summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2018-02-05 11:00:49 -0200
committerSilvio Rhatto <rhatto@riseup.net>2018-02-05 11:00:49 -0200
commitfbd4a76f453ddae61330864c4aad429d77f04d03 (patch)
tree7b435273c7e60f7eae399b9d2f7d5e3962700a72
parent8d0558a87b5581917c8aa0494c5422be9391e63f (diff)
downloadpuppet-nginx-fbd4a76f453ddae61330864c4aad429d77f04d03.tar.gz
puppet-nginx-fbd4a76f453ddae61330864c4aad429d77f04d03.tar.bz2
Fix ssl/certbot absence behavior
-rw-r--r--manifests/site.pp15
1 files changed, 12 insertions, 3 deletions
diff --git a/manifests/site.pp b/manifests/site.pp
index 9997e97..983fc88 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -20,7 +20,10 @@ define nginx::site(
aliases => $aliases,
}
- if $certbot == true {
+ # We should discover the best practices' way to
+ # stop managing a certificate using certbot so
+ # we can implement an ensurable properly.
+ if $certbot == true and $ensure == 'present' {
certbot::manage { $name:
aliases => $aliases,
pre_hook => '/usr/sbin/service nginx restart',
@@ -30,13 +33,19 @@ define nginx::site(
nginx::site::config { "${name}-ssl":
server_name => $name,
- ensure => $ssl,
+ ensure => $ensure ? {
+ 'present' => $ssl,
+ default => absent,
+ },
source => $source,
template => "${template}-ssl",
backend => $backend,
aliases => $aliases,
require => $certbot ? {
- true => Certbot::Manage[$name],
+ true => $ensure ? {
+ 'present' => Certbot::Manage[$name],
+ default => undef,
+ },
default => undef,
}
}