diff options
Diffstat (limited to 'manifests/config.pp')
-rw-r--r-- | manifests/config.pp | 63 |
1 files changed, 41 insertions, 22 deletions
diff --git a/manifests/config.pp b/manifests/config.pp index 7b23a3e..8c52db7 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -1,35 +1,55 @@ #Installs configuration files for the trocla agent/CLI # #Options -# [*adapter*] Defines the adapter type to use for trocla agent. -# By default it's YAML -# [*adapter_options*] This will contain a hash of the adapter options to pass the -# trocla configuration. -# [*encryption*] Defines the encryption method for password stored in the backend. -# By default no encryption is used. -# [*ssl_options*] This will contain a hash of the ssl options to pass the -# trocla configuration. -# [*password_length*] Define the length of default passwords to create. 16 by default -# [*random_passwords*] Should trocla generate random passwords -# if none can be found. *true* by default. -# [*manage_dependencies*] Whether to manage the dependencies or not. Default *true* +# [*options*] Options for trocla. Default: empty hash. +# [*profiles*] Profiles for trocla. Default: empty hash. +# [*x509_profile_domain_constraint*] +# A profile for x509 name constraint that matches +# the own domain by default. +# This will add a profile for x509 certs with the +# option 'name_constraints' set to this array of +# domains. +# [*store*] Defines the store to be used for trocla. By default +# it's not set, meaning trocla's default (moneta) will +# be used. +# [*store_options*] This will contain a hash of the options to pass the +# trocla store configuration. +# [*encryption*] Defines the encryption method for password stored in +# the backend. By default it's not set, meaning trocla's +# default (none) will be used. +# [*encryption_options*] This will contain a hash of the options for the +# encryption. Default: empty Hash +# [*manage_dependencies*] Whether to manage the dependencies or not. +# Default *true* class trocla::config ( - $adapter = 'YAML', - $password_length = 16, - $random_passwords = true, - $adapter_options = {}, - $encryption = undef, - $ssl_options = {}, - $manage_dependencies = true, + $options = {}, + $profiles = {}, + $x509_profile_domain_constraints = [$::domain], + $store = undef, + $store_options = {}, + $encryption = undef, + $encryption_options = {}, + $manage_dependencies = true, ) { + include ::trocla::params if $manage_dependencies { - require trocla::master + require ::trocla::master + } + + if empty($x509_profile_domain_constraints) { + $merged_profiles = $profiles + } else { + $default_profiles = { + "${trocla::params::sysdomain_profile_name}" => { + name_constraints => $x509_profile_domain_constraints + } + } + $merged_profiles = merge($default_profiles,$profiles) } # Deploy default config file and link it for trocla cli lookup file{ "${settings::confdir}/troclarc.yaml": - ensure => present, content => template('trocla/troclarc.yaml.erb'), owner => root, group => puppet, @@ -38,5 +58,4 @@ class trocla::config ( ensure => link, target => "${settings::confdir}/troclarc.yaml"; } - } |