diff options
Diffstat (limited to 'manifests')
-rw-r--r-- | manifests/ca.pp | 55 | ||||
-rw-r--r-- | manifests/init.pp | 1 | ||||
-rw-r--r-- | manifests/puppetmasterd.pp | 6 |
3 files changed, 62 insertions, 0 deletions
diff --git a/manifests/ca.pp b/manifests/ca.pp new file mode 100644 index 0000000..9bfe91b --- /dev/null +++ b/manifests/ca.pp @@ -0,0 +1,55 @@ +class puppetmaster::ca { + file { + '/var/lib/puppet/ssl/ca': + ensure => directory, + owner => puppet, + group => puppet, + mode => 0770; + '/var/lib/puppet/ssl/ca/private': + ensure => directory, + owner => puppet, + group => puppet, + mode => 0770; + '/var/lib/puppet/ssl/certs': + ensure => directory, + owner => puppet, + group => puppet, + mode => 0755; + '/var/lib/puppet/ssl/ca/ca_crl.pem': + ensure => present, + owner => puppet, + group => puppet, + mode => 0664, + source => "puppet://$server/files/puppetmaster/ssl/ca/ca_crl.pem"; + '/var/lib/puppet/ssl/ca/private/ca.pass': + ensure => present, + owner => puppet, + group => puppet, + mode => 0660, + source => "puppet://$server/files/puppetmaster/ssl/ca/private/ca.pass"; + '/var/lib/puppet/ssl/ca/ca_key.pem': + ensure => present, + owner => puppet, + group => puppet, + mode => 0660, + source => "puppet://$server/files/puppetmaster/ssl/ca/ca_key.pem"; + '/var/lib/puppet/ssl/ca/ca_crt.pem': + ensure => present, + owner => puppet, + group => puppet, + mode => 0660, + source => "puppet://$server/files/puppetmaster/ssl/ca/ca_crt.pem"; + '/var/lib/puppet/ssl/ca/ca_pub.pem': + ensure => present, + owner => puppet, + group => puppet, + mode => 0640, + source => "puppet://$server/files/puppetmaster/ssl/ca/ca_pub.pem"; + '/var/lib/puppet/ssl/certs/ca.pem:': + ensure => present, + owner => puppet, + group => puppet, + mode => 0644, + source => "puppet://$server/files/puppetmaster/ssl/ca/ca.pem"; + } +} diff --git a/manifests/init.pp b/manifests/init.pp index 0c34393..b434cce 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,4 +1,5 @@ # This file imports the files for puppet puppet module. +import "ca.pp" import "puppet.pp" import "puppetd.pp" import "puppetmasterd.pp" diff --git a/manifests/puppetmasterd.pp b/manifests/puppetmasterd.pp index f69aeca..b61d949 100644 --- a/manifests/puppetmasterd.pp +++ b/manifests/puppetmasterd.pp @@ -17,6 +17,12 @@ class puppetmasterd { '': { $puppetmaster_port = '18140' } } + # use this option if you want puppet to manage + # the certificates for all master nodes. + if $puppetmaster_manage_ca == true { + include puppetmaster::ca + } + # warns that this node has a puppetmaster $puppetmasterd_present = true |