Split into separate files

author: Silvio Rhatto <rhatto@riseup.net> 2015-03-18 18:13:16 -0300
committer: Silvio Rhatto <rhatto@riseup.net> 2015-03-18 18:13:16 -0300
commit: e36237cd5a8fb7326c1a5a4eb0b3548be9dca2d9 (patch)
tree: d2558e92b74fb7535a5ada11def4dfc55bdace6c /manifests/cert.pp
parent: 2d81c0893343a701ff10646ce8235a05ac394d74 (diff)
download: puppet-ssl-e36237cd5a8fb7326c1a5a4eb0b3548be9dca2d9.tar.gz
puppet-ssl-e36237cd5a8fb7326c1a5a4eb0b3548be9dca2d9.tar.bz2
1 files changed, 30 insertions, 0 deletions
diff --git a/manifests/cert.pp b/manifests/cert.pp
new file mode 100644
index 0000000..e112817
--- /dev/null
+++ b/manifests/cert.pp
@@ -0,0 +1,30 @@
+define ssl::cert(
+  $ensure   = present,
+  $owner    = 'root',
+  $group    = 'root',
+  $pubmode  = '644',
+  $privmode = '600',
+  $base     = '/etc/ssl',
+  $private  = true
+) {
+  file { "${base}/certs/$name.crt":
+    ensure  => $ensure,
+    owner   => $owner,
+    group   => $group,
+    mode    => $pubmode,
+    source  => "puppet:///ssl/$name.crt",
+    require => File["${base}/certs"],
+  }
+
+  if ($private == true) {
+    file { "${base}/private/$name.pem":
+      ensure  => $ensure,
+      owner   => $owner,
+      group   => $group,
+      mode    => $privmode,
+      backup  => false, # Do not backup the private key
+      source  => "puppet:///ssl/$name.pem",
+      require => File["${base}/private"],
+    }
+  }
+}
author	Silvio Rhatto <rhatto@riseup.net>	2015-03-18 18:13:16 -0300
committer	Silvio Rhatto <rhatto@riseup.net>	2015-03-18 18:13:16 -0300
commit	e36237cd5a8fb7326c1a5a4eb0b3548be9dca2d9 (patch)
tree	d2558e92b74fb7535a5ada11def4dfc55bdace6c /manifests/cert.pp
parent	2d81c0893343a701ff10646ce8235a05ac394d74 (diff)
download	puppet-ssl-e36237cd5a8fb7326c1a5a4eb0b3548be9dca2d9.tar.gz puppet-ssl-e36237cd5a8fb7326c1a5a4eb0b3548be9dca2d9.tar.bz2