Ben Vincent
9db714d02f
- add haproxy backend for be_letsencrypt - manage the certbot role/profile - create define to export certificate requests
33 lines
801 B
Puppet
33 lines
801 B
Puppet
# profiles::certbot::server
|
|
class profiles::certbot::server (
|
|
String $contact,
|
|
Array[Stdlib::Fqdn] $domains = [],
|
|
) {
|
|
|
|
class { 'letsencrypt':
|
|
configure_epel => false,
|
|
package_ensure => 'latest',
|
|
email => $contact,
|
|
}
|
|
|
|
# set location_environment
|
|
$location_environment = "${facts['country']}-${facts['region']}-${facts['environment']}"
|
|
|
|
# collect exported resources
|
|
Letsencrypt::Certonly <<| tag == $location_environment |>>
|
|
|
|
# statically defined certificate
|
|
$domains.each | $domain | {
|
|
profiles::certbot::cert {$domain:
|
|
domain => $domain,
|
|
}
|
|
}
|
|
|
|
# export haproxy balancemember
|
|
profiles::haproxy::balancemember { "${facts['networking']['fqdn']}_8888":
|
|
service => 'be_letsencrypt',
|
|
ports => [8888],
|
|
options => []
|
|
}
|
|
}
|