Puppet Class: hiera::eyaml

Defined in:
manifests/eyaml.pp

Summary

This class installs and configures hiera-eyaml

Overview

Copyright © 2014 Terri Haber, unless otherwise noted.

Author:

  • Terri Haber <terri@puppetlabs.com>



13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
 
# File 'manifests/eyaml.pp', line 13

class hiera::eyaml {
  $eyaml_name    = $hiera::eyaml_name
  $provider      = $hiera::provider
  $eyaml_version = $hiera::eyaml_version
  $eyaml_source  = $hiera::_eyaml_source

  $owner         = $hiera::eyaml_owner
  $group         = $hiera::eyaml_group
  $cmdpath       = $hiera::cmdpath
  $confdir       = $hiera::confdir
  $create_keys   = $hiera::create_keys
  $_keysdir      = $hiera::_keysdir

  $manage_package = $hiera::manage_eyaml_package

  if $manage_package {
    hiera::install { 'eyaml':
      gem_name    => $eyaml_name,
      provider    => $provider,
      gem_version => $eyaml_version,
      gem_source  => $eyaml_source,
    }
    if $create_keys {
      Hiera::Install['eyaml'] {
        before => Exec['createkeys'],
      }
    }
  }

  File {
    owner => $owner,
    group => $group,
  }

  file { $_keysdir:
    ensure => directory,
  }

  $keysdir = dirname($_keysdir)

  if $create_keys {
    $privkey = $hiera::_eyaml_pkcs7_private_key
    $pubkey = $hiera::_eyaml_pkcs7_public_key

    exec { 'createkeys':
      user    => $owner,
      command => [
        'eyaml',
        'createkeys',
        "--pkcs7-private-key=${privkey}",
        "--pkcs7-public-key=${pubkey}",
      ],
      path    => $cmdpath,
      creates => $privkey,
    }

    file { $privkey:
      ensure  => file,
      mode    => '0600',
      require => Exec['createkeys'],
    }

    file { $pubkey:
      ensure  => file,
      mode    => '0644',
      require => Exec['createkeys'],
    }

    file { '/etc/eyaml':
      ensure => directory,
      owner  => 'root',
      group  => 'root',
      mode   => '0755',
    }

    file { '/etc/eyaml/config.yaml':
      ensure  => file,
      owner   => 'root',
      group   => 'root',
      mode    => '0644',
      # https://github.com/voxpupuli/puppet-lint-strict_indent-check/issues/20
      # lint:ignore:strict_indent
      content => @("CONF"),
        ---
        # This file is managed by puppet.
        pkcs7_private_key: ${privkey}
        pkcs7_public_key: ${pubkey}
        | CONF
      # lint:endignore
    }
  }
}