- declare a new admin vhost
- add a redirection for the old vhost
- change the hostname where needed (certificate, vhosts, ...)
- clean up no longer necessary inventory-vagrant entries
Related to T3873
Differential D7018
netbox: migrate the vm to the admin vlan vsellier on Jan 21 2022, 5:32 PM. Authored by Tags None Subscribers None
Details
Related to T3873 vagrant and octo-diff ok.
considered as a new server due to the hostname update
diff origin/production/pergamon.softwareheritage.org current/pergamon.softwareheritage.org ******************************************* + Exec[letsencrypt certonly inventory.internal.softwareheritage.org] => parameters => "command": "certbot --text --agree-tos --non-interactive certonly --rsa-key-... "environment": [ ], "path": "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", "provider": "shell", "unless": "/usr/local/sbin/letsencrypt-domain-validation /etc/letsencrypt/li... ******************************************* - Exec[letsencrypt certonly netbox-vagrant] ******************************************* Exec[letsencrypt certonly netbox] => parameters => command => - certbot --text --agree-tos --non-interactive certonly --rsa-key-size 4096 --cert-name 'netbox' -d 'inventory.internal.softwareheritage.org' --authenticator manual --preferred-challenges dns --manual-public-ip-logging-ok --manual-auth-hook '/usr/local/bin/letsencrypt_gandi_livedns auth' --manual-cleanup-hook '/usr/local/bin/letsencrypt_gandi_livedns cleanup' --deploy-hook '/usr/local/bin/letsencrypt_puppet_export' + certbot --text --agree-tos --non-interactive certonly --rsa-key-size 4096 --cert-name 'netbox' -d 'inventory.internal.admin.swh.network' --authenticator manual --preferred-challenges dns --manual-public-ip-logging-ok --manual-auth-hook '/usr/local/bin/letsencrypt_gandi_livedns auth' --manual-cleanup-hook '/usr/local/bin/letsencrypt_gandi_livedns cleanup' --deploy-hook '/usr/local/bin/letsencrypt_puppet_export' unless => - /usr/local/sbin/letsencrypt-domain-validation /etc/letsencrypt/live/netbox/cert.pem 'inventory.internal.softwareheritage.org' + /usr/local/sbin/letsencrypt-domain-validation /etc/letsencrypt/live/netbox/cert.pem 'inventory.internal.admin.swh.network' ******************************************* File[/etc/bind/keys/local-update] => parameters => content => @@ -2,4 +2,4 @@ key local-update { algorithm hmac-sha256; - secret "RnUZ5OkCQJW0jKXUEQlLtvPzgc7cZevQkMIAmyci/pauR+Gt48njHze2VNqfkvsX8EF3gjrA/fNEk2m5cjZA8g=="; + secret "azVl7b68oI1B0OQgY99Ed3etzwtDxO3ZVA8KF8X6tULmb957u/koKrJe27OpBnZvE2Z0NMuuD7yjyKuZbnhhiQ=="; }; ******************************************* File[/etc/bind/rndc.key] => parameters => content => @@ -2,4 +2,4 @@ key rndc-key { algorithm hmac-md5; - secret "+euTM8F2D/MONDu/kaepXbH5Yw3vQ7acPYUdlVt8j0fMqz9d19CUH0Nu8D35GXjjqeemXbI/7V0GZ+uxIE1zJw=="; + secret "e6d9w8U/ARd2H9g7HddNCGjLMyZTDdPFlH6+LdK8jy4hqT58VdMwgi0br9r/smeq0jvf1vQ218hP9u0W5zndFg=="; }; ******************************************* + Letsencrypt::Certonly[inventory.internal.softwareheritage.org] => parameters => "additional_args": [ "--authenticator manual", "--preferred-challenges dns", "--manual-public-ip-logging-ok", "--manual-auth-hook '/usr/local/bin/letsencrypt_gandi_livedns auth'", "--manual-cleanup-hook '/usr/local/bin/letsencrypt_gandi_livedns cleanup'"... "--deploy-hook '/usr/local/bin/letsencrypt_puppet_export'" ], "cert_name": "inventory.internal.softwareheritage.org", "config_dir": "/etc/letsencrypt", "cron_hour": 3, "cron_minute": 24, "cron_monthday": [ "*" ], "custom_plugin": true, "deploy_hook_commands": [ ], "domains": [ "inventory.internal.softwareheritage.org" ], "ensure": "present", "environment": [ ], "key_size": 4096, "letsencrypt_command": "certbot", "manage_cron": false, "plugin": "standalone", "post_hook_commands": [ ], "pre_hook_commands": [ ], "suppress_cron_output": false, "webroot_paths": [ ] ******************************************* - Letsencrypt::Certonly[netbox-vagrant] ******************************************* Letsencrypt::Certonly[netbox] => parameters => domains => - ["inventory.internal.softwareheritage.org"] + ["inventory.internal.admin.swh.network"] ******************************************* + Resource_record[inventory-admin/CNAME] => parameters => "data": "bojimans.internal.admin.swh.network.", "keyfile": "/etc/bind/keys/local-update", "record": "inventory.internal.admin.swh.network", "type": "CNAME" ******************************************* Resource_record[inventory/CNAME] => parameters => data => - bojimans.internal.softwareheritage.org. + bojimans.internal.admin.swh.network. ******************************************* *** End octocatalog-diff on pergamon.softwareheritage.org
Diff Detail
|