Adds ssl::dhparams

author: Silvio Rhatto <rhatto@riseup.net> 2015-05-23 12:00:55 -0300
committer: Silvio Rhatto <rhatto@riseup.net> 2015-05-23 12:00:55 -0300
commit: a87f1e8a81566151414f20668e328820806437a8 (patch)
tree: f5252f0c1e05249b086cfab98d4f9696fdda4369
parent: 3c5b278ee29f761b153cbac0a52f8a6c4c357e11 (diff)
download: puppet-ssl-a87f1e8a81566151414f20668e328820806437a8.tar.gz
puppet-ssl-a87f1e8a81566151414f20668e328820806437a8.tar.bz2
2 files changed, 14 insertions, 1 deletions
diff --git a/manifests/dhparams.pp b/manifests/dhparams.pp
new file mode 100644
index 0000000..7b0bd2d
--- /dev/null
+++ b/manifests/dhparams.pp
@@ -0,0 +1,13 @@
+define dhparams(
+  $prefix = 'dhparams',
+  $size   = '2048',
+  $folder = '/etc/ssl/dhparams'
+)
+{
+  exec { "${name}":
+    command => "openssl dhparam -out /etc/ssl/private/${prefix}_${size}.pem ${size}",
+    user    => root,
+    group   => root,
+    creates => "${folder}/${prefix}_${size}.pem",
+  }
+}
diff --git a/manifests/init.pp b/manifests/init.pp
index 901eda9..414ac04 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,5 +1,5 @@
 class ssl {
-  file { [ "/etc/ssl", "/etc/ssl/certs", "/etc/ssl/private" ]:
+  file { [ "/etc/ssl", "/etc/ssl/certs", "/etc/ssl/private", "/etc/ssl/dhparams" ]:
     ensure  => directory,
     owner   => "root",
     group   => "root",
author	Silvio Rhatto <rhatto@riseup.net>	2015-05-23 12:00:55 -0300
committer	Silvio Rhatto <rhatto@riseup.net>	2015-05-23 12:00:55 -0300
commit	a87f1e8a81566151414f20668e328820806437a8 (patch)
tree	f5252f0c1e05249b086cfab98d4f9696fdda4369
parent	3c5b278ee29f761b153cbac0a52f8a6c4c357e11 (diff)
download	puppet-ssl-a87f1e8a81566151414f20668e328820806437a8.tar.gz puppet-ssl-a87f1e8a81566151414f20668e328820806437a8.tar.bz2