Revision 79bb7026
Added by Ivan Necas about 10 years ago
| manifests/capsule.pp | ||
|---|---|---|
|
class { 'certs::foreman': hostname => $capsule_fqdn }
|
||
|
class { 'certs::foreman_proxy': hostname => $capsule_fqdn }
|
||
|
class { 'certs::apache': hostname => $capsule_fqdn }
|
||
|
class { 'certs::qpid': hostname => $capsule_fqdn }
|
||
|
class { 'certs::pulp_child': hostname => $capsule_fqdn }
|
||
|
class { 'certs::pulp_parent':
|
||
|
hostname => $parent_fqdn,
|
||
| ... | ... | |
|
subscribe => [Class['certs::puppet'],
|
||
|
Class['certs::foreman'],
|
||
|
Class['certs::foreman_proxy'],
|
||
|
Class['certs::qpid'],
|
||
|
Class['certs::apache'],
|
||
|
Class['certs::pulp_child']]
|
||
|
}
|
||
| manifests/pulp_child.pp | ||
|---|---|---|
|
$ca = $::certs::default_ca
|
||
|
) {
|
||
|
|
||
|
cert { "${::certs::pulp_child::hostname}-qpid-client-cert":
|
||
|
hostname => $::certs::pulp_child::hostname,
|
||
|
common_name => 'pulp-qpid-client-cert',
|
||
|
purpose => client,
|
||
|
country => $::certs::country,
|
||
|
state => $::certs::state,
|
||
|
city => $::certs::city,
|
||
|
org => 'PULP',
|
||
|
org_unit => $::certs::org_unit,
|
||
|
expiration => $::certs::expiration,
|
||
|
ca => $ca,
|
||
|
generate => $generate,
|
||
|
regenerate => $regenerate,
|
||
|
deploy => $deploy,
|
||
|
password_file => $certs::ca_key_password_file,
|
||
|
}
|
||
|
|
||
|
if $deploy {
|
||
|
pubkey { $pulp::consumers_ca_cert:
|
||
|
key_pair => $ca,
|
||
| ... | ... | |
|
# Defined in certs::apache module
|
||
|
key_pair => Cert["${hostname}-apache"],
|
||
|
}
|
||
|
|
||
|
Cert["${::certs::pulp_child::hostname}-qpid-client-cert"] ~>
|
||
|
key_bundle { $pulp::messaging_client_cert:
|
||
|
key_pair => Cert["${::certs::pulp_child::hostname}-qpid-client-cert"],
|
||
|
} ~>
|
||
|
file { $pulp::messaging_client_cert:
|
||
|
owner => 'apache',
|
||
|
group => 'apache',
|
||
|
mode => '0640',
|
||
|
}
|
||
|
|
||
|
}
|
||
|
}
|
||
Also available in: Unified diff
Refs #5815 - generate certs for node qpid