group => $salsa::group,
content => @("EOF"),
---
+ # This file is maintained by puppet.
+ # base secret that gitlab encrypts the DB with
+ secret: "${salsa::secret}"
database:
name: "${salsa::db_name}"
role: "${salsa::db_role}"
password: "${salsa::mail_password}"
| EOF
}
+ file { "${salsa::home}/.credentials-manual.yaml":
+ mode => '0400',
+ owner => $salsa::user,
+ group => $salsa::group,
+ content => @("EOF"),
+ ---
+ # This file was put in place by puppet, but it won't overwrite it.
+ # Please fill in from dsa-passwords/services-salsa
+ # mastersecret: "swordfish"
+ | EOF
+ replace => false,
+ }
+
+ ssl::service { $servicename:
+ # notify => Exec['service apache2 reload'],
+ key => true,
+ }
}