From 5f06698dbd96c6c084f498e3ca70c8d516415e3a Mon Sep 17 00:00:00 2001
From: Ossi Salmi <osalmi@iki.fi>
Date: Thu, 7 Mar 2013 14:33:13 +0200
Subject: [PATCH] Use puppet certificates in ejabberd by default

---
 ejabberd/manifests/init.pp | 72 +++++++++++++++++++++-----------------
 1 file changed, 39 insertions(+), 33 deletions(-)

diff --git a/ejabberd/manifests/init.pp b/ejabberd/manifests/init.pp
index 45b96b2..b06b93c 100644
--- a/ejabberd/manifests/init.pp
+++ b/ejabberd/manifests/init.pp
@@ -78,45 +78,51 @@ class ejabberd {
         }
     }
 
-    if $ejabberd_ssl_key and $ejabberd_ssl_cert {
-        file { "${cert_prefix}/private/ejabberd.key":
+    if !$ejabberd_ssl_key {
+        $ejabberd_ssl_key = "${puppet_ssldir}/private_keys/${homename}.pem"
+    }
+    if !$ejabberd_ssl_cert {
+        $ejabberd_ssl_cert = "${puppet_ssldir}/certs/${homename}.pem"
+    }
+
+    file { "${cert_prefix}/private/ejabberd.key":
+        ensure => present,
+        source => $ejabberd_ssl_key,
+        mode   => "0600",
+        owner  => "root",
+        group  => "root",
+        notify => Exec["generate-ejabberd-pem"],
+    }
+    file { "${cert_prefix}/certs/ejabberd.crt":
+        ensure => present,
+        source => $ejabberd_ssl_cert,
+        mode   => "0644",
+        owner  => "root",
+        group  => "root",
+        notify => Exec["generate-ejabberd-pem"],
+    }
+    if $ejabberd_ssl_chain {
+        file { "${cert_prefix}/certs/ejabberd.chain.crt":
             ensure => present,
-            source => $ejabberd_ssl_key,
-            mode   => "0600",
-            owner  => "root",
-            group  => "root",
-            notify => Exec["generate-ejabberd-pem"],
-        }
-        file { "${cert_prefix}/certs/ejabberd.crt":
-            ensure => present,
-            source => $ejabberd_ssl_cert,
+            source => $ejabberd_ssl_chain,
             mode   => "0644",
             owner  => "root",
             group  => "root",
             notify => Exec["generate-ejabberd-pem"],
         }
-        if $ejabberd_ssl_chain {
-            file { "${cert_prefix}/certs/ejabberd.chain.crt":
-                ensure => present,
-                source => $ejabberd_ssl_chain,
-                mode   => "0644",
-                owner  => "root",
-                group  => "root",
-                notify => Exec["generate-ejabberd-pem"],
-            }
-            $cert_files = "private/ejabberd.key certs/ejabberd.crt certs/ejabberd.chain.crt"
-        } else {
-            $cert_files = "private/ejabberd.key certs/ejabberd.crt"
-        }
-        exec { "generate-ejabberd-pem":
-            path        => "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin",
-            cwd         => $cert_prefix,
-            command     => "/bin/sh -c 'umask 077 ; cat ${cert_files} > /etc/ejabberd/ejabberd.pem'",
-            refreshonly => true,
-            before      => File["/etc/ejabberd/ejabberd.pem"],
-            require     => Package["ejabberd"],
-            notify      => Service["ejabberd"],
-        }
+        $cert_files = "private/ejabberd.key certs/ejabberd.crt certs/ejabberd.chain.crt"
+    } else {
+        $cert_files = "private/ejabberd.key certs/ejabberd.crt"
+    }
+
+    exec { "generate-ejabberd-pem":
+        path        => "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin",
+        cwd         => $cert_prefix,
+        command     => "/bin/sh -c 'umask 077 ; cat ${cert_files} > /etc/ejabberd/ejabberd.pem'",
+        refreshonly => true,
+        before      => File["/etc/ejabberd/ejabberd.pem"],
+        require     => Package["ejabberd"],
+        notify      => Service["ejabberd"],
     }
 
     file { "/etc/ejabberd/ejabberd.pem":