[MediaWiki-commits] [Gerrit] Ensuring puppet::self::client ssldir exists, - change (operations/puppet)

Ottomata (Code Review) Mon, 15 Apr 2013 08:52:36 -0700

Ottomata has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/59152



Change subject: Ensuring puppet::self::client ssldir exists,
......................................................................

Ensuring puppet::self::client ssldir exists,

moving inclusion of puppetmaster::ssl to puppet::self:config for puppet::self 
masters

Change-Id: I26757c91477adec003a5069282c9f0d8faddb36e
---
M manifests/puppetmaster.pp
1 file changed, 20 insertions(+), 9 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/operations/puppet 
refs/changes/52/59152/1

diff --git a/manifests/puppetmaster.pp b/manifests/puppetmaster.pp
index a802dbb..b423950 100644
--- a/manifests/puppetmaster.pp
+++ b/manifests/puppetmaster.pp
@@ -510,11 +510,6 @@
                ],
        }
 
-       class { 'puppetmaster::ssl':
-               server_name => $::fqdn,
-               ca => true
-       }
-
        service { 'puppetmaster':
                ensure    => 'running',
                require   => Package['puppetmaster'],
@@ -566,9 +561,26 @@
        # This is set to something different than the default
        # /var/lib/puppet/ssl to avoid conflicts with previously
        # generated puppet certificates from the normal puppet setup.
-       $ssldir = $is_puppetmaster ? {
-               true    => '/var/lib/puppet/server/ssl',
-               default => '/var/lib/puppet/client/ssl',
+       if $is_puppetmaster {
+               $ssldir = '/var/lib/puppet/server/ssl'
+               # include puppetmaster::ssl for self hosted
+               # puppetmasters.  (This sets up the ssl directories).
+               class { 'puppetmaster::ssl':
+                       server_name => $::fqdn,
+                       ca          => true
+               }
+       }
+       else {
+               $ssldir = '/var/lib/puppet/client/ssl'
+               # ensure $ssldir's parent dir exists
+               # so that puppet can create $ssldir.
+               file { '/var/lib/puppet/client':
+                       ensure  => directory,
+                       owner   => puppet,
+                       group   => root,
+                       mode    => 0771,
+                       require => Package['puppet'],
+               }
        }
 
        File['/etc/puppet/puppet.conf.d/10-main.conf'] {
@@ -594,7 +606,6 @@
                        default => absent,
                }
        }
-
 }
 
 

-- 
To view, visit https://gerrit.wikimedia.org/r/59152
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I26757c91477adec003a5069282c9f0d8faddb36e
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Ottomata <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] Ensuring puppet::self::client ssldir exists, - change (operations/puppet)

Reply via email to