{"id":15511634,"url":"https://github.com/rnelson0/puppet-certs","last_synced_at":"2025-10-04T18:19:16.678Z","repository":{"id":23326585,"uuid":"26686748","full_name":"rnelson0/puppet-certs","owner":"rnelson0","description":"SSL Certificate File Management for Puppet","archived":false,"fork":false,"pushed_at":"2022-09-13T19:14:56.000Z","size":83,"stargazers_count":4,"open_issues_count":0,"forks_count":5,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-04-21T20:03:03.577Z","etag":null,"topics":["puppet-module"],"latest_commit_sha":null,"homepage":null,"language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rnelson0.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2014-11-15T17:00:27.000Z","updated_at":"2023-12-11T13:15:28.000Z","dependencies_parsed_at":"2022-08-21T21:10:41.670Z","dependency_job_id":null,"html_url":"https://github.com/rnelson0/puppet-certs","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rnelson0%2Fpuppet-certs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rnelson0%2Fpuppet-certs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rnelson0%2Fpuppet-certs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rnelson0%2Fpuppet-certs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rnelson0","download_url":"https://codeload.github.com/rnelson0/puppet-certs/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250360496,"owners_count":21417721,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["puppet-module"],"created_at":"2024-10-02T09:53:09.161Z","updated_at":"2025-10-04T18:19:16.532Z","avatar_url":"https://github.com/rnelson0.png","language":"Ruby","readme":"# certs\n\n[![Build Status](https://travis-ci.org/rnelson0/puppet-certs.png?branch=master)](https://travis-ci.org/rnelson0/puppet-certs)\n[![Puppet Forge](http://img.shields.io/puppetforge/v/rnelson0/certs.svg)](https://forge.puppetlabs.com/rnelson0/certs)\n[![Puppet Forge Downloads](http://img.shields.io/puppetforge/dt/rnelson0/certs.svg)](https://forge.puppetlabs.com/rnelson0/certs)\n[![Stories in Ready](https://badge.waffle.io/rnelson0/puppet-certs.svg?label=ready\u0026title=Ready)](http://waffle.io/rnelson0/puppet-modules)\n[![Stories In Progress](https://badge.waffle.io/rnelson0/puppet-certs.svg?label=in%20progress\u0026title=In%20Progress)](http://waffle.io/rnelson0/puppet-modules)\n\n#### Table of Contents\n\n1. [Overview](#overview)\n3. [Setup - The basics of getting started with certs](#setup)\n    * [Setup requirements](#setup-requirements)\n    * [Beginning with certs](#beginning-with-certs)\n4. [Usage - Configuration options and additional functionality](#usage)\n\n## Overview\n\nProvides SSL certificate files required by apache and other webservers via\nthe certs::vhost define. These files can then be provided to apache::vhost and\nother classes that require the files to already exist on a managed node.\n\n## Setup\n\n### Setup Requirements\n\nThe certificate files must come from an external store. Recommended stores\nare a site-specific (and private!) module containing SSL files or a network-\naccessible filesystem, such as NFS, that the managed node can access.\n\n### Beginning with certs\n\nOnce a file store is determined, include at least one certs::vhost define\nand specify the file store location as the `source_path`. You may optionally\nspecify a `target_path` if the default location of `/etc/ssl/certs` is not\ndesired.\n\n## Usage\n\nNo trailing slash should be provided to `source_path`.\n\n    certs::vhost { 'www.example.com':\n      source_path =\u003e 'puppet:///modules/site_certificates',\n    }\n\nCreates `/etc/ssl/certs/www.example.com.crt` and\n`/etc/ssl/certs/www.example.com.key` based off of\n`puppet:///site_certificates/www.example.com.crt` and\n`puppet:///site_certificates/www.example.com.key`.\n\n    certs::vhost { 'www.example.com':\n      target_path =\u003e '/etc/httpd/ssl.d',\n      source_path =\u003e 'puppet:///modules/site_certificates',\n    }\n\nCreates the same crt and key files in `/etc/httpd/ssl.d`.\n\n    Certs::Vhost\u003c| |\u003e -\u003e Apache::Vhost\u003c| |\u003e\n\nIf you wish for your certificate and key to go to different paths, you can specify them accordingly.  If one or bothof these values are not passed, `target_path` will be used.\n\n    certs::vhost { 'www.example.com':\n      crt_target_path =\u003e '/etc/pki/certs',\n      key_target_path =\u003e '/etc/pki/private',\n      source_path =\u003e 'puppet:///modules/site_certificates',\n    }\n\nWhen providing the certificate files to the `apache::vhost` or similar classes\nit is best to ensure they are properly dependent upon the `certs::vhost`.\n\nTo use the vault options, you must have a module that is API compatible with [puppet-vault_lookup](https://forge.puppet.com/puppet/vault_lookup) installed. If you are not using vault, this dependency is optional.  Some types of certificates may have been encoded with base64 for compatibility with Vault, you can specify `base64_vault_crt` to decode this certificate type.\n\n    certs::vhost { 'www.example.com':\n      target_path      =\u003e '/etc/httpd/ssl.d',\n      source_path      =\u003e '/v1/kv/puppet/ssl',\n      vault            =\u003e true,\n      base64_vault_crt =\u003e true,\n    }\n\nYou can optionally specify file options such as owner and mode by using the `file_options` variable.\n\n    certs::vhost { 'www.example.com':\n      target_path  =\u003e '/etc/httpd/ssl.d',\n      source_path  =\u003e 'puppet:///modules/site_certificates',\n      file_options =\u003e { owner =\u003e 'root',\n                        group =\u003e 'root',\n                        mode  =\u003e '0644',}\n    }\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frnelson0%2Fpuppet-certs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frnelson0%2Fpuppet-certs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frnelson0%2Fpuppet-certs/lists"}