node 'gandalf.adrift.space' { include ::rss_filter include ::dns include ::profiles::dns_zones include ::profiles::common include ::profiles::client include ::networking include ::losetup include ::profiles::workstation include ::profiles::xmonad include ::profiles::dolphin include ::profiles::imagemagick include ::profiles::syncthing include ::profiles::gandalf_web include ::profiles::transmission include ::shiori include ::profiles::webdav } node 'hornquist.se' { include ::profiles::common include ::profiles::client include ::profiles::firewall include ::nginx # https://buddy.works/blog/how-deploy-projects-with-git include ::blog nsupdate { 'hornquist.se': ensure => present, nameserver => 'ns2.adrift.space', iface => 'eth0', records => [ { type => 'A', ttl => 3600, domain => 'hornquist.se' }, { type => 'A', ttl => 3600, domain => '*.hornquist.se' }, ], } $certname = 'hornquist' service { 'php7.4-fpm': ensure => running, enable => true, } service { 'fcgiwrap.socket': ensure => running, enable => true, } file { '/etc/systemd/system/php7.4-fpm.service.d': ensure => directory, } file { '/etc/systemd/system/php7.4-fpm.service.d/override.conf': ensure => file, notify => Service['php7.4-fpm'], content => @(EOF) [Service] RuntimeDirectory=php | EOF } ensure_packages(['python3-certbot-nginx'], { ensure => installed }) letsencrypt::certonly { $certname: ensure => present, manage_cron => true, plugin => 'nginx', additional_args => [ '--quiet', ], post_hook_commands => [ 'systemctl reload nginx.service', ], domains => [ 'blog.hornquist.se', 'blogg.hornquist.se', 'www.hornquist.se', 'hornquist.se', 'git.hornquist.se', 'wiki.hornquist.se', ], } nginx::resource::location { '= /': # temprory redirect location_custom_cfg => { return => '307 /hugo' }, ssl => true, index_files => [], server => [ 'blog', ], } } node default {}