44 lines
1.1 KiB
Puppet
44 lines
1.1 KiB
Puppet
# Configure a SUNET CDN CA server
|
|
class cdn::ca_trust(
|
|
Hash[String, Hash[String, String]] $ca_root = {
|
|
test => {
|
|
url => 'https://internal-sto3-test-ca-1.cdn.sunet.se:9000',
|
|
fp => '9c7cb4b835ad1ee2d63f903032208b245c82c38823b02a05c66a5b93c1d5e32d',
|
|
},
|
|
}
|
|
)
|
|
{
|
|
# Files for trusting internal CA
|
|
file { '/opt/cdn-ca-trust':
|
|
ensure => directory,
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0755',
|
|
}
|
|
|
|
file { '/opt/cdn-ca-trust/scripts':
|
|
ensure => directory,
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0755',
|
|
}
|
|
|
|
file { '/opt/cdn-ca-trust/scripts/trust-step-ca':
|
|
ensure => file,
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0755',
|
|
content => file('cdn/ca_trust/trust-step-ca'),
|
|
}
|
|
|
|
# From https://wiki.sunet.se/display/sunetops/Platform+naming+standards
|
|
$my_fqdn = $facts['networking']['fqdn']
|
|
$dot_split = split($my_fqdn, '[.]')
|
|
$my_hostname = $dot_split[0]
|
|
$dash_split = split($my_hostname,'[-]')
|
|
$environment = $dash_split[2]
|
|
|
|
exec { "/opt/cdn-ca-trust/scripts/trust-step-ca ${ca_root[$environment]['url']} ${ca_root[$environment]['fp']}":
|
|
}
|
|
}
|