feat: certbot reorg
- moved certbot into its own module - added fact to list available certificates - created systemd timer to rsync data to $data_dir/pub - ensure the $data_dir/pub exists - manage selinux for nginx
This commit is contained in:
@@ -0,0 +1,10 @@
|
||||
[Unit]
|
||||
Description=certbot-syncer service
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/usr/bin/rsync --chmod=D2755,F644 -aL /etc/letsencrypt/live/ <%= $data_root %>/pub/
|
||||
User=root
|
||||
Group=root
|
||||
PermissionsStartOnly=false
|
||||
PrivateTmp=no
|
||||
@@ -0,0 +1,9 @@
|
||||
[Unit]
|
||||
Description=certbot-syncer timer
|
||||
|
||||
[Timer]
|
||||
OnCalendar=hourly
|
||||
Persistent=true
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
||||
Reference in New Issue
Block a user