From 22176a7d382bc3b23bc1673492e33859ca828e47 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Sun, 7 Feb 2016 09:54:03 +0000 Subject: [PATCH] Allow arrays for tlsaport to be passed to ssl::service --- modules/roles/manifests/rtc.pp | 2 +- modules/ssl/manifests/service.pp | 7 +++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/modules/roles/manifests/rtc.pp b/modules/roles/manifests/rtc.pp index 40cc28879..0888833ea 100644 --- a/modules/roles/manifests/rtc.pp +++ b/modules/roles/manifests/rtc.pp @@ -1,7 +1,7 @@ class roles::rtc { ssl::service { 'www.debian.org': - tlsaport => 0, + tlsaport => [], notify => Service['repro'], } diff --git a/modules/ssl/manifests/service.pp b/modules/ssl/manifests/service.pp index 4f25a7610..711f755b8 100644 --- a/modules/ssl/manifests/service.pp +++ b/modules/ssl/manifests/service.pp @@ -1,4 +1,6 @@ define ssl::service($ensure = present, $tlsaport = 443, $notify = [], $key = false) { + $tlsaports = any2array($tlsaport) + if ($ensure == "ifstatic") { $ssl_ensure = has_static_component($name) ? { true => "present", @@ -35,8 +37,9 @@ define ssl::service($ensure = present, $tlsaport = 443, $notify = [], $key = fal } } - if ($tlsaport > 0 and $ssl_ensure == "present") { - dnsextras::tlsa_record{ "tlsa-${name}-${tlsaport}": + if (size($tlsaports) > 0 and $ssl_ensure == "present") { + $portlist = join($tlsaports, "-") + dnsextras::tlsa_record{ "tlsa-${name}-${portlist}": zone => 'debian.org', certfile => [ "/etc/puppet/modules/ssl/files/servicecerts/${name}.crt", "/etc/puppet/modules/ssl/files/from-letsencrypt/${name}.crt" ], port => $tlsaport, -- 2.20.1