Stop hardcoding /srv/puppet.debian.org/from-letsencrypt/ all over the place

[mirror/dsa-puppet.git] / modules / rsync / manifests / site.pp

diff --git a/modules/rsync/manifests/site.pp b/modules/rsync/manifests/site.pp
index 60cab39..7011787 100644 (file)
--- a/modules/rsync/manifests/site.pp
+++ b/modules/rsync/manifests/site.pp
@@ -118,9 +118,10 @@ define rsync::site (
                        rule        => '&SERVICE(tcp, 1873)',
                }
 
+               $certdir = hiera('paths.letsencrypt_dir')
                dnsextras::tlsa_record{ "tlsa-${sslname}-1873":
                        zone     => 'debian.org',
-                       certfile => [ "/srv/puppet.debian.org/from-letsencrypt/${sslname}.crt" ],
+                       certfile => [ "${certdir}/${sslname}.crt" ],
                        port     => 1873,
                        hostname => $sslname,
                }