Commit a0238312 authored by Matt Wise's avatar Matt Wise
Browse files

Add an optional "content" parameter to the freeradius::cert resource.

This allows the user to pass in raw content rather than just
a direct file resource. Great for use cases where people don't
store private keys in raw files in their repo, but use some alternative
method to get them.
parent 54ab1a35
......@@ -148,6 +148,13 @@ freeradius::cert { 'mycert.pem':
}
```
```puppet
freeradius::cert { 'mycert.pem':
content => '<your key/cert content here>',
type => 'key',
}
```
##### `type`
Set file permissions on the installed certificate differently depending on whether this is a private key or a public certificate. Note that the default is to treat the file as a private key and remove world-readable privileges. Allowable values: `cert`, `key`. Default: `key`.
......
# Install FreeRADIUS certificates
define freeradius::cert (
$source,
$source = undef,
$content = undef,
$type = 'key',
$ensure = present,
) {
......@@ -16,12 +17,13 @@ define freeradius::cert (
}
file { "${fr_basepath}/certs/${name}":
ensure => $ensure,
mode => $permission,
owner => 'root',
group => $fr_group,
source => $source,
require => [File["${fr_basepath}/certs"], Package[$fr_package], Group[$fr_group]],
notify => Service[$fr_service],
ensure => $ensure,
mode => $permission,
owner => 'root',
group => $fr_group,
source => $source,
content => $content,
require => [File["${fr_basepath}/certs"], Package[$fr_package], Group[$fr_group]],
notify => Service[$fr_service],
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment