From e8f28cf269fe706ed556f84d6e03d6a574dfa26d Mon Sep 17 00:00:00 2001
From: varac <varacanero@zeromail.org>
Date: Mon, 10 Dec 2012 23:45:05 +0100
Subject: openvpn: use x509 module to deploy certs (fixes #1064)

---
 puppet/modules/site_openvpn/manifests/keys.pp | 26 +++++++++++++++-----------
 1 file changed, 15 insertions(+), 11 deletions(-)

(limited to 'puppet/modules/site_openvpn/manifests/keys.pp')

diff --git a/puppet/modules/site_openvpn/manifests/keys.pp b/puppet/modules/site_openvpn/manifests/keys.pp
index 12c1bd8f..4c43ec05 100644
--- a/puppet/modules/site_openvpn/manifests/keys.pp
+++ b/puppet/modules/site_openvpn/manifests/keys.pp
@@ -1,22 +1,26 @@
 class site_openvpn::keys {
 
-  file { '/etc/openvpn/keys/ca.crt':
-    content => $site_openvpn::x509_config['ca_cert'],
-    mode    => '0644',
+  x509::key {
+    'leap_openvpn':
+      content => $site_openvpn::x509_config['key'],
+      notify  => Service[openvpn];
   }
 
-  file { '/etc/openvpn/keys/dh.pem':
-    content => $site_openvpn::x509_config['dh'],
-    mode    => '0644',
+  x509::cert {
+    'leap_openvpn':
+      content => $site_openvpn::x509_config['cert'],
+      notify  => Service[openvpn];
   }
 
-  file { '/etc/openvpn/keys/server.key':
-    content => $site_openvpn::x509_config['key'],
-    mode    => '0600',
+  x509::ca {
+    'leap_openvpn':
+      content => $site_openvpn::x509_config['ca_cert'],
+      notify  => Service[openvpn];
   }
 
-  file { '/etc/openvpn/keys/server.crt':
-    content => $site_openvpn::x509_config['cert'],
+  file { '/etc/openvpn/keys/dh.pem':
+    content => $site_openvpn::x509_config['dh'],
     mode    => '0644',
   }
+
 }
-- 
cgit v1.2.3