Merge pull request #75 from voxpupuli/51-add-support-for-certname-par…

…ameter Add support for certname parameter
voxpupuli · Apr 5, 2024 · 7e17694 · 7e17694
2 parents d25e026 + 5df567b
commit 7e17694
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 7 deletions.
diff --git a/README.md b/README.md
@@ -86,7 +86,8 @@ The following environment variables are supported:
 
 | Name                                       | Usage / Default                                                                                                                                               |
 |--------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| **PUPPETSERVER_HOSTNAME**                  | The DNS name used on the servers SSL certificate - sets the `certname` and `server` in puppet.conf<br><br>Defaults to unset.                                  |
+| **PUPPETSERVER_HOSTNAME**                  | The DNS name used on the servers SSL certificate - sets the `server` in puppet.conf<br><br>Defaults to unset.                                                 |
+| **CERTNAME**                               | The DNS name used on the servers SSL certificate - sets the `certname` in puppet.conf<br><br>Defaults to unset.                                               |
 | **DNS_ALT_NAMES**                          | Additional DNS names to add to the servers SSL certificate<br>**Note** only effective on initial run when certificates are generated                          |
 | **PUPPETSERVER_PORT**                      | The port of the puppetserver<br><br>`8140`                                                                                                                    |
 | **AUTOSIGN**                               | Whether or not to enable autosigning on the puppetserver instance. Valid values are `true`, `false`, and `/path/to/autosign.conf`.<br><br>Defaults to `true`. |

diff --git a/puppetserver/Dockerfile b/puppetserver/Dockerfile
@@ -24,6 +24,7 @@ ENV PUPPETSERVER_JAVA_ARGS="-Xms1024m -Xmx1024m" \
     SSLDIR=/etc/puppetlabs/puppet/ssl \
     LOGDIR=/var/log/puppetlabs/puppetserver \
     PUPPETSERVER_HOSTNAME="" \
+    CERTNAME="" \
     DNS_ALT_NAMES="" \
     PUPPETSERVER_PORT=8140 \
     AUTOSIGN=true \

diff --git a/puppetserver/docker-entrypoint.d/50-set-certname.sh b/puppetserver/docker-entrypoint.d/50-set-certname.sh
@@ -1,6 +1,9 @@
 #!/bin/bash
 
-if test -n "${PUPPETSERVER_HOSTNAME}"; then
-  /opt/puppetlabs/bin/puppet config set certname "$PUPPETSERVER_HOSTNAME"
+if [ -n "${PUPPETSERVER_HOSTNAME}" ]; then
   /opt/puppetlabs/bin/puppet config set server "$PUPPETSERVER_HOSTNAME"
 fi
+
+if [ -n "${CERTNAME}" ]; then
+  /opt/puppetlabs/bin/puppet config set certname "$CERTNAME"
+fi
diff --git a/puppetserver/docker-entrypoint.d/99-log-config.sh b/puppetserver/docker-entrypoint.d/99-log-config.sh
@@ -5,13 +5,15 @@ echo "System configuration values:"
 # shellcheck disable=SC2039 # Docker injects $HOSTNAME
 echo "* HOSTNAME: '${HOSTNAME}'"
 echo "* hostname -f: '$(hostname -f)'"
-if test -n "${PUPPETSERVER_HOSTNAME}"; then
-  echo "* PUPPETSERVER_HOSTNAME: '${PUPPETSERVER_HOSTNAME}'"
-  certname=${PUPPETSERVER_HOSTNAME}.pem
+
+if [ -n "${CERTNAME}" ]; then
+  echo "* CERTNAME: '${CERTNAME}'"
+  certname=${CERTNAME}.pem
 else
-  echo "* PUPPETSERVER_HOSTNAME: unset"
+  echo "* CERTNAME: unset"
   certname=$(cd "${SSLDIR}/certs" && ls *.pem | grep --invert-match ca.pem)
 fi
+
 echo "* PUPPETSERVER_PORT: '${PUPPETSERVER_PORT:-8140}'"
 echo "* Certname: '${certname}'"
 echo "* DNS_ALT_NAMES: '${DNS_ALT_NAMES}'"