From ac74640c5f4a65f8f117deeaed8d1cd29a22bc3c Mon Sep 17 00:00:00 2001 From: elijah Date: Wed, 14 Nov 2012 23:49:56 -0800 Subject: added provider_base (latest leap_cli required) --- provider_base/services/ca.json | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 provider_base/services/ca.json (limited to 'provider_base/services/ca.json') diff --git a/provider_base/services/ca.json b/provider_base/services/ca.json new file mode 100644 index 00000000..68f970f7 --- /dev/null +++ b/provider_base/services/ca.json @@ -0,0 +1,6 @@ +{ + "service_type": "internal_service", + "x509": { + "use": true + } +} -- cgit v1.2.3 From 450c3ba29c0e8d3a3c8cf1946aa71160b3c48897 Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 7 Dec 2012 14:17:52 +0100 Subject: added couchdb hiera variables to services/ca.json --- provider_base/services/ca.json | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'provider_base/services/ca.json') diff --git a/provider_base/services/ca.json b/provider_base/services/ca.json index 68f970f7..f3758ab6 100644 --- a/provider_base/services/ca.json +++ b/provider_base/services/ca.json @@ -1,4 +1,8 @@ { + "ca": { + "couchdb_hosts": "= nodes[:services => :couchdb][:local => local].field('domain.name')", + "couchdb_user": "= global.services[:couchdb].couch.users[:ca_daemon]" + }, "service_type": "internal_service", "x509": { "use": true -- cgit v1.2.3 From 51f37d8132a44e25350db66b7156892980d3e4fa Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 7 Dec 2012 14:48:55 +0100 Subject: ca -> ca_daemon in site.pp and services/ca.json --- provider_base/services/ca.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'provider_base/services/ca.json') diff --git a/provider_base/services/ca.json b/provider_base/services/ca.json index f3758ab6..800c995d 100644 --- a/provider_base/services/ca.json +++ b/provider_base/services/ca.json @@ -1,5 +1,5 @@ { - "ca": { + "ca_daemon": { "couchdb_hosts": "= nodes[:services => :couchdb][:local => local].field('domain.name')", "couchdb_user": "= global.services[:couchdb].couch.users[:ca_daemon]" }, -- cgit v1.2.3 From 6af460dd3b2e686734df876eff9b621f2162da69 Mon Sep 17 00:00:00 2001 From: elijah Date: Fri, 7 Dec 2012 15:52:50 -0800 Subject: added hostname tracking and late evaluation. new key "hosts" added, for building /etc/hosts. also, now ssh.known_hosts only includes what is necessary. --- provider_base/services/ca.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'provider_base/services/ca.json') diff --git a/provider_base/services/ca.json b/provider_base/services/ca.json index 800c995d..a4ded72b 100644 --- a/provider_base/services/ca.json +++ b/provider_base/services/ca.json @@ -1,6 +1,6 @@ { "ca_daemon": { - "couchdb_hosts": "= nodes[:services => :couchdb][:local => local].field('domain.name')", + "couchdb_hosts": "= hostnames nodes[:services => :couchdb][:local => local]", "couchdb_user": "= global.services[:couchdb].couch.users[:ca_daemon]" }, "service_type": "internal_service", -- cgit v1.2.3 From cded90f839871cf6258d7dc28d3ce81cf7f9cf6c Mon Sep 17 00:00:00 2001 From: elijah Date: Tue, 18 Dec 2012 10:26:57 -0800 Subject: ca daemon -- ca daemon needs the x509 cert/key for the CA, not for the server. --- provider_base/services/ca.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'provider_base/services/ca.json') diff --git a/provider_base/services/ca.json b/provider_base/services/ca.json index a4ded72b..3fb8bf6c 100644 --- a/provider_base/services/ca.json +++ b/provider_base/services/ca.json @@ -5,6 +5,7 @@ }, "service_type": "internal_service", "x509": { - "use": true + "use": true, + "ca_key": "= file(:ca_key, :missing => 'CA key. Run `leap cert ca` to create the Certificate Authority.')" } } -- cgit v1.2.3