diff options
author | Juan Antonio Osorio Robles <jaosorior@redhat.com> | 2016-07-18 18:00:14 +0300 |
---|---|---|
committer | Juan Antonio Osorio Robles <jaosorior@redhat.com> | 2016-07-18 18:00:14 +0300 |
commit | b05e8debde9ae61ab1baadd4bf23f532b29a9a5f (patch) | |
tree | 684c1f855fc817d74f56298ec3a5f98ef47106ad /manifests/certmonger | |
parent | b613e77015a74f3f0e86049007a97d2851916db8 (diff) |
Add principal to certmonger's haproxy helper
The principal is needed for kerberos-based solutions like FreeIPA.
bp tls-via-certmonger
Change-Id: Ie27848f522d11135b061aef766de2b696c77fcb9
Diffstat (limited to 'manifests/certmonger')
-rw-r--r-- | manifests/certmonger/haproxy.pp | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/manifests/certmonger/haproxy.pp b/manifests/certmonger/haproxy.pp index 0806e40..2b738e6 100644 --- a/manifests/certmonger/haproxy.pp +++ b/manifests/certmonger/haproxy.pp @@ -36,18 +36,23 @@ # The post-save-command that certmonger will use once it renews the # certificate. # +# [*principal*] +# The haproxy service principal that is set for HAProxy in kerberos. +# define tripleo::certmonger::haproxy ( $service_pem, $service_certificate, $service_key, $hostname, $postsave_cmd, + $principal = undef, ){ certmonger_certificate { "${title}-cert": hostname => $hostname, certfile => $service_certificate, keyfile => $service_key, postsave_cmd => $postsave_cmd, + principal => $principal, } concat { $service_pem : ensure => present, |