diff options
| author | Micah Anderson <micah@riseup.net> | 2013-02-19 15:18:30 -0500 |
|---|---|---|
| committer | Micah Anderson <micah@riseup.net> | 2013-02-19 15:18:30 -0500 |
| commit | 4dcc5f884cd22d0673f6493799ace2f03a9e66fe (patch) | |
| tree | 3f3f5c217c40f3037c1b2a9cd8da3fe91fdd8389 /puppet/modules/site_webapp/manifests/client_ca.pp | |
| parent | 253b765620961bbc9d96e8f3653b0b9693d29811 (diff) | |
| parent | 2e5eec3856b58aaff0a2049599a6455e6ff91122 (diff) | |
Merge remote-tracking branch 'origin/release/v0.2.0'0.2.0
Diffstat (limited to 'puppet/modules/site_webapp/manifests/client_ca.pp')
| -rw-r--r-- | puppet/modules/site_webapp/manifests/client_ca.pp | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/puppet/modules/site_webapp/manifests/client_ca.pp b/puppet/modules/site_webapp/manifests/client_ca.pp new file mode 100644 index 00000000..0d9b15d6 --- /dev/null +++ b/puppet/modules/site_webapp/manifests/client_ca.pp @@ -0,0 +1,25 @@ +## +## This is for the special CA that is used exclusively for generating +## client certificates by the webapp. +## + +class site_webapp::client_ca { + include x509::variables + + $x509 = hiera('x509') + $cert_path = "${x509::variables::certs}/leap_client_ca.crt" + $key_path = "${x509::variables::keys}/leap_client_ca.key" + + x509::key { + 'leap_client_ca': + source => $x509['client_ca_key'], + group => 'leap-webapp', + notify => Service[apache]; + } + + x509::cert { + 'leap_client_ca': + source => $x509['client_ca_cert'], + notify => Service[apache]; + } +} |