[MediaWiki-commits] [Gerrit] puppetmaster: fix puppet.conf for new CA cert - change (operations/puppet)
Gage has submitted this change and it was merged. Change subject: puppetmaster: fix puppet.conf for new CA cert .. puppetmaster: fix puppet.conf for new CA cert certname now takes the default value and X509v3 Subject Alternative Name becomes DNS:puppet, therefore hostcert and hostprivkey use default values and do not need explicit definitions ref: step #18, https://wikitech.wikimedia.org/wiki/Puppet_CA_replacement#Procedure Change-Id: I515804c0477f14c9fd911537b4c959275163ddfe --- M modules/puppetmaster/templates/master.conf.erb 1 file changed, 0 insertions(+), 3 deletions(-) Approvals: Gage: Looks good to me, approved jenkins-bot: Verified diff --git a/modules/puppetmaster/templates/master.conf.erb b/modules/puppetmaster/templates/master.conf.erb index 77a9c88..bdd8bcf 100644 --- a/modules/puppetmaster/templates/master.conf.erb +++ b/modules/puppetmaster/templates/master.conf.erb @@ -1,6 +1,5 @@ [master] -certname = %= scope.lookupvar('puppetmaster::server_name') % templatedir = /etc/puppet/templates modulepath = /etc/puppet/private/modules:/etc/puppet/modules @@ -15,5 +14,3 @@ ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY %- end -% -hostcert = /var/lib/puppet/server/ssl/certs/%= @fqdn %.pem -hostprivkey = /var/lib/puppet/server/ssl/private_keys/%= @fqdn %.pem -- To view, visit https://gerrit.wikimedia.org/r/222151 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I515804c0477f14c9fd911537b4c959275163ddfe Gerrit-PatchSet: 2 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Gage jger...@wikimedia.org Gerrit-Reviewer: Gage jger...@wikimedia.org Gerrit-Reviewer: jenkins-bot ___ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
[MediaWiki-commits] [Gerrit] puppetmaster: fix puppet.conf for new CA cert - change (operations/puppet)
Gage has uploaded a new change for review. https://gerrit.wikimedia.org/r/222151 Change subject: puppetmaster: fix puppet.conf for new CA cert .. puppetmaster: fix puppet.conf for new CA cert certname now takes the default value and X509v3 Subject Alternative Name becomes DNS:puppet ref: step #18, https://wikitech.wikimedia.org/wiki/Puppet_CA_replacement#Procedure Change-Id: I515804c0477f14c9fd911537b4c959275163ddfe --- M modules/puppetmaster/templates/master.conf.erb 1 file changed, 0 insertions(+), 3 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/51/222151/1 diff --git a/modules/puppetmaster/templates/master.conf.erb b/modules/puppetmaster/templates/master.conf.erb index 77a9c88..bdd8bcf 100644 --- a/modules/puppetmaster/templates/master.conf.erb +++ b/modules/puppetmaster/templates/master.conf.erb @@ -1,6 +1,5 @@ [master] -certname = %= scope.lookupvar('puppetmaster::server_name') % templatedir = /etc/puppet/templates modulepath = /etc/puppet/private/modules:/etc/puppet/modules @@ -15,5 +14,3 @@ ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY %- end -% -hostcert = /var/lib/puppet/server/ssl/certs/%= @fqdn %.pem -hostprivkey = /var/lib/puppet/server/ssl/private_keys/%= @fqdn %.pem -- To view, visit https://gerrit.wikimedia.org/r/222151 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I515804c0477f14c9fd911537b4c959275163ddfe Gerrit-PatchSet: 1 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Gage jger...@wikimedia.org ___ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits