From 5a4ed134fea123837772ba5d1911716f198bc6f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Hugo=20H=C3=B6rnquist?= Date: Tue, 20 Jun 2023 02:01:46 +0200 Subject: fixes --- manifests/web.pp | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) (limited to 'manifests/web.pp') diff --git a/manifests/web.pp b/manifests/web.pp index e61ff12..fce84cc 100644 --- a/manifests/web.pp +++ b/manifests/web.pp @@ -75,7 +75,7 @@ class concourse::web ( Variant[String, Sensitive[String]] $tsa_private_key = $concourse::configured_clusters[$cluster]['tsa_private_key'], Array[String] $worker_public_keys = [], - String $key_dir = '/usr/lib/concourse', + String $key_dir = $concourse::key_dir, String $session_signing_key_file = "${key_dir}/session_signing_key", String $tsa_host_key_file = "${key_dir}/tsa_host_key", String $tsa_authorized_keys_file = "${key_dir}/authorized_worker_keys", @@ -147,6 +147,7 @@ class concourse::web ( file { $key_dir: ensure => if $ensure == 'present' { 'directory' } else { 'absent' }, + # TODO this also chmod's all children... mode => '0700', recurse => true, force => true, @@ -165,7 +166,7 @@ class concourse::web ( ; } - concat { "authorized_workers_key - ${cluster}": + concat { "authorized_worker_key - ${cluster}": path => $tsa_authorized_keys_file, warn => '# File managed by puppet, local changes WILL be overwritten', ensure_newline => true, @@ -188,13 +189,11 @@ class concourse::web ( enable => true, } - notify { $peer_address: - } - # Exported resource - # @@nginx::resource::upstream::member { $trusted['certname']: - # ensure => $ensure, - # upstream => $cluster, - # server => "${peer_address}:8080", - # } + @@nginx::resource::upstream::member { $trusted['certname']: + ensure => $ensure, + upstream => $cluster, + server => $peer_address, + port => 8080, + } } -- cgit v1.2.3