diff options
author | Michael Scherer <misc@mageia.org> | 2012-03-19 17:11:39 +0000 |
---|---|---|
committer | Michael Scherer <misc@mageia.org> | 2012-03-19 17:11:39 +0000 |
commit | 79a0ef03872196d78bddaec3d7b657dd288a4ab4 (patch) | |
tree | a452749dd7313855c71fe09bfa9b0fa247cd0e25 /modules/gnupg | |
parent | 77423467c387b1ca0e0c5aa85a9bdd52e3372bb7 (diff) | |
download | puppet-79a0ef03872196d78bddaec3d7b657dd288a4ab4.tar puppet-79a0ef03872196d78bddaec3d7b657dd288a4ab4.tar.gz puppet-79a0ef03872196d78bddaec3d7b657dd288a4ab4.tar.bz2 puppet-79a0ef03872196d78bddaec3d7b657dd288a4ab4.tar.xz puppet-79a0ef03872196d78bddaec3d7b657dd288a4ab4.zip |
split gnupg::keys in a separate file
Diffstat (limited to 'modules/gnupg')
-rw-r--r-- | modules/gnupg/manifests/init.pp | 43 | ||||
-rw-r--r-- | modules/gnupg/manifests/keys.pp | 38 |
2 files changed, 39 insertions, 42 deletions
diff --git a/modules/gnupg/manifests/init.pp b/modules/gnupg/manifests/init.pp index c2237264..d6ae319d 100644 --- a/modules/gnupg/manifests/init.pp +++ b/modules/gnupg/manifests/init.pp @@ -1,42 +1 @@ -class gnupg { - # debian recommend SHA2, with 4096 - # http://wiki.debian.org/Keysigning - # as they are heavy users of gpg, I will tend - # to follow them - # however, for testing purpose, 4096 is too strong, - # this empty the entropy of my vm - define keys( $email, - $key_name, - $key_type = 'RSA', - $key_length = '4096', - $expire_date = '400d', - $login = 'signbot', - $batchdir = '/var/lib/signbot/batches', - $keydir = '/var/lib/signbot/keys' - ) { - - include gnupg::client - file { "$name.batch": - ensure => present, - path => "$batchdir/$name.batch", - content => template("gnupg/batch") - } - - file { "$keydir": - ensure => directory, - owner => $login, - mode => 700, - } - - file { "$batchdir": - ensure => directory, - owner => $login, - } - - exec { "/usr/local/bin/create_gnupg_keys.sh $batchdir/$name.batch $keydir $batchdir/$name.done": - user => $login, - creates => "$batchdir/$name.done", - require => [File["$keydir"], File["$batchdir/$name.batch"], Package["rng-utils"]], - } - } -} +class gnupg { } diff --git a/modules/gnupg/manifests/keys.pp b/modules/gnupg/manifests/keys.pp new file mode 100644 index 00000000..ec45de87 --- /dev/null +++ b/modules/gnupg/manifests/keys.pp @@ -0,0 +1,38 @@ + # debian recommend SHA2, with 4096 + # http://wiki.debian.org/Keysigning + # as they are heavy users of gpg, I will tend + # to follow them + # however, for testing purpose, 4096 is too strong, + # this empty the entropy of my vm +class gnupg::keys($email, + $key_name, + $key_type = 'RSA', + $key_length = '4096', + $expire_date = '400d', + $login = 'signbot', + $batchdir = '/var/lib/signbot/batches', + $keydir = '/var/lib/signbot/keys') { + + include gnupg::client + file { "$name.batch": + path => "$batchdir/$name.batch", + content => template('gnupg/batch') + } + + file { $keydir: + ensure => directory, + owner => $login, + mode => '0700', + } + + file { $batchdir: + ensure => directory, + owner => $login, + } + + exec { "/usr/local/bin/create_gnupg_keys.sh $batchdir/$name.batch $keydir $batchdir/$name.done": + user => $login, + creates => "$batchdir/$name.done", + require => [File[$keydir], File["$batchdir/$name.batch"], Package['rng-utils']], + } +} |