summaryrefslogtreecommitdiffstats
path: root/manifests/certmonger
diff options
context:
space:
mode:
authorJuan Antonio Osorio Robles <jaosorior@redhat.com>2016-07-18 18:00:14 +0300
committerJuan Antonio Osorio Robles <jaosorior@redhat.com>2016-07-18 18:00:14 +0300
commitb05e8debde9ae61ab1baadd4bf23f532b29a9a5f (patch)
tree684c1f855fc817d74f56298ec3a5f98ef47106ad /manifests/certmonger
parentb613e77015a74f3f0e86049007a97d2851916db8 (diff)
Add principal to certmonger's haproxy helper
The principal is needed for kerberos-based solutions like FreeIPA. bp tls-via-certmonger Change-Id: Ie27848f522d11135b061aef766de2b696c77fcb9
Diffstat (limited to 'manifests/certmonger')
-rw-r--r--manifests/certmonger/haproxy.pp5
1 files changed, 5 insertions, 0 deletions
diff --git a/manifests/certmonger/haproxy.pp b/manifests/certmonger/haproxy.pp
index 0806e40..2b738e6 100644
--- a/manifests/certmonger/haproxy.pp
+++ b/manifests/certmonger/haproxy.pp
@@ -36,18 +36,23 @@
# The post-save-command that certmonger will use once it renews the
# certificate.
#
+# [*principal*]
+# The haproxy service principal that is set for HAProxy in kerberos.
+#
define tripleo::certmonger::haproxy (
$service_pem,
$service_certificate,
$service_key,
$hostname,
$postsave_cmd,
+ $principal = undef,
){
certmonger_certificate { "${title}-cert":
hostname => $hostname,
certfile => $service_certificate,
keyfile => $service_key,
postsave_cmd => $postsave_cmd,
+ principal => $principal,
}
concat { $service_pem :
ensure => present,