# help you deploy them. In order to do that, you need to set `USE_LETSENCRYPT=no` above,
# and copy the required certificates under the directory specified in the next line.
# The certs will be copied from this directory by the provision script.
-# Plese set it to the FULL PATH to the certs dir if you're going to use a different dir
+# Please set it to the FULL PATH to the certs dir if you're going to use a different dir
+# Default is "${SCRIPT_DIR}/certs", where the variable "SCRIPT_DIR" has the path to the
+# directory where the "provision.sh" script was copied in the destination host.
# CUSTOM_CERTS_DIR="${SCRIPT_DIR}/certs"
# The script expects cert/key files with these basenames (matching the role except for
-# keepweb, which is split in both downoad/collections):
+# keepweb, which is split in both download/collections):
# "controller"
# "websocket"
# "workbench"
# "webshell"
# "download" # Part of keepweb
# "collections" # Part of keepweb
-# "keep" # Keepproxy
+# "keepproxy" # Keepproxy
# Ie., 'keep', the script will lookup for
-# ${CUSTOM_CERTS_DIR}/keep.crt
-# ${CUSTOM_CERTS_DIR}/keep.key
+# ${CUSTOM_CERTS_DIR}/keepproxy.crt
+# ${CUSTOM_CERTS_DIR}/keepproxy.key
# The directory to check for the config files (pillars, states) you want to use.
# There are a few examples under 'config_examples'.
# help you deploy them. In order to do that, you need to set `USE_LETSENCRYPT=no` above,
# and copy the required certificates under the directory specified in the next line.
# The certs will be copied from this directory by the provision script.
-# Plese set it to the FULL PATH to the certs dir if you're going to use a different dir
+# Please set it to the FULL PATH to the certs dir if you're going to use a different dir
+# Default is "${SCRIPT_DIR}/certs", where the variable "SCRIPT_DIR" has the path to the
+# directory where the "provision.sh" script was copied in the destination host.
# CUSTOM_CERTS_DIR="${SCRIPT_DIR}/certs"
# The script expects cert/key files with these basenames (matching the role except for
-# keepweb, which is split in both downoad/collections):
+# keepweb, which is split in both download/collections):
# "controller"
# "websocket"
# "workbench"
cert_name=${2}
mkdir -p /srv/salt/certs
- cp -v ${cert_dir}/${cert_name}.crt /srv/salt/certs/arvados-${cert_name}.pem
- cp -v ${cert_dir}/${cert_name}.key /srv/salt/certs/arvados-${cert_name}.key
+
+ if [ -f ${cert_dir}/${cert_name}.crt ]; then
+ cp -v ${cert_dir}/${cert_name}.crt /srv/salt/certs/arvados-${cert_name}.pem
+ else
+ echo "${cert_dir}/${cert_name}.crt does not exist. Exiting"
+ exit 1
+ fi
+ if [ -f ${cert_dir}/${cert_name}.key ]; then
+ cp -v ${cert_dir}/${cert_name}.key /srv/salt/certs/arvados-${cert_name}.key
+ else
+ echo "${cert_dir}/${cert_name}.key does not exist. Exiting"
+ exit 1
+ fi
}
DEV_MODE="no"