projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
21361: Remove Ubuntu 18.04 exception from Salt installer
[arvados.git] / tools / salt-install / config_examples / single_host / multiple_hostnames / states / snakeoil_certs.sls
diff --git a/tools/salt-install/config_examples/single_host/multiple_hostnames/states/snakeoil_certs.sls b/tools/salt-install/config_examples/single_host/multiple_hostnames/states/snakeoil_certs.sls
index 5f83582bc3c32e496c555383c2ad004ec312c8ec..a8b487e29ad239080d855778b5a4dc1ab6a211a3 100644 (file)
--- a/tools/salt-install/config_examples/single_host/multiple_hostnames/states/snakeoil_certs.sls
+++ b/tools/salt-install/config_examples/single_host/multiple_hostnames/states/snakeoil_certs.sls
@@ -46,24 +46,11 @@ extra_snakeoil_certs_dependencies_pkg_installed:
       - openssl
       - ca-certificates
 
-# Remove the RANDFILE parameter in openssl.cnf as it makes openssl fail in Ubuntu 18.04
-# Saving and restoring the rng state is not necessary anymore in the openssl 1.1.1
-# random generator, cf
-#   https://github.com/openssl/openssl/issues/7754
-#
-extra_snakeoil_certs_file_comment_etc_openssl_conf:
-  file.comment:
-    - name: /etc/ssl/openssl.cnf
-    - regex: ^RANDFILE.*
-    - onlyif: grep -q ^RANDFILE /etc/ssl/openssl.cnf
-    - require_in:
-      - cmd: extra_snakeoil_certs_arvados_snakeoil_ca_cmd_run
-
 extra_snakeoil_certs_arvados_snakeoil_ca_cmd_run:
   # Taken from https://github.com/arvados/arvados/blob/master/tools/arvbox/lib/arvbox/docker/service/certificate/run
   cmd.run:
     - name: |
-        # These dirs are not to CentOS-ish, but this is a helper script
+        # These dirs are not too CentOS-ish, but this is a helper script
         # and they should be enough
         /bin/bash -c "mkdir -p /etc/ssl/certs/ /etc/ssl/private/ && \
         openssl req \
@@ -173,8 +160,8 @@ extra_snakeoil_certs_arvados_snakeoil_cert_{{ vh }}_cmd_run:
       - pkg: extra_snakeoil_certs_dependencies_pkg_installed
       - cmd: extra_snakeoil_certs_arvados_snakeoil_ca_cmd_run
     - require_in:
-      - file: extra_custom_certs_file_copy_arvados-{{ vh }}.pem
-      - file: extra_custom_certs_file_copy_arvados-{{ vh }}.key
+      - file: extra_custom_certs_{{ vh }}_cert_file_copy
+      - file: extra_custom_certs_{{ vh }}_key_file_copy
 
   {%- if grains.get('os_family') == 'Debian' %}
 extra_snakeoil_certs_certs_permissions_{{ vh}}_cmd_run: