/[adm]/puppet/modules/openssl/manifests/init.pp
ViewVC logotype

Diff of /puppet/modules/openssl/manifests/init.pp

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 2655 by boklm, Mon Aug 22 15:36:44 2011 UTC revision 2656 by misc, Mon Mar 19 22:17:16 2012 UTC
# Line 1  Line 1 
1  class openssl {  class openssl {
2      class base {      class base {
3          package { 'openssl':          package { 'openssl': }
4              ensure => installed      }
         }  
     }  
5    
6      define self_signed_cert($directory = '/etc/certs') {      define self_signed_cert($directory = '/etc/certs') {
7          include openssl::base          include openssl::base
8    
9          $pem_file = "$name.pem"          $pem_file = "$name.pem"
10          exec { "openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout $pem_file -out $pem_file -subj  '/CN=$name'":          exec { "openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout $pem_file -out $pem_file -subj  '/CN=$name'":
11              cwd => "$directory",              cwd     => $directory,
12              creates => "$directory/$name.pem",              creates => "$directory/$name.pem",
13              require => Package['openssl']              require => Package['openssl']
14          }          }
15      }      }
16    
17      define self_signed_splitted_cert($filename = '',      define self_signed_splitted_cert( $filename = '',
18                                       $directory = '/etc/certs',                                        $directory = '/etc/certs',
19                                       $owner = "root",                                        $owner = 'root',
20                                       $group = 'root',                                        $group = 'root',
21                                       $mode = '600') {                                        $mode = '0600') {
22          include openssl::base          include openssl::base
23            
24          $crt_file = "$filename.crt"          $crt_file = "$filename.crt"
25          $key_file = "$filename.key"          $key_file = "$filename.key"
26          exec { "openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout $key_file -out $crt_file -subj  '/CN=$name'":          exec { "openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout $key_file -out $crt_file -subj  '/CN=$name'":
27              cwd => "$directory",              cwd     => $directory,
28              creates => "$directory/$key_file",              creates => "$directory/$key_file",
29              require => Package['openssl'],              require => Package['openssl'],
30              before => [ File["$directory/$key_file"],              before  => [File["$directory/$key_file"],
31                          File["$directory/$crt_file"]]                          File["$directory/$crt_file"]]
32          }          }
33    
34          file { ["$directory/$key_file","$directory/$crt_file"]:          file { ["$directory/$key_file","$directory/$crt_file"]:
35              owner => $owner,              owner => $owner,
36              group => $group,              group => $group,
37              mode => $mode              mode  => $mode,
38          }          }
39      }      }
   
40  }  }
Legend:
Removed from v.2655  
changed lines
  Added in v.2656
  ViewVC Help
Powered by ViewVC 1.1.30