feat: add incus auto-client certificate trust (#406)
- add fact to export vault public cert from agents - add fact to export list of trusted incus client certs - add method for incus clients to export their client cert to be trusted Reviewed-on: #406
This commit was merged in pull request #406.
This commit is contained in:
@@ -0,0 +1,16 @@
|
||||
# incus::client
|
||||
#
|
||||
# This class configures a host as an incus client and exports its certificate
|
||||
# for automatic trust management on incus servers.
|
||||
#
|
||||
class incus::client {
|
||||
|
||||
# Export this client's certificate for collection by incus servers
|
||||
@@incus::client_cert { $facts['networking']['fqdn']:
|
||||
hostname => $facts['networking']['fqdn'],
|
||||
certificate => $facts['vault_cert_content'],
|
||||
fingerprint => $facts['vault_cert_fingerprint'],
|
||||
tag => 'incus_client',
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user