From d21390519026e6d31ffb2cfbb08bd77aebfce7c3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hugo=20H=C3=B6rnquist?= <hugo@lysator.liu.se>
Date: Thu, 5 Jan 2023 16:29:24 +0100
Subject: Initial code.

---
 manifests/cert.pp | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 manifests/cert.pp

(limited to 'manifests/cert.pp')

diff --git a/manifests/cert.pp b/manifests/cert.pp
new file mode 100644
index 0000000..a8cc94e
--- /dev/null
+++ b/manifests/cert.pp
@@ -0,0 +1,39 @@
+# A single certificate
+# TODO possibly default cert_name to $::fqdn instead
+define letsencrypt::cert (
+  String $cert_name                 => $::name,
+  Enum['present', 'absent'] $ensure => 'present',
+  Boolean $include_self             => true,
+) {
+
+  # TODO these env files are systemd specific
+  # TODO concat::fragment is clumsy, look at re-implementing the
+  # functionallity internally
+
+  concat { "${letsencrypt::config_dir}/env/${cert_name}":
+    ensure         => present,
+    warn           => true,
+  }
+
+  concat::fragment { "letsencrypt ${cert_name} preamble":
+    target  => "${letsencrypt::config_dir}/env/${cert_name}",
+    order   => '0',
+    content => @(EOF)
+    AUTHENTICATOR = ''
+    POST_HOOK = ''
+    DOMAINS =
+    |- EOF
+  }
+  concat::fragment { "letsencrypt ${cert_name} postamble":
+    target  => "${letsencrypt::config_dir}/env/${cert_name}",
+    order   => '99',
+    content => "\n\n",
+  }
+
+  if $include_self {
+    letsencrypt::domain { $cert_name: }
+  }
+
+  letsencrypt::renew { $cert_name:
+  }
+}
-- 
cgit v1.2.3