summaryrefslogtreecommitdiff
path: root/sitemodules/profiles/manifests/icinga2_common.pp
diff options
context:
space:
mode:
authorJan Dittberner <jandd@cacert.org>2019-07-20 20:08:21 +0200
committerJan Dittberner <jandd@cacert.org>2019-07-20 20:08:21 +0200
commite9c6dd7e0aa1a5646a69e8796675556cad987d25 (patch)
tree2854c284b46e8fcb9af7ef580c54d9edd5ba26f5 /sitemodules/profiles/manifests/icinga2_common.pp
parente55e91b55cd7129b036dead06d6ef5ec1d7c8ed9 (diff)
downloadcacert-puppet-e9c6dd7e0aa1a5646a69e8796675556cad987d25.tar.gz
cacert-puppet-e9c6dd7e0aa1a5646a69e8796675556cad987d25.tar.xz
cacert-puppet-e9c6dd7e0aa1a5646a69e8796675556cad987d25.zip
Move management of Icinga2 CA certificate
- move parameter to icinga2_common - move hiera data from monitor node to common
Diffstat (limited to 'sitemodules/profiles/manifests/icinga2_common.pp')
-rw-r--r--sitemodules/profiles/manifests/icinga2_common.pp29
1 files changed, 29 insertions, 0 deletions
diff --git a/sitemodules/profiles/manifests/icinga2_common.pp b/sitemodules/profiles/manifests/icinga2_common.pp
index c1c9be2..1703d2b 100644
--- a/sitemodules/profiles/manifests/icinga2_common.pp
+++ b/sitemodules/profiles/manifests/icinga2_common.pp
@@ -3,6 +3,19 @@
#
# Common configuration code for Icinga2 agent and master setups.
#
+# This manifest is meant to be included from other manifests.
+#
+# Parameters
+# ----------
+#
+# @param ca_certificate Icinga2 CA certificate content
+#
+# Examples
+# --------
+#
+# @example
+# include profiles::icinga2_common
+#
# Authors
# -------
#
@@ -13,6 +26,7 @@
#
# Copyright 2019 Jan Dittberner
class profiles::icinga2_common (
+ String $ca_certificate,
) {
if $::lsbdistcodename == 'stretch' {
apt::pin { 'icinga2_backports':
@@ -32,4 +46,19 @@ class profiles::icinga2_common (
package { 'icinga2':
ensure => latest,
}
+ file { '/etc/icinga2/pki':
+ ensure => directory,
+ owner => 'nagios',
+ group => 'nagios',
+ mode => '0700',
+ require => Package['icinga2'],
+ }
+ file { '/etc/icinga2/pki/ca.crt':
+ ensure => file,
+ content => $ca_certificate,
+ owner => 'nagios',
+ group => 'nagios',
+ mode => '0644',
+ require => File['/etc/icinga2/pki'],
+ }
}