ejabberd: Use ssl module for certificate paths

2013-07-31 23:04:46 +03:00 · 2013-07-31 23:04:46 +03:00 · 4c454a7f44
commit 4c454a7f44
parent 20423bd1db
1 changed files with 6 additions and 14 deletions
--- a/ejabberd/manifests/init.pp
+++ b/ejabberd/manifests/init.pp
@ -69,14 +69,7 @@ class ejabberd {
        status => "ejabberdctl status >/dev/null",
    }

-    case $::operatingsystem {
-        "debian","ubuntu": {
-            $cert_prefix = "/etc/ssl"
-        }
-        "centos","redhat","fedora": {
-            $cert_prefix = "/etc/pki/tls"
-        }
-    }
+    include ssl

    if !$ejabberd_ssl_key {
        $ejabberd_ssl_key = "${puppet_ssldir}/private_keys/${homename}.pem"
@ -85,7 +78,7 @@ class ejabberd {
        $ejabberd_ssl_cert = "${puppet_ssldir}/certs/${homename}.pem"
    }

-    file { "${cert_prefix}/private/ejabberd.key":
+    file { "${ssl::private}/ejabberd.key":
        ensure => present,
        source => $ejabberd_ssl_key,
        mode   => "0600",
@ -93,7 +86,7 @@ class ejabberd {
        group  => "root",
        notify => Exec["generate-ejabberd-pem"],
    }
-    file { "${cert_prefix}/certs/ejabberd.crt":
+    file { "${ssl::certs}/ejabberd.crt":
        ensure => present,
        source => $ejabberd_ssl_cert,
        mode   => "0644",
@ -102,7 +95,7 @@ class ejabberd {
        notify => Exec["generate-ejabberd-pem"],
    }
    if $ejabberd_ssl_chain {
-        file { "${cert_prefix}/certs/ejabberd.chain.crt":
+        file { "${ssl::certs}/ejabberd.chain.crt":
            ensure => present,
            source => $ejabberd_ssl_chain,
            mode   => "0644",
@ -110,14 +103,13 @@ class ejabberd {
            group  => "root",
            notify => Exec["generate-ejabberd-pem"],
        }
-        $cert_files = "private/ejabberd.key certs/ejabberd.crt certs/ejabberd.chain.crt"
+        $cert_files = "${ssl::private}/ejabberd.key ${ssl::certs}/ejabberd.crt ${ssl::certs}/ejabberd.chain.crt"
    } else {
-        $cert_files = "private/ejabberd.key certs/ejabberd.crt"
+        $cert_files = "${ssl::private}/ejabberd.key ${ssl::certs}/ejabberd.crt"
    }

    exec { "generate-ejabberd-pem":
        path        => "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin",
-        cwd         => $cert_prefix,
        command     => "/bin/sh -c 'umask 077 ; cat ${cert_files} > /etc/ejabberd/ejabberd.pem'",
        refreshonly => true,
        before      => File["/etc/ejabberd/ejabberd.pem"],