class certbot(
- $base_path = '/usr/bin',
+ $script_base = '/usr/bin',
$basedir = '/var/spool/certbot',
$owner = 'www-data',
$pre_hook = '',
# Chosing an arbitrary minite within the hour in the hope that won't overload Let's Encrypt servers
cron { 'certbot-renew':
- command => "${base_path}/${tool} renew --standalone --quiet ${real_pre_hook} ${real_post_hook}",
+ command => "${script_base}/${tool} renew --standalone --quiet ${real_pre_hook} ${real_post_hook}",
user => 'root',
hour => [ 5, 23 ],
minute => "28",
# Make sure nginx is restarted and request a certificate
exec { "certbot-${name}":
- command => "${real_pre_hook}${certbot::base_path}/${certbot::tool} certonly --webroot -w ${::certbot::basedir}/${name} -d ${name} ${domains} -m ${email} --rsa-key-size ${size} --agree-tos",
+ command => "${real_pre_hook}${certbot::script_base}/${certbot::tool} certonly --webroot -w ${::certbot::basedir}/${name} -d ${name} ${domains} -m ${email} --rsa-key-size ${size} --agree-tos",
creates => "/etc/letsencrypt/archive/${name}",
require => File["${::certbot::basedir}/${name}"],
}
class certbot::standalone {
# Warning: this offers poor verification for the downloaded application
exec { 'getcertbot':
- command => "/usr/bin/wget https://dl.eff.org/certbot-auto -O ${certbot::base_path}/${certbot::tool} && chmod +x ${certbot::base_path}/${certbot::tool}",
+ command => "/usr/bin/wget https://dl.eff.org/certbot-auto -O ${certbot::script_base}/${certbot::tool} && chmod +x ${certbot::script_base}/${certbot::tool}",
user => 'root',
cwd => '/tmp',
- creates => '${certbot::base_path}/${certbot::tool}',
+ creates => '${certbot::script_base}/${certbot::tool}',
}
}
projects / puppet-certbot.git / commitdiff