diff --git a/README.md b/README.md index 464312b..c6eee30 100644 --- a/README.md +++ b/README.md @@ -216,6 +216,10 @@ If true, the puppetdb web server will only serve HTTP and not HTTPS requests (de If true, open the ssl_listen\_port on the firewall (defaults to true). +####`ssl_protocols` + +specify the supported SSL protocols for PuppetDB (e.g. TLSv1, TLSv1.1, TLSv1.2.) + ###`manage_dbserver` If true, the PostgreSQL server will be managed by this module (defaults to true). diff --git a/manifests/init.pp b/manifests/init.pp index 6317933..4a00336 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -17,6 +17,7 @@ class puppetdb ( $ssl_key = $puppetdb::params::ssl_key, $ssl_cert = $puppetdb::params::ssl_cert, $ssl_ca_cert = $puppetdb::params::ssl_ca_cert, + $ssl_protocols = $puppetdb::params::ssl_protocols, $manage_dbserver = $puppetdb::params::manage_dbserver, $database = $puppetdb::params::database, $database_host = $puppetdb::params::database_host, @@ -74,6 +75,7 @@ class puppetdb ( ssl_key => $ssl_key, ssl_cert => $ssl_cert, ssl_ca_cert => $ssl_ca_cert, + ssl_protocols => $ssl_protocols, database => $database, database_host => $database_host, database_port => $database_port, diff --git a/manifests/server.pp b/manifests/server.pp index 433a8fd..73ffe6a 100644 --- a/manifests/server.pp +++ b/manifests/server.pp @@ -16,6 +16,7 @@ class puppetdb::server ( $ssl_key = $puppetdb::params::ssl_key, $ssl_cert = $puppetdb::params::ssl_cert, $ssl_ca_cert = $puppetdb::params::ssl_ca_cert, + $ssl_protocols = $puppetdb::params::ssl_protocols, $database = $puppetdb::params::database, $database_host = $puppetdb::params::database_host, $database_port = $puppetdb::params::database_port, @@ -193,6 +194,7 @@ class puppetdb::server ( ssl_key_path => $ssl_key_path, ssl_cert_path => $ssl_cert_path, ssl_ca_cert_path => $ssl_ca_cert_path, + ssl_protocols => $ssl_protocols, disable_ssl => $disable_ssl, confdir => $confdir, max_threads => $max_threads,