diff options
| author | Hugo Hörnquist <hugo@lysator.liu.se> | 2022-01-05 18:02:30 +0100 |
|---|---|---|
| committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2022-01-05 18:05:06 +0100 |
| commit | e0f2915fdad577eadd39570c1131f86cb34c0279 (patch) | |
| tree | 0996a5a6ada2ae585a2b1e218975f3c153c03358 | |
| parent | puppetboard http redirect. (diff) | |
| download | webdav_server-e0f2915fdad577eadd39570c1131f86cb34c0279.tar.gz webdav_server-e0f2915fdad577eadd39570c1131f86cb34c0279.tar.xz | |
Letsencrypt improvements
| -rw-r--r-- | modules/profiles/manifests/letsencrypt.pp | 25 | ||||
| -rw-r--r-- | modules/profiles/manifests/puppetboard.pp | 15 |
2 files changed, 23 insertions, 17 deletions
diff --git a/modules/profiles/manifests/letsencrypt.pp b/modules/profiles/manifests/letsencrypt.pp index 4b4b568..48aa3a8 100644 --- a/modules/profiles/manifests/letsencrypt.pp +++ b/modules/profiles/manifests/letsencrypt.pp @@ -1,20 +1,35 @@ class profiles::letsencrypt ( String $certname, - String $nginx_plugin, Array[String] $domains, + Enum['nginx','apache'] $provider, + Optional[String] $nginx_plugin = undef, + Optional[String] $apache_plugin = undef, ) { - ensure_packages ([$nginx_plugin]) - include ::letsencrypt + $plugin = $provider + $post_hook = $provider ? { + 'nginx' => 'systemctl restart nginx.service', + 'apache' => 'systemctl restart apache2.service', + } + + case $provider { + 'apache': { + ensure_packages ([$apache_plugin]) + } + 'nginx': { + ensure_packages ([$nginx_plugin]) + } + } + letsencrypt::certonly { $certname: ensure => present, domains => $domains, manage_cron => true, - plugin => 'nginx', + plugin => $plugin, additional_args => [ '--quiet', ], # pre_hook_commands => [ 'systemctl stop nginx.service', ], - post_hook_commands => [ 'systemctl restart nginx.service', ], + post_hook_commands => [ $post_hook, ], } } diff --git a/modules/profiles/manifests/puppetboard.pp b/modules/profiles/manifests/puppetboard.pp index b5f6b1f..d477632 100644 --- a/modules/profiles/manifests/puppetboard.pp +++ b/modules/profiles/manifests/puppetboard.pp @@ -32,20 +32,11 @@ class profiles::puppetboard { offline_mode => true, } - include ::letsencrypt - - ensure_packages(['python3-certbot-apache']) - - $certname = lookup('certname') - letsencrypt::certonly { $certname: - ensure => present, - domains => [ $::fqdn, ], - manage_cron => true, - plugin => 'apache', - additional_args => ['--quiet'], - post_hook_commands => ['systemctl restart apache2'], + class { '::profiles::letsencrypt': + provider => apache, } + $certname = lookup('certname') class { 'puppetboard::apache::vhost': vhost_name => $::fqdn, port => 443, |