feat: certbot reorg
- moved certbot into its own module - added fact to list available certificates - created systemd timer to rsync data to $data_dir/pub - ensure the $data_dir/pub exists - manage selinux for nginx
This commit is contained in:
@@ -0,0 +1,19 @@
|
||||
# certbot::init
|
||||
class certbot (
|
||||
String $contact,
|
||||
Array[Stdlib::Fqdn] $domains = [],
|
||||
Stdlib::Absolutepath $data_root = '/var/www',
|
||||
Stdlib::Fqdn $nginx_vhost = $facts['networking']['fqdn'],
|
||||
Array[Stdlib::Host] $nginx_aliases = [],
|
||||
Stdlib::Port $nginx_port = 80,
|
||||
Stdlib::Port $nginx_ssl_port = 443,
|
||||
Enum['http','https','both'] $nginx_listen_mode = 'https',
|
||||
Enum['puppet', 'vault'] $nginx_cert_type = 'puppet',
|
||||
) {
|
||||
|
||||
include certbot::nginx
|
||||
include certbot::selinux
|
||||
include certbot::haproxy
|
||||
include certbot::letsencrypt
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user