Puppet Class: ca_trust::params

Inherited by:
ca_trust
Defined in:
manifests/params.pp

Overview

Default parameters for ca_trust system.



4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
 
# File 'manifests/params.pp', line 4

class ca_trust::params {

  $package_name = 'ca-certificates'
  $path_separator = '/'   # Might need to adjust if Windows support is added.

  case $::facts['os']['family'] {
    'RedHat':  {

      if $::facts['os']['name'] == 'Fedora' {
        if versioncmp('27', $::facts['os']['release']['major']) > 0 {
          fail('Fedora <= 25 is not supported by this module.')
        }
      } else {
        if versioncmp('6', $::facts['os']['release']['major']) > 0 {
          fail("${::facts['os']['name']} <= 6 is not supported by this module.")
        }
        # Add deprication warning for CentOS 6.x EOL
        if $::facts['os']['release']['major'] == '6' {
          warning(
            [
              'Deprication:  CentOS 6 will reach end of life in November, 2020.',
              'This module will no longer test for CentOS 6 support.'
            ].join('  ')
          )
        }
      }

      $trust_dir = '/usr/share/pki/ca-trust-source'
      $anchor_dir = "${trust_dir}/anchors"
      $update_cmd = $::facts['os']['release']['major'] ? {
        '6'     => 'update-ca-trust extract',
        default => 'update-ca-trust'
      }

      $reset_cmd = "yum check-update ${package_name}; test $? -eq 100 && yum update -y ${package_name} || yum reinstall -y ${package_name}"
      $cert_suffix = 'pem'
    }
    'Debian': {
      if $::facts['os']['name'] == 'Ubuntu' {
        if versioncmp('16', $::facts['os']['release']['major']) > 0 {
          fail("${::facts['os']['name']} <= 16 is not supported by this module.")
        }
      } else {
        if versioncmp('8', $::facts['os']['release']['major']) > 0 {
          fail("${::facts['os']['name']} <= 8 is not supported by this module.")
        }

        # Add deprication warning for Debian 8 EOL
        if $::facts['os']['release']['major'] == '8' {
          warning(
            [
              'Deprication: Debian 8 will reach end of long term support in July, 2020.',
              'This module will no longer test for Debian 8 support.'
            ].join('  ')
          )
        }
      }
      $trust_dir = '/usr/local/share/ca-certificates'
      $anchor_dir = $trust_dir
      $update_cmd = '/usr/sbin/update-ca-certificates'
      $reset_cmd = '/usr/sbin/update-ca-certificates --fresh'
      $cert_suffix = 'crt'
    }
    default: {
      fail("This module is unsupported on ${::os['family']}")
    }
  }
}