Ask Your Question
1

hiera yaml: hash with long strings values (ssl cert / key)

asked 2014-11-18 04:18:02 -0500

updated 2014-11-18 07:49:34 -0500

llowder gravatar image

Hi,

We've our hiera yaml hash like:

website::sites:
   "examplenet":
    "password":    "dfasdfasdfdDDasdf"
    "server_name": "example.net"
    "env": "LIVE"

now we like to add a ssl cert / ssl key to the hash (for nginx / apache):

   -----BEGIN PRIVATE KEY-----
  private key stuff like
  adfasdfjasödfupybv 7asd7'f2312öva7'asdzf2n
  adfasdfjasödfupybv 7asd7'f2312öva7'asdzf2n
  adfasdfjasödfupybv 7asd7'f2312öva7'asdzf2n
  adfasdfjasödfupybv 7asd7'f2312öva7'asdzf2n
   -----END PRIVATE KEY-----

how is that possible? for a normal string, there is the following solution:

http://www.yaml.org/YAML_for_ruby.html#single_ending_newline

ssl::wildcard.snowflake.ch::key: |
  -----BEGIN PRIVATE KEY----

but how is it done in a hash?

Cheers

edit retag flag offensive close merge delete

1 Answer

Sort by » oldest newest most voted
1

answered 2014-11-19 08:18:46 -0500

llowder gravatar image

Due to how YAML handles block strings, you can do this:

foo:
  my_key: |
    -----BEGIN PRIVATE KEY-----
    private key stuff like
    adfasdfjasödfupybv 7asd7'f2312öva7'asdzf2n
    adfasdfjasödfupybv 7asd7'f2312öva7'asdzf2n
    adfasdfjasödfupybv 7asd7'f2312öva7'asdzf2n
    adfasdfjasödfupybv 7asd7'f2312öva7'asdzf2n
    -----END PRIVATE KEY-----

but, if you do this:

foo:
  my_key: |
     -----BEGIN PRIVATE KEY-----
    private key stuff like
    adfasdfjasödfupybv 7asd7'f2312öva7'asdzf2n
    adfasdfjasödfupybv 7asd7'f2312öva7'asdzf2n
    adfasdfjasödfupybv 7asd7'f2312öva7'asdzf2n
    adfasdfjasödfupybv 7asd7'f2312öva7'asdzf2n
     -----END PRIVATE KEY-----

you will get an error. The reason being that YAML requires that block text like this all have the same level of indentation.

Looking at some private keys on a test system, the first example is correct, where the -----BEGIN PRIVATE KEY----- does not have a leading space.

edit flag offensive delete link more

Comments

This is the right answer thank you.

felipe1982 gravatar imagefelipe1982 ( 2016-02-21 21:22:18 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2014-11-18 04:18:02 -0500

Seen: 1,835 times

Last updated: Nov 19 '14