summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJan Dittberner <jandd@cacert.org>2019-07-21 15:03:44 +0200
committerJan Dittberner <jandd@cacert.org>2019-07-21 15:03:44 +0200
commitebfe159ebde82383dc36d31bf3879c3714e5d983 (patch)
tree1be3bb5f55a62eaa24bf6443a062b169716ae288
parente3b2e2aa3f04440f45ac00d676a1cb393ec5dc4e (diff)
downloadcacert-puppet-ebfe159ebde82383dc36d31bf3879c3714e5d983.tar.gz
cacert-puppet-ebfe159ebde82383dc36d31bf3879c3714e5d983.tar.xz
cacert-puppet-ebfe159ebde82383dc36d31bf3879c3714e5d983.zip
Define ticket salt for icinga2 master
-rw-r--r--hieradata/nodes/monitor.yaml11
-rw-r--r--sitemodules/profiles/manifests/icinga2_master.pp4
2 files changed, 14 insertions, 1 deletions
diff --git a/hieradata/nodes/monitor.yaml b/hieradata/nodes/monitor.yaml
index 87c0ad6..2d8b10b 100644
--- a/hieradata/nodes/monitor.yaml
+++ b/hieradata/nodes/monitor.yaml
@@ -59,6 +59,17 @@ profiles::icinga2_master::api_users:
T5GP0WQAzU0=]
permissions:
- "actions/generate-ticket"
+profiles::icinga2_master::pki_ticket_salt: >
+ ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEw
+ DQYJKoZIhvcNAQEBBQAEggEAq7zw5VVeKvukhSo2g3YK/7fIUC5JbyTrX2XI
+ vAoB7RP2eoEXJRcZG71BNJRMXYlfRwZF31GKAx6zCnvSG8LPpl8Z7D8rNFi+
+ Xw0ftUPE0A2WjMuX2ZPjwFRpQB5cuR0DRqvHoWzkyiePbhE62vRYxLamTT92
+ 1f2FpBM42PIkyD+o9+Bu+1eUXFf4Bvg/srDq+clDQEUJEH9Zk0boUR0aYNzu
+ 7O1PW/QSMCvIRXnmhRQr4MoeHQmgK52JxssdISEEBPpjL/oQyJ57XjgDh55c
+ 8/gkj+L/p+E/TnE358x5FAm1PNSivH+uohXCxfMu87ukpBJh41tzfI7KBWxY
+ wEtKajBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBC71KjJDv29zuAaxnyH
+ o3uJgDDydzmhZKEQxhkFNW9TNquxCTXdfPZ/zYPb/TqWq3amcnQwoqNltz+5
+ QoSf/2LDk4o=]
profiles::icinga2_master::ca_key: >
ENC[PKCS7,MIIOHQYJKoZIhvcNAQcDoIIODjCCDgoCAQAxggEhMIIBHQIBADAFMAACAQEw
DQYJKoZIhvcNAQEBBQAEggEAndhxooQI/m9cfD6jfWVHSce7ePzRwpt8F4qy
diff --git a/sitemodules/profiles/manifests/icinga2_master.pp b/sitemodules/profiles/manifests/icinga2_master.pp
index 7659d96..eeb033d 100644
--- a/sitemodules/profiles/manifests/icinga2_master.pp
+++ b/sitemodules/profiles/manifests/icinga2_master.pp
@@ -36,6 +36,7 @@ class profiles::icinga2_master (
String $ido_database_password,
String $web2_database_password,
Array[Hash[String, Variant[String, Tuple[String, 1]]]] $api_users,
+ String $pki_ticket_salt,
String $ca_key,
String $master_key,
String $master_csr,
@@ -45,7 +46,8 @@ class profiles::icinga2_master (
manage_repo => false,
features => ['mainlog', 'checker'],
constants => {
- 'ZoneName' => $::fqdn,
+ 'TicketSalt' => $pki_ticket_salt,
+ 'ZoneName' => $::fqdn,
},
}