From f3070bccd8e768b3652575ca95789ebd083d059a Mon Sep 17 00:00:00 2001 From: Ewoud Kohl van Wijngaarden Date: Tue, 7 Nov 2023 13:17:45 +0100 Subject: [PATCH] Only deploy the pki dir if needed --- manifests/ca.pp | 2 ++ manifests/init.pp | 2 -- manifests/keypair.pp | 2 ++ manifests/qpid.pp | 2 ++ 4 files changed, 6 insertions(+), 2 deletions(-) diff --git a/manifests/ca.pp b/manifests/ca.pp index 7d7e12f4..dc05217e 100644 --- a/manifests/ca.pp +++ b/manifests/ca.pp @@ -85,6 +85,8 @@ } if $deploy { + include certs::config + # Ensure CA key deployed to /etc/pki/katello/private no longer exists # The CA key is not used by anything from this directory and does not need to be deployed file { $ca_key: diff --git a/manifests/init.pp b/manifests/init.pp index 372dff1f..b3344b3e 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -116,11 +116,9 @@ } contain certs::install - contain certs::config contain certs::ca Class['certs::install'] -> - Class['certs::config'] -> Class['certs::ca'] $default_ca = $certs::ca::default_ca diff --git a/manifests/keypair.pp b/manifests/keypair.pp index 4503d554..b5f2017b 100644 --- a/manifests/keypair.pp +++ b/manifests/keypair.pp @@ -15,6 +15,8 @@ Boolean $key_decrypt = false, Optional[Stdlib::Absolutepath] $key_password_file = undef, ) { + include certs::config + private_key { $key_file: ensure => $key_ensure, source => "${source_dir}/${title}.key", diff --git a/manifests/qpid.pp b/manifests/qpid.pp index 9832245a..166c2876 100644 --- a/manifests/qpid.pp +++ b/manifests/qpid.pp @@ -41,6 +41,8 @@ $nss_db_dir = $certs::ssltools::nssdb::nss_db_dir $nss_db_password_file = $certs::ssltools::nssdb::nss_db_password_file + include certs::config + $client_cert = "${pki_dir}/certs/${qpid_cert_name}.crt" $client_key = "${pki_dir}/private/${qpid_cert_name}.key"