[MediaWiki-commits] [Gerrit] Clear master certs if we change puppet.conf - change (operations/puppet)

Wed, 26 Feb 2014 04:13:31 -0800 

Andrew Bogott has submitted this change and it was merged.

Change subject: Clear master certs if we change puppet.conf
......................................................................


Clear master certs if we change puppet.conf

This is a hack for labs migration -- it only takes effect
if a special file is found on the host:  /root/allowcertdeletion

Change-Id: I9551ab2bbbdda1ad495b5941a15a0b9561f24feb
---
M modules/base/manifests/init.pp
1 file changed, 11 insertions(+), 0 deletions(-)

Approvals:
  Andrew Bogott: Looks good to me, approved
  Tim Landscheidt: Looks good to me, but someone else must approve
  Matanya: Looks good to me, but someone else must approve
  jenkins-bot: Verified



diff --git a/modules/base/manifests/init.pp b/modules/base/manifests/init.pp
index 3d4ccba..891d751 100644
--- a/modules/base/manifests/init.pp
+++ b/modules/base/manifests/init.pp
@@ -169,6 +169,17 @@
         notify  => Exec['compile puppet.conf'],
     }
 
+    if $::realm == 'labs' {
+        # Clear master certs if puppet.conf changed
+        exec { 'delete master certs':
+            path        => '/usr/bin:/bin',
+            command     => 'rm -f /var/lib/puppet/ssl/certs/ca.pem; rm -f 
/var/lib/puppet/ssl/crl.pem; rm -f /root/allowcertdeletion',
+            onlyif      => 'test -f /root/allowcertdeletion',
+            subscribe   => File['/etc/puppet/puppet.conf.d/10-main.conf'],
+            refreshonly => true,
+        }
+    }
+
     file { '/etc/init.d/puppet':
         owner  => 'root',
         group  => 'root',

-- 
To view, visit https://gerrit.wikimedia.org/r/115594
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I9551ab2bbbdda1ad495b5941a15a0b9561f24feb
Gerrit-PatchSet: 6
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Andrew Bogott <abog...@wikimedia.org>
Gerrit-Reviewer: Alexandros Kosiaris <akosia...@wikimedia.org>
Gerrit-Reviewer: Andrew Bogott <abog...@wikimedia.org>
Gerrit-Reviewer: Mark Bergsma <m...@wikimedia.org>
Gerrit-Reviewer: Matanya <mata...@foss.co.il>
Gerrit-Reviewer: Tim Landscheidt <t...@tim-landscheidt.de>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to