From edc29903a2e3db1b26b0e952487f33ac7f3bcda6 Mon Sep 17 00:00:00 2001 From: Oleksandr Iuzikov Date: Wed, 21 Jan 2015 10:41:28 +0200 Subject: [PATCH 1/6] Added SSL certificates uploading. --- nodes/sample_host.json | 7 ++-- .../rails/files/default/certificates/.keep | 0 vendor/cookbooks/rails/libraries/default.rb | 22 +++++++++++++ vendor/cookbooks/rails/recipes/default.rb | 31 +++++++++-------- vendor/cookbooks/rails/recipes/passenger.rb | 33 +++++++++---------- .../rails/templates/default/app_cert.crt.erb | 1 - .../rails/templates/default/app_cert.key.erb | 1 - .../templates/default/app_nginx.conf.erb | 8 ++--- .../default/app_passenger_nginx.conf.erb | 6 ++-- 9 files changed, 62 insertions(+), 47 deletions(-) create mode 100644 vendor/cookbooks/rails/files/default/certificates/.keep delete mode 100644 vendor/cookbooks/rails/templates/default/app_cert.crt.erb delete mode 100644 vendor/cookbooks/rails/templates/default/app_cert.key.erb diff --git a/nodes/sample_host.json b/nodes/sample_host.json index 1525a285..19dc81d2 100644 --- a/nodes/sample_host.json +++ b/nodes/sample_host.json @@ -39,10 +39,9 @@ "domain_names": ["", "", "<...>"], "redirect_domain_names": ["", "", "<...>"], "ruby_version": "2.1.0", - "ssl_info": { - "key": "", - "crt": "" - }, + "ssl_enabled": true, + "ssl_certificate": "", + "ssl_certificate_key": "", "env_vars": { "key_1": "val_1", "key_2": "val_2" diff --git a/vendor/cookbooks/rails/files/default/certificates/.keep b/vendor/cookbooks/rails/files/default/certificates/.keep new file mode 100644 index 00000000..e69de29b diff --git a/vendor/cookbooks/rails/libraries/default.rb b/vendor/cookbooks/rails/libraries/default.rb index f60d2bfa..4cdd9e13 100644 --- a/vendor/cookbooks/rails/libraries/default.rb +++ b/vendor/cookbooks/rails/libraries/default.rb @@ -16,5 +16,27 @@ def nginx_custom_configuration(app_info) empty_conf.merge(app_info["nginx_custom"] || {}) end + + # Returns a server path to certificate file + # + # applications_root = '/u/apps/' + # name = 'my_app' + # app_info['ssl_certificate'] = 'my_cert.crt' + # ssl_certificate(applications_root, name, app_info) # => /u/apps/my_app/shared/config/my_cert.crt' + # + # applications_root = '/u/apps/' + # name = 'my_app' + # app_info['ssl_certificate'] = nil + # ssl_certificate(applications_root, name, app_info) # => /u/apps/my_app/shared/config/my_app.crt' + # + def ssl_certificate(applications_root, name, app_info) + Pathname.new(applications_root).join(name, 'shared', 'config', app_info["ssl_certificate"] || "#{name}.crt") + end + + # See #ssl_certificate + # + def ssl_certificate_key(applications_root, name, app_info) + Pathname.new(applications_root).join(name, 'shared', 'config', app_info["ssl_certificate_key"] || "#{name}.key") + end end end diff --git a/vendor/cookbooks/rails/recipes/default.rb b/vendor/cookbooks/rails/recipes/default.rb index 8c1022a2..3c8aa1ed 100644 --- a/vendor/cookbooks/rails/recipes/default.rb +++ b/vendor/cookbooks/rails/recipes/default.rb @@ -33,6 +33,7 @@ # Include library helpers ::Chef::Resource.send(:include, Rails::Helpers) + ::Chef::Recipe.send(:include, Rails::Helpers) node[:active_applications].each do |app, app_info| rails_env = app_info['rails_env'] || "production" @@ -93,21 +94,17 @@ end - if app_info['ssl_info'] - template "#{applications_root}/#{app}/shared/config/certificate.crt" do - owner "deploy" - group "deploy" - mode 0644 - source "app_cert.crt.erb" - variables :app_crt=> app_info['ssl_info']['crt'] - end - - template "#{applications_root}/#{app}/shared/config/certificate.key" do - owner "deploy" - group "deploy" - mode 0644 - source "app_cert.key.erb" - variables :app_key=> app_info['ssl_info']['key'] + ssl_certificate_path = ssl_certificate(applications_root, app, app_info) + ssl_certificate_key_path = ssl_certificate_key(applications_root, app, app_info) + + if app_info["ssl_enabled"] + [ssl_certificate_path, ssl_certificate_key_path].each do |pathname| + cookbook_file pathname.to_s do + source "certificates/#{pathname.basename.to_s}" + owner "deploy" + group "deploy" + mode 0644 + end end end @@ -117,7 +114,9 @@ name: app, domain_names: app_info["domain_names"], redirect_domain_names: app_info["redirect_domain_names"], - enable_ssl: File.exists?("#{applications_root}/#{app}/shared/config/certificate.crt"), + ssl_enabled: app_info["ssl_enabled"], + ssl_certificate: ssl_certificate_path, + ssl_certificate_key: ssl_certificate_key_path, custom_configuration: nginx_custom_configuration(app_info)) notifies :reload, resources(service: "nginx") end diff --git a/vendor/cookbooks/rails/recipes/passenger.rb b/vendor/cookbooks/rails/recipes/passenger.rb index aab970b6..197ff7ff 100644 --- a/vendor/cookbooks/rails/recipes/passenger.rb +++ b/vendor/cookbooks/rails/recipes/passenger.rb @@ -50,6 +50,7 @@ # Include library helpers ::Chef::Resource.send(:include, Rails::Helpers) + ::Chef::Recipe.send(:include, Rails::Helpers) node[:active_applications].each do |app, app_info| rails_env = app_info['rails_env'] || "production" @@ -98,7 +99,6 @@ end if app_info['database_info'] - template "#{applications_root}/#{app}/shared/config/database.yml" do owner deploy_user group deploy_user @@ -106,24 +106,19 @@ source "app_database.yml.erb" variables :database_info => app_info['database_info'], :rails_env => rails_env end - end - if app_info['ssl_info'] - template "#{applications_root}/#{app}/shared/config/certificate.crt" do - owner "deploy" - group "deploy" - mode 0644 - source "app_cert.crt.erb" - variables :app_crt=> app_info['ssl_info']['crt'] - end - - template "#{applications_root}/#{app}/shared/config/certificate.key" do - owner "deploy" - group "deploy" - mode 0644 - source "app_cert.key.erb" - variables :app_key=> app_info['ssl_info']['key'] + ssl_certificate_path = ssl_certificate(applications_root, app, app_info) + ssl_certificate_key_path = ssl_certificate_key(applications_root, app, app_info) + + if app_info["ssl_enabled"] + [ssl_certificate_path, ssl_certificate_key_path].each do |pathname| + cookbook_file pathname.to_s do + source "certificates/#{pathname.basename.to_s}" + owner "deploy" + group "deploy" + mode 0644 + end end end @@ -133,7 +128,9 @@ name: app, rails_env: rails_env, domain_names: app_info["domain_names"], - enable_ssl: File.exists?("#{applications_root}/#{app}/shared/config/certificate.crt"), + ssl_enabled: app_info["ssl_enabled"], + ssl_certificate: ssl_certificate_path, + ssl_certificate_key: ssl_certificate_key_path, custom_configuration: nginx_custom_configuration(app_info)) notifies :reload, resources(:service => "nginx") end diff --git a/vendor/cookbooks/rails/templates/default/app_cert.crt.erb b/vendor/cookbooks/rails/templates/default/app_cert.crt.erb deleted file mode 100644 index 87389e27..00000000 --- a/vendor/cookbooks/rails/templates/default/app_cert.crt.erb +++ /dev/null @@ -1 +0,0 @@ -<%= @app_crt %> \ No newline at end of file diff --git a/vendor/cookbooks/rails/templates/default/app_cert.key.erb b/vendor/cookbooks/rails/templates/default/app_cert.key.erb deleted file mode 100644 index 9e9b2c6b..00000000 --- a/vendor/cookbooks/rails/templates/default/app_cert.key.erb +++ /dev/null @@ -1 +0,0 @@ -<%= @app_key %> \ No newline at end of file diff --git a/vendor/cookbooks/rails/templates/default/app_nginx.conf.erb b/vendor/cookbooks/rails/templates/default/app_nginx.conf.erb index de13df6a..5e264a57 100644 --- a/vendor/cookbooks/rails/templates/default/app_nginx.conf.erb +++ b/vendor/cookbooks/rails/templates/default/app_nginx.conf.erb @@ -3,7 +3,7 @@ <% if @redirect_domain_names && @redirect_domain_names.any? %> server { listen <%= node['nginx']['port'] || '80' %>; - <% if @enable_ssl %> + <% if @ssl_enabled %> listen 443 ssl; <% end %> server_name <%= @redirect_domain_names.join(' ') %>; @@ -29,13 +29,13 @@ server { <%= @custom_configuration["server_main"] %> } -<% if @enable_ssl %> +<% if @ssl_enabled %> server { listen 443 ssl; - ssl_certificate <%= node['rails']['applications_root'] %>/<%= @name %>/shared/config/certificate.crt; - ssl_certificate_key <%= node['rails']['applications_root'] %>/<%= @name %>/shared/config/certificate.key; + ssl_certificate <%= @ssl_certificate %>; + ssl_certificate_key <%= @ssl_certificate_key %>; server_name <%= @domain_names.join(' ') %>; diff --git a/vendor/cookbooks/rails/templates/default/app_passenger_nginx.conf.erb b/vendor/cookbooks/rails/templates/default/app_passenger_nginx.conf.erb index bd91afb7..342c610a 100644 --- a/vendor/cookbooks/rails/templates/default/app_passenger_nginx.conf.erb +++ b/vendor/cookbooks/rails/templates/default/app_passenger_nginx.conf.erb @@ -10,13 +10,13 @@ server { <%= @custom_configuration["server_main"] %> } -<% if @enable_ssl %> +<% if @ssl_enabled %> server { listen 443 ssl; - ssl_certificate <%= node['rails']['applications_root'] %>/<%= @name %>/shared/config/certificate.crt; - ssl_certificate_key <%= node['rails']['applications_root'] %>/<%= @name %>/shared/config/certificate.key; + ssl_certificate <%= @ssl_certificate %>; + ssl_certificate_key <%= @ssl_certificate_key %>; passenger_enabled on; passenger_app_env <%= @rails_env %>; From 43e95807ac3d0588669c81abde86cbe51a49fe8b Mon Sep 17 00:00:00 2001 From: Oleksandr Iuzikov Date: Thu, 22 Jan 2015 17:16:14 +0200 Subject: [PATCH 2/6] Houndci fixes --- vendor/cookbooks/rails/libraries/default.rb | 6 +++--- vendor/cookbooks/rails/recipes/default.rb | 2 +- vendor/cookbooks/rails/recipes/passenger.rb | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/vendor/cookbooks/rails/libraries/default.rb b/vendor/cookbooks/rails/libraries/default.rb index 4cdd9e13..ed1bc30d 100644 --- a/vendor/cookbooks/rails/libraries/default.rb +++ b/vendor/cookbooks/rails/libraries/default.rb @@ -26,17 +26,17 @@ def nginx_custom_configuration(app_info) # # applications_root = '/u/apps/' # name = 'my_app' - # app_info['ssl_certificate'] = nil + # app_info['ssl_certificate'] = nil # ssl_certificate(applications_root, name, app_info) # => /u/apps/my_app/shared/config/my_app.crt' # def ssl_certificate(applications_root, name, app_info) - Pathname.new(applications_root).join(name, 'shared', 'config', app_info["ssl_certificate"] || "#{name}.crt") + Pathname.new(applications_root).join(name, "shared", "config", app_info["ssl_certificate"] || "#{name}.crt") end # See #ssl_certificate # def ssl_certificate_key(applications_root, name, app_info) - Pathname.new(applications_root).join(name, 'shared', 'config', app_info["ssl_certificate_key"] || "#{name}.key") + Pathname.new(applications_root).join(name, "shared", "config", app_info["ssl_certificate_key"] || "#{name}.key") end end end diff --git a/vendor/cookbooks/rails/recipes/default.rb b/vendor/cookbooks/rails/recipes/default.rb index 3c8aa1ed..c0c8625c 100644 --- a/vendor/cookbooks/rails/recipes/default.rb +++ b/vendor/cookbooks/rails/recipes/default.rb @@ -100,7 +100,7 @@ if app_info["ssl_enabled"] [ssl_certificate_path, ssl_certificate_key_path].each do |pathname| cookbook_file pathname.to_s do - source "certificates/#{pathname.basename.to_s}" + source "certificates/#{pathname.basename}" owner "deploy" group "deploy" mode 0644 diff --git a/vendor/cookbooks/rails/recipes/passenger.rb b/vendor/cookbooks/rails/recipes/passenger.rb index 197ff7ff..aafea0c3 100644 --- a/vendor/cookbooks/rails/recipes/passenger.rb +++ b/vendor/cookbooks/rails/recipes/passenger.rb @@ -114,7 +114,7 @@ if app_info["ssl_enabled"] [ssl_certificate_path, ssl_certificate_key_path].each do |pathname| cookbook_file pathname.to_s do - source "certificates/#{pathname.basename.to_s}" + source "certificates/#{pathname.basename}" owner "deploy" group "deploy" mode 0644 From 988da512c25d4fec63365b14ea6b7f0b298ec12f Mon Sep 17 00:00:00 2001 From: Oleksandr Iuzikov Date: Sat, 24 Jan 2015 10:56:31 +0200 Subject: [PATCH 3/6] Changed ssl config options --- nodes/sample_host.json | 8 ++-- vendor/cookbooks/rails/libraries/default.rb | 22 ++++++++++- vendor/cookbooks/rails/recipes/default.rb | 41 ++++++++++++-------- vendor/cookbooks/rails/recipes/passenger.rb | 42 +++++++++++++-------- 4 files changed, 78 insertions(+), 35 deletions(-) diff --git a/nodes/sample_host.json b/nodes/sample_host.json index 19dc81d2..78f30e0b 100644 --- a/nodes/sample_host.json +++ b/nodes/sample_host.json @@ -39,9 +39,11 @@ "domain_names": ["", "", "<...>"], "redirect_domain_names": ["", "", "<...>"], "ruby_version": "2.1.0", - "ssl_enabled": true, - "ssl_certificate": "", - "ssl_certificate_key": "", + "ssl_info": { + "enabled": true, + "certificate": "The cert file, optional", + "certificate_key": "The key for the cert file" + }, "env_vars": { "key_1": "val_1", "key_2": "val_2" diff --git a/vendor/cookbooks/rails/libraries/default.rb b/vendor/cookbooks/rails/libraries/default.rb index ed1bc30d..0384c951 100644 --- a/vendor/cookbooks/rails/libraries/default.rb +++ b/vendor/cookbooks/rails/libraries/default.rb @@ -30,13 +30,31 @@ def nginx_custom_configuration(app_info) # ssl_certificate(applications_root, name, app_info) # => /u/apps/my_app/shared/config/my_app.crt' # def ssl_certificate(applications_root, name, app_info) - Pathname.new(applications_root).join(name, "shared", "config", app_info["ssl_certificate"] || "#{name}.crt") + raise "Invalid application config given, no `ssl_info` present" unless ssl_info?(app_info) + + Pathname.new(applications_root).join(name, "shared", "config", + app_info["ssl_info"]["certificate"] || "#{name}.crt") end # See #ssl_certificate # def ssl_certificate_key(applications_root, name, app_info) - Pathname.new(applications_root).join(name, "shared", "config", app_info["ssl_certificate_key"] || "#{name}.key") + raise "Invalid application config given, no `ssl_info` present" unless ssl_info?(app_info) + + Pathname.new(applications_root).join(name, "shared", "config", + app_info["ssl_info"]["certificate_key"] || "#{name}.key") + end + + # Check if the app config has ssl_info section + # + def ssl_info?(app_info) + app_info.key?('ssl_info') + end + + # Checks if the app config has ssl enabled + # + def ssl_enabled?(app_info) + ssl_info?(app_info) && app_info['ssl_info']['enabled'] end end end diff --git a/vendor/cookbooks/rails/recipes/default.rb b/vendor/cookbooks/rails/recipes/default.rb index c0c8625c..37c460ea 100644 --- a/vendor/cookbooks/rails/recipes/default.rb +++ b/vendor/cookbooks/rails/recipes/default.rb @@ -94,10 +94,10 @@ end - ssl_certificate_path = ssl_certificate(applications_root, app, app_info) - ssl_certificate_key_path = ssl_certificate_key(applications_root, app, app_info) + if ssl_enabled?(app_info) + ssl_certificate_path = ssl_certificate(applications_root, app, app_info) + ssl_certificate_key_path = ssl_certificate_key(applications_root, app, app_info) - if app_info["ssl_enabled"] [ssl_certificate_path, ssl_certificate_key_path].each do |pathname| cookbook_file pathname.to_s do source "certificates/#{pathname.basename}" @@ -106,19 +106,30 @@ mode 0644 end end - end - template "/etc/nginx/sites-available/#{app}.conf" do - source "app_nginx.conf.erb" - variables( - name: app, - domain_names: app_info["domain_names"], - redirect_domain_names: app_info["redirect_domain_names"], - ssl_enabled: app_info["ssl_enabled"], - ssl_certificate: ssl_certificate_path, - ssl_certificate_key: ssl_certificate_key_path, - custom_configuration: nginx_custom_configuration(app_info)) - notifies :reload, resources(service: "nginx") + template "/etc/nginx/sites-available/#{app}.conf" do + source "app_nginx.conf.erb" + variables( + name: app, + domain_names: app_info["domain_names"], + redirect_domain_names: app_info["redirect_domain_names"], + ssl_enabled: true, + ssl_certificate: ssl_certificate_path, + ssl_certificate_key: ssl_certificate_key_path, + custom_configuration: nginx_custom_configuration(app_info)) + notifies :reload, resources(service: "nginx") + end + else + template "/etc/nginx/sites-available/#{app}.conf" do + source "app_nginx.conf.erb" + variables( + name: app, + domain_names: app_info["domain_names"], + redirect_domain_names: app_info["redirect_domain_names"], + ssl_enabled: false, + custom_configuration: nginx_custom_configuration(app_info)) + notifies :reload, resources(service: "nginx") + end end template "#{applications_root}/#{app}/shared/config/unicorn.rb" do diff --git a/vendor/cookbooks/rails/recipes/passenger.rb b/vendor/cookbooks/rails/recipes/passenger.rb index aafea0c3..00f3f93e 100644 --- a/vendor/cookbooks/rails/recipes/passenger.rb +++ b/vendor/cookbooks/rails/recipes/passenger.rb @@ -108,10 +108,10 @@ end end - ssl_certificate_path = ssl_certificate(applications_root, app, app_info) - ssl_certificate_key_path = ssl_certificate_key(applications_root, app, app_info) + if ssl_enabled?(app_info) + ssl_certificate_path = ssl_certificate(applications_root, app, app_info) + ssl_certificate_key_path = ssl_certificate_key(applications_root, app, app_info) - if app_info["ssl_enabled"] [ssl_certificate_path, ssl_certificate_key_path].each do |pathname| cookbook_file pathname.to_s do source "certificates/#{pathname.basename}" @@ -120,21 +120,33 @@ mode 0644 end end - end - template "/etc/nginx/sites-available/#{app}.conf" do - source "app_passenger_nginx.conf.erb" - variables( - name: app, - rails_env: rails_env, - domain_names: app_info["domain_names"], - ssl_enabled: app_info["ssl_enabled"], - ssl_certificate: ssl_certificate_path, - ssl_certificate_key: ssl_certificate_key_path, - custom_configuration: nginx_custom_configuration(app_info)) - notifies :reload, resources(:service => "nginx") + template "/etc/nginx/sites-available/#{app}.conf" do + source "app_passenger_nginx.conf.erb" + variables( + name: app, + rails_env: rails_env, + domain_names: app_info["domain_names"], + ssl_enabled: true, + ssl_certificate: ssl_certificate_path, + ssl_certificate_key: ssl_certificate_key_path, + custom_configuration: nginx_custom_configuration(app_info)) + notifies :reload, resources(:service => "nginx") + end + else + template "/etc/nginx/sites-available/#{app}.conf" do + source "app_passenger_nginx.conf.erb" + variables( + name: app, + rails_env: rails_env, + domain_names: app_info["domain_names"], + ssl_enabled: false, + custom_configuration: nginx_custom_configuration(app_info)) + notifies :reload, resources(:service => "nginx") + end end + nginx_site "#{app}.conf" do action :enable end From b662d0399773bcb1170c1c4e4b976e1c540fc52b Mon Sep 17 00:00:00 2001 From: Oleksandr Iuzikov Date: Sat, 24 Jan 2015 10:58:43 +0200 Subject: [PATCH 4/6] Houndci fixes --- vendor/cookbooks/rails/libraries/default.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vendor/cookbooks/rails/libraries/default.rb b/vendor/cookbooks/rails/libraries/default.rb index 0384c951..f5b4964f 100644 --- a/vendor/cookbooks/rails/libraries/default.rb +++ b/vendor/cookbooks/rails/libraries/default.rb @@ -31,7 +31,7 @@ def nginx_custom_configuration(app_info) # def ssl_certificate(applications_root, name, app_info) raise "Invalid application config given, no `ssl_info` present" unless ssl_info?(app_info) - + Pathname.new(applications_root).join(name, "shared", "config", app_info["ssl_info"]["certificate"] || "#{name}.crt") end @@ -48,13 +48,13 @@ def ssl_certificate_key(applications_root, name, app_info) # Check if the app config has ssl_info section # def ssl_info?(app_info) - app_info.key?('ssl_info') + app_info.key?("ssl_info") end # Checks if the app config has ssl enabled # def ssl_enabled?(app_info) - ssl_info?(app_info) && app_info['ssl_info']['enabled'] + ssl_info?(app_info) && app_info["ssl_info"]["enabled"] end end end From cd360116f35d964874c64ea673dc3ab54499874f Mon Sep 17 00:00:00 2001 From: Oleksandr Iuzikov Date: Sat, 24 Jan 2015 11:00:57 +0200 Subject: [PATCH 5/6] Houndci fixes --- vendor/cookbooks/rails/recipes/passenger.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vendor/cookbooks/rails/recipes/passenger.rb b/vendor/cookbooks/rails/recipes/passenger.rb index 00f3f93e..20dc6c29 100644 --- a/vendor/cookbooks/rails/recipes/passenger.rb +++ b/vendor/cookbooks/rails/recipes/passenger.rb @@ -127,11 +127,11 @@ name: app, rails_env: rails_env, domain_names: app_info["domain_names"], - ssl_enabled: true, + ssl_enabled: true, ssl_certificate: ssl_certificate_path, ssl_certificate_key: ssl_certificate_key_path, custom_configuration: nginx_custom_configuration(app_info)) - notifies :reload, resources(:service => "nginx") + notifies :reload, resources(service: "nginx") end else template "/etc/nginx/sites-available/#{app}.conf" do @@ -142,7 +142,7 @@ domain_names: app_info["domain_names"], ssl_enabled: false, custom_configuration: nginx_custom_configuration(app_info)) - notifies :reload, resources(:service => "nginx") + notifies :reload, resources(service: "nginx") end end From b522bf7d7529161f86622e57bb0d238f080002ad Mon Sep 17 00:00:00 2001 From: Oleksandr Iuzikov Date: Sat, 24 Jan 2015 11:04:04 +0200 Subject: [PATCH 6/6] Updated method's docs --- vendor/cookbooks/rails/libraries/default.rb | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/vendor/cookbooks/rails/libraries/default.rb b/vendor/cookbooks/rails/libraries/default.rb index f5b4964f..82cd1d34 100644 --- a/vendor/cookbooks/rails/libraries/default.rb +++ b/vendor/cookbooks/rails/libraries/default.rb @@ -21,13 +21,15 @@ def nginx_custom_configuration(app_info) # # applications_root = '/u/apps/' # name = 'my_app' - # app_info['ssl_certificate'] = 'my_cert.crt' - # ssl_certificate(applications_root, name, app_info) # => /u/apps/my_app/shared/config/my_cert.crt' + # ssl_certificate(applications_root, name, app_info) # => /u/apps/my_app/shared/config/my_app.crt' + # + # or, # # applications_root = '/u/apps/' # name = 'my_app' - # app_info['ssl_certificate'] = nil - # ssl_certificate(applications_root, name, app_info) # => /u/apps/my_app/shared/config/my_app.crt' + # app_info['ssl_info']['certificate'] = 'my_cert.crt' + # ssl_certificate(applications_root, name, app_info) # => /u/apps/my_app/shared/config/my_cert.crt' + # # def ssl_certificate(applications_root, name, app_info) raise "Invalid application config given, no `ssl_info` present" unless ssl_info?(app_info)