From: Peter Palfrader <peter@palfrader.org>
Date: Tue, 3 Oct 2017 06:55:52 +0000 (+0200)
Subject: Use a template to get from-letsencrypt cert key, and no longer support getting keys... 
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=e16d5f1dc188dc4c6fae79c4438190daaca0a1cf;p=mirror%2Fdsa-puppet.git

Use a template to get from-letsencrypt cert key, and no longer support getting keys from files/keys (which no longer exists anyhow)
---

diff --git a/modules/ssl/manifests/service.pp b/modules/ssl/manifests/service.pp
index f01a75c5e..eeeec9273 100644
--- a/modules/ssl/manifests/service.pp
+++ b/modules/ssl/manifests/service.pp
@@ -31,7 +31,7 @@ define ssl::service($ensure = present, $tlsaport = 443, $notify = [], $key = fal
 			ensure => $ssl_ensure,
 			mode   => '0440',
 			group => 'ssl-cert',
-			source => [ "puppet:///modules/ssl/keys/${name}.crt", "puppet:///modules/ssl/from-letsencrypt/${name}.key" ],
+			content => template('ssl/key.erb'),
 			notify => [ $notify ],
 			links  => follow,
 		}
diff --git a/modules/ssl/templates/key.erb b/modules/ssl/templates/key.erb
new file mode 100644
index 000000000..29f969b37
--- /dev/null
+++ b/modules/ssl/templates/key.erb
@@ -0,0 +1,5 @@
+<%=
+  fn = "/srv/puppet.torproject.org/from-letsencrypt/#{@name}.key"
+  out = File.read(fn)
+  out
+%>