summaryrefslogtreecommitdiff
path: root/puppet
diff options
context:
space:
mode:
authorelijah <elijah@riseup.net>2012-12-18 10:26:57 -0800
committerelijah <elijah@riseup.net>2012-12-18 10:26:57 -0800
commitcded90f839871cf6258d7dc28d3ce81cf7f9cf6c (patch)
tree010ebda87f5b4a060c337592bd2bfe168c20fa77 /puppet
parent28745a2d4a0cdcf088af5240c67c77f0cde16bb4 (diff)
ca daemon -- ca daemon needs the x509 cert/key for the CA, not for the server.
Diffstat (limited to 'puppet')
-rw-r--r--puppet/modules/site_ca_daemon/manifests/init.pp30
1 files changed, 21 insertions, 9 deletions
diff --git a/puppet/modules/site_ca_daemon/manifests/init.pp b/puppet/modules/site_ca_daemon/manifests/init.pp
index 34b2c522..29a70df8 100644
--- a/puppet/modules/site_ca_daemon/manifests/init.pp
+++ b/puppet/modules/site_ca_daemon/manifests/init.pp
@@ -31,21 +31,33 @@ class site_ca_daemon {
x509::key {
'leap_ca_daemon':
- content => $x509['key'],
- #notify => Service[apache];
+ content => $x509['ca_key'];
+ #notify => Service['leap_ca_daemon']; <== no service yet for leap_ca_daemon
}
x509::cert {
'leap_ca_daemon':
- content => $x509['cert'],
- #notify => Service[apache];
+ content => $x509['ca_cert'];
+ #notify => Service['leap_ca_daemon']; <== no service yet for leap_ca_daemon
}
- x509::ca {
- 'leap_ca_daemon':
- content => $x509['ca_cert'],
- #notify => Service[apache];
- }
+ #
+ # Does CA need a server key/cert? I think not now.
+ #
+ # x509::key {
+ # 'server':
+ # content => $x509['key'];
+ # }
+ #
+ # x509::cert {
+ # 'server':
+ # content => $x509['cert'];
+ # }
+
+ # x509::ca {
+ # 'leap_ca_daemon':
+ # content => $x509['ca_cert'];
+ # }
file { '/srv/leap_ca_daemon':