我正在尝试使用 puppet 来编辑 weblogic config.xml 文件以完成 SSL 配置部分。
在起始 weblogic config.xml 文件下方:
<?xml version="1.0" encoding="UTF-8"?>
<domain ...
...
<server>
<name>AdminServer</name>
<ssl>
<name>AdminServer</name>
<enabled>true</enabled>
<listen-port>7336</listen-port>
</ssl>
下面我需要得到:
<?xml version="1.0" encoding="UTF-8"?>
<domain ...
...
<server>
<name>AdminServer</name>
<ssl>
<name>AdminServer</name>
<enabled>true</enabled>
<hostname-verifier xsi:nil="true"></hostname-verifier>
<hostname-verification-ignored>false</hostname-verification-ignored>
<client-certificate-enforced>false</client-certificate-enforced>
<listen-port>7336</listen-port>
<two-way-ssl-enabled>true</two-way-ssl-enabled>
<server-private-key-alias>...alias...</server-private-key-alias>
<server-private-key-pass-phrase-encrypted>...key-pass-phrase... </server-private-key-pass-phrase-encrypted>
</ssl>
在我的木偶代码下面:
augeas { "ssl_config_${instance}":
lens => "Xml.lns",
require => File["${config_instance}"],
incl => "${config_instance}",
changes => [
"set domain/server/ssl/hostname-verifier/#attribute/xsi:nil true",
"set domain/server/ssl/hostname-verification-ignored/#text false",
"set domain/server/ssl/client-certificate-enforced/#text false",
"set domain/server/ssl/two-way-ssl-enabled/#text true",
"set domain/server/ssl/server-private-key-alias/#text ${server_private_key_alias}",
"set domain/server/ssl/server-private-key-pass-phrase-encrypted/#text ${server_private_key_pass_phrase}",
],
}
下面我得到:
...
<ssl>
<name>AdminServer</name>
<enabled>true</enabled>
<listen-port>7336</listen-port>
<hostname-verifier xsi:nil="true"></hostname-verifier>
<hostname-verification-ignored>false</hostname-verification-ignored>
<client-certificate-enforced>false</client-certificate-enforced>
<two-way-ssl-enabled>true</two-way-ssl-enabled>
<server-private-key-alias>default</server-private-key-alias>
<server-private-key-pass-phrase-encrypted>...key-pass-phrase...
</server-private-key-pass-phrase-encrypted>
</ssl>
如您所见,节点是在最后一个节点之后添加的,但是这样我们使架构无效。
有什么方法可以指定应该在哪个位置添加新节点?
提前感谢您的任何反馈问候 ferp