bundle agent dane {vars:: #Populate how you like "cert_sub

1.  
2. bundle agent dane {
3. vars::
4. #Populate how you like
5. "cert_subject" string => "/C=/ST=/L=/O=/CN=$(sys.fqhost)";
6. classes::
7. "certificate_exists" expression => fileexists("/etc/pki/tls/certs/$(sys.fqhost).pem");
8. "key_exists" expression => fileexists("/etc/pki/tls/private/$(sys.fqhost).pem");
9. "certificate_date_ok" expression => returnszero("/usr/lib64/nagios/plugins/check_http -H localhost -C 30,30 &> /dev/null", "useshell");
10. commands:
11. !certificate_exists|!key_exists::
12. "/usr/bin/openssl"
13. comment => "Generate Self Signed Certificate",
14. args => "req -x509 -nodes -days 365 -subj '$(cert_subject)' -newkey rsa:2048 -keyout /etc/pki/tls/private/$(sys.fqhost).pem -out /etc/pki/tls/certs/$(sys.fqhost).pem";
15. !certificate_date_ok.certificate_exists.key_exists::
16. "/usr/bin/openssl"
17. comment => "Generate Self Signed Certificate",
18. args => "req -x509 -nodes -days 365 -subj '$(cert_subject)' -newkey rsa:2048 -keyout /etc/pki/tls/private/$(sys.fqhost).pem -out /etc/pki/tls/certs/$(sys.fqhost).pem";
19. }