projects / mirror / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Switch db.d.o to letsencrypt
[mirror/dsa-puppet.git] / modules / roles / manifests / dbmaster.pp
diff --git a/modules/roles/manifests/dbmaster.pp b/modules/roles/manifests/dbmaster.pp
index c45a138..334857f 100644 (file)
--- a/modules/roles/manifests/dbmaster.pp
+++ b/modules/roles/manifests/dbmaster.pp
@@ -14,7 +14,16 @@ class roles::dbmaster {
 
        ssl::service { 'db.debian.org':
                notify  => Exec['service apache2 reload'],
-               tlsaport => [],
+               key => true,
+               tlsaport => [443, 389, 636],
+       }
+
+       file { "/etc/ldap/db.debian.org.key":
+              ensure => present,
+              mode   => '0440',
+              group  => 'openldap',
+              source => 'puppet:///modules/ssl/from-letsencrypt/db.debian.org.key',
+              links  => follow,
        }
 
        roles::pubsub::config { 'generate':
Unnamed repository; edit this file 'description' to name the repository.