blob: ed7811d7cdda92430fa65ea3542fd87fa0e6c3f4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
define sunet::ici_ca($pkcs11_module="/usr/lib/softhsm/libsofthsm.so",
$pkcs11_pin=undef,
$pkcs11_key_slot="0",
$pkcs11_key_id="abcd",
$autosign_dir=undef,
$autosign_type="peer",
$public_repo_url=undef,
$public_repo_dir=undef)
{
apt::ppa {'ppa:leifj/ici': } ->
package { 'ici': ensure => latest } ->
exec { '${name}_setup_ca':
command => "/usr/bin/ici ${name} init",
creates => "/var/lib/ici/${name}"
} ->
file { '${name}_ca_config':
path => "/var/lib/ici/${name}/ca.config",
content => template("sunet/ici_ca/ca.config.erb")
} ->
if ($public_repo_dir && $public_repo_url) {
cron {'ici_publish':
command => "test -f /var/lib/ici/${name}/ca.crt && /usr/bin/ici ${name} publish ${public_repo}"
user => "root",
minut => "*/5"
}
}
}
define sunet::ici_ca::autosign($autosign_dir=undef,
$autosign_type="peer")
{
cron {'ici_autosign_${name}':
command => "test -f /var/lib/ici/${name}/ca.crt && /usr/bin/ici ${name} issue -t ${autosign_type} ${autosign_dir}"
user => "root",
minut => "*/5"
}
}
|
