diff options
author | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-01-05 16:29:24 +0100 |
---|---|---|
committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-01-05 16:29:24 +0100 |
commit | d21390519026e6d31ffb2cfbb08bd77aebfce7c3 (patch) | |
tree | 7f3f4c79f3a62564f92bda45a365a51596fa37e1 /manifests/nginx.pp | |
parent | Initial commit (diff) | |
download | hugonikanor-letsencrypt-d21390519026e6d31ffb2cfbb08bd77aebfce7c3.tar.gz hugonikanor-letsencrypt-d21390519026e6d31ffb2cfbb08bd77aebfce7c3.tar.xz |
Initial code.
Diffstat (limited to '')
-rw-r--r-- | manifests/nginx.pp | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/manifests/nginx.pp b/manifests/nginx.pp new file mode 100644 index 0000000..82fcda4 --- /dev/null +++ b/manifests/nginx.pp @@ -0,0 +1,42 @@ +# Sets up nginx specific configuration, and provides access to +# variables for enterpolating into nginx configurations +# Usage: +# +# These use the default cert name +# +# nginx::resource::server { 'servername': +# * => $letsescrypt::nginx::server_ssl +# } +# $letsencrypt::nginx::location_ssl +class letsencrypt::nginx ( + Boolean $manage_package: true, + String $certbot_plugin_package, +) { + + # TODO $cert_path + $cert_path = "/etc/letsencrypt/live/${certname}" + + $server_ssl = if $ssl_configured { + { + ssl => true, + ssl_redirect => true, + ssl_cert => "${cert_path}/fullchain.pem", + ssl_key => "${cert_path}/privkey.pem", + } + } else { + { + ssl => false, + } + } + + $location_ssl = if $ssl_configured { + { + ssl => true, + ssl_only => true, + } + } else { + { + ssl => false, + } + } +} |