projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix planet-backend.d.o
[mirror/dsa-puppet.git]
/
modules
/
ssl
/
manifests
/
init.pp
diff --git
a/modules/ssl/manifests/init.pp
b/modules/ssl/manifests/init.pp
index
612fcc9
..
a63f8f7
100644
(file)
--- a/
modules/ssl/manifests/init.pp
+++ b/
modules/ssl/manifests/init.pp
@@
-101,18
+101,18
@@
class ssl {
mode => '0755',
}
file { '/etc/ssl/debian/certs/thishost.crt':
mode => '0755',
}
file { '/etc/ssl/debian/certs/thishost.crt':
-
source => "puppet:///modules/ssl/clientcerts/${::fqdn}.client.crt"
,
+
content => inline_template('<%= File.read(scope().call_function("hiera", ["paths.auto_clientcerts_dir"]) + "/" + @fqdn + ".client.crt") %>')
,
notify => Exec['refresh_debian_hashes'],
}
file { '/etc/ssl/debian/certs/ca.crt':
notify => Exec['refresh_debian_hashes'],
}
file { '/etc/ssl/debian/certs/ca.crt':
-
source => 'puppet:///modules/ssl/clientcerts/ca.crt'
,
+
content => inline_template('<%= File.read(scope().call_function("hiera", ["paths.auto_clientcerts_dir"]) + "/ca.crt") %>')
,
notify => Exec['refresh_debian_hashes'],
}
file { '/etc/ssl/debian/crls/ca.crl':
notify => Exec['refresh_debian_hashes'],
}
file { '/etc/ssl/debian/crls/ca.crl':
-
source => 'puppet:///modules/ssl/clientcerts/ca.crl'
,
+
content => inline_template('<%= File.read(scope().call_function("hiera", ["paths.auto_clientcerts_dir"]) + "/ca.crl") %>')
,
}
file { '/etc/ssl/debian/certs/thishost-server.crt':
}
file { '/etc/ssl/debian/certs/thishost-server.crt':
-
source => "puppet:///modules/ssl/auto-certs/${::fqdn}.crt"
,
+
content => inline_template('<%= File.read(scope().call_function("hiera", ["paths.auto_certs_dir"]) + "/" + @fqdn + ".crt") %>')
,
notify => Exec['refresh_debian_hashes'],
}
notify => Exec['refresh_debian_hashes'],
}
@@
-127,13
+127,13
@@
class ssl {
force => true,
}
file { '/etc/ssl/private/thishost.key':
force => true,
}
file { '/etc/ssl/private/thishost.key':
-
source => "puppet:///modules/ssl/clientcerts/${::fqdn}.key"
,
+
content => inline_template('<%= File.read(scope().call_function("hiera", ["paths.auto_clientcerts_dir"]) + "/" + @fqdn + ".key") %>')
,
mode => '0440',
group => ssl-cert,
require => Package['ssl-cert'],
}
file { '/etc/ssl/private/thishost-server.key':
mode => '0440',
group => ssl-cert,
require => Package['ssl-cert'],
}
file { '/etc/ssl/private/thishost-server.key':
-
source => "puppet:///modules/ssl/auto-certs/${::fqdn}.key"
,
+
content => inline_template('<%= File.read(scope().call_function("hiera", ["paths.auto_certs_dir"]) + "/" + @fqdn + ".key") %>')
,
mode => '0440',
group => ssl-cert,
require => Package['ssl-cert'],
mode => '0440',
group => ssl-cert,
require => Package['ssl-cert'],