diff options
| author | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-01-14 00:57:16 +0100 |
|---|---|---|
| committer | Hugo Hörnquist <hugo@lysator.liu.se> | 2023-01-14 22:46:35 +0100 |
| commit | aaaea6753f809b01c1e8bafab204070dc4a0671f (patch) | |
| tree | 78622f938c1c06d220dcea581e14342b04de06fe | |
| parent | Update names to match module name. (diff) | |
| download | website_blog_2-aaaea6753f809b01c1e8bafab204070dc4a0671f.tar.gz website_blog_2-aaaea6753f809b01c1e8bafab204070dc4a0671f.tar.xz | |
Use hugonikanor::letsencrypt module.
| -rw-r--r-- | manifests/init.pp | 14 | ||||
| -rw-r--r-- | manifests/instance.pp | 24 |
2 files changed, 19 insertions, 19 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index d01f505..9b0bb86 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -16,15 +16,17 @@ class website_blog_2 ( ensure => directory, } + letsencrypt::cert { $certname: + include_self => false, + domains => $domain_aliases << $domain, + authenticator => 'nginx', + } + $default = { access_log => 'absent', error_log => 'absent', - ssl => true, - ssl_redirect => true, - ssl_cert => "/etc/letsencrypt/live/${certname}/fullchain.pem", - ssl_key => "/etc/letsencrypt/live/${certname}/privkey.pem", use_default_location => false, - } + } + letsencrypt::conf::nginx($domain) include ::nginx @@ -40,7 +42,7 @@ class website_blog_2 ( * => $default, server_name => $domain_aliases, server_cfg_append => { - 'return' => '301 $scheme://blog.hornquist.se$request_uri', + 'return' => "301 \$scheme://${domain}\$request_uri", }, } } diff --git a/manifests/instance.pp b/manifests/instance.pp index df1df65..721ec24 100644 --- a/manifests/instance.pp +++ b/manifests/instance.pp @@ -78,14 +78,13 @@ define website_blog_2::instance ( } nginx::resource::location { "${safe_title} - /": - location => '/', - try_files => ['$uri', '$uri/', '=404'], - index_files => [], - ssl => true, - ssl_only => true, - autoindex => on, - server => $website_blog_2::blog_server_name, - add_header => { + location => '/', + try_files => ['$uri', '$uri/', '=404'], + index_files => [], + autoindex => on, + server => $website_blog_2::blog_server_name, + * => letsencrypt::conf::nginx($website_blog_2::domain), + add_header => { 'Cache-Control' => "no-cache", }, } @@ -93,10 +92,9 @@ define website_blog_2::instance ( nginx::resource::location { "${safe_title} - css": location => '~ \.css$', try_files => [ '$uri', '=404' ], - ssl => true, - ssl_only => true, server => $website_blog_2::blog_server_name, expires => '1h', + * => letsencrypt::conf::nginx($website_blog_2::domain), add_header => { 'Cache-Control' => "no-cache", }, @@ -106,8 +104,7 @@ define website_blog_2::instance ( location => '~ \.php$', fastcgi_params => 'snippets/fastcgi-php.conf', fastcgi => 'unix:/run/php/php-fpm.sock', - ssl => true, - ssl_only => true, + * => letsencrypt::conf::nginx($website_blog_2::domain), server => $website_blog_2::blog_server_name, } @@ -115,7 +112,8 @@ define website_blog_2::instance ( location => '~ /\.ht', location_cfg_append => { deny => 'all' }, index_files => [], - ssl => true, + ssl_only => false, + * => letsencrypt::conf::nginx($website_blog_2::domain), server => $website_blog_2::blog_server_name, } } |