summaryrefslogtreecommitdiff
path: root/provider_base/common.json
diff options
context:
space:
mode:
Diffstat (limited to 'provider_base/common.json')
-rw-r--r--provider_base/common.json10
1 files changed, 9 insertions, 1 deletions
diff --git a/provider_base/common.json b/provider_base/common.json
index a4d9c5f2..87af2152 100644
--- a/provider_base/common.json
+++ b/provider_base/common.json
@@ -25,9 +25,13 @@
"hosts": "=> hosts_file",
"x509": {
"use": true,
+ "use_commercial": false,
"cert": "= x509.use ? file(:node_x509_cert, :missing => 'x509 certificate for node $node. Run `leap cert update`') : nil",
"key": "= x509.use ? file(:node_x509_key, :missing => 'x509 key for node $node. Run `leap cert update`') : nil",
- "ca_cert": "= try_file :ca_cert"
+ "ca_cert": "= try_file :ca_cert",
+ "commercial_cert": "= x509.use_commercial ? file([:commercial_cert, try{webapp.domain}||domain.full_suffix], :missing => 'commercial x509 certificate for node $node. Add file $file, or run `leap cert csr` to generate a temporary self-signed cert and CSR you can use to purchase a real cert.') : nil",
+ "commercial_key": "= x509.use_commercial ? file([:commercial_key, try{webapp.domain}||domain.full_suffix], :missing => 'commercial x509 certificate for node $node. Add file $file, or run `leap cert csr` to generate a temporary self-signed cert and CSR you can use to purchase a real cert.') : nil",
+ "commercial_ca_cert": "= x509.use_commercial ? try_file(:commercial_ca_cert) : nil"
},
"service_type": "internal_service",
"development": {
@@ -38,5 +42,9 @@
"enabled": true,
"mail": {
"smarthost": "= nodes_like_me[:services => :mx].exclude(self).field('domain.full')"
+ },
+ "stunnel": {
+ "clients": {},
+ "servers": {}
}
}