summaryrefslogtreecommitdiff
path: root/sitemodules
diff options
context:
space:
mode:
authorJan Dittberner <jandd@cacert.org>2019-07-21 15:14:00 +0200
committerJan Dittberner <jandd@cacert.org>2019-07-21 15:14:00 +0200
commit464e43c51afe7455515e2f93d00155d3b6e20807 (patch)
tree80da246cee7be6b64f3c2d2d7d31231b6b421572 /sitemodules
parentebfe159ebde82383dc36d31bf3879c3714e5d983 (diff)
downloadcacert-puppet-464e43c51afe7455515e2f93d00155d3b6e20807.tar.gz
cacert-puppet-464e43c51afe7455515e2f93d00155d3b6e20807.tar.xz
cacert-puppet-464e43c51afe7455515e2f93d00155d3b6e20807.zip
Define Icinga2 CA on master
Diffstat (limited to 'sitemodules')
-rw-r--r--sitemodules/profiles/manifests/icinga2_master.pp13
1 files changed, 11 insertions, 2 deletions
diff --git a/sitemodules/profiles/manifests/icinga2_master.pp b/sitemodules/profiles/manifests/icinga2_master.pp
index eeb033d..e14879f 100644
--- a/sitemodules/profiles/manifests/icinga2_master.pp
+++ b/sitemodules/profiles/manifests/icinga2_master.pp
@@ -12,6 +12,7 @@
# @param web2_database_password database password for IcingaWeb2 database
# @param api_users Icinga2 API users
# @param ca_key Icinga2 CA private key content
+# @param ca_certificate Icinga2 CA certificate content
# @param master_key Icinga2 master private key content
# @param master_csr Icinga2 master CSR
#
@@ -38,6 +39,7 @@ class profiles::icinga2_master (
Array[Hash[String, Variant[String, Tuple[String, 1]]]] $api_users,
String $pki_ticket_salt,
String $ca_key,
+ String $ca_certificate,
String $master_key,
String $master_csr,
) {
@@ -51,6 +53,11 @@ class profiles::icinga2_master (
},
}
+ class { '::icinga2::pki::ca':
+ ca_cert => $ca_certificate,
+ ca_key => $ca_key,
+ }
+
postgresql::server::db { 'icinga2':
user => 'icinga2',
password => postgresql_password('icinga2', $ido_database_password),
@@ -65,10 +72,12 @@ class profiles::icinga2_master (
}
class { '::icinga2::feature::api':
- endpoints => {
+ pki => 'icinga2',
+ ticket_salt => $pki_ticket_salt,
+ endpoints => {
$::fqdn => {},
},
- zones => {
+ zones => {
$::fqdn => {
'endpoints' => [$::fqdn],
},