Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/razorsedge/puppet-certmaster

Install and manage Certmaster via puppet
https://github.com/razorsedge/puppet-certmaster

Last synced: about 1 month ago
JSON representation

Install and manage Certmaster via puppet

Host: GitHub
URL: https://github.com/razorsedge/puppet-certmaster
Owner: razorsedge
License: other
Created: 2012-11-17T23:09:13.000Z (about 12 years ago)
Default Branch: master
Last Pushed: 2017-07-01T04:33:43.000Z (over 7 years ago)
Last Synced: 2024-03-14T16:04:58.322Z (10 months ago)
Language: Puppet
Homepage: http://forge.puppetlabs.com/razorsedge/certmaster
Size: 38.1 KB
Stars: 0
Watchers: 2
Forks: 1
Open Issues: 0
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE

Awesome Lists containing this project

README

        Puppet Certmaster Module

========================

master branch: [![Build Status](https://secure.travis-ci.org/razorsedge/puppet-certmaster.png?branch=master)](http://travis-ci.org/razorsedge/puppet-certmaster)

develop branch: [![Build Status](https://secure.travis-ci.org/razorsedge/puppet-certmaster.png?branch=develop)](http://travis-ci.org/razorsedge/puppet-certmaster)

Introduction

------------

This module manages the installation and configuration of [certmaster](https://fedorahosted.org/certmaster/).

Certmaster is a set of tools and a library for easily distributing SSL certificates to applications that need them.

Actions:

* Installs the certmaster package.

* Manages the certmaster.conf and minion.conf files.

* Stops the certmaster service unless the host is configured as the certmaster.

OS Support:

* RedHat family - tested on CentOS 5.8+ and CentOS 6.3+

* Debian family - presently unsupported (patches welcome)

Class documentation is available via puppetdoc.

Examples

--------

Normal Certmaster operation:

Top Scope variable (i.e. via Dashboard):

```Puppet

$certmaster_certmaster = 'certmaster.example.com'

$certmaster_autoupgrade = true

include 'certmaster'

```

Parameterized Class:

```Puppet

# clients

node default {

  class { 'certmaster':

    certmaster  => 'certmaster.example.com',

  }

}

# master

node 'certmaster.example.com' {

  class { 'certmaster':

    certmaster     => 'certmaster.example.com',

    autosign       => false,  # Can be true to automatically sign certificates.

    listen_addr    => 'certmaster.example.com',

    service_ensure => 'running',

    service_enable => true,

  }

}

```

Use Puppet certificates instead of Certmaster's:

Top Scope variable (i.e. via Dashboard):

```Puppet

$certmaster_use_puppet_certs = true

include 'certmaster'

```

Parameterized Class:

```Puppet

# (There is no need to run the Certmaster daemon in this mode.)

class { 'certmaster':

  use_puppet_certs => true,

}

```

Notes

-----

* By default the certmaster service will be disabled as we assume most nodes will be clients.  Set service_ensure and service_enable to turn on the certmaster service.

* Requires [EPEL](http://fedoraproject.org/wiki/EPEL) for RedHat family hosts.

Issues

------

* None

TODO

----

* Add firewall support.

Contributing

------------

Please see CONTRIBUTING.md for contribution information.

License

-------

Please see LICENSE file.

Copyright

---------

Copyright (C) 2012 Mike Arnold