27 lines
660 B
Puppet
27 lines
660 B
Puppet
define profiles::pki::letsencrypt (
|
|
Stdlib::Fqdn $webserver,
|
|
Stdlib::Fqdn $domain,
|
|
Stdlib::Absolutepath $destination = "/etc/pki/tls/letsencrypt/${domain}",
|
|
) {
|
|
|
|
file { $destination:
|
|
ensure => directory,
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0755',
|
|
}
|
|
|
|
$cert_files = ['cert.pem', 'chain.pem', 'fullchain.pem', 'privkey.pem']
|
|
|
|
$cert_files.each |String $file| {
|
|
file { "${destination}/${file}":
|
|
ensure => file,
|
|
source => "https://${webserver}/${domain}/${file}",
|
|
owner => 'root',
|
|
group => 'root',
|
|
mode => '0644',
|
|
require => File[$destination],
|
|
}
|
|
}
|
|
}
|