Skip to content

Latest commit

 

History

History
343 lines (204 loc) · 9.6 KB

REFERENCE.md

File metadata and controls

343 lines (204 loc) · 9.6 KB
Raw

Reference

Table of Contents

Classes

Public Classes

Private Classes

  • onetimesecret::config: Manage the One-Time Secret configuration
  • onetimesecret::install: Install the One-Time Secret distribution archive
  • onetimesecret::redis: Setup a Redis instance for use with One-Time Secret
  • onetimesecret::service: Setup the One-Time Secret system service
  • onetimesecret::user: Create a user and group for One-Time Secret

Classes

onetimesecret

Setup the One-Time Secret web application

Parameters

The following parameters are available in the onetimesecret class:

additional_packages

Data type: Array

A list of optional packages that may be required, depending on the configuration.

bundle_exec

Data type: String

Path to the Ruby bundle executable.

config_dir

Data type: String

Path to the directory containing the One-Time Secret configuration files.

config_file

Data type: String

The main One-Time Secret configuration file (absolute path required).

config_mode

Data type: String

The permissions for the One-Time Secret configuration file.

config_template

Data type: String

The template used to create the One-Time Secret configuration file.

data_dir

Data type: String

Path to the directory containing the persistent One-Time Secret data.

default_options

Data type: Hash

A hash containing the default configuration options.

domain

Data type: String

The domain name that is used by One-Time Secret.

download_url

Data type: String

The base URL which will be used to download release files.

gid

Data type: Optional[Integer]

The GID of the group.

Default value: undef

group

Data type: String

Specifies the group under which the One-Time Secret service will run.

http_port

Data type: Integer

The HTTP port of the One-Time Secrets web server. Note that this defaults to a non-standard port because you are expected to use a reverse proxy in front of the One-Time Secret web application.

host

Data type: String

The hostname that is used when One-Time Secret generates URLs (web/mail). Usually the FQDN which is served by a reverse proxy.

install_dir

Data type: String

Base directory for the installation. A sub-directory for every version will automatically be created. Old versions will not be removed.

log_dir

Data type: String

Directory for One-Time Secret log files.

log_file

Data type: String

The main One-Time Secret log file (absolute path required).

manage_additional_packages

Data type: Boolean

Set to false to disable the installation of dependencies which are required to build and run One-Time Secret.

manage_config

Data type: Boolean

Set to false to disable managing of the One-Time Secret configuration files.

manage_redis

Data type: Boolean

Set to false to disable management of Redis.

manage_service

Data type: Boolean

Set to false to disable service management.

manage_symlink

Data type: Boolean

Set to false to disable the creation/update of a symlink to the current version. Note that the symlink is required when using the default configuration.

manage_user

Data type: Boolean

Set to false to disable the creation of a user and group for One-Time Secret.

options

Data type: Hash

Specifies a hash containing options to either overwrite some default values or to configure One-Time Secret from scratch. Will be merged with the $default_options hash (as long as $use_default_options is set to true).

path

Data type: String

The contents of the PATH environment variable, which will be used for Exec resources.

pid_dir

Data type: String

Specifies the directory for the One-Time Secret PID file.

pid_file

Data type: String

The PID file for the main One-Time Secret web service (absolute path required).

redis_password

Data type: String

A password for connections to the Redis server. It will also be used when setting up a new Redis instance for One-Time Secret.

redis_options

Data type: Hash

Specifies a hash containing options to overwrite some default values for the Redis service (as long as $manage_redis is set to true).

secret

Data type: String

A global secret is included in the encryption key so it needs to be long and secure. NOTE: Once the secret is set, do not change it (keep a backup offsite).

service_enable

Data type: Boolean

Specifies whether the service should be enabled.

service_ensure

Data type: String

Specifies the desired state for the service.

service_file

Data type: Stdlib::Compat::Absolute_path

The path to the service file.

service_name

Data type: String

The name of the service.

service_template

Data type: String

The template that will be used to create the service file.

service_provider

Data type: String

Specifies the service provider. Must be compatible with the operating system.

symlink_name

Data type: String

Controls the name of a version-independent symlink. It will always point to the release specified by $version.

uid

Data type: Optional[Integer]

The UID of the user.

Default value: undef

use_default_options

Data type: Boolean

Set to false to completely disable loading of the default configuration. In this case you are required to provide a fully working configuration.

user

Data type: String

Specifies the user under which the One-Time Secret service will run.

version

Data type: String

The version of One-Time Secret thats should be installed. Supports several different values: a release tag (v0.9.2), a branch name (master) or a commit ID. Have a look at the One-Time Secret GitHub page for possible values.