Ben Vincent
22bd213509
- move puppetdb profiles to profiles::puppetdb namespace - add profile to manage puppetdb api ssl certificates
45 lines
1.2 KiB
Puppet
45 lines
1.2 KiB
Puppet
# profiles::puppetdb::ssl
|
|
class profiles::puppetdb::ssl (
|
|
$certname = $trusted['certname'],
|
|
$ssl_dir = '/etc/puppetlabs/puppetdb/ssl',
|
|
$ssl_owner = 'puppetdb',
|
|
$ssl_group = 'puppetdb',
|
|
$puppetdb_service = 'puppetdb',
|
|
$ca_source = '/etc/puppetlabs/puppet/ssl/certs/ca.pem',
|
|
$public_cert_source = "/etc/puppetlabs/puppet/ssl/certs/${trusted['certname']}.pem",
|
|
$private_key_source = "/etc/puppetlabs/puppet/ssl/private_keys/${trusted['certname']}.pem",
|
|
) {
|
|
|
|
file { $ssl_dir:
|
|
ensure => directory,
|
|
owner => $ssl_owner,
|
|
group => $ssl_group,
|
|
recurse => true,
|
|
}
|
|
|
|
file { "${ssl_dir}/ca.pem":
|
|
ensure => file,
|
|
source => $ca_source,
|
|
owner => $ssl_owner,
|
|
group => $ssl_group,
|
|
notify => Service['puppetdb'],
|
|
}
|
|
|
|
file { "${ssl_dir}/public.pem":
|
|
ensure => file,
|
|
source => $public_cert_source,
|
|
owner => $ssl_owner,
|
|
group => $ssl_group,
|
|
notify => Service['puppetdb'],
|
|
}
|
|
|
|
file { "${ssl_dir}/private.pem":
|
|
ensure => file,
|
|
source => $private_key_source,
|
|
owner => $ssl_owner,
|
|
group => $ssl_group,
|
|
mode => '0600',
|
|
notify => Service['puppetdb'],
|
|
}
|
|
}
|