Initial commit
This commit is contained in:
parent
af5efbe26f
commit
f4beec8622
|
|
@ -0,0 +1,94 @@
|
|||
#
|
||||
# Create SSL certificates using Letsencrypt
|
||||
#
|
||||
|
||||
bundle agent certbot
|
||||
{
|
||||
vars:
|
||||
"webroot" string => "$(wr)";
|
||||
"renew" string => "$(rn)";
|
||||
|
||||
freebsd::
|
||||
"certbot_dir" string => "/usr/local/etc/letsencrypt";
|
||||
"exe" string => "/usr/local/bin/certbot";
|
||||
"pkg" string => "py39-certbot";
|
||||
debian::
|
||||
"certbot_dir" string => "/etc/letsencrypt";
|
||||
"exe" string => "/usr/bin/certbot";
|
||||
"pkg" string => "certbot";
|
||||
|
||||
defaults:
|
||||
"wr" string => "standalone";
|
||||
"rn" string => "";
|
||||
|
||||
reports:
|
||||
|
||||
}
|
||||
|
||||
bundle agent install_certbot
|
||||
{
|
||||
|
||||
packages:
|
||||
|
||||
freebsd::
|
||||
"$(certbot.pkg)"
|
||||
policy => "present",
|
||||
package_module => pkg,
|
||||
handle => "certbot_installed";
|
||||
debian::
|
||||
"$(certbot.pkg)"
|
||||
policy => "present",
|
||||
package_module => apt_get,
|
||||
handle => "certbot_installed";
|
||||
}
|
||||
|
||||
bundle agent certbot_cert(site,webroot,domain)
|
||||
{
|
||||
|
||||
vars:
|
||||
"site_json" string => storejson(@(site));
|
||||
"args" string => string_mustache(
|
||||
"-d {{domain}} {{#aliases}} -d {{.}} {{/aliases}}",
|
||||
@(site)
|
||||
);
|
||||
|
||||
"webroot_arg" string => ifelse( strcmp("$(webroot)","standalone"),
|
||||
"--standalone",
|
||||
"--webroot -w $(webroot)");
|
||||
|
||||
files:
|
||||
"$(sys.workdir)/data/certbot/$(site[domain])-cert-created"
|
||||
create => "true",
|
||||
content => "$(args)",
|
||||
classes => if_repaired(certbot_repaired);
|
||||
|
||||
classes:
|
||||
"no_cert_file"
|
||||
comment => "run certbot because no cert dir exists",
|
||||
not => fileexists("$(certbot.certbot_dir)/live/$(site[domain])");
|
||||
|
||||
"run_certbot"
|
||||
or => {no_cert_file, certbot_repaired};
|
||||
|
||||
defaults:
|
||||
"webroot" string => "standalone";
|
||||
|
||||
methods:
|
||||
"any" usebundle => install_certbot;
|
||||
|
||||
commands:
|
||||
run_certbot::
|
||||
"$(certbot.exe)"
|
||||
depends_on => {"certbot_installed"},
|
||||
handle => "certbot_dry_run_ok",
|
||||
args => "certonly --dry-run --agree-tos -n $(webroot_arg) --expand --email $(site[email]) $(args)";
|
||||
|
||||
run_certbot::
|
||||
"$(certbot.exe)"
|
||||
depends_on => {"certbot_installed","certbot_dry_run_ok"},
|
||||
args => "certonly --agree-tos -n $(webroot_arg) --expand --email $(site[email]) $(args)";
|
||||
|
||||
reports:
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue