From e1924de3a102f7413ea3a5889e0539c8760feebd Mon Sep 17 00:00:00 2001
From: mikpe74 <mika.perala@liu.se>
Date: Tue, 6 Dec 2022 15:10:21 +0100
Subject: [PATCH] Change to letsencrypt and fix lint errors after PDK update
---
manifests/firewall.pp | 3 ++-
manifests/init.pp | 21 ++++++++++-----------
2 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/manifests/firewall.pp b/manifests/firewall.pp
index 545bce7..a7f914c 100644
--- a/manifests/firewall.pp
+++ b/manifests/firewall.pp
@@ -1,5 +1,6 @@
+# Class for skadereg firewall
class aim_control::firewall {
- ::server_firewall::constricto_chain{ 'skadereg': }
+ ::server_firewall::constricto_chain { 'skadereg': }
::server_firewall::rules_file { '55-permit-skadereg.rules':
content => template("${module_name}/55-permit-skadereg.rules.erb"),
require => ::Server_firewall::Constricto_chain['skadereg'],
diff --git a/manifests/init.pp b/manifests/init.pp
index 71ea45a..8d8a416 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -27,25 +27,24 @@
#
# Copyright © Linköpings Universitet
#
-class aim_control(
+class aim_control (
String $mysql_password,
String $mysql_backup_password,
String $skadereg_ro_password,
String $skadereg_ro_user = 'skadereg_ro',
-){
-
+) {
users::liu_user {
'samla949':
commonname => 'Samuel Larsson',
shell => '/bin/bash',
- sshkey => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQCsWZkkOYsZhOu0Eir+VxajCzWbZ238lrA8w6sbcB2RLJOftfseH4GRHfJaif4g21L4JGuyy7bbJ9JfjUpCG7YTXvo4s7lx0kvp+7+uIhdeugvPsCuMkflih1EkKw2n05OVyhEKU+MPHSaL7QAlSqGewLfLdZpYs9fm6S+Uj/WZRs3I4H77KirA9kSgTnw/3MjoZpU/+0MLD8Uly60D1tCGrgE9qx4SKB0f3zWv+7zw5ZPzDDVO+Sr2X6dvl639S7OE+Hygwkkz03shVrC3STJX/Q/c5f6RZ6/wIMnrEBt3vACR3RGigNO7GLY9uh0tA7/xg62RXdIsoz3Zl1QIn0m25G8GJdE6lWR1zRF/IOXZBjvKJjxYtbIrbWyDfjFq8YmM5KokIEqy2v3bW7hYb4YPrXpLjwaZi8FxgKSn+gHBRMB+vFJaR8fuUNXJdnQXxNl9ohyGec5Hzy5kIVE41Xn8gnvg5XAILCL9X3qVVk70hJ28scNdRkiQbkM11mz0h5s9mEzd74eAPlljzFkNBLAWzO0g4xdsr8QiSo3VQ15dzPyBcndl3yNwhPoGAJ7UApdIq3AZqSouykwGBHovNyHBm2F+orhMl35hBydRy0t/9rJ9czfkUfHT7Wolal0cihi8AvvGS7w3jDjxW//nZ724UcBsJh2ODSBMh0hU7Gx5Cw==',
- client => [ '92.34.191.128' ];
+ sshkey => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQCsWZkkOYsZhOu0Eir+VxajCzWbZ238lrA8w6sbcB2RLJOftfseH4GRHfJaif4g21L4JGuyy7bbJ9JfjUpCG7YTXvo4s7lx0kvp+7+uIhdeugvPsCuMkflih1EkKw2n05OVyhEKU+MPHSaL7QAlSqGewLfLdZpYs9fm6S+Uj/WZRs3I4H77KirA9kSgTnw/3MjoZpU/+0MLD8Uly60D1tCGrgE9qx4SKB0f3zWv+7zw5ZPzDDVO+Sr2X6dvl639S7OE+Hygwkkz03shVrC3STJX/Q/c5f6RZ6/wIMnrEBt3vACR3RGigNO7GLY9uh0tA7/xg62RXdIsoz3Zl1QIn0m25G8GJdE6lWR1zRF/IOXZBjvKJjxYtbIrbWyDfjFq8YmM5KokIEqy2v3bW7hYb4YPrXpLjwaZi8FxgKSn+gHBRMB+vFJaR8fuUNXJdnQXxNl9ohyGec5Hzy5kIVE41Xn8gnvg5XAILCL9X3qVVk70hJ28scNdRkiQbkM11mz0h5s9mEzd74eAPlljzFkNBLAWzO0g4xdsr8QiSo3VQ15dzPyBcndl3yNwhPoGAJ7UApdIq3AZqSouykwGBHovNyHBm2F+orhMl35hBydRy0t/9rJ9czfkUfHT7Wolal0cihi8AvvGS7w3jDjxW//nZ724UcBsJh2ODSBMh0hU7Gx5Cw==', # lint:ignore:140chars
+ client => ['92.34.191.128'];
'tomla035':
commonname => 'Tom Larsson',
shell => '/bin/bash',
- sshkey => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQDGB+/wkuPKTSY6pGSnuJNWt2vDq0hqwZrcuhtrHRz06gjzk2YbmJ7qxkDrwpicskreaqVzcWAP6VqUbhYREiCr7BB2X3AOSW6pyKH2nqTThfZ58IyfXv0SqJowUDRju+jzPTXxrl78YsoYGY108mYa3HeoG3N1QM6PSpuHskMctFyKa3DB1MkQGeywVx2Nen5dTE3MvU8jnnEDyqLe9FfHHOTGNGoToP6GcMfCxSwPI6PrAbzQcptdLTSDEs7tz8iMXtNaDGP/BgGxKwGWWeuOC1XvLMD0iGTIY/PVPH5owqX2UNT4AulyqRO+K3T2i2+sBg42QtqSBrg1Ih7/1C4yrjvqKqWcc/LQw6t+bu1Gjplahv/aW6QWX95R2eO7tdFfr4fAiOhh7rKOJY95xa8/9yEgO69P2rSf/BSpOP8wwYX8nLg7m8VKOcUfNCFdU6lEbnoGwKjkdn8xmDbswivzW7td0NOHKkUU+kIvMmvEbpDsYBuaJ4xrr3YTSBz7CGmaVaanTB8hxL7J+cN5uMix0My9mVo6iaWAIyDPGGlAZ/vZxAel6rDcOcEBwJXbLxTkI494Vtd0wF6DIvs9jDbGrd0+rnjLtOiyWGVIhI4YusnEj0P6mv7dEDF0kLoxbUHBZpYRK+iypRqp9/WxCGQVCnDJJfRHRowbsFl8Withyw==',
- client => [ '192.168.0.32' ];
+ sshkey => 'AAAAB3NzaC1yc2EAAAADAQABAAACAQDGB+/wkuPKTSY6pGSnuJNWt2vDq0hqwZrcuhtrHRz06gjzk2YbmJ7qxkDrwpicskreaqVzcWAP6VqUbhYREiCr7BB2X3AOSW6pyKH2nqTThfZ58IyfXv0SqJowUDRju+jzPTXxrl78YsoYGY108mYa3HeoG3N1QM6PSpuHskMctFyKa3DB1MkQGeywVx2Nen5dTE3MvU8jnnEDyqLe9FfHHOTGNGoToP6GcMfCxSwPI6PrAbzQcptdLTSDEs7tz8iMXtNaDGP/BgGxKwGWWeuOC1XvLMD0iGTIY/PVPH5owqX2UNT4AulyqRO+K3T2i2+sBg42QtqSBrg1Ih7/1C4yrjvqKqWcc/LQw6t+bu1Gjplahv/aW6QWX95R2eO7tdFfr4fAiOhh7rKOJY95xa8/9yEgO69P2rSf/BSpOP8wwYX8nLg7m8VKOcUfNCFdU6lEbnoGwKjkdn8xmDbswivzW7td0NOHKkUU+kIvMmvEbpDsYBuaJ4xrr3YTSBz7CGmaVaanTB8hxL7J+cN5uMix0My9mVo6iaWAIyDPGGlAZ/vZxAel6rDcOcEBwJXbLxTkI494Vtd0wF6DIvs9jDbGrd0+rnjLtOiyWGVIhI4YusnEj0P6mv7dEDF0kLoxbUHBZpYRK+iypRqp9/WxCGQVCnDJJfRHRowbsFl8Withyw==', # lint:ignore:140chars
+ client => ['192.168.0.32'];
}
file { '/etc/sudoers.d/02-serious_sam' :
@@ -95,11 +94,11 @@ class aim_control(
# before => Service['httpd'],
# }
- include certdist
+ include profiles::letsencrypt
- $cert = "/etc/pki/tls/certs/cert-${facts['networking']['fqdn']}.pem"
- $chain = "/etc/pki/tls/certs/chain-${facts['networking']['fqdn']}.pem"
- $key = "/etc/pki/tls/private/${facts['networking']['fqdn']}.key"
+ $cert = fact("letsencrypt_certs.\"${fact('networking.fqdn')}\".files.cert")
+ $chain = fact("letsencrypt_certs.\"${fact('networking.fqdn')}\".files.chain")
+ $key = fact("letsencrypt_certs.\"${fact('networking.fqdn')}\".files.key")
# apache::vhost { 'default:80':
# servername => $facts['networking']['fqdn'],
--
GitLab