Hi Chris,
2010/11/10 Chris <chrisma...@gmail.com>
> [...]
> Yes, except that approach suffers from the same administrative
> problems as using puppet:/// and auth.conf. HTTPS certs aren't
> specific to hosts. If I have 20 servers all requiring foo.key (because
> they all have the foo-application class in their manifest), then
> either I have to copy foo.key into 20 different directories, or else
> have one export with 20 allowed hosts. And every time I add the foo-
> application class to another host, I need to remember to also expose
> the key to that host. With large numbers of keys and hosts, and
> moderate levels of churn, this becomes difficult to manage and prone
> to errors.
>
got the point, thought that you need one specific key on each server. So
that should be even simpler, use file with content and put the key in the
content field:
$myKey = "-----BEGIN RSA PRIVATE
KEY-----\nMIICXgIBAAKBgQDTqkVS4/iwKx8LngXQrEShlfSRtcSyOB1IjC5AIGUAJvapq9lz\n..."
file {
"/path/to/keyFile":
content => $myKey;
}
Put this into your Webserver class and assign the class only to the
Webservers.
Kind regards, Thomas
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
