manifests/nginx.pp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42

# Sets up nginx specific configuration, and provides access to
# variables for enterpolating into nginx configurations
# Usage:
#
# These use the default cert name
#
# nginx::resource::server { 'servername':
#   * => $letsescrypt::nginx::server_ssl
# }
# $letsencrypt::nginx::location_ssl
class letsencrypt::nginx (
  Boolean $manage_package: true,
  String $certbot_plugin_package,
) {

  # TODO $cert_path
  $cert_path = "/etc/letsencrypt/live/${certname}"

  $server_ssl = if $ssl_configured {
    {
      ssl          => true,
      ssl_redirect => true,
      ssl_cert     => "${cert_path}/fullchain.pem",
      ssl_key      => "${cert_path}/privkey.pem",
    }
  } else {
    {
      ssl => false,
    }
  }

  $location_ssl = if $ssl_configured {
    {
      ssl      => true,
      ssl_only => true,
    }
  } else {
    {
      ssl => false,
    }
  }
}