Puppet Class: etcd::ssl

Defined in:
modules/etcd/manifests/ssl.pp

Overview

Class etcd::ssl

Copies the relevant certificates from the puppet/ssl directory to where they can used for etcd.

Parameters

puppet_cert_name

The name on the puppet certificate.

Parameters:

  • puppet_cert_name (Any) (defaults to: $::fqdn)


11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
# File 'modules/etcd/manifests/ssl.pp', line 11

class etcd::ssl(
    $puppet_cert_name = $::fqdn,
    ) {

    $ssldir = puppet_ssldir()
    $basedir = '/var/lib/etcd/ssl'
    $pubdir = "${basedir}/certs"

    file { [$basedir, $pubdir]:
        ensure  => directory,
        owner   => 'etcd',
        group   => 'etcd',
        mode    => '0500',
        require => Package['etcd'],
    }

    file { '/var/lib/etcd/ssl/certs/cert.pem':
        ensure => present,
        owner  => 'etcd',
        group  => 'etcd',
        mode   => '0400',
        source => "${ssldir}/certs/${puppet_cert_name}.pem",
    }

    file { '/var/lib/etcd/ssl/private_keys':
        ensure => directory,
        owner  => 'etcd',
        group  => 'etcd',
        mode   => '0500',
    }

    file { '/var/lib/etcd/ssl/private_keys/server.key':
        ensure => present,
        owner  => 'etcd',
        group  => 'etcd',
        mode   => '0400',
        source => "${ssldir}/private_keys/${puppet_cert_name}.pem",
    }
}