projects / mirror / dsa-puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Move ca-certificates configs to puppet files for maintainability.
[mirror/dsa-puppet.git] / modules / ssl / manifests / init.pp
diff --git a/modules/ssl/manifests/init.pp b/modules/ssl/manifests/init.pp
index 0ae64aa..17d0285 100644 (file)
--- a/modules/ssl/manifests/init.pp
+++ b/modules/ssl/manifests/init.pp
@@ -12,16 +12,16 @@ class ssl {
        }
 
        file { '/etc/ca-certificates.conf':
-               content => "# This file is under puppet control\n# Only debian.org service certs are trusted, see /etc/ssl/certs/README\n",
+               source => 'puppet:///modules/ssl/ca-certificates.conf',
                notify  => Exec['refresh_normal_hashes'],
        }
        file { '/etc/ca-certificates-debian.conf':
                mode    => '0444',
-               content => "# This file is under puppet control\n# Only the CAs for debian.org are trusted, see /etc/ssl/ca-debian/README\nmozilla/AddTrust_External_Root.crt\nmozilla/UTN_USERFirst_Hardware_Root_CA.crt\nspi-inc.org/spi-cacert-2008.crt\n",
+               source => 'puppet:///modules/ssl/ca-certificates-debian.conf',
                notify  => Exec['refresh_ca_debian_hashes'],
        }
        file { '/etc/ca-certificates-global.conf':
-               content => "# This file is under puppet control\n# All CAs are trusted, see /etc/ssl/ca-global/README\n",
+               source => 'puppet:///modules/ssl/ca-certificates-global.conf',
                notify  => Exec['refresh_ca_global_hashes'],
        }
 
Unnamed repository; edit this file 'description' to name the repository.