diff options
| author | Jan Dittberner <jandd@cacert.org> | 2020-06-04 22:51:46 +0200 |
|---|---|---|
| committer | Jan Dittberner <jandd@cacert.org> | 2020-06-04 22:51:46 +0200 |
| commit | eefc20115b512ed9c34d852a6eea245e7db54295 (patch) | |
| tree | 7c13aceea61b3b00cdd69dc2eb41fd8bc432e3cf /sitemodules/profiles | |
| parent | e19b0451d3f692b11f13657406e818f7fc93c7f8 (diff) | |
| download | cacert-puppet-eefc20115b512ed9c34d852a6eea245e7db54295.tar.gz cacert-puppet-eefc20115b512ed9c34d852a6eea245e7db54295.tar.xz cacert-puppet-eefc20115b512ed9c34d852a6eea245e7db54295.zip | |
Add new parameters for cacert-selfservice 0.2.0
Diffstat (limited to 'sitemodules/profiles')
| -rw-r--r-- | sitemodules/profiles/manifests/cacert_selfservice.pp | 11 | ||||
| -rw-r--r-- | sitemodules/profiles/templates/cacert_selfservice/config.yaml.epp | 8 |
2 files changed, 17 insertions, 2 deletions
diff --git a/sitemodules/profiles/manifests/cacert_selfservice.pp b/sitemodules/profiles/manifests/cacert_selfservice.pp index 3aab8b8..3165c02 100644 --- a/sitemodules/profiles/manifests/cacert_selfservice.pp +++ b/sitemodules/profiles/manifests/cacert_selfservice.pp @@ -29,6 +29,11 @@ # # @param api_endpoint_url backend API endpoint URL # +# @param jwt_private_key PEM encoded ECDSA private key for signing JWT +# tokens +# +# @param jwt_validity_hours number of hours that JWT tokens will be valid +# # Examples # -------- # @@ -45,7 +50,7 @@ # Copyright # --------- # -# Copyright 2019 Jan Dittberner +# Copyright 2019, 2020 Jan Dittberner # class profiles::cacert_selfservice ( String $base_url = "https://selfservice.cacert.org", @@ -58,6 +63,8 @@ class profiles::cacert_selfservice ( String $api_client_id, String $api_private_key, String $api_endpoint_url = "https://email.infra.cacert.org:9443/", + String $jwt_private_key, + Integer $jwt_validity_hours = 24, ) { include profiles::cacert_debrepo @@ -165,6 +172,8 @@ class profiles::cacert_selfservice ( api_signature_key_lines => split($api_private_key, "\n"), api_endpoint_url => $api_endpoint_url, log_directory => $log_directory, + jwt_private_key_lines => split($jwt_private_key, "\n"), + jwt_validity_hours => $jwt_validity_hours, }), require => Package[$service_name], notify => Service[$service_name], diff --git a/sitemodules/profiles/templates/cacert_selfservice/config.yaml.epp b/sitemodules/profiles/templates/cacert_selfservice/config.yaml.epp index bdb3477..15d042b 100644 --- a/sitemodules/profiles/templates/cacert_selfservice/config.yaml.epp +++ b/sitemodules/profiles/templates/cacert_selfservice/config.yaml.epp @@ -10,7 +10,9 @@ String $api_client_id, String $api_cas, String $api_endpoint_url, - String $log_directory + String $log_directory, + Array[String] $jwt_private_key_lines, + Integer $jwt_validity_hours, | -%> --- client_ca_certificates: <%= $client_cas %> @@ -29,3 +31,7 @@ api_client_id: <%= $api_client_id %> api_ca_certificates: <%= $api_cas %> api_endpoint_url: <%= $api_endpoint_url %> access_log: <%= $log_directory %>/access.log +jwt_private_key: | +<% $jwt_private_key_lines.each |$key_line| { %> <%= $key_line %> +<% } -%> +jwt_validity_hours: $jwt_validity_hours |