diff options
Diffstat (limited to 'docs/certmaster-sync.pod')
-rw-r--r-- | docs/certmaster-sync.pod | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/docs/certmaster-sync.pod b/docs/certmaster-sync.pod new file mode 100644 index 0000000..1519387 --- /dev/null +++ b/docs/certmaster-sync.pod @@ -0,0 +1,44 @@ +=head1 NAME + +certmaster-sync -- syncronize client certificates with Func. + +=head1 SYNOPSIS + +certmaster-sync [-f|--force] + +=head1 DESCRIPTION + +certmaster-sync syncronizes client certificates amongst certmaster clients via Func. It is assumed that the hosts who have requested certificates are reachable via Func for syncronization operations. + +certmaster-sync by default is called as a post-sign and post-clean trigger. In order to enable syncronization you must set B<sync_certs> to B<True>, see B<CONFIGURATION VALUES> below. + +The syncronization occurs by querying remote Func methods in B<certmastermod> on the minion hosts. This will gather information, copy any new certificates, and remove any certificates that have been cleaned. + +=head1 OPTIONS + +=over + +=item -f, --force + +Override the configuration value for B<sync_certs> in F</etc/certmaster/certmaster.conf> + +=back + +=head1 CONFIGURATION VALUES + +=over + +=item sync_certs + +B<sync_certs> determines whether or not the script will actually syncronize or if it will exit with no operation. You can use -f|--force to override this configuration value. (Default: False) + +=back + +=head1 ADDITONAL RESOURCES + +See https://fedorahosted.org/certmaster. It's a Wiki. +See also https://fedorahosted.org/func + +=head1 AUTHOR + +John Eckersberg <jeckersb@redhat.com> |