puppet/modules/site_webapp/manifests/client_ca.pp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

##
## This is for the special CA that is used exclusively for generating
## client certificates by the webapp.
##

class site_webapp::client_ca {
  include x509::variables

  $x509 = hiera('x509')
  $cert_path = "${x509::variables::certs}/leap_client_ca.crt"
  $key_path = "${x509::variables::keys}/leap_client_ca.key"

  x509::key {
    'leap_client_ca':
      source => $x509['client_ca_key'],
      group  => 'leap-webapp',
      notify  => Service[apache];
  }

  x509::cert {
    'leap_client_ca':
      source => $x509['client_ca_cert'],
      notify  => Service[apache];
  }
}