-class entropykey::provider {
- package {
- "ekeyd": ensure => installed;
- }
-
- file {
- "/etc/entropykey/ekeyd.conf":
- source => "puppet:///modules/entropykey/ekeyd.conf",
- notify => Exec['restart_ekeyd'],
- require => [ Package['ekeyd'] ],
- ;
- # our CRL expires after a while (2 or 4 weeks?), so we have
- # to restart stunnel so it loads the new CRL.
- "/etc/cron.weekly/stunnel-ekey.conf":
- content => "# This file is under puppet control\nenv -i /etc/init.d/stunnel4 restart puppet-ekeyd\n",
- mode => "555",
- ;
- ;
- }
-
- exec {
- "restart_ekeyd":
- command => "true && cd / && env -i /etc/init.d/ekeyd restart",
- require => [ File['/etc/entropykey/ekeyd.conf'] ],
- refreshonly => true,
- ;
- }
-
- include "stunnel4"
- stunnel4::stunnel_server {
- "ekeyd":
- accept => 18888,
- connect => "127.0.0.1:8888",
- ;
- }
-}
-
-class entropykey::local_consumer {
- package {
- "ekeyd-egd-linux": ensure => installed;
- }
-
- file {
- "/etc/default/ekeyd-egd-linux":
- source => "puppet:///modules/entropykey/ekeyd-egd-linux",
- notify => Exec['restart_ekeyd-egd-linux'],
- require => [ Package['ekeyd-egd-linux'] ],
- ;
- }
-
- exec {
- "restart_ekeyd-egd-linux":
- command => "true && cd / && env -i /etc/init.d/ekeyd-egd-linux restart",
- require => [ File['/etc/default/ekeyd-egd-linux'] ],
- refreshonly => true,
- ;
- }
-}
-
-class entropykey::remote_consumer inherits entropykey::local_consumer {
- include "stunnel4"
- stunnel4::stunnel_client {
- "ekeyd":
- accept => "127.0.0.1:8888",
- connecthost => "${entropy_provider}",
- connectport => 18888,
- ;
- }
-}
-
class entropykey {
- case getfromhash($nodeinfo, 'entropy_key') {
- true: { include entropykey::provider }
- }
- $entropy_provider = entropy_provider($fqdn, $nodeinfo)
- case $entropy_provider {
- false: {}
- local: { include entropykey::local_consumer }
- default: { include entropykey::remote_consumer }
- }
+ if getfromhash($deprecated::nodeinfo, 'entropy_key') {
+ include entropykey::provider
+ }
+
+ $entropy_provider = entropy_provider($::fqdn, $deprecated::nodeinfo)
+ case $entropy_provider {
+ false: {}
+ local: { include entropykey::local_consumer }
+ default: {
+ class { 'entropykey::remote_consumer':
+ entropy_provider => $entropy_provider,
+ }
+ }
+ }
}
-
-# vim:set et:
-# vim:set sts=4 ts=4:
-# vim:set shiftwidth=4: