From 2223edcd76eb145be8f0f8aeabde7fb13e4856b6 Mon Sep 17 00:00:00 2001
From: Ossi Salmi <osalmi@iki.fi>
Date: Wed, 16 Mar 2011 17:40:45 +0200
Subject: [PATCH] Initial version of ssl module

---
 ssl/manifests/init.pp | 43 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 ssl/manifests/init.pp

diff --git a/ssl/manifests/init.pp b/ssl/manifests/init.pp
new file mode 100644
index 0000000..ef6f8b2
--- /dev/null
+++ b/ssl/manifests/init.pp
@@ -0,0 +1,43 @@
+# Install OpenSSL.
+#
+class ssl::openssl {
+
+    package { "openssl":
+        ensure => installed,
+    }
+
+}
+
+
+# Create self-signed certificate.
+#
+# === Parameters:
+#
+#   $key:
+#       Key output file.
+#   $crt:
+#       Certificate output file.
+#   $days:
+#       Validity in days, defaults to 3650.
+#   $keysize:
+#       RSA key size, defaults to 2048.
+#   $subject:
+#       Subject, defaults to "/CN=${name}".
+#
+define ssl::certificate($key, $crt, $days="3650", $keysize="2048", $subject="") {
+
+    include ssl::openssl
+
+    if $subject {
+        $subject_real = $subject
+    } else {
+        $subject_real = "/CN=${name}"
+    }
+
+    exec { "openssl-req-${name}":
+        path    => "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin",
+        command => "/bin/sh -c 'umask 077 ; openssl req -x509 -nodes -days ${days} -newkey rsa:${keysize} -subj \"${subject_real}\" -keyout ${key} -out ${crt}'",
+        creates => [ "${key}", "${crt}" ],
+    }
+
+}