diff options
| author | luke <luke@980ebf18-57e1-0310-9a29-db15c13687c0> | 2007-05-04 23:09:34 +0000 |
|---|---|---|
| committer | luke <luke@980ebf18-57e1-0310-9a29-db15c13687c0> | 2007-05-04 23:09:34 +0000 |
| commit | 1f8de9d0c211ac5641f5ad827a0f478fff6bd223 (patch) | |
| tree | cd376d4ec4baa846ea9d9e885af7400ea97f63f5 /lib/puppet/sslcertificates | |
| parent | f783859c6fb9dd7eb79a6775b3fb58441b4a8b9c (diff) | |
| download | puppet-1f8de9d0c211ac5641f5ad827a0f478fff6bd223.tar.gz puppet-1f8de9d0c211ac5641f5ad827a0f478fff6bd223.tar.xz puppet-1f8de9d0c211ac5641f5ad827a0f478fff6bd223.zip | |
Consolidating all of the configuration parameter declarations into configuration, at least partially just because then the docs for each parameter have to be a bit better. Also, I have gotten rid of the "puppet" section, replacing it with "main", and changed, added, or removed a couple of other sections. In general, we should now prefer more sections, rather than fewer.
git-svn-id: https://reductivelabs.com/svn/puppet/trunk@2463 980ebf18-57e1-0310-9a29-db15c13687c0
Diffstat (limited to 'lib/puppet/sslcertificates')
| -rw-r--r-- | lib/puppet/sslcertificates/ca.rb | 79 | ||||
| -rw-r--r-- | lib/puppet/sslcertificates/inventory.rb | 10 |
2 files changed, 1 insertions, 88 deletions
diff --git a/lib/puppet/sslcertificates/ca.rb b/lib/puppet/sslcertificates/ca.rb index 723a0444b..018640d36 100644 --- a/lib/puppet/sslcertificates/ca.rb +++ b/lib/puppet/sslcertificates/ca.rb @@ -4,83 +4,6 @@ class Puppet::SSLCertificates::CA Certificate = Puppet::SSLCertificates::Certificate attr_accessor :keyfile, :file, :config, :dir, :cert, :crl - Puppet.setdefaults(:ca, - :cadir => { :default => "$ssldir/ca", - :owner => "$user", - :group => "$group", - :mode => 0770, - :desc => "The root directory for the certificate authority." - }, - :cacert => { :default => "$cadir/ca_crt.pem", - :owner => "$user", - :group => "$group", - :mode => 0660, - :desc => "The CA certificate." - }, - :cakey => { :default => "$cadir/ca_key.pem", - :owner => "$user", - :group => "$group", - :mode => 0660, - :desc => "The CA private key." - }, - :capub => { :default => "$cadir/ca_pub.pem", - :owner => "$user", - :group => "$group", - :desc => "The CA public key." - }, - :cacrl => { :default => "$cadir/ca_crl.pem", - :owner => "$user", - :group => "$group", - :mode => 0664, - :desc => "The certificate revocation list (CRL) for the CA. Set this to 'none' if you do not want to use a CRL." - }, - :caprivatedir => { :default => "$cadir/private", - :owner => "$user", - :group => "$group", - :mode => 0770, - :desc => "Where the CA stores private certificate information." - }, - :csrdir => { :default => "$cadir/requests", - :owner => "$user", - :group => "$group", - :desc => "Where the CA stores certificate requests" - }, - :signeddir => { :default => "$cadir/signed", - :owner => "$user", - :group => "$group", - :mode => 0770, - :desc => "Where the CA stores signed certificates." - }, - :capass => { :default => "$caprivatedir/ca.pass", - :owner => "$user", - :group => "$group", - :mode => 0660, - :desc => "Where the CA stores the password for the private key" - }, - :serial => { :default => "$cadir/serial", - :owner => "$user", - :group => "$group", - :desc => "Where the serial number for certificates is stored." - }, - :autosign => { :default => "$confdir/autosign.conf", - :mode => 0644, - :desc => "Whether to enable autosign. Valid values are true (which - autosigns any key request, and is a very bad idea), false (which - never autosigns any key request), and the path to a file, which - uses that configuration file to determine which keys to sign."}, - :ca_days => ["", "How long a certificate should be valid. - This parameter is deprecated, use ca_ttl instead"], - :ca_ttl => ["5y", "The default TTL for new certificates; valid values - must be an integer, optionally followed by one of the units - 'y' (years of 365 days), 'd' (days), 'h' (hours), or - 's' (seconds). The unit defaults to seconds. If this parameter - is set, ca_days is ignored. Examples are '3600' (one hour) - and '1825d', which is the same as '5y' (5 years) "], - :ca_md => ["md5", "The type of hash used in certificates."], - :req_bits => [2048, "The bit length of the certificates."], - :keylength => [1024, "The bit length of keys."] - ) - def certfile @config[:cacert] end @@ -128,7 +51,7 @@ class Puppet::SSLCertificates::CA end def initialize(hash = {}) - Puppet.config.use(:puppet, :certificates, :ca) + Puppet.config.use(:main, :ca, :ssl) self.setconfig(hash) if Puppet[:capass] diff --git a/lib/puppet/sslcertificates/inventory.rb b/lib/puppet/sslcertificates/inventory.rb index 045780a69..156fff7ec 100644 --- a/lib/puppet/sslcertificates/inventory.rb +++ b/lib/puppet/sslcertificates/inventory.rb @@ -3,16 +3,6 @@ module Puppet::SSLCertificates module Inventory - Puppet.config.setdefaults(:ca, - :cert_inventory => { - :default => "$cadir/inventory.txt", - :mode => 0644, - :owner => "$user", - :group => "$group", - :desc => "A Complete listing of all certificates" - } - ) - # Add CERT to the inventory of issued certs in '$cadir/inventory.txt' # If no inventory exists yet, build an inventory and list all the # certificates that have been signed so far |