diff options
author | varac <varacanero@zeromail.org> | 2013-09-20 18:58:29 +0200 |
---|---|---|
committer | varac <varacanero@zeromail.org> | 2013-09-20 18:58:29 +0200 |
commit | 0bf2c2eeaf5f8b683454ce0d0dbe88bb6f17c08f (patch) | |
tree | a5252934c67cb2316e8d7163c5170f58e3f51491 /puppet/modules/site_openvpn/manifests/keys.pp | |
parent | e182d12c72743491805a3873e8b6cd804fe5394c (diff) | |
parent | 486a9cd3b7bd8d643a9623fd40db2286cdf52fc8 (diff) |
Merge branch 'feature/3832_Unify_x509_certs__keys_and_ca' into develop
Diffstat (limited to 'puppet/modules/site_openvpn/manifests/keys.pp')
-rw-r--r-- | puppet/modules/site_openvpn/manifests/keys.pp | 45 |
1 files changed, 0 insertions, 45 deletions
diff --git a/puppet/modules/site_openvpn/manifests/keys.pp b/puppet/modules/site_openvpn/manifests/keys.pp deleted file mode 100644 index 864bbd9b..00000000 --- a/puppet/modules/site_openvpn/manifests/keys.pp +++ /dev/null @@ -1,45 +0,0 @@ -class site_openvpn::keys { - - x509::key { - 'leap_openvpn': - content => $site_openvpn::x509_config['key'], - notify => Service[openvpn]; - } - - x509::cert { - 'leap_openvpn': - content => $site_openvpn::x509_config['cert'], - notify => Service[openvpn]; - } - - file { '/etc/openvpn/keys/dh.pem': - content => $site_openvpn::x509_config['dh'], - mode => '0644', - } - - # - # CA bundle -- we want to have the possibility of allowing multiple CAs. - # For now, the reason is to transition to using client CA. In the future, - # we will want to be able to smoothly phase out one CA and phase in another. - # I tried "--capath" for this, but it did not work. - # - - concat { - '/etc/openvpn/ca_bundle.pem': - owner => root, - group => root, - mode => 644, - warn => true, - notify => Service['openvpn']; - } - - concat::fragment { - 'client_ca_cert': - content => $site_openvpn::x509_config['client_ca_cert'], - target => '/etc/openvpn/ca_bundle.pem'; - 'ca_cert': - content => $site_openvpn::x509_config['ca_cert'], - target => '/etc/openvpn/ca_bundle.pem'; - } - -} |