~mdw / distorted-ansible / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
New role for Debian-specific configuration.
[distorted-ansible] / roles / debian / files / pki / update-ca-certs
diff --git a/roles/debian/files/pki/update-ca-certs b/roles/debian/files/pki/update-ca-certs
new file mode 100755 (executable)
index 0000000..ec3e7e6
--- /dev/null
+++ b/roles/debian/files/pki/update-ca-certs
@@ -0,0 +1,12 @@
+#! /bin/sh
+
+set -e
+
+sudo -ucacert rsync -rtl --safe-links --delete-after \
+       rsync://www.distorted.org.uk/ca/cert/ \
+       /var/cache/ca-certs/
+if [ -d /etc/ca/refresh.d ]; then
+  mkdir -p -m755 /var/log/update-ca-certs
+  hush -d/var/log/update-ca-certs -n15 refresh \
+       run-parts --report /etc/ca/refresh.d
+fi
Ansible configuration for distorted.org.uk hosts