1
0
mirror of https://github.com/krislamo/puppet-acme_vault synced 2025-01-18 15:30:34 +00:00

add deploy, cron job, lexicon installation

This commit is contained in:
Bob Belnap 2018-02-23 10:03:41 -05:00
parent 7c396c023b
commit eaa3dd2e4d
5 changed files with 22 additions and 4 deletions

View File

@ -6,6 +6,7 @@ class acme_vault::common (
$vault_token = $::acme_vault::params::vault_token, $vault_token = $::acme_vault::params::vault_token,
$vault_addr = $::acme_vault::params::vault_addr, $vault_addr = $::acme_vault::params::vault_addr,
$vault_bin = $::acme_vault::params::vault_bin, $vault_bin = $::acme_vault::params::vault_bin,
$vault_prefix = $::acme_vault::params::vault_prefix,
) inherits acme_vault::params { ) inherits acme_vault::params {
@ -13,6 +14,7 @@ class acme_vault::common (
export VAULT_BIN=<%= @vault_bin %> export VAULT_BIN=<%= @vault_bin %>
export VAULT_TOKEN=<%= @vault_token %> export VAULT_TOKEN=<%= @vault_token %>
export VAULT_ADDR=<%= @vault_addr %> export VAULT_ADDR=<%= @vault_addr %>
export VAULT_PREFIX=<%= @vault_prefix %>
END END
# create acme_vault user # create acme_vault user
user { $user: user { $user:

View File

@ -3,7 +3,6 @@ class acme_vault::deploy(
$group = $::acme_vault::params::group, $group = $::acme_vault::params::group,
$home_dir = $::acme_vault::params::home_dir, $home_dir = $::acme_vault::params::home_dir,
$vault_token = $::acme_vault::params::vault_token,
$cert_destination_path = $::acme_vault::params::cert_destination_path, $cert_destination_path = $::acme_vault::params::cert_destination_path,
$domains = $::acme_vault::params::domains, $domains = $::acme_vault::params::domains,

View File

@ -13,6 +13,7 @@ class acme_vault::params {
$acme_revision = 'HEAD' $acme_revision = 'HEAD'
$acme_repo_path = "$home_dir/acme.sh" $acme_repo_path = "$home_dir/acme.sh"
$acme_script = "$acme_repo_path/acme.sh" $acme_script = "$acme_repo_path/acme.sh"
$vault_prefix = '/secret/letsencrypt/'
# domains list TODO should be a mapping name -> domains # domains list TODO should be a mapping name -> domains
$domains = '' $domains = ''

View File

@ -23,12 +23,19 @@ class acme_vault::requestor (
include acme_vault::common include acme_vault::common
$requestor_bashrc_template = @(END) $requestor_bashrc_template = @(END)
export LEXICON_PROVIDER=<%= @lexicon_provider %> export TLDEXTRACT_CACHE=$HOME/.tld_set
export PROVIDER=<%= @lexicon_provider %>
export LEXICON_<%= @lexicon_provider.upcase %>_USERNAME=<%= @lexicon_username %> export LEXICON_<%= @lexicon_provider.upcase %>_USERNAME=<%= @lexicon_username %>
export LEXICON_<%= @lexicon_provider.upcase %>_TOKEN=<%= @lexicon_token %> export LEXICON_<%= @lexicon_provider.upcase %>_TOKEN=<%= @lexicon_token %>
END END
# variables in bashrc
# install lexicon
ensure_packages(['dns-lexicon', 'PyNamecheap'], {
ensure => present,
provider => 'pip',
})
# variables in bashrc
concat::fragment { "requestor_bashrc": concat::fragment { "requestor_bashrc":
target => "${home_dir}/.bashrc", target => "${home_dir}/.bashrc",
content => inline_template($requestor_bashrc_template), content => inline_template($requestor_bashrc_template),
@ -62,6 +69,11 @@ END
} }
) )
} }
cron { "${domain}_issue":
command => "${home_dir}/${domain}.sh",
user => $user,
weekday => 1,
}
} }
} }

View File

@ -11,4 +11,8 @@
<% $domains.each |$d| { -%> <% $domains.each |$d| { -%>
--domain "<%= $d %>" \ --domain "<%= $d %>" \
<% } -%> <% } -%>
> /dev/null && \
<%= $acme_script %> \
--deploy \
--domain <%= $domain %> \
--deploy-hook vault_cli