blob: 061ace16efe2b5a1a06ff6062d40b1f7a011e0cb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
# @summary A single certificate
# TODO possibly default cert_name to $::fqdn instead
# @param cert_name Name of the certificate
# @param ensure Present or absent (currently does nothing)
# @param include_self Should the certificates name be one of its domains?
define letsencrypt::cert (
String $cert_name = $name,
Enum['present', 'absent'] $ensure = 'present',
Boolean $include_self = true,
) {
# TODO these env files are systemd specific
# TODO concat::fragment is clumsy, look at re-implementing the
# functionallity internally
concat { "${letsencrypt::config_dir}/env/${cert_name}":
ensure => present,
warn => true,
}
$cert_preamble = @(EOF)
AUTHENTICATOR = ''
POST_HOOK = ''
DOMAINS =
|- EOF
concat::fragment { "letsencrypt ${cert_name} preamble":
target => "${letsencrypt::config_dir}/env/${cert_name}",
order => '0',
content => $cert_preamble,
}
concat::fragment { "letsencrypt ${cert_name} postamble":
target => "${letsencrypt::config_dir}/env/${cert_name}",
order => '99',
content => "\n\n",
}
if $include_self {
letsencrypt::domain { $cert_name: }
}
letsencrypt::renew { $cert_name:
}
}
|
