From 851a7929028b971db48ba4f784955ef59ceb9afb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Hugo=20H=C3=B6rnquist?= Date: Sun, 15 Jan 2023 15:20:16 +0100 Subject: Add autogenerated REFERENCE.md --- REFERENCE.md | 312 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 312 insertions(+) create mode 100644 REFERENCE.md (limited to 'REFERENCE.md') diff --git a/REFERENCE.md b/REFERENCE.md new file mode 100644 index 0000000..c1384d2 --- /dev/null +++ b/REFERENCE.md @@ -0,0 +1,312 @@ +# Reference + + + +## Table of Contents + +### Classes + +#### Public Classes + +* [`letsencrypt`](#letsencrypt): Sets up letsencrypt for other classes +* [`letsencrypt::authenticator::nginx`](#letsencrypt--authenticator--nginx): Sets up nginx specific configuration, and provides access to variables for enterpolating into nginx configurations These use the default cer + +#### Private Classes + +* `letsencrypt::renew::cron::setup`: Handles renewal certificates through CRON +* `letsencrypt::renew::setup`: Sets up timers for automatically renewing certificates +* `letsencrypt::renew::systemd::setup`: Handles renewal certificates through systemd timers + +### Defined types + +#### Public Defined types + +* [`letsencrypt::cert`](#letsencrypt--cert): A single certificate +* [`letsencrypt::domain`](#letsencrypt--domain): A single domain name which should be part of a certificate + +#### Private Defined types + +* `letsencrypt::renew`: Configures automatic renewal for the given certificate +* `letsencrypt::renew::systemd` + +### Functions + +* [`letsencrypt::conf::nginx`](#letsencrypt--conf--nginx): Returns a hash to be merged into a nginx::resource::server resources parameters. +* [`letsencrypt::conf::nginx::location`](#letsencrypt--conf--nginx--location): Returns a hash to be merged into a nginx::resource::location resource. + +### Data types + +* [`Letsencrypt::Authenticator`](#Letsencrypt--Authenticator): Known authenticator types +* [`Letsencrypt::Renewal_provider`](#Letsencrypt--Renewal_provider): Known backends which can keep track of when to issue renewal requests. +* [`Letsencrypt::Ssl_conf::Nginx`](#Letsencrypt--Ssl_conf--Nginx): SSL configuration hash for nginx +* [`Letsencrypt::Ssl_conf::Nginx::Location`](#Letsencrypt--Ssl_conf--Nginx--Location): SSL configuration for a single nginx location. + +## Classes + +### `letsencrypt` + +Sets up letsencrypt for other classes + +#### Parameters + +The following parameters are available in the `letsencrypt` class: + +* [`email`](#-letsencrypt--email) +* [`manage_package`](#-letsencrypt--manage_package) +* [`certbot_package`](#-letsencrypt--certbot_package) +* [`server`](#-letsencrypt--server) +* [`renewal_provider`](#-letsencrypt--renewal_provider) +* [`config`](#-letsencrypt--config) + +##### `email` + +Data type: `String` + +Contact email sent to letsencrypt + +##### `manage_package` + +Data type: `Boolean` + +Should the certbot package resource be managed by this class + +Default value: `true` + +##### `certbot_package` + +Data type: `String` + +Name of the certbot package. Should be automatically set through hiera. + +Default value: `'certbot'` + +##### `server` + +Data type: `String` + +Server providing ACME challenge + +Default value: `'https://acme-v02.api.letsencrypt.org/directory'` + +##### `renewal_provider` + +Data type: `Letsencrypt::Renewal_provider` + +Service responsible for periodically renewing the certificate + +##### `config` + +Data type: `Hash[String, Any]` + +Default configuration values to pass to certbot. $server and +$email is added here if not explicitly set. It's later merged with +a specific instance for each certificate. + +Default value: `{}` + +### `letsencrypt::authenticator::nginx` + +Sets up nginx specific configuration, and provides access to +variables for enterpolating into nginx configurations + +These use the default cert name + +#### Parameters + +The following parameters are available in the `letsencrypt::authenticator::nginx` class: + +* [`certbot_plugin_package`](#-letsencrypt--authenticator--nginx--certbot_plugin_package) +* [`manage_package`](#-letsencrypt--authenticator--nginx--manage_package) + +##### `certbot_plugin_package` + +Data type: `String` + +Name of the system package providing this plugin. +Populated through hiera. + +##### `manage_package` + +Data type: `Boolean` + +If this class should manage the package. + +Default value: `true` + +## Defined types + +### `letsencrypt::cert` + +A single certificate + +#### Parameters + +The following parameters are available in the `letsencrypt::cert` defined type: + +* [`cert_name`](#-letsencrypt--cert--cert_name) +* [`ensure`](#-letsencrypt--cert--ensure) +* [`include_self`](#-letsencrypt--cert--include_self) +* [`authenticator`](#-letsencrypt--cert--authenticator) +* [`domains`](#-letsencrypt--cert--domains) +* [`config`](#-letsencrypt--cert--config) + +##### `cert_name` + +Data type: `String` + +Name of the certificate, can be anything, but $::fqdn is recommended + +Default value: `$name` + +##### `ensure` + +Data type: `Enum['present', 'absent']` + +Present or absent (currently does nothing) + +Default value: `'present'` + +##### `include_self` + +Data type: `Boolean` + +Should the certificates name be one of its domains? + +Default value: `true` + +##### `authenticator` + +Data type: `Letsencrypt::Authenticator` + +How should the challenge be handled. + +##### `domains` + +Data type: `Array[String]` + +List of domains to add to certificate + +Default value: `[]` + +##### `config` + +Data type: `Hash[String, Any]` + +Additional config for this entry + +Default value: `{}` + +### `letsencrypt::domain` + +A single domain name which should be part of a certificate + +#### Parameters + +The following parameters are available in the `letsencrypt::domain` defined type: + +* [`cert_name`](#-letsencrypt--domain--cert_name) +* [`domain_name`](#-letsencrypt--domain--domain_name) + +##### `cert_name` + +Data type: `String` + +Which certificate this domain name belongs to + +##### `domain_name` + +Data type: `String` + +The domain name to be added + +Default value: `$name` + +## Functions + +### `letsencrypt::conf::nginx` + +Type: Puppet Language + +Returns a hash to be merged into a nginx::resource::server resources +parameters. + +#### `letsencrypt::conf::nginx(String $cert_name)` + +Returns a hash to be merged into a nginx::resource::server resources +parameters. + +Returns: `Letsencrypt::Ssl_conf::Nginx` hash usable with nginx::resource::server + +##### `cert_name` + +Data type: `String` + +name of the domain in question, NOT the local certificate name. + +### `letsencrypt::conf::nginx::location` + +Type: Puppet Language + +Returns a hash to be merged into a nginx::resource::location resource. + +#### `letsencrypt::conf::nginx::location(String $cert_name)` + +Returns a hash to be merged into a nginx::resource::location resource. + +Returns: `Letsencrypt::Ssl_conf::Nginx::Location` hash usable with nginx::resource::location + +##### `cert_name` + +Data type: `String` + +Domain for which we want the configuration. +NOT the local certificate name. + +## Data types + +### `Letsencrypt::Authenticator` + +Known authenticator types + +Alias of `Enum['nginx']` + +### `Letsencrypt::Renewal_provider` + +Known backends which can keep track of when to issue renewal +requests. + +Alias of `Enum['systemd', 'cron']` + +### `Letsencrypt::Ssl_conf::Nginx` + +Will either have ssl set to false, or ssl set to true, along with +appropriate ssl parameters. + +Alias of + +```puppet +Variant[Struct[{ + ssl => Boolean, + }], Struct[{ + ssl => Boolean, + ssl_redirect => Boolean, + ssl_cert => String, + ssl_key => String, + }]] +``` + +### `Letsencrypt::Ssl_conf::Nginx::Location` + +SSL configuration for a single nginx location. + +Alias of + +```puppet +Variant[Struct[{ + ssl => Boolean, + }], Struct[{ + ssl => Boolean, + ssl_only => Boolean, + }]] +``` + -- cgit v1.2.3