~damien/ca-provision-example

A simple repo demonstrating a technique for provisioning servers with a certificate and key signed by a local CA.
Add consul user during provision

refs

master
browse  log 

clone

read-only
https://git.sr.ht/~damien/ca-provision-example
read/write
git@git.sr.ht:~damien/ca-provision-example

You can also use your local clone with git send-email.

This repo demonstrates a simple approach for provisioning servers with certificates signed by a custom certificate authority.

In order to test it, you need to define a linode_token variable inside secrets.tfvars, and then run:

$ ./ca-new consul-agent
$ terraform apply -var-file secrets.tfvars

This will provision a server with /etc/ssl/consul-agent/server1.dc1.consul.{crt,key}, which represents a certificate and key that have been signed by the local consul-agent CA.