def prepare_tls_certificates(tls):
common_name = hookenv.unit_public_ip()
sans = set()
sans.add(hookenv.unit_public_ip())
sans.update(get_ingress_addresses('db'))
sans.update(get_ingress_addresses('cluster'))
sans.add(socket.gethostname())
sans = sorted(sans)
certificate_name = hookenv.local_unit().replace('/', '_')
tls.request_server_cert(common_name, sans, certificate_name)
def prepare_tls_certificates(tls):
status_set('maintenance', 'Requesting tls certificates.')
common_name = hookenv.unit_public_ip()
sans = set()
sans.add(hookenv.unit_public_ip())
sans.update(get_ingress_addresses('db'))
sans.update(get_ingress_addresses('cluster'))
sans.add(socket.gethostname())
sans = list(sans)
certificate_name = hookenv.local_unit().replace('/', '_')
tls.request_server_cert(common_name, sans, certificate_name)
def prepare_tls_certificates(tls):
common_name = hookenv.unit_public_ip()
sans = set()
sans.add(hookenv.unit_public_ip())
sans.update(get_ingress_addresses('db'))
sans.update(get_ingress_addresses('cluster'))
sans.add(socket.gethostname())
# add cluster peers as alt names when present
cluster = endpoint_from_flag('cluster.joined')
if cluster:
for ip in cluster.get_db_ingress_addresses():
sans.add(ip)
sans = sorted(sans)
certificate_name = hookenv.local_unit().replace('/', '_')
tls.request_server_cert(common_name, sans, certificate_name)
def prepare_tls_certificates(tls):
try:
common_name = hookenv.unit_public_ip()
except CalledProcessError as e:
msg = "Public address not available yet"
hookenv.log(msg, hookenv.WARNING)
hookenv.log(e, hookenv.WARNING)
return
sans = set()
sans.add(common_name)
sans.update(get_ingress_addresses("db"))
sans.update(get_ingress_addresses("cluster"))
sans.add(socket.gethostname())
# add cluster peers as alt names when present
cluster = endpoint_from_flag("cluster.joined")
if cluster:
for ip in cluster.get_db_ingress_addresses():
sans.add(ip)
sans = sorted(sans)
certificate_name = hookenv.local_unit().replace("/", "_")
tls.request_server_cert(common_name, sans, certificate_name)