Consider moving certificate-copying-logic into the postgres recipe.
Jaymon opened this issue · comments
See https://github.com/voi-inc/ops/commit/0e0623ca7ddd5277e1571ead6ae01cc6664392b7
# SSL Certificates
certificate_names = Dir.glob("/opt/ops/certs/*.crt").map {|f| File.basename(f)}
certificate_names.each do |file|
self["locations"]["users"]["root"].merge!({
file => {
"src" => self.in_ops("certs/") + file,
"dest" => "/etc/ssl/certs/" + file,
"mode" => "0664",
}
})
end
# SSL Certificate Keys
key_names = Dir.glob("/opt/ops/certs/*.key").map {|f| File.basename(f)}
key_names.each do |file|
self["locations"]["users"]["root"].merge!({
file => {
"src" => self.in_ops("certs/") + file,
"dest" => "/etc/ssl/private/" + file,
"mode" => "0640",
"group" => "ssl-cert",
}
})
end
From PRIVATE_REPO_ISSUE#31 by @fotopher on mar 2016