Merge "Configure guestagent on Ubuntu guest images to use CA certificates"
This commit is contained in:
commit
ccb6752f69
@ -0,0 +1,11 @@
|
||||
#!/bin/sh
|
||||
|
||||
# CONTEXT: GUEST during CONSTRUCTION as ROOT
|
||||
# PURPOSE: configure trove-guest service to use system store of trusted certificates
|
||||
|
||||
GUEST_UNIT_DROPINS="/etc/systemd/system/trove-guest.service.d"
|
||||
|
||||
mkdir -v -p ${GUEST_UNIT_DROPINS}
|
||||
echo -e '[Service]\nEnvironment=REQUESTS_CA_BUNDLE=/etc/pki/tls/certs' > ${GUEST_UNIT_DROPINS}/30-use-system-certificates.conf
|
||||
|
||||
|
@ -0,0 +1,11 @@
|
||||
#!/bin/sh
|
||||
|
||||
# CONTEXT: GUEST during CONSTRUCTION as ROOT
|
||||
# PURPOSE: configure trove-guest service to use system store of trusted certificates
|
||||
|
||||
GUEST_UNIT_DROPINS="/etc/systemd/system/trove-guest.service.d"
|
||||
|
||||
mkdir -v -p ${GUEST_UNIT_DROPINS}
|
||||
echo -e '[Service]\nEnvironment=REQUESTS_CA_BUNDLE=/etc/ssl/certs' > ${GUEST_UNIT_DROPINS}/30-use-system-certificates.conf
|
||||
|
||||
|
@ -36,5 +36,7 @@ script
|
||||
|
||||
fi
|
||||
|
||||
exec su -c "/home/GUEST_USERNAME/trove/contrib/trove-guestagent $TROVE_CONFIG" GUEST_USERNAME
|
||||
# Requests: CA directories not supported in older Pythons, a custom bundle file is needed
|
||||
cat /usr/local/share/ca-certificates/*.crt > /usr/local/share/ca-certificates/custom.bundle
|
||||
exec su -c "REQUESTS_CA_BUNDLE=/usr/local/share/ca-certificates/custom.bundle /home/GUEST_USERNAME/trove/contrib/trove-guestagent $TROVE_CONFIG" GUEST_USERNAME
|
||||
end script
|
||||
|
Loading…
x
Reference in New Issue
Block a user