Skip to content

Commit

Permalink
Merge pull request #39 from xcp-ng/xs8/preserve-stunnel-certs
Browse files Browse the repository at this point in the history 
Preserve even more stunnel certs on upgrade
  • Loading branch information
@ydirson
ydirson authored Aug 8, 2024
2 parents 6b587f4 + 331c439 commit 121e7a7
Showing 1 changed file with 10 additions and 6 deletions.
16 changes: 10 additions & 6 deletions upgrade.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -182,13 +182,17 @@ def restore_file(src_base, f, d=None):
assert 'dst' in f
restore_file(tds.mount_point, f['src'], f['dst'])
elif 'dir' in f:
pat = 're' in f and f['re'] or None
pat = f.get('re', None)
src_dir = os.path.join(tds.mount_point, f['dir'])
if os.path.exists(src_dir):
for ff in os.listdir(src_dir):
fn = os.path.join(f['dir'], ff)
if not pat or pat.match(fn):
restore_file(tds.mount_point, fn)
if pat is not None:
# filter here (though should ideally let restore_file do it)
for ff in os.listdir(src_dir):
fn = os.path.join(f['dir'], ff)
if pat.match(fn):
restore_file(tds.mount_point, fn)
else:
restore_file(tds.mount_point, f['dir'])
finally:
tds.unmount()

Expand Down Expand Up @@ -591,7 +595,7 @@ def buildRestoreList(self, src_base):

# Preserve pool certificates across upgrades
self.restore_list += ['etc/stunnel/xapi-pool-ca-bundle.pem', {'dir': 'etc/stunnel/certs-pool'}]
self.restore_list += [{'dir': 'etc/stunnel/certs'}]
self.restore_list += ['etc/stunnel/xapi-stunnel-ca-bundle.pem', {'dir': 'etc/stunnel/certs'}]

# Keep IPv6 enablement/disablement upon upgrades
self.restore_list += ['etc/sysctl.d/91-net-ipv6.conf']
Expand Down

0 comments on commit 121e7a7

Please sign in to comment.