Puppet Function: icinga2::cert

Defined in:
functions/cert.pp
Function type:
Puppet Language

Summary

Choose the path of tls key, cert and ca file.

Overview

icinga2::cert(String $name, Optional[Stdlib::Absolutepath] $key_file = undef, Optional[Stdlib::Absolutepath] $cert_file = undef, Optional[Stdlib::Absolutepath] $cacert_file = undef, Optional[Variant[String, Sensitive[String]]] $key = undef, Optional[String] $cert = undef, Optional[String] $cacert = undef)Hash

Parameters:

  • name (String)
  • key_file (Optional[Stdlib::Absolutepath]) (defaults to: undef)
  • cert_file (Optional[Stdlib::Absolutepath]) (defaults to: undef)
  • cacert_file (Optional[Stdlib::Absolutepath]) (defaults to: undef)
  • key (Optional[Variant[String, Sensitive[String]]]) (defaults to: undef)
  • cert (Optional[String]) (defaults to: undef)
  • cacert (Optional[String]) (defaults to: undef)

Returns:

  • (Hash)

    Returned hash includes all paths and the key, cert and cacert.



7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
 
# File 'functions/cert.pp', line 7

function icinga2::cert(
  String                                       $name,
  Optional[Stdlib::Absolutepath]               $key_file    = undef,
  Optional[Stdlib::Absolutepath]               $cert_file   = undef,
  Optional[Stdlib::Absolutepath]               $cacert_file = undef,
  Optional[Variant[String, Sensitive[String]]] $key         = undef,
  Optional[String]                             $cert        = undef,
  Optional[String]                             $cacert      = undef,
) >> Hash {
  # @param name
  #   The base name of certicate, key and ca file.
  #
  # @param tls_cert_path
  #   Location of the certificate.
  #
  # @param tls_cacert_path
  #   Location of the CA certificate.
  #
  # @param tls_crl_path
  #   Location of the Certicicate Revocation List.
  #
  # @param tls_key
  #   The private key in a base64 encoded string to store in spicified tls_key_path file.
  #
  # @param tls_cert
  #   The certificate in a base64 encoded string to store in spicified tls_cert_path file.
  #
  # @param tls_cacert
  #   The CA root certificate in a base64 encoded string to store in spicified tls_cacert_path file.
  #
  # @param tls_capath
  #    Trusted CA certificates in PEM format directory path.
  #
  $default_dir = $icinga2::globals::cert_dir

  $result = {
    'key'         => if $key =~ Sensitive {
      $key
    } elsif $key =~ String {
      Sensitive($key)
    } else {
      undef
    },
    'key_file'    => if $key {
      if $key_file {
        $key_file
      } else {
        "${default_dir}/${name}.key"
      }
    } else {
      $key_file
    },
    'cert'        => $cert,
    'cert_file'   => if $cert {
      if $cert_file {
        $cert_file
      } else {
        "${default_dir}/${name}.crt"
      }
    } else {
      $cert_file
    },
    'cacert'      => $cacert,
    'cacert_file' => if $cacert {
      if $cacert_file {
        $cacert_file
      } else {
        "${default_dir}/${name}_ca.crt"
      }
    } else {
      $cacert_file
    },
  }

  $result
}