Here's a problem that might have an interesting solution.
I use Puppet to deploy (amongst other things) SSL certs for web servers.
One of my certs is expiring in January 2016 and I have already been sent
the replacement. They overlap by 7 days. I might forget to make the
change in January so I was wondering if there is a way of configuring
Puppet today to magically switch over the certs in January. (i.e.
continue deploy the current cert until a specific date and then deploy
the new one instead)
I see the generate function can be used to execute system calls to fetch
the date but I'm not sure about date comparisons in Puppet. I guess I
would need to use epoch time to compare as integers.
$date = generate("/bin/date +%s")
if $date > 1451606400 {
$cert = "newcert.crt"
} else {
$cert = "oldcert.crt"
}
file { 'cert.crt'
source => $cert
}
I also saw that Felix commented on a similar question on ServerFault:
"As an aside, I would personally refrain from implementing this kind of
thing. It comes with a high risk of falling onto your foot pretty
heavily. Don't build your friendly surprises into Puppet."
Cheers,
Jonathan
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/5620CD53.9000808%40bristol.ac.uk.
For more options, visit https://groups.google.com/d/optout.
