From fba004bc8cbee0d9556538342ce78ac1c9d1229b Mon Sep 17 00:00:00 2001 From: elijah Date: Wed, 25 Jun 2014 12:49:39 -0700 Subject: more friendly error message in `leap compile` when commercial certificate is missing. --- provider_base/common.json | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'provider_base/common.json') diff --git a/provider_base/common.json b/provider_base/common.json index a4d9c5f2..565633c0 100644 --- a/provider_base/common.json +++ b/provider_base/common.json @@ -25,9 +25,13 @@ "hosts": "=> hosts_file", "x509": { "use": true, + "use_commercial": false, "cert": "= x509.use ? file(:node_x509_cert, :missing => 'x509 certificate for node $node. Run `leap cert update`') : nil", "key": "= x509.use ? file(:node_x509_key, :missing => 'x509 key for node $node. Run `leap cert update`') : nil", - "ca_cert": "= try_file :ca_cert" + "ca_cert": "= try_file :ca_cert", + "commercial_cert": "= x509.use_commercial ? file([:commercial_cert, webapp.domain], :missing => 'commercial x509 certificate for node $node. Add file $file, or run `leap cert csr` to generate a temporary self-signed cert and CSR you can use to purchase a real cert.') : nil", + "commercial_key": "= x509.use_commercial ? file([:commercial_key, webapp.domain], :missing => 'commercial x509 certificate for node $node. Add file $file, or run `leap cert csr` to generate a temporary self-signed cert and CSR you can use to purchase a real cert.') : nil", + "commercial_ca_cert": "= x509.use_commercial ? try_file(:commercial_ca_cert) : nil" }, "service_type": "internal_service", "development": { -- cgit v1.2.3 From a9e85045bb312db3dff560c1ca1f40d669cd71bf Mon Sep 17 00:00:00 2001 From: elijah Date: Wed, 25 Jun 2014 15:22:02 -0700 Subject: fix commercial cert usage with mx and monitor nodes. --- provider_base/common.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'provider_base/common.json') diff --git a/provider_base/common.json b/provider_base/common.json index 565633c0..1f0c6730 100644 --- a/provider_base/common.json +++ b/provider_base/common.json @@ -29,8 +29,8 @@ "cert": "= x509.use ? file(:node_x509_cert, :missing => 'x509 certificate for node $node. Run `leap cert update`') : nil", "key": "= x509.use ? file(:node_x509_key, :missing => 'x509 key for node $node. Run `leap cert update`') : nil", "ca_cert": "= try_file :ca_cert", - "commercial_cert": "= x509.use_commercial ? file([:commercial_cert, webapp.domain], :missing => 'commercial x509 certificate for node $node. Add file $file, or run `leap cert csr` to generate a temporary self-signed cert and CSR you can use to purchase a real cert.') : nil", - "commercial_key": "= x509.use_commercial ? file([:commercial_key, webapp.domain], :missing => 'commercial x509 certificate for node $node. Add file $file, or run `leap cert csr` to generate a temporary self-signed cert and CSR you can use to purchase a real cert.') : nil", + "commercial_cert": "= x509.use_commercial ? file([:commercial_cert, try{webapp.domain}||domain.full_suffix], :missing => 'commercial x509 certificate for node $node. Add file $file, or run `leap cert csr` to generate a temporary self-signed cert and CSR you can use to purchase a real cert.') : nil", + "commercial_key": "= x509.use_commercial ? file([:commercial_key, try{webapp.domain}||domain.full_suffix], :missing => 'commercial x509 certificate for node $node. Add file $file, or run `leap cert csr` to generate a temporary self-signed cert and CSR you can use to purchase a real cert.') : nil", "commercial_ca_cert": "= x509.use_commercial ? try_file(:commercial_ca_cert) : nil" }, "service_type": "internal_service", -- cgit v1.2.3 From 49f0c54a05f6b542367f8ef4538316ba2eaac6cd Mon Sep 17 00:00:00 2001 From: elijah Date: Fri, 20 Jun 2014 01:58:39 -0700 Subject: new generic system for stunnel: just `include site_stunnel` and stunnel + needed shorewall will be automatically set up. requires new leap_cli --- provider_base/common.json | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'provider_base/common.json') diff --git a/provider_base/common.json b/provider_base/common.json index 1f0c6730..87af2152 100644 --- a/provider_base/common.json +++ b/provider_base/common.json @@ -42,5 +42,9 @@ "enabled": true, "mail": { "smarthost": "= nodes_like_me[:services => :mx].exclude(self).field('domain.full')" + }, + "stunnel": { + "clients": {}, + "servers": {} } } -- cgit v1.2.3 From 51a1e1c6db33ed2868ec74728f854237e3dfd86a Mon Sep 17 00:00:00 2001 From: elijah Date: Tue, 21 Oct 2014 15:14:23 -0700 Subject: update platform to take advantage of new platform.rb. requires leap_cli 1.6 --- provider_base/common.json | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'provider_base/common.json') diff --git a/provider_base/common.json b/provider_base/common.json index 87af2152..649db0d9 100644 --- a/provider_base/common.json +++ b/provider_base/common.json @@ -46,5 +46,9 @@ "stunnel": { "clients": {}, "servers": {} + }, + "platform": { + "version": "= Leap::Platform.version.to_s", + "major_version": "= Leap::Platform.major_version" } } -- cgit v1.2.3