Initial code.

1 files changed, 39 insertions, 0 deletions

diff --git a/manifests/cert.pp b/manifests/cert.pp
new file mode 100644
index 0000000..a8cc94e
--- /dev/null
+++ b/manifests/cert.pp
@@ -0,0 +1,39 @@
+# A single certificate
+# TODO possibly default cert_name to $::fqdn instead
+define letsencrypt::cert (
+  String $cert_name                 => $::name,
+  Enum['present', 'absent'] $ensure => 'present',
+  Boolean $include_self             => true,
+) {
+
+  # TODO these env files are systemd specific
+  # TODO concat::fragment is clumsy, look at re-implementing the
+  # functionallity internally
+
+  concat { "${letsencrypt::config_dir}/env/${cert_name}":
+    ensure         => present,
+    warn           => true,
+  }
+
+  concat::fragment { "letsencrypt ${cert_name} preamble":
+    target  => "${letsencrypt::config_dir}/env/${cert_name}",
+    order   => '0',
+    content => @(EOF)
+    AUTHENTICATOR = ''
+    POST_HOOK = ''
+    DOMAINS =
+    |- EOF
+  }
+  concat::fragment { "letsencrypt ${cert_name} postamble":
+    target  => "${letsencrypt::config_dir}/env/${cert_name}",
+    order   => '99',
+    content => "\n\n",
+  }
+
+  if $include_self {
+    letsencrypt::domain { $cert_name: }
+  }
+
+  letsencrypt::renew { $cert_name:
+  }
+}