From 29bd0bfdbc60cc8ade477f306f114af734cf7aba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hugo=20H=C3=B6rnquist?= <hugo@lysator.liu.se>
Date: Sat, 7 Jan 2023 13:00:34 +0100
Subject: Major cleanup.

---
 manifests/nginx.pp | 26 ++++++++++++++++++--------
 1 file changed, 18 insertions(+), 8 deletions(-)

(limited to 'manifests/nginx.pp')

diff --git a/manifests/nginx.pp b/manifests/nginx.pp
index 82fcda4..75b5b48 100644
--- a/manifests/nginx.pp
+++ b/manifests/nginx.pp
@@ -1,22 +1,28 @@
 # Sets up nginx specific configuration, and provides access to
 # variables for enterpolating into nginx configurations
-# Usage:
 #
 # These use the default cert name
-#
+# @example
 # nginx::resource::server { 'servername':
 #   * => $letsescrypt::nginx::server_ssl
 # }
 # $letsencrypt::nginx::location_ssl
+#
+# @param certbot_plugin_package
+#   Name of the system package providing this plugin.
+#   Populated through hiera.
+# @param manage_package
+#   If this class should manage the package.
 class letsencrypt::nginx (
-  Boolean $manage_package: true,
   String $certbot_plugin_package,
+  Boolean $manage_package = true,
 ) {
+  # TODO $cert_path should use the default certificate name.
+  # There should however also be a hash of all configured
+  # certificates.
+  $cert_path = "${letsencrypt::config_dir}/live/${letsencrypt::config_dir::default_cert_name}"
 
-  # TODO $cert_path
-  $cert_path = "/etc/letsencrypt/live/${certname}"
-
-  $server_ssl = if $ssl_configured {
+  $server_ssl = if $letsencrypt::ssl_configured {
     {
       ssl          => true,
       ssl_redirect => true,
@@ -29,7 +35,7 @@ class letsencrypt::nginx (
     }
   }
 
-  $location_ssl = if $ssl_configured {
+  $location_ssl = if $letsencrypt::ssl_configured {
     {
       ssl      => true,
       ssl_only => true,
@@ -39,4 +45,8 @@ class letsencrypt::nginx (
       ssl => false,
     }
   }
+
+  if $manage_package {
+    ensure_packages([$certbot_plugin_package])
+  }
 }
-- 
cgit v1.2.3