Only deploy the pki dir if needed

theforeman · Nov 7, 2023 · f3070bc · f3070bc
1 parent fdb54ea
commit f3070bc
Show file tree

Hide file tree

Showing 4 changed files with 6 additions and 2 deletions.
diff --git a/manifests/ca.pp b/manifests/ca.pp
@@ -85,6 +85,8 @@
   }
 
   if $deploy {
+    include certs::config
+
     # Ensure CA key deployed to /etc/pki/katello/private no longer exists
     # The CA key is not used by anything from this directory and does not need to be deployed
     file { $ca_key:

diff --git a/manifests/init.pp b/manifests/init.pp
@@ -116,11 +116,9 @@
   }
 
   contain certs::install
-  contain certs::config
   contain certs::ca
 
   Class['certs::install'] ->
-  Class['certs::config'] ->
   Class['certs::ca']
 
   $default_ca = $certs::ca::default_ca

diff --git a/manifests/keypair.pp b/manifests/keypair.pp
@@ -15,6 +15,8 @@
   Boolean $key_decrypt = false,
   Optional[Stdlib::Absolutepath] $key_password_file = undef,
 ) {
+  include certs::config
+
   private_key { $key_file:
     ensure        => $key_ensure,
     source        => "${source_dir}/${title}.key",

diff --git a/manifests/qpid.pp b/manifests/qpid.pp
@@ -41,6 +41,8 @@
     $nss_db_dir = $certs::ssltools::nssdb::nss_db_dir
     $nss_db_password_file = $certs::ssltools::nssdb::nss_db_password_file
 
+    include certs::config
+
     $client_cert            = "${pki_dir}/certs/${qpid_cert_name}.crt"
     $client_key             = "${pki_dir}/private/${qpid_cert_name}.key"