Defined Type: sslcert::ocsp::conf

Defined in:
modules/sslcert/manifests/ocsp/conf.pp

Overview

Parameters:

  • ensure (Any) (defaults to: present)
  • certs (Any) (defaults to: [ $title ])
  • proxy (Any) (defaults to: undef)


26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
# File 'modules/sslcert/manifests/ocsp/conf.pp', line 26

define sslcert::ocsp::conf(
  $ensure=present,
  $certs=[ $title ],
  $proxy=undef,
) {
    require sslcert::ocsp::init

    validate_ensure($ensure)

    $output = "/var/cache/ocsp/${title}.ocsp"
    $config = "/etc/update-ocsp.d/${title}.conf"

    file { $config:
        ensure  => $ensure,
        owner   => 'root',
        group   => 'root',
        mode    => '0444',
        content => template('sslcert/update-ocsp.erb'),
        require => Sslcert::Certificate[$certs],
    }

    if $ensure == 'present' {
        # initial creation on the first puppet run
        exec { "${title}-create-ocsp":
            command => "/usr/local/sbin/update-ocsp --config ${config}",
            creates => $output,
            require => File[$config],
        }
    } else {
        file { $output:
            ensure => absent,
        }
    }
}