Puppet Class: ca_trust
- Inherits:
- ca_trust::params
- Defined in:
- manifests/init.pp
Overview
Configures, and optionally installs, the ca-trust system.
18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 |
# File 'manifests/init.pp', line 18
class ca_trust (
Stdlib::Absolutepath $trust_dir = $::ca_trust::params::trust_dir,
Stdlib::Absolutepath $anchor_dir = $::ca_trust::params::anchor_dir,
String $update_cmd = $::ca_trust::params::update_cmd,
String $reset_cmd = $::ca_trust::params::reset_cmd,
String[1] $package_name = $::ca_trust::params::package_name,
String[1] $cert_suffix = $::ca_trust::params::cert_suffix,
Boolean $manage_pkg = true,
String $package_version = 'present',
Ca_trust::Resource::Anchors $anchors = {}
) inherits ca_trust::params {
$refresh_name = 'Update CA Trust Bundles'
$reset_name = 'Reset CA Trust Bundles'
contain ca_trust::install
include ca_trust::pem::anchors
##
# The update commands can be shell scripts. On Debian, the
# shell script doesn't export it's own PATH, so it relies on
# whatever PATH the invoker has declared. Since this script
# doesn't use absolute paths internally, it needs a full
# login-style PATH declared.
# In other words, even if command is an absolute path, the PATH
# variable still needs to be declared, or the command will fail.
##
$cmd_path = [
'/bin', '/usr/bin', '/sbin', '/usr/bin', '/usr/local/bin'
]
exec { $refresh_name:
path => $cmd_path,
command => $update_cmd,
refreshonly => true,
}
exec { $reset_name:
path => $cmd_path,
command => $reset_cmd,
provider => 'shell',
refreshonly => true,
notify => [Exec[$refresh_name]],
}
Class['::ca_trust::install']
-> Class['::ca_trust::pem::anchors']
if $anchors.length > 0 {
create_resources(ca_trust::pem::anchor, $anchors)
}
}
|