From 7f988ba9a8294bfe896c74b96fa7675b1f83b664 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Florent=20Thi=C3=A9ry?= <florent.thiery@ubicast.eu>
Date: Thu, 28 Feb 2019 17:03:20 +0100
Subject: [PATCH] do not re-generate nginx ssl certificate during demokit reset
 target, fixes #28243

---
 13.Demokit/1.Deploy_demokit/0_setup.py        | 15 -------------
 .../3.Generate_SSL_certificate/0_setup.py     | 21 +++++++++++++++++++
 launcher.sh                                   |  2 ++
 3 files changed, 23 insertions(+), 15 deletions(-)
 create mode 100644 13.Demokit/3.Generate_SSL_certificate/0_setup.py

diff --git a/13.Demokit/1.Deploy_demokit/0_setup.py b/13.Demokit/1.Deploy_demokit/0_setup.py
index 46bbb65f..2eaa4e50 100644
--- a/13.Demokit/1.Deploy_demokit/0_setup.py
+++ b/13.Demokit/1.Deploy_demokit/0_setup.py
@@ -14,21 +14,6 @@ CONTENT = [
 def setup(interactive=True):
     if os.path.exists('/etc/nginx/sites-enabled/mediaserver-msuser.conf'):
         cmds = list()
-        # deploy nginx SSL certificates
-        domains = []
-        conf_name_items = ["MS_SERVER_NAME", "MONITOR_SERVER_NAME", "CM_SERVER_NAME", "CACHE_SERVER_NAME"]
-        for name in conf_name_items:
-            domain = utils.get_conf(name)
-            if utils.get_conf(name):
-                domains.append(domain)
-        utils.mkcert(domains, ecc=False)
-        with open("/etc/nginx/conf.d/ssl_certificate.conf", "w") as ssl_conf_fh:
-            ssl_conf_fh.writelines([
-                "ssl_certificate /etc/ssl/envsetup/cert.pem;",
-                "ssl_certificate_key /etc/ssl/envsetup/key.pem;"
-            ])
-        cmds.append("systemctl restart nginx")
-
         options = {
             "ms_url": utils.get_conf('MS_SERVER_NAME'),
             "ms_apikey": utils.get_conf('MS_API_KEY')
diff --git a/13.Demokit/3.Generate_SSL_certificate/0_setup.py b/13.Demokit/3.Generate_SSL_certificate/0_setup.py
new file mode 100644
index 00000000..9d1be7f8
--- /dev/null
+++ b/13.Demokit/3.Generate_SSL_certificate/0_setup.py
@@ -0,0 +1,21 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+import utils
+
+
+def setup(interactive=True):
+    # deploy nginx SSL certificates
+    domains = []
+    conf_name_items = ["MS_SERVER_NAME", "MONITOR_SERVER_NAME", "CM_SERVER_NAME", "CACHE_SERVER_NAME"]
+    for name in conf_name_items:
+        domain = utils.get_conf(name)
+        if utils.get_conf(name):
+            domains.append(domain)
+    utils.mkcert(domains, ecc=False)
+    with open("/etc/nginx/conf.d/ssl_certificate.conf", "w") as ssl_conf_fh:
+        ssl_conf_fh.writelines([
+            "ssl_certificate /etc/ssl/envsetup/cert.pem;",
+            "ssl_certificate_key /etc/ssl/envsetup/key.pem;"
+        ])
+    cmds = ["systemctl restart nginx"]
+    utils.run_commands(cmds)
diff --git a/launcher.sh b/launcher.sh
index b7827d81..529bc590 100755
--- a/launcher.sh
+++ b/launcher.sh
@@ -142,6 +142,8 @@ case "$1" in
         python3 -u /root/envsetup/envsetup.py 121
         # demokit scripts: deploy videos, custom conf, etc
         python3 -u /root/envsetup/envsetup.py 131
+        # deploy ssl self-signed certificates
+        python3 -u /root/envsetup/envsetup.py 133
         [[ $2 = "--skip-tests" ]] || tests
 	;;
 
-- 
GitLab