File: fernet_rotate.pp

package info (click to toggle)
puppet-module-keystone 25.0.0-4
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 2,428 kB
  • sloc: ruby: 9,684; pascal: 295; python: 38; makefile: 10; sh: 10
file content (87 lines) | stat: -rw-r--r-- 2,450 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
 
# Copyright 2017 Red Hat, Inc.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# == Class: keystone::cron::fernet_rotate
#
# Installs a cron job that rotates fernet keys.
#
# === Parameters
#
# [*ensure*]
#   (Optional) Valid values are present, absent.
#   Defaults to 'present'
#
# [*minute*]
#   (Optional) Minute.
#   Defaults to '1'
#
# [*hour*]
#   (Optional) Hour.
#   Defaults to '0'
#
# [*monthday*]
#   (Optional) Day of month.
#   Defaults to '*'
#
# [*month*]
#   (Optional) Month.
#   Defaults to '*'.
#
# [*weekday*]
#   (Optional) Day of week.
#   Defaults to '*'
#
# [*maxdelay*]
#   (Optional) Max random delay, should be a positive integer.
#   Induces a random delay before running the cronjob to avoid running all
#   cron jobs at the same time on all hosts this job is configured.
#   Defaults to 0
#
# [*user*]
#   (Optional) Allow to run the crontab on behalf any user.
#   Defaults to $::keystone::params::user
#
class keystone::cron::fernet_rotate (
  Enum['present', 'absent'] $ensure = present,
  $minute                           = 1,
  $hour                             = 0,
  $monthday                         = '*',
  $month                            = '*',
  $weekday                          = '*',
  Integer[0] $maxdelay              = 0,
  $user                             = $::keystone::params::user,
) inherits keystone::params {

  include keystone::deps

  if $maxdelay == 0 {
    $sleep = ''
  } else {
    $sleep = "sleep `expr \${RANDOM} \\% ${maxdelay}`; "
  }

  cron { 'keystone-manage fernet_rotate':
    ensure      => $ensure,
    command     => "${sleep}keystone-manage fernet_rotate",
    environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
    user        => $user,
    minute      => $minute,
    hour        => $hour,
    monthday    => $monthday,
    month       => $month,
    weekday     => $weekday,
    require     => Anchor['keystone::service::end'],
  }
}