forked from bzed/bzed-dehydrated
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtransfer.pp
68 lines (61 loc) · 1.54 KB
/
transfer.pp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
# Used as exported ressource to ransfer crt/ca/ocsp files.
#
# @summary Transfer crt/ca/ocsp files.
#
# @example
# dehydrated::certificate::transfer { 'namevar':
# file_type => 'crt',
# request_dn => 'domain.foo.bar.example.com',
# request_fqdn => 'foo.bar.example.com',
# file_content => '',
# }
#
# @api private
#
define dehydrated::certificate::transfer(
Enum['crt', 'ca', 'ocsp'] $file_type,
Dehydrated::DN $request_dn,
Stdlib::Fqdn $request_fqdn,
Variant[String, Binary] $file_content,
) {
if ! defined(Class['dehydrated']) {
fail('You must include the dehydrated base class first.')
}
require ::dehydrated::setup
$dehydrated_domains = $facts['dehydrated_domains']
$_config = $dehydrated_domains[$request_dn]
$base_filename = $_config['base_filename']
$base_dir = $::dehydrated::base_dir
$csr_dir = $::dehydrated::csr_dir
$key_dir = $::dehydrated::key_dir
$crt_dir = $::dehydrated::crt_dir
$crt = "${crt_dir}/${base_filename}.crt"
$ca = "${crt_dir}/${base_filename}_ca.pem"
$ocsp = "${crt}.ocsp"
File {
ensure => file,
owner => $::dehydrated::user,
group => $::dehydrated::group,
mode => '0644',
}
case $file_type {
'crt' : {
file { $crt :
content => $file_content,
}
}
'ca' : {
file { $ca :
content => $file_content,
}
}
'ocsp' : {
file { $ocsp :
content => base64('decode', $file_content),
}
}
default : {
fail('unknown file type! this should never happen!')
}
}
}