Add private parameter to ssl::cert

author Silvio Rhatto <rhatto@riseup.net>

Thu, 13 Mar 2014 20:49:32 +0000 (17:49 -0300)

committer Silvio Rhatto <rhatto@riseup.net>

Thu, 13 Mar 2014 20:49:32 +0000 (17:49 -0300)
author Silvio Rhatto <rhatto@riseup.net>
Thu, 13 Mar 2014 20:49:32 +0000 (17:49 -0300)
committer Silvio Rhatto <rhatto@riseup.net>
Thu, 13 Mar 2014 20:49:32 +0000 (17:49 -0300)
diff --git a/manifests/init.pp b/manifests/init.pp

index 2cb36e72ce49035eef4245c49326a5c65e629129..f56b8f144fc73dd7390a51fc3a0151a855d08e32 100644 (file)
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -14,7 +14,8 @@ class ssl {
    }
  
    define cert($ensure  = present, $owner    = 'root', $group = 'root',
-              $pubmode = '644',   $privmode = '600',  $base  = '/etc/ssl') {
+              $pubmode = '644',   $privmode = '600',  $base  = '/etc/ssl',
+              $private = true) {
      file { "${base}/certs/$name.crt":
        ensure  => $ensure,
        owner   => $owner,
@@ -24,14 +25,16 @@ class ssl {
        require => File["${base}/certs"],
      }
    
-    file { "${base}/private/$name.pem":
-      ensure  => $ensure,
-      owner   => $owner,
-      group   => $group,
-      mode    => $privmode,
-      backup  => false, # Do not backup the private key
-      source  => "puppet:///modules/site_keys/ssl/$name.pem",
-      require => File["${base}/private"],
+    if ($private == true) {
+      file { "${base}/private/$name.pem":
+        ensure  => $ensure,
+        owner   => $owner,
+        group   => $group,
+        mode    => $privmode,
+        backup  => false, # Do not backup the private key
+        source  => "puppet:///modules/site_keys/ssl/$name.pem",
+        require => File["${base}/private"],
+      }
      }
    }
author	Silvio Rhatto <rhatto@riseup.net>
	Thu, 13 Mar 2014 20:49:32 +0000 (17:49 -0300)
committer	Silvio Rhatto <rhatto@riseup.net>
	Thu, 13 Mar 2014 20:49:32 +0000 (17:49 -0300)