From c45e3f01141f9740030fa1d5670e7037c86c4b5e Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 22 Nov 2012 15:44:48 -0500 Subject: add more flexible source/content options this makes it so you can do one of a few things: 1. pass no $content, or $source and the default will be taken (search path checking first for site_x509/{CAs,keys,certs}/$::fqdn/${name}.crt, secondly for site_x509/{CAs,keys,certs}/${name}.crt 2. pass $content, allowing you to specify templates etc. 3. pass $source, allowing you to specify any source you wish --- manifests/ca.pp | 23 +++++++++++++++++++++-- manifests/cert.pp | 28 ++++++++++++++++++++++++---- manifests/key.pp | 24 ++++++++++++++++++++++-- 3 files changed, 67 insertions(+), 8 deletions(-) (limited to 'manifests') diff --git a/manifests/ca.pp b/manifests/ca.pp index dc862d3..ceb9ce4 100644 --- a/manifests/ca.pp +++ b/manifests/ca.pp @@ -1,5 +1,6 @@ define x509::ca ( - $source = "puppet:///modules/site_x509/files/CAs/${name}.crt" + $content = 'absent', + $source = 'absent' ) { include x509::variables include x509::base @@ -8,8 +9,26 @@ define x509::ca ( ensure => file, mode => '0444', group => 'ssl-cert', - source => $source, require => [ Package['openssl'], Package['ca-certificates'] ], notify => Exec['update-ca-certificates'], } + case $content { + 'absent': { + $real_source = $source ? { + 'absent' => [ + "puppet:///modules/site_x509/CAs/${::fqdn}/${name}.crt", + "puppet:///modules/site_x509/CAs/${name}.crt" + ], + default => "puppet:///$source", + } + File["${x509::variables::local_CAs}/${name}.crt"] { + source => $real_source + } + } + default: { + File["${x509::variables::local_CAs}/${name}.crt"] { + source => $content + } + } + } } diff --git a/manifests/cert.pp b/manifests/cert.pp index ceeb085..da2b253 100644 --- a/manifests/cert.pp +++ b/manifests/cert.pp @@ -1,14 +1,34 @@ define x509::cert ( - $source = "puppet:///modules/site_x509/files/certs/${name}.crt", + $content = 'absent', + $source = 'absent' ) { include x509::variables include x509::base - file { "${x509::variables::certs}/${name}.crt" : + file { "${x509::variables::certs}/${name}.crt": ensure => file, mode => '0444', group => 'ssl-cert', - source => $source, - require => Package['openssl'], + require => Package['openssl'] + } + + case $content { + 'absent': { + $real_source = $source ? { + 'absent' => [ + "puppet:///modules/site_x509/certs/${::fqdn}/${name}.crt", + "puppet:///modules/site_x509/certs/${name}.crt" + ], + default => "puppet:///$source", + } + File["${x509::variables::certs}/${name}.crt"] { + source => $real_source + } + } + default: { + File["${x509::variables::certs}/${name}.crt"] { + source => $content + } + } } } diff --git a/manifests/key.pp b/manifests/key.pp index f083a02..999b767 100644 --- a/manifests/key.pp +++ b/manifests/key.pp @@ -1,5 +1,6 @@ define x509::key ( - $source = "puppet:///modules/site_x509/files/keys/${name}.key" + $content = 'absent', + $source = 'absent' ) { include x509::variables include x509::base @@ -8,7 +9,26 @@ define x509::key ( ensure => file, mode => '0600', group => 'ssl-cert', - source => $source, require => Package['openssl'] } + + case $content { + 'absent': { + $real_source = $source ? { + 'absent' => [ + "puppet:///modules/site_x509/keys/${::fqdn}/${name}.key", + "puppet:///modules/site_x509/keys/${name}.key" + ], + default => "puppet:///$source", + } + File["${x509::variables::keys}/${name}.key"] { + source => $real_source + } + } + default: { + File["${x509::variables::keys}/${name}.key"] { + source => $content + } + } + } } -- cgit v1.2.3