Revision 5114d3eb
Added by Michael Moll about 8 years ago
manifests/server/puppetserver.pp | ||
---|---|---|
$server_ca_client_whitelist = $::puppet::server_ca_client_whitelist,
|
||
$server_admin_api_whitelist = $::puppet::server_admin_api_whitelist,
|
||
) {
|
||
require ::puppet::server::augeaslens
|
||
include ::puppet::server
|
||
|
||
$puppetserver_package = pick($::puppet::server_package, 'puppetserver')
|
||
... | ... | |
],
|
||
}
|
||
|
||
$augcmds = $server_ca ? {
|
||
true => ['rm @simple[. = "puppetlabs.services.ca.certificate-authority-disabled-service"]',
|
||
'set @simple[. = "puppetlabs.services.ca.certificate-authority-service"] puppetlabs.services.ca.certificate-authority-service',
|
||
'set @simple[. = "puppetlabs.services.ca.certificate-authority-service"]/@value certificate-authority-service',],
|
||
default => ['rm @simple[. = "puppetlabs.services.ca.certificate-authority-service"]',
|
||
'set @simple[. = "puppetlabs.services.ca.certificate-authority-disabled-service"] puppetlabs.services.ca.certificate-authority-disabled-service',
|
||
'set @simple[. = "puppetlabs.services.ca.certificate-authority-disabled-service"]/@value certificate-authority-disabled-service',],
|
||
$ca_enabled_ensure = $server_ca ? {
|
||
true => present,
|
||
default => absent,
|
||
}
|
||
|
||
augeas { 'puppet::server::puppetserver::server_ca':
|
||
context => "/files${server_puppetserver_dir}/bootstrap.cfg",
|
||
changes => $augcmds,
|
||
incl => "${server_puppetserver_dir}/bootstrap.cfg",
|
||
lens => 'Trapperkeeper.lns',
|
||
$ca_disabled_ensure = $server_ca ? {
|
||
false => present,
|
||
default => absent,
|
||
}
|
||
|
||
file_line { 'ca_enabled':
|
||
ensure => $ca_enabled_ensure,
|
||
path => "${server_puppetserver_dir}/bootstrap.cfg",
|
||
line => 'puppetlabs.services.ca.certificate-authority-service/certificate-authority-service',
|
||
}
|
||
|
||
file_line { 'ca_disabled':
|
||
ensure => $ca_disabled_ensure,
|
||
path => "${server_puppetserver_dir}/bootstrap.cfg",
|
||
line => 'puppetlabs.services.ca.certificate-authority-disabled-service/certificate-authority-disabled-service',
|
||
}
|
||
|
||
file { "${server_puppetserver_dir}/conf.d/ca.conf":
|
Also available in: Unified diff
use file_line for bootstrap.cfg
Closes GH-385