Skip to content

Instantly share code, notes, and snippets.

@keeleysam

keeleysam/munkicerts.pp Secret

Created June 1, 2014 03:13
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save keeleysam/4c81c9e06b1e9266a159 to your computer and use it in GitHub Desktop.
Save keeleysam/4c81c9e06b1e9266a159 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
munkicerts.pp
file { '/Library/Managed Installs/certs/':
ensure => directory,
owner => 'root',
group => 'wheel',
recurse => true,
}
file { '/Library/Managed Installs/certs/ca.pem':
mode => '0640',
owner => root,
group => wheel,
source => '/etc/puppet/ssl/certs/ca.pem',
require => File['/Library/Managed Installs/certs/'],
}
file { '/Library/Managed Installs/certs/clientcert.pem':
mode => '0640',
owner => root,
group => wheel,
source => "/etc/puppet/ssl/certs/${clientcert}.pem",
require => File['/Library/Managed Installs/certs/'],
}
file { '/Library/Managed Installs/certs/clientkey.pem':
mode => '0640',
owner => root,
group => wheel,
source => "/etc/puppet/ssl/private_keys/${clientcert}.pem",
require => File['/Library/Managed Installs/certs/'],
}
mac-defaults { 'SoftwareRepoCACertificate':
domain => '/Library/Preferences/ManagedInstalls',
key => 'SoftwareRepoCACertificate',
type => 'string',
value => '/Library/Managed Installs/certs/ca.pem',
}
mac-defaults { 'ClientCertificatePath':
domain => '/Library/Preferences/ManagedInstalls',
key => 'ClientCertificatePath',
type => 'string',
value => '/Library/Managed Installs/certs/clientcert.pem',
}
mac-defaults { 'ClientKeyPath':
domain => '/Library/Preferences/ManagedInstalls',
key => 'ClientKeyPath',
type => 'string',
value => '/Library/Managed Installs/certs/clientkey.pem',
}
mac-defaults { 'UseClientCertificate':
domain => '/Library/Preferences/ManagedInstalls',
key => 'UseClientCertificate',
type => 'bool',
value => 'TRUE',
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment