add deploy, cron job, lexicon installation

2024-09-19 20:40:36 +00:00 · 2018-02-23 10:03:41 -05:00 · 2018-02-23 10:03:41 -05:00 · eaa3dd2e4d
commit eaa3dd2e4d
parent 7c396c023b
5 changed files with 22 additions and 4 deletions
--- a/manifests/common.pp
+++ b/manifests/common.pp
@ -6,6 +6,7 @@ class acme_vault::common (
    $vault_token        = $::acme_vault::params::vault_token,
    $vault_addr         = $::acme_vault::params::vault_addr,
    $vault_bin          = $::acme_vault::params::vault_bin,
+    $vault_prefix       = $::acme_vault::params::vault_prefix,

 ) inherits acme_vault::params {

@ -13,6 +14,7 @@ class acme_vault::common (
 export VAULT_BIN=<%= @vault_bin %>
 export VAULT_TOKEN=<%= @vault_token %>
 export VAULT_ADDR=<%= @vault_addr %>
+export VAULT_PREFIX=<%= @vault_prefix %>
 END
    # create acme_vault user
    user { $user:
--- a/manifests/deploy.pp
+++ b/manifests/deploy.pp
@ -3,7 +3,6 @@ class acme_vault::deploy(
    $group                 = $::acme_vault::params::group,
    $home_dir              = $::acme_vault::params::home_dir,

-    $vault_token           = $::acme_vault::params::vault_token,
    $cert_destination_path = $::acme_vault::params::cert_destination_path,
    $domains               = $::acme_vault::params::domains,

--- a/manifests/params.pp
+++ b/manifests/params.pp
@ -13,6 +13,7 @@ class acme_vault::params {
    $acme_revision = 'HEAD'
    $acme_repo_path = "$home_dir/acme.sh"
    $acme_script    = "$acme_repo_path/acme.sh"
+    $vault_prefix   = '/secret/letsencrypt/'
    # domains list TODO should be a mapping name -> domains

    $domains     = ''
--- a/manifests/requestor.pp
+++ b/manifests/requestor.pp
@ -23,12 +23,19 @@ class acme_vault::requestor (
    include acme_vault::common

    $requestor_bashrc_template = @(END)
-export LEXICON_PROVIDER=<%= @lexicon_provider %>
+export TLDEXTRACT_CACHE=$HOME/.tld_set
+export PROVIDER=<%= @lexicon_provider %>
 export LEXICON_<%= @lexicon_provider.upcase %>_USERNAME=<%= @lexicon_username %>
 export LEXICON_<%= @lexicon_provider.upcase %>_TOKEN=<%= @lexicon_token %>
 END
-    # variables in bashrc

+    # install lexicon
+    ensure_packages(['dns-lexicon', 'PyNamecheap'], {
+      ensure   => present,
+      provider => 'pip',
+    })
+
+    # variables in bashrc
 		concat::fragment { "requestor_bashrc":
      target  => "${home_dir}/.bashrc",
      content => inline_template($requestor_bashrc_template),
@ -62,6 +69,11 @@ END
          } 
        )
      }
+      cron { "${domain}_issue":
+        command => "${home_dir}/${domain}.sh",
+        user    => $user,
+        weekday => 1,
+      }
    }

 }
--- a/templates/domain.epp
+++ b/templates/domain.epp
@ -11,4 +11,8 @@
 <% $domains.each |$d| { -%>
 --domain "<%= $d %>" \
 <% } -%>
-
+ > /dev/null && \
+<%= $acme_script %> \
+--deploy \
+--domain <%= $domain %> \
+--deploy-hook vault_cli