1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
#Installs configuration files for the trocla agent/CLI
#
#Options
# [*options*] Options for trocla. Default: empty hash.
# [*profiles*] Profiles for trocla. Default: empty hash.
# [*x509_profile_domain_constraint*]
# A profile for x509 name constraint that matches
# the own domain by default.
# This will add a profile for x509 certs with the
# option 'name_constraints' set to this array of
# domains.
# [*store*] Defines the store to be used for trocla. By default
# it's not set, meaning trocla's default (moneta) will
# be used.
# [*store_options*] This will contain a hash of the options to pass the
# trocla store configuration.
# [*encryption*] Defines the encryption method for password stored in
# the backend. By default it's not set, meaning trocla's
# default (none) will be used.
# [*encryption_options*] This will contain a hash of the options for the
# encryption. Default: empty Hash
# [*manage_dependencies*] Whether to manage the dependencies or not.
# Default *true*
class trocla::config (
$options = {},
$profiles = {},
$x509_profile_domain_constraints = [$::domain],
$store = undef,
$store_options = {},
$encryption = undef,
$encryption_options = {},
$manage_dependencies = true,
) {
include ::trocla::params
if $manage_dependencies {
require ::trocla::master
}
if empty($x509_profile_domain_constraints) {
$merged_profiles = $profiles
} else {
$default_profiles = {
"${trocla::params::sysdomain_profile_name}" => {
name_constraints => $x509_profile_domain_constraints
}
}
$merged_profiles = merge($default_profiles,$profiles)
}
# Deploy default config file and link it for trocla cli lookup
file{
"${settings::confdir}/troclarc.yaml":
content => template('trocla/troclarc.yaml.erb'),
owner => root,
group => puppet,
mode => '0640';
'/etc/troclarc.yaml':
ensure => link,
target => "${settings::confdir}/troclarc.yaml";
}
}
|