rule => '&SERVICE(tcp, 1873)',
}
+ $certdir = hiera('paths.letsencrypt_dir')
dnsextras::tlsa_record{ "tlsa-${sslname}-1873":
zone => 'debian.org',
- certfile => [
- "/etc/puppet/modules/ssl/files/servicecerts/${sslname}.crt",
- "/etc/puppet/modules/ssl/files/from-letsencrypt/${sslname}.crt",
- ],
+ certfile => [ "${certdir}/${sslname}.crt" ],
port => 1873,
hostname => $sslname,
}