opendev/puppet-zanata
Code Issues Proposed changes

Merge "Add the Zanata server CRT into the Java keystore"

Browse Source
This commit is contained in:
Jenkins 2015-08-04 21:05:07 +00:00 committed by Gerrit Code Review
commit b697601a4b
1 changed files with 31 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
manifests/client.pp
View File

@ -26,6 +26,7 @@ class zanata::client(
) { ) {
$server_id = parse_server_id($server_url) $server_id = parse_server_id($server_url)
$server_name = regsubst($server_id, '_', '.', 'G')
file { '/opt/zanata': file { '/opt/zanata':
ensure => directory, ensure => directory,
@ -50,6 +51,36 @@ class zanata::client(
require => Exec['get_zanata_client_dist_tarball'], require => Exec['get_zanata_client_dist_tarball'],
} }
exec { 'get_zanata_server_certificate':
command => "openssl s_client -connect ${server_name}:443 -prexit 2>/dev/null | openssl x509 -in /dev/stdin -out /opt/zanata/${server_id}.crt",
path => '/bin:/usr/bin',
creates => "/opt/zanata/${server_id}.crt",
require => File['/opt/zanata'],
}
file { "/opt/zanata/${server_id}.crt":
ensure => present,
owner => $user,
group => $group,
mode => '0644',
require => Exec['get_zanata_server_certificate'],
}
java_ks { 'zanata_server:keystore':
ensure => latest,
certificate => "/opt/zanata/${server_id}.crt",
target => '/etc/ssl/certs/java/cacerts',
password => 'changeit',
require => File["/opt/zanata/${server_id}.crt"],
}
file { '/etc/ssl/certs/java/cacerts':
owner => 'root',
group => 'root',
mode => '0644',
require => Java_ks['zanata_server:keystore']
}
exec { 'unpack_zanata_client_dist_tarball': exec { 'unpack_zanata_client_dist_tarball':
command => "tar zxf zanata-cli-${version}-dist.tar.gz", command => "tar zxf zanata-cli-${version}-dist.tar.gz",
path => '/bin:/usr/bin', path => '/bin:/usr/bin',