summaryrefslogtreecommitdiff
path: root/puppet/modules/site_couchdb/manifests
diff options
context:
space:
mode:
authorvarac <varacanero@zeromail.org>2013-09-13 16:20:07 +0200
committervarac <varacanero@zeromail.org>2013-09-13 16:20:07 +0200
commit3e5e685200e9b5c3ac8567100e552929ea55d8e8 (patch)
tree0c02d9ac2eb4f7aed93c3a4212d6511db9cebfc7 /puppet/modules/site_couchdb/manifests
parent3a9569ca027dccef87509323f08407e60039d9a9 (diff)
setup stunnel config to use default x509 cert,key+ca (#3837)
* fix stunnel setups for couchdb, mx, webapp services
Diffstat (limited to 'puppet/modules/site_couchdb/manifests')
-rw-r--r--puppet/modules/site_couchdb/manifests/init.pp11
-rw-r--r--puppet/modules/site_couchdb/manifests/stunnel.pp20
2 files changed, 5 insertions, 26 deletions
diff --git a/puppet/modules/site_couchdb/manifests/init.pp b/puppet/modules/site_couchdb/manifests/init.pp
index 43abd616..6bc4f6a3 100644
--- a/puppet/modules/site_couchdb/manifests/init.pp
+++ b/puppet/modules/site_couchdb/manifests/init.pp
@@ -1,11 +1,6 @@
class site_couchdb {
tag 'leap_service'
- $x509 = hiera('x509')
- $key = $x509['key']
- $cert = $x509['cert']
- $ca = $x509['ca_cert']
-
$couchdb_config = hiera('couch')
$couchdb_users = $couchdb_config['users']
$couchdb_admin = $couchdb_users['admin']
@@ -44,11 +39,7 @@ class site_couchdb {
-> Couchdb::Add_user[$couchdb_webapp_user]
-> Couchdb::Add_user[$couchdb_soledad_user]
- class { 'site_couchdb::stunnel':
- key => $key,
- cert => $cert,
- ca => $ca
- }
+ class { 'site_couchdb::stunnel': }
class { 'site_couchdb::bigcouch::add_nodes': }
diff --git a/puppet/modules/site_couchdb/manifests/stunnel.pp b/puppet/modules/site_couchdb/manifests/stunnel.pp
index 481da279..993555cb 100644
--- a/puppet/modules/site_couchdb/manifests/stunnel.pp
+++ b/puppet/modules/site_couchdb/manifests/stunnel.pp
@@ -1,4 +1,4 @@
-class site_couchdb::stunnel ($key, $cert, $ca) {
+class site_couchdb::stunnel {
$stunnel = hiera('stunnel')
@@ -19,21 +19,9 @@ class site_couchdb::stunnel ($key, $cert, $ca) {
$ednp_clients = $stunnel['ednp_clients']
include x509::variables
- $cert_name = 'leap_couchdb'
- $ca_name = 'leap_ca'
- $ca_path = "${x509::variables::local_CAs}/${ca_name}.crt"
- $cert_path = "${x509::variables::certs}/${cert_name}.crt"
- $key_path = "${x509::variables::keys}/${cert_name}.key"
-
- # basic setup: ensure cert, key, ca files are in place, and some generic
- # stunnel things are done
- site_stunnel::setup { 'couchdb_couchdb':
- cert_name => $cert_name,
- key => $key,
- cert => $cert,
- ca_name => $ca_name,
- ca => $ca
- }
+ $ca_path = "${x509::variables::local_CAs}/${site_config::params::ca_name}.crt"
+ $cert_path = "${x509::variables::certs}/${site_config::params::cert_name}.crt"
+ $key_path = "${x509::variables::keys}/${site_config::params::cert_name}.key"
# setup a stunnel server for the webapp to connect to couchdb
stunnel::service { 'couch_server':