Merge commit 'af6fdd31fb961fc1b7f408f51001e7a6d192a58a' as 'puppet/modules/couchdb'

1 files changed, 25 insertions, 0 deletions

diff --git a/puppet/modules/couchdb/manifests/ssl/generate_cert.pp b/puppet/modules/couchdb/manifests/ssl/generate_cert.pp
new file mode 100644
index 00000000..a443250e
--- /dev/null
+++ b/puppet/modules/couchdb/manifests/ssl/generate_cert.pp
@@ -0,0 +1,25 @@
+# configures cert for ssl access
+class couchdb::ssl::generate_cert {
+
+  ensure_packages('openssl')
+
+  file { $couchdb::cert_path:
+    ensure => 'directory',
+    mode   => '0600',
+    owner  => 'couchdb',
+    group  => 'couchdb';
+  }
+
+exec { 'generate-certs':
+    command => "/usr/bin/openssl req -new -inform PEM -x509 -nodes -days 150 -subj \
+'/C=ZZ/ST=AutoSign/O=AutoSign/localityName=AutoSign/commonName=${::hostname}/organizationalUnitName=AutoSign/emailAddress=AutoSign/' \
+-newkey rsa:2048 -out ${couchdb::cert_path}/couchdb_cert.pem -keyout ${couchdb::cert_path}/couchdb_key.pem",
+    unless  => "/usr/bin/test -f ${couchdb::cert_path}/couchdb_cert.pem &&
+/usr/bin/test -f ${couchdb::params::cert_path}/couchdb_key.pem",
+    require => [
+      File[$couchdb::params::cert_path],
+      Exec['make-install']
+    ],
+    notify  => Service['couchdb'],
+  }
+}