diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2011-11-28 23:37:28 -0200 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2011-11-28 23:37:28 -0200 |
| commit | 89ec95b2cf79c77e8e34cc630aefece4de6f80bd (patch) | |
| tree | 23f9f68eb8c17d9022c54300ce85ca637a5f359f /manifests | |
| parent | 0e07b152ce987eb006319fffb7bb572d5cfdc69c (diff) | |
| download | puppet-ssl-89ec95b2cf79c77e8e34cc630aefece4de6f80bd.tar.gz puppet-ssl-89ec95b2cf79c77e8e34cc630aefece4de6f80bd.tar.bz2 | |
Using ssl::cert to define certificates
Diffstat (limited to 'manifests')
| -rw-r--r-- | manifests/init.pp | 59 |
1 files changed, 23 insertions, 36 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index e368530..b758903 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -5,24 +5,6 @@ class ssl { group => "root", } - file { "/etc/ssl/certs/cert.crt": - ensure => present, - owner => "root", - group => "root", - mode => 644, - source => "puppet:///modules/site-keys/ssl/cert.crt", - require => File["/etc/ssl/certs"], - } - - file { "/etc/ssl/private/cert.pem": - ensure => present, - owner => "root", - group => "root", - mode => 600, - source => "puppet:///modules/site-keys/ssl/cert.pem", - require => File["/etc/ssl/private"], - } - file { "/usr/local/bin/ssl-cert-check": ensure => present, owner => "root", @@ -31,6 +13,29 @@ class ssl { source => "puppet://$server/modules/ssl/ssl-cert-check", } + define cert($ensure = present, $owner = 'root', $group = 'root', $notify = undef, + $pubmode = '644', $privmode = '600') { + file { "/etc/ssl/certs/$name.crt": + ensure => $ensure, + owner => $owner, + group => $group, + mode => $pubmode, + source => "puppet:///modules/site-keys/ssl/$name.crt", + require => File["/etc/ssl/certs"], + notify => $notify, + } + + file { "/etc/ssl/private/$name.pem": + ensure => $ensure, + owner => $owner, + group => $group, + mode => $privmode, + source => "puppet:///modules/site-keys/ssl/$name.pem", + require => File["/etc/ssl/private"], + notify => $notify, + } + } + define check($port = '443', $interval = '60', $email = 'root', $hour = '0', $minute = '0', $weekday = '0', $file = false, $ensure = present) { @@ -54,21 +59,3 @@ class ssl { } } } - -class ssl::mail inherits ssl { - File['/etc/ssl/private/cert.pem'] { - group => postfix, - mode => 0640, - notify => Service['postfix'], - } - - File['/etc/ssl/certs/cert.crt'] { - notify => Service['postfix'], - } -} - -class ssl::proxy inherits ssl { - File['/etc/ssl/certs/cert.crt', '/etc/ssl/private/cert.pem'] { - notify => Service['nginx'], - } -} |