}
file { '/etc/ssl/debian/certs/thishost.crt':
source => "puppet:///modules/ssl/clientcerts/${::fqdn}.client.crt",
- notify => Exec['c_rehash /etc/ssl/debian/certs'],
+ notify => Exec['refresh_debian_hashes'],
}
file { '/etc/ssl/debian/keys/thishost.key':
source => "puppet:///modules/ssl/clientcerts/${::fqdn}.key",
}
file { '/etc/ssl/debian/certs/ca.crt':
source => 'puppet:///modules/ssl/clientcerts/ca.crt',
- notify => Exec['c_rehash /etc/ssl/debian/certs'],
+ notify => Exec['refresh_debian_hashes'],
}
file { '/etc/ssl/debian/crls/ca.crl':
source => 'puppet:///modules/ssl/clientcerts/ca.crl',
}
file { '/etc/ssl/debian/certs/thishost-server.crt':
source => "puppet:///modules/exim/certs/${::fqdn}.crt",
- notify => Exec['c_rehash /etc/ssl/debian/certs'],
+ notify => Exec['refresh_debian_hashes'],
}
file { '/etc/ssl/debian/keys/thishost-server.key':
source => "puppet:///modules/exim/certs/${::fqdn}.key",
notify => Exec['refresh_normal_hashes'],
require => Package['ca-certificates'],
}
- exec { 'c_rehash /etc/ssl/debian/certs': # refresh_debian_hashes
+ exec { 'refresh_debian_hashes':
refreshonly => true,
require => Package['openssl'],
}
file { "/etc/ssl/debian/certs/$name.crt":
source => "puppet:///modules/ssl/servicecerts/${name}.crt",
- notify => [ Exec['c_rehash /etc/ssl/debian/certs'], $notify ],
+ notify => [ Exec['refresh_debian_hashes'], $notify ],
}
file { "/etc/ssl/debian/certs/$name.crt-chain":
source => [ "puppet:///modules/ssl/chains/${name}.crt", "puppet:///modules/ssl/servicecerts/${name}.crt" ],
- notify => [ Exec['c_rehash /etc/ssl/debian/certs'], $notify ],
- links => follow,
+ notify => [ Exec['refresh_debian_hashes'], $notify ],
+ links => follow,
}
if $tlsaport > 0 {
dnsextras::tlsa_record{ "tlsa-${name}-${tlsaport}":
- zone => 'debian.org',
+ zone => 'debian.org',
certfile => "/etc/puppet/modules/ssl/files/servicecerts/${name}.crt",
- port => $tlsaport,
+ port => $tlsaport,
hostname => "$name",
}
}
projects / mirror / dsa-puppet.git / commitdiff