X-Git-Url: https://code.wpia.club/?p=infra.git;a=blobdiff_plain;f=environments%2Fproduction%2Fmanifests%2Fgigi.pp;h=44ac47d97b8a9bd76344767ee1849745dd0b0c52;hp=80bb50a5e50e9457760361838b718be64741dae6;hb=fc9b5830681afdc3d1e8e949d5c03f8045fcbd02;hpb=dd450b194c25fd26d9f81da1fbb4d49d650f9847

diff --git a/environments/production/manifests/gigi.pp b/environments/production/manifests/gigi.pp
index 80bb50a..44ac47d 100644
--- a/environments/production/manifests/gigi.pp
+++ b/environments/production/manifests/gigi.pp
@@ -35,7 +35,18 @@ node gigi {
   $gigi_pg_ip = $ips[postgres];
   $gigi_pg_password = $passwords[postgres][gigi];
   file { '/var/lib/wpia-gigi':
-    ensure => 'directory'
+    ensure => 'directory',
+    require => Package[$gigi_pkg]
+  }
+  file {'/var/lib/wpia-gigi/ocsp':
+    ensure => 'link',
+    target => '/var/lib/cassiopeia/ca',
+    before => Exec['/gigi-ready'],
+  }
+  file {'/var/lib/wpia-gigi/ocsp.pkcs12':
+    ensure => 'file',
+    owner => 'gigi',
+    before => Exec['/gigi-ready'],
   }
   file { '/var/lib/wpia-gigi/config':
     ensure => 'directory'
@@ -91,12 +102,14 @@ node gigi {
   file {'/var/lib/wpia-gigi/keys/crt':
     ensure => 'directory',
     owner => 'gigi',
-    require => Package[$gigi_pkg]
+    require => Package[$gigi_pkg],
+    before => Exec['/gigi-ready'],
   }
   file {'/var/lib/wpia-gigi/keys/csr':
     ensure => 'directory',
     owner => 'gigi',
-    require => Package[$gigi_pkg]
+    require => Package[$gigi_pkg],
+    before => Exec['/gigi-ready'],
   }
   exec {'/gigi-ready':
     creates => '/gigi-ready',
@@ -163,6 +176,7 @@ if $signerLocation == 'self' {
   }
   file {'/var/lib/cassiopeia/ca':
     ensure => 'directory',
+    owner => 'gigi',
     source => 'puppet:///modules/cassiopeia_client/ca',
     recurse => true,
   }