Puppet Class: rundeck::config::global::ssl

Defined in:
manifests/config/global/ssl.pp

Overview

Class rundeck::config::global::ssl

This private class is called from rundeck::config used to manage the ssl properties if ssl is enabled



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
 
# File 'manifests/config/global/ssl.pp', line 9

class rundeck::config::global::ssl {
  assert_private()

  $group               = $rundeck::config::group
  $key_password        = $rundeck::config::key_password
  $ssl_keyfile         = $rundeck::config::ssl_keyfile
  $ssl_certfile        = $rundeck::config::ssl_certfile
  $keystore            = $rundeck::config::keystore
  $keystore_password   = $rundeck::config::keystore_password
  $properties_dir      = $rundeck::config::properties_dir
  $service_name        = $rundeck::service_name
  $truststore          = $rundeck::config::truststore
  $truststore_password = $rundeck::config::truststore_password
  $user                = $rundeck::config::user

  $properties_file = "${properties_dir}/ssl/ssl.properties"

  ensure_resource('file', $properties_dir, {
      'ensure' => 'directory',
      'owner'  => $user,
      'group'  => $group
  })
  ensure_resource('file', "${properties_dir}/ssl", {
      'ensure'  => 'directory',
      'owner'   => $user,
      'group'   => $group,
      'require' => File[$properties_dir]
  })

  java_ks { "rundeck:${properties_dir}/ssl/keystore":
    ensure       => present,
    private_key  => $ssl_keyfile,
    certificate  => $ssl_certfile,
    password     => $keystore_password,
    destkeypass  => $key_password,
    trustcacerts => true,
  }
  -> java_ks { "rundeck:${properties_dir}/ssl/truststore":
    ensure       => present,
    private_key  => $ssl_keyfile,
    certificate  => $ssl_certfile,
    password     => $truststore_password,
    destkeypass  => $key_password,
    trustcacerts => true,
  }

  file { $properties_file:
    ensure  => file,
    owner   => $user,
    group   => $group,
    mode    => '0640',
    require => File[$properties_dir],
  }

  ini_setting { 'keystore':
    ensure  => present,
    path    => $properties_file,
    section => '',
    setting => 'keystore',
    value   => $keystore,
    require => File[$properties_file],
  }

  ini_setting { 'keystore.password':
    ensure  => present,
    path    => $properties_file,
    section => '',
    setting => 'keystore.password',
    value   => $keystore_password,
    require => File[$properties_file],
  }

  ini_setting { 'key.password':
    ensure  => present,
    path    => $properties_file,
    section => '',
    setting => 'key.password',
    value   => $key_password,
    require => File[$properties_file],
  }

  ini_setting { 'truststore':
    ensure  => present,
    path    => $properties_file,
    section => '',
    setting => 'truststore',
    value   => $truststore,
    require => File[$properties_file],
  }

  ini_setting { 'truststore.password':
    ensure  => present,
    path    => $properties_file,
    section => '',
    setting => 'truststore.password',
    value   => $truststore_password,
    require => File[$properties_file],
  }
}