# file that puppet puts together.
# the input file looks like this:
# - service: www.debian.org
-# address: jmri7yqqjpdxob4s
-# name: busoni-www.debian.org
-# - service: www.debian.org
# address: ufhzy7r7qfy2tmy3
# name: klecker-www.debian.org
-# - service: www.ports.debian.org
-# address: g32eridc6ocxni5w
-# name: busoni-www.ports.debian.org
# and so on. This script collect together instances for the same
# service name, creates a new key if none is present already, and
# writes a new config.
relkeyfile = os.path.join(relkeydir, s+'.key')
if not os.path.exists(keyfile):
subprocess.check_call(['openssl', 'genrsa', '-out', keyfile, '1024'],
- preexec_fn=lambda: os.umask(0027))
+ preexec_fn=lambda: os.umask(0o027))
shutil.chown(keyfile, group='onionbalance')
os.chmod(keyfile, 0o640)