manifests/certbot.pp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

define nginx::certbot(
  $aliases = '',
  $ensure  = present,
  $email   = hiera('nginx::certbot::email'),
  $size    = hiera('nginx::certbot::size', '4096'),
){
  # Certbot support
  file { "/var/www/certbot/${name}":
    ensure  => $ensure,
    owner   => 'root',
    group   => 'www-data',
    mode    => '0750',
    require => Package['certbot'],
  }

  exec { "certbot-${name}":
    command => "/usr/bin/certbot certonly --webroot -w /var/www/certbot/${name} -d ${name} -d www.${name} -m ${email} --rsa-key-size ${size} --agree-tos",
    creates => "/etc/letsencrypt/archive/${name}",
  }
}