feat: puppet::client multiple altnames

- puppet clients can not request multiple dns alt_names
- set puppetdbapi hosts to request multiple certificates
This commit is contained in:
2024-05-22 23:05:34 +10:00
parent 6bd66724dc
commit 0901595de9
4 changed files with 15 additions and 2 deletions
+5
View File
@@ -93,6 +93,9 @@ lookup_options:
profiles::puppet::server::dns_alt_names:
merge:
strategy: deep
profiles::puppet::client::dns_alt_names:
merge:
strategy: deep
profiles::base::hosts::additional_hosts:
merge:
strategy: deep
@@ -199,6 +202,8 @@ profiles::puppet::client::runinterval: 1800
profiles::puppet::client::runtimeout: 3600
profiles::puppet::client::show_diff: true
profiles::puppet::client::usecacheonfailure: false
profiles::puppet::client::dns_alt_names:
- "%{trusted.certname}"
# puppetdb
puppetdbapi: prodinf01n04.main.unkin.net
+5
View File
@@ -4,6 +4,11 @@ profiles::puppet::puppetdb_api::java_args:
'-Xmx': '2048m'
'-Xms': '256m'
profiles::puppet::client::dns_alt_names:
- puppetdbapi.main.unkin.net
- puppetdbapi.service.consul
- puppetdbapi.query.consul
# additional altnames
profiles::pki::vault::alt_names:
- puppetdbapi.main.unkin.net