X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Frsync%2Fmanifests%2Fsite.pp;h=8035dd491ab875d60cfb5e3e141035a7eea77525;hb=5649a4242e4cea08fa81bafc980eed5cdb7e3607;hp=60cab396d1e7d89179628511d09d63e90530221d;hpb=1362b9d1c582c0e2063ef93d893a45d775d49e0d;p=mirror%2Fdsa-puppet.git

diff --git a/modules/rsync/manifests/site.pp b/modules/rsync/manifests/site.pp
index 60cab396d..8035dd491 100644
--- a/modules/rsync/manifests/site.pp
+++ b/modules/rsync/manifests/site.pp
@@ -112,15 +112,16 @@ define rsync::site (
 			provider => systemd,
 		}
 
-		@ferm::rule { "rsync-${name}-ssl":
+		ferm::rule { "rsync-${name}-ssl":
 			domain      => '(ip ip6)',
 			description => 'Allow rsync access',
 			rule        => '&SERVICE(tcp, 1873)',
 		}
 
+		$certdir = hiera('paths.letsencrypt_dir')
 		dnsextras::tlsa_record{ "tlsa-${sslname}-1873":
 			zone     => 'debian.org',
-			certfile => [ "/srv/puppet.debian.org/from-letsencrypt/${sslname}.crt" ],
+			certfile => [ "${certdir}/${sslname}.crt" ],
 			port     => 1873,
 			hostname => $sslname,
 		}