Esempio n. 1
0
def prepare_tls_certificates(tls):
    common_name = hookenv.unit_public_ip()
    sans = set()
    sans.add(hookenv.unit_public_ip())
    sans.update(get_ingress_addresses('db'))
    sans.update(get_ingress_addresses('cluster'))
    sans.add(socket.gethostname())
    sans = sorted(sans)
    certificate_name = hookenv.local_unit().replace('/', '_')
    tls.request_server_cert(common_name, sans, certificate_name)
Esempio n. 2
0
def prepare_tls_certificates(tls):
    status_set('maintenance', 'Requesting tls certificates.')
    common_name = hookenv.unit_public_ip()
    sans = set()
    sans.add(hookenv.unit_public_ip())
    sans.update(get_ingress_addresses('db'))
    sans.update(get_ingress_addresses('cluster'))
    sans.add(socket.gethostname())
    sans = list(sans)
    certificate_name = hookenv.local_unit().replace('/', '_')
    tls.request_server_cert(common_name, sans, certificate_name)
Esempio n. 3
0
def prepare_tls_certificates(tls):
    common_name = hookenv.unit_public_ip()
    sans = set()
    sans.add(hookenv.unit_public_ip())
    sans.update(get_ingress_addresses('db'))
    sans.update(get_ingress_addresses('cluster'))
    sans.add(socket.gethostname())

    # add cluster peers as alt names when present
    cluster = endpoint_from_flag('cluster.joined')
    if cluster:
        for ip in cluster.get_db_ingress_addresses():
            sans.add(ip)

    sans = sorted(sans)
    certificate_name = hookenv.local_unit().replace('/', '_')
    tls.request_server_cert(common_name, sans, certificate_name)
Esempio n. 4
0
def prepare_tls_certificates(tls):
    try:
        common_name = hookenv.unit_public_ip()
    except CalledProcessError as e:
        msg = "Public address not available yet"
        hookenv.log(msg, hookenv.WARNING)
        hookenv.log(e, hookenv.WARNING)
        return

    sans = set()
    sans.add(common_name)
    sans.update(get_ingress_addresses("db"))
    sans.update(get_ingress_addresses("cluster"))
    sans.add(socket.gethostname())

    # add cluster peers as alt names when present
    cluster = endpoint_from_flag("cluster.joined")
    if cluster:
        for ip in cluster.get_db_ingress_addresses():
            sans.add(ip)

    sans = sorted(sans)
    certificate_name = hookenv.local_unit().replace("/", "_")
    tls.request_server_cert(common_name, sans, certificate_name)