diff options
Diffstat (limited to 'manifests/certmonger')
| -rw-r--r-- | manifests/certmonger/ca/local.pp | 10 | ||||
| -rw-r--r-- | manifests/certmonger/haproxy.pp | 11 |
2 files changed, 13 insertions, 8 deletions
diff --git a/manifests/certmonger/ca/local.pp b/manifests/certmonger/ca/local.pp index ea08dec..b7b7328 100644 --- a/manifests/certmonger/ca/local.pp +++ b/manifests/certmonger/ca/local.pp @@ -29,9 +29,11 @@ class tripleo::certmonger::ca::local( $extract_cmd = "openssl pkcs12 -in ${ca_pkcs12} -out ${ca_pem} -nokeys -nodes -passin pass:''" $trust_ca_cmd = 'update-ca-trust extract' exec { 'extract-and-trust-ca': - command => "${extract_cmd} && ${trust_ca_cmd}", - path => '/usr/bin', - creates => $ca_pem, - require => Package['certmonger'], + command => "${extract_cmd} && ${trust_ca_cmd}", + path => '/usr/bin', + creates => $ca_pem, + tries => 5, + try_sleep => 1, + require => Service['certmonger'], } } diff --git a/manifests/certmonger/haproxy.pp b/manifests/certmonger/haproxy.pp index 2b738e6..504acf3 100644 --- a/manifests/certmonger/haproxy.pp +++ b/manifests/certmonger/haproxy.pp @@ -47,18 +47,21 @@ define tripleo::certmonger::haproxy ( $postsave_cmd, $principal = undef, ){ + include ::haproxy::params certmonger_certificate { "${title}-cert": hostname => $hostname, + dnsname => $hostname, certfile => $service_certificate, keyfile => $service_key, postsave_cmd => $postsave_cmd, principal => $principal, } concat { $service_pem : - ensure => present, - mode => '0640', - owner => 'haproxy', - group => 'haproxy', + ensure => present, + mode => '0640', + owner => 'haproxy', + group => 'haproxy', + require => Package[$::haproxy::params::package_name], } concat::fragment { "${title}-cert-fragment": target => $service_pem, |