Puppet Class: dehydrated::setup

Defined in:
manifests/setup.pp

Summary

Setup required files and folders. Don't include/call this class.

Overview

This class creates all the necessary files and folders do handle key/csr creation and crt storage. It shoudld never be included in your puppet code.



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
 
# File 'manifests/setup.pp', line 9

class dehydrated::setup {

  require ::dehydrated::params

  if ! defined(Class['dehydrated']) {
    fail('You must include the dehydrated base class first; also this class is not supposed to be included on its own.')
  }

  if ($::dehydrated::manage_user) {
    if ($facts['kernel'] == 'windows') {
      fail('User management not configured for windows')
    }

    if (defined('$::dehydrated::group')) {
      if ($::dehydrated::params::puppet_group != $::dehydrated::group) {
        group { $::dehydrated::group :
          ensure => 'present'
        }
        $group_require = Group[$::dehydrated::group]
      }
    }
  }
  if (! defined('$group_require')) {
    $group_require = undef
  }



  if ($::dehydrated::manage_packages) {
    ensure_packages($::dehydrated::packages)
    if (!empty($::dehydrated::pki_packages)) {
      ensure_packages($::dehydrated::pki_packages)
    }
  }

  $config = {
    'base_dir'                          => $::dehydrated::base_dir,
    'crt_dir'                           => $::dehydrated::crt_dir,
    'csr_dir'                           => $::dehydrated::csr_dir,
    'dehydrated_base_dir'               => $::dehydrated::dehydrated_base_dir,
    'dehydrated_git_dir'                => $::dehydrated::dehydrated_git_dir,
    'dehydrated_host'                   => $::dehydrated::dehydrated_host,
    'dehydrated_puppetmaster'           => $::dehydrated::params::dehydrated_puppetmaster,
    'dehydrated_requests_dir'           => $::dehydrated::dehydrated_requests_dir,
    'dehydrated_requests_config'        => $::dehydrated::dehydrated_requests_config,
    'dehydrated_status_file'            => $::dehydrated::dehydrated_status_file,
    'dehydrated_monitoring_status_file' => $::dehydrated::dehydrated_monitoring_status_file,
    'key_dir'                           => $::dehydrated::key_dir,
  }

  $config_json = to_json($config)

  # puppet runs as system account in windows.
  # system accounts can't own files....
  case $facts['kernel'] {
    'windows' : {
      $config_user = $::dehydrated::user
      $config_group = $::dehydrated::group
    }
    'Linux' : {
      $config_user = $::dehydrated::params::puppet_user
      $config_group = $::dehydrated::params::puppet_group
    }
    default : {
      fail('Unknown OS')
    }
  }
  file { $::dehydrated::params::configdir :
    ensure => directory,
    owner  => $config_user,
    group  => $config_group,
    mode   => '0750',
  }

  file { $::dehydrated::params::configfile :
    ensure  => file,
    owner   => $config_user,
    group   => $config_group,
    mode    => '0640',
    content => $config_json,
  }

  File {
    ensure  => directory,
    owner   => $::dehydrated::user,
    group   => $::dehydrated::group,
    mode    => '0755',
    require => $group_require,
  }

  file { [
    $::dehydrated::base_dir,
    $::dehydrated::crt_dir,
    $::dehydrated::csr_dir,
    ] :
  }

  file { $::dehydrated::key_dir :
    mode => '0750',
  }

  concat { $::dehydrated::params::domainfile :
    ensure => present,
    format => 'json-pretty',
  }
}