modules/ssl/manifests/service.pp

   1 define ssl::service($ensure = present, $tlsaport = 443) {
   2         $link_target = $ensure ? {
   3                 present => link,
   4                 absent  => absent,
   5                 default => fail ( "Unknown ensure value: '$ensure'" ),
   6         }
   7
   8         file { "/etc/munin/plugins/${name}":
   9                 ensure  => $link_target,
  10                 target  => "/usr/share/munin/plugins/${link}",
  11                 require => Package['munin-node'],
  12                 notify  => Service['munin-node'],
  13         }
  14
  15         file { "/etc/ssl/debian/certs/$name.crt":
  16                 source => "puppet:///modules/ssl/servicecerts/${name}.crt",
  17                 notify => Exec['c_rehash /etc/ssl/debian/certs'],
  18         }
  19
  20         if $tlsaport > 0 {
  21                 dnsextras::tlsa_record{ "tlsa-${tlsaport}":
  22                         zone => 'debian.org',
  23                         certfile => "/etc/puppet/modules/ssl/files/servicecerts/${name}.crt",
  24                         port => $tlsaport,
  25                         hostname => "$name",
  26                 }
  27         }
  28 }