Mercurial > repos > other > Puppet

comparison modules/website/manifests/init.pp @ 133:9337c9ce648a puppet-3.6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Switch to using LetsEncrypt certs by default
author IBBoard <dev@ibboard.co.uk>
date Fri, 11 Nov 2016 17:15:23 +0000
parents 95502bafeaa3
children b3f6c7a910d0
comparison
equal deleted inserted replaced
132:9af4b04c2667 133:9337c9ce648a
1 class website( 1 class website(
2 $base_dir, 2 $base_dir,
3 $cert_dir = '/etc/pki/custom', 3 $cert_dir = '/etc/pki/custom',
4 $ssl_chain = 'ca-chain.pem',
5 $primary_ip, 4 $primary_ip,
6 $secondary_ip, 5 $secondary_ip,
7 $default_owner, 6 $default_owner,
8 $default_group, 7 $default_group,
9 $default_tld = 'com', 8 $default_tld = 'com',
18 17
19 $basedir = $base_dir 18 $basedir = $base_dir
20 $certdir = $cert_dir 19 $certdir = $cert_dir
21 $docroot_owner = $default_owner 20 $docroot_owner = $default_owner
22 $docroot_group = $default_group 21 $docroot_group = $default_group
23 $ca_chain = $ssl_chain 22 $ca_chain = "/etc/letsencrypt/live/${::fqdn}/chain.pem"
24 $tld = $default_tld 23 $tld = $default_tld
25 $extra_tlds = $default_extra_tlds 24 $extra_tlds = $default_extra_tlds
26 $htmlphpfragment = "Include conf.extra/html-php.conf" 25 $htmlphpfragment = "Include conf.extra/html-php.conf"
27 $filterfragment = "Include conf.custom/filter.conf" 26 $filterfragment = "Include conf.custom/filter.conf"
28 $cmsfragment = "Include conf.extra/cms_rewrites.conf" 27 $cmsfragment = "Include conf.extra/cms_rewrites.conf"
109 command => 'semanage fcontext -a -t httpd_sys_content_t "/srv/sites(/.*)?"', 108 command => 'semanage fcontext -a -t httpd_sys_content_t "/srv/sites(/.*)?"',
110 path => '/bin:/usr/bin/:/sbin:/usr/sbin', 109 path => '/bin:/usr/bin/:/sbin:/usr/sbin',
111 require => Package['policycoreutils-python'], 110 require => Package['policycoreutils-python'],
112 unless => 'semanage fcontext --list | grep "/srv/sites\\(/\\.\\*\\)\\?"', 111 unless => 'semanage fcontext --list | grep "/srv/sites\\(/\\.\\*\\)\\?"',
113 } 112 }
113 cron { 'letsencrypt-renewal':
114 command => '/usr/bin/certbot renew --quiet',
115 hour => '*/12',
116 minute => '21',
117 }
114 } 118 }
115 } 119 }