Gitiles
Code Review Sign In
gerrit.hackerspace.pl / hscloud / 73cef11c8534edeaab7763df1018c55b8afdd157^! / . / cluster / certs / etcd-bc01n02.hswaw.net.cert
commit73cef11c8534edeaab7763df1018c55b8afdd157[log] [tgz]
authorSergiusz Bazanski <q3k@q3k.org>Sun Apr 07 00:06:23 2019 +0200
committerSergiusz Bazanski <q3k@q3k.org>Sun Apr 07 00:06:23 2019 +0200
tree8d483998903ae47cf7e9467829071bbb8c5329a0
parent208f0058304f5c7a01d239d5bc58a78363982d6d [diff] [blame]
*: rejigger tls certs and more

This pretty large change does the following:

 - moves nix from bootstrap.hswaw.net to nix/
 - changes clustercfg to use cfssl and moves it to cluster/clustercfg
 - changes clustercfg to source information about target location of
   certs from nix
 - changes clustercfg to push nix config
 - changes tls certs to have more than one CA
 - recalculates all TLS certs
   (it keeps the old serviceaccoutns key, otherwise we end up with
   invalid serviceaccounts - the cert doesn't match, but who cares,
   it's not used anyway)

diff --git a/cluster/certs/etcd-bc01n02.hswaw.net.cert b/cluster/certs/etcd-bc01n02.hswaw.net.cert
new file mode 100644
index 0000000..fbf7f60
--- /dev/null
+++ b/cluster/certs/etcd-bc01n02.hswaw.net.cert

@@ -0,0 +1,29 @@
+-----BEGIN CERTIFICATE-----
+MIIFADCCA+igAwIBAgIUEOvIsxRTRhb/gGkSusEaIvihjmYwDQYJKoZIhvcNAQEL
+BQAweDELMAkGA1UEBhMCUEwxFDASBgNVBAgTC01hem93aWVja2llMQ8wDQYDVQQH
+EwZXYXJzYXcxGzAZBgNVBAoTEldhcnNhdyBIYWNrZXJzcGFjZTETMBEGA1UECxMK
+Y2x1c3RlcmNmZzEQMA4GA1UEAxMHZXRjZCBjYTAeFw0xOTA0MDYxODA0MDBaFw0y
+MDA0MDUxODA0MDBaMFsxCzAJBgNVBAYTAlBMMRQwEgYDVQQIEwtNYXpvd2llY2tp
+ZTEPMA0GA1UEBxMGV2Fyc2F3MSUwIwYDVQQLExxub2RlIGV0Y2Qgc2VydmVyIGNl
+cnRpZmljYXRlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwrMOjn2b
+ESHDHzHeO73kqaNs0P3AKBr1gZ9Tfpg62zkah5wvW3oQ44/WubwEeEZGi7im3Srq
+wmqCFLmKHGkpVx34qdlsTgKa8sCxIfrz8QuOXW8fr68l/hIkUXXE3cIwxOBWvRkz
+kH97bqWnrbSOvMuFquTQNppA7ynlWnSP1L2KquwaTn8hyguSJwCSiFAp8d7ShKHC
+Kb+msuFXYeNhPRnTflvLuNmg8IesTMTF9D0Q2k6aZ/jPGjUoJAQsftrnDIz8Wlzg
+QaraSEYW5FrVTWZtl0ZbRZmOk25wU0mZR7L6hpFwAePsgGiU9Si/fPVvANk8h0Ah
+E+m8k2mu79Gsw6TmvFU5KT8jNNZXagHLUjuqAwrFEz16ai/Z0UQfnn+NGwp4BioN
+iZujfndh3D7qPdCdxCOJS3qwHZ2G+z6JmF61N1hFwR5wrKxjsgZmQXQTm+L6mpT0
+JBss/uEcTiZe1KEHPUzEWv9gvhdzeXPAMKj15P4GQCMyE+3ozWM2WpZdLaGlaQ0f
+OJm4G+3hs3V6DXr44LpSDJWo8dVDUGBgjOYwJXgyaxyWFKTwlHBYZeAtd4jpKzqw
+w6d+G12EUTHDc6gXaVu7BsrUslRjHduPQSMMtSgS52K7JJh51xWJqf+LjS8pjE6q
+O3nx7AnJhA+sDaUpxtXQfLfFenkqt5eYi5sCAwEAAaOBnjCBmzAOBgNVHQ8BAf8E
+BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQC
+MAAwHQYDVR0OBBYEFK/qgslLg68XcSfOxPUg5+tRXBCzMB8GA1UdIwQYMBaAFPFZ
+uGZNPsPnQu6Bo9RGfzlTdfkPMBwGA1UdEQQVMBOCEWJjMDFuMDIuaHN3YXcubmV0
+MA0GCSqGSIb3DQEBCwUAA4IBAQACPg5XkPP6OjQwgTAz08KC+ILuqPLx382GyTRu
+RfK9G+SJg5GnQl3sKHLezBqStLsYcRlunhbpFsoJCt3u6bQENDtA1BBXMplD/JEb
+zHC+IBshjtPBqpQp+f43XylS4ZZ/nGo8NXa6jMctz4BF7OjkYZ7nGOHn3iU50wDl
+C42Urz+/1VP898QzEjgvGArVRm+WWQPm8VwD05+HTjEpXSAP5p3awlicXoG6HOgg
+uCyNrnCHFDXFzqtci2UIWj1zb92M3tlEEWDwXzMHtgeGDhAEkjvBuwrhpnxoZXb1
+KUb9H6Z7/YkoEvXVbQkGRRotHVz7dkt0Ck5sPiqXB4RME/8U
+-----END CERTIFICATE-----