Merge pull request #37 from nibalizer/quotes_in_conf_file

Quotes in conf file

README.md

@@ -157,6 +157,42 @@ class { 'puppetboard::apache::vhost':
 }
 ```
 
+### Using SSL to the PuppetDB host
+
+
+If you would like to use certificate auth into the PuppetDB service, use any of the configurations from above and set the following parameters to your puppetboard class.
+
+```puppet
+
+class { 'puppetboard':
+  manage_virtualenv => true,
+  puppetdb_host => 'puppet.example.com',
+  puppetdb_port => '8081',
+  puppetdb_key  => "/var/lib/puppet/ssl/private_keys/${::certname}.pem",
+  puppetdb_ssl  => 'True',
+  puppetdb_cert => "/var/lib/puppet/ssl/certs/${::certname}.pem",
+}
+
+```
+
+Note that the above only works if you have the Puppet CA root certificate added to the root certificate authority file used by your operating system. If you want to specify the location to the Puppet CA file ( you probably do) you have to use the syntax below. Currently this is a bit of a gross hack, but it's an open issue to resolve it in the Puppet module:
+
+
+```puppet
+
+class { 'puppetboard':
+  manage_virtualenv => true,
+  puppetdb_host => 'puppet.example.com',
+  puppetdb_port => '8081',
+  puppetdb_key  => "/var/lib/puppet/ssl/private_keys/${::certname}.pem",
+  puppetdb_ssl  => "'/var/lib/puppet/ssl/certs/ca.pem'",
+  puppetdb_cert => "/var/lib/puppet/ssl/certs/${::certname}.pem",
+}
+
+```
+
+
+
 
 
 License

spec/acceptance/class_spec.rb

@@ -80,4 +80,48 @@ class { 'puppetboard::apache::vhost':
       end
     end
   end
+
+  context 'default parameters' do
+    hosts.each do |host|
+      if fact('osfamily') == 'RedHat'
+        if fact('architecture') == 'amd64'
+          on host, "wget http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm; rpm -ivh epel-release-6-8.noarch.rpm"
+        else
+          on host, "wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm; rpm -ivh epel-release-6-8.noarch.rpm"
+        end
+      end
+      on host, "puppet module install puppetlabs/apache"
+      install_package host, 'python-virtualenv'
+      install_package host, 'git'
+    end
+
+    it 'should work with no errors' do
+      pp= <<-EOS
+      class { 'puppetboard':
+        manage_virtualenv => true,
+        puppetdb_host => 'puppet.example.com',
+        puppetdb_port => '8081',
+        puppetdb_key  => "/var/lib/puppet/ssl/private_keys/test.networkninjas.net.pem",
+        puppetdb_ssl  => 'True',
+        puppetdb_cert => "/var/lib/puppet/ssl/certs/test.networkninjas.net.pem",
+      }
+      EOS
+
+
+      # Run it twice and test for idempotency
+      apply_manifest(pp, :catch_failures => true)
+      apply_manifest(pp, :catch_failures => true)
+    end
+
+    #binding.pry
+
+    describe file("/srv/puppetboard/puppetboard/puppetboard/default_settings.py") do
+      it { should contain "PUPPETDB_KEY = '/var/lib/puppet/ssl/private_keys/test.networkninjas.net.pem'" }
+      it { should contain "PUPPETDB_CERT = '/var/lib/puppet/ssl/certs/test.networkninjas.net.pem'" }
+    end
+
+  end
 end
+
+
+

templates/default_settings.py.erb

@@ -1,8 +1,8 @@
 PUPPETDB_HOST = '<%= @puppetdb_host %>'
 PUPPETDB_PORT = <%= @puppetdb_port %>
 PUPPETDB_SSL_VERIFY = <%= @puppetdb_ssl %>
-PUPPETDB_KEY = <%= @puppetdb_key %>
-PUPPETDB_CERT = <%= @puppetdb_cert %>
+PUPPETDB_KEY = '<%= @puppetdb_key %>'
+PUPPETDB_CERT = '<%= @puppetdb_cert %>'
 PUPPETDB_TIMEOUT = <%= @puppetdb_timeout %>
 DEV_LISTEN_HOST = '<%= @dev_listen_host %>'
 DEV_LISTEN_PORT = <%= @dev_listen_port %>