1 module Puppet::Parser::Functions
2 newfunction(:gen_hpkp_pin, :type => :rvalue) do |args|
6 pinfiles = [ "/srv/puppet.debian.org/from-letsencrypt/#{site}.pin",
7 "/srv/puppet.debian.org/backup-keys/#{site}.pin" ]
10 pin_info << File.read(fn).chomp()
15 res << "<Macro http-pkp-#{site}>"
16 if pin_info.size >= 2 then
17 pin_info = pin_info.map{ |x| x.gsub('"', '\"') }
18 pin_info << "max-age=300"
19 pin_str = pin_info.join("; ")
20 res << " Header set Public-Key-Pins \"#{pin_str}\""
22 res << " # mod macro does not like empty macros, so here's some content:"
23 res << " <Directory /non-existant>"
24 res << " </Directory>"