From: Tollef Fog Heen <tfheen@err.no>
Date: Tue, 10 Jan 2017 20:13:43 +0000 (+0100)
Subject: Add key + cert in a single file to /etc/ssl/private
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=e111c2ffb6b1c4baf5ecefd0c8627eafadbb3d6c;p=mirror%2Fdsa-puppet.git

Add key + cert in a single file to /etc/ssl/private

Hitch and HAProxy both need this, so let's just do it for all keys and
certs.
---

diff --git a/modules/ssl/manifests/service.pp b/modules/ssl/manifests/service.pp
index 711f755b8..f01a75c5e 100644
--- a/modules/ssl/manifests/service.pp
+++ b/modules/ssl/manifests/service.pp
@@ -35,6 +35,15 @@ define ssl::service($ensure = present, $tlsaport = 443, $notify = [], $key = fal
 			notify => [ $notify ],
 			links  => follow,
 		}
+
+		file { "/etc/ssl/private/$name.key-certchain":
+			ensure => $ssl_ensure,
+			mode   => '0440',
+			group => 'ssl-cert',
+			content => template('ssl/key-chained.erb'),
+			notify => [ $notify ],
+			links  => follow,
+		}
 	}
 
 	if (size($tlsaports) > 0 and $ssl_ensure == "present") {