[MediaWiki-commits] [Gerrit] retab certs.pp - change (operations/puppet)
Alexandros Kosiaris has submitted this change and it was merged.
Change subject: retab certs.pp
..
retab certs.pp
No code change, simply changed spaces to tabs at beginning of lines.
Change-Id: Ifd5c8cb6cfc46826796908bfb9e794a7fe62d06f
---
M manifests/certs.pp
1 file changed, 213 insertions(+), 214 deletions(-)
Approvals:
Alexandros Kosiaris: Looks good to me, approved
jenkins-bot: Verified
diff --git a/manifests/certs.pp b/manifests/certs.pp
index d70b75f..1321448 100644
--- a/manifests/certs.pp
+++ b/manifests/certs.pp
@@ -1,292 +1,291 @@
define create_pkcs12( $certname=$name, $cert_alias=, $password=,
$user=root, $group=ssl-cert, $location=/etc/ssl/private ) {
- include passwords::certs
+include passwords::certs
- if ( $cert_alias == ) {
- $certalias = $certname
- } else {
- $certalias = $cert_alias
- }
+if ( $cert_alias == ) {
+$certalias = $certname
+} else {
+$certalias = $cert_alias
+}
- if ( $password == ) {
- $defaultpassword = $passwords::certs::certs_default_pass
- } else {
- $defaultpassword = $password
- }
+if ( $password == ) {
+$defaultpassword = $passwords::certs::certs_default_pass
+} else {
+$defaultpassword = $password
+}
- exec {
- # pkcs12 file, used by things like opendj, nss, and tomcat
- ${name}_create_pkcs12:
- creates = ${location}/${certname}.p12,
- command = /usr/bin/openssl pkcs12 -export -name
\${certalias}\ -passout pass:${defaultpassword} -in
/etc/ssl/certs/${certname}.pem -inkey /etc/ssl/private/${certname}.key -out
${location}/${certname}.p12,
- onlyif = /usr/bin/test -s
/etc/ssl/private/${certname}.key,
- require = [Package[openssl],
File[/etc/ssl/private/${certname}.key, /etc/ssl/certs/${certname}.pem]];
- }
+exec {
+# pkcs12 file, used by things like opendj, nss, and tomcat
+${name}_create_pkcs12:
+creates = ${location}/${certname}.p12,
+command = /usr/bin/openssl pkcs12 -export -name \${certalias}\
-passout pass:${defaultpassword} -in /etc/ssl/certs/${certname}.pem -inkey
/etc/ssl/private/${certname}.key -out ${location}/${certname}.p12,
+onlyif = /usr/bin/test -s /etc/ssl/private/${certname}.key,
+require = [Package[openssl],
File[/etc/ssl/private/${certname}.key, /etc/ssl/certs/${certname}.pem]];
+}
- file {
- # Fix permissions on the p12 file, and make it available as
- # a puppet resource
- ${location}/${certname}.p12:
- mode = 0440,
- owner = $user,
- group = $group,
- require = Exec[${name}_create_pkcs12],
- ensure = file;
- }
+file {
+# Fix permissions on the p12 file, and make it available as
+# a puppet resource
+${location}/${certname}.p12:
+mode = 0440,
+owner = $user,
+group = $group,
+require = Exec[${name}_create_pkcs12],
+ensure = file;
+}
}
define create_chained_cert( $certname=$name, $ca, $user=root,
$group=ssl-cert, $location=/etc/ssl/certs ) {
- exec {
- # chained cert, used when needing to provide an entire
certificate chain to a client
- ${name}_create_chained_cert:
- creates = ${location}/${certname}.chained.pem,
- command = /bin/cat ${certname}.pem ${ca}
${location}/${certname}.chained.pem,
- cwd = /etc/ssl/certs,
- require = [Package[openssl],
File[/etc/ssl/certs/${certname}.pem]];
- }
+exec {
+# chained cert, used when needing to provide an entire certificate
chain to a client
+${name}_create_chained_cert:
+creates = ${location}/${certname}.chained.pem,
+command = /bin/cat ${certname}.pem ${ca}
${location}/${certname}.chained.pem,
+cwd = /etc/ssl/certs,
+require = [Package[openssl],
File[/etc/ssl/certs/${certname}.pem]];
+}
- file {
- # Fix permissions on the chained file, and make it available as
- # a puppet resource
- ${location}/${certname}.chained.pem:
- mode = 0444,
- owner = $user,
- group = $group,
- require = Exec[${name}_create_chained_cert],
- ensure = file;
- }
+file {
+# Fix permissions on the chained file, and make it available as
+# a puppet resource
+${location}/${certname}.chained.pem:
+mode = 0444,
+
[MediaWiki-commits] [Gerrit] retab certs.pp - change (operations/puppet)
Hashar has uploaded a new change for review.
https://gerrit.wikimedia.org/r/104742
Change subject: retab certs.pp
..
retab certs.pp
No code change, simply changed spaces to tabs at beginning of lines.
Change-Id: Ifd5c8cb6cfc46826796908bfb9e794a7fe62d06f
---
M manifests/certs.pp
1 file changed, 198 insertions(+), 198 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/42/104742/1
diff --git a/manifests/certs.pp b/manifests/certs.pp
index bfd37d4..6a0f646 100644
--- a/manifests/certs.pp
+++ b/manifests/certs.pp
@@ -1,270 +1,270 @@
define create_pkcs12( $certname=$name, $cert_alias=, $password=,
$user=root, $group=ssl-cert, $location=/etc/ssl/private ) {
- include passwords::certs
+include passwords::certs
- if ( $cert_alias == ) {
- $certalias = $certname
- } else {
- $certalias = $cert_alias
- }
+if ( $cert_alias == ) {
+$certalias = $certname
+} else {
+$certalias = $cert_alias
+}
- if ( $password == ) {
- $defaultpassword = $passwords::certs::certs_default_pass
- } else {
- $defaultpassword = $password
- }
+if ( $password == ) {
+$defaultpassword = $passwords::certs::certs_default_pass
+} else {
+$defaultpassword = $password
+}
- exec {
- # pkcs12 file, used by things like opendj, nss, and tomcat
- ${name}_create_pkcs12:
- creates = ${location}/${certname}.p12,
- command = /usr/bin/openssl pkcs12 -export -name
\${certalias}\ -passout pass:${defaultpassword} -in
/etc/ssl/certs/${certname}.pem -inkey /etc/ssl/private/${certname}.key -out
${location}/${certname}.p12,
- onlyif = /usr/bin/test -s
/etc/ssl/private/${certname}.key,
- require = [Package[openssl],
File[/etc/ssl/private/${certname}.key, /etc/ssl/certs/${certname}.pem]];
- }
+exec {
+# pkcs12 file, used by things like opendj, nss, and tomcat
+${name}_create_pkcs12:
+creates = ${location}/${certname}.p12,
+command = /usr/bin/openssl pkcs12 -export -name \${certalias}\
-passout pass:${defaultpassword} -in /etc/ssl/certs/${certname}.pem -inkey
/etc/ssl/private/${certname}.key -out ${location}/${certname}.p12,
+onlyif = /usr/bin/test -s /etc/ssl/private/${certname}.key,
+require = [Package[openssl],
File[/etc/ssl/private/${certname}.key, /etc/ssl/certs/${certname}.pem]];
+}
- file {
- # Fix permissions on the p12 file, and make it available as
- # a puppet resource
- ${location}/${certname}.p12:
- mode = 0440,
- owner = $user,
- group = $group,
- require = Exec[${name}_create_pkcs12],
- ensure = file;
- }
+file {
+# Fix permissions on the p12 file, and make it available as
+# a puppet resource
+${location}/${certname}.p12:
+mode = 0440,
+owner = $user,
+group = $group,
+require = Exec[${name}_create_pkcs12],
+ensure = file;
+}
}
define create_chained_cert( $certname=$name, $ca, $user=root,
$group=ssl-cert, $location=/etc/ssl/certs ) {
- exec {
- # chained cert, used when needing to provide an entire
certificate chain to a client
- ${name}_create_chained_cert:
- creates = ${location}/${certname}.chained.pem,
- command = /bin/cat ${certname}.pem ${ca}
${location}/${certname}.chained.pem,
- cwd = /etc/ssl/certs,
- require = [Package[openssl],
File[/etc/ssl/certs/${certname}.pem]];
- }
+exec {
+# chained cert, used when needing to provide an entire certificate
chain to a client
+${name}_create_chained_cert:
+creates = ${location}/${certname}.chained.pem,
+command = /bin/cat ${certname}.pem ${ca}
${location}/${certname}.chained.pem,
+cwd = /etc/ssl/certs,
+require = [Package[openssl],
File[/etc/ssl/certs/${certname}.pem]];
+}
- file {
- # Fix permissions on the chained file, and make it available as
- # a puppet resource
- ${location}/${certname}.chained.pem:
- mode = 0444,
- owner = $user,
- group = $group,
- require = Exec[${name}_create_chained_cert],
- ensure = file;
- }
+file {
+# Fix permissions on the chained file, and make it available as
+# a puppet resource
+${location}/${certname}.chained.pem:
+
