From aaaea6753f809b01c1e8bafab204070dc4a0671f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hugo=20H=C3=B6rnquist?= <hugo@lysator.liu.se>
Date: Sat, 14 Jan 2023 00:57:16 +0100
Subject: Use hugonikanor::letsencrypt module.

---
 manifests/init.pp     | 14 ++++++++------
 manifests/instance.pp | 24 +++++++++++-------------
 2 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/manifests/init.pp b/manifests/init.pp
index d01f505..9b0bb86 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -16,15 +16,17 @@ class website_blog_2 (
     ensure => directory,
   }
 
+  letsencrypt::cert { $certname:
+    include_self  => false,
+    domains       => $domain_aliases << $domain,
+    authenticator => 'nginx',
+  }
+
   $default = {
     access_log           => 'absent',
     error_log            => 'absent',
-    ssl                  => true,
-    ssl_redirect         => true,
-    ssl_cert             => "/etc/letsencrypt/live/${certname}/fullchain.pem",
-    ssl_key              => "/etc/letsencrypt/live/${certname}/privkey.pem",
     use_default_location => false,
-  }
+  } + letsencrypt::conf::nginx($domain)
 
   include ::nginx
 
@@ -40,7 +42,7 @@ class website_blog_2 (
       *                 => $default,
       server_name       => $domain_aliases,
       server_cfg_append => {
-        'return' => '301 $scheme://blog.hornquist.se$request_uri',
+        'return' => "301 \$scheme://${domain}\$request_uri",
       },
     }
   }
diff --git a/manifests/instance.pp b/manifests/instance.pp
index df1df65..721ec24 100644
--- a/manifests/instance.pp
+++ b/manifests/instance.pp
@@ -78,14 +78,13 @@ define website_blog_2::instance (
   }
 
   nginx::resource::location { "${safe_title} - /":
-    location          => '/',
-    try_files         => ['$uri', '$uri/', '=404'],
-    index_files       => [],
-    ssl               => true,
-    ssl_only          => true,
-    autoindex         => on,
-    server            => $website_blog_2::blog_server_name,
-    add_header        => {
+    location    => '/',
+    try_files   => ['$uri', '$uri/', '=404'],
+    index_files => [],
+    autoindex   => on,
+    server      => $website_blog_2::blog_server_name,
+    *           => letsencrypt::conf::nginx($website_blog_2::domain),
+    add_header  => {
       'Cache-Control' => "no-cache",
     },
   }
@@ -93,10 +92,9 @@ define website_blog_2::instance (
   nginx::resource::location { "${safe_title} - css":
     location   => '~ \.css$',
     try_files  => [ '$uri', '=404' ],
-    ssl        => true,
-    ssl_only   => true,
     server     => $website_blog_2::blog_server_name,
     expires    => '1h',
+    *          => letsencrypt::conf::nginx($website_blog_2::domain),
     add_header => {
       'Cache-Control' => "no-cache",
     },
@@ -106,8 +104,7 @@ define website_blog_2::instance (
     location       => '~ \.php$',
     fastcgi_params => 'snippets/fastcgi-php.conf',
     fastcgi        => 'unix:/run/php/php-fpm.sock',
-    ssl            => true,
-    ssl_only       => true,
+    *              => letsencrypt::conf::nginx($website_blog_2::domain),
     server         => $website_blog_2::blog_server_name,
   }
 
@@ -115,7 +112,8 @@ define website_blog_2::instance (
     location            => '~ /\.ht',
     location_cfg_append => { deny => 'all' },
     index_files         => [],
-    ssl                 => true,
+    ssl_only            => false,
+    *                   => letsencrypt::conf::nginx($website_blog_2::domain),
     server              => $website_blog_2::blog_server_name,
   }
 }
-- 
cgit v1.2.3