kerberos: Refactored kerberos keytab generation to use fileshare instead of templates.

2013-09-25 12:13:05 +03:00 · 2013-09-25 12:13:05 +03:00 · f0199bfcbd
commit f0199bfcbd
parent 67e91bb8b5
3 changed files with 76 additions and 68 deletions
--- a/kerberos/manifests/init.pp
+++ b/kerberos/manifests/init.pp
@ -244,7 +244,8 @@ class kerberos::server::ldap inherits kerberos::server {
 #     principals => [ "host/testhost.foo.sh@FOO.SH" ],
 # }
 #
-define kerberos::keytab($principals = [], $ensure = present, $owner = "root", $group = "", $mode = "0600") {
+define kerberos::keytab($principals=[], $ensure=present, $owner="root",
+                           $group="", $mode="0600") {

    case $group {
        "": {
@ -258,12 +259,15 @@ define kerberos::keytab($principals = [], $ensure = present, $owner = "root", $g
        }
    }

+    keytab_generate($name, $principals)
+    $source = base64($name)
+
    file { $name:
-        ensure  => $ensure,
-        content => template("kerberos/keytab.erb"),
-        mode    => $mode,
-        owner   => $owner,
-        group   => $real_group,
+        ensure => $ensure,
+        source => "puppet:///generated/${source}",
+        mode   => $mode,
+        owner  => $owner,
+        group  => $real_group,
    }

 }