diff options
Diffstat (limited to '')
-rw-r--r-- | manifests/web.pp | 19 |
1 files changed, 9 insertions, 10 deletions
diff --git a/manifests/web.pp b/manifests/web.pp index e61ff12..fce84cc 100644 --- a/manifests/web.pp +++ b/manifests/web.pp @@ -75,7 +75,7 @@ class concourse::web ( Variant[String, Sensitive[String]] $tsa_private_key = $concourse::configured_clusters[$cluster]['tsa_private_key'], Array[String] $worker_public_keys = [], - String $key_dir = '/usr/lib/concourse', + String $key_dir = $concourse::key_dir, String $session_signing_key_file = "${key_dir}/session_signing_key", String $tsa_host_key_file = "${key_dir}/tsa_host_key", String $tsa_authorized_keys_file = "${key_dir}/authorized_worker_keys", @@ -147,6 +147,7 @@ class concourse::web ( file { $key_dir: ensure => if $ensure == 'present' { 'directory' } else { 'absent' }, + # TODO this also chmod's all children... mode => '0700', recurse => true, force => true, @@ -165,7 +166,7 @@ class concourse::web ( ; } - concat { "authorized_workers_key - ${cluster}": + concat { "authorized_worker_key - ${cluster}": path => $tsa_authorized_keys_file, warn => '# File managed by puppet, local changes WILL be overwritten', ensure_newline => true, @@ -188,13 +189,11 @@ class concourse::web ( enable => true, } - notify { $peer_address: - } - # Exported resource - # @@nginx::resource::upstream::member { $trusted['certname']: - # ensure => $ensure, - # upstream => $cluster, - # server => "${peer_address}:8080", - # } + @@nginx::resource::upstream::member { $trusted['certname']: + ensure => $ensure, + upstream => $cluster, + server => $peer_address, + port => 8080, + } } |