[MediaWiki-commits] [Gerrit] retab certs.pp - change (operations/puppet)
Alexandros Kosiaris has submitted this change and it was merged. Change subject: retab certs.pp .. retab certs.pp No code change, simply changed spaces to tabs at beginning of lines. Change-Id: Ifd5c8cb6cfc46826796908bfb9e794a7fe62d06f --- M manifests/certs.pp 1 file changed, 213 insertions(+), 214 deletions(-) Approvals: Alexandros Kosiaris: Looks good to me, approved jenkins-bot: Verified diff --git a/manifests/certs.pp b/manifests/certs.pp index d70b75f..1321448 100644 --- a/manifests/certs.pp +++ b/manifests/certs.pp @@ -1,292 +1,291 @@ define create_pkcs12( $certname=$name, $cert_alias=, $password=, $user=root, $group=ssl-cert, $location=/etc/ssl/private ) { - include passwords::certs +include passwords::certs - if ( $cert_alias == ) { - $certalias = $certname - } else { - $certalias = $cert_alias - } +if ( $cert_alias == ) { +$certalias = $certname +} else { +$certalias = $cert_alias +} - if ( $password == ) { - $defaultpassword = $passwords::certs::certs_default_pass - } else { - $defaultpassword = $password - } +if ( $password == ) { +$defaultpassword = $passwords::certs::certs_default_pass +} else { +$defaultpassword = $password +} - exec { - # pkcs12 file, used by things like opendj, nss, and tomcat - ${name}_create_pkcs12: - creates = ${location}/${certname}.p12, - command = /usr/bin/openssl pkcs12 -export -name \${certalias}\ -passout pass:${defaultpassword} -in /etc/ssl/certs/${certname}.pem -inkey /etc/ssl/private/${certname}.key -out ${location}/${certname}.p12, - onlyif = /usr/bin/test -s /etc/ssl/private/${certname}.key, - require = [Package[openssl], File[/etc/ssl/private/${certname}.key, /etc/ssl/certs/${certname}.pem]]; - } +exec { +# pkcs12 file, used by things like opendj, nss, and tomcat +${name}_create_pkcs12: +creates = ${location}/${certname}.p12, +command = /usr/bin/openssl pkcs12 -export -name \${certalias}\ -passout pass:${defaultpassword} -in /etc/ssl/certs/${certname}.pem -inkey /etc/ssl/private/${certname}.key -out ${location}/${certname}.p12, +onlyif = /usr/bin/test -s /etc/ssl/private/${certname}.key, +require = [Package[openssl], File[/etc/ssl/private/${certname}.key, /etc/ssl/certs/${certname}.pem]]; +} - file { - # Fix permissions on the p12 file, and make it available as - # a puppet resource - ${location}/${certname}.p12: - mode = 0440, - owner = $user, - group = $group, - require = Exec[${name}_create_pkcs12], - ensure = file; - } +file { +# Fix permissions on the p12 file, and make it available as +# a puppet resource +${location}/${certname}.p12: +mode = 0440, +owner = $user, +group = $group, +require = Exec[${name}_create_pkcs12], +ensure = file; +} } define create_chained_cert( $certname=$name, $ca, $user=root, $group=ssl-cert, $location=/etc/ssl/certs ) { - exec { - # chained cert, used when needing to provide an entire certificate chain to a client - ${name}_create_chained_cert: - creates = ${location}/${certname}.chained.pem, - command = /bin/cat ${certname}.pem ${ca} ${location}/${certname}.chained.pem, - cwd = /etc/ssl/certs, - require = [Package[openssl], File[/etc/ssl/certs/${certname}.pem]]; - } +exec { +# chained cert, used when needing to provide an entire certificate chain to a client +${name}_create_chained_cert: +creates = ${location}/${certname}.chained.pem, +command = /bin/cat ${certname}.pem ${ca} ${location}/${certname}.chained.pem, +cwd = /etc/ssl/certs, +require = [Package[openssl], File[/etc/ssl/certs/${certname}.pem]]; +} - file { - # Fix permissions on the chained file, and make it available as - # a puppet resource - ${location}/${certname}.chained.pem: - mode = 0444, - owner = $user, - group = $group, - require = Exec[${name}_create_chained_cert], - ensure = file; - } +file { +# Fix permissions on the chained file, and make it available as +# a puppet resource +${location}/${certname}.chained.pem: +mode = 0444, +
