blob: 98f5203dffb7844bf3860edb656eb0e3e97854d3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
define nginx::certbot(
$aliases = '',
$ensure = present,
$email = hiera('nginx::certbot::email'),
$size = hiera('nginx::certbot::size', '4096'),
){
# Certbot support
file { "/var/www/certbot/${name}":
ensure => directory,
owner => 'root',
group => 'www-data',
mode => '0750',
require => Package['certbot'],
}
# Make sure nginx is restarted and request a certificate
exec { "certbot-${name}":
command => "/usr/sbin/service nginx restart && /usr/bin/certbot certonly --webroot -w /var/www/certbot/${name} -d ${name} -d www.${name} -m ${email} --rsa-key-size ${size} --agree-tos",
creates => "/etc/letsencrypt/archive/${name}",
require => File["/var/www/certbot/${name}", "/etc/nginx/sites-enabled/$name"],
}
}
|