Skip to content

Commit 930e487

Browse files
committed
RDS rotation bugfix for Standard
1 parent 067c067 commit 930e487

3 files changed

Lines changed: 8 additions & 891 deletions

File tree

packages/standard/ami/ami-build.sh

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -43,4 +43,9 @@ else
4343
fi
4444
chmod +x ami/*.sh scripts/*.sh
4545

46+
# before we get started, we need the AWS cert chain installed
47+
# we can't grab it later because we can't depend on downloading things
48+
wget https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem
49+
mv global-bundle.pem mysql-ca
50+
4651
echo ami-build.sh: done

packages/standard/ami/ami-configure.sh

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -37,9 +37,9 @@ cd /root/openemr-devops/packages/standard
3737
if [ -z "$RECOVERYS3" ]; then
3838
# configure, but do not launch, OpenEMR docker
3939
docker-compose create
40-
# load the Amazon CA
41-
cp snippets/rds-combined-ca-bundle.pem /mnt/docker/volumes/standard_sitevolume/_data/default/documents/certificates/mysql-ca
42-
# I'm not convinced this is stable
40+
# now we'll install the AWS certs we got when I built the instance
41+
# this doesn't feel like the right way to do it but it works
42+
mv /root/mysql-ca /mnt/docker/volumes/standard_sitevolume/_data/default/documents/certificates
4343
chown 1000 /mnt/docker/volumes/standard_sitevolume/_data/default/documents/certificates/mysql-ca
4444
# okay, now go
4545
docker-compose up -d

0 commit comments

Comments
 (0)