From 6c2c73fb3304da6f35c7390b4a952bb7f51a4d5d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hugo=20H=C3=B6rnquist?= <hugo@lysator.liu.se>
Date: Tue, 10 Jan 2023 12:57:19 +0100
Subject: Introduce profiles::certificates + repomaster work.

---
 manifests/repomaster.pp | 26 +++++++++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)

(limited to 'manifests/repomaster.pp')

diff --git a/manifests/repomaster.pp b/manifests/repomaster.pp
index 671b16f..d7143f6 100644
--- a/manifests/repomaster.pp
+++ b/manifests/repomaster.pp
@@ -2,10 +2,17 @@
 class profiles::repomaster (
   String $directory,
   String $hostname = "repo.${::fqdn}",
+  Boolean $publish_dns = false,
+  Optional[String] $dns_zone = undef,
 ) {
 
   include ::nginx
 
+  include ::profiles::certificate
+  letsencrypt::domain { $hostname:
+    cert_name => $profiles::certificate::cert_name,
+  }
+
   nginx::resource::server { $hostname:
     www_root             => $directory,
     autoindex            => 'on',
@@ -13,7 +20,24 @@ class profiles::repomaster (
     ipv6_enable          => true,
     ipv6_listen_options  => '',
     listen_options       => '',
-    # TODO ssl
+    *                    => letsencrypt::conf::nginx($hostname),
   }
 
+  if $publish_dns {
+    # TODO Separate toggles for ipv4 and ipv6
+    # Since ipv4 might be internal and shouldn't be exported.
+    # @@dns_record { "${hostname} A":
+    #   type  => 'A',
+    #   zone  => $dns_zone,
+    #   key   => $hostname,
+    #   value => $facts['ipaddress'],
+    # }
+
+    @@dns_record { "${hostname} AAAA":
+      type  => 'AAAA',
+      zone  => $dns_zone,
+      key   => $hostname,
+      value => $facts['ipaddress6'],
+    }
+  }
 }
-- 
cgit v1.2.3