1 define ssl::service($ensure = present, $tlsaport = 443, $notify = [], $key = false) {
2 $link_target = $ensure ? {
5 default => fail ( "Unknown ensure value: '$ensure'" ),
8 file { "/etc/ssl/debian/certs/$name.crt":
9 source => [ "puppet:///modules/ssl/servicecerts/${name}.crt", "puppet:///modules/ssl/from-letsencrypt/${name}.crt" ],
10 notify => [ Exec['refresh_debian_hashes'], $notify ],
12 file { "/etc/ssl/debian/certs/$name.crt-chain":
13 source => [ "puppet:///modules/ssl/chains/${name}.crt", "puppet:///modules/ssl/servicecerts/${name}.crt", "puppet:///modules/ssl/from-letsencrypt/${name}.crt-chain" ],
14 notify => [ $notify ],
17 file { "/etc/ssl/debian/certs/$name.crt-chained":
18 content => template('ssl/chained.erb'),
19 notify => [ $notify ],
22 file { "/etc/ssl/private/$name.key":
25 source => [ "puppet:///modules/ssl/keys/${name}.crt", "puppet:///modules/ssl/from-letsencrypt/${name}.key" ],
26 notify => [ $notify ],
32 dnsextras::tlsa_record{ "tlsa-${name}-${tlsaport}":
34 certfile => [ "/etc/puppet/modules/ssl/files/servicecerts/${name}.crt", "/etc/puppet/modules/ssl/files/from-letsencrypt/${name}.crt" ],
projects / mirror / dsa-puppet.git / blob