From: Peter Palfrader <peter@palfrader.org>
Date: Sun, 7 Feb 2016 09:54:03 +0000 (+0000)
Subject: Allow arrays for tlsaport to be passed to ssl::service
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=22176a7d382bc3b23bc1673492e33859ca828e47;p=mirror%2Fdsa-puppet.git

Allow arrays for tlsaport to be passed to ssl::service
---

diff --git a/modules/roles/manifests/rtc.pp b/modules/roles/manifests/rtc.pp
index 40cc28879..0888833ea 100644
--- a/modules/roles/manifests/rtc.pp
+++ b/modules/roles/manifests/rtc.pp
@@ -1,7 +1,7 @@
 class roles::rtc {
 
 	ssl::service { 'www.debian.org':
-		tlsaport => 0,
+		tlsaport => [],
 		notify  => Service['repro'],
 	}
 
diff --git a/modules/ssl/manifests/service.pp b/modules/ssl/manifests/service.pp
index 4f25a7610..711f755b8 100644
--- a/modules/ssl/manifests/service.pp
+++ b/modules/ssl/manifests/service.pp
@@ -1,4 +1,6 @@
 define ssl::service($ensure = present, $tlsaport = 443, $notify = [], $key = false) {
+	$tlsaports = any2array($tlsaport)
+
 	if ($ensure == "ifstatic") {
 		$ssl_ensure = has_static_component($name) ? {
 			true => "present",
@@ -35,8 +37,9 @@ define ssl::service($ensure = present, $tlsaport = 443, $notify = [], $key = fal
 		}
 	}
 
-	if ($tlsaport > 0 and $ssl_ensure == "present") {
-		dnsextras::tlsa_record{ "tlsa-${name}-${tlsaport}":
+	if (size($tlsaports) > 0 and $ssl_ensure == "present") {
+		$portlist = join($tlsaports, "-")
+		dnsextras::tlsa_record{ "tlsa-${name}-${portlist}":
 			zone     => 'debian.org',
 			certfile => [ "/etc/puppet/modules/ssl/files/servicecerts/${name}.crt", "/etc/puppet/modules/ssl/files/from-letsencrypt/${name}.crt" ],
 			port     => $tlsaport,