Faidon Liambotis has uploaded a new change for review. https://gerrit.wikimedia.org/r/215353
Change subject: sslcert: automatically regenerate chained cert on changes ...................................................................... sslcert: automatically regenerate chained cert on changes This doesn't handle CA changes yet (sslcert::ca or otherwise) but it should be more than enough for now. Change-Id: Iafcce2ad465fad953acaff1b36fa993117e12d04 --- M modules/sslcert/manifests/chainedcert.pp 1 file changed, 5 insertions(+), 4 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/53/215353/1 diff --git a/modules/sslcert/manifests/chainedcert.pp b/modules/sslcert/manifests/chainedcert.pp index 2f0e3b3..035d807 100644 --- a/modules/sslcert/manifests/chainedcert.pp +++ b/modules/sslcert/manifests/chainedcert.pp @@ -36,10 +36,11 @@ if $ensure == 'present' { exec { "x509-bundle ${title}": - creates => $chainfile, - command => "/usr/local/sbin/x509-bundle --skip-root -c ${title}.crt -o $chainfile", - cwd => '/etc/ssl/localcerts', - require => File["/etc/ssl/localcerts/${title}.crt"] + refreshonly => true, + command => "/usr/local/sbin/x509-bundle --skip-root -c ${title}.crt -o $chainfile", + cwd => '/etc/ssl/localcerts', + require => File["/etc/ssl/localcerts/${title}.crt"], + subscribe => File["/etc/ssl/localcerts/${title}.crt"], } # set owner/group/permissions on the chained file -- To view, visit https://gerrit.wikimedia.org/r/215353 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Iafcce2ad465fad953acaff1b36fa993117e12d04 Gerrit-PatchSet: 1 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Faidon Liambotis <fai...@wikimedia.org> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits