From f5858a60786da6470d81ff1da370230ce1d3bf3b Mon Sep 17 00:00:00 2001 From: Said Sef Date: Wed, 1 Jan 2025 09:39:25 +0000 Subject: [PATCH] feat: enable nifi secure script --- deployment/nifi/configmap-ssl.yml | 5 +++-- deployment/nifi/configmap.yml | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/deployment/nifi/configmap-ssl.yml b/deployment/nifi/configmap-ssl.yml index 391f85d..1d81daf 100644 --- a/deployment/nifi/configmap-ssl.yml +++ b/deployment/nifi/configmap-ssl.yml @@ -33,6 +33,7 @@ data: -keysize 2048 \ -keypass "${KEY_PASS:-$NIFI_SENSITIVE_PROPS_KEY}" \ -keyalg RSA \ + -ext "SAN=dns:${PUBLIC_DNS},ip:${POD_IP},ip:0.0.0.0,dns:${NIFI_WEB_HTTP_HOST},dns:${POD_NAME},dns:${HOSTNAME},dns:${NODE_IDENTITY}" \ -storetype pkcs12 echo "Exporting the self-signed certificate from the keystore" @@ -45,7 +46,7 @@ data: if [[ ! -f "${NIFI_HOME}/keytool/truststore.p12" ]] then - echo "Import truststore" + echo "Importing truststore" keytool -import -noprompt -alias nifi-truststore \ -file "${NIFI_HOME}/keytool/nifi-cert.cer" \ -keystore "${TRUSTSTORE_PATH}" \ @@ -55,4 +56,4 @@ data: fi #/usr/bin/bash ${NIFI_HOME}/../scripts/secure.sh - #eval ${NIFI_HOME}/../scripts/secure.sh + # eval ${NIFI_HOME}/../scripts/secure.sh diff --git a/deployment/nifi/configmap.yml b/deployment/nifi/configmap.yml index ff465f6..009007c 100644 --- a/deployment/nifi/configmap.yml +++ b/deployment/nifi/configmap.yml @@ -7,7 +7,7 @@ data: KEYSTORE_PASSWORD: "th1s1s3up34e5r37" KEYSTORE_TYPE: "PKCS12" NIFI_ANALYTICS_PREDICT_ENABLED: "true" - NIFI_CLUSTER_IS_NODE: "true" + NIFI_CLUSTER_IS_NODE: "false" # NIFI_CLUSTER_LOAD_BALANCE_HOST: "nifi" NIFI_CLUSTER_NODE_CONNECTION_TIMEOUT: "5 min" NIFI_CLUSTER_NODE_EVENT_HISTORY_SIZE: "25"