update module to make it work with all the new features of trocla 0.2.2

7 files changed, 81 insertions, 53 deletions

diff --git a/manifests/ca/params.pp b/manifests/ca/params.pp
new file mode 100644
index 0000000..bb61248
--- /dev/null
+++ b/manifests/ca/params.pp
@@ -0,0 +1,11 @@
+# input for a ca from trocla, so that you need only
+#
+# trocla('some_ca','x509',$trocla::ca::params::ca_options)
+class trocla::ca::params(
+  $trocla_options = {
+    'profiles' => ['sysdomain_nc','x509long'],
+    'CN'       => "automated-ca ${name} for ${::domain}",
+  },
+) {
+  $ca_options = merge($trocla_options,{ become_ca => true, render => { certonly => true }})
+}
diff --git a/manifests/config.pp b/manifests/config.pp
index 7b23a3e..8c52db7 100644
--- a/manifests/config.pp
+++ b/manifests/config.pp
@@ -1,35 +1,55 @@
 #Installs configuration files for the trocla agent/CLI
 #
 #Options
-# [*adapter*]            Defines the adapter type to use for trocla agent.
-#                        By default it's YAML
-# [*adapter_options*]    This will contain a hash of the adapter options to pass the
-#                        trocla configuration.
-# [*encryption*]         Defines the encryption method for password stored in the backend.
-#                        By default no encryption is used.
-# [*ssl_options*]        This will contain a hash of the ssl options to pass the
-#                        trocla configuration.
-# [*password_length*]    Define the length of default passwords to create. 16 by default
-# [*random_passwords*]   Should trocla generate random passwords
-#                        if none can be found. *true* by default.
-# [*manage_dependencies*] Whether to manage the dependencies or not. Default *true*
+# [*options*]             Options for trocla. Default: empty hash.
+# [*profiles*]            Profiles for trocla. Default: empty hash.
+# [*x509_profile_domain_constraint*]
+#                         A profile for x509 name constraint that matches
+#                         the own domain by default.
+#                         This will add a profile for x509 certs with the
+#                         option 'name_constraints' set to this array of
+#                         domains.
+# [*store*]               Defines the store to be used for trocla. By default
+#                         it's not set, meaning trocla's default (moneta) will
+#                         be used.
+# [*store_options*]       This will contain a hash of the options to pass the
+#                         trocla store configuration.
+# [*encryption*]          Defines the encryption method for password stored in
+#                         the backend. By default it's not set, meaning trocla's
+#                         default (none) will be used.
+# [*encryption_options*]  This will contain a hash of the options for the
+#                         encryption. Default: empty Hash
+# [*manage_dependencies*] Whether to manage the dependencies or not.
+#                         Default *true*
 class trocla::config (
-  $adapter            = 'YAML',
-  $password_length      = 16,
-  $random_passwords     = true,
-  $adapter_options      = {},
-  $encryption           = undef,
-  $ssl_options          = {},
-  $manage_dependencies  = true,
+  $options                         = {},
+  $profiles                        = {},
+  $x509_profile_domain_constraints = [$::domain],
+  $store                           = undef,
+  $store_options                   = {},
+  $encryption                      = undef,
+  $encryption_options              = {},
+  $manage_dependencies             = true,
 ) {
+  include ::trocla::params
   if $manage_dependencies {
-    require trocla::master
+    require ::trocla::master
+  }
+
+  if empty($x509_profile_domain_constraints) {
+    $merged_profiles = $profiles
+  } else {
+    $default_profiles = {
+      "${trocla::params::sysdomain_profile_name}" => {
+        name_constraints => $x509_profile_domain_constraints
+      }
+    }
+    $merged_profiles = merge($default_profiles,$profiles)
   }
 
   # Deploy default config file and link it for trocla cli lookup
   file{
     "${settings::confdir}/troclarc.yaml":
-      ensure  => present,
       content => template('trocla/troclarc.yaml.erb'),
       owner   => root,
       group   => puppet,
@@ -38,5 +58,4 @@ class trocla::config (
       ensure => link,
       target => "${settings::confdir}/troclarc.yaml";
   }
-
 }
diff --git a/manifests/master.pp b/manifests/master.pp
index ad47914..43e203d 100644
--- a/manifests/master.pp
+++ b/manifests/master.pp
@@ -3,15 +3,18 @@
 # This module manages the necessary things for trocla on a master.
 #
 class trocla::master (
-  $provider     = gem,
+  $provider = 'default',
 ) {
-  #Main trocla install
   package {'trocla':
-    ensure   => present,
-    provider => $provider,
+    ensure   => 'installed',
   }
 
-  if $provider != 'gem' {
+  if $provider != 'default' {
+    Package['trocla']{
+      provider => $provider,
+    }
+  }
+  if $provider != 'gem' and $::osfamily == 'RedHat' {
     Package['trocla']{
       name => 'rubygem-trocla'
     }
diff --git a/manifests/master/hiera.pp b/manifests/master/hiera.pp
new file mode 100644
index 0000000..75b8bb3
--- /dev/null
+++ b/manifests/master/hiera.pp
@@ -0,0 +1,6 @@
+# manage trocla/hiera integration
+class trocla::master::hiera {
+  package{'rubygem-hiera-backend-trocla':
+    ensure => present,
+  }
+}
diff --git a/manifests/master/ree.pp b/manifests/master/ree.pp
deleted file mode 100644
index bf2c400..0000000
--- a/manifests/master/ree.pp
+++ /dev/null
@@ -1,13 +0,0 @@
-# Class: trocla::master::ree
-#
-# This module manages the necessary things for trocla on a master for
-# RubyEnterprise installation.
-#
-# [Remember: No empty lines between comments and class definition]
-class trocla::master::ree {
-
-  require ruby_enterprise::gems::moneta
-  require ruby_enterprise::gems::highline
-
-  ruby_enterprise::gem{'trocla': }
-}
diff --git a/manifests/params.pp b/manifests/params.pp
new file mode 100644
index 0000000..f99aa2a
--- /dev/null
+++ b/manifests/params.pp
@@ -0,0 +1,6 @@
+# a set of default params for various trocla usages
+class trocla::params(
+  $sysdomain_profile_name = 'sysdomain_nc'
+){
+
+}
diff --git a/manifests/yaml.pp b/manifests/yaml.pp
index dc20c2e..8ac0071 100644
--- a/manifests/yaml.pp
+++ b/manifests/yaml.pp
@@ -2,24 +2,20 @@
 # This will install and configure trocla with the
 # default yaml storage.
 #
-# [*password_length*]  The default length of new passwords: 16
-# [*random_passwords*] Whether trocla should generate random
-#                      passwords or not. Default: true
 # [*data_file*]        Where to store the passwords.
-#                      Default: {$settings::server_datadir}/trocla_data.yaml"
-#                      This will likely be: /var/lib/puppet/server_data/trocla_data.yaml
+#                      Default: /var/lib/trocla/trocla_data.yaml
+#                      This should be managed using the package.
 class trocla::yaml(
-  $password_length  = 16,
-  $random_passwords = true,
-  $data_file        = "${settings::server_datadir}/trocla_data.yaml",
+  $data_file = '/var/lib/trocla/trocla_data.yaml',
 ) {
 
   class{'trocla::config':
-    password_length   => $password_length,
-    random_passwords  => $random_passwords,
-    adapter           => 'YAML',
-    adapter_options   => {
-      file => $data_file,
+    store         => 'moneta',
+    store_options => {
+      adapter         => 'YAML',
+      adapter_options => {
+        file => $data_file,
+      },
     },
   }