[MediaWiki-commits] [Gerrit] puppetmaster: fix puppet.conf for new CA cert - change (operations/puppet)
Gage has submitted this change and it was merged.
Change subject: puppetmaster: fix puppet.conf for new CA cert
..
puppetmaster: fix puppet.conf for new CA cert
certname now takes the default value and X509v3 Subject Alternative Name
becomes DNS:puppet, therefore hostcert and hostprivkey use default values and
do not need explicit definitions
ref: step #18,
https://wikitech.wikimedia.org/wiki/Puppet_CA_replacement#Procedure
Change-Id: I515804c0477f14c9fd911537b4c959275163ddfe
---
M modules/puppetmaster/templates/master.conf.erb
1 file changed, 0 insertions(+), 3 deletions(-)
Approvals:
Gage: Looks good to me, approved
jenkins-bot: Verified
diff --git a/modules/puppetmaster/templates/master.conf.erb
b/modules/puppetmaster/templates/master.conf.erb
index 77a9c88..bdd8bcf 100644
--- a/modules/puppetmaster/templates/master.conf.erb
+++ b/modules/puppetmaster/templates/master.conf.erb
@@ -1,6 +1,5 @@
[master]
-certname = %= scope.lookupvar('puppetmaster::server_name') %
templatedir = /etc/puppet/templates
modulepath = /etc/puppet/private/modules:/etc/puppet/modules
@@ -15,5 +14,3 @@
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY
%- end -%
-hostcert = /var/lib/puppet/server/ssl/certs/%= @fqdn %.pem
-hostprivkey = /var/lib/puppet/server/ssl/private_keys/%= @fqdn %.pem
--
To view, visit https://gerrit.wikimedia.org/r/222151
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I515804c0477f14c9fd911537b4c959275163ddfe
Gerrit-PatchSet: 2
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Gage jger...@wikimedia.org
Gerrit-Reviewer: Gage jger...@wikimedia.org
Gerrit-Reviewer: jenkins-bot
___
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
[MediaWiki-commits] [Gerrit] puppetmaster: fix puppet.conf for new CA cert - change (operations/puppet)
Gage has uploaded a new change for review.
https://gerrit.wikimedia.org/r/222151
Change subject: puppetmaster: fix puppet.conf for new CA cert
..
puppetmaster: fix puppet.conf for new CA cert
certname now takes the default value and X509v3 Subject Alternative Name
becomes DNS:puppet
ref: step #18,
https://wikitech.wikimedia.org/wiki/Puppet_CA_replacement#Procedure
Change-Id: I515804c0477f14c9fd911537b4c959275163ddfe
---
M modules/puppetmaster/templates/master.conf.erb
1 file changed, 0 insertions(+), 3 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/51/222151/1
diff --git a/modules/puppetmaster/templates/master.conf.erb
b/modules/puppetmaster/templates/master.conf.erb
index 77a9c88..bdd8bcf 100644
--- a/modules/puppetmaster/templates/master.conf.erb
+++ b/modules/puppetmaster/templates/master.conf.erb
@@ -1,6 +1,5 @@
[master]
-certname = %= scope.lookupvar('puppetmaster::server_name') %
templatedir = /etc/puppet/templates
modulepath = /etc/puppet/private/modules:/etc/puppet/modules
@@ -15,5 +14,3 @@
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY
%- end -%
-hostcert = /var/lib/puppet/server/ssl/certs/%= @fqdn %.pem
-hostprivkey = /var/lib/puppet/server/ssl/private_keys/%= @fqdn %.pem
--
To view, visit https://gerrit.wikimedia.org/r/222151
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I515804c0477f14c9fd911537b4c959275163ddfe
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Gage jger...@wikimedia.org
___
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
