#!/bin/bash


# Setup the SSL stuff

if [ ! -f "/etc/puppetdb/ssl/puppetdb_keystore_pw.txt" ] ; then
  /usr/sbin/puppetdb-ssl-setup

  pw=`cat /etc/puppetdb/ssl/puppetdb_keystore_pw.txt`


  find  /etc/puppetdb/conf.d -type f | xargs chmod 640
  chown -R puppetdb:puppetdb /etc/puppetdb  chown -R puppetdb:puppetdb /usr/share/puppetdb
    chown -R puppetdb:puppetdb /usr/share/puppetdb
    chown -R puppetdb:puppetdb /var/log/puppetdb



cat > /etc/puppetdb/conf.d/jetty.ini << EOF
[jetty]
# Hostname to list for clear-text HTTP.  Default is localhost
#host = localhost
# Port to listen on for clear-text HTTP.
port = 8080
ssl-host = `facter fqdn`
ssl-port = 8081
keystore = /etc/puppetdb/ssl/keystore.jks
truststore = /etc/puppetdb/ssl/truststore.jks
key-password = $pw
trust-password = $pw
EOF


fi
