Revision a6af1d3d
Added by Timo Goebel about 7 years ago
manifests/katello.pp | ||
---|---|---|
# Katello specific certs settings
|
||
class certs::katello (
|
||
$hostname = $::certs::node_fqdn,
|
||
$deployment_url = undef,
|
||
$rhsm_port = 443,
|
||
$hostname = $::certs::node_fqdn,
|
||
$deployment_url = undef,
|
||
$rhsm_port = 443,
|
||
$candlepin_cert_rpm_alias_filename = undef,
|
||
) {
|
||
$katello_server_ca_cert = $::certs::katello_server_ca_cert,
|
||
$server_ca_name = $::certs::server_ca_name,
|
||
$ca_cert = $::certs::ca_cert,
|
||
$server_ca = $::certs::server_ca,
|
||
) inherits certs {
|
||
|
||
$candlepin_cert_rpm_alias = $candlepin_cert_rpm_alias_filename ? {
|
||
undef => 'katello-ca-consumer-latest.noarch.rpm',
|
||
... | ... | |
|
||
include ::trusted_ca
|
||
trusted_ca::ca { 'katello_server-host-cert':
|
||
source => $::certs::katello_server_ca_cert,
|
||
require => File[$::certs::katello_server_ca_cert],
|
||
source => $katello_server_ca_cert,
|
||
require => File[$katello_server_ca_cert],
|
||
}
|
||
|
||
file { $katello_www_pub_dir:
|
||
... | ... | |
mode => '0755',
|
||
} ->
|
||
# Placing the CA in the pub dir for trusting by a user in their browser
|
||
file { "${katello_www_pub_dir}/${::certs::server_ca_name}.crt":
|
||
file { "${katello_www_pub_dir}/${server_ca_name}.crt":
|
||
ensure => file,
|
||
source => $::certs::katello_server_ca_cert,
|
||
source => $katello_server_ca_cert,
|
||
owner => 'root',
|
||
group => 'root',
|
||
mode => '0644',
|
||
require => File[$::certs::katello_server_ca_cert],
|
||
require => File[$katello_server_ca_cert],
|
||
} ~>
|
||
certs::rhsm_reconfigure_script { "${katello_www_pub_dir}/${katello_rhsm_setup_script}":
|
||
ca_cert => $::certs::ca_cert,
|
||
server_ca_cert => $::certs::katello_server_ca_cert,
|
||
ca_cert => $ca_cert,
|
||
server_ca_cert => $katello_server_ca_cert,
|
||
} ~>
|
||
certs_bootstrap_rpm { $candlepin_consumer_name:
|
||
dir => $katello_www_pub_dir,
|
||
... | ... | |
bootstrap_script => inline_template('/bin/bash <%= @katello_rhsm_setup_script_location %>'),
|
||
postun_script => 'test -f /etc/rhsm/rhsm.conf.kat-backup && command cp /etc/rhsm/rhsm.conf.kat-backup /etc/rhsm/rhsm.conf',
|
||
alias => $candlepin_cert_rpm_alias,
|
||
subscribe => $::certs::server_ca,
|
||
subscribe => $server_ca,
|
||
}
|
||
}
|
Also available in: Unified diff
classes inherit from init