marc/samfelag
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Renew consul certificates

Browse Source
This commit is contained in:
marc
2025-03-14 20:01:35 +01:00
parent f7afbe6973
commit 428a1756f3
4 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.org
View File

@@ -1,6 +1,6 @@
* NixOS * NixOS
** [[file:docs/install.org][Installing]] ** [[file:docs/install.org][Installing]]
** Rebuilding *** Rebuilding
#+BEGIN_SRC bash #+BEGIN_SRC bash
sudo nixos-rebuild switch --impure --flake ".#${HOST}" sudo nixos-rebuild switch --impure --flake ".#${HOST}"
#+END_SRC #+END_SRC

9
docs/consul.org
View File

@@ -1,6 +1,6 @@
#+title: Consul #+title: Consul
* Server setup * Server setup
** Create a server keypair ** Create a server keypair <<create_keypair>>
Decrypt the CA (from the agenix secrets) Decrypt the CA (from the agenix secrets)
#+begin_src bash #+begin_src bash
agenix -i ~/.ssh/id_reykjavik -d consul.d/consul-agent-ca.pem.age > ~/tmp/consul-agent-ca.pem agenix -i ~/.ssh/id_reykjavik -d consul.d/consul-agent-ca.pem.age > ~/tmp/consul-agent-ca.pem
@@ -78,3 +78,10 @@ JSON config:
} }
} }
#+end_src #+end_src
* Renew expired certificates
** Find the expired certificate
#+begin_src
openssl x509 -in /etc/consul.d/certs/samfelag-server-consul.pem -enddate -noout
#+end_src
Follow the steps described in [[create_keypair][Create a server keypair]].

BIN
secrets/consul.d/samfelag-server-thingvellir-key.pem.age
View File

Binary file not shown.

BIN
secrets/consul.d/samfelag-server-thingvellir.pem.age
View File

Binary file not shown.