Perform basic taskserver installation

This commit should fulfill following goals:

* Set up a taskd (on Debian)
* Generate certificates (unless otherwise requested)

Existence of a well-defined certificate hash will be enforced.

data/common.yaml

@@ -0,0 +1,6 @@
+---
+service_name: 'taskd'
+config_file: '/etc/taskd/config'
+pki_vars:
+        bits: 4096
+        expiration_days: 365

data/os/Debian.yaml

@@ -1,2 +1,17 @@
 ---
 package_name: 'taskd'
+pki_base_dir: '/usr/share/taskd/pki'
+pki_vars_file: "%{alias('pki_base_dir')}/vars"
+config:
+        pid.file: '/run/taskd.pid'
+        root: '/var/lib/taskd'
+certificate:
+        client:
+                cert: "%{alias('pki_base_dir')}/client.cert.pem"
+                key: "%{alias('pki_base_dir')}/client.key.pem"
+        server:
+                cert: "%{alias('pki_base_dir')}/server.cert.pem"
+                key: "%{alias('pki_base_dir')}/server.key.pem"
+                crl: "%{alias('pki_base_dir')}/server.crl.pem"
+        ca:
+                cert: "%{alias('pki_base_dir')}/ca.cert.pem"

manifests/init.pp

@@ -1,15 +1,73 @@
 # taskd
 #
 # Installs and configures the taskwarrior taskd server.
+# It will generate self-signed certificates in the default configuration.
 #
 # @summary Installs and configures the taskwarrior taskd server.
 #
 # @example
 #   include taskd
 class taskd (
-  String $package_name
+  String $package_name,
+  String $service_name,
+  String $config_file,
+  Hash $config,
+  Struct[{
+    bits            => Optional[Numeric],
+    expiration_days => Optional[Numeric],
+    organization    => String[1],
+    cn              => String[1],
+    country         => String[1],
+    state           => String[1],
+    locality        => String[1],
+  }] $pki_vars,
+  Struct[{
+    client => {
+      cert => String[1],
+      key  => String[1],
+      crl  => String[1],
+    },
+    server => {
+      cert => String[1],
+      key  => String[1],
+    },
+    ca     => {
+      cert => String[1],
+    },
+  }] $certificate,
+  Optional[String] $pki_base_dir,
+  Optional[String] $pki_vars_file,
+  Boolean $generate_certificates = true,
 ) {
   package { $package_name:
     ensure => present,
   }
+
+  service { $service_name:
+    ensure  => running,
+    enable  => true,
+    require => Package[$::package_name],
+  }
+
+    # Generate taskserver certificates unless user says otherwise
+  if $generate_certificates {
+    # Location for the SSL variable file
+    file { $pki_vars_file:
+      ensure  => present,
+      content => template('vars'),
+      require => Package[$package_name],
+    }
+
+    exec { 'Generate taskserver certificaties':
+      command => "${pki_base_dir}/generate",
+      cwd     => $pki_base_dir,
+      path    => [ '/usr/bin', '/usr/sbin', '/bin', '/sbin' ],
+      creates => $certificate['server']['cert'],
+    }
+  }
+
+  file { $config_file:
+    ensure  => present,
+    content => template('config'),
+  }
 }

templates/config.erb

@@ -0,0 +1,11 @@
+# Taskserver configuration
+# Generated by Puppet
+
+<% @config.each do |key, value| -%>
+<%= key %>=<%= value %>
+<% end -%>
+
+<% ['server', 'client', 'ca'].each do |item| -%>
+<% @certificate[item].each do |key, value| -%>
+<%= item %>.<%= key %> <%= value %>
+<% end -%><% end -%>

templates/vars.erb

@@ -0,0 +1,7 @@
+BITS=<%= @pki_vars['bits'] %>
+EXPIRATION_DAYS=<%= @pki_vars['expiration_days'] %>
+ORGANIZATION=<%= @pki_vars['organization'] %>
+CN=<%= @pki_vars['cn'] %>
+COUNTRY=<%= @pki_vars['country'] %>
+STATE=<%= @pki_vars['state'] %>
+LOCALITY=<%= @pki_vars['locality'] %>