summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2016-06-19 14:48:26 -0300
committerSilvio Rhatto <rhatto@riseup.net>2016-06-19 14:48:26 -0300
commitdd175305cf5da1778ce45784976bfe11ca890691 (patch)
treed3038f3bf9fa8efdd2d9c76f5bdc30aba054bcf7
parent0252c5aed444c435bb447cd2c8e564477802dc4f (diff)
downloadpuppet-apache-dd175305cf5da1778ce45784976bfe11ca890691.tar.gz
puppet-apache-dd175305cf5da1778ce45784976bfe11ca890691.tar.bz2
Adds ssl_manage_cert into apache::site
-rw-r--r--manifests/site.pp23
1 files changed, 10 insertions, 13 deletions
diff --git a/manifests/site.pp b/manifests/site.pp
index 586d5c1..0086f1f 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -25,6 +25,7 @@ define apache::site(
$shell = '/bin/false',
$manage_user = true,
$ssl = false,
+ $ssl_manage_cert = false,
$listen = '*',
$https_redirect = false,
$canonical = false,
@@ -75,19 +76,6 @@ define apache::site(
shell => $shell,
}
- if $ssl == true {
- ssl::cert { "$name":
- group => $gid,
- privmode => '0640',
- ensure => $ensure,
- }
-
- ssl::check { "$name":
- file => "/etc/ssl/certs/$name.crt",
- ensure => $ensure,
- }
- }
-
# Legacy configuration
file { [ "${apache::conf_sites}-available/$vhost",
"${apache::conf_sites}-enabled/$vhost" ]:
@@ -132,6 +120,15 @@ define apache::site(
require => Apache::Site::Config[$name],
}
+ ssl::cert { "$name":
+ group => $gid,
+ privmode => '0640',
+ ensure => $ssl_manage_cert ? {
+ true => present,
+ default => absent,
+ },
+ }
+
if $certbot == true {
certbot::manage { $name:
pre_hook => '/usr/sbin/service apache2 reload',