X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=modules%2Froles%2Fmanifests%2Fsip.pp;h=c283779c62aa6ef80f819a4a41a9c84df5068ca6;hb=bbed33e6434d39b8822883e55372b72904282657;hp=ed7aefca2b2559e2cd44d193ca41d694c032bdc5;hpb=04c1bb1dee3734b2f42035400a2165f31727d376;p=dsa-puppet.git

diff --git a/modules/roles/manifests/sip.pp b/modules/roles/manifests/sip.pp
index ed7aefca..c283779c 100644
--- a/modules/roles/manifests/sip.pp
+++ b/modules/roles/manifests/sip.pp
@@ -1,6 +1,43 @@
 class roles::sip {
+	include concat::setup
+
 	ssl::service { 'www.debian.org':
 	}
+
+	ssl::service { 'sip-ws.debian.org':
+	}
+
+	concat { '/etc/ssl/debian/certs/www.debian.org-chained.crt':
+		notify      => Exec['refresh_debian_hashes'],
+	}
+	concat::fragment { '/etc/ssl/debian/certs/www.debian.org.crt':
+		target      => '/etc/ssl/debian/certs/www.debian.org-chained.crt',
+		source      => 'file:///etc/ssl/debian/certs/www.debian.org.crt',
+		order       => 00,
+		require     => File['/etc/ssl/debian/certs/www.debian.org.crt'],
+	}
+	concat::fragment { '/etc/ssl/debian/certs/www.debian.org.crt-chain':
+		target      => '/etc/ssl/debian/certs/www.debian.org-chained.crt',
+		source      => 'file:///etc/ssl/debian/certs/www.debian.org.crt-chain',
+		order       => 99,
+		require     => File['/etc/ssl/debian/certs/www.debian.org.crt-chain'],
+	}
+
+	concat { '/etc/ssl/debian/certs/sip-ws.debian.org-chained.crt':
+	}
+	concat::fragment { '/etc/ssl/debian/certs/sip-ws.debian.org.crt':
+		target      => '/etc/ssl/debian/certs/sip-ws.debian.org-chained.crt',
+		source      => 'file:///etc/ssl/debian/certs/sip-ws.debian.org.crt',
+		order       => 00,
+		require     => File['/etc/ssl/debian/certs/sip-ws.debian.org.crt'],
+	}
+	concat::fragment { '/etc/ssl/debian/certs/sip-ws.debian.org.crt-chain':
+		target      => '/etc/ssl/debian/certs/sip-ws.debian.org-chained.crt',
+		source      => 'file:///etc/ssl/debian/certs/sip-ws.debian.org.crt-chain',
+		order       => 99,
+		require     => File['/etc/ssl/debian/certs/sip-ws.debian.org.crt-chain'],
+	}
+
 	@ferm::rule { 'dsa-sip-ws-ip4':
 		domain      => 'ip',
 		description => 'SIP connections (WebSocket; for WebRTC)',