode())
|
||||
write_file('/usr/local/share/ca-certificates/vault-ca.crt',
|
||||
ssl_ca, perms=0o644)
|
||||
subprocess.check_call(['update-ca-certificates', '--fresh'])
|
||||
|
||||
set_state('vault.ssl.configured')
|
||||
status_set('active', 'SSL key and cert installed')
|
||||
remove_state('configured')
|
||||
|
@ -194,6 +202,11 @@ def ssl_key_changed():
|
|||
remove_state('vault.ssl.configured')
|
||||
|
||||
|
||||
@when('config.changed.ssl-ca')
|
||||
def ssl_ca_changed():
|
||||
remove_state('vault.ssl.configured')
|
||||
|
||||
|
||||
@when('configured')
|
||||
@when('nrpe-external-master.available')
|
||||
@when_not('vault.nrpe.configured')
|
||||
|
|
Loading…
Reference in New Issue