From 65d765301e195226cdab7326aba9c448e855ed79 Mon Sep 17 00:00:00 2001
From: Bob Belnap <robert.belnap@uga.edu>
Date: Wed, 28 Feb 2018 13:46:41 -0500
Subject: [PATCH] add email conf for acme s/requestor/request

---
 Rakefile                               |  1 +
 manifests/common.pp                    |  4 ++--
 manifests/params.pp                    |  3 +--
 manifests/{requestor.pp => request.pp} | 26 ++++++++++++++++++++++----
 4 files changed, 26 insertions(+), 8 deletions(-)
 rename manifests/{requestor.pp => request.pp} (81%)

diff --git a/Rakefile b/Rakefile
index 81381e0..7daeb95 100644
--- a/Rakefile
+++ b/Rakefile
@@ -1,2 +1,3 @@
 require 'puppetlabs_spec_helper/rake_tasks'
 require 'puppet-syntax/tasks/puppet-syntax'
+PuppetLint.configurationsend('disable_arror_on_right_operand_line')
diff --git a/manifests/common.pp b/manifests/common.pp
index d3271fd..173700f 100644
--- a/manifests/common.pp
+++ b/manifests/common.pp
@@ -1,8 +1,8 @@
 # Common configuration for acme_vault
 # 
-# This class needs to be included before acme_vault::requestor or
+# This class needs to be included before acme_vault::request or
 # acme_vault::deploy and contains configurations common to both.  The user,
-# vault, vault vars, and cron mailto are needed for both requestor and deploy
+# vault, vault vars, and cron mailto are needed for both request and deploy
 
 class acme_vault::common (
     $user               = $::acme_vault::params::user,
diff --git a/manifests/params.pp b/manifests/params.pp
index 7b1aeeb..5632d9e 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -1,4 +1,4 @@
-# params for both common, requestor, and deploy
+# params for both common, request, and deploy
 class acme_vault::params {
     # settings for acme user
     $user       = 'acme'
@@ -9,7 +9,6 @@ class acme_vault::params {
     $staging     = true
     $staging_url = 'https://acme-staging-v02.api.letsencrypt.org/directory'
     $prod_url    = 'https://acme-v02.api.letsencrypt.org/directory'
-    #TODO configurue email
     $contact_email = ''
 
     $acme_revision = 'HEAD'
diff --git a/manifests/requestor.pp b/manifests/request.pp
similarity index 81%
rename from manifests/requestor.pp
rename to manifests/request.pp
index 5c06dee..1c1d05b 100644
--- a/manifests/requestor.pp
+++ b/manifests/request.pp
@@ -8,7 +8,7 @@
 # coordination to eventually reach the desired end state.  Since certificate
 # renewal has a large time window, this is acceptable.
 
-class acme_vault::requestor (
+class acme_vault::request (
     $user               = $::acme_vault::common::user,
     $group              = $::acme_vault::common::group,
     $home_dir           = $::acme_vault::common::home_dir,
@@ -32,7 +32,7 @@ class acme_vault::requestor (
 
     include acme_vault::common
 
-    $requestor_bashrc_template = @(END)
+    $request_bashrc_template = @(END)
 export TLDEXTRACT_CACHE=$HOME/.tld_set
 export PROVIDER=<%= @lexicon_provider %>
 export LEXICON_<%= @lexicon_provider.upcase %>_USERNAME=<%= @lexicon_username %>
@@ -46,9 +46,9 @@ END
     })
 
     # variables in bashrc
-    concat::fragment { 'requestor_bashrc':
+    concat::fragment { 'request_bashrc':
       target  => "${home_dir}/.bashrc",
-      content => inline_template($requestor_bashrc_template),
+      content => inline_template($request_bashrc_template),
       order   => '02',
     }
 
@@ -61,6 +61,24 @@ END
       revision => $acme_revision,
     }
 
+    file { "${home_dir}/.acme.sh":
+      ensure => directory,
+      owner  => $user,
+      group  => $group,
+      mode   => '0700',
+    } ->
+    file { "${home_dir}/.acme.sh/account.conf":
+      ensure => present,
+      owner  => $user,
+      group  => $group,
+      mode   => '0600',
+    } ->
+    file_line { ' add email to acme conf':
+      path  => "${home_dir}/.acme.sh/account.conf",
+      line  => "ACCOUNT_EMAIL=${contact_email}",
+      match => '^ACCOUNT_EMAIL=.*$',
+    }
+
     # create issue scripts
     $domains.each |$domain, $d_list| {
       file {"/${home_dir}/${domain}.sh":