Puppet Facter Fact


Look at me, I made a Puppet Facter Fact!!!

With a lot of thanks to Andrew Beresford who started the initial code. I just tweaked it.

What it does is rather simple, it finds the expiration date of the SSL certificate of this host and returns the expiration date and time when there are less than 30 days left. Otherwise it just returns a --sign. In the Puppet manifest I check if it’s this --sign and if not I generate a warning.

This is it:

#
# Set the Facter-Fact "certificate_expiry" to the SSL certificate
# expiration date and time.
#
# Usage example:
# --------
#   if "${::certificate_expiry}" != "-" {
#       notify { 'CertExp' :
#           message  => "Certificate expire date for ${::fqdn}: ${::certificate_expiry}",
#           withpath => false,
#       }
#   }

#
# $Id$%
# $URL$
#
Facter.add("certificate_expiry") do
    setcode do
        warndays: 30
        time: Puppet::SSL::Host.localhost.certificate.expiration
        warn: time - ( warndays * 60 * 24 )

        if ( warn - Time.now ) < 0
            time: time.strftime("%Y-%m-%d %H:%M:%S")
        else
            time: "-"
        end
        time
    end
end

Me proud, I am ;-)

puppet 

See also