From 9b98ce9769c7a493c490e420320d9c8bd89078ae Mon Sep 17 00:00:00 2001 From: Ossi Salmi Date: Fri, 2 Sep 2011 16:37:00 +0300 Subject: [PATCH] Added certificate handling for ejabberd --- ejabberd/manifests/init.pp | 50 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/ejabberd/manifests/init.pp b/ejabberd/manifests/init.pp index 2064b31..e9827ac 100644 --- a/ejabberd/manifests/init.pp +++ b/ejabberd/manifests/init.pp @@ -26,6 +26,56 @@ class ejabberd { enable => true, } + case $operatingsystem { + "debian", "ubuntu": { + $cert_prefix = "/etc/ssl" + } + "centos", "fedora": { + $cert_prefix = "/etc/pki/tls" + } + } + + if $ejabberd_ssl_key and $ejabberd_ssl_cert { + file { "${cert_prefix}/private/ejabberd.key": + ensure => present, + source => $ejabberd_ssl_key, + mode => 0600, + owner => root, + group => root, + notify => Exec["generate-ejabberd-pem"], + } + file { "${cert_prefix}/certs/ejabberd.crt": + ensure => present, + source => $ejabberd_ssl_cert, + mode => 0644, + owner => root, + group => root, + notify => Exec["generate-ejabberd-pem"], + } + if $ejabberd_ssl_chain { + file { "${cert_prefix}/certs/ejabberd.chain.crt": + ensure => present, + source => $ejabberd_ssl_chain, + mode => 0644, + owner => root, + group => root, + notify => Exec["generate-ejabberd-pem"], + } + $cert_files = "private/ejabberd.key certs/ejabberd.crt certs/ejabberd.chain.crt" + } else { + $cert_files = "private/ejabberd.key certs/ejabberd.crt" + } + exec { "generate-ejabberd-pem": + path => "/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin", + cwd => $cert_prefix, + command => "/bin/sh -c 'umask 077 ; cat ${cert_files} > /etc/ejabberd/ejabberd.pem'", + refreshonly => true, + before => File["/etc/ejabberd/ejabberd.pem"], + require => Package["ejabberd"], + notify => Service["ejabberd"], + } + } + file { "/etc/ejabberd/ejabberd.pem": ensure => present, mode => 0600,