From d88ca8a33bf377d2a5a756d3fb58906d39987cb4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C5=81ukasz=20Nowak?= <luke@nexedi.com>
Date: Thu, 20 Oct 2011 13:15:20 +0200
Subject: [PATCH] Generate ERP5 specific certificate authority.

---
 software/erp5/instance-erp5-development.cfg |  1 +
 software/erp5/instance-zope.cfg             | 21 +++++++++++++++++++++
 software/erp5/software.cfg                  |  4 ++--
 3 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/software/erp5/instance-erp5-development.cfg b/software/erp5/instance-erp5-development.cfg
index fdd2598d..b89d73b9 100644
--- a/software/erp5/instance-erp5-development.cfg
+++ b/software/erp5/instance-erp5-development.cfg
@@ -37,6 +37,7 @@ update-wrapper = $${basedirectory:services}/erp5-update
 # Defaults
 configurator-bt5-list = erp5_core_proxy_field_legacy erp5_full_text_myisam_catalog erp5_base erp5_workflow erp5_configurator erp5_configurator_standard erp5_configurator_maxma_demo erp5_configurator_ung
 bt5-repository-list = $${zope-instance:bt5-repository-list}
+
 [request-common]
 recipe = slapos.cookbook:request
 software-url = $${slap-connection:software-release-url}
diff --git a/software/erp5/instance-zope.cfg b/software/erp5/instance-zope.cfg
index d679c428..d570fc6c 100644
--- a/software/erp5/instance-zope.cfg
+++ b/software/erp5/instance-zope.cfg
@@ -6,6 +6,7 @@ parts =
   apache-zope-backend-instance
   ca-apache-zope-backend
   logrotate
+  erp5-certificate-authority
   logrotate-entry-zope
   cron
   cron-entry-logrotate
@@ -199,6 +200,25 @@ services = $${rootdirectory:etc}/run
 run = $${rootdirectory:var}/run
 backup = $${rootdirectory:srv}/backup
 
+[erp5-certificate-authority]
+recipe = slapos.cookbook:certificate_authority
+openssl-binary = ${openssl:location}/bin/openssl
+ca-dir = $${directory:erp5-ca-dir}
+requests-directory = $${erp5-cadirectory:requests}
+wrapper = $${basedirectory:services}/erp5-ca
+ca-private = $${erp5-cadirectory:private}
+ca-certs = $${erp5-cadirectory:certs}
+ca-newcerts = $${erp5-cadirectory:newcerts}
+ca-crl = $${erp5-cadirectory:crl}
+
+[erp5-cadirectory]
+recipe = slapos.cookbook:mkdirectory
+requests = $${directory:erp5-ca-dir}/requests/
+private = $${directory:erp5-ca-dir}/private/
+certs = $${directory:erp5-ca-dir}/certs/
+newcerts = $${directory:erp5-ca-dir}/newcerts/
+crl = $${directory:erp5-ca-dir}/crl/
+
 [directory]
 recipe = slapos.cookbook:mkdirectory
 zodb = $${rootdirectory:srv}/zodb
@@ -215,6 +235,7 @@ instance-constraint = $${:instance}/Constraint
 instance-import = $${:instance}/import
 instance-lib = $${:instance}/lib
 instance-tests = $${:instance}/tests
+erp5-ca-dir = $${rootdirectory:srv}/erp5-ssl/
 ca-dir = $${rootdirectory:srv}/ssl
 cron-entries = $${rootdirectory:etc}/cron.d
 crontabs = $${rootdirectory:etc}/crontabs
diff --git a/software/erp5/software.cfg b/software/erp5/software.cfg
index 2766dc24..b0d2f12b 100644
--- a/software/erp5/software.cfg
+++ b/software/erp5/software.cfg
@@ -25,7 +25,7 @@ mode = 0644
 [template-zope]
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/instance-zope.cfg
-md5sum = e836707977e2a8e76225c9656d28be8e
+md5sum = 38fab9825a159899eefe619585c56352
 output = ${buildout:directory}/template-zope.cfg
 mode = 0644
 
@@ -60,7 +60,7 @@ mode = 0644
 [template-erp5-development]
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/instance-erp5-development.cfg
-md5sum = 03918c690354333b17cbc3dbc285ba24
+md5sum = 87413ae556f73fff4342ae5fb15d37de
 output = ${buildout:directory}/template-erp5-development.cfg
 mode = 0644
 
-- 
2.30.9