You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@dlab.apache.org by lf...@apache.org on 2020/08/03 13:50:38 UTC
[incubator-dlab] 01/03: [DLAB-1594]: added massage for redhat
This is an automated email from the ASF dual-hosted git repository.
lfrolov pushed a commit to branch DLAB-1594-2
in repository https://gitbox.apache.org/repos/asf/incubator-dlab.git
commit ee71d62e5e6640be44ede1170bf5cd48e390e0cd
Author: leonidfrolov <fr...@gmail.com>
AuthorDate: Wed Jul 22 12:35:22 2020 +0300
[DLAB-1594]: added massage for redhat
---
infrastructure-provisioning/src/general/lib/os/redhat/edge_lib.py | 2 ++
infrastructure-provisioning/src/general/lib/os/redhat/ssn_lib.py | 2 ++
2 files changed, 4 insertions(+)
diff --git a/infrastructure-provisioning/src/general/lib/os/redhat/edge_lib.py b/infrastructure-provisioning/src/general/lib/os/redhat/edge_lib.py
index 8dde808..3ee832e 100644
--- a/infrastructure-provisioning/src/general/lib/os/redhat/edge_lib.py
+++ b/infrastructure-provisioning/src/general/lib/os/redhat/edge_lib.py
@@ -111,6 +111,8 @@ def install_nginx_lua(edge_ip, nginx_version, keycloak_auth_server_url, keycloak
sudo('systemctl daemon-reload')
sudo('systemctl enable step-cert-manager.service')
else:
+ if os.environ['conf_letsencrypt_enabled'] == 'true':
+ print('Lets Encrypt certificates are not supported for redhat in dlab. Using self signed certificates')
sudo('openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/ssl/certs/dlab.key \
-out /etc/ssl/certs/dlab.crt -subj "/C=US/ST=US/L=US/O=dlab/CN={}"'.format(hostname))
sudo('mkdir -p /tmp/lua')
diff --git a/infrastructure-provisioning/src/general/lib/os/redhat/ssn_lib.py b/infrastructure-provisioning/src/general/lib/os/redhat/ssn_lib.py
index ddda21f..a0022da 100644
--- a/infrastructure-provisioning/src/general/lib/os/redhat/ssn_lib.py
+++ b/infrastructure-provisioning/src/general/lib/os/redhat/ssn_lib.py
@@ -356,6 +356,8 @@ def start_ss(keyfile, host_string, dlab_conf_dir, web_path,
sudo('keytool -importcert -trustcacerts -alias ssn -file /etc/ssl/certs/dlab.crt -noprompt '
'-storepass changeit -keystore {0}/lib/security/cacerts'.format(java_path))
else:
+ if os.environ['conf_letsencrypt_enabled'] == 'true':
+ print('Lets Encrypt certificates are not supported for redhat in dlab. Using self signed certificates')
sudo('keytool -genkeypair -alias ssn -keyalg RSA -validity 730 -storepass {1} -keypass {1} \
-keystore /home/{0}/keys/ssn.keystore.jks -keysize 2048 -dname "CN=localhost"'.format(
os_user, keystore_passwd))
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@dlab.apache.org
For additional commands, e-mail: commits-help@dlab.apache.org