diff options
author | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-01-07 13:00:34 +0100 |
---|---|---|
committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-01-07 13:00:34 +0100 |
commit | 29bd0bfdbc60cc8ade477f306f114af734cf7aba (patch) | |
tree | ceaa092216b7eaaf9126a93af40e430dfbd70d85 /manifests/nginx.pp | |
parent | Update fact to match pdk linter. (diff) | |
download | hugonikanor-letsencrypt-29bd0bfdbc60cc8ade477f306f114af734cf7aba.tar.gz hugonikanor-letsencrypt-29bd0bfdbc60cc8ade477f306f114af734cf7aba.tar.xz |
Major cleanup.
Diffstat (limited to '')
-rw-r--r-- | manifests/nginx.pp | 26 |
1 files changed, 18 insertions, 8 deletions
diff --git a/manifests/nginx.pp b/manifests/nginx.pp index 82fcda4..75b5b48 100644 --- a/manifests/nginx.pp +++ b/manifests/nginx.pp @@ -1,22 +1,28 @@ # Sets up nginx specific configuration, and provides access to # variables for enterpolating into nginx configurations -# Usage: # # These use the default cert name -# +# @example # nginx::resource::server { 'servername': # * => $letsescrypt::nginx::server_ssl # } # $letsencrypt::nginx::location_ssl +# +# @param certbot_plugin_package +# Name of the system package providing this plugin. +# Populated through hiera. +# @param manage_package +# If this class should manage the package. class letsencrypt::nginx ( - Boolean $manage_package: true, String $certbot_plugin_package, + Boolean $manage_package = true, ) { + # TODO $cert_path should use the default certificate name. + # There should however also be a hash of all configured + # certificates. + $cert_path = "${letsencrypt::config_dir}/live/${letsencrypt::config_dir::default_cert_name}" - # TODO $cert_path - $cert_path = "/etc/letsencrypt/live/${certname}" - - $server_ssl = if $ssl_configured { + $server_ssl = if $letsencrypt::ssl_configured { { ssl => true, ssl_redirect => true, @@ -29,7 +35,7 @@ class letsencrypt::nginx ( } } - $location_ssl = if $ssl_configured { + $location_ssl = if $letsencrypt::ssl_configured { { ssl => true, ssl_only => true, @@ -39,4 +45,8 @@ class letsencrypt::nginx ( ssl => false, } } + + if $manage_package { + ensure_packages([$certbot_plugin_package]) + } } |