Puppet Class: puppet::puppetdb::https_config

Defined in:
manifests/puppetdb/https_config.pp

Summary

TLS setup for PuppetDB web service

Overview

Copies Puppet agent’s certificate PEM file, private key PEM file, and CA certificate PEM file to the PuppetDB web service SSL directory for HTTPS.

Examples:

include puppet::puppetdb::https_config


8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
 
# File 'manifests/puppetdb/https_config.pp', line 8

class puppet::puppetdb::https_config {
  include puppet::params
  include puppetdb::params

  $localcacert = assert_type(Stdlib::Unixpath, $puppet::params::localcacert)
  $hostcert    = assert_type(Stdlib::Unixpath, $puppet::params::hostcert)
  $hostprivkey = assert_type(Stdlib::Unixpath, $puppet::params::hostprivkey)

  $puppetdb_group   = assert_type(String, $puppetdb::params::puppetdb_group)
  $puppetdb_package = assert_type(String, $puppetdb::params::puppetdb_package)
  $puppetdb_service = assert_type(String, $puppetdb::params::puppetdb_service)

  $ssl_dir          = assert_type(Stdlib::Unixpath, $puppetdb::params::ssl_dir)
  $ssl_key_path     = assert_type(Stdlib::Unixpath, $puppetdb::params::ssl_key_path)
  $ssl_cert_path    = assert_type(Stdlib::Unixpath, $puppetdb::params::ssl_cert_path)
  $ssl_ca_cert_path = assert_type(Stdlib::Unixpath, $puppetdb::params::ssl_ca_cert_path)

  file {
    default:
      ensure  => file,
      owner   => 'root',
      group   => $puppetdb_group,
      mode    => '0640',
      require => Package[$puppetdb_package],
      notify  => Service[$puppetdb_service];
    $ssl_dir:
      ensure => directory,
      mode   => '0750';
    $ssl_key_path:
      source => $hostprivkey;
    $ssl_cert_path:
      source => $hostcert;
    $ssl_ca_cert_path:
      source => $localcacert;
  }
}