summaryrefslogtreecommitdiff
path: root/puppet
diff options
context:
space:
mode:
Diffstat (limited to 'puppet')
-rw-r--r--puppet/modules/site_config/manifests/x509/cert.pp (renamed from puppet/modules/site_config/manifests/x509/cert_key.pp)7
-rw-r--r--puppet/modules/site_config/manifests/x509/key.pp9
-rw-r--r--puppet/modules/site_couchdb/manifests/stunnel.pp12
-rw-r--r--puppet/modules/site_mx/manifests/init.pp3
-rw-r--r--puppet/modules/site_nickserver/manifests/init.pp6
-rw-r--r--puppet/modules/site_openvpn/manifests/init.pp6
-rw-r--r--puppet/modules/site_postfix/manifests/mx.pp6
-rw-r--r--puppet/modules/site_stunnel/manifests/clients.pp3
-rw-r--r--puppet/modules/site_webapp/manifests/apache.pp3
-rw-r--r--puppet/modules/site_webapp/manifests/init.pp3
-rw-r--r--puppet/modules/soledad/manifests/server.pp6
11 files changed, 42 insertions, 22 deletions
diff --git a/puppet/modules/site_config/manifests/x509/cert_key.pp b/puppet/modules/site_config/manifests/x509/cert.pp
index d55c6cf2..7ed42959 100644
--- a/puppet/modules/site_config/manifests/x509/cert_key.pp
+++ b/puppet/modules/site_config/manifests/x509/cert.pp
@@ -1,13 +1,8 @@
-class site_config::x509::cert_key {
+class site_config::x509::cert {
$x509 = hiera('x509')
- $key = $x509['key']
$cert = $x509['cert']
- x509::key { $site_config::params::cert_name:
- content => $key
- }
-
x509::cert { $site_config::params::cert_name:
content => $cert
}
diff --git a/puppet/modules/site_config/manifests/x509/key.pp b/puppet/modules/site_config/manifests/x509/key.pp
new file mode 100644
index 00000000..32b59726
--- /dev/null
+++ b/puppet/modules/site_config/manifests/x509/key.pp
@@ -0,0 +1,9 @@
+class site_config::x509::key {
+
+ $x509 = hiera('x509')
+ $key = $x509['key']
+
+ x509::key { $site_config::params::cert_name:
+ content => $key
+ }
+}
diff --git a/puppet/modules/site_couchdb/manifests/stunnel.pp b/puppet/modules/site_couchdb/manifests/stunnel.pp
index 7ba303fe..87c35f05 100644
--- a/puppet/modules/site_couchdb/manifests/stunnel.pp
+++ b/puppet/modules/site_couchdb/manifests/stunnel.pp
@@ -20,7 +20,8 @@ class site_couchdb::stunnel {
- include site_config::x509::cert_key
+ include site_config::x509::cert
+ include site_config::x509::key
include site_config::x509::ca
include x509::variables
@@ -41,7 +42,8 @@ class site_couchdb::stunnel {
rndfile => '/var/lib/stunnel4/.rnd',
debuglevel => '4',
require => [
- Class['Site_config::X509::Cert_key'],
+ Class['Site_config::X509::Key'],
+ Class['Site_config::X509::Cert'],
Class['Site_config::X509::Ca'] ];
}
@@ -60,7 +62,8 @@ class site_couchdb::stunnel {
rndfile => '/var/lib/stunnel4/.rnd',
debuglevel => '4',
require => [
- Class['Site_config::X509::Cert_key'],
+ Class['Site_config::X509::Key'],
+ Class['Site_config::X509::Cert'],
Class['Site_config::X509::Ca'] ];
}
@@ -89,7 +92,8 @@ class site_couchdb::stunnel {
rndfile => '/var/lib/stunnel4/.rnd',
debuglevel => '4',
require => [
- Class['Site_config::X509::Cert_key'],
+ Class['Site_config::X509::Key'],
+ Class['Site_config::X509::Cert'],
Class['Site_config::X509::Ca'] ];
}
diff --git a/puppet/modules/site_mx/manifests/init.pp b/puppet/modules/site_mx/manifests/init.pp
index 527dc4a5..52c5f1d6 100644
--- a/puppet/modules/site_mx/manifests/init.pp
+++ b/puppet/modules/site_mx/manifests/init.pp
@@ -2,7 +2,8 @@ class site_mx {
tag 'leap_service'
Class['site_config::default'] -> Class['site_mx']
- include site_config::x509::cert_key
+ include site_config::x509::cert
+ include site_config::x509::key
include site_config::x509::ca
include site_config::x509::client_ca
diff --git a/puppet/modules/site_nickserver/manifests/init.pp b/puppet/modules/site_nickserver/manifests/init.pp
index a12ed3a2..bf0511d5 100644
--- a/puppet/modules/site_nickserver/manifests/init.pp
+++ b/puppet/modules/site_nickserver/manifests/init.pp
@@ -38,7 +38,8 @@ class site_nickserver {
$address_domain = $domain['full_suffix']
- include site_config::x509::cert_key
+ include site_config::x509::cert
+ include site_config::x509::key
include site_config::x509::ca
#
@@ -126,7 +127,8 @@ class site_nickserver {
hasstatus => true,
require => [
File['/etc/init.d/nickserver'],
- Class['Site_config::X509::Cert_key'],
+ Class['Site_config::X509::Key'],
+ Class['Site_config::X509::Cert'],
Class['Site_config::X509::Ca'] ];
}
diff --git a/puppet/modules/site_openvpn/manifests/init.pp b/puppet/modules/site_openvpn/manifests/init.pp
index 6ab0d430..bf72c8d6 100644
--- a/puppet/modules/site_openvpn/manifests/init.pp
+++ b/puppet/modules/site_openvpn/manifests/init.pp
@@ -20,7 +20,8 @@
class site_openvpn {
tag 'leap_service'
- include site_config::x509::cert_key
+ include site_config::x509::cert
+ include site_config::x509::key
include site_config::x509::ca_bundle
@@ -140,7 +141,8 @@ class site_openvpn {
require => [
Package['openvpn'],
File['/etc/openvpn'],
- Class['Site_config::X509::Cert_key'],
+ Class['Site_config::X509::Key'],
+ Class['Site_config::X509::Cert'],
Class['Site_config::X509::Ca_bundle'] ];
}
diff --git a/puppet/modules/site_postfix/manifests/mx.pp b/puppet/modules/site_postfix/manifests/mx.pp
index 32465e01..d56b526f 100644
--- a/puppet/modules/site_postfix/manifests/mx.pp
+++ b/puppet/modules/site_postfix/manifests/mx.pp
@@ -8,7 +8,8 @@ class site_postfix::mx {
$root_mail_recipient = $mx_hash['contact']
$postfix_smtp_listen = 'all'
- include site_config::x509::cert_key
+ include site_config::x509::cert
+ include site_config::x509::key
include site_config::x509::client_ca
postfix::config {
@@ -48,7 +49,8 @@ submission inet n - n - - smtpd
-o smtpd_recipient_restrictions=\$submission_recipient_restrictions
-o smtpd_helo_restrictions=\$submission_helo_restrictions",
require => [
- Class['Site_config::X509::Cert_key'],
+ Class['Site_config::X509::Key'],
+ Class['Site_config::X509::Cert'],
Class['Site_config::X509::Client_ca'],
User['vmail'] ]
}
diff --git a/puppet/modules/site_stunnel/manifests/clients.pp b/puppet/modules/site_stunnel/manifests/clients.pp
index b2c8db1f..791fdbc5 100644
--- a/puppet/modules/site_stunnel/manifests/clients.pp
+++ b/puppet/modules/site_stunnel/manifests/clients.pp
@@ -23,7 +23,8 @@ define site_stunnel::clients (
rndfile => $rndfile,
debuglevel => $debuglevel,
require => [
- Class['Site_config::X509::Cert_key'],
+ Class['Site_config::X509::Key'],
+ Class['Site_config::X509::Cert'],
Class['Site_config::X509::Ca'] ];
}
diff --git a/puppet/modules/site_webapp/manifests/apache.pp b/puppet/modules/site_webapp/manifests/apache.pp
index d604b00f..062344d7 100644
--- a/puppet/modules/site_webapp/manifests/apache.pp
+++ b/puppet/modules/site_webapp/manifests/apache.pp
@@ -12,7 +12,8 @@ class site_webapp::apache {
$commercial_cert = $x509['commercial_cert']
$commercial_root = $x509['commercial_ca_cert']
- include site_config::x509::cert_key
+ include site_config::x509::cert
+ include site_config::x509::key
include site_config::x509::ca
include x509::variables
diff --git a/puppet/modules/site_webapp/manifests/init.pp b/puppet/modules/site_webapp/manifests/init.pp
index 4b06cea6..ff230417 100644
--- a/puppet/modules/site_webapp/manifests/init.pp
+++ b/puppet/modules/site_webapp/manifests/init.pp
@@ -17,7 +17,8 @@ class site_webapp {
include site_webapp::apache
include site_webapp::couchdb
include site_webapp::haproxy
- include site_config::x509::cert_key
+ include site_config::x509::cert
+ include site_config::x509::key
include site_config::x509::ca
group { 'leap-webapp':
diff --git a/puppet/modules/soledad/manifests/server.pp b/puppet/modules/soledad/manifests/server.pp
index 0c073443..6ccd934a 100644
--- a/puppet/modules/soledad/manifests/server.pp
+++ b/puppet/modules/soledad/manifests/server.pp
@@ -9,7 +9,8 @@ class soledad::server {
$couchdb_user = $couchdb['couchdb_admin_user']['username']
$couchdb_password = $couchdb['couchdb_admin_user']['password']
- include site_config::x509::cert_key
+ include site_config::x509::cert
+ include site_config::x509::key
include site_config::x509::ca
$soledad = hiera('soledad')
@@ -52,7 +53,8 @@ class soledad::server {
require => [
Class['soledad'],
Package['soledad-server'],
- Class['Site_config::X509::Cert_key'],
+ Class['Site_config::X509::Key'],
+ Class['Site_config::X509::Cert'],
Class['Site_config::X509::Ca'] ];
}