diff options
author | varac <varacanero@zeromail.org> | 2013-03-16 15:01:48 +0100 |
---|---|---|
committer | varac <varacanero@zeromail.org> | 2013-03-16 15:01:48 +0100 |
commit | 8c91365ca62d6f7e970f7a1fbda7be82a1fc83c3 (patch) | |
tree | 5ca58ed2e9d52f7bd4071b6902cba064a75d81f6 /puppet/modules/site_webapp/manifests/couchdb_stunnel.pp | |
parent | a275999ab39b49afa2bb0c998c58aec424b4a8c0 (diff) | |
parent | 90c5b205c4764351e6ea707b965c5e6daca1c0b7 (diff) |
Merge branch 'stunnel_switch' into develop
Diffstat (limited to 'puppet/modules/site_webapp/manifests/couchdb_stunnel.pp')
-rw-r--r-- | puppet/modules/site_webapp/manifests/couchdb_stunnel.pp | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/puppet/modules/site_webapp/manifests/couchdb_stunnel.pp b/puppet/modules/site_webapp/manifests/couchdb_stunnel.pp new file mode 100644 index 00000000..e6657e13 --- /dev/null +++ b/puppet/modules/site_webapp/manifests/couchdb_stunnel.pp @@ -0,0 +1,42 @@ +class site_webapp::couchdb_stunnel ($key, $cert, $ca) { + + include x509::variables + include site_stunnel + + $cert_name = 'leap_couchdb' + $ca_path = "${x509::variables::certs}/leap_client_ca.crt" + $cert_path = "${x509::variables::certs}/${cert_name}.crt" + $key_path = "${x509::variables::keys}/${cert_name}.key" + + x509::key { + $cert_name: + content => $key, + notify => Service['stunnel']; + } + + x509::cert { + $cert_name: + content => $cert, + notify => Service['stunnel']; + } + + x509::ca { + $cert_name: + content => $ca, + notify => Service['stunnel']; + } + + $couchdb_stunnel_client_defaults = { + 'client' => true, + 'cafile' => $ca_path, + 'key' => $key_path, + 'cert' => $cert_path, + 'verify' => '2', + 'rndfile' => '/var/lib/stunnel4/.rnd', + 'debuglevel' => '4' + } + + create_resources(site_webapp::couchdb_stunnel::clients, hiera('stunnel'), $couchdb_stunnel_client_defaults) + +} + |