Page Menu
Home
Software Heritage
Search
Configure Global Search
Log In
Files
F9124143
domain.pp
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
3 KB
Subscribers
None
domain.pp
View Options
# == Define hitch::domain
#
# This define installs pem files to the config root, and configures
# them in the hitch config file
#
define
hitch
::
domain
(
$ensure
=
present
,
$cacert_content
=
undef
,
$cacert_source
=
undef
,
$cert_content
=
undef
,
$cert_source
=
undef
,
$dhparams_content
=
undef
,
$dhparams_source
=
undef
,
$key_content
=
undef
,
$key_source
=
undef
,
)
{
# Parameter validation
validate_re
(
$ensure,
[
'^present$'
,
'^absent$'
])
# Exactly one of $key_source and $key_content
if
(
$key_content
and
$key_source)
or
(
!
$key_content
and
!
$key_source)
{
fail
(
"Hitch::Domain[${title}]: Please provide key_source or key_domain"
)
}
if
$key_content
{
validate_re
(
$key_content,
'BEGIN PRIVATE KEY'
)
}
# Exactly one of $cert_content and $cert_source
if
(
$cert_content
and
$cert_source)
or
(
!
$cert_content
and
!
$cert_source)
{
fail
(
"Hitch::Domain[${title}]: Please provide cert_source or cert_domain"
)
}
if
$cert_content
{
validate_re
(
$cert_content,
'BEGIN CERTIFICATE'
)
}
# One or zero of $cacert_content or $cacert_source
if
(
$cacert_content
and
$cacert_source)
{
fail
(
"Hitch::Domain[${title}]: Please do not specify both cacert_source and cacert_domain"
)
}
if
$cacert_content
{
validate_re
(
$cacert_content,
'BEGIN CERTIFICATE'
)
}
# One of $dhparams_content or $dhparams_source, with fallback to
# $::hitch::dhparams_file
if
(
$dhparams_content
and
$dhparams_source)
{
fail
(
"Hitch::Domain[${title}]: Please do not specify both dhparams_source and dhparams_domain"
)
}
if
$dhparams_content
{
validate_re
(
$dhparams_content,
'BEGIN DH PARAMETERS'
)
}
include
::
hitch
include
::
hitch
::
config
$config_file
=
$::hitch::config_file
validate_absolute_path
(
$config_file)
$pem_file="${::hitch::config_root}/${title}.pem"
validate_absolute_path
(
$pem_file)
# Add a line to the hitch config file
concat
::
fragment
{
"hitch::domain ${title}"
:
target
=>
$config_file,
content
=>
"pem-file = \"
${pem_file}\"",
}
# Create the pem file, with (optional) ca certificate chain, a
# certificate, a key, and finally the dh parameters
concat
{
$pem_file:
ensure
=>
$ensure,
mode
=>
'0640'
,
owner
=>
$::hitch::file_owner,
group
=>
$::hitch::group,
}
if
(
$cacert_content
or
$cacert_source)
{
concat
::
fragment
{
"${title} cacert"
:
content
=>
$cacert_content,
source
=>
$cacert_source,
target
=>
$pem_file,
order
=>
'01'
,
}
}
concat
::
fragment
{
"${title} cert"
:
content
=>
$cert_content,
source
=>
$cert_source,
target
=>
$pem_file,
order
=>
'02'
,
}
concat
::
fragment
{
"${title} key"
:
content
=>
$key_content,
source
=>
$key_source,
target
=>
$pem_file,
order
=>
'03'
,
}
if
!
$dhparams_content
{
if
$dhparams_source
{
$_dhparams_source
=
$dhparams_source
}
else
{
$_dhparams_source
=
$::hitch::dhparams_file
File
[
$::hitch::dhparams_file]
->
Concat
::
Fragment
[
"${title} dhparams"
]
}
}
if
(
$dhparams_content
or
$_dhparams_source)
{
concat
::
fragment
{
"${title} dhparams"
:
content
=>
$dhparams_content,
source
=>
$_dhparams_source,
target
=>
$pem_file,
order
=>
'04'
,
}
}
}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Sat, Jun 21, 6:44 PM (2 w, 3 h ago)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3374675
Attached To
rSPHIT Hitch TLS proxy puppet module
Event Timeline
Log In to Comment