Skip to content

Commit

Permalink
Merge pull request #42 from mattkirby/kirby_flexible_keys
Browse files Browse the repository at this point in the history 
Adding an option to disable creating keys when enabling hiera-eyaml and
  • Loading branch information
@hunner
hunner committed Jan 6, 2015
2 parents b728196 + 1e9e049 commit 29ca821
Show file tree
Hide file tree
Showing 4 changed files with 40 additions and 31 deletions.
2 changes: 2 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -137,6 +137,8 @@ Configures the directory for puppet's confdir.
Configures the hiera logger. Default is 'console'
#### `merge_behavior`
Configures the hiera merge behavior (e.g. for deep merges). No default
#### `create_keys`
Enables/disables generating pkcs7 keys for use with hiera-eyaml
#### `extra_config`
Accepts arbitrary content to add to the end of hiera.yaml

Expand Down
60 changes: 30 additions & 30 deletions manifests/eyaml.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,48 +11,48 @@
# Copyright (C) 2014 Terri Haber, unless otherwise noted.
#
class hiera::eyaml (
$provider = $hiera::params::provider,
$owner = $hiera::owner,
$group = $hiera::group,
$cmdpath = $hiera::cmdpath,
$confdir = $hiera::confdir
$provider = $hiera::params::provider,
$owner = $hiera::owner,
$group = $hiera::group,
$cmdpath = $hiera::cmdpath,
$confdir = $hiera::confdir,
$create_keys = $hiera::create_keys
) inherits hiera::params {

package { 'hiera-eyaml':
ensure => installed,
provider => $provider,
}

file { "${confdir}/keys":
ensure => directory,
owner => $owner,
group => $group,
before => Exec['createkeys'],
File {
owner => $owner,
group => $group
}

exec { 'createkeys':
user => $owner,
cwd => $confdir,
command => 'eyaml createkeys',
path => $cmdpath,
creates => "${confdir}/keys/private_key.pkcs7.pem",
require => Package['hiera-eyaml'],
file { "${confdir}/keys":
ensure => directory,
}

if ( $create_keys == true ) {
exec { 'createkeys':
user => $owner,
cwd => $confdir,
command => 'eyaml createkeys',
path => $cmdpath,
creates => "${confdir}/keys/private_key.pkcs7.pem",
require => [ Package['hiera-eyaml'], File["${confdir}/keys"] ]
}

file { "${confdir}/keys/private_key.pkcs7.pem":
ensure => file,
mode => '0600',
owner => $owner,
group => $group,
require => Exec['createkeys'],
}
file { "${confdir}/keys/private_key.pkcs7.pem":
ensure => file,
mode => '0600',
require => Exec['createkeys'],
}

file { "${confdir}/keys/public_key.pkcs7.pem":
ensure => file,
mode => '0644',
owner => $owner,
group => $group,
require => Exec['createkeys'],
file { "${confdir}/keys/public_key.pkcs7.pem":
ensure => file,
mode => '0644',
require => Exec['createkeys'],
}
}
}
8 changes: 7 additions & 1 deletion manifests/init.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,11 @@
# Note: You need to manage any package/gem dependancies
# Default: native
#
# [*create_keys*]
# Enable or disable pkcs7 key generation and file management with hiera-eyaml
# This is helpful if you need to distribute a pkcs7 key pair
# Default: true
#
# [*cmdpath*]
# Search paths for command binaries, like the 'eyaml' command.
# The default should cover most cases.
Expand Down Expand Up @@ -110,6 +115,7 @@
$confdir = $hiera::params::confdir,
$logger = $hiera::params::logger,
$cmdpath = $hiera::params::cmdpath,
$create_keys = $hiera::params::create_keys,
$merge_behavior = undef,
$extra_config = '',
) inherits hiera::params {
Expand Down Expand Up @@ -145,5 +151,5 @@
file { '/etc/hiera.yaml':
ensure => symlink,
target => $hiera_yaml,
}
}
}
1 change: 1 addition & 0 deletions manifests/params.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,4 +34,5 @@
$backends = ['yaml']
$logger = 'console'
$eyaml_extension = undef
$create_keys = true
}

0 comments on commit 29ca821

Please sign in to comment.