Page MenuHomeDevCentral
Differential D3732

Enforce correct attributes for acme.sh private keys
ClosedPublic
Actions

Authored by dereckson on Fri, Oct 10, 22:19.
Tags
None
Referenced Files
F12345436: D3732.diff
Mon, Oct 27, 05:37
F12344862: D3732.id9730.diff
Mon, Oct 27, 03:49
F12344861: D3732.id9652.diff
Mon, Oct 27, 03:49
F12344170: D3732.id.diff
Mon, Oct 27, 02:56
F12342814: D3732.id9730.diff
Sun, Oct 26, 23:20
Unknown Object (File)
Sat, Oct 25, 13:43
Unknown Object (File)
Thu, Oct 23, 13:10
Unknown Object (File)
Tue, Oct 21, 07:20
View All 28 Files
Subscribers
None

Details

Reviewers
DorianWinty
Maniphest Tasks
T2132: Propagate acme.sh certificate so Dovecot can read it
Commits
rOPS358d87a18155: Enforce correct attributes for acme.sh private keys
Summary

Apply logic from 421712d5da56 to private key files too, so several applications
can access the certificate private key they need.

Ref T2132

Test Plan

When run on Hervil, confirmed no-op as keys are already 640/600.

Diff Detail

Repository
rOPS Nasqueron Operations
Lint
Lint Passed
Unit
No Test Coverage
Branch
certificates-640
Build Status
Buildable 5983
Build 6265: arc lint + arc unit

Event Timeline

dereckson requested review of this revision.Fri, Oct 10, 22:19
dereckson created this revision.
Harbormaster completed remote builds in B5983: Diff 9652.Fri, Oct 10, 22:19
dereckson added a comment.Fri, Oct 10, 22:19
Complector
$ salt hervil state.apply roles/core/certificates/acmesh test=True
[...]
----------                                                                                                
          ID: /var/certificates/mail.nasqueron.org/key.pem                                                
    Function: file.managed
      Result: True
     Comment: File /var/certificates/mail.nasqueron.org/key.pem not updated
     Started: 22:16:57.301699
    Duration: 1.387 ms
     Changes:   
----------
[...]
dereckson mentioned this in T2132: Propagate acme.sh certificate so Dovecot can read it.Fri, Oct 10, 22:25
DorianWinty accepted this revision.Mon, Oct 13, 17:08
This revision is now accepted and ready to land.Mon, Oct 13, 17:08
Closed by commit rOPS358d87a18155: Enforce correct attributes for acme.sh private keys (authored by dereckson). · Explain WhyTue, Oct 14, 17:11
This revision was automatically updated to reflect the committed changes.
dereckson added a commit: rOPS358d87a18155: Enforce correct attributes for acme.sh private keys.

Revision Contents
Changeset List

PathSize
roles/
core/
certificates/
11 lines

Diff 9652

View Options

roles/core/certificates/acmesh.sls

Loading...
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator