Puppet Class: puppet::server::keys

Inherits:
puppet::params
Defined in:
manifests/server/keys.pp

Summary

Set up eYAML keys properties

Overview

Set up proper permissions for EYAML keys and the paths leading to them.

Examples:

include puppet::server::keys


7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
 
# File 'manifests/server/keys.pp', line 7

class puppet::server::keys inherits puppet::params {
  $eyaml_keys_path = $puppet::params::eyaml_keys_path
  $eyaml_public_key = $puppet::params::eyaml_public_key
  $eyaml_private_key = $puppet::params::eyaml_private_key

  # Hardening of Hiera Eyaml keys
  file { $eyaml_keys_path:
    ensure => directory,
    owner  => 'puppet',
    group  => 'puppet',
    mode   => '0500',
  }

  # poka-yoke
  if '/etc/puppetlabs/puppet/' in $eyaml_keys_path {
    File <| title == $eyaml_keys_path |> {
      recurse => true,
      purge   => true,
    }
  }

  [$eyaml_public_key, $eyaml_private_key].each |$key| {
    file { "${eyaml_keys_path}/${key}":
      owner => 'puppet',
      group => 'puppet',
      mode  => '0400',
    }
  }
}