Initial code.

author: Hugo Hörnquist <hugo@lysator.liu.se> 2023-01-05 16:29:24 +0100
committer: Hugo Hörnquist <hugo@lysator.liu.se> 2023-01-05 16:29:24 +0100
commit: d21390519026e6d31ffb2cfbb08bd77aebfce7c3 (patch)
tree: 7f3f4c79f3a62564f92bda45a365a51596fa37e1 /manifests/nginx.pp
parent: Initial commit (diff)
download: hugonikanor-letsencrypt-d21390519026e6d31ffb2cfbb08bd77aebfce7c3.tar.gz
hugonikanor-letsencrypt-d21390519026e6d31ffb2cfbb08bd77aebfce7c3.tar.xz
1 files changed, 42 insertions, 0 deletions
diff --git a/manifests/nginx.pp b/manifests/nginx.pp
new file mode 100644
index 0000000..82fcda4
--- /dev/null
+++ b/manifests/nginx.pp
@@ -0,0 +1,42 @@
+# Sets up nginx specific configuration, and provides access to
+# variables for enterpolating into nginx configurations
+# Usage:
+#
+# These use the default cert name
+#
+# nginx::resource::server { 'servername':
+#   * => $letsescrypt::nginx::server_ssl
+# }
+# $letsencrypt::nginx::location_ssl
+class letsencrypt::nginx (
+  Boolean $manage_package: true,
+  String $certbot_plugin_package,
+) {
+
+  # TODO $cert_path
+  $cert_path = "/etc/letsencrypt/live/${certname}"
+
+  $server_ssl = if $ssl_configured {
+    {
+      ssl          => true,
+      ssl_redirect => true,
+      ssl_cert     => "${cert_path}/fullchain.pem",
+      ssl_key      => "${cert_path}/privkey.pem",
+    }
+  } else {
+    {
+      ssl => false,
+    }
+  }
+
+  $location_ssl = if $ssl_configured {
+    {
+      ssl      => true,
+      ssl_only => true,
+    }
+  } else {
+    {
+      ssl => false,
+    }
+  }
+}
author	Hugo Hörnquist <hugo@lysator.liu.se>	2023-01-05 16:29:24 +0100
committer	Hugo Hörnquist <hugo@lysator.liu.se>	2023-01-05 16:29:24 +0100
commit	d21390519026e6d31ffb2cfbb08bd77aebfce7c3 (patch)
tree	7f3f4c79f3a62564f92bda45a365a51596fa37e1 /manifests/nginx.pp
parent	Initial commit (diff)
download	hugonikanor-letsencrypt-d21390519026e6d31ffb2cfbb08bd77aebfce7c3.tar.gz hugonikanor-letsencrypt-d21390519026e6d31ffb2cfbb08bd77aebfce7c3.tar.xz