5 files changed, 0 insertions, 216 deletions

diff --git a/puppet/manifests/site.pp b/puppet/manifests/site.pp
index 34c19370..f1b02aca 100644
--- a/puppet/manifests/site.pp
+++ b/puppet/manifests/site.pp
@@ -33,10 +33,6 @@ if 'webapp' in $services {
   include site_webapp
 }
 
-if 'ca' in $services {
-  include site_ca_daemon
-}
-
 if 'monitor' in $services {
   include site_nagios
 }
diff --git a/puppet/modules/site_ca_daemon/manifests/apache.pp b/puppet/modules/site_ca_daemon/manifests/apache.pp
deleted file mode 100644
index ab6b08fd..00000000
--- a/puppet/modules/site_ca_daemon/manifests/apache.pp
+++ /dev/null
@@ -1,62 +0,0 @@
-class site_ca_daemon::apache {
-
-  $api_domain       = hiera('api_domain')
-  $x509             = hiera('x509')
-  $commercial_key   = $x509['commercial_key']
-  $commercial_cert  = $x509['commercial_cert']
-  $commercial_root  = $x509['commercial_ca_cert']
-  $api_key          = $x509['key']
-  $api_cert         = $x509['cert']
-  $api_root         = $x509['ca_cert']
-
-  $apache_no_default_site = true
-  include apache::ssl
-
-  apache::module {
-    'alias':   ensure => present;
-    'rewrite': ensure => present;
-    'headers': ensure => present;
-  }
-
-  class { 'passenger': use_munin => false }
-
-  apache::vhost::file {
-    'leap_ca_daemon':
-      content => template('site_apache/vhosts.d/leap_ca_daemon.conf.erb')
-  }
-
-  apache::vhost::file {
-    'api':
-      content => template('site_apache/vhosts.d/api.conf.erb')
-  }
-
-  x509::key {
-    'leap_ca_daemon':
-      content => $commercial_key,
-      notify  => Service[apache];
-
-    'leap_api':
-      content => $api_key,
-      notify  => Service[apache];
-  }
-
-  x509::cert {
-    'leap_ca_daemon':
-      content => $commercial_cert,
-      notify  => Service[apache];
-
-    'leap_api':
-      content => $api_cert,
-      notify  => Service[apache];
-  }
-
-  x509::ca {
-    'leap_ca_daemon':
-      content => $commercial_root,
-      notify  => Service[apache];
-
-    'leap_api':
-      content => $api_root,
-      notify  => Service[apache];
-  }
-}
diff --git a/puppet/modules/site_ca_daemon/manifests/couchdb.pp b/puppet/modules/site_ca_daemon/manifests/couchdb.pp
deleted file mode 100644
index f446a05b..00000000
--- a/puppet/modules/site_ca_daemon/manifests/couchdb.pp
+++ /dev/null
@@ -1,16 +0,0 @@
-class site_ca_daemon::couchdb {
-
-  $ca               = hiera('ca_daemon')
-  $couchdb_host     = $ca['couchdb_hosts']
-  $couchdb_user     = $ca['couchdb_user']['username']
-  $couchdb_password = $ca['couchdb_user']['password']
-
-  file {
-    '/etc/leap/leap_ca.yaml':
-      content => template('site_ca_daemon/leap_ca.yaml.erb'),
-      owner   => leap_ca_daemon,
-      group   => leap_ca_daemon,
-      mode    => '0600';
-  }
-
-}
diff --git a/puppet/modules/site_ca_daemon/manifests/init.pp b/puppet/modules/site_ca_daemon/manifests/init.pp
deleted file mode 100644
index 8ba9c506..00000000
--- a/puppet/modules/site_ca_daemon/manifests/init.pp
+++ /dev/null
@@ -1,103 +0,0 @@
-class site_ca_daemon {
-  tag 'leap_service'
-  #$definition_files = hiera('definition_files')
-  #$provider         = $definition_files['provider']
-  #$eip_service      = $definition_files['eip_service']
-  $x509             = hiera('x509')
-
-  Class[Ruby] -> Class[rubygems] -> Class[bundler::install]
-
-  class { 'ruby': ruby_version => '1.9.3' }
-
-  class { 'bundler::install': install_method => 'package' }
-
-  include rubygems
-  #include site_ca_daemon::apache
-  include site_ca_daemon::couchdb
-
-  group { 'leap_ca_daemon':
-    ensure    => present,
-    allowdupe => false;
-  }
-
-  user { 'leap_ca_daemon':
-    ensure    => present,
-    allowdupe => false,
-    gid       => 'leap_ca_daemon',
-    home      => '/srv/leap_ca_daemon',
-    require   => [ Group['leap_ca_daemon'] ];
-  }
-
-
-  x509::key {
-    'leap_ca_daemon':
-      content => $x509['ca_key'];
-      #notify  => Service['leap_ca_daemon']; <== no service yet for leap_ca_daemon
-  }
-
-  x509::cert {
-    'leap_ca_daemon':
-      content => $x509['ca_cert'];
-      #notify  => Service['leap_ca_daemon'];  <== no service yet for leap_ca_daemon
-  }
-
-  #
-  # Does CA need a server key/cert? I think not now.
-  #
-  # x509::key {
-  #   'server':
-  #     content => $x509['key'];
-  # }
-  #
-  # x509::cert {
-  #   'server':
-  #     content => $x509['cert'];
-  # }
-
-  # x509::ca {
-  #   'leap_ca_daemon':
-  #     content => $x509['ca_cert'];
-  # }
-
-
-  file { '/srv/leap_ca_daemon':
-    ensure  => directory,
-    owner   => 'leap_ca_daemon',
-    group   => 'leap_ca_daemon',
-    require => User['leap_ca_daemon'];
-  }
-
-  vcsrepo { '/srv/leap_ca_daemon':
-    ensure   => present,
-    revision => 'origin/master',
-    provider => git,
-    source   => 'git://code.leap.se/leap_ca',
-    owner    => 'leap_ca_daemon',
-    group    => 'leap_ca_daemon',
-    require  => [ User['leap_ca_daemon'], Group['leap_ca_daemon'] ],
-    notify   => Exec['bundler_update']
-  }
-
-  exec { 'bundler_update':
-    cwd     => '/srv/leap_ca_daemon',
-    command => '/bin/bash -c "/usr/bin/bundle check || /usr/bin/bundle install"',
-    unless  => '/usr/bin/bundle check',
-    timeout => 600,
-    require => [ Class['bundler::install'], Vcsrepo['/srv/leap_ca_daemon'] ];
-  }
-
-  file { '/usr/local/bin/leap_ca_daemon':
-    ensure => link,
-    target => '/srv/leap_ca_daemon/bin/leap_ca_daemon',
-  }
-
-  file { '/etc/cron.hourly/leap_ca':
-    ensure  => present,
-    content => "#/bin/sh\n/srv/leap_ca_daemon/bin/leap_ca_daemon --run-once > /dev/null",
-    owner   => 'root',
-    group   => 0,
-    mode    => '0755',
-  }
-
-
-}
diff --git a/puppet/modules/site_ca_daemon/templates/leap_ca.yaml.erb b/puppet/modules/site_ca_daemon/templates/leap_ca.yaml.erb
deleted file mode 100644
index e0b95278..00000000
--- a/puppet/modules/site_ca_daemon/templates/leap_ca.yaml.erb
+++ /dev/null
@@ -1,31 +0,0 @@
-#
-# Default configuration options for LEAP Certificate Authority Daemon
-#
-
-#
-# Certificate Authority
-#
-ca_key_path: "/etc/x509/keys/leap_ca_daemon.key"
-ca_key_password: nil
-ca_cert_path: "/etc/x509/certs/leap_ca_daemon.crt"
-
-#
-# Certificate pool
-#
-max_pool_size: 100
-client_cert_lifespan: 2
-client_cert_bit_size: 2024
-client_cert_hash: "SHA256"
-
-#
-# Database
-#
-db_name: "client_certificates"
-couch_connection:
-  protocol: "https"
-  host: <%= couchdb_host %>
-  port: 6984 
-  username: <%= couchdb_user %>
-  password: <%= couchdb_password %>
-  prefix: ""
-  suffix: ""