Initial version of ssl module

2011-03-16 17:40:45 +02:00 · 2011-03-16 17:40:45 +02:00 · 2223edcd76
commit 2223edcd76
parent 965a995aca
1 changed files with 43 additions and 0 deletions
--- a/ssl/manifests/init.pp
+++ b/ssl/manifests/init.pp
@ -0,0 +1,43 @@
+# Install OpenSSL.
+#
+class ssl::openssl {
+
+    package { "openssl":
+        ensure => installed,
+    }
+
+}
+
+
+# Create self-signed certificate.
+#
+# === Parameters:
+#
+#   $key:
+#       Key output file.
+#   $crt:
+#       Certificate output file.
+#   $days:
+#       Validity in days, defaults to 3650.
+#   $keysize:
+#       RSA key size, defaults to 2048.
+#   $subject:
+#       Subject, defaults to "/CN=${name}".
+#
+define ssl::certificate($key, $crt, $days="3650", $keysize="2048", $subject="") {
+
+    include ssl::openssl
+
+    if $subject {
+        $subject_real = $subject
+    } else {
+        $subject_real = "/CN=${name}"
+    }
+
+    exec { "openssl-req-${name}":
+        path    => "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin",
+        command => "/bin/sh -c 'umask 077 ; openssl req -x509 -nodes -days ${days} -newkey rsa:${keysize} -subj \"${subject_real}\" -keyout ${key} -out ${crt}'",
+        creates => [ "${key}", "${crt}" ],
+    }
+
+}