From af99818f8314cdfad69cc2efbfcdf33844dc76a1 Mon Sep 17 00:00:00 2001 From: tv Date: Fri, 10 Jul 2015 21:27:41 +0200 Subject: make rotate-consul-encrypt --- Makefile | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/Makefile b/Makefile index cab9f80..154fb7a 100644 --- a/Makefile +++ b/Makefile @@ -14,6 +14,8 @@ hosts := $($(cluster)-cluster) ifeq ($(hosts),) $(error bad cluster: $(cluster)) else +.ONESHELL: + .PHONY: deploy $(addprefix deploy-,$(hosts)) deploy: exec parallel \ @@ -23,4 +25,24 @@ deploy: --tagstring '{u}' \ --line-buffer \ $(MAKE) deploy-{} ::: $(hosts) + +.PHONY: rotate-consul-encrypt +rotate-consul-encrypt: + umask 0377 + mkencrypt() { dd status=none if=/dev/random bs=1 count=16 | base64; } + json=$$(printf '{"encrypt":"%s"}\n' $$(mkencrypt)) + cmd=' + f=secrets/{}/rsync/etc/consul/encrypt.json + rm -f "$$f" + echo "$$json" > "$$f" + ' + export json + exec parallel \ + -j 0 \ + --no-notice \ + --rpl '{u} s/^.* deploy-(.*)/\1/' \ + --tagstring '{u}' \ + --line-buffer \ + --quote \ + sh -eufc "$$cmd" ::: $(hosts) endif -- cgit v1.2.3