diff options
| author | Christian Breunig <christian@breunig.cc> | 2024-06-09 20:45:04 +0200 |
|---|---|---|
| committer | Christian Breunig <christian@breunig.cc> | 2024-06-09 20:45:04 +0200 |
| commit | 6ce8efdc8dafef67541bed89fc7dc7cd83335bf4 (patch) | |
| tree | 732d304a471d766d8163ed27c2b43fe37e9448bd | |
| parent | a79c094c3b0a543d4dc04adb3fc64e215b910593 (diff) | |
| download | vyos-1x-6ce8efdc8dafef67541bed89fc7dc7cd83335bf4.tar.gz vyos-1x-6ce8efdc8dafef67541bed89fc7dc7cd83335bf4.zip | |
pki: T6463: reverse-proxy service not reloaded when updating SSL certificate(s)
The haproxy reverse proxy was not reloaded/restarted with the new SSL
certificate(s) after a change in the PKI subsystem. This was due to missing
dependencies.
| -rw-r--r-- | data/config-mode-dependencies/vyos-1x.json | 1 | ||||
| -rwxr-xr-x | src/conf_mode/pki.py | 4 |
2 files changed, 5 insertions, 0 deletions
diff --git a/data/config-mode-dependencies/vyos-1x.json b/data/config-mode-dependencies/vyos-1x.json index 13de434bd..20ec12f04 100644 --- a/data/config-mode-dependencies/vyos-1x.json +++ b/data/config-mode-dependencies/vyos-1x.json @@ -29,6 +29,7 @@ "https": ["service_https"], "ipsec": ["vpn_ipsec"], "openconnect": ["vpn_openconnect"], + "reverse_proxy": ["load-balancing_reverse-proxy"], "rpki": ["protocols_rpki"], "sstp": ["vpn_sstp"] }, diff --git a/src/conf_mode/pki.py b/src/conf_mode/pki.py index 8deec0e85..f37cac524 100755 --- a/src/conf_mode/pki.py +++ b/src/conf_mode/pki.py @@ -67,6 +67,10 @@ sync_search = [ 'path': ['interfaces', 'sstpc'], }, { + 'keys': ['certificate', 'ca_certificate'], + 'path': ['load_balancing', 'reverse_proxy'], + }, + { 'keys': ['key'], 'path': ['protocols', 'rpki', 'cache'], }, |