Puppet Function: profile::postfix::acme_chief_cert
- Defined in:
- modules/profile/functions/postfix/acme_chief_cert.pp
- Function type:
- Puppet Language
Overview
SPDX-License-Identifier: Apache-2.0
Builds a TLS cert in the order of key + cert + chain, which is required by Postfix for smtpd_tls_chain_files. Returns a Concat resource of the file path to be created.
8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 |
# File 'modules/profile/functions/postfix/acme_chief_cert.pp', line 8
function profile::postfix::acme_chief_cert(
Stdlib::Host $acme_chief_host,
String[1] $cert,
String[1] $tls_key_type,
) >> Type[Concat] {
require acme_chief
$path = "/etc/ssl/private/${cert}.${tls_key_type}.crt"
$cert_rsc =
concat { $path:
path => $path,
show_diff => false,
backup => false,
mode => '0400',
}
$src_base = "${acme_chief_host}/acmedata/${cert}/live"
# lint:ignore:puppet_url_without_modules
concat::fragment { "${cert}-${tls_key_type}-private-key":
target => $path,
order => '01',
source => "puppet://${src_base}/${tls_key_type}.key",
}
concat::fragment { "${cert}-${tls_key_type}-public-key":
target => $path,
order => '02',
source => "puppet://${src_base}/${tls_key_type}.crt",
}
concat::fragment { "${cert}-${tls_key_type}-public-chain":
target => $path,
order => '03',
source => "puppet://${src_base}/${tls_key_type}.chain.crt",
}
# lint:endignore
$cert_rsc[0]
}
|