From a87f1e8a81566151414f20668e328820806437a8 Mon Sep 17 00:00:00 2001
From: Silvio Rhatto <rhatto@riseup.net>
Date: Sat, 23 May 2015 12:00:55 -0300
Subject: Adds ssl::dhparams

---
 manifests/dhparams.pp | 13 +++++++++++++
 manifests/init.pp     |  2 +-
 2 files changed, 14 insertions(+), 1 deletion(-)
 create mode 100644 manifests/dhparams.pp

diff --git a/manifests/dhparams.pp b/manifests/dhparams.pp
new file mode 100644
index 0000000..7b0bd2d
--- /dev/null
+++ b/manifests/dhparams.pp
@@ -0,0 +1,13 @@
+define dhparams(
+  $prefix = 'dhparams',
+  $size   = '2048',
+  $folder = '/etc/ssl/dhparams'
+)
+{
+  exec { "${name}":
+    command => "openssl dhparam -out /etc/ssl/private/${prefix}_${size}.pem ${size}",
+    user    => root,
+    group   => root,
+    creates => "${folder}/${prefix}_${size}.pem",
+  }
+}
diff --git a/manifests/init.pp b/manifests/init.pp
index 901eda9..414ac04 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,5 +1,5 @@
 class ssl {
-  file { [ "/etc/ssl", "/etc/ssl/certs", "/etc/ssl/private" ]:
+  file { [ "/etc/ssl", "/etc/ssl/certs", "/etc/ssl/private", "/etc/ssl/dhparams" ]:
     ensure  => directory,
     owner   => "root",
     group   => "root",
-- 
cgit v1.2.3