Project

General

Profile

« Previous | Next » 

Revision 4296d7d9

Added by Ivan Necas over 10 years ago

Make certs module usable directly from kafo

View differences:

manifests/init.pp
# == Class: certs
#
# Install and configure certs
# Base for installing and configuring certs. It holds the basic configuration
# aournd certificates generation and deployment. The per-subsystem configuratoin
# of certificates should go into `subsystem_module/manifests/certs.pp`.
#
# === Parameters:
#
# $oauth_key:: The oauth key for talking to the candlepin API;
# $log_dir:: When the log files should go
#
# $node_fqdn:: The fqdn of the host the generated certificates
# should be for
#
# $generate:: Should the generation of the certs be part of the
# configuration
# type: boolean
#
# $regenerate:: Force regeneration of the certificates (excluding
# ca certificates)
# type: boolean
#
# $regenerate_ca:: Force regeneration of the ca certificate
# type: boolean
#
# $deploy:: Deploy the certs on the configured system. False means
# we want apply it on a different system
# type: boolean
#
# $ca_common_name:: Common name for the generated CA certificate
# type: string
#
# $country:: Country attribute for managed certificates
# type: string
#
# $state:: State attribute for managed certificates
# type: string
#
# $city:: City attribute for managed certificates
# type: string
#
# $org:: Org attribute for managed certificates
# type: string
#
# $org_unit:: Org unit attribute for managed certificates
# type: string
#
# $expiration:: Expiration attribute for managed certificates
# type: string
#
# $ca_expiration:: Ca expiration attribute for managed certificates
# type: string
#
class certs (
$log_dir = $certs::params::log_dir,
$tomcat = $certs::params::tomcat,
$node_fqdn = $fqdn,
$generate = true,
$regenerate = false,
$regenerate_ca = false,
$deploy = false,
$ca_common_name = $certs::params::ca_common_name,
$log_dir = $certs::params::log_dir,
$node_fqdn = $certs::params::node_fqdn,
$generate = $certs::params::generate,
$regenerate = $certs::params::regenerate,
$regenerate_ca = $certs::params::regenerate_ca,
$deploy = $certs::params::deploy,
$ca_common_name = $certs::params::ca_common_name,
$country = $certs::params::country,
$state = $certs::params::state,
$city = $certs::params::sity,
......
$org_unit = $certs::params::org_unit,
$expiration = $certs::params::expiration,
$ca_expiration = $certs::params::ca_expiration,
$user_groups = $certs::params::user_groups,
$pki_dir = $certs::params::pki_dir,
$ssl_ca_password_file = $certs::params::ssl_ca_password_file,
$ca_expiration = $certs::params::ca_expiration
) inherits certs::params {
$nss_db_password_file = $certs::params::nss_db_password_file,
$ssl_pk12_password_file = $certs::params::ssl_pk12_password_file,
$user_groups = $certs::params::user_groups
$ssl_ca_password_file = $certs::params::ssl_ca_password_file
$nss_db_password_file = $certs::params::nss_db_password_file
$ssl_pk12_password_file = $certs::params::ssl_pk12_password_file
) inherits certs::params {
class { 'certs::install': }
manifests/params.pp
$log_dir = '/var/log/certs'
$node_fqdn = $::fqdn
$ca_common_name = $::fqdn # we need fqdn as CA common name as candlepin uses it as a ssl cert
$generate = true
$regenerate = false
$regenerate_ca = false
$deploy = true
$country = 'US'
$state = 'North Carolina'
$city = 'Raleigh'

Also available in: Unified diff