2 files changed, 13 insertions, 2 deletions

diff --git a/puppet/modules/soledad/manifests/server.pp b/puppet/modules/soledad/manifests/server.pp
index 00fee4ac..ba482f29 100644
--- a/puppet/modules/soledad/manifests/server.pp
+++ b/puppet/modules/soledad/manifests/server.pp
@@ -13,6 +13,9 @@ class soledad::server {
   $x509_cert = $x509['cert']
   $x509_ca   = $x509['ca_cert']
 
+  $soledad      = hiera('soledad')
+  $soledad_port = $soledad['port']
+
   x509::key { 'soledad':
     content => $x509_key,
     notify  => Service['soledad-server'];
@@ -46,8 +49,12 @@ class soledad::server {
   }
 
   file { '/etc/default/soledad':
-    content => "CERT_PATH=/etc/x509/certs/soledad.crt\nPRIVKEY_PATH=/etc/x509/keys/soledad.key\n",
-    require => Package['soledad-server']
+    content => template('soledad/default-soledad.erb'),
+    owner   => 'soledad',
+    group   => 'soledad',
+    mode    => '0600',
+    notify  => Service['soledad-server'],
+    require => Class['soledad'];
   }
 
   service { 'soledad-server':
diff --git a/puppet/modules/soledad/templates/default-soledad.erb b/puppet/modules/soledad/templates/default-soledad.erb
new file mode 100644
index 00000000..da85338a
--- /dev/null
+++ b/puppet/modules/soledad/templates/default-soledad.erb
@@ -0,0 +1,4 @@
+# this file is managed by puppet
+CERT_PATH=/etc/x509/certs/soledad.crt
+PRIVKEY_PATH=/etc/x509/keys/soledad.key
+HTTPS_PORT=<%=@soledad_port%>