diff options
Diffstat (limited to 'manifests/ssl')
-rw-r--r-- | manifests/ssl/deploy_cert.pp | 14 | ||||
-rw-r--r-- | manifests/ssl/generate_cert.pp | 12 |
2 files changed, 13 insertions, 13 deletions
diff --git a/manifests/ssl/deploy_cert.pp b/manifests/ssl/deploy_cert.pp index 4e9c158..d3e743f 100644 --- a/manifests/ssl/deploy_cert.pp +++ b/manifests/ssl/deploy_cert.pp @@ -1,15 +1,17 @@ define couchdb::ssl::deploy_cert ($cert, $key) { -include couchdb::params + + include couchdb::params + file { 'couchdb_cert_directory': - path => "$couchdb::params::cert_path", ensure => 'directory', + path => $couchdb::params::cert_path, mode => '0600', owner => 'couchdb', group => 'couchdb'; } - file { 'couchdb_cert"': - path => "$couchdb::params::cert_path/server_cert.pem", + file { 'couchdb_cert': + path => "${couchdb::params::cert_path}/server_cert.pem", mode => '0644', owner => 'couchdb', group => 'couchdb', @@ -17,12 +19,10 @@ include couchdb::params } file { 'couchdb_key': - path => "$couchdb::params::cert_path/server_key.pem", + path => "${couchdb::params::cert_path}/server_key.pem", mode => '0600', owner => 'couchdb', group => 'couchdb', content => $key } - - } diff --git a/manifests/ssl/generate_cert.pp b/manifests/ssl/generate_cert.pp index dae091c..3d500ac 100644 --- a/manifests/ssl/generate_cert.pp +++ b/manifests/ssl/generate_cert.pp @@ -6,21 +6,21 @@ class couchdb::ssl::generate_cert { file { $couchdb::cert_path: ensure => 'directory', - mode => '0600', - owner => 'couchdb', - group => 'couchdb'; + mode => '0600', + owner => 'couchdb', + group => 'couchdb'; } - + exec { 'generate-certs': command => "/usr/bin/openssl req -new -inform PEM -x509 -nodes -days 150 -subj \ '/C=ZZ/ST=AutoSign/O=AutoSign/localityName=AutoSign/commonName=${::hostname}/organizationalUnitName=AutoSign/emailAddress=AutoSign/' \ -newkey rsa:2048 -out ${couchdb::cert_path}/couchdb_cert.pem -keyout ${couchdb::cert_path}/couchdb_key.pem", - unless => "/usr/bin/test -f ${couchdb::cert_path}/couchdb_cert.pem && + unless => "/usr/bin/test -f ${couchdb::cert_path}/couchdb_cert.pem && /usr/bin/test -f ${couchdb::params::cert_path}/couchdb_key.pem", require => [ File[$couchdb::params::cert_path], Exec['make-install'] ], - notify => Service['couchdb'], + notify => Service['couchdb'], } } |