blob: 54eb1539b8592cc41546550c7fa68415f6de081a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
# Distribute the current Puppet CA certificate to client systems.
#
# To ensure the portability of this code and minimize dependencies, this class uses the `file`
# function to distribute the CA certificate instead of having end nodes directly fetch the
# certificate themselves. This means that Puppet installations using a master of master/CA server
# and compile nodes will need to run Puppet on the compile masters before the CA cert can be
# distributed to the agents.
class certregen::client(
$manage_crl = true
) {
file { $::localcacert:
ensure => present,
content => file($settings::cacert, $settings::localcacert, '/dev/null'),
mode => '0644',
}
$pe_build = getvar('::pe_build')
$crl_managed_by_pe = ($pe_build and versioncmp($pe_build, '3.7.0') >= 0) and is_classified_with('puppet_enterprise::profile::master')
$needs_crl = $manage_crl and !defined(File[$::hostcrl]) and !$crl_managed_by_pe
if $needs_crl {
file { $::hostcrl:
ensure => present,
content => file($settings::cacrl, $settings::hostcrl, '/dev/null'),
mode => '0644',
}
}
}
|
