unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
03094712d5
puppet-prod/site/profiles/manifests/pki/puppetcerts.pp
Ben Vincent fe05c86463 feat: add vault server profile 
- add vault module to puppetfile
- define class to manage the install and config of vault
- manage the datavol and raft storage
- manage the unzip and other compression tools
- define custom unseal script and service
- add documentation on initial setup of vault
2024-02-17 21:12:12 +11:00

43 lines
1.2 KiB
Puppet
Raw Blame History

# profiles::pki::puppetcerts
class profiles::pki::puppetcerts {
# Define the directory
file { '/etc/pki/tls/puppet':
ensure => 'directory',
owner => 'root',
group => 'root',
mode => '0755',
}
# Copy the CA certificate
file { '/etc/pki/tls/puppet/ca.pem':
ensure => 'file',
owner => 'root',
group => 'root',
mode => '0644',
source => '/etc/puppetlabs/puppet/ssl/certs/ca.pem',
require => File['/etc/pki/tls/puppet'],
}
# Copy the private key
file { "/etc/pki/tls/puppet/${facts['networking']['fqdn']}.key":
ensure => 'file',
owner => 'root',
group => 'root',
mode => '0644',
source => "/etc/puppetlabs/puppet/ssl/private_keys/${facts['networking']['fqdn']}.pem",
require => File['/etc/pki/tls/puppet'],
}
# Copy the certificate
$cert = "/etc/puppetlabs/puppet/ssl/certs/${facts['networking']['fqdn']}.pem"
file { "/etc/pki/tls/puppet/${facts['networking']['fqdn']}.crt":
ensure => 'file',
owner => 'root',
group => 'root',
mode => '0644',
source => "/etc/puppetlabs/puppet/ssl/certs/${facts['networking']['fqdn']}.pem",
require => File['/etc/pki/tls/puppet'],
}
}
Reference in New Issue View Git Blame Copy Permalink