diff options
| author | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-06-12 17:44:32 +0200 |
|---|---|---|
| committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-06-12 17:44:32 +0200 |
| commit | f8712ca211575bdaf2e373847484b97595d754a3 (patch) | |
| tree | a4b74ec53ce8f51d322e8931c7e83f8be40c1f22 | |
| parent | Formatting cleanup. (diff) | |
| download | hugonikanor-letsencrypt-f8712ca211575bdaf2e373847484b97595d754a3.tar.gz hugonikanor-letsencrypt-f8712ca211575bdaf2e373847484b97595d754a3.tar.xz | |
Add apache authenticator.
| -rw-r--r-- | functions/conf/apache.pp | 25 | ||||
| -rw-r--r-- | manifests/authenticator/apache.pp | 12 | ||||
| -rw-r--r-- | types/authenticator.pp | 8 | ||||
| -rw-r--r-- | types/ssl_conf/apache.pp | 12 |
4 files changed, 56 insertions, 1 deletions
diff --git a/functions/conf/apache.pp b/functions/conf/apache.pp new file mode 100644 index 0000000..f51e9c1 --- /dev/null +++ b/functions/conf/apache.pp @@ -0,0 +1,25 @@ +# @summary Return hash appropriate for an `apache::vhost` +# @param cert_name +# Which certificate should be checked and used. +# @return +# A hash applicable to me used as the parameters of an +# `apache::vhost`. If SSL is configured for this domain, then SSL +# configuration is returned, otherwise non-SSL configuration is +# returned. +function letsencrypt::conf::apache( + String $cert_name, +) >> Letsencrypt::Ssl_conf::Nginx { + $cert_path = $facts['letsencrypt_directory'][$cert_name] + if $cert_path == undef { + { + ssl => false, + } + } else { + { + ssl => true, + ssl_cert => "${cert_path}/cert.pem", + ssl_key => "${cert_path}/privkey.pem", + ssl_chain => "${cert_path}/fullchain.pem", + } + } +} diff --git a/manifests/authenticator/apache.pp b/manifests/authenticator/apache.pp new file mode 100644 index 0000000..9c9ae46 --- /dev/null +++ b/manifests/authenticator/apache.pp @@ -0,0 +1,12 @@ +# @param certbot_plugin_package +# Name of the package providing the apache authenticator +# @param manage_package +# Should the package be managed by us +class letsencrypt::authenticator::apache ( + String $certbot_plugin_package, + Boolean $manage_package = true, +) { + if $manage_package { + ensure_packages([$certbot_plugin_package]) + } +} diff --git a/types/authenticator.pp b/types/authenticator.pp index dbd57d5..3e7e534 100644 --- a/types/authenticator.pp +++ b/types/authenticator.pp @@ -1,2 +1,8 @@ # @summary Known authenticator types -type Letsencrypt::Authenticator = Enum['nginx'] +type Letsencrypt::Authenticator = Enum[ + 'nginx', + 'apache', + # 'webroot', + # 'standalone', + # 'dns-rfc2136', +] diff --git a/types/ssl_conf/apache.pp b/types/ssl_conf/apache.pp new file mode 100644 index 0000000..0d21ec3 --- /dev/null +++ b/types/ssl_conf/apache.pp @@ -0,0 +1,12 @@ +# @summary SSL configuration hash for Apache +type Letsencript::Ssl_conf::Apache = Variant[ + Struct[{ + ssl => Boolean, + }], + Struct[{ + ssl => Boolean, + ssl_cert => String, + ssl_key => String, + ssl_chain => String, + }], +] |