Adaptions for RHEL9, squid certgen and auth keytab

manifests/auth.pp

@@ -7,7 +7,7 @@
 #
 # @param keytab_production_base64
 #   Keytab contents (in base64) for the Kerberos host key used to authenticate
-#   in the production environment (aes-devel.edu.liu.se).
+#   in the production environment (aes.edu.liu.se).
 #
 # @param keytab_devel_base64
 #   Keytab contents (in base64) for the Kerberos host key used to authenticate
@@ -37,6 +37,10 @@ class aes::auth (
     # The AD service account for this key is: ida_sys004_srv
     $auth_keytab_data = $keytab_devel
     $server_type = 'devel'
+  } elsif $facts[networking][fqdn] == 'aes-sbox.it.liu.se' {
+    # The AD service account for this key is: ida_sys004_srv
+    $auth_keytab_data = $keytab_devel
+    $server_type = 'devel'
   } else {
     $auth_keytab_data = undef
     $server_type = 'devel'

manifests/squid_filter.pp

@@ -28,6 +28,12 @@ class aes::squid_filter {
           family => 'ipv6',
           action => 'accept';
       }
+
+      exec { '/usr/lib64/squid/security_file_certgen -c -s /var/lib/squid/ssl_db -M 4MB':
+        user    => 'squid',
+        group   => 'squid',
+        creates => '/var/lib/squid/ssl_db',
+      }
     }
     'CentOS': {
       ::server_firewall::rules_file { '45-permit_squid.rules':
@@ -41,6 +47,12 @@ class aes::squid_filter {
         |-EOF
         # lint:endignore:strict_indent
       }
+
+      exec { '/usr/lib64/squid/ssl_crtd -c -s /var/lib/squid/ssl_db' :
+        user    => 'squid',
+        group   => 'squid',
+        creates => '/var/lib/squid/ssl_db',
+      }
     }
     default: {
       fail("${module_name} - Not supported for family ${fact('os.name')}.")

manifests/tal_cli.pp

@@ -17,6 +17,13 @@ class aes::tal_cli (
     mode   => '0700',
   }
 
+  file { '/home/examadm/bin' :
+    ensure => directory,
+    owner  => examadm,
+    group  => examadm,
+    mode   => '0755',
+  }
+
   file { '/home/examadm/bin/tal-cli' :
     ensure => file,
     owner  => examadm,