rule => '&SERVICE(tcp, 1873)',
}
+ $certdir = hiera('paths.letsencrypt_dir')
dnsextras::tlsa_record{ "tlsa-${sslname}-1873":
zone => 'debian.org',
- certfile => [ "/srv/puppet.debian.org/from-letsencrypt/${sslname}.crt" ],
+ certfile => [ "${certdir}/${sslname}.crt" ],
port => 1873,
hostname => $sslname,
}