class ssl {
- $caconf = '/etc/ca-certificates.conf'
-
package { 'openssl':
ensure => installed,
}
}
file { '/etc/ca-certificates-debian.conf':
mode => '0444',
- source => 'puppet:///modules/ssl/ca-certificates-debian.conf',
+ source => 'puppet:///modules/ssl/ca-certificates.conf',
notify => Exec['refresh_ca_debian_hashes'],
}
file { '/etc/ca-certificates-global.conf':
file { '/etc/apt/apt.conf.d/local-ssl-ca-global':
mode => '0444',
- source => 'puppet:///modules/ssl/local-ssl-ca-global',
+ content => template('ssl/local-ssl-ca-global.erb'),
}
file { '/etc/ssl/certs/ssl-cert-snakeoil.pem':
}
file { '/usr/local/share/ca-certificates/debian.org':
- ensure => directory,
- source => 'puppet:///modules/ssl/servicecerts/',
- mode => '0644', # this works; otherwise all files are +x
+ ensure => absent,
purge => true,
recurse => true,
force => true,