diff options
author | varac <varacanero@zeromail.org> | 2013-09-13 16:20:07 +0200 |
---|---|---|
committer | varac <varacanero@zeromail.org> | 2013-09-13 16:20:07 +0200 |
commit | 3e5e685200e9b5c3ac8567100e552929ea55d8e8 (patch) | |
tree | 0c02d9ac2eb4f7aed93c3a4212d6511db9cebfc7 /puppet/modules/site_couchdb/manifests | |
parent | 3a9569ca027dccef87509323f08407e60039d9a9 (diff) |
setup stunnel config to use default x509 cert,key+ca (#3837)
* fix stunnel setups for couchdb, mx, webapp services
Diffstat (limited to 'puppet/modules/site_couchdb/manifests')
-rw-r--r-- | puppet/modules/site_couchdb/manifests/init.pp | 11 | ||||
-rw-r--r-- | puppet/modules/site_couchdb/manifests/stunnel.pp | 20 |
2 files changed, 5 insertions, 26 deletions
diff --git a/puppet/modules/site_couchdb/manifests/init.pp b/puppet/modules/site_couchdb/manifests/init.pp index 43abd616..6bc4f6a3 100644 --- a/puppet/modules/site_couchdb/manifests/init.pp +++ b/puppet/modules/site_couchdb/manifests/init.pp @@ -1,11 +1,6 @@ class site_couchdb { tag 'leap_service' - $x509 = hiera('x509') - $key = $x509['key'] - $cert = $x509['cert'] - $ca = $x509['ca_cert'] - $couchdb_config = hiera('couch') $couchdb_users = $couchdb_config['users'] $couchdb_admin = $couchdb_users['admin'] @@ -44,11 +39,7 @@ class site_couchdb { -> Couchdb::Add_user[$couchdb_webapp_user] -> Couchdb::Add_user[$couchdb_soledad_user] - class { 'site_couchdb::stunnel': - key => $key, - cert => $cert, - ca => $ca - } + class { 'site_couchdb::stunnel': } class { 'site_couchdb::bigcouch::add_nodes': } diff --git a/puppet/modules/site_couchdb/manifests/stunnel.pp b/puppet/modules/site_couchdb/manifests/stunnel.pp index 481da279..993555cb 100644 --- a/puppet/modules/site_couchdb/manifests/stunnel.pp +++ b/puppet/modules/site_couchdb/manifests/stunnel.pp @@ -1,4 +1,4 @@ -class site_couchdb::stunnel ($key, $cert, $ca) { +class site_couchdb::stunnel { $stunnel = hiera('stunnel') @@ -19,21 +19,9 @@ class site_couchdb::stunnel ($key, $cert, $ca) { $ednp_clients = $stunnel['ednp_clients'] include x509::variables - $cert_name = 'leap_couchdb' - $ca_name = 'leap_ca' - $ca_path = "${x509::variables::local_CAs}/${ca_name}.crt" - $cert_path = "${x509::variables::certs}/${cert_name}.crt" - $key_path = "${x509::variables::keys}/${cert_name}.key" - - # basic setup: ensure cert, key, ca files are in place, and some generic - # stunnel things are done - site_stunnel::setup { 'couchdb_couchdb': - cert_name => $cert_name, - key => $key, - cert => $cert, - ca_name => $ca_name, - ca => $ca - } + $ca_path = "${x509::variables::local_CAs}/${site_config::params::ca_name}.crt" + $cert_path = "${x509::variables::certs}/${site_config::params::cert_name}.crt" + $key_path = "${x509::variables::keys}/${site_config::params::cert_name}.key" # setup a stunnel server for the webapp to connect to couchdb stunnel::service { 'couch_server': |