18 lines
459 B
Bash
Executable File
18 lines
459 B
Bash
Executable File
#!/bin/sh
|
|
|
|
set -e
|
|
|
|
[[- $c := merge .elasticsearch.server .elasticsearch .]]
|
|
[[ template "common/vault.mkpki.sh.tpl" $c ]]
|
|
|
|
vault write [[ $c.vault.pki.path ]]/roles/server \
|
|
allowed_domains="[[ .instance ]][[ .consul.suffix ]].service.[[ .consul.domain ]]" \
|
|
allow_bare_domains=true \
|
|
allow_subdomains=true \
|
|
allow_localhost=false \
|
|
allow_ip_sans=true \
|
|
server_flag=true \
|
|
client_flag=true \
|
|
allow_wildcard_certificates=false \
|
|
max_ttl=720h
|