From 088e907f9ef571359dd7a3930e27545e9f06a362 Mon Sep 17 00:00:00 2001
From: "Alexander A. Klimov" <alexander.klimov@icinga.com>
Date: Fri, 29 Jun 2018 11:05:06 +0200
Subject: [PATCH] Vagrant/Puppet: prevent man-in-the-middle attacks via the
 EPEL repo

---
 .puppet/modules/epel/manifests/init.pp | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/.puppet/modules/epel/manifests/init.pp b/.puppet/modules/epel/manifests/init.pp
index eb888ea6b..71fb8972f 100644
--- a/.puppet/modules/epel/manifests/init.pp
+++ b/.puppet/modules/epel/manifests/init.pp
@@ -13,12 +13,12 @@
 #   include epel
 #
 class epel {
-
-  yumrepo { 'epel':
-    mirrorlist => "https://mirrors.fedoraproject.org/mirrorlist?repo=epel-${::operatingsystemmajrelease}&arch=${::architecture}",
-    enabled    => '1',
-    gpgcheck   => '0',
-    descr      => "Extra Packages for Enterprise Linux ${::operatingsystemmajrelease} - ${::architecture}"
+  exec { 'rpm --import RPM-GPG-KEY-EPEL':
+    command => '/bin/rpm --import https://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-7',
+  }
+  -> exec { 'yum install epel-release-latest':
+    command => '/bin/yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm',
+    creates => '/etc/yum.repos.d/epel.repo',
   }
 }