diff options
| author | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-01-10 12:57:19 +0100 |
|---|---|---|
| committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-01-16 22:29:18 +0100 |
| commit | 6c2c73fb3304da6f35c7390b4a952bb7f51a4d5d (patch) | |
| tree | 59b6723b30e648eb2c5fcffc7101c3430a79dbe2 /manifests/certificate.pp | |
| parent | Add default value to mounts::mounts. (diff) | |
| download | profiles-6c2c73fb3304da6f35c7390b4a952bb7f51a4d5d.tar.gz profiles-6c2c73fb3304da6f35c7390b4a952bb7f51a4d5d.tar.xz | |
Introduce profiles::certificates + repomaster work.
Diffstat (limited to 'manifests/certificate.pp')
| -rw-r--r-- | manifests/certificate.pp | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/manifests/certificate.pp b/manifests/certificate.pp new file mode 100644 index 0000000..829ae37 --- /dev/null +++ b/manifests/certificate.pp @@ -0,0 +1,19 @@ +# Sets up a certificate for this machine. +# Should preferably be included before a letsencrypt::domain resource +# is declared. +class profiles::certificate ( + String $cert_name = $::fqdn, + Letsencrypt::Authenticator $authenticator = 'nginx', + Hash[String,Any] $config = { + # more portable than 'systemctl reload nginx' + 'post-hook' => 'nginx -s reload', + }, +) { + include ::letsencrypt + + letsencrypt::cert { $cert_name: + domains => [ $::fqdn, ], + authenticator => $authenticator, + config => $config, + } +} |