Stop hardcoding /srv/puppet.debian.org/from-letsencrypt/ all over the place

[mirror/dsa-puppet.git] / modules / roles / manifests / init.pp

diff --git a/modules/roles/manifests/init.pp b/modules/roles/manifests/init.pp
index 2464807..8ccca49 100644 (file)
--- a/modules/roles/manifests/init.pp
+++ b/modules/roles/manifests/init.pp
@@ -247,6 +247,13 @@ class roles {
 
        if has_role('gobby_debian_org') {
                ssl::service { 'gobby.debian.org': notify  => Exec['service apache2 reload'], key => true, tlsaport => [443, 6523], }
+               file { '/etc/ssl/debian-local/other-keys/gobby.debian.org.key':
+                       ensure => present,
+                       mode => '0440',
+                       group => 'gobby',
+                       content => inline_template('<%= File.read(scope().call_function("hiera", ["paths.letsencrypt_dir"]) + "/gobby.debian.org.key") %>'),
+                       links => follow,
+               }
        }
 
        if has_role('search_backend') {
@@ -317,7 +324,7 @@ class roles {
        }
 
        if has_role('postgresql_server') {
-               include roles::postgresql_server
+               include postgres::backup_source
        }
 
        if has_role('bacula_director') {
@@ -330,6 +337,10 @@ class roles {
                include bacula::storage
        }
 
+       if has_role('salsa.debian.org') {
+               include salsa
+       }
+
        if $::keyring_debian_org_mirror {
                include roles::keyring_debian_org_mirror
        }