Puppet Class: secrets

Defined in:
manifests/init.pp

Summary

Manage secrets on a given host

Overview

This class will fetch secrets from the puppet server that follow a specific layout.

Examples:

class {'secrets':
  install => { '/etc/krb5.keytab' => {
                    'owner' => 'root',
                    'group' => 'root',
                    'mode'  => '0400',
                    'mandatory'  => 'true',
                    'secretbase' => '/my/secrets/repo/on/server',
                    'posix_acl'  => { 'action'     => 'set',
                                    'permission' => ['group:wheel:r--', ],},
                    'selrange'   => 's0',
                    'seluser'    => 'system_u',
                    'selrole'    => 'object_r',
                    'seltype'    => 'krb5_keytab_t',  },
             }
}

Parameters:

  • install (Hash)

    Secrets to install on the system

  • defaults (Hash)

    Passed as a list of defaults to the installed secrets



27
28
29
30
31
32
 
# File 'manifests/init.pp', line 27

class secrets (
  Hash $install,
  Hash $defaults
) {
  create_resources('secrets::load', $secrets::install, $secrets::defaults)
}