Add key + cert in a single file to /etc/ssl/private

Hitch and HAProxy both need this, so let's just do it for all keys and
certs.

diff --git a/modules/ssl/manifests/service.pp b/modules/ssl/manifests/service.pp
index 711f755..f01a75c 100644 (file)
--- a/modules/ssl/manifests/service.pp
+++ b/modules/ssl/manifests/service.pp
@@ -35,6 +35,15 @@ define ssl::service($ensure = present, $tlsaport = 443, $notify = [], $key = fal
                        notify => [ $notify ],
                        links  => follow,
                }
+
+               file { "/etc/ssl/private/$name.key-certchain":
+                       ensure => $ssl_ensure,
+                       mode   => '0440',
+                       group => 'ssl-cert',
+                       content => template('ssl/key-chained.erb'),
+                       notify => [ $notify ],
+                       links  => follow,
+               }
        }
 
        if (size($tlsaports) > 0 and $ssl_ensure == "present") {