feat: distribute eyaml pub/priv key

- distribute the private/public pem for eyaml via eyaml
This commit is contained in:
2024-05-04 22:28:26 +10:00
parent fe296d52d9
commit f1ff7cb736
3 changed files with 44 additions and 0 deletions
+41
View File
@@ -0,0 +1,41 @@
# profiles::puppet::eyaml
class profiles::puppet::eyaml (
String $privatekey = '',
String $publickey = '',
) {
# create the /var/lib/puppet/keys directory
file { '/var/lib/puppet':
ensure => 'directory',
owner => 'puppet',
group => 'root',
mode => '0755',
}
file { '/var/lib/puppet/keys':
ensure => 'directory',
owner => 'puppet',
group => 'root',
mode => '0755',
require => File['/var/lib/puppet']
}
# manage the eyaml private key
file { '/var/lib/puppet/keys/private_key.pkcs7.pem':
ensure => 'file',
owner => 'puppet',
group => 'root',
mode => '0400',
content => Sensitive($privatekey),
before => Service['puppetserver'],
require => File['/var/lib/puppet/keys'],
}
# manage the eyaml private key
file { '/var/lib/puppet/keys/public_key.pkcs7.pem':
ensure => 'file',
owner => 'puppet',
group => 'root',
mode => '0400',
content => Sensitive($publickey),
before => Service['puppetserver'],
require => File['/var/lib/puppet/keys'],
}
}
@@ -17,6 +17,7 @@ class profiles::puppet::puppetmaster (
include profiles::helpers::certmanager
include profiles::puppet::server
include profiles::puppet::puppetca
include profiles::puppet::eyaml
class { 'puppetdb::master::config':
puppetdb_server => $puppetdb_host,