Puppet Class: dehydrated::setup

Defined in:
manifests/setup.pp

Summary

Setup required files and folders. Don't include/call this class.

Overview

This class creates all the necessary files and folders do handle key/csr creation and crt storage. It shoudld never be included in your puppet code.



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
 
# File 'manifests/setup.pp', line 9

class dehydrated::setup {
  require dehydrated::params

  if ! defined(Class['dehydrated']) {
    fail('You must include the dehydrated base class first; also this class is not supposed to be included on its own.')
  }

  if ($dehydrated::manage_user) {
    if ($facts['kernel'] == 'windows') {
      fail('User management not configured for windows')
    }

    if (defined('$dehydrated::group')) {
      if ($dehydrated::params::puppet_group != $dehydrated::group) {
        group { $dehydrated::group :
          ensure => 'present',
        }
        $group_require = Group[$dehydrated::group]
      }
    }
  }
  if (! defined('$group_require')) {
    $group_require = undef
  }

  if ($dehydrated::manage_packages) {
    ensure_packages($dehydrated::packages)
    if (!empty($dehydrated::pki_packages)) {
      ensure_packages($dehydrated::pki_packages)
    }
  }

  $config = {
    'base_dir'                          => $dehydrated::base_dir,
    'crt_dir'                           => $dehydrated::crt_dir,
    'csr_dir'                           => $dehydrated::csr_dir,
    'dehydrated_base_dir'               => $dehydrated::dehydrated_base_dir,
    'dehydrated_git_dir'                => $dehydrated::dehydrated_git_dir,
    'dehydrated_host'                   => $dehydrated::dehydrated_host,
    'dehydrated_puppetmaster'           => $dehydrated::params::dehydrated_puppetmaster,
    'dehydrated_requests_dir'           => $dehydrated::dehydrated_requests_dir,
    'dehydrated_requests_config'        => $dehydrated::dehydrated_requests_config,
    'dehydrated_status_file'            => $dehydrated::dehydrated_status_file,
    'dehydrated_monitoring_status_file' => $dehydrated::dehydrated_monitoring_status_file,
    'key_dir'                           => $dehydrated::key_dir,
  }

  $config_json = to_json($config)

  # puppet runs as system account in windows.
  # system accounts can't own files....
  case $facts['kernel'] {
    'windows' : {
      $config_user = $dehydrated::user
      $config_group = $dehydrated::group
    }
    'Linux' : {
      $config_user = $dehydrated::params::puppet_user
      $config_group = $dehydrated::params::puppet_group
    }
    default : {
      fail('Unknown OS')
    }
  }
  file { $dehydrated::params::configdir :
    ensure => directory,
    owner  => $config_user,
    group  => $config_group,
    mode   => '0750',
  }

  file { $dehydrated::params::configfile :
    ensure  => file,
    owner   => $config_user,
    group   => $config_group,
    mode    => '0640',
    content => $config_json,
  }

  File {
    ensure  => directory,
    owner   => $dehydrated::user,
    group   => $dehydrated::group,
    mode    => '0755',
    require => $group_require,
  }

  file { [
      $dehydrated::base_dir,
      $dehydrated::crt_dir,
      $dehydrated::csr_dir,
    ]:
  }

  file { $dehydrated::key_dir :
    mode => '0750',
  }

  concat { $dehydrated::params::domainfile :
    ensure => present,
    format => 'json-pretty',
  }
}