Revision a6af1d3d
Added by Timo Goebel about 7 years ago
| manifests/katello.pp | ||
|---|---|---|
|
# Katello specific certs settings
|
||
|
class certs::katello (
|
||
|
$hostname = $::certs::node_fqdn,
|
||
|
$deployment_url = undef,
|
||
|
$rhsm_port = 443,
|
||
|
$hostname = $::certs::node_fqdn,
|
||
|
$deployment_url = undef,
|
||
|
$rhsm_port = 443,
|
||
|
$candlepin_cert_rpm_alias_filename = undef,
|
||
|
) {
|
||
|
$katello_server_ca_cert = $::certs::katello_server_ca_cert,
|
||
|
$server_ca_name = $::certs::server_ca_name,
|
||
|
$ca_cert = $::certs::ca_cert,
|
||
|
$server_ca = $::certs::server_ca,
|
||
|
) inherits certs {
|
||
|
|
||
|
$candlepin_cert_rpm_alias = $candlepin_cert_rpm_alias_filename ? {
|
||
|
undef => 'katello-ca-consumer-latest.noarch.rpm',
|
||
| ... | ... | |
|
|
||
|
include ::trusted_ca
|
||
|
trusted_ca::ca { 'katello_server-host-cert':
|
||
|
source => $::certs::katello_server_ca_cert,
|
||
|
require => File[$::certs::katello_server_ca_cert],
|
||
|
source => $katello_server_ca_cert,
|
||
|
require => File[$katello_server_ca_cert],
|
||
|
}
|
||
|
|
||
|
file { $katello_www_pub_dir:
|
||
| ... | ... | |
|
mode => '0755',
|
||
|
} ->
|
||
|
# Placing the CA in the pub dir for trusting by a user in their browser
|
||
|
file { "${katello_www_pub_dir}/${::certs::server_ca_name}.crt":
|
||
|
file { "${katello_www_pub_dir}/${server_ca_name}.crt":
|
||
|
ensure => file,
|
||
|
source => $::certs::katello_server_ca_cert,
|
||
|
source => $katello_server_ca_cert,
|
||
|
owner => 'root',
|
||
|
group => 'root',
|
||
|
mode => '0644',
|
||
|
require => File[$::certs::katello_server_ca_cert],
|
||
|
require => File[$katello_server_ca_cert],
|
||
|
} ~>
|
||
|
certs::rhsm_reconfigure_script { "${katello_www_pub_dir}/${katello_rhsm_setup_script}":
|
||
|
ca_cert => $::certs::ca_cert,
|
||
|
server_ca_cert => $::certs::katello_server_ca_cert,
|
||
|
ca_cert => $ca_cert,
|
||
|
server_ca_cert => $katello_server_ca_cert,
|
||
|
} ~>
|
||
|
certs_bootstrap_rpm { $candlepin_consumer_name:
|
||
|
dir => $katello_www_pub_dir,
|
||
| ... | ... | |
|
bootstrap_script => inline_template('/bin/bash <%= @katello_rhsm_setup_script_location %>'),
|
||
|
postun_script => 'test -f /etc/rhsm/rhsm.conf.kat-backup && command cp /etc/rhsm/rhsm.conf.kat-backup /etc/rhsm/rhsm.conf',
|
||
|
alias => $candlepin_cert_rpm_alias,
|
||
|
subscribe => $::certs::server_ca,
|
||
|
subscribe => $server_ca,
|
||
|
}
|
||
|
}
|
||
Also available in: Unified diff
classes inherit from init