1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
class soledad::server {
tag 'leap_service'
include soledad
include site_apt::preferences::twisted
$couchdb = hiera('soledad')
$couchdb_host = 'localhost'
$couchdb_port = '5984'
$couchdb_user = $couchdb['couchdb_admin_user']['username']
$couchdb_password = $couchdb['couchdb_admin_user']['password']
include site_config::x509::cert_key
include site_config::x509::ca
$x509 = hiera('x509')
$x509_key = $x509['key']
$x509_cert = $x509['cert']
$x509_ca = $x509['ca_cert']
$soledad = hiera('soledad')
$soledad_port = $soledad['port']
x509::key { 'soledad':
content => $x509_key,
notify => Service['soledad-server'];
}
x509::cert { 'soledad':
content => $x509_cert,
notify => Service['soledad-server'];
}
x509::ca { 'soledad':
content => $x509_ca,
notify => Service['soledad-server'];
}
#
# SOLEDAD CONFIG
#
file { '/etc/leap/soledad-server.conf':
content => template('soledad/soledad-server.conf.erb'),
owner => 'soledad',
group => 'soledad',
mode => '0600',
notify => Service['soledad-server'],
require => Class['soledad'];
}
package { 'soledad-server':
ensure => latest,
require => [ Class['site_apt::preferences::twisted'],
Class['site_apt::leap_repo'] ];
}
file { '/etc/default/soledad':
content => template('soledad/default-soledad.erb'),
owner => 'soledad',
group => 'soledad',
mode => '0600',
notify => Service['soledad-server'],
require => Class['soledad'];
}
service { 'soledad-server':
ensure => running,
enable => true,
hasstatus => true,
hasrestart => true,
require => [ Class['soledad'], Package['soledad-server'] ];
}
include site_shorewall::soledad
}
|