[MediaWiki-commits] [Gerrit] retab certs.pp - change (operations/puppet)
Hashar has uploaded a new change for review. https://gerrit.wikimedia.org/r/104742 Change subject: retab certs.pp .. retab certs.pp No code change, simply changed spaces to tabs at beginning of lines. Change-Id: Ifd5c8cb6cfc46826796908bfb9e794a7fe62d06f --- M manifests/certs.pp 1 file changed, 198 insertions(+), 198 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/42/104742/1 diff --git a/manifests/certs.pp b/manifests/certs.pp index bfd37d4..6a0f646 100644 --- a/manifests/certs.pp +++ b/manifests/certs.pp @@ -1,270 +1,270 @@ define create_pkcs12( $certname=$name, $cert_alias=, $password=, $user=root, $group=ssl-cert, $location=/etc/ssl/private ) { - include passwords::certs +include passwords::certs - if ( $cert_alias == ) { - $certalias = $certname - } else { - $certalias = $cert_alias - } +if ( $cert_alias == ) { +$certalias = $certname +} else { +$certalias = $cert_alias +} - if ( $password == ) { - $defaultpassword = $passwords::certs::certs_default_pass - } else { - $defaultpassword = $password - } +if ( $password == ) { +$defaultpassword = $passwords::certs::certs_default_pass +} else { +$defaultpassword = $password +} - exec { - # pkcs12 file, used by things like opendj, nss, and tomcat - ${name}_create_pkcs12: - creates = ${location}/${certname}.p12, - command = /usr/bin/openssl pkcs12 -export -name \${certalias}\ -passout pass:${defaultpassword} -in /etc/ssl/certs/${certname}.pem -inkey /etc/ssl/private/${certname}.key -out ${location}/${certname}.p12, - onlyif = /usr/bin/test -s /etc/ssl/private/${certname}.key, - require = [Package[openssl], File[/etc/ssl/private/${certname}.key, /etc/ssl/certs/${certname}.pem]]; - } +exec { +# pkcs12 file, used by things like opendj, nss, and tomcat +${name}_create_pkcs12: +creates = ${location}/${certname}.p12, +command = /usr/bin/openssl pkcs12 -export -name \${certalias}\ -passout pass:${defaultpassword} -in /etc/ssl/certs/${certname}.pem -inkey /etc/ssl/private/${certname}.key -out ${location}/${certname}.p12, +onlyif = /usr/bin/test -s /etc/ssl/private/${certname}.key, +require = [Package[openssl], File[/etc/ssl/private/${certname}.key, /etc/ssl/certs/${certname}.pem]]; +} - file { - # Fix permissions on the p12 file, and make it available as - # a puppet resource - ${location}/${certname}.p12: - mode = 0440, - owner = $user, - group = $group, - require = Exec[${name}_create_pkcs12], - ensure = file; - } +file { +# Fix permissions on the p12 file, and make it available as +# a puppet resource +${location}/${certname}.p12: +mode = 0440, +owner = $user, +group = $group, +require = Exec[${name}_create_pkcs12], +ensure = file; +} } define create_chained_cert( $certname=$name, $ca, $user=root, $group=ssl-cert, $location=/etc/ssl/certs ) { - exec { - # chained cert, used when needing to provide an entire certificate chain to a client - ${name}_create_chained_cert: - creates = ${location}/${certname}.chained.pem, - command = /bin/cat ${certname}.pem ${ca} ${location}/${certname}.chained.pem, - cwd = /etc/ssl/certs, - require = [Package[openssl], File[/etc/ssl/certs/${certname}.pem]]; - } +exec { +# chained cert, used when needing to provide an entire certificate chain to a client +${name}_create_chained_cert: +creates = ${location}/${certname}.chained.pem, +command = /bin/cat ${certname}.pem ${ca} ${location}/${certname}.chained.pem, +cwd = /etc/ssl/certs, +require = [Package[openssl], File[/etc/ssl/certs/${certname}.pem]]; +} - file { - # Fix permissions on the chained file, and make it available as - # a puppet resource - ${location}/${certname}.chained.pem: - mode = 0444, - owner = $user, - group = $group, - require = Exec[${name}_create_chained_cert], - ensure = file; - } +file { +# Fix permissions on the chained file, and make it available as +# a puppet resource +${location}/${certname}.chained.pem: +