class openssl {
    class base {
        package { 'openssl': }
    }

    define self_signed_cert($directory = '/etc/certs') {
        include openssl::base

        $pem_file = "${name}.pem"
        exec { "openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ${pem_file} -out ${pem_file} -subj  '/CN=${name}'":
            cwd     => $directory,
            creates => "${directory}/${name}.pem",
            require => Package['openssl']
        }
    }

    define self_signed_splitted_cert( $filename = '',
                                      $directory = '/etc/certs',
                                      $owner = 'root',
                                      $group = 'root',
                                      $mode = '0600') {
        include openssl::base

        $crt_file = "${filename}.crt"
        $key_file = "${filename}.key"
        exec { "openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ${key_file} -out ${crt_file} -subj  '/CN=${name}'":
            cwd     => $directory,
            creates => "${directory}/${key_file}",
            require => Package['openssl'],
            before  => [File["${directory}/${key_file}"],
                        File["${directory}/${crt_file}"]]
        }

        file { ["${directory}/${key_file}","${directory}/${crt_file}"]:
            owner => $owner,
            group => $group,
            mode  => $mode,
        }
    }
}