adminconf/frontal-web-conf
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
This repository has been archived on 2023-07-27. You can view files and clone it, but cannot push or open issues or pull requests.
11 Commits 1 Branch 0 Tags 42 KiB
Shell 100%
beb16b0fc8
Go to file
Alexandre CATTEAU beb16b0fc8 Update README
2023-07-26 20:38:09 +02:00
.gitignore Initial commit (non functional state) 2022-05-24 11:42:45 +02:00
etc-letsencrypt.mount Add timeout to volume unlock/mount 2023-07-26 20:33:36 +02:00
install.sh Add timeout to volume unlock/mount 2023-07-26 20:33:36 +02:00
README.md Update README 2023-07-26 20:38:09 +02:00
timeout.conf Add timeout to volume unlock/mount 2023-07-26 20:33:36 +02:00
wait-for-dns.conf Initial commit (non functional state) 2022-05-24 11:42:45 +02:00

README.md

Frontal web configuration

This repository contains units and config files for our frontal web starting (at boot). Certificates volume should be automatically unlocked via TPM. If not, we must manually unlock it and start nginx.

Files

  • etc-letsencrypt.mount allows to unlock and mount encrypted certificates volume.
    • Relevant information should be added to /etc/crypttab.
    • Make sure that /etc/letsencrypt directory exists
  • timeout.conf is a drop-in Systemd unit file, to let system start even if above volume is not unlocked
  • wait-for-dns.conf is a drop-in Systemd unit file, which prevents nginx to start before DNS server is operational.

Installation

  • install.sh script copies Systemd files to their destination.

TODO

  • RAS