2018-02-27 18:58:42 +00:00
|
|
|
# Configuration for deploying certs in vault to the filesystem
|
|
|
|
#
|
|
|
|
|
2018-02-22 19:46:51 +00:00
|
|
|
class acme_vault::deploy(
|
2018-02-27 15:32:51 +00:00
|
|
|
$user = $::acme_vault::common::user,
|
|
|
|
$group = $::acme_vault::common::group,
|
|
|
|
$home_dir = $::acme_vault::common::home_dir,
|
|
|
|
$domains = $::acme_vault::common::domains,
|
2018-02-22 19:46:51 +00:00
|
|
|
|
|
|
|
$cert_destination_path = $::acme_vault::params::cert_destination_path,
|
2020-08-11 15:14:38 +00:00
|
|
|
$deploy_scripts = $::acme_vault::params::deploy_scripts,
|
|
|
|
$restart_method = $::acme_vault::params::restart_method,
|
2018-02-22 19:46:51 +00:00
|
|
|
|
|
|
|
) inherits acme_vault::params {
|
2018-02-26 18:01:25 +00:00
|
|
|
include acme_vault::common
|
|
|
|
|
|
|
|
# copy down cert check script
|
|
|
|
file {"${home_dir}/check_cert.sh":
|
|
|
|
ensure => present,
|
|
|
|
owner => $user,
|
|
|
|
group => $group,
|
2018-02-26 19:54:07 +00:00
|
|
|
mode => '0750',
|
|
|
|
source => 'puppet:///modules/acme_vault/check_cert.sh',
|
2018-02-26 18:01:25 +00:00
|
|
|
}
|
|
|
|
|
2020-08-11 15:14:38 +00:00
|
|
|
# ensure destination paths exist
|
|
|
|
file {[$cert_destination_path, $deploy_scripts]:
|
2018-02-27 15:32:51 +00:00
|
|
|
ensure => directory,
|
|
|
|
owner => $user,
|
|
|
|
group => $group,
|
|
|
|
mode => '0750',
|
|
|
|
}
|
|
|
|
|
2018-02-27 17:28:28 +00:00
|
|
|
# go through each domain, setup cron, and ensure the destination dir exists
|
2018-02-27 15:32:51 +00:00
|
|
|
$domains.each |$domain, $d_list| {
|
2018-02-26 18:01:25 +00:00
|
|
|
cron { "${domain}_deploy":
|
2020-08-11 15:14:38 +00:00
|
|
|
command => ". \$HOME/.bashrc && ${home_dir}/check_cert.sh ${domain} ${cert_destination_path} && ${restart_method}",
|
2018-02-26 19:54:07 +00:00
|
|
|
user => $user,
|
|
|
|
weekday => 2,
|
2018-03-05 18:23:44 +00:00
|
|
|
hour => 11,
|
|
|
|
minute => 17,
|
2018-02-26 18:01:25 +00:00
|
|
|
}
|
2018-02-27 17:28:28 +00:00
|
|
|
|
|
|
|
file {"${cert_destination_path}/${domain}":
|
|
|
|
ensure => directory,
|
|
|
|
owner => $user,
|
|
|
|
group => $group,
|
|
|
|
mode => '0750',
|
|
|
|
}
|
2018-02-26 18:01:25 +00:00
|
|
|
}
|
|
|
|
|
2018-02-22 19:46:51 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|