setting up the wonderful cisbench and facter cache modules for securing my platforms in a lovely way

This commit is contained in:
christopher.lawrence 2020-03-06 10:29:43 +00:00
parent a9aa405a51
commit 5985bd1450
5 changed files with 6 additions and 7 deletions

View File

@ -36,7 +36,6 @@ mod 'fervid-secure_linux_cis', '2.1.10'
mod 'puppetlabs-puppet_metrics_collector', '5.3.0'
mod 'puppetlabs-puppet_metrics_dashboard', '2.0.1'
mod 'dylanratcliffe-facter_cache', '1.2.0'
mod 'fervid-secure_linux_cis', '2.1.10'
# Modules from Git
# Examples: https://github.com/puppetlabs/r10k/blob/master/doc/puppetfile.mkd#examples

View File

@ -1,3 +1,3 @@
---
profile::puppetserver::authority: true
profile::puppetserver::authority::validity: 7200
profile::puppetserver::authority: false
profile::puppetserver::authority::validity: '7200'

View File

@ -0,0 +1,2 @@
---
profile::puppetserver::authority::jwt_secret: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAEca4yGi5jZP7UAvhiEFDuAXXRHWwbwNz3Dj+/4nRYtZ0jbNWPh3VTT+XBZKCgeQcV3oTy3j3n0Ed4XzEYHZ8zM+ZPQ2m2En9qTzOJ8Fn4Kq2FxgTimjdqCKSLcQMcgzDDT45Gk4JjS/u6G4Vi1LrEdMf80TFcOCwvCq/ZZyzimmbCziW81kQ3tcdbY9yxkqJg8AGfRK5abF88M3R9DqsRcmKbnzwsYFfEUXUbuMdYSvQxAe4UyXYrM9GHNxjts+2WM431WXdX89DoMKsqJ4PulMub8TaXXQkxCvLmducz8mXh0s9AsSlx/DMOImIZTUdGdwS67xeCcc9Fq/omWO2bjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDx6u7YJTvRc0DlRtxtNoBAgCAqanEu5repqqcLyk+iuRi2Dw+4+/+7FCRKo6GT5SlB1A==]

View File

@ -1,2 +0,0 @@
---
profile::puppetserver::authority::jwt_secret: "ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAnLKlgSOslWvpo+tVP2Fd/ITPkWLc7GM2cXd3bI8tB2PqsnEDOfWYFh8Pp58nzOZTPomTVxtQ0ptud6A+VhGbQ55P5ha9GzW9Pra5q0pQEsoGjJQhLKVsbLlivYN5j+W0pfR3hAr6NgKVBX0qwESOAKKIrYth34qH7Fsrk19VDKLOUJPSbVCajwwbUdj3s0j+8k3CCkey8+FmzTDeqjNGDDMmSxcWAySfX0LfZI3GGgJDfHgo3HDia3MiN0PLfNIOpeIFWRgWnzNrzHbt3RnEV7HIp1R+W2lyr/OWCGgBPco6t7oddqk9n3i35/0pxTsKmZEjasZyNvf51/PNwKK2VjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAaFxUesvj7c9N47ru3WWyugCDAjwhS8BqA1n37yWGIGNCrdfQDUDr/dBMZTbmaoLAKLg==]"

View File

@ -2,7 +2,7 @@ class profile::puppetserver::authority (
String $jwt_secret = 'undef',
String $loglevel = 'info',
Integer $validity = '0',
String $validity = '0',
String $ensure = 'latest',
Hash $config = {},
Hash $jwt_token = {},
@ -22,7 +22,7 @@ class profile::puppetserver::authority (
loglevel => $loglevel,
},
jwt_token => {
secret => \"$jwt_secret\",
secret => $jwt_secret,
validity => $validity,
}
},