1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
|
require 'pathname'
Puppet::Type.newtype(:x509_cert) do
desc 'An x509 certificate'
ensurable
newparam(:path, :namevar => true) do
desc 'The path to the certificate'
validate do |value|
path = Pathname.new(value)
unless path.absolute?
raise ArgumentError, "Path must be absolute: #{path}"
end
end
end
newparam(:private_key) do
desc 'The path to the private key'
defaultto do
path = Pathname.new(@resource[:path])
"#{path.dirname}/#{path.basename(path.extname)}.key"
end
validate do |value|
path = Pathname.new(value)
unless path.absolute?
raise ArgumentError, "Path must be absolute: #{path}"
end
end
end
newparam(:days) do
desc 'The validity of the certificate'
newvalues(/\d+/)
defaultto(3650)
end
newparam(:force, :boolean => true) do
desc 'Whether to replace the certificate if the private key mismatches'
newvalues(:true, :false)
defaultto false
end
newparam(:password) do
desc 'The optional password for the private key'
end
newparam(:req_ext, :boolean => true) do
desc 'Whether adding v3 SAN from config'
newvalues(:true, :false)
defaultto false
end
newparam(:template) do
desc 'The template to use'
defaultto do
path = Pathname.new(@resource[:path])
"#{path.dirname}/#{path.basename(path.extname)}.cnf"
end
validate do |value|
path = Pathname.new(value)
unless path.absolute?
raise ArgumentError, "Path must be absolute: #{path}"
end
end
end
newparam(:authentication) do
desc "The authentication algorithm: 'rsa' or 'dsa'"
newvalues /[dr]sa/
defaultto :rsa
end
autorequire(:file) do
self[:template]
end
autorequire(:ssl_pkey) do
self[:private_key]
end
autorequire(:file) do
self[:private_key]
end
end
|
