Forge Home

Florian Heinle

fheinle

5,048 downloads

5,048 latest version

4.8 quality score

Version information

  • 0.1.0 (latest)
released Mar 3rd 2018
This version is compatible with:
  • Puppet Enterprise 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >= 4.7.0 < 6.0.0
  • Debian
    ,
    Ubuntu

Start using this module

Documentation

fheinle/ipa — version 0.1.0 Mar 3rd 2018

FreeIPA

This module provides limited support for controlling FreeIPA with Puppet.

Currently, only requesting SSL certificates from the CA is implemented.

Usage

To request an SSL certificate:

ipa::sslcert { 'sometitle':
  fname   => "/etc/apache2/ssl/${facts['::fqdn']}",
  domain  => $facts['::fqdn'],
  service => 'http',
}
  • fname: File name for certificate and private key, without file extension
  • domain: only one FQDN is allowed here
  • service: the kerberos principal to use for the SSL certificate

This will request the given certificate from FreeIPA's CA and set up certmonger to monitor the certificate for expiration etc. The given principal must already exist in FreeIPA.