21 lines
547 B
Plaintext
21 lines
547 B
Plaintext
[Unit]
|
|
Description=Renew SSH host %I certificate
|
|
After=network-online.target
|
|
Wants=network-online.target
|
|
ConditionPathExists=/etc/ssh/ssh_host_%I_key-cert.pub
|
|
|
|
[Container]
|
|
ContainerName=step-ssh-renew-%I
|
|
Image=docker.io/smallstep/step-cli:0.25.0
|
|
EnvironmentFile=/etc/sysconfig/step-ssh-renew
|
|
Exec=step ssh renew -f /etc/ssh/ssh_host_%I_key-cert.pub /etc/ssh/ssh_host_%I_key
|
|
Volume=/etc/ssh:/etc/ssh:rw
|
|
Volume=/etc/pki:/etc/pki:ro
|
|
# Required in order to be able to write to /etc/ssh
|
|
SecurityLabelDisable=true
|
|
User=0
|
|
Group=0
|
|
|
|
[Service]
|
|
Type=oneshot
|