Adds ssl_manage_cert into apache::site

1 files changed, 10 insertions, 13 deletions

diff --git a/manifests/site.pp b/manifests/site.pp
index 586d5c1..0086f1f 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -25,6 +25,7 @@ define apache::site(
   $shell                = '/bin/false',
   $manage_user          = true,
   $ssl                  = false,
+  $ssl_manage_cert      = false,
   $listen               = '*',
   $https_redirect       = false,
   $canonical            = false,
@@ -75,19 +76,6 @@ define apache::site(
     shell          => $shell,
   }
 
-  if $ssl == true {
-    ssl::cert { "$name":
-      group    => $gid,
-      privmode => '0640',
-      ensure   => $ensure,
-    }
-
-    ssl::check { "$name":
-      file   => "/etc/ssl/certs/$name.crt",
-      ensure => $ensure,
-    }
-  }
-
   # Legacy configuration
   file { [ "${apache::conf_sites}-available/$vhost",
            "${apache::conf_sites}-enabled/$vhost" ]:
@@ -132,6 +120,15 @@ define apache::site(
     require        => Apache::Site::Config[$name],
   }
 
+  ssl::cert { "$name":
+    group    => $gid,
+    privmode => '0640',
+    ensure   => $ssl_manage_cert ? {
+      true    => present,
+      default => absent,
+    },
+  }
+
   if $certbot == true {
     certbot::manage { $name:
       pre_hook => '/usr/sbin/service apache2 reload',