Puppet Class: openssl::configs

Defined in:

manifests/configs.pp

Summary

Generates openssl.conf files using manually set defaults or defaults from openssl::config

Overview

Examples:

basic usage

class { 'openssl::configs':
  country   => 'mycountry',
  conffiles => { '/path/to/openssl.conf' => { ensure       => 'present',
                                              commonname   => 'somewhere.org',
                                              organization => 'myorg' },
                 '/a/other/openssl.conf' => { ensure       => 'present',
                                              commonname   => 'somewhere.else.org',
                                              organization => 'myotherorg' },
                }
}

Parameters:

• owner (Optional[String[1]]) (defaults to: undef) —

  default owner for the configuration files

• group (Optional[String[1]]) (defaults to: undef) —

  default group for the configuration files

• mode (Optional[String[1]]) (defaults to: undef) —

  default mode for the configuration files

• country (Optional[String[1]]) (defaults to: undef) —

  default value for country

• state (Optional[String[1]]) (defaults to: undef) —

  default value for state

• locality (Optional[String[1]]) (defaults to: undef) —

  default value for locality

• organization (Optional[String[1]]) (defaults to: undef) —

  default value for organization

• unit (Optional[String[1]]) (defaults to: undef) —

  default value for unit

• email (Optional[String[1]]) (defaults to: undef) —

  default value for email

• default_bits (Optional[Integer]) (defaults to: undef) —

  default key size to generate

• default_md (Optional[String[1]]) (defaults to: undef) —

  default message digest to use

• default_keyfile (Optional[String[1]]) (defaults to: undef) —

  default name for the keyfile

• basicconstraints (Optional[Array]) (defaults to: undef) —

  default version 3 certificate extension basic constraints

• extendedkeyusages (Optional[Array]) (defaults to: undef) —

  default version 3 certificate extension extended key usage

• keyusages (Optional[Array]) (defaults to: undef) —

  default version 3 certificate extension key usage

• subjectaltnames (Optional[Array]) (defaults to: undef) —

  default version 3 certificate extension for alternative names currently supported are IP (v4) and DNS

• conffiles (Hash) (defaults to: {}) —

  config files to generate

# File 'manifests/configs.pp', line 51

class openssl::configs (
  Optional[String[1]]  $owner           = undef,
  Optional[String[1]]  $group           = undef,
  Optional[String[1]]  $mode            = undef,
  Optional[String[1]]  $country         = undef,
  Optional[String[1]]  $state           = undef,
  Optional[String[1]]  $locality        = undef,
  Optional[String[1]]  $organization    = undef,
  Optional[String[1]]  $unit            = undef,
  Optional[String[1]]  $email           = undef,
  Optional[Integer] $default_bits       = undef,
  Optional[String[1]]  $default_md      = undef,
  Optional[String[1]]  $default_keyfile = undef,
  Optional[Array]   $basicconstraints   = undef,
  Optional[Array]   $extendedkeyusages  = undef,
  Optional[Array]   $keyusages          = undef,
  Optional[Array]   $subjectaltnames    = undef,
  Hash              $conffiles          = {},
) {
  # dependencies: ensure config file is generated before potential usage
  File<| tag=='openssl-configs' |> -> Ssl_pkey<| |>
  File<| tag=='openssl-configs' |> -> X509_cert<| |>
  File<| tag=='openssl-configs' |> -> X509_request<| |>

  $conffiles.each | String $filename, Hash $vals | {
    openssl::config { $filename:
      * => {
        country           => $country,
        state             => $state,
        locality          => $locality,
        organization      => $organization,
        unit              => $unit,
        email             => $email,
        default_bits      => $default_bits,
        default_md        => $default_md,
        default_keyfile   => $default_keyfile,
        basicconstraints  => $basicconstraints,
        extendedkeyusages => $extendedkeyusages,
        keyusages         => $keyusages,
        subjectaltnames   => $subjectaltnames,
      } + $vals,
    }
  }
}