Ben Vincent
2ef4fb0bf8
- update documentation - add option to notify services - set haproxy role to notify the haproxy service
32 lines
951 B
Puppet
32 lines
951 B
Puppet
# used by certbot clients to request letsencrypt certificates
|
|
# - domains: list of certificates to generate
|
|
# - webserver: where the client downloads certificates from
|
|
# - data_dir: where to store the certificates on the client
|
|
# - services: the services to notify when certificates change
|
|
#
|
|
class certbot::client (
|
|
Array[Stdlib::Fqdn] $domains,
|
|
Stdlib::Fqdn $webserver,
|
|
Stdlib::Absolutepath $data_dir = '/etc/pki/tls/letsencrypt/',
|
|
Optional[String] $service = undef,
|
|
) {
|
|
|
|
mkdir::p {$data_dir:}
|
|
file { $data_dir:
|
|
ensure => directory,
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0755',
|
|
}
|
|
|
|
$domains.each |$domain| {
|
|
certbot::client::cert {"${facts['networking']['fqdn']}_download_${domain}":
|
|
domain => $domain,
|
|
destination => "${data_dir}/${domain}",
|
|
webserver => $webserver,
|
|
require => File[$data_dir],
|
|
notify_service => $service,
|
|
}
|
|
}
|
|
}
|