change variables names

6b2a624d · Max Adamo · 9db876eb · 6b2a624d · 6b2a624d · 6b2a624d
Unverified Commit 6b2a624d authored 4 years ago by Max Adamo
--- a/README.md
+++ b/README.md
@@ -5,11 +5,13 @@
 the server configuration is defined in hiera as following:

 ```yaml
-certificates_hash:
-  cert_1.geant.org:
+le_certificates_hash:
+  test-service.geant.org:           # certificate name
+    multi_domain:
+      - 'test-service.geant.org'    # SAN
+      - 'test-service02.geant.org'  # SAN
    clients:
-      - 'test-nas01.geant.org'
-      - 'test-jump01.geant.org'
+      - 'test-vm01.geant.org'       # this is the server allowed to download the certificate
    verbose: 'yes'
  cert_2.geant.org:
    multi_domain:

--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -35,9 +35,9 @@ class geant_acme (
  String $sg_acme_server_ev      = $geant_acme::params::sg_acme_server_ev,
  String $le_acme_email          = $geant_acme::params::le_acme_email,
  String $sg_acme_email          = $geant_acme::params::sg_acme_email,
-  Hash $le_certificates_hash     = $geant_acme::params::le_certificates_hash,
-  Hash $sg_certificates_ov_hash  = $geant_acme::params::sg_certificates_ov_hash,
-  Hash $sg_certificates_ev_hash  = $geant_acme::params::sg_certificates_ev_hash,
+  Hash $le_certificates          = $geant_acme::params::le_certificates,
+  Hash $sg_certificates_ov       = $geant_acme::params::sg_certificates_ov,
+  Hash $sg_certificates_ev       = $geant_acme::params::sg_certificates_ev,
  Stdlib::Absolutepath $web_base = $geant_acme::params::web_base
 ) inherits geant_acme::params {

@@ -80,11 +80,11 @@ class geant_acme (

  geant_acme::server {
    'letsencrypt':
-      certificates_hash => $le_certificates_hash;
+      certificates => $le_certificates;
    'sectigo_ov':
-      certificates_hash => $sg_certificates_ov_hash;
+      certificates => $sg_certificates_ov;
    'sectigo_ev':
-      certificates_hash => $sg_certificates_ev_hash;
+      certificates => $sg_certificates_ev;
  }

 }

--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -46,9 +46,9 @@ class geant_acme::params {
  $iblox_user = 'foreman-dns-admin'
  $iblox_password = Sensitive(lookup('vault_iblox_pw', Optional[String], 'first', undef))

-  $le_certificates_hash = lookup('le_certificates_hash', Optional[Hash], 'first', {})
-  $sg_certificates_ov_hash = lookup('sg_certificates_ov_hash', Optional[Hash], 'first', {})
-  $sg_certificates_ev_hash = lookup('sg_certificates_ev_hash', Optional[Hash], 'first', {})
+  $le_certificates = lookup('le_certificates', Optional[Hash], 'first', {})
+  $sg_certificates_ov = lookup('sg_certificates_ov', Optional[Hash], 'first', {})
+  $sg_certificates_ev = lookup('sg_certificates_ev', Optional[Hash], 'first', {})

  $sectigo_key_id_ev = Sensitive(lookup('sectigo_key_id_ev', String))
  $sectigo_hmac_key_ev = Sensitive(lookup('sectigo_hmac_key_ev', String))

--- a/manifests/server.pp
+++ b/manifests/server.pp
 # == Define: geant_acme::server
 #
-# le_certificates_hash:
+# le_certificates:
 #   cert_1.geant.org:
 #     clients:
 #       - 'test-nas01.geant.org'
@@ -16,20 +16,20 @@
 #
 #
 define geant_acme::server (
-  $certificates_hash,
+  $certificates,
  $provider = $name,
 ) {

-  $certificates_list = keys($certificates_hash)
+  $certificates_list = keys($certificates)

  $certificates_list.each | String $certificate | {

    # join multiple clients as following: 'test-nas01.geant.org -c test-jump01.geant.org'
-    $certificates_clients = join($certificates_hash[$certificate]['clients'], ' -c ')
+    $certificates_clients = join($certificates[$certificate]['clients'], ' -c ')

    # if there is multi_domain join them as following: 'cert_2.geant.org -d cert_3.geant.org'
-    if $certificates_hash[$certificate]['multi_domain'] {
-      $concat_cert_list = concat([$certificate], $certificates_hash[$certificate]['multi_domain'])
+    if $certificates[$certificate]['multi_domain'] {
+      $concat_cert_list = concat([$certificate], $certificates[$certificate]['multi_domain'])
      $unique_cert_list = unique($concat_cert_list)
      $cert_list = join($unique_cert_list, ' -d ')
    } else {
@@ -37,7 +37,7 @@ define geant_acme::server (
    }

    # if verbose is enabled append ' - v'
-    if 'verbose' in $certificates_hash[$certificate] {
+    if 'verbose' in $certificates[$certificate] {
      $cmd = "${certificates_clients} -v"
    } else {
      $cmd = $certificates_clients