1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
class ssl {
file { [ "/etc/ssl", "/etc/ssl/certs", "/etc/ssl/private" ]:
ensure => directory,
owner => "root",
group => "root",
}
file { "/etc/ssl/certs/cert.crt":
ensure => present,
owner => "root",
group => "root",
mode => 644,
source => "puppet://$server/files/keys/ssl/cert.crt",
require => File["/etc/ssl/certs"],
}
file { "/etc/ssl/private/cert.pem":
ensure => present,
owner => "root",
group => "root",
mode => 600,
source => "puppet://$server/files/keys/ssl/cert.pem",
require => File["/etc/ssl/private"],
}
}
class ssl::mail inherits ssl {
File['/etc/ssl/private/cert.pem'] {
group => postfix,
mode => 0640,
notify => Service['postfix'],
}
File['/etc/ssl/certs/cert.crt'] {
notify => Service['postfix'],
}
}
class ssl::proxy inherits ssl {
File['/etc/ssl/certs/cert.crt', '/etc/ssl/private/cert.pem'] {
notify => Service['nginx'],
}
}
|
