deployments
Noah called with a question while you were out. I took a message, but it was lost in the flood. I figured you could call him back when it stopped raining, which it did at last!
My own private atlantis
had its deployment debut yesterday. I renewed the blog SSL certificate
on my workstation, saving the key and certificate in their own private
directory nested beneath corrina/files
. In a separate directory,
ovid/manifests
, I added a Lua module with these definitions:
coroutine.yield( atlantis.v1.fs.file { name = "etc/ssl/certs/yieldsfalsehood.com.pem", mode = "0644", contents = atlantis.v1.res.file( "letsencrypt/live/yieldsfalsehood.com/fullchain.pem" ) } ) coroutine.yield( atlantis.v1.fs.file { name = "etc/ssl/private/yieldsfalsehood.com.key", mode = "0600", contents = atlantis.v1.res.file( "letsencrypt/live/yieldsfalsehood.com/privkey.pem" ) } )
To tie the manifests and files together I ran something like this in a
directory with access to both ovid
and corrina
:
$ python -m atlantis.trident \ ursula \ -P ovid/manifests/?.lua -P "" -P "" \ -m www.ssl \ tar \ -F corrina/files \ | ssh node1 \ tar -C / -xvf - etc/ssl/certs/yieldsfalsehood.com.pem etc/ssl/private/yieldsfalsehood.com.key
I had to login manually afterwards to reload the web server, which I
should be able to capture once krabs
is calcified. Hail, Atlantis